1 /* Pass to detect and issue warnings for violations of the restrict
3 Copyright (C) 2017-2020 Free Software Foundation, Inc.
4 Contributed by Martin Sebor <msebor@redhat.com>.
6 This file is part of GCC.
8 GCC is free software; you can redistribute it and/or modify it under
9 the terms of the GNU General Public License as published by the Free
10 Software Foundation; either version 3, or (at your option) any later
13 GCC is distributed in the hope that it will be useful, but WITHOUT ANY
14 WARRANTY; without even the implied warranty of MERCHANTABILITY or
15 FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
18 You should have received a copy of the GNU General Public License
19 along with GCC; see the file COPYING3. If not see
20 <http://www.gnu.org/licenses/>. */
24 #include "coretypes.h"
29 #include "tree-pass.h"
32 #include "gimple-pretty-print.h"
33 #include "gimple-ssa-warn-restrict.h"
34 #include "diagnostic-core.h"
35 #include "fold-const.h"
36 #include "gimple-iterator.h"
40 #include "tree-object-size.h"
47 const pass_data pass_data_wrestrict
= {
52 PROP_cfg
, /* Properties_required. */
53 0, /* properties_provided. */
54 0, /* properties_destroyed. */
55 0, /* properties_start */
56 0, /* properties_finish */
59 /* Pass to detect violations of strict aliasing requirements in calls
60 to built-in string and raw memory functions. */
61 class pass_wrestrict
: public gimple_opt_pass
64 pass_wrestrict (gcc::context
*ctxt
)
65 : gimple_opt_pass (pass_data_wrestrict
, ctxt
)
68 opt_pass
*clone () { return new pass_wrestrict (m_ctxt
); }
70 virtual bool gate (function
*);
71 virtual unsigned int execute (function
*);
75 pass_wrestrict::gate (function
*fun ATTRIBUTE_UNUSED
)
77 return warn_array_bounds
|| warn_restrict
|| warn_stringop_overflow
;
80 /* Class to walk the basic blocks of a function in dominator order. */
81 class wrestrict_dom_walker
: public dom_walker
84 wrestrict_dom_walker () : dom_walker (CDI_DOMINATORS
) {}
86 edge
before_dom_children (basic_block
) FINAL OVERRIDE
;
87 bool handle_gimple_call (gimple_stmt_iterator
*);
90 void check_call (gimple
*);
94 wrestrict_dom_walker::before_dom_children (basic_block bb
)
96 /* Iterate over statements, looking for function calls. */
97 for (gimple_stmt_iterator si
= gsi_start_bb (bb
); !gsi_end_p (si
);
100 gimple
*stmt
= gsi_stmt (si
);
101 if (!is_gimple_call (stmt
))
110 /* Execute the pass for function FUN, walking in dominator order. */
113 pass_wrestrict::execute (function
*fun
)
115 calculate_dominance_info (CDI_DOMINATORS
);
117 wrestrict_dom_walker walker
;
118 walker
.walk (ENTRY_BLOCK_PTR_FOR_FN (fun
));
123 /* Description of a memory reference by a built-in function. This
124 is similar to ao_ref but made especially suitable for -Wrestrict
125 and not for optimization. */
129 /* The original pointer argument to the built-in function. */
131 /* The referenced subobject or NULL if not available, and the base
132 object of the memory reference or NULL. */
136 /* The size of the BASE object, PTRDIFF_MAX if indeterminate,
137 and negative until (possibly lazily) initialized. */
139 /* Same for the subobject. */
142 /* The non-negative offset of the referenced subobject. Used to avoid
143 warnings for (apparently) possibly but not definitively overlapping
144 accesses to member arrays. Negative when unknown/invalid. */
147 /* The offset range relative to the base. */
148 offset_int offrange
[2];
149 /* The size range of the access to this reference. */
150 offset_int sizrange
[2];
152 /* Cached result of get_max_objsize(). */
153 const offset_int maxobjsize
;
155 /* True for "bounded" string functions like strncat, and strncpy
156 and their variants that specify either an exact or upper bound
157 on the size of the accesses they perform. For strncat both
158 the source and destination references are bounded. For strncpy
159 only the destination reference is. */
162 builtin_memref (tree
, tree
);
164 tree
offset_out_of_bounds (int, offset_int
[3]) const;
168 /* Ctor helper to set or extend OFFRANGE based on argument. */
169 void extend_offset_range (tree
);
171 /* Ctor helper to determine BASE and OFFRANGE from argument. */
172 void set_base_and_offset (tree
);
175 /* Description of a memory access by a raw memory or string built-in
176 function involving a pair of builtin_memref's. */
180 /* Destination and source memory reference. */
181 builtin_memref
* const dstref
;
182 builtin_memref
* const srcref
;
183 /* The size range of the access. It's the greater of the accesses
184 to the two references. */
185 HOST_WIDE_INT sizrange
[2];
187 /* The minimum and maximum offset of an overlap of the access
188 (if it does, in fact, overlap), and the size of the overlap. */
189 HOST_WIDE_INT ovloff
[2];
190 HOST_WIDE_INT ovlsiz
[2];
192 /* True to consider valid only accesses to the smallest subobject
193 and false for raw memory functions. */
196 return (detect_overlap
!= &builtin_access::generic_overlap
197 && detect_overlap
!= &builtin_access::no_overlap
);
200 builtin_access (gimple
*, builtin_memref
&, builtin_memref
&);
202 /* Entry point to determine overlap. */
205 offset_int
write_off (tree
) const;
207 void dump (FILE *) const;
210 /* Implementation functions used to determine overlap. */
211 bool generic_overlap ();
212 bool strcat_overlap ();
213 bool strcpy_overlap ();
220 offset_int
overlap_size (const offset_int
[2], const offset_int
[2],
224 /* Temporaries used to compute the final result. */
225 offset_int dstoff
[2];
226 offset_int srcoff
[2];
227 offset_int dstsiz
[2];
228 offset_int srcsiz
[2];
230 /* Pointer to a member function to call to determine overlap. */
231 bool (builtin_access::*detect_overlap
) ();
234 /* Initialize a memory reference representation from a pointer EXPR and
235 a size SIZE in bytes. If SIZE is NULL_TREE then the size is assumed
238 builtin_memref::builtin_memref (tree expr
, tree size
)
244 refoff (HOST_WIDE_INT_MIN
),
247 maxobjsize (tree_to_shwi (max_object_size ())),
250 /* Unfortunately, wide_int default ctor is a no-op so array members
251 of the type must be set individually. */
252 offrange
[0] = offrange
[1] = 0;
253 sizrange
[0] = sizrange
[1] = 0;
258 /* Find the BASE object or pointer referenced by EXPR and set
259 the offset range OFFRANGE in the process. */
260 set_base_and_offset (expr
);
265 /* Determine the size range, allowing for the result to be [0, 0]
266 for SIZE in the anti-range ~[0, N] where N >= PTRDIFF_MAX. */
267 get_size_range (size
, range
, true);
268 sizrange
[0] = wi::to_offset (range
[0]);
269 sizrange
[1] = wi::to_offset (range
[1]);
270 /* get_size_range returns SIZE_MAX for the maximum size.
271 Constrain it to the real maximum of PTRDIFF_MAX. */
272 if (sizrange
[0] <= maxobjsize
&& sizrange
[1] > maxobjsize
)
273 sizrange
[1] = maxobjsize
;
276 sizrange
[1] = maxobjsize
;
281 /* If the offset could be in the range of the referenced object
282 constrain its bounds so neither exceeds those of the object. */
283 if (offrange
[0] < 0 && offrange
[1] > 0)
286 offset_int maxoff
= maxobjsize
;
287 tree basetype
= TREE_TYPE (base
);
288 if (TREE_CODE (basetype
) == ARRAY_TYPE
)
290 if (ref
&& array_at_struct_end_p (ref
))
291 ; /* Use the maximum possible offset for last member arrays. */
292 else if (tree basesize
= TYPE_SIZE_UNIT (basetype
))
293 if (TREE_CODE (basesize
) == INTEGER_CST
)
294 /* Size could be non-constant for a variable-length type such
295 as a struct with a VLA member (a GCC extension). */
296 maxoff
= wi::to_offset (basesize
);
299 if (offrange
[0] >= 0)
302 offrange
[1] = offrange
[0] <= maxoff
? maxoff
: maxobjsize
;
303 else if (offrange
[0] <= maxoff
&& offrange
[1] > maxoff
)
304 offrange
[1] = maxoff
;
308 /* Based on the initial length of the destination STARTLEN, returns
309 the offset of the first write access from the beginning of
310 the destination. Nonzero only for strcat-type of calls. */
312 offset_int
builtin_access::write_off (tree startlen
) const
314 if (detect_overlap
!= &builtin_access::strcat_overlap
315 || !startlen
|| TREE_CODE (startlen
) != INTEGER_CST
)
318 return wi::to_offset (startlen
);
321 /* Ctor helper to set or extend OFFRANGE based on the OFFSET argument.
