[PATCH] tree-optimization/105969 - FPE with array diagnostics

[PATCH] tree-optimization/105969 - FPE with array diagnostics

[Richard Biener]

For a [0][0] array we have to be careful when dividing by the element
size which is zero for the outermost dimension.  Luckily the division
is only for an overflow check which is pointless for array size zero.

Bootstrapped and tested on x86_64-unknown-linux-gnu, pushed.

2022-06-15  Richard Biener  <rguenther@suse.de>

	PR tree-optimization/105969
	* gimple-ssa-sprintf.cc (): Avoid division by zero
	in overflow check.

	* gcc.dg/pr105969.c: New testcase.
---
 gcc/gimple-ssa-sprintf.cc       |  2 +-
 gcc/testsuite/gcc.dg/pr105969.c | 13 +++++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)
 create mode 100644 gcc/testsuite/gcc.dg/pr105969.c

diff --git a/gcc/gimple-ssa-sprintf.cc b/gcc/gimple-ssa-sprintf.cc
index 6bd27302213..a888b5ac7d5 100644
--- a/gcc/gimple-ssa-sprintf.cc
+++ b/gcc/gimple-ssa-sprintf.cc
@@ -2319,7 +2319,7 @@ get_origin_and_offset_r (tree x, HOST_WIDE_INT *fldoff, HOST_WIDE_INT *fldsize,
 
 	if (byteoff < HOST_WIDE_INT_MAX
 	    && elbytes < HOST_WIDE_INT_MAX
-	    && byteoff / elbytes == idx)
+	    && (elbytes == 0 || byteoff / elbytes == idx))
 	  {
 	    /* For in-bounds constant offsets into constant-sized arrays
 	       bump up *OFF, and for what's likely arrays or structs of
diff --git a/gcc/testsuite/gcc.dg/pr105969.c b/gcc/testsuite/gcc.dg/pr105969.c
new file mode 100644
index 00000000000..52c63fc2efe
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/pr105969.c
@@ -0,0 +1,13 @@
+/* { dg-do compile } */
+/* { dg-options "-Wall" } */
+
+struct A
+{
+  char a[0][0][0];
+};
+extern struct A b[][2];
+void f (void)
+{
+  __builtin_sprintf (b[0][0].a[1][0], "%s", b[0][0].a[1][0]); /* { dg-warning "past the end" } */
+  /* { dg-warning "overlaps destination" "" { target *-*-* } .-1 } */
+}
-- 
2.35.3

[PATCH] tree-optimization/105969 - FPE with array diagnostics

[Richard Biener]

For a [0][0] array we have to be careful when dividing by the element
size which is zero for the outermost dimension.  Luckily the division
is only for an overflow check which is pointless for array size zero.

Bootstrapped and tested on x86_64-unknown-linux-gnu, pushed.

2022-06-15  Richard Biener  <rguenther@suse.de>

	PR tree-optimization/105969
	* gimple-ssa-sprintf.cc (): Avoid division by zero
	in overflow check.

	* gcc.dg/pr105969.c: New testcase.
---
 gcc/gimple-ssa-sprintf.cc       |  2 +-
 gcc/testsuite/gcc.dg/pr105969.c | 13 +++++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)
 create mode 100644 gcc/testsuite/gcc.dg/pr105969.c

diff --git a/gcc/gimple-ssa-sprintf.cc b/gcc/gimple-ssa-sprintf.cc
index 6bd27302213..a888b5ac7d5 100644
--- a/gcc/gimple-ssa-sprintf.cc
+++ b/gcc/gimple-ssa-sprintf.cc
@@ -2319,7 +2319,7 @@ get_origin_and_offset_r (tree x, HOST_WIDE_INT *fldoff, HOST_WIDE_INT *fldsize,
 
 	if (byteoff < HOST_WIDE_INT_MAX
 	    && elbytes < HOST_WIDE_INT_MAX
-	    && byteoff / elbytes == idx)
+	    && (elbytes == 0 || byteoff / elbytes == idx))
 	  {
 	    /* For in-bounds constant offsets into constant-sized arrays
 	       bump up *OFF, and for what's likely arrays or structs of
diff --git a/gcc/testsuite/gcc.dg/pr105969.c b/gcc/testsuite/gcc.dg/pr105969.c
new file mode 100644
index 00000000000..52c63fc2efe
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/pr105969.c
@@ -0,0 +1,13 @@
+/* { dg-do compile } */
+/* { dg-options "-Wall" } */
+
+struct A
+{
+  char a[0][0][0];
+};
+extern struct A b[][2];
+void f (void)
+{
+  __builtin_sprintf (b[0][0].a[1][0], "%s", b[0][0].a[1][0]); /* { dg-warning "past the end" } */
+  /* { dg-warning "overlaps destination" "" { target *-*-* } .-1 } */
+}
-- 
2.35.3

[PATCH] tree-optimization/105969 - FPE with array diagnostics

[Richard Biener]

For a [0][0] array we have to be careful when dividing by the element
size which is zero for the outermost dimension.  Luckily the division
is only for an overflow check which is pointless for array size zero.

Bootstrapped and tested on x86_64-unknown-linux-gnu, pushed.

2022-06-15  Richard Biener  <rguenther@suse.de>

	PR tree-optimization/105969
	* gimple-ssa-sprintf.cc (): Avoid division by zero
	in overflow check.

	* gcc.dg/pr105969.c: New testcase.
---
 gcc/gimple-ssa-sprintf.cc       |  2 +-
 gcc/testsuite/gcc.dg/pr105969.c | 13 +++++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)
 create mode 100644 gcc/testsuite/gcc.dg/pr105969.c

diff --git a/gcc/gimple-ssa-sprintf.cc b/gcc/gimple-ssa-sprintf.cc
index 6bd27302213..a888b5ac7d5 100644
--- a/gcc/gimple-ssa-sprintf.cc
+++ b/gcc/gimple-ssa-sprintf.cc
@@ -2319,7 +2319,7 @@ get_origin_and_offset_r (tree x, HOST_WIDE_INT *fldoff, HOST_WIDE_INT *fldsize,
 
 	if (byteoff < HOST_WIDE_INT_MAX
 	    && elbytes < HOST_WIDE_INT_MAX
-	    && byteoff / elbytes == idx)
+	    && (elbytes == 0 || byteoff / elbytes == idx))
 	  {
 	    /* For in-bounds constant offsets into constant-sized arrays
 	       bump up *OFF, and for what's likely arrays or structs of
diff --git a/gcc/testsuite/gcc.dg/pr105969.c b/gcc/testsuite/gcc.dg/pr105969.c
new file mode 100644
index 00000000000..52c63fc2efe
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/pr105969.c
@@ -0,0 +1,13 @@
+/* { dg-do compile } */
+/* { dg-options "-Wall" } */
+
+struct A
+{
+  char a[0][0][0];
+};
+extern struct A b[][2];
+void f (void)
+{
+  __builtin_sprintf (b[0][0].a[1][0], "%s", b[0][0].a[1][0]); /* { dg-warning "past the end" } */
+  /* { dg-warning "overlaps destination" "" { target *-*-* } .-1 } */
+}
-- 
2.35.3