From: Jeff Law <law@redhat.com>
To: Martin Sebor <msebor@gmail.com>, gcc-patches <gcc-patches@gcc.gnu.org>
Subject: Re: [PATCH 5/5] extend -Warray-bounds to detect out-of-bounds accesses to array parameters
Date: Thu, 13 Aug 2020 10:49:16 -0600 [thread overview]
Message-ID: <c8d08a3376cd0de60355467e0eacb83e3583a51b.camel@redhat.com> (raw)
In-Reply-To: <f94a9037-a80f-ed0a-a733-c317093deb67@gmail.com>
On Tue, 2020-07-28 at 19:24 -0600, Martin Sebor via Gcc-patches wrote:
> Patch 5 adds support for -Warray-bounds to detect out of bounds accesses
> in functions that take array/VLA arguments. The changes also enable
> the warning for dynamically allocated memory and with it the detection
> of accesses that are only partially out of bounds (e.g., accessing
> a four byte int in the last two bytes of a buffer). In hindsight this
> seems independent of the attribute access enhancement so I suppose it
> could have been split up into a separate change but I doubt it would
> reduce the size of the diff by more than 30 lines.
> [5/5] - Extend -Warray-bounds to detect out-of-bounds accesses to array parameters.
>
> gcc/ChangeLog:
>
> PR middle-end/82608
> PR middle-end/94195
> PR c/50584
> PR middle-end/84051
> * gimple-array-bounds.cc (get_base_decl): New function.
> (get_ref_size): New function.
> (trailing_array): New function.
> (array_bounds_checker::check_array_ref): Call them. Handle arrays
> declared in function parameters.
> (array_bounds_checker::check_mem_ref): Same. Handle references to
> dynamically allocated arrays.
>
> gcc/testsuite/ChangeLog:
>
> PR middle-end/82608
> PR middle-end/94195
> PR c/50584
> PR middle-end/84051
> * gcc.dg/Warray-bounds-63.c: New test.
> * gcc.dg/Warray-bounds-64.c: New test.
> * gcc.dg/Warray-bounds-65.c: New test.
> * gcc.dg/Warray-bounds-66.c: New test.
>
> diff --git a/gcc/gimple-array-bounds.cc b/gcc/gimple-array-bounds.cc
> index c2dd6663c3a..b93ef7a7b74 100644
> --- a/gcc/gimple-array-bounds.cc
> +++ b/gcc/gimple-array-bounds.cc
> @@ -36,6 +36,8 @@ along with GCC; see the file COPYING3. If not see
> #include "vr-values.h"
> #include "domwalk.h"
> #include "tree-cfg.h"
> +#include "attribs.h"
> +#include "builtins.h"
>
> // This purposely returns a value_range, not a value_range_equiv, to
> // break the dependency on equivalences for this pass.
> @@ -46,19 +48,137 @@ array_bounds_checker::get_value_range (const_tree op)
> return ranges->get_value_range (op);
> }
>
> +/* Try to determine the DECL that REF refers to. Return the DECL or
> + the expression closest to it. Used in informational notes pointing
> + to referenced objects or function parameters. */
> +
> +static tree
> +get_base_decl (tree ref)
[ ... ]
> +
> +/* Return the constant byte size of the object or type referenced by
> + the MEM_REF ARG. On success, set *PREF to the DECL or expression
> + ARG refers to. Otherwise return null. */
> +
> +static tree
> +get_ref_size (tree arg, tree *pref)
[ ... ]
I'm surprised we don't already have routines to do this.
get_ref_base_and_extent perhaps?
Otherwise it seems reasonable to me.
Jeff
>
prev parent reply other threads:[~2020-08-13 16:49 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-29 1:13 [PATCH 0/5] add checking of function array parameters (PR 50584) Martin Sebor
2020-07-29 1:16 ` [PATCH 1/5] infrastructure to detect out-of-bounds accesses to array parameters Martin Sebor
2020-08-07 17:08 ` Martin Sebor
2020-08-13 19:09 ` Jeff Law
2020-07-29 1:19 ` [PATCH 2/5] C front end support " Martin Sebor
2020-07-29 18:12 ` Joseph Myers
2020-08-07 17:01 ` Martin Sebor
2020-08-12 23:19 ` Joseph Myers
2020-08-13 23:04 ` Martin Sebor
2020-08-17 22:09 ` Joseph Myers
2020-08-19 22:56 ` Martin Sebor
2020-08-20 0:09 ` Joseph Myers
2020-08-21 19:17 ` Martin Sebor
2020-08-25 18:44 ` Martin Sebor
2020-09-03 0:03 ` [PING][PATCH " Martin Sebor
2020-09-09 21:39 ` [PING 2][PATCH " Martin Sebor
2020-09-15 23:02 ` Joseph Myers
2020-09-16 19:14 ` Martin Sebor
2020-09-17 22:38 ` Joseph Myers
2020-09-20 0:01 ` Martin Sebor
2020-09-21 18:20 ` Vaseeharan Vinayagamoorthy
2020-09-21 18:45 ` Martin Sebor
2020-09-23 8:22 ` Szabolcs Nagy
2020-09-23 15:44 ` Szabolcs Nagy
2020-09-23 17:45 ` Martin Sebor
2020-09-24 3:45 ` Jeff Law
2020-10-05 8:45 ` Szabolcs Nagy
2020-07-29 1:20 ` [PATCH 0/5] add checking of function array parameters (PR 50584) Martin Sebor
2020-08-13 16:26 ` Jeff Law
2020-07-29 1:22 ` [PATCH 4/5] - extend -Wstringop-overflow to detect out-of-bounds accesses to array parameters Martin Sebor
2020-08-13 16:31 ` Jeff Law
2020-07-29 1:24 ` [PATCH 5/5] extend -Warray-bounds " Martin Sebor
2020-08-13 16:49 ` Jeff Law [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c8d08a3376cd0de60355467e0eacb83e3583a51b.camel@redhat.com \
--to=law@redhat.com \
--cc=gcc-patches@gcc.gnu.org \
--cc=msebor@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).