322 Pointer offsets are represented as unsigned sizetype but must be
323 treated as signed. */
326 builtin_memref::extend_offset_range (tree offset
)
328 if (TREE_CODE (offset
) == INTEGER_CST
)
330 offset_int off
= int_cst_value (offset
);
339 if (TREE_CODE (offset
) == SSA_NAME
)
341 /* A pointer offset is represented as sizetype but treated
344 value_range_kind rng
= get_range_info (offset
, &min
, &max
);
345 if (rng
== VR_ANTI_RANGE
&& wi::lts_p (max
, min
))
347 /* Convert an anti-range whose upper bound is less than
348 its lower bound to a signed range. */
349 offrange
[0] += offset_int::from (max
+ 1, SIGNED
);
350 offrange
[1] += offset_int::from (min
- 1, SIGNED
);
355 && (DECL_P (base
) || wi::lts_p (min
, max
)))
357 /* Preserve the bounds of the range for an offset into
358 a known object (it may be adjusted later relative to
359 a constant offset from its beginning). Otherwise use
360 the bounds only when they are ascending when treated
362 offrange
[0] += offset_int::from (min
, SIGNED
);
363 offrange
[1] += offset_int::from (max
, SIGNED
);
367 /* Handle an anti-range the same as no range at all. */
368 gimple
*stmt
= SSA_NAME_DEF_STMT (offset
);
370 if (is_gimple_assign (stmt
)
371 && (type
= TREE_TYPE (gimple_assign_rhs1 (stmt
)))
372 && INTEGRAL_TYPE_P (type
))
374 tree_code code
= gimple_assign_rhs_code (stmt
);
375 if (code
== NOP_EXPR
)
377 /* Use the bounds of the type of the NOP_EXPR operand
378 even if it's signed. The result doesn't trigger
379 warnings but makes their output more readable. */
380 offrange
[0] += wi::to_offset (TYPE_MIN_VALUE (type
));
381 offrange
[1] += wi::to_offset (TYPE_MAX_VALUE (type
));
387 const offset_int maxoff
= tree_to_shwi (max_object_size ()) >> 1;
388 const offset_int minoff
= -maxoff
- 1;
390 offrange
[0] += minoff
;
391 offrange
[1] += maxoff
;
394 /* Determines the base object or pointer of the reference EXPR
395 and the offset range from the beginning of the base. */
398 builtin_memref::set_base_and_offset (tree expr
)
400 tree offset
= NULL_TREE
;
402 if (TREE_CODE (expr
) == SSA_NAME
)
404 /* Try to tease the offset out of the pointer. */
405 gimple
*stmt
= SSA_NAME_DEF_STMT (expr
);
407 && gimple_assign_single_p (stmt
)
408 && gimple_assign_rhs_code (stmt
) == ADDR_EXPR
)
409 expr
= gimple_assign_rhs1 (stmt
);
410 else if (is_gimple_assign (stmt
))
412 tree_code code
= gimple_assign_rhs_code (stmt
);
413 if (code
== NOP_EXPR
)
415 tree rhs
= gimple_assign_rhs1 (stmt
);
416 if (POINTER_TYPE_P (TREE_TYPE (rhs
)))
417 expr
= gimple_assign_rhs1 (stmt
);
424 else if (code
== POINTER_PLUS_EXPR
)
426 expr
= gimple_assign_rhs1 (stmt
);
427 offset
= gimple_assign_rhs2 (stmt
);
437 /* FIXME: Handle PHI nodes in case like:
438 _12 = &MEM[(void *)&a + 2B] + _10;
440 <bb> [local count: 1073741824]:
441 # prephitmp_13 = PHI <_12, &MEM[(void *)&a + 2B]>
442 memcpy (prephitmp_13, p_7(D), 6); */
448 if (TREE_CODE (expr
) == ADDR_EXPR
)
449 expr
= TREE_OPERAND (expr
, 0);
451 /* Stash the reference for offset validation. */
454 poly_int64 bitsize
, bitpos
;
457 int sign
, reverse
, vol
;
459 /* Determine the base object or pointer of the reference and
460 the constant bit offset from the beginning of the base.
461 If the offset has a non-constant component, it will be in
462 VAR_OFF. MODE, SIGN, REVERSE, and VOL are write only and
464 base
= get_inner_reference (expr
, &bitsize
, &bitpos
, &var_off
,
465 &mode
, &sign
, &reverse
, &vol
);
467 /* get_inner_reference is not expected to return null. */
468 gcc_assert (base
!= NULL
);
471 extend_offset_range (offset
);
473 poly_int64 bytepos
= exact_div (bitpos
, BITS_PER_UNIT
);
475 /* Convert the poly_int64 offset to offset_int. The offset
476 should be constant but be prepared for it not to be just in
479 if (bytepos
.is_constant (&cstoff
))
481 offrange
[0] += cstoff
;
482 offrange
[1] += cstoff
;
484 /* Besides the reference saved above, also stash the offset
486 if (TREE_CODE (expr
) == COMPONENT_REF
)
490 offrange
[1] += maxobjsize
;
494 if (TREE_CODE (var_off
) == INTEGER_CST
)
496 cstoff
= wi::to_offset (var_off
);
497 offrange
[0] += cstoff
;
498 offrange
[1] += cstoff
;
501 offrange
[1] += maxobjsize
;
504 if (TREE_CODE (base
) == MEM_REF
)
506 tree memrefoff
= fold_convert (ptrdiff_type_node
, TREE_OPERAND (base
, 1));
507 extend_offset_range (memrefoff
);
508 base
= TREE_OPERAND (base
, 0);
510 if (refoff
!= HOST_WIDE_INT_MIN
511 && TREE_CODE (expr
) == COMPONENT_REF
)
513 /* Bump up the offset of the referenced subobject to reflect
514 the offset to the enclosing object. For example, so that
516 struct S { char a, b[3]; } s[2];
517 strcpy (s[1].b, "1234");
518 REFOFF is set to s[1].b - (char*)s. */
519 offset_int off
= tree_to_shwi (memrefoff
);
523 if (!integer_zerop (memrefoff
))
524 /* A non-zero offset into an array of struct with flexible array
525 members implies that the array is empty because there is no
526 way to initialize such a member when it belongs to an array.
527 This must be some sort of a bug. */
531 if (TREE_CODE (ref
) == COMPONENT_REF
)
532 if (tree size
= component_ref_size (ref
))
533 if (TREE_CODE (size
) == INTEGER_CST
)
534 refsize
= wi::to_offset (size
);
536 if (TREE_CODE (base
) == SSA_NAME
)
537 set_base_and_offset (base
);
540 /* Return error_mark_node if the signed offset exceeds the bounds
541 of the address space (PTRDIFF_MAX). Otherwise, return either BASE
542 or REF when the offset exceeds the bounds of the BASE or REF object,
543 and set OOBOFF to the past-the-end offset formed by the reference,
544 including its size. OOBOFF is initially setto the range of offsets,
545 and OOBOFF[2] to the offset of the first write access (nonzero for
546 the strcat family). When STRICT is nonzero use REF size, when
547 available, otherwise use BASE size. When STRICT is greater than 1,
548 use the size of the last array member as the bound, otherwise treat
549 such a member as a flexible array member. Return NULL when the offset
553 builtin_memref::offset_out_of_bounds (int strict
, offset_int ooboff
[3]) const
558 /* The offset of the first write access or zero. */
559 offset_int wroff
= ooboff
[2];
561 /* A temporary, possibly adjusted, copy of the offset range. */
562 offset_int offrng
[2] = { ooboff
[0], ooboff
[1] };
564 if (DECL_P (base
) && TREE_CODE (TREE_TYPE (base
)) == ARRAY_TYPE
)
566 /* Check for offset in an anti-range with a negative lower bound.
