[PATCH] improve caching and enhance array bounds checking

Martin Sebor msebor@gmail.com
Thu Nov 12 01:09:30 GMT 2020


The attached patch builds on top of the series I posted last
week(*) to improve the detection of out of bounds pointers
and C++ references, as well as a subset of invalid pointer
relational and subtraction expressions.

First, as I mentioned last week, the simple compute_objsize
cache I implemented then is space inefficient.  The changes
in this update enhance the  cache to reduce the space overhead
and improve compile-time efficiency.  The cache now consists
of two arrays, one storing the indices to the other.
The former is indexed by SSA_NAME version.  The latter also
contains separate entries for sizes of enclosing objects and
their members (missing from the first attempt, leading to
inefficient hacks to overcome the limitation).   These
improvements let clients look up the provenance of any pointer
in O(1) time and avoid the hacks.

Second, with the necessary cache improvements above,
the gimple-array-bounds changes enhance array bounds checking
in two ways:
1) pointers passed to functions or used to initialize C++
references are checked to see if they're valid and in bounds
and diagnosed if not (a subset of instances of passing valid
just-past-past-the-end and so non-dereferenceable pointers to
functions are also diagnosed)
2) relational or difference expressions involving pointers are
checked to make sure they point to the same object and diagnosed
if not.

Besides bootstrapping and regtesting I have also tested the full
patch series with a few packages, including Binutils/GDB, Glibc
and Valgrind, and verified that it doesn't cause any false
positives.  The new -Wpointer-compare warning does trigger in
two or three places in each, for subtracting pointers to distinct
objects.  Those are true positives, but the code I checked looks
benign.  In such cases the warning can be suppressed by converting
the pointers to intptr_t before the subtraction.

Martin

[*] Prerequisite patches:
https://gcc.gnu.org/pipermail/gcc-patches/2020-November/558127.html
https://gcc.gnu.org/pipermail/gcc-patches/2020-November/557807.html
https://gcc.gnu.org/pipermail/gcc-patches/2020-November/557987.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gcc-wpointer-compare.diff
Type: text/x-patch
Size: 189305 bytes
Desc: not available
URL: <https://gcc.gnu.org/pipermail/gcc-patches/attachments/20201111/7f29ed5e/attachment-0001.bin>


More information about the Gcc-patches mailing list