[PATCH] builtins: Fix ICE with unprototyped builtin call [PR100576]

Wed, 19 May 2021 00:02:59 -0700 

Hi!

For unprototyped builtins the checking we perform is only about whether
the used argument is integral, pointer etc., not the exact precision.
We emit a warning about the problem though:
pr100576.c: In function ‘foo’:
pr100576.c:9:11: warning: implicit declaration of function ‘memcmp’ 
[-Wimplicit-function-declaration]
    9 |   int n = memcmp (p, v, b);
      |           ^~~~~~
pr100576.c:1:1: note: include ‘<string.h>’ or provide a declaration of ‘memcmp’
  +++ |+#include <string.h>
    1 | /* PR middle-end/100576 */
pr100576.c:9:25: warning: ‘memcmp’ argument 3 type is ‘int’ where ‘long 
unsigned int’ is expected in a call to built-in function declared without 
prototype [-Wbuiltin-declaration-mismatch]
    9 |   int n = memcmp (p, v, b);
      |                         ^
It means in the testcase below where the user incorrectly called memcmp
with last argument int rather then size_t, the warning stuff in builtins.c
ICEs because it compares a wide_int from such a bound with another wide_int
which has precision of size_t/sizetype and wide_int asserts the compared
wide_ints are compatible.

Fixed by forcing the bound to have the right type.

Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?

2021-05-19  Jakub Jelinek  <ja...@redhat.com>

        PR middle-end/100576
        * builtins.c (check_read_access): Convert bound to size_type_node if
        non-NULL.

        * gcc.c-torture/compile/pr100576.c: New test.

--- gcc/builtins.c.jj   2021-05-18 10:04:06.303719938 +0200
+++ gcc/builtins.c      2021-05-18 10:18:42.695845160 +0200
@@ -4904,6 +4904,8 @@ check_read_access (tree exp, tree src, t
   if (!warn_stringop_overread)
     return true;
 
+  if (bound && !useless_type_conversion_p (size_type_node, TREE_TYPE (bound)))
+    bound = fold_convert (size_type_node, bound);
   access_data data (exp, access_read_only, NULL_TREE, false, bound, true);
   compute_objsize (src, ost, &data.src);
   return check_access (exp, /*dstwrite=*/ NULL_TREE, /*maxread=*/ bound,
--- gcc/testsuite/gcc.c-torture/compile/pr100576.c.jj   2021-05-17 
20:14:24.222994308 +0200
+++ gcc/testsuite/gcc.c-torture/compile/pr100576.c      2021-05-17 
20:14:09.776153612 +0200
@@ -0,0 +1,12 @@
+/* PR middle-end/100576 */
+
+const char v[] = {0x12};
+
+void
+foo (const char *p)
+{
+  int b = sizeof v;
+  int n = memcmp (p, v, b);
+  if (n)
+    __builtin_abort ();
+}

        Jakub

Reply via email to