567 For such a range, consider only the non-negative subrange. */
568 if (offrng
[1] < offrng
[0] && offrng
[1] < 0)
569 offrng
[1] = maxobjsize
;
572 /* Conservative offset of the last byte of the referenced object. */
575 /* The bounds need not be ordered. Set HIB to use as the index
576 of the larger of the bounds and LOB as the opposite. */
577 bool hib
= wi::les_p (offrng
[0], offrng
[1]);
580 /* Set to the size remaining in the object object after subtracting
581 REFOFF. It may become negative as a result of negative indices
582 into the enclosing object, such as in:
583 extern struct S { char a[4], b[3], c[1]; } *p;
584 strcpy (p[-3].b, "123"); */
585 offset_int size
= basesize
;
588 const bool decl_p
= DECL_P (obj
);
592 endoff
= offrng
[lob
] + (sizrange
[0] - wroff
);
594 /* For a reference through a pointer to an object of unknown size
595 all initial offsets are considered valid, positive as well as
596 negative, since the pointer itself can point past the beginning
597 of the object. However, the sum of the lower bound of the offset
598 and that of the size must be less than or equal than PTRDIFF_MAX. */
599 if (endoff
> maxobjsize
)
600 return error_mark_node
;
602 /* When the referenced subobject is known, the end offset must be
603 within its bounds. Otherwise there is nothing to do. */
608 && TREE_CODE (ref
) == COMPONENT_REF
)
610 /* If REFOFF is negative, SIZE will become negative here. */
611 size
= refoff
+ refsize
;
618 /* A reference to an object of known size must be within the bounds
619 of either the base object or the subobject (see above for when
620 a subobject can be used). */
621 if ((decl_p
&& offrng
[hib
] < 0) || offrng
[lob
] > size
)
624 /* The extent of the reference must also be within the bounds of
625 the base object (if known) or the subobject or the maximum object
627 endoff
= offrng
[lob
] + sizrange
[0];
628 if (endoff
> maxobjsize
)
629 return error_mark_node
;
635 && TREE_CODE (ref
) == COMPONENT_REF
)
637 /* If the reference is to a member subobject of a declared object,
638 the offset must be within the bounds of the subobject. */
639 size
= refoff
+ refsize
;
646 /* Set the out-of-bounds offset range to be one greater than
647 that delimited by the reference including its size. */
650 if (endoff
> ooboff
[lob
])
651 ooboff
[hib
] = endoff
- 1;
653 ooboff
[hib
] = offrng
[lob
] + sizrange
[1];
658 /* Create an association between the memory references DST and SRC
659 for access by a call EXPR to a memory or string built-in funtion. */
661 builtin_access::builtin_access (gimple
*call
, builtin_memref
&dst
,
663 : dstref (&dst
), srcref (&src
), sizrange (), ovloff (), ovlsiz (),
664 dstoff (), srcoff (), dstsiz (), srcsiz ()
666 dstoff
[0] = dst
.offrange
[0];
667 dstoff
[1] = dst
.offrange
[1];
669 /* Zero out since the offset_int ctors invoked above are no-op. */
670 srcoff
[0] = srcoff
[1] = 0;
671 dstsiz
[0] = dstsiz
[1] = 0;
672 srcsiz
[0] = srcsiz
[1] = 0;
674 /* Object Size Type to use to determine the size of the destination
675 and source objects. Overridden below for raw memory functions. */
678 /* True when the size of one reference depends on the offset of
679 itself or the other. */
680 bool depends_p
= true;
682 /* True when the size of the destination reference DSTREF has been
683 determined from SRCREF and so needs to be adjusted by the latter's
684 offset. Only meaningful for bounded string functions like strncpy. */
685 bool dstadjust_p
= false;
687 /* The size argument number (depends on the built-in). */
688 unsigned sizeargno
= 2;
690 tree func
= gimple_call_fndecl (call
);
691 switch (DECL_FUNCTION_CODE (func
))
693 case BUILT_IN_MEMCPY
:
694 case BUILT_IN_MEMCPY_CHK
:
695 case BUILT_IN_MEMPCPY
:
696 case BUILT_IN_MEMPCPY_CHK
:
699 detect_overlap
= &builtin_access::generic_overlap
;
702 case BUILT_IN_MEMMOVE
:
703 case BUILT_IN_MEMMOVE_CHK
:
704 /* For memmove there is never any overlap to check for. */
707 detect_overlap
= &builtin_access::no_overlap
;
710 case BUILT_IN_MEMSET
:
711 case BUILT_IN_MEMSET_CHK
:
712 /* For memset there is never any overlap to check for. */
715 detect_overlap
= &builtin_access::no_overlap
;
718 case BUILT_IN_STPNCPY
:
719 case BUILT_IN_STPNCPY_CHK
:
720 case BUILT_IN_STRNCPY
:
721 case BUILT_IN_STRNCPY_CHK
:
722 dstref
->strbounded_p
= true;
723 detect_overlap
= &builtin_access::strcpy_overlap
;
726 case BUILT_IN_STPCPY
:
727 case BUILT_IN_STPCPY_CHK
:
728 case BUILT_IN_STRCPY
:
729 case BUILT_IN_STRCPY_CHK
:
730 detect_overlap
= &builtin_access::strcpy_overlap
;
733 case BUILT_IN_STRCAT
:
734 case BUILT_IN_STRCAT_CHK
:
735 detect_overlap
= &builtin_access::strcat_overlap
;
738 case BUILT_IN_STRNCAT
:
739 case BUILT_IN_STRNCAT_CHK
:
740 dstref
->strbounded_p
= true;
741 srcref
->strbounded_p
= true;
742 detect_overlap
= &builtin_access::strcat_overlap
;
746 /* Handle other string functions here whose access may need
747 to be validated for in-bounds offsets and non-overlapping
752 const offset_int maxobjsize
= dst
.maxobjsize
;
754 /* Try to determine the size of the base object. compute_objsize
755 expects a pointer so create one if BASE is a non-pointer object. */
757 if (dst
.basesize
< 0)
760 if (!POINTER_TYPE_P (TREE_TYPE (addr
)))
761 addr
= build1 (ADDR_EXPR
, (TREE_TYPE (addr
)), addr
);
763 if (tree dstsize
= compute_objsize (addr
, ostype
))
764 dst
.basesize
= wi::to_offset (dstsize
);
765 else if (POINTER_TYPE_P (TREE_TYPE (addr
)))
766 dst
.basesize
= HOST_WIDE_INT_MIN
;
768 dst
.basesize
= maxobjsize
;
771 if (src
.base
&& src
.basesize
< 0)
774 if (!POINTER_TYPE_P (TREE_TYPE (addr
)))
775 addr
= build1 (ADDR_EXPR
, (TREE_TYPE (addr
)), addr
);
777 if (tree srcsize
= compute_objsize (addr
, ostype
))
778 src
.basesize
= wi::to_offset (srcsize
);
779 else if (POINTER_TYPE_P (TREE_TYPE (addr
)))
780 src
.basesize
= HOST_WIDE_INT_MIN
;
782 src
.basesize
= maxobjsize
;
785 /* Make adjustments for references to the same object by string
786 built-in functions to reflect the constraints imposed by
789 /* For bounded string functions determine the range of the bound
790 on the access. For others, the range stays unbounded. */
791 offset_int bounds
[2] = { maxobjsize
, maxobjsize
};
792 if (dstref
->strbounded_p
)
794 unsigned nargs
= gimple_call_num_args (call
);
795 if (nargs
<= sizeargno
)
798 tree size
= gimple_call_arg (call
, sizeargno
);
800 if (get_size_range (size
, range
, true))
802 bounds
[0] = wi::to_offset (range
[0]);
803 bounds
[1] = wi::to_offset (range
[1]);
806 /* If both references' size ranges are indeterminate use the last
807 (size) argument from the function call as a substitute. This
808 may only be necessary for strncpy (but not for memcpy where
809 the size range would have been already determined this way). */
810 if (dstref
->sizrange
[0] == 0 && dstref
->sizrange
[1] == maxobjsize
811 && srcref
->sizrange
[0] == 0 && srcref
->sizrange
[1] == maxobjsize
)
813 dstref
->sizrange
[0] = bounds
[0];
814 dstref
->sizrange
[1] = bounds
[1];
818 bool dstsize_set
= false;
819 /* The size range of one reference involving the same base object
820 can be determined from the size range of the other reference.
821 This makes it possible to compute accurate offsets for warnings
822 involving functions like strcpy where the length of just one of
823 the two arguments is known (determined by tree-ssa-strlen). */
824 if (dstref
->sizrange
[0] == 0 && dstref
->sizrange
[1] == maxobjsize
)
826 /* When the destination size is unknown set it to the size of
828 dstref
->sizrange
[0] = srcref
->sizrange
[0];
829 dstref
->sizrange
[1] = srcref
->sizrange
[1];
832 else if (srcref
->sizrange
[0] == 0 && srcref
->sizrange
[1] == maxobjsize
)
834 /* When the source size is unknown set it to the size of
836 srcref
->sizrange
[0] = dstref
->sizrange
[0];
837 srcref
->sizrange
[1] = dstref
->sizrange
[1];
841 if (dstref
->strbounded_p
)
843 /* Read access by strncpy is constrained by the third
844 argument but except for a zero bound is at least one. */
845 offset_int size
= wi::umax (srcref
->basesize
, 1);
846 offset_int bound
= wi::umin (size
, bounds
[0]);
847 if (bound
< srcref
->sizrange
[0])
