From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 20393 invoked by alias); 1 Nov 2013 17:35:12 -0000 Mailing-List: contact gcc-patches-help@gcc.gnu.org; run by ezmlm Precedence: bulk List-Id: List-Archive: List-Post: List-Help: Sender: gcc-patches-owner@gcc.gnu.org Received: (qmail 20372 invoked by uid 89); 1 Nov 2013 17:35:11 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-4.4 required=5.0 tests=AWL,BAYES_00,RP_MATCHES_RCVD,SPF_HELO_PASS,SPF_PASS autolearn=ham version=3.3.2 X-HELO: mx1.redhat.com Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Fri, 01 Nov 2013 17:35:10 +0000 Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id rA1HZ8Ao005864 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 1 Nov 2013 13:35:08 -0400 Received: from [10.10.116.17] ([10.10.116.17]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id rA1HZ7hH021316; Fri, 1 Nov 2013 13:35:08 -0400 Message-ID: <5273E64B.8060703@redhat.com> Date: Fri, 01 Nov 2013 17:35:00 -0000 From: Jason Merrill User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.0 MIME-Version: 1.0 To: Marek Polacek CC: GCC Patches , Jakub Jelinek , "Joseph S. Myers" Subject: Re: [PATCH][ubsan] Add VLA bound instrumentation References: <20130925124132.GJ12296@redhat.com> <52697B9D.9000502@redhat.com> <20131025165803.GF27400@redhat.com> <526AB5CC.60408@redhat.com> <20131025190356.GG27400@redhat.com> <526AC0C9.1050003@redhat.com> <20131030145253.GB31396@redhat.com> <52712C29.3010206@redhat.com> <20131030161504.GC31396@redhat.com> <5271AE06.9020004@redhat.com> <20131031182855.GI31396@redhat.com> In-Reply-To: <20131031182855.GI31396@redhat.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-SW-Source: 2013-11/txt/msg00031.txt.bz2 On 10/31/2013 02:28 PM, Marek Polacek wrote: > /* A variable sized array. */ > itype = variable_size (itype); > + > + /* We need to stabilize side-effects in VLA sizes for regular array > + declarations too, not just pointers to arrays. */ > + stabilize_vla_size (itype); Let's put this after the later call to variable_size, too. > if (TREE_CODE (itype) != SAVE_EXPR) > { > /* Look for SIZEOF_EXPRs in itype and fold them, otherwise > @@ -8390,6 +8385,31 @@ compute_array_index_type (tree name, tre > if (found) > itype = variable_size (fold (newitype)); > } i.e. here. > + > + if (cxx_dialect >= cxx1y) > + { > + /* If the VLA bound is larger than half the address space, > + or less than zero, throw std::bad_array_length. */ > + tree comp = build2 (LT_EXPR, boolean_type_node, itype, > + ssize_int (-1)); > + comp = build3 (COND_EXPR, void_type_node, comp, > + throw_bad_array_length (), void_zero_node); > + finish_expr_stmt (comp); > + } > + > + if ((flag_sanitize & SANITIZE_VLA) > + /* From C++1y onwards, we throw an exception on a negative > + length size of an array; see above */ > + && cxx_dialect < cxx1y) This could be else if (flag_sanitize & SANITIZE_VLA) There's another use of stabilize_vla_size in grokdeclarator, that should be able to go as well. Jason