On Tue, 2020-07-28 at 19:24 -0600, Martin Sebor via Gcc-patches wrote: > Patch 5 adds support for -Warray-bounds to detect out of bounds accesses > in functions that take array/VLA arguments. The changes also enable > the warning for dynamically allocated memory and with it the detection > of accesses that are only partially out of bounds (e.g., accessing > a four byte int in the last two bytes of a buffer). In hindsight this > seems independent of the attribute access enhancement so I suppose it > could have been split up into a separate change but I doubt it would > reduce the size of the diff by more than 30 lines.
> [5/5] - Extend -Warray-bounds to detect out-of-bounds accesses to array > parameters. > > gcc/ChangeLog: > > PR middle-end/82608 > PR middle-end/94195 > PR c/50584 > PR middle-end/84051 > * gimple-array-bounds.cc (get_base_decl): New function. > (get_ref_size): New function. > (trailing_array): New function. > (array_bounds_checker::check_array_ref): Call them. Handle arrays > declared in function parameters. > (array_bounds_checker::check_mem_ref): Same. Handle references to > dynamically allocated arrays. > > gcc/testsuite/ChangeLog: > > PR middle-end/82608 > PR middle-end/94195 > PR c/50584 > PR middle-end/84051 > * gcc.dg/Warray-bounds-63.c: New test. > * gcc.dg/Warray-bounds-64.c: New test. > * gcc.dg/Warray-bounds-65.c: New test. > * gcc.dg/Warray-bounds-66.c: New test. > > diff --git a/gcc/gimple-array-bounds.cc b/gcc/gimple-array-bounds.cc > index c2dd6663c3a..b93ef7a7b74 100644 > --- a/gcc/gimple-array-bounds.cc > +++ b/gcc/gimple-array-bounds.cc > @@ -36,6 +36,8 @@ along with GCC; see the file COPYING3. If not see > #include "vr-values.h" > #include "domwalk.h" > #include "tree-cfg.h" > +#include "attribs.h" > +#include "builtins.h" > > // This purposely returns a value_range, not a value_range_equiv, to > // break the dependency on equivalences for this pass. > @@ -46,19 +48,137 @@ array_bounds_checker::get_value_range (const_tree op) > return ranges->get_value_range (op); > } > > +/* Try to determine the DECL that REF refers to. Return the DECL or > + the expression closest to it. Used in informational notes pointing > + to referenced objects or function parameters. */ > + > +static tree > +get_base_decl (tree ref) [ ... ] > + > +/* Return the constant byte size of the object or type referenced by > + the MEM_REF ARG. On success, set *PREF to the DECL or expression > + ARG refers to. Otherwise return null. */ > + > +static tree > +get_ref_size (tree arg, tree *pref) [ ... ] I'm surprised we don't already have routines to do this. get_ref_base_and_extent perhaps? Otherwise it seems reasonable to me. Jeff >
