tree-optimization/105969 - FPE with array diagnostics

For a [0][0] array we have to be careful when dividing by the element
size which is zero for the outermost dimension.  Luckily the division
is only for an overflow check which is pointless for array size zero.

2022-06-15  Richard Biener  <rguenther@suse.de>

	PR tree-optimization/105969
	* gimple-ssa-sprintf.cc (get_origin_and_offset_r): Avoid division
	by zero in overflow check.

	* gcc.dg/pr105969.c: New testcase.

diff --git a/gcc/gimple-ssa-sprintf.cc b/gcc/gimple-ssa-sprintf.cc
index 6bd27302213be0248cf3f7d65c78f206829812a8..a888b5ac7d518f3c9c48fd0307dadb30ba17549c 100644 (file)
--- a/gcc/gimple-ssa-sprintf.cc
+++ b/gcc/gimple-ssa-sprintf.cc
@@ -2319,7 +2319,7 @@ get_origin_and_offset_r (tree x, HOST_WIDE_INT *fldoff, HOST_WIDE_INT *fldsize,
 
        if (byteoff < HOST_WIDE_INT_MAX
            && elbytes < HOST_WIDE_INT_MAX
-           && byteoff / elbytes == idx)
+           && (elbytes == 0 || byteoff / elbytes == idx))
          {
            /* For in-bounds constant offsets into constant-sized arrays
               bump up *OFF, and for what's likely arrays or structs of

diff --git a/gcc/testsuite/gcc.dg/pr105969.c b/gcc/testsuite/gcc.dg/pr105969.c
new file mode 100644 (file)
index 0000000..52c63fc
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/pr105969.c
@@ -0,0 +1,13 @@
+/* { dg-do compile } */
+/* { dg-options "-Wall" } */
+
+struct A
+{
+  char a[0][0][0];
+};
+extern struct A b[][2];
+void f (void)
+{
+  __builtin_sprintf (b[0][0].a[1][0], "%s", b[0][0].a[1][0]); /* { dg-warning "past the end" } */
+  /* { dg-warning "overlaps destination" "" { target *-*-* } .-1 } */
+}