848 srcref
->sizrange
[0] = bound
;
849 bound
= wi::umin (srcref
->basesize
, bounds
[1]);
850 if (bound
< srcref
->sizrange
[1])
851 srcref
->sizrange
[1] = bound
;
854 /* For string functions, adjust the size range of the source
855 reference by the inverse boundaries of the offset (because
856 the higher the offset into the string the shorter its
858 if (srcref
->offrange
[1] >= 0
859 && srcref
->offrange
[1] < srcref
->sizrange
[0])
860 srcref
->sizrange
[0] -= srcref
->offrange
[1];
862 srcref
->sizrange
[0] = 0;
864 if (srcref
->offrange
[0] > 0)
866 if (srcref
->offrange
[0] < srcref
->sizrange
[1])
867 srcref
->sizrange
[1] -= srcref
->offrange
[0];
869 srcref
->sizrange
[1] = 0;
876 if (detect_overlap
== &builtin_access::generic_overlap
)
878 if (dstref
->strbounded_p
)
880 dstref
->sizrange
[0] = bounds
[0];
881 dstref
->sizrange
[1] = bounds
[1];
883 if (dstref
->sizrange
[0] < srcref
->sizrange
[0])
884 srcref
->sizrange
[0] = dstref
->sizrange
[0];
886 if (dstref
->sizrange
[1] < srcref
->sizrange
[1])
887 srcref
->sizrange
[1] = dstref
->sizrange
[1];
890 else if (detect_overlap
== &builtin_access::strcpy_overlap
)
892 if (!dstref
->strbounded_p
)
894 /* For strcpy, adjust the destination size range to match that
895 of the source computed above. */
896 if (depends_p
&& dstadjust_p
)
898 dstref
->sizrange
[0] = srcref
->sizrange
[0];
899 dstref
->sizrange
[1] = srcref
->sizrange
[1];
903 else if (!dstsize_set
&& detect_overlap
== &builtin_access::strcat_overlap
)
905 dstref
->sizrange
[0] += srcref
->sizrange
[0] - 1;
906 dstref
->sizrange
[1] += srcref
->sizrange
[1] - 1;
909 if (dstref
->strbounded_p
)
911 /* For strncpy, adjust the destination size range to match that
912 of the source computed above. */
913 dstref
->sizrange
[0] = bounds
[0];
914 dstref
->sizrange
[1] = bounds
[1];
916 if (bounds
[0] < srcref
->sizrange
[0])
917 srcref
->sizrange
[0] = bounds
[0];
919 if (bounds
[1] < srcref
->sizrange
[1])
920 srcref
->sizrange
[1] = bounds
[1];
925 builtin_access::overlap_size (const offset_int a
[2], const offset_int b
[2],
928 const offset_int
*p
= a
;
929 const offset_int
*q
= b
;
931 /* Point P at the bigger of the two ranges and Q at the smaller. */
932 if (wi::lts_p (a
[1] - a
[0], b
[1] - b
[0]))
944 return wi::smin (p
[1], q
[1]) - q
[0];
954 /* Return true if the bounded mempry (memcpy amd similar) or string function
955 access (strncpy and similar) ACS overlaps. */
958 builtin_access::generic_overlap ()
960 builtin_access
&acs
= *this;
961 const builtin_memref
*dstref
= acs
.dstref
;
962 const builtin_memref
*srcref
= acs
.srcref
;
964 gcc_assert (dstref
->base
== srcref
->base
);
966 const offset_int maxobjsize
= acs
.dstref
->maxobjsize
;
968 offset_int maxsize
= dstref
->basesize
< 0 ? maxobjsize
: dstref
->basesize
;
970 /* Adjust the larger bounds of the offsets (which may be the first
971 element if the lower bound is larger than the upper bound) to
972 make them valid for the smallest access (if possible) but no smaller
973 than the smaller bounds. */
974 gcc_assert (wi::les_p (acs
.dstoff
[0], acs
.dstoff
[1]));
976 if (maxsize
< acs
.dstoff
[1] + acs
.dstsiz
[0])
977 acs
.dstoff
[1] = maxsize
- acs
.dstsiz
[0];
978 if (acs
.dstoff
[1] < acs
.dstoff
[0])
979 acs
.dstoff
[1] = acs
.dstoff
[0];
981 gcc_assert (wi::les_p (acs
.srcoff
[0], acs
.srcoff
[1]));
983 if (maxsize
< acs
.srcoff
[1] + acs
.srcsiz
[0])
984 acs
.srcoff
[1] = maxsize
- acs
.srcsiz
[0];
985 if (acs
.srcoff
[1] < acs
.srcoff
[0])
986 acs
.srcoff
[1] = acs
.srcoff
[0];
988 /* Determine the minimum and maximum space for the access given
991 space
[0] = wi::abs (acs
.dstoff
[0] - acs
.srcoff
[0]);
994 offset_int d
= wi::abs (acs
.dstoff
[0] - acs
.srcoff
[1]);
995 if (acs
.srcsiz
[0] > 0)
1004 space
[1] = acs
.dstsiz
[1];
1006 d
= wi::abs (acs
.dstoff
[1] - acs
.srcoff
[0]);
1013 /* Treat raw memory functions both of whose references are bounded
1014 as special and permit uncertain overlaps to go undetected. For
1015 all kinds of constant offset and constant size accesses, if
1016 overlap isn't certain it is not possible. */
1017 bool overlap_possible
= space
[0] < acs
.dstsiz
[1];
1018 if (!overlap_possible
)
1021 bool overlap_certain
= space
[1] < acs
.dstsiz
[0];
1023 /* True when the size of one reference depends on the offset of
1025 bool depends_p
= detect_overlap
!= &builtin_access::generic_overlap
;
1027 if (!overlap_certain
)
1029 if (!dstref
->strbounded_p
&& !depends_p
)
1030 /* Memcpy only considers certain overlap. */
1033 /* There's no way to distinguish an access to the same member
1034 of a structure from one to two distinct members of the same
1035 structure. Give up to avoid excessive false positives. */
1036 tree basetype
= TREE_TYPE (dstref
->base
);
1038 if (POINTER_TYPE_P (basetype
))
1039 basetype
= TREE_TYPE (basetype
);
1041 while (TREE_CODE (basetype
) == ARRAY_TYPE
)
1042 basetype
= TREE_TYPE (basetype
);
1044 if (RECORD_OR_UNION_TYPE_P (basetype
))
1048 /* True for stpcpy and strcpy. */
1049 bool stxcpy_p
= (!dstref
->strbounded_p
1050 && detect_overlap
== &builtin_access::strcpy_overlap
);
1052 if (dstref
->refoff
>= 0
1053 && srcref
->refoff
>= 0
1054 && dstref
->refoff
!= srcref
->refoff
1055 && (stxcpy_p
|| dstref
->strbounded_p
|| srcref
->strbounded_p
))
1058 offset_int siz
[2] = { maxobjsize
+ 1, 0 };
1060 ovloff
[0] = HOST_WIDE_INT_MAX
;
1061 ovloff
[1] = HOST_WIDE_INT_MIN
;
1063 /* Adjustment to the lower bound of the offset of the overlap to
1064 account for a subset of unbounded string calls where the size
1065 of the destination string depends on the length of the source
1066 which in turn depends on the offset into it. */
1071 sub1
= acs
.dstoff
[0] <= acs
.srcoff
[0];
1073 /* Iterate over the extreme locations (on the horizontal axis formed
1074 by their offsets) and sizes of two regions and find their smallest
1075 and largest overlap and the corresponding offsets. */
1076 for (unsigned i
= 0; i
!= 2; ++i
)
1078 const offset_int a
[2] = {
1079 acs
.dstoff
[i
], acs
.dstoff
[i
] + acs
.dstsiz
[!i
]
1082 const offset_int b
[2] = {
1083 acs
.srcoff
[i
], acs
.srcoff
[i
] + acs
.srcsiz
[!i
]
1087 offset_int sz
= overlap_size (a
, b
, &off
);
1096 if (wi::lts_p (off
, ovloff
[0]))
1097 ovloff
[0] = off
.to_shwi ();
1098 if (wi::lts_p (ovloff
[1], off
))
1099 ovloff
[1] = off
.to_shwi ();
1107 /* Iterate over the extreme locations (on the horizontal axis
1108 formed by their offsets) and sizes of two regions and find
1109 their smallest and largest overlap and the corresponding
1112 for (unsigned io
= 0; io
!= 2; ++io
)
1113 for (unsigned is
= 0; is
!= 2; ++is
)
1115 const offset_int a
[2] = {
1116 acs
.dstoff
[io
], acs
.dstoff
[io
] + acs
.dstsiz
[is
]
1119 for (unsigned jo
= 0; jo
!= 2; ++jo
)
1120 for (unsigned js
= 0; js
!= 2; ++js
)
1124 /* For st{p,r}ncpy the size of the source sequence
1125 depends on the offset into it. */
1131 const offset_int b
[2] = {
1132 acs
.srcoff
[jo
], acs
.srcoff
[jo
] + acs
.srcsiz
[js
]
1136 offset_int sz
= overlap_size (a
, b
, &off
);
1145 if (wi::lts_p (off
, ovloff
[0]))
1146 ovloff
[0] = off
.to_shwi ();
1147 if (wi::lts_p (ovloff
[1], off
))
1148 ovloff
[1] = off
.to_shwi ();
1154 ovlsiz
[0] = siz
[0].to_shwi ();
1155 ovlsiz
[1] = siz
[1].to_shwi ();
1157 if (ovlsiz
[0] == 0 && ovlsiz
[1] > 1)
1158 ovloff
[0] = ovloff
[1] + ovlsiz
[1] - 1 - sub1
;
1163 /* Return true if the strcat-like access overlaps. */
1166 builtin_access::strcat_overlap ()
1168 builtin_access
&acs
= *this;
1169 const builtin_memref
*dstref
= acs
.dstref
;
1170 const builtin_memref
*srcref
= acs
.srcref
;
1172 gcc_assert (dstref
->base
== srcref
->base
);
1174 const offset_int maxobjsize
= acs
.dstref
->maxobjsize
;
1176 gcc_assert (dstref
->base
&& dstref
->base
== srcref
->base
);
1178 /* Adjust for strcat-like accesses. */
1180 /* As a special case for strcat, set the DSTREF offsets to the length
1181 of the destination string since the function starts writing over
1182 its terminating nul, and set the destination size to 1 for the length
1184 acs
.dstoff
[0] += dstsiz
[0] - srcref
->sizrange
[0];
1185 acs
.dstoff
[1] += dstsiz
[1] - srcref
->sizrange
[1];
