From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qk1-x731.google.com (mail-qk1-x731.google.com [IPv6:2607:f8b0:4864:20::731]) by sourceware.org (Postfix) with ESMTPS id D88AA3858D38 for ; Wed, 22 Jul 2020 23:35:14 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org D88AA3858D38 Received: by mail-qk1-x731.google.com with SMTP id l6so3759262qkc.6 for ; Wed, 22 Jul 2020 16:35:14 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:from:subject:message-id:date:user-agent :mime-version:content-language; bh=FBi0WZpADTPbpoDdbNxlJM0QpC4jV3jhq35koUDmG90=; b=oju7kCzk7IUUK7Sl+DHVPDKv+364oaDW9HMr0gpwbOhUiBVfNHHBg2F/k4GC+ngi/p f45CH49XDc56Isw83GcL7pIjHMADNHqFsq0lQP7CIyUAvQGc+ZegyRfnsdLZAgIryXT/ fo5WKp/N+E+WtF13FjoBsb3rW7Dk3mtZPW695i2fZN7+xnGMVi50cmMyrl98+PLFT6ag 66otxklpljtBT0wUrKXj2q/m5U0z/MzmfkL3OfhVIMKYFA54zLQE1UpwnK8YPk2GtuEo tcWIrr8QLIEV8aEYK71HjS2yjoqfMSGGIYSfcJvexFN5o//A5akKBHeF6YlpNvrCNtQL WjLA== X-Gm-Message-State: AOAM531lhQFeDVozaAOXbRQXbUCizxfwYVwpfHaLG6ivlshYB7EXFtZZ NTXhXrm4xkUYXvPNoj2/2Y1pBZIm X-Google-Smtp-Source: ABdhPJw/MuB4wnxGNmyHWLQAg/craOE0+mREaDl9aainDHccUCJraAIRBw0MUj5GEPcup+5hCAfzYQ== X-Received: by 2002:a37:a503:: with SMTP id o3mr2489000qke.162.1595460914021; Wed, 22 Jul 2020 16:35:14 -0700 (PDT) Received: from [192.168.0.41] (174-16-106-56.hlrn.qwest.net. [174.16.106.56]) by smtp.gmail.com with ESMTPSA id t127sm1130755qkc.100.2020.07.22.16.35.12 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 22 Jul 2020 16:35:12 -0700 (PDT) To: gcc-patches From: Martin Sebor Subject: [PATCH] fix off-by-one mistake in -Warray-bounds for major bounds (PR 84079) Message-ID: Date: Wed, 22 Jul 2020 17:35:11 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.6.1 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="------------017E4262FA1CC0E576FBCA06" Content-Language: en-US X-Spam-Status: No, score=-9.4 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SCC_5_SHORT_WORD_LINES, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Jul 2020 23:35:16 -0000 This is a multi-part message in MIME format. --------------017E4262FA1CC0E576FBCA06 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit -Warray-bounds fails to trigger when taking the address of an element of a multi-dimensional array at an index that's equal to the bound of one of the higher dimensions of the array. The attached simple patch corrects this shortcoming. I will commit it tomorrow unless there are suggestions for changes. Tested on x86_64-linux. Martin --------------017E4262FA1CC0E576FBCA06 Content-Type: text/x-patch; name="gcc-84079.diff" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="gcc-84079.diff" PR tree-optimization/84079 - missing -Warray-bounds taking the address of past-the-end element of a multidimensional array gcc/ChangeLog: PR tree-optimization/84079 * gimple-array-bounds.cc (array_bounds_checker::check_addr_expr): gcc/testsuite/ChangeLog: PR tree-optimization/84079 * gcc.dg/Warray-bounds-62.c: New test. diff --git