public inbox for fortran@gcc.gnu.org
 help / color / mirror / Atom feed
From: Harald Anlauf <anlauf@gmx.de>
To: fortran@gcc.gnu.org
Subject: Re: Question about Fortran bounds and -Wanalyzer-use-of-uninitialized-value
Date: Wed, 12 Oct 2022 20:32:50 +0200	[thread overview]
Message-ID: <ti718i$28k$1@ciao.gmane.io> (raw)
In-Reply-To: <575b023befd11f896b1f1816b757e4f55cb0b0a3.camel@redhat.com>

Hi Dave,

Am 12.10.22 um 15:46 schrieb David Malcolm via Fortran:
> Sorry in advance if this is a silly question; my knowledge of Fortran
> is next to nothing, I'm afraid.
> 
> PR analyzer/107210 reports an ICE in -fanalyzer on this reproducer:
> 
> 
> ! { dg-additional-options "-O1" }
> 
> subroutine check_int (j)
>    INTEGER(4) :: i, ia(5), ib(5,4), ip, ipa(:)
>    target :: ib
>    POINTER :: ip, ipa
>    logical :: l(5)
> 
>    l = (/ sizeof(i) == 4, sizeof(ia) == 20, sizeof(ib) == 80, &
>         sizeof(ip) == 4, sizeof(ipa) == 8 /) ! { dg-warning "use of uninitialized value" }
> 
>    if (any(.not.l)) STOP 4
> 
> end subroutine check_int
> 
> 
> The fix for the ICE is trivial (a missing check that tree_fits_uhwi_p),
> but after the fix, I see these warnings from the analyzer:
> 
> 
>     10 |        sizeof(ip) == 4, sizeof(ipa) == 8 /)
>        |                                           ^
> Warning: use of uninitialized value ‘ipa.dim[0].ubound’ [CWE-457] [-Wanalyzer-use-of-uninitialized-value]
>    ‘check_int’: events 1-3
>      |
>      |    4 |   INTEGER(4) :: i, ia(5), ib(5,4), ip, ipa(:)
>      |      |                                             ^
>      |      |                                             |
>      |      |                                             (1) region created on stack here
>      |      |                                             (2) capacity: 8 bytes
>      |......
>      |   10 |        sizeof(ip) == 4, sizeof(ipa) == 8 /)
>      |      |                                           ~
>      |      |                                           |
>      |      |                                           (3) use of uninitialized value ‘ipa.dim[0].ubound’ here
>      |
> ../../src/gcc/testsuite/gfortran.dg/analyzer/pr107210.f90:10:43:
> 
>     10 |        sizeof(ip) == 4, sizeof(ipa) == 8 /)
>        |                                           ^
> Warning: use of uninitialized value ‘ipa.dim[0].lbound’ [CWE-457] [-Wanalyzer-use-of-uninitialized-value]
>    ‘check_int’: events 1-3
>      |
>      |    4 |   INTEGER(4) :: i, ia(5), ib(5,4), ip, ipa(:)
>      |      |                                             ^
>      |      |                                             |
>      |      |                                             (1) region created on stack here
>      |      |                                             (2) capacity: 8 bytes
>      |......
>      |   10 |        sizeof(ip) == 4, sizeof(ipa) == 8 /)
>      |      |                                           ~
>      |      |                                           |
>      |      |                                           (3) use of uninitialized value ‘ipa.dim[0].lbound’ here
>      |
> 
> 
> The gimple in question is:
> 
> __attribute__((fn spec (". w ")))
> void check_int (integer(kind=4) & restrict j)
> {
>    integer(kind=8) ipa$dim$0$lbound;
>    integer(kind=8) ipa$dim$0$ubound;
>    logical(kind=4) A.1[5];
>    logical(kind=4) l[5];
>    integer(kind=8) _1;
>    logical(kind=4) _3;
>    logical(kind=4) _4;
>    integer(kind=8) _5;
>    logical(kind=4) _6;
>    integer(kind=8) S.5_7;
>    logical(kind=4) test.6_8;
>    integer(kind=8) S.7_9;
>    integer(kind=8) S.5_16;
>    integer(kind=8) S.7_18;
> 
>    <bb 2> [local count: 178992760]:
>    MEM <uint128_t> [(c_char * {ref-all})&A.1] = 0x1000000010000000100000001;
>    _1 = ipa$dim$0$ubound_2(D) - ipa$dim$0$lbound_12(D);
>    _3 = _1 == 1;
>    MEM[(logical(kind=4) *)&A.1 + 16B] = _3;
> 
> [...snip...]
> 
> where the analyzer is complaining about this gimple statement:
>    _1 = ipa$dim$0$ubound_2(D) - ipa$dim$0$lbound_12(D);
> where both:
>    ipa$dim$0$ubound_2(D)
> and:
>    ipa$dim$0$lbound_12(D)
> are considered by it to be uninitialized.
> 
> Is the analyzer correct here, or is there an aspect of Fortan and/or
> gimple that I'm missing?

if you compile w/o -fanalyzer but with -O -Wall you will get
warnings, too.  Note that SIZEOF is an extension documented here:

https://gcc.gnu.org/onlinedocs/gfortran/SIZEOF.html

where is says:

..  If the argument has the POINTER attribute, the number of bytes of 
the storage area pointed to is returned. ...

which can be determined only if the arrays bounds are known.
The testcase gfortran.dg/sizeof.f90 from which the above was reduced
sets these bounds via

   ipa=>ib(2:3,1)

If I restore this, then I get no related warnings for -O -Wall.

> Thanks
> Dave





      reply	other threads:[~2022-10-12 18:32 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-10-12 13:46 David Malcolm
2022-10-12 18:32 ` Harald Anlauf [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='ti718i$28k$1@ciao.gmane.io' \
    --to=anlauf@gmx.de \
    --cc=fortran@gcc.gnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).