1187 bool strfunc_unknown_args
= acs
.dstsiz
[0] == 0 && acs
.dstsiz
[1] != 0;
1189 /* The lower bound is zero when the size is unknown because then
1190 overlap is not certain. */
1191 acs
.dstsiz
[0] = strfunc_unknown_args
? 0 : 1;
1194 offset_int maxsize
= dstref
->basesize
< 0 ? maxobjsize
: dstref
->basesize
;
1196 /* For references to the same base object, determine if there's a pair
1197 of valid offsets into the two references such that access between
1198 them doesn't overlap. Adjust both upper bounds to be valid for
1199 the smaller size (i.e., at most MAXSIZE - SIZE). */
1201 if (maxsize
< acs
.dstoff
[1] + acs
.dstsiz
[0])
1202 acs
.dstoff
[1] = maxsize
- acs
.dstsiz
[0];
1204 if (maxsize
< acs
.srcoff
[1] + acs
.srcsiz
[0])
1205 acs
.srcoff
[1] = maxsize
- acs
.srcsiz
[0];
1207 /* Check to see if there's enough space for both accesses without
1208 overlap. Determine the optimistic (maximum) amount of available
1211 if (acs
.dstoff
[0] <= acs
.srcoff
[0])
1213 if (acs
.dstoff
[1] < acs
.srcoff
[1])
1214 space
= acs
.srcoff
[1] + acs
.srcsiz
[0] - acs
.dstoff
[0];
1216 space
= acs
.dstoff
[1] + acs
.dstsiz
[0] - acs
.srcoff
[0];
1219 space
= acs
.dstoff
[1] + acs
.dstsiz
[0] - acs
.srcoff
[0];
1221 /* Overlap is certain if the distance between the farthest offsets
1222 of the opposite accesses is less than the sum of the lower bounds
1223 of the sizes of the two accesses. */
1224 bool overlap_certain
= space
< acs
.dstsiz
[0] + acs
.srcsiz
[0];
1226 /* For a constant-offset, constant size access, consider the largest
1227 distance between the offset bounds and the lower bound of the access
1228 size. If the overlap isn't certain return success. */
1229 if (!overlap_certain
1230 && acs
.dstoff
[0] == acs
.dstoff
[1]
1231 && acs
.srcoff
[0] == acs
.srcoff
[1]
1232 && acs
.dstsiz
[0] == acs
.dstsiz
[1]
1233 && acs
.srcsiz
[0] == acs
.srcsiz
[1])
1236 /* Overlap is not certain but may be possible. */
1238 offset_int access_min
= acs
.dstsiz
[0] + acs
.srcsiz
[0];
1240 /* Determine the conservative (minimum) amount of space. */
1241 space
= wi::abs (acs
.dstoff
[0] - acs
.srcoff
[0]);
1242 offset_int d
= wi::abs (acs
.dstoff
[0] - acs
.srcoff
[1]);
1245 d
= wi::abs (acs
.dstoff
[1] - acs
.srcoff
[0]);
1249 /* For a strict test (used for strcpy and similar with unknown or
1250 variable bounds or sizes), consider the smallest distance between
1251 the offset bounds and either the upper bound of the access size
1252 if known, or the lower bound otherwise. */
1253 if (access_min
<= space
&& (access_min
!= 0 || !strfunc_unknown_args
))
1256 /* When strcat overlap is certain it is always a single byte:
1257 the terminating NUL, regardless of offsets and sizes. When
1258 overlap is only possible its range is [0, 1]. */
1259 acs
.ovlsiz
[0] = dstref
->sizrange
[0] == dstref
->sizrange
[1] ? 1 : 0;
1263 = dstref
->offrange
[0] + (dstref
->sizrange
[0] - srcref
->sizrange
[0]);
1264 if (endoff
<= srcref
->offrange
[0])
1265 acs
.ovloff
[0] = wi::smin (maxobjsize
, srcref
->offrange
[0]).to_shwi ();
1267 acs
.ovloff
[0] = wi::smin (maxobjsize
, endoff
).to_shwi ();
1269 acs
.sizrange
[0] = wi::smax (wi::abs (endoff
- srcref
->offrange
[0]) + 1,
1270 srcref
->sizrange
[0]).to_shwi ();
1271 if (dstref
->offrange
[0] == dstref
->offrange
[1])
1273 if (srcref
->offrange
[0] == srcref
->offrange
[1])
1274 acs
.ovloff
[1] = acs
.ovloff
[0];
1277 = wi::smin (maxobjsize
,
1278 srcref
->offrange
[1] + srcref
->sizrange
[1]).to_shwi ();
1282 = wi::smin (maxobjsize
,
1283 dstref
->offrange
[1] + dstref
->sizrange
[1]).to_shwi ();
1285 if (acs
.sizrange
[0] == 0)
1286 acs
.sizrange
[0] = 1;
1287 acs
.sizrange
[1] = wi::smax (acs
.dstsiz
[1], srcref
->sizrange
[1]).to_shwi ();
1291 /* Return true if the strcpy-like access overlaps. */
1294 builtin_access::strcpy_overlap ()
1296 return generic_overlap ();
1300 /* Return true if DSTREF and SRCREF describe accesses that either overlap
1301 one another or that, in order not to overlap, would imply that the size
1302 of the referenced object(s) exceeds the maximum size of an object. Set
1303 Otherwise, if DSTREF and SRCREF do not definitely overlap (even though
1304 they may overlap in a way that's not apparent from the available data),
1308 builtin_access::overlap ()
1310 builtin_access
&acs
= *this;
1312 const offset_int maxobjsize
= dstref
->maxobjsize
;
1314 acs
.sizrange
[0] = wi::smax (dstref
->sizrange
[0],
1315 srcref
->sizrange
[0]).to_shwi ();
1316 acs
.sizrange
[1] = wi::smax (dstref
->sizrange
[1],
1317 srcref
->sizrange
[1]).to_shwi ();
1319 /* Check to see if the two references refer to regions that are
1320 too large not to overlap in the address space (whose maximum
1321 size is PTRDIFF_MAX). */
1322 offset_int size
= dstref
->sizrange
[0] + srcref
->sizrange
[0];
1323 if (maxobjsize
< size
)
1325 acs
.ovloff
[0] = (maxobjsize
- dstref
->sizrange
[0]).to_shwi ();
1326 acs
.ovlsiz
[0] = (size
- maxobjsize
).to_shwi ();
1330 /* If both base objects aren't known return the maximum possible
1331 offset that would make them not overlap. */
1332 if (!dstref
->base
|| !srcref
->base
)
1335 /* If the base object is an array adjust the bounds of the offset
1336 to be non-negative and within the bounds of the array if possible. */
1338 && TREE_CODE (TREE_TYPE (dstref
->base
)) == ARRAY_TYPE
)
1340 if (acs
.dstoff
[0] < 0 && acs
.dstoff
[1] >= 0)
1343 if (acs
.dstoff
[1] < acs
.dstoff
[0])
1345 if (tree size
= TYPE_SIZE_UNIT (TREE_TYPE (dstref
->base
)))
1346 acs
.dstoff
[1] = wi::umin (acs
.dstoff
[1], wi::to_offset (size
));
1348 acs
.dstoff
[1] = wi::umin (acs
.dstoff
[1], maxobjsize
);
1352 acs
.srcoff
[0] = srcref
->offrange
[0];
1353 acs
.srcoff
[1] = srcref
->offrange
[1];
1356 && TREE_CODE (TREE_TYPE (srcref
->base
)) == ARRAY_TYPE
)
1358 if (acs
.srcoff
[0] < 0 && acs
.srcoff
[1] >= 0)
1361 if (tree size
= TYPE_SIZE_UNIT (TREE_TYPE (srcref
->base
)))
1362 acs
.srcoff
[1] = wi::umin (acs
.srcoff
[1], wi::to_offset (size
));
1363 else if (acs
.srcoff
[1] < acs
.srcoff
[0])
1364 acs
.srcoff
[1] = wi::umin (acs
.srcoff
[1], maxobjsize
);
1367 /* When the upper bound of the offset is less than the lower bound
1368 the former is the result of a negative offset being represented
1369 as a large positive value or vice versa. The resulting range is
1370 a union of two subranges: [MIN, UB] and [LB, MAX]. Since such
1371 a union is not representable using the current data structure
1372 replace it with the full range of offsets. */
1373 if (acs
.dstoff
[1] < acs
.dstoff
[0])
1375 acs
.dstoff
[0] = -maxobjsize
- 1;
1376 acs
.dstoff
[1] = maxobjsize
;
1379 /* Validate the offset and size of each reference on its own first.
1380 This is independent of whether or not the base objects are the
1381 same. Normally, this would have already been detected and
1382 diagnosed by -Warray-bounds, unless it has been disabled. */
1383 offset_int maxoff
= acs
.dstoff
[0] + dstref
->sizrange
[0];
1384 if (maxobjsize
< maxoff
)
1386 acs
.ovlsiz
[0] = (maxoff
- maxobjsize
).to_shwi ();
1387 acs
.ovloff
[0] = acs
.dstoff
[0].to_shwi () - acs
.ovlsiz
[0];
1391 /* Repeat the same as above but for the source offsets. */
1392 if (acs
.srcoff
[1] < acs
.srcoff
[0])
1394 acs
.srcoff
[0] = -maxobjsize
- 1;
1395 acs
.srcoff
[1] = maxobjsize
;
1398 maxoff
= acs
.srcoff
[0] + srcref
->sizrange
[0];
1399 if (maxobjsize
< maxoff
)
1401 acs
.ovlsiz
[0] = (maxoff
- maxobjsize
).to_shwi ();
1402 acs
.ovlsiz
[1] = (acs
.srcoff
[0] + srcref
->sizrange
[1]
1403 - maxobjsize
).to_shwi ();
1404 acs
.ovloff
[0] = acs
.srcoff
[0].to_shwi () - acs
.ovlsiz
[0];
1408 if (dstref
->base
!= srcref
->base
)
1411 acs
.dstsiz
[0] = dstref
->sizrange
[0];
1412 acs
.dstsiz
[1] = dstref
->sizrange
[1];
1414 acs
.srcsiz
[0] = srcref
->sizrange
[0];
1415 acs
.srcsiz
[1] = srcref
->sizrange
[1];
1417 /* Call the appropriate function to determine the overlap. */
1418 if ((this->*detect_overlap
) ())
1422 /* Unless the access size range has already been set, do so here. */
1423 sizrange
[0] = wi::smax (acs
.dstsiz
[0], srcref
->sizrange
[0]).to_shwi ();
1424 sizrange
[1] = wi::smax (acs
.dstsiz
[1], srcref
->sizrange
[1]).to_shwi ();
