From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from esa4.mentor.iphmx.com (esa4.mentor.iphmx.com [68.232.137.252]) by sourceware.org (Postfix) with ESMTPS id F093B3858D39 for ; Thu, 18 May 2023 21:46:34 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org F093B3858D39 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=codesourcery.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=mentor.com X-IronPort-AV: E=Sophos;i="6.00,175,1681200000"; d="scan'208";a="5840181" Received: from orw-gwy-02-in.mentorg.com ([192.94.38.167]) by esa4.mentor.iphmx.com with ESMTP; 18 May 2023 13:46:33 -0800 IronPort-SDR: RaJLDDWroOAB6k/lbp1BocQ2IJwGMBm8U1fOOob9aCLLE7ZTjBqBux3yyEKh+vhVknjky831IJ fmOXHaTG4wczfqVt/x+ntYdbbvJ/XdJsWT0/r4yM7caaZQjuJfxGbVLcfFSrteKYh412bus4hY 2REE/kJcYA7/YyczIjkNpohFn74UI3LpH1qxTgWjjh2rAFvNckyGbKXT7IHHBj9WR6pq/o2myg 5AVzOu1cPxbsxHEFom5dmeub5atYsVE7IEN6fqoIijmKf1WTseOQCE9niKzLaPuTEy42b2fTiQ LyE= Date: Thu, 18 May 2023 21:46:28 +0000 From: Joseph Myers To: Martin Uecker CC: , Subject: Re: [PING] [C PATCH] Fix ICEs related to VM types in C [PR106465, PR107557, PR108423, PR109450] In-Reply-To: <4769c136aec5728c2954e39bfbca2af27c390593.camel@tugraz.at> Message-ID: <2fb175e7-2f5d-d9b9-1a44-ec8ea825b218@codesourcery.com> References: <4769c136aec5728c2954e39bfbca2af27c390593.camel@tugraz.at> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" X-Originating-IP: [137.202.0.90] X-ClientProxiedBy: svr-ies-mbx-12.mgc.mentorg.com (139.181.222.12) To svr-ies-mbx-10.mgc.mentorg.com (139.181.222.10) X-Spam-Status: No, score=-3112.6 required=5.0 tests=BAYES_00,GIT_PATCH_0,HEADER_FROM_DIFFERENT_DOMAINS,KAM_DMARC_STATUS,SPF_HELO_PASS,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On Thu, 18 May 2023, Martin Uecker via Gcc-patches wrote: > + /* we still have to evaluate size expressions */ Comments should start with a capital letter and end with ". ". > diff --git a/gcc/testsuite/gcc.dg/nested-vla-1.c b/gcc/testsuite/gcc.dg/nested-vla-1.c > new file mode 100644 > index 00000000000..408a68524d8 > --- /dev/null > +++ b/gcc/testsuite/gcc.dg/nested-vla-1.c > @@ -0,0 +1,37 @@ > +/* { dg-do run } */ > +/* { dg-options "-std=gnu99" } */ I'm concerned with various undefined behavior in this and other tests; they look very fragile, relying on some optimizations and not others taking place. I think they should be adjusted to avoid undefined behavior if all the evaluations from the abstract machine (in particular, of sizeof operands with variable size) take place, and other undefined behavior from calling functions through function pointers with incompatible type. > + struct bar { char x[++n]; } (*bar2)(void) = bar; /* { dg-warning "incompatible pointer type" } */ > + > + if (2 != n) > + __builtin_abort(); > + > + if (2 != sizeof((*bar2)())) > + __builtin_abort(); You're relying on the compiler not noticing that a function is being called through an incompatible type and thus not turning the call (which should be evaluated, because the operand of sizeof has a type with variable size) into a call to abort. > diff --git a/gcc/testsuite/gcc.dg/nested-vla-2.c b/gcc/testsuite/gcc.dg/nested-vla-2.c > new file mode 100644 > index 00000000000..504eec48c80 > --- /dev/null > +++ b/gcc/testsuite/gcc.dg/nested-vla-2.c > @@ -0,0 +1,33 @@ > +/* { dg-do run } */ > +/* { dg-options "-std=gnu99" } */ > + > + > +int main() > +{ > + int n = 1; > + > + typeof(char (*)[++n]) bar(void) { } > + > + if (2 != n) > + __builtin_abort(); > + > + if (2 != sizeof(*bar())) > + __builtin_abort(); In this test, *bar() is evaluated, i.e. an undefined pointer is dereferenced; it would be better to return a valid pointer to a sufficiently large array to avoid that undefined behavior. > diff --git a/gcc/testsuite/gcc.dg/pr106465.c b/gcc/testsuite/gcc.dg/pr106465.c > new file mode 100644 > index 00000000000..b03e2442f12 > --- /dev/null > +++ b/gcc/testsuite/gcc.dg/pr106465.c > @@ -0,0 +1,86 @@ > +/* PR c/106465 > + * { dg-do run } > + * { dg-options "-std=gnu99" } > + * */ > + > +int main() > +{ > + int n = 3; > + > + void g1(int m, struct { char p[++m]; }* b) /* { dg-warning "anonymous struct" } */ > + { > + if (3 != m) > + __builtin_abort(); > + > + if (3 != sizeof(b->p)) > + __builtin_abort(); > + } > + g1(2, (void*)0); Similarly, this is dereferencing a null pointer in the evaluated operand of sizeof. -- Joseph S. Myers joseph@codesourcery.com