On Wed, 19 May 2021, Jakub Jelinek wrote:
> Hi!
>
> For unprototyped builtins the checking we perform is only about whether
> the used argument is integral, pointer etc., not the exact precision.
> We emit a warning about the problem though:
> pr100576.c: In function ‘foo’:
> pr100576.c:9:11: warning: implicit declaration of function ‘memcmp’
> [-Wimplicit-function-declaration]
> 9 | int n = memcmp (p, v, b);
> | ^~~~~~
> pr100576.c:1:1: note: include ‘<string.h>’ or provide a declaration of
> ‘memcmp’
> +++ |+#include <string.h>
> 1 | /* PR middle-end/100576 */
> pr100576.c:9:25: warning: ‘memcmp’ argument 3 type is ‘int’ where ‘long
> unsigned int’ is expected in a call to built-in function declared without
> prototype [-Wbuiltin-declaration-mismatch]
> 9 | int n = memcmp (p, v, b);
> | ^
> It means in the testcase below where the user incorrectly called memcmp
> with last argument int rather then size_t, the warning stuff in builtins.c
> ICEs because it compares a wide_int from such a bound with another wide_int
> which has precision of size_t/sizetype and wide_int asserts the compared
> wide_ints are compatible.
>
> Fixed by forcing the bound to have the right type.
>
> Bootstrapped/regtested on x86_64-linux and i686-linux, ok for trunk?
OK.
> 2021-05-19 Jakub Jelinek <ja...@redhat.com>
>
> PR middle-end/100576
> * builtins.c (check_read_access): Convert bound to size_type_node if
> non-NULL.
>
> * gcc.c-torture/compile/pr100576.c: New test.
>
> --- gcc/builtins.c.jj 2021-05-18 10:04:06.303719938 +0200
> +++ gcc/builtins.c 2021-05-18 10:18:42.695845160 +0200
> @@ -4904,6 +4904,8 @@ check_read_access (tree exp, tree src, t
> if (!warn_stringop_overread)
> return true;
>
> + if (bound && !useless_type_conversion_p (size_type_node, TREE_TYPE
> (bound)))
> + bound = fold_convert (size_type_node, bound);
> access_data data (exp, access_read_only, NULL_TREE, false, bound, true);
> compute_objsize (src, ost, &data.src);
> return check_access (exp, /*dstwrite=*/ NULL_TREE, /*maxread=*/ bound,
> --- gcc/testsuite/gcc.c-torture/compile/pr100576.c.jj 2021-05-17
> 20:14:24.222994308 +0200
> +++ gcc/testsuite/gcc.c-torture/compile/pr100576.c 2021-05-17
> 20:14:09.776153612 +0200
> @@ -0,0 +1,12 @@
> +/* PR middle-end/100576 */
> +
> +const char v[] = {0x12};
> +
> +void
> +foo (const char *p)
> +{
> + int b = sizeof v;
> + int n = memcmp (p, v, b);
> + if (n)
> + __builtin_abort ();
> +}
>
> Jakub
>
>
--
Richard Biener <rguent...@suse.de>
SUSE Software Solutions Germany GmbH, Maxfeldstrasse 5, 90409 Nuernberg,
Germany; GF: Felix Imendörffer; HRB 36809 (AG Nuernberg)