1432 /* Attempt to detect and diagnose an overlapping copy in a call expression
1433 EXPR involving an an access ACS to a built-in memory or string function.
1434 Return true when one has been detected, false otherwise. */
1437 maybe_diag_overlap (location_t loc
, gimple
*call
, builtin_access
&acs
)
1439 if (!acs
.overlap ())
1442 if (gimple_no_warning_p (call
))
1445 /* For convenience. */
1446 const builtin_memref
&dstref
= *acs
.dstref
;
1447 const builtin_memref
&srcref
= *acs
.srcref
;
1449 /* Determine the range of offsets and sizes of the overlap if it
1450 exists and issue diagnostics. */
1451 HOST_WIDE_INT
*ovloff
= acs
.ovloff
;
1452 HOST_WIDE_INT
*ovlsiz
= acs
.ovlsiz
;
1453 HOST_WIDE_INT
*sizrange
= acs
.sizrange
;
1455 tree func
= gimple_call_fndecl (call
);
1457 /* To avoid a combinatorial explosion of diagnostics format the offsets
1458 or their ranges as strings and use them in the warning calls below. */
1461 if (dstref
.offrange
[0] == dstref
.offrange
[1]
1462 || dstref
.offrange
[1] > HOST_WIDE_INT_MAX
)
1463 sprintf (offstr
[0], HOST_WIDE_INT_PRINT_DEC
,
1464 dstref
.offrange
[0].to_shwi ());
1467 "[" HOST_WIDE_INT_PRINT_DEC
", " HOST_WIDE_INT_PRINT_DEC
"]",
1468 dstref
.offrange
[0].to_shwi (),
1469 dstref
.offrange
[1].to_shwi ());
1471 if (srcref
.offrange
[0] == srcref
.offrange
[1]
1472 || srcref
.offrange
[1] > HOST_WIDE_INT_MAX
)
1474 HOST_WIDE_INT_PRINT_DEC
,
1475 srcref
.offrange
[0].to_shwi ());
1478 "[" HOST_WIDE_INT_PRINT_DEC
", " HOST_WIDE_INT_PRINT_DEC
"]",
1479 srcref
.offrange
[0].to_shwi (),
1480 srcref
.offrange
[1].to_shwi ());
1482 if (ovloff
[0] == ovloff
[1] || !ovloff
[1])
1483 sprintf (offstr
[2], HOST_WIDE_INT_PRINT_DEC
, ovloff
[0]);
1486 "[" HOST_WIDE_INT_PRINT_DEC
", " HOST_WIDE_INT_PRINT_DEC
"]",
1487 ovloff
[0], ovloff
[1]);
1489 const offset_int maxobjsize
= dstref
.maxobjsize
;
1490 bool must_overlap
= ovlsiz
[0] > 0;
1493 ovlsiz
[1] = ovlsiz
[0];
1497 /* Issue definitive "overlaps" diagnostic in this block. */
1499 if (sizrange
[0] == sizrange
[1])
1501 if (ovlsiz
[0] == ovlsiz
[1])
1502 warning_at (loc
, OPT_Wrestrict
,
1505 ? G_("%G%qD accessing %wu byte at offsets %s "
1506 "and %s overlaps %wu byte at offset %s")
1507 : G_("%G%qD accessing %wu byte at offsets %s "
1508 "and %s overlaps %wu bytes at offset "
1511 ? G_("%G%qD accessing %wu bytes at offsets %s "
1512 "and %s overlaps %wu byte at offset %s")
1513 : G_("%G%qD accessing %wu bytes at offsets %s "
1514 "and %s overlaps %wu bytes at offset "
1516 call
, func
, sizrange
[0],
1517 offstr
[0], offstr
[1], ovlsiz
[0], offstr
[2]);
1518 else if (ovlsiz
[1] >= 0 && ovlsiz
[1] < maxobjsize
.to_shwi ())
1519 warning_n (loc
, OPT_Wrestrict
, sizrange
[0],
1520 "%G%qD accessing %wu byte at offsets %s "
1521 "and %s overlaps between %wu and %wu bytes "
1523 "%G%qD accessing %wu bytes at offsets %s "
1524 "and %s overlaps between %wu and %wu bytes "
1526 call
, func
, sizrange
[0], offstr
[0], offstr
[1],
1527 ovlsiz
[0], ovlsiz
[1], offstr
[2]);
1529 warning_n (loc
, OPT_Wrestrict
, sizrange
[0],
1530 "%G%qD accessing %wu byte at offsets %s and "
1531 "%s overlaps %wu or more bytes at offset %s",
1532 "%G%qD accessing %wu bytes at offsets %s and "
1533 "%s overlaps %wu or more bytes at offset %s",
1534 call
, func
, sizrange
[0],
1535 offstr
[0], offstr
[1], ovlsiz
[0], offstr
[2]);
1539 if (sizrange
[1] >= 0 && sizrange
[1] < maxobjsize
.to_shwi ())
1541 if (ovlsiz
[0] == ovlsiz
[1])
1542 warning_n (loc
, OPT_Wrestrict
, ovlsiz
[0],
1543 "%G%qD accessing between %wu and %wu bytes "
1544 "at offsets %s and %s overlaps %wu byte at "
1546 "%G%qD accessing between %wu and %wu bytes "
1547 "at offsets %s and %s overlaps %wu bytes "
1549 call
, func
, sizrange
[0], sizrange
[1],
1550 offstr
[0], offstr
[1], ovlsiz
[0], offstr
[2]);
1551 else if (ovlsiz
[1] >= 0 && ovlsiz
[1] < maxobjsize
.to_shwi ())
1552 warning_at (loc
, OPT_Wrestrict
,
1553 "%G%qD accessing between %wu and %wu bytes at "
1554 "offsets %s and %s overlaps between %wu and %wu "
1555 "bytes at offset %s",
1556 call
, func
, sizrange
[0], sizrange
[1],
1557 offstr
[0], offstr
[1], ovlsiz
[0], ovlsiz
[1],
1560 warning_at (loc
, OPT_Wrestrict
,
1561 "%G%qD accessing between %wu and %wu bytes at "
1562 "offsets %s and %s overlaps %wu or more bytes "
1564 call
, func
, sizrange
[0], sizrange
[1],
1565 offstr
[0], offstr
[1], ovlsiz
[0], offstr
[2]);
1569 if (ovlsiz
[0] != ovlsiz
[1])
1570 ovlsiz
[1] = maxobjsize
.to_shwi ();
1572 if (ovlsiz
[0] == ovlsiz
[1])
1573 warning_n (loc
, OPT_Wrestrict
, ovlsiz
[0],
1574 "%G%qD accessing %wu or more bytes at offsets "
1575 "%s and %s overlaps %wu byte at offset %s",
1576 "%G%qD accessing %wu or more bytes at offsets "
1577 "%s and %s overlaps %wu bytes at offset %s",
1578 call
, func
, sizrange
[0], offstr
[0], offstr
[1],
1579 ovlsiz
[0], offstr
[2]);
1580 else if (ovlsiz
[1] >= 0 && ovlsiz
[1] < maxobjsize
.to_shwi ())
1581 warning_at (loc
, OPT_Wrestrict
,
1582 "%G%qD accessing %wu or more bytes at offsets %s "
1583 "and %s overlaps between %wu and %wu bytes "
1585 call
, func
, sizrange
[0], offstr
[0], offstr
[1],
1586 ovlsiz
[0], ovlsiz
[1], offstr
[2]);
1588 warning_at (loc
, OPT_Wrestrict
,
1589 "%G%qD accessing %wu or more bytes at offsets %s "
1590 "and %s overlaps %wu or more bytes at offset %s",
1591 call
, func
, sizrange
[0], offstr
[0], offstr
[1],
1592 ovlsiz
[0], offstr
[2]);
1596 /* Use more concise wording when one of the offsets is unbounded
1597 to avoid confusing the user with large and mostly meaningless
1600 if (DECL_P (dstref
.base
) && TREE_CODE (TREE_TYPE (dstref
.base
)) == ARRAY_TYPE
)
1601 open_range
= ((dstref
.offrange
[0] == 0
1602 && dstref
.offrange
[1] == maxobjsize
)
1603 || (srcref
.offrange
[0] == 0
1604 && srcref
.offrange
[1] == maxobjsize
));
1606 open_range
= ((dstref
.offrange
[0] == -maxobjsize
- 1
1607 && dstref
.offrange
[1] == maxobjsize
)
1608 || (srcref
.offrange
[0] == -maxobjsize
- 1
1609 && srcref
.offrange
[1] == maxobjsize
));
1611 if (sizrange
[0] == sizrange
[1] || sizrange
[1] == 1)
1616 warning_n (loc
, OPT_Wrestrict
, sizrange
[1],
1617 "%G%qD accessing %wu byte may overlap "
1619 "%G%qD accessing %wu bytes may overlap "
1621 call
, func
, sizrange
[1], ovlsiz
[1]);
1623 warning_n (loc
, OPT_Wrestrict
, sizrange
[1],
1624 "%G%qD accessing %wu byte at offsets %s "
1625 "and %s may overlap %wu byte at offset %s",
1626 "%G%qD accessing %wu bytes at offsets %s "
1627 "and %s may overlap %wu byte at offset %s",
1628 call
, func
, sizrange
[1], offstr
[0], offstr
[1],
1629 ovlsiz
[1], offstr
[2]);
1634 warning_n (loc
, OPT_Wrestrict
, sizrange
[1],
1635 "%G%qD accessing %wu byte may overlap "
1637 "%G%qD accessing %wu bytes may overlap "
1639 call
, func
, sizrange
[1], ovlsiz
[1]);
1641 warning_n (loc
, OPT_Wrestrict
, sizrange
[1],
1642 "%G%qD accessing %wu byte at offsets %s and "
1643 "%s may overlap up to %wu bytes at offset %s",
1644 "%G%qD accessing %wu bytes at offsets %s and "
1645 "%s may overlap up to %wu bytes at offset %s",
1646 call
, func
, sizrange
[1], offstr
[0], offstr
[1],
1647 ovlsiz
[1], offstr
[2]);
1651 if (sizrange
[1] >= 0 && sizrange
[1] < maxobjsize
.to_shwi ())
1654 warning_n (loc
, OPT_Wrestrict
, ovlsiz
[1],
1655 "%G%qD accessing between %wu and %wu bytes "
1656 "may overlap %wu byte",
1657 "%G%qD accessing between %wu and %wu bytes "
1658 "may overlap up to %wu bytes",
1659 call
, func
, sizrange
[0], sizrange
[1], ovlsiz
[1]);
1661 warning_n (loc
, OPT_Wrestrict
, ovlsiz
[1],
1662 "%G%qD accessing between %wu and %wu bytes "
1663 "at offsets %s and %s may overlap %wu byte "
1665 "%G%qD accessing between %wu and %wu bytes "
1666 "at offsets %s and %s may overlap up to %wu "
1667 "bytes at offset %s",
1668 call
, func
, sizrange
[0], sizrange
[1],
1669 offstr
[0], offstr
[1], ovlsiz
[1], offstr
[2]);
1673 warning_n (loc
, OPT_Wrestrict
, ovlsiz
[1],
1674 "%G%qD accessing %wu or more bytes at offsets %s "
1675 "and %s may overlap %wu byte at offset %s",
1676 "%G%qD accessing %wu or more bytes at offsets %s "
1677 "and %s may overlap up to %wu bytes at offset %s",
1678 call
, func
, sizrange
[0], offstr
[0], offstr
[1],
1679 ovlsiz
[1], offstr
[2]);
1684 /* Validate REF size and offsets in an expression passed as an argument
1685 to a CALL to a built-in function FUNC to make sure they are within
1686 the bounds of the referenced object if its size is known, or
1687 PTRDIFF_MAX otherwise. DO_WARN is true when a diagnostic should
1688 be issued, false otherwise.