a/gcc/gimple-array-bounds.cc b/gcc/gimple-array-bounds.cc index 352d0745178..613bd612139 100644 --- a/gcc/gimple-array-bounds.cc +++ b/gcc/gimple-array-bounds.cc @@ -519,14 +519,21 @@ array_bounds_checker::check_mem_ref (location_t location, tree ref, void array_bounds_checker::check_addr_expr (location_t location, tree t) { + /* For the rightmost subscript only, accept taking the address of + the just-past-the-end element. */ + bool ignore_off_by_one = true; + /* Check each ARRAY_REF and MEM_REF in the reference chain. */ do { bool warned = false; if (TREE_CODE (t) == ARRAY_REF) - warned = check_array_ref (location, t, true /*ignore_off_by_one*/); + { + warned = check_array_ref (location, t, ignore_off_by_one); + ignore_off_by_one = false; + } else if (TREE_CODE (t) == MEM_REF) - warned = check_mem_ref (location, t, true /*ignore_off_by_one*/); + warned = check_mem_ref (location, t, ignore_off_by_one); if (warned) TREE_NO_WARNING (t) = true; diff --git a/gcc/testsuite/gcc.dg/Warray-bounds-62.c b/gcc/testsuite/gcc.dg/Warray-bounds-62.c new file mode 100644 index 00000000000..c2421aac1b2 --- /dev/null +++ b/gcc/testsuite/gcc.dg/Warray-bounds-62.c @@ -0,0 +1,130 @@ +/* PR tree-optimization/84079 - missing -Warray-bounds taking the address + of past-the-end element of a multidimensional array + { dg-do compile } + { dg-options "-O2 -Wall -ftrack-macro-expansion=0" } */ + +void sink (int, ...); + +#define T(type, dims, inxs) \ + do { \ + type a dims; \ + sink (__LINE__, &a inxs); \ + } while (0) + + +void test_char_1_1 (int i0, int i1, int i2) +{ +#undef DIMS +#define DIMS [1][1] + + T (char, DIMS, [0]); + T (char, DIMS, [1]); + T (char, DIMS, [2]); // { dg-warning "subscript 2 is above array bounds of 'char\\\[1]\\\[1]'" } + + T (char, DIMS, [0][0]); + T (char, DIMS, [0][1]); + T (char, DIMS, [0][2]); // { dg-warning "subscript 2 is above array bounds of 'char\\\[1]'" } + + T (char, DIMS, [1][0]); // { dg-warning "subscript 1 is above array bounds of 'char\\\[1]\\\[1]'" } + T (char, DIMS, [1][1]); // { dg-warning "subscript 1 is above array bounds of 'char\\\[1]\\\[1]'" } + T (char, DIMS, [1][2]); // { dg-warning "subscript 2 is above array bounds of 'char\\\[1]'" } + + // Exercise ranges. + if (i0 < 0) i0 = 0; + if (i1 < 1) i1 = 1; + if (i2 < 2) i2 = 2; + + T (char, DIMS, [i0]); + T (char, DIMS, [i1]); + T (char, DIMS, [i2]); // { dg-warning "subscript 2 is above array bounds of 'char\\\[1]\\\[1]" } + + T (char, DIMS, [i0][i0]); + T (char, DIMS, [i0][i1]); + T (char, DIMS, [i1][i0]); // { dg-warning "subscript 1 is above array bounds of 'char\\\[1]\\\[1]'" } + T (char, DIMS, [i1][i1]); // { dg-warning "subscript 1 is above array bounds of 'char\\\[1]\\\[1]'" } + T (char, DIMS, [i1][i2]); // { dg-warning "subscript 2 is above array bounds of 'char\\\[1]'" } +} + + +void test_int_3_5 (int i0, int i1, int i2, int i3, int i4, int i5, int i6) +{ +#undef DIMS +#define DIMS [3][5] + + T (int, DIMS, [0]); + T (int, DIMS, [3]); + T (int, DIMS, [4]); // { dg-warning "subscript 4 is above array bounds of 'int\\\[3]\\\[5]'" } + + T (int, DIMS, [0][0]); + T (int, DIMS, [0][5]); + T (int, DIMS, [0][6]); // { dg-warning "subscript 6 is above array bounds of 'int\\\[5]'" } + + T (int, DIMS, [1][0]); + T (int, DIMS, [1][5]); + T (int, DIMS, [1][6]); // { dg-warning "subscript 6 is above array bounds of 'int\\\[5]'" } + + T (int, DIMS, [3][0]); // { dg-warning "subscript 3 is above array bounds of 'int\\\[3]\\\[5]'" } + T (int, DIMS, [3][5]); // { dg-warning "subscript 3 is above array bounds of 'int\\\[3]\\\[5]'" } + T (int, DIMS, [3][6]); // { dg-warning "subscript 6 is above array bounds of 'int\\\[5]'" } + + // Exercise ranges. + if (i0 < 0) i0 = 0; + if (i1 < 1) i1 = 1; + if (i2 < 2) i2 = 2; + if (i3 < 3) i3 = 3; + if (i4 < 4) i4 = 4; + if (i5 < 5) i5 = 5; + if (i6 < 6) i6 = 6; + + T (int, DIMS, [i0]); + T (int, DIMS, [i3]); + T (int, DIMS, [i4]); // { dg-warning "subscript 4 is above array bounds of 'int\\\[3]\\\[5]" } + + T (int, DIMS, [i0][i0]); + T (int, DIMS, [i0][i5]); + T (int, DIMS, [i0][i6]); // { dg-warning "subscript 6 is above array bounds of 'int\\\[5]'" } + + T (int, DIMS, [i1][i0]); + T (int, DIMS, [i1][i5]); + T (int, DIMS, [i1][i6]); // { dg-warning "subscript 6 is above array bounds of 'int\\\[5]'" } + + T (int, DIMS, [i3][i0]); // { dg-warning "subscript 3 is above array bounds of 'int\\\[3]\\\[5]'" } + T (int, DIMS, [i3][i5]); // { dg-warning "subscript 3 is above array bounds of 'int\\\[3]\\\[5]'" } + T (int, DIMS, [i3][i6]); // { dg-warning "subscript 6 is above array bounds of 'int\\\[5]'" } +} + + +void test_int_2_3_4_5 (void) +{ +#undef DIMS +#define DIMS [2][3][4][5] + + T (int, DIMS, [0]); + T (int, DIMS, [2]); + T (int, DIMS, [3]); // { dg-warning "subscript 3 is above array bounds of 'int\\\[2]\\\[3]\\\[4]\\\[5]'" } + + T (int, DIMS, [0][0]); + T (int, DIMS, [0][3]); + T (int, DIMS, [0][4]); // { dg-warning "subscript 4 is above array bounds of 'int\\\[3]\\\[4]\\\[5]'" } + T (int, DIMS, [0][9]); // { dg-warning "subscript 9 is above array bounds of 'int\\\[3]\\\[4]\\\[5]'" } + + T (int, DIMS, [0][0][0]); + T (int, DIMS, [0][0][4]); + T (int, DIMS, [0][0][5]); // { dg-warning "subscript 5 is above array bounds of 'int\\\[4]\\\[5]'" } + + T (int, DIMS, [0][0][0][0]); + T (int, DIMS, [0][0][0][5]); + T (int, DIMS, [0][0][0][6]); // { dg-warning "subscript 6 is above array bounds of 'int\\\[5]'" } + + T (int, DIMS, [0][0][1][0]); + T (int, DIMS, [0][0][1][5]); + T (int, DIMS, [0][0][1][6]); // { dg-warning "subscript 6 is above array bounds of 'int\\\[5]'" } + + T (int, DIMS, [0][0][3][0]); + T (int, DIMS, [0][0][3][5]); + T (int, DIMS, [0][0][3][6]); // { dg-warning "subscript 6 is above array bounds of 'int\\\[5]'" } + + T (int, DIMS, [0][0][1][0]); + T (int, DIMS, [0][0][1][5]); + T (int, DIMS, [0][0][1][6]); // { dg-warning "subscript 6 is above array bounds of 'int\\\[5]'" } +} --------------017E4262FA1CC0E576FBCA06--