1689 Both initial values of the offsets and their final value computed
1690 by the function by incrementing the initial value by the size are
1691 validated. Return true if the offsets are not valid and a diagnostic
1692 has been issued, or would have been issued if DO_WARN had been true. */
1695 maybe_diag_access_bounds (location_t loc
, gimple
*call
, tree func
, int strict
,
1696 const builtin_memref
&ref
, offset_int wroff
,
1699 const offset_int maxobjsize
= ref
.maxobjsize
;
1701 /* Check for excessive size first and regardless of warning options
1702 since the result is used to make codegen decisions. */
1703 if (ref
.sizrange
[0] > maxobjsize
)
1705 /* Return true without issuing a warning. */
1709 if (ref
.ref
&& TREE_NO_WARNING (ref
.ref
))
1712 if (warn_stringop_overflow
)
1714 if (EXPR_HAS_LOCATION (ref
.ptr
))
1715 loc
= EXPR_LOCATION (ref
.ptr
);
1717 loc
= expansion_point_location_if_in_system_header (loc
);
1719 if (ref
.sizrange
[0] == ref
.sizrange
[1])
1720 return warning_at (loc
, OPT_Wstringop_overflow_
,
1721 "%G%qD specified bound %wu "
1722 "exceeds maximum object size %wu",
1723 call
, func
, ref
.sizrange
[0].to_uhwi (),
1724 maxobjsize
.to_uhwi ());
1726 return warning_at (loc
, OPT_Wstringop_overflow_
,
1727 "%G%qD specified bound between %wu and %wu "
1728 "exceeds maximum object size %wu",
1729 call
, func
, ref
.sizrange
[0].to_uhwi (),
1730 ref
.sizrange
[1].to_uhwi (),
1731 maxobjsize
.to_uhwi ());
1735 /* Check for out-bounds pointers regardless of warning options since
1736 the result is used to make codegen decisions. An excessive WROFF
1737 can only come up as a result of an invalid strncat bound and is
1738 diagnosed separately using a more meaningful warning. */
1739 if (maxobjsize
< wroff
)
1741 offset_int ooboff
[] = { ref
.offrange
[0], ref
.offrange
[1], wroff
};
1742 tree oobref
= ref
.offset_out_of_bounds (strict
, ooboff
);
1746 /* Return true without issuing a warning. */
1750 if (!warn_array_bounds
)
1753 if (TREE_NO_WARNING (ref
.ptr
)
1754 || (ref
.ref
&& TREE_NO_WARNING (ref
.ref
)))
1757 if (EXPR_HAS_LOCATION (ref
.ptr
))
1758 loc
= EXPR_LOCATION (ref
.ptr
);
1760 loc
= expansion_point_location_if_in_system_header (loc
);
1762 char rangestr
[2][64];
1763 if (ooboff
[0] == ooboff
[1]
1764 || (ooboff
[0] != ref
.offrange
[0]
1765 && ooboff
[0].to_shwi () >= ooboff
[1].to_shwi ()))
1766 sprintf (rangestr
[0], "%lli", (long long) ooboff
[0].to_shwi ());
1768 sprintf (rangestr
[0], "[%lli, %lli]",
1769 (long long) ooboff
[0].to_shwi (),
1770 (long long) ooboff
[1].to_shwi ());
1772 bool warned
= false;
1774 if (oobref
== error_mark_node
)
1776 if (ref
.sizrange
[0] == ref
.sizrange
[1])
1777 sprintf (rangestr
[1], "%llu",
1778 (unsigned long long) ref
.sizrange
[0].to_shwi ());
1780 sprintf (rangestr
[1], "[%lli, %lli]",
1781 (unsigned long long) ref
.sizrange
[0].to_uhwi (),
1782 (unsigned long long) ref
.sizrange
[1].to_uhwi ());
1786 if (DECL_P (ref
.base
)
1787 && TREE_CODE (type
= TREE_TYPE (ref
.base
)) == ARRAY_TYPE
)
1789 auto_diagnostic_group d
;
1790 if (warning_at (loc
, OPT_Warray_bounds
,
1791 "%G%qD pointer overflow between offset %s "
1792 "and size %s accessing array %qD with type %qT",
1793 call
, func
, rangestr
[0], rangestr
[1], ref
.base
, type
))
1795 inform (DECL_SOURCE_LOCATION (ref
.base
),
1796 "array %qD declared here", ref
.base
);
1800 warned
= warning_at (loc
, OPT_Warray_bounds
,
1801 "%G%qD pointer overflow between offset %s "
1803 call
, func
, rangestr
[0], rangestr
[1]);
1806 warned
= warning_at (loc
, OPT_Warray_bounds
,
1807 "%G%qD pointer overflow between offset %s "
1809 call
, func
, rangestr
[0], rangestr
[1]);
1811 else if (oobref
== ref
.base
)
1813 /* True when the offset formed by an access to the reference
1814 is out of bounds, rather than the initial offset wich is
1815 in bounds. This implies access past the end. */
1816 bool form
= ooboff
[0] != ref
.offrange
[0];
1818 if (DECL_P (ref
.base
))
1820 auto_diagnostic_group d
;
1821 if ((ref
.basesize
< maxobjsize
1822 && warning_at (loc
, OPT_Warray_bounds
,
1824 ? G_("%G%qD forming offset %s is out of "
1825 "the bounds [0, %wu] of object %qD with "
1827 : G_("%G%qD offset %s is out of the bounds "
1828 "[0, %wu] of object %qD with type %qT"),
1829 call
, func
, rangestr
[0], ref
.basesize
.to_uhwi (),
1830 ref
.base
, TREE_TYPE (ref
.base
)))
1831 || warning_at (loc
, OPT_Warray_bounds
,
1833 ? G_("%G%qD forming offset %s is out of "
1834 "the bounds of object %qD with type %qT")
1835 : G_("%G%qD offset %s is out of the bounds "
1836 "of object %qD with type %qT"),
1837 call
, func
, rangestr
[0],
1838 ref
.base
, TREE_TYPE (ref
.base
)))
1840 inform (DECL_SOURCE_LOCATION (ref
.base
),
1841 "%qD declared here", ref
.base
);
1845 else if (ref
.basesize
< maxobjsize
)
1846 warned
= warning_at (loc
, OPT_Warray_bounds
,
1848 ? G_("%G%qD forming offset %s is out "
1849 "of the bounds [0, %wu]")
1850 : G_("%G%qD offset %s is out "
1851 "of the bounds [0, %wu]"),
1852 call
, func
, rangestr
[0], ref
.basesize
.to_uhwi ());
1854 warned
= warning_at (loc
, OPT_Warray_bounds
,
1856 ? G_("%G%qD forming offset %s is out of bounds")
1857 : G_("%G%qD offset %s is out of bounds"),
1858 call
, func
, rangestr
[0]);
1860 else if (TREE_CODE (ref
.ref
) == MEM_REF
)
1862 tree refop
= TREE_OPERAND (ref
.ref
, 0);
1863 tree type
= TREE_TYPE (refop
);
1864 if (POINTER_TYPE_P (type
))
1865 type
= TREE_TYPE (type
);
1866 type
= TYPE_MAIN_VARIANT (type
);
1868 if (warning_at (loc
, OPT_Warray_bounds
,
1869 "%G%qD offset %s from the object at %qE is out "
1870 "of the bounds of %qT",
1871 call
, func
, rangestr
[0], ref
.base
, type
))
1873 if (TREE_CODE (ref
.ref
) == COMPONENT_REF
)
1874 refop
= TREE_OPERAND (ref
.ref
, 1);
1876 inform (DECL_SOURCE_LOCATION (refop
),
1877 "subobject %qD declared here", refop
);
1883 tree refop
= TREE_OPERAND (ref
.ref
, 0);
1884 tree type
= TYPE_MAIN_VARIANT (TREE_TYPE (ref
.ref
));
1886 if (warning_at (loc
, OPT_Warray_bounds
,
1887 "%G%qD offset %s from the object at %qE is out "
1888 "of the bounds of referenced subobject %qD with "
1889 "type %qT at offset %wi",
1890 call
, func
, rangestr
[0], ref
.base
,
1891 TREE_OPERAND (ref
.ref
, 1), type
,
1892 ref
.refoff
.to_shwi ()))
1894 if (TREE_CODE (ref
.ref
) == COMPONENT_REF
)
1895 refop
= TREE_OPERAND (ref
.ref
, 1);
1897 inform (DECL_SOURCE_LOCATION (refop
),
1898 "subobject %qD declared here", refop
);
1906 /* Check a CALL statement for restrict-violations and issue warnings
1907 if/when appropriate. */
1910 wrestrict_dom_walker::check_call (gimple
*call
)
1912 /* Avoid checking the call if it has already been diagnosed for
1914 if (gimple_no_warning_p (call
))
1917 tree func
= gimple_call_fndecl (call
);
1918 if (!func
|| !fndecl_built_in_p (func
, BUILT_IN_NORMAL
))
1921 /* Argument number to extract from the call (depends on the built-in
1923 unsigned dst_idx
= -1;
1924 unsigned src_idx
= -1;
1925 unsigned bnd_idx
= -1;
1927 /* Is this CALL to a string function (as opposed to one to a raw
1928 memory function). */
1931 switch (DECL_FUNCTION_CODE (func
))
1933 case BUILT_IN_MEMCPY
:
1934 case BUILT_IN_MEMCPY_CHK
:
1935 case BUILT_IN_MEMPCPY
:
1936 case BUILT_IN_MEMPCPY_CHK
:
1937 case BUILT_IN_MEMMOVE
:
1938 case BUILT_IN_MEMMOVE_CHK
:
1942 case BUILT_IN_STPNCPY
:
1943 case BUILT_IN_STPNCPY_CHK
:
1944 case BUILT_IN_STRNCAT
:
1945 case BUILT_IN_STRNCAT_CHK
:
1946 case BUILT_IN_STRNCPY
:
1947 case BUILT_IN_STRNCPY_CHK
:
1953 case BUILT_IN_MEMSET
:
1954 case BUILT_IN_MEMSET_CHK
:
1959 case BUILT_IN_STPCPY
:
1960 case BUILT_IN_STPCPY_CHK
:
1961 case BUILT_IN_STRCPY
:
1962 case BUILT_IN_STRCPY_CHK
:
1963 case BUILT_IN_STRCAT
:
1964 case BUILT_IN_STRCAT_CHK
:
1970 /* Handle other string functions here whose access may need
1971 to be validated for in-bounds offsets and non-overlapping
1976 unsigned nargs
= gimple_call_num_args (call
);
1978 tree dst
= dst_idx
< nargs
? gimple_call_arg (call
, dst_idx
) : NULL_TREE
;
1979 tree src
= src_idx
< nargs
? gimple_call_arg (call
, src_idx
) : NULL_TREE
;
1980 tree dstwr
= bnd_idx
< nargs
? gimple_call_arg (call
, bnd_idx
) : NULL_TREE
;
1982 /* For string functions with an unspecified or unknown bound,
1983 assume the size of the access is one. */
1984 if (!dstwr
&& strfun
)
1985 dstwr
= size_one_node
;
1987 /* DST and SRC can be null for a call with an insufficient number
1988 of arguments to a built-in function declared without a protype. */
1989 if (!dst
|| (src_idx
< nargs
&& !src
))
1992 /* DST, SRC, or DSTWR can also have the wrong type in a call to
1993 a function declared without a prototype. Avoid checking such
1995 if (TREE_CODE (TREE_TYPE (dst
)) != POINTER_TYPE
1996 || (src
&& TREE_CODE (TREE_TYPE (src
)) != POINTER_TYPE
)
1997 || (dstwr
&& !INTEGRAL_TYPE_P (TREE_TYPE (dstwr
))))
2000 if (!check_bounds_or_overlap (call
, dst
, src
, dstwr
, NULL_TREE
))
2003 /* Avoid diagnosing the call again. */
2004 gimple_set_no_warning (call
, true);
2007 } /* anonymous namespace */
2009 /* Attempt to detect and diagnose invalid offset bounds and (except for
2010 memmove) overlapping copy in a call expression EXPR from SRC to DST
2011 and DSTSIZE and SRCSIZE bytes, respectively. Both DSTSIZE and
2012 SRCSIZE may be NULL. DO_WARN is false to detect either problem
2013 without issue a warning. Return the OPT_Wxxx constant corresponding
2014 to the warning if one has been detected and zero otherwise. */
2017 check_bounds_or_overlap (gimple
*call
, tree dst
, tree src
, tree dstsize
,
2018 tree srcsize
, bool bounds_only
/* = false */,
2019 bool do_warn
/* = true */)
2021 location_t loc
= gimple_nonartificial_location (call
);
2022 loc
= expansion_point_location_if_in_system_header (loc
);
2024 tree func
= gimple_call_fndecl (call
);
2026 builtin_memref
dstref (dst
, dstsize
);
2027 builtin_memref
srcref (src
, srcsize
);
2029 /* Create a descriptor of the access. This may adjust both DSTREF
2030 and SRCREF based on one another and the kind of the access. */
2031 builtin_access
acs (call
, dstref
, srcref
);
2033 /* Set STRICT to the value of the -Warray-bounds=N argument for
2034 string functions or when N > 1. */
2035 int strict
= (acs
.strict () || warn_array_bounds
> 1 ? warn_array_bounds
: 0);
2037 /* The starting offset of the destination write access. Nonzero only
2038 for the strcat family of functions. */
2039 offset_int wroff
= acs
.write_off (dstsize
);
2041 /* Validate offsets to each reference before the access first to make
2042 sure they are within the bounds of the destination object if its
2043 size is known, or PTRDIFF_MAX otherwise. */
2044 if (maybe_diag_access_bounds (loc
, call
, func
, strict
, dstref
, wroff
, do_warn
)
2045 || maybe_diag_access_bounds (loc
, call
, func
, strict
, srcref
, 0, do_warn
))
2048 gimple_set_no_warning (call
, true);
2049 return OPT_Warray_bounds
;
2052 if (!warn_restrict
|| bounds_only
|| !src
)
2057 switch (DECL_FUNCTION_CODE (func
))
2059 case BUILT_IN_MEMMOVE
:
2060 case BUILT_IN_MEMMOVE_CHK
:
2061 case BUILT_IN_MEMSET
:
2062 case BUILT_IN_MEMSET_CHK
:
2069 if (operand_equal_p (dst
, src
, 0))
2071 /* Issue -Wrestrict unless the pointers are null (those do
2072 not point to objects and so do not indicate an overlap;
2073 such calls could be the result of sanitization and jump
2075 if (!integer_zerop (dst
) && !gimple_no_warning_p (call
))
2077 warning_at (loc
, OPT_Wrestrict
,
2078 "%G%qD source argument is the same as destination",
2080 gimple_set_no_warning (call
, true);
2081 return OPT_Wrestrict
;
2087 /* Return false when overlap has been detected. */
2088 if (maybe_diag_overlap (loc
, call
, acs
))
2090 gimple_set_no_warning (call
, true);
2091 return OPT_Wrestrict
;
2098 make_pass_warn_restrict (gcc::context
*ctxt
)
2100 return new pass_wrestrict (ctxt
);
2104 dump_builtin_memref (FILE *fp
, const builtin_memref
&ref
)
2106 fprintf (fp
, "\n ptr = ");
2107 print_generic_expr (fp
, ref
.ptr
, TDF_LINENO
);
2108 fprintf (fp
, "\n ref = ");
2110 print_generic_expr (fp
, ref
.ref
, TDF_LINENO
);
2113 fprintf (fp
, "\n base = ");
2114 print_generic_expr (fp
, ref
.base
, TDF_LINENO
);
2116 "\n basesize = %lli"
2119 "\n offrange = [%lli, %lli]"
2120 "\n sizrange = [%lli, %lli]"
2121 "\n strbounded_p = %s\n",
2122 (long long)ref
.basesize
.to_shwi (),
2123 (long long)ref
.refsize
.to_shwi (),
2124 (long long)ref
.refoff
.to_shwi (),
2125 (long long)ref
.offrange
[0].to_shwi (),
2126 (long long)ref
.offrange
[1].to_shwi (),
2127 (long long)ref
.sizrange
[0].to_shwi (),
2128 (long long)ref
.sizrange
[1].to_shwi (),
2129 ref
.strbounded_p
? "true" : "false");
2133 builtin_access::dump (FILE *fp
) const
2135 fprintf (fp
, " dstref:");
2136 dump_builtin_memref (fp
, *dstref
);
2137 fprintf (fp
, "\n srcref:");
2138 dump_builtin_memref (fp
, *srcref
);
2141 " sizrange = [%lli, %lli]\n"
2142 " ovloff = [%lli, %lli]\n"
2143 " ovlsiz = [%lli, %lli]\n"
2144 " dstoff = [%lli, %lli]\n"
2145 " dstsiz = [%lli, %lli]\n"
2146 " srcoff = [%lli, %lli]\n"
2147 " srcsiz = [%lli, %lli]\n",
2148 (long long)sizrange
[0], (long long)sizrange
[1],
2149 (long long)ovloff
[0], (long long)ovloff
[1],
2150 (long long)ovlsiz
[0], (long long)ovlsiz
[1],
2151 (long long)dstoff
[0].to_shwi (), (long long)dstoff
[1].to_shwi (),
2152 (long long)dstsiz
[0].to_shwi (), (long long)dstsiz
[1].to_shwi (),
2153 (long long)srcoff
[0].to_shwi (), (long long)srcoff
[1].to_shwi (),
2154 (long long)srcsiz
[0].to_shwi (), (long long)srcsiz
[1].to_shwi ());
2158 dump_builtin_access (FILE *fp
, gimple
*stmt
, const builtin_access
&acs
)
2162 fprintf (fp
, "\nDumping builtin_access for ");
2163 print_gimple_expr (fp
, stmt
, TDF_LINENO
);
2171 debug (gimple
*stmt
, const builtin_access
&acs
)
2173 dump_builtin_access (stdout
, stmt
, acs
);