Viewing file:  Wstringop-overflow-23.c (5.44 KB) -rw-r--r--
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
/* PR middle-end/83859 - attribute to establish relation between parameters
for buffer and its size
Test to verify that with optimization enabled, -Wstringop-overflow
warnings are issued for calls to user-defined functions with attribute
access and with non-constant out-of-bounds arguments.
{ dg-do compile }
{ dg-options "-O2 -Wall" }
{ dg-require-effective-target alloca } */
#include "range.h"
#define INT_MAX __INT_MAX__
#define INT_MIN (-INT_MAX - 1)
#define RDONLY(...) __attribute__ ((access (read_only, __VA_ARGS__)))
#define WRONLY(...) __attribute__ ((access (write_only, __VA_ARGS__)))
#define RDWR(...) __attribute__ ((access (read_write, __VA_ARGS__)))
typedef __INT32_TYPE__ int32_t;
/* Exercise null pointer detection. */
RDONLY (2, 1) void
rd2_1 (int, const void*); // { dg-message "in a call to function 'rd2_1' declared with attribute 'access \\\(read_only, 2, 1\\\)" "note" }
void test_rd2_1 (void)
{
{
void *null = 0;
void *p = &null;
rd2_1 (0, null);
rd2_1 (1, p);
}
{
void *null = 0;
rd2_1 (1, null); // { dg-warning "argument 2 is null but the corresponding size argument 1 value is 1" }
}
{
void *null = 0;
/* Ideally the message would say "range" for a range and "value"
for a singular value but using the same reduces the complexity
of the code and keeps down the number of messages that need to
be translated, withot sacrificing (too much) clarity. */
rd2_1 (SR (1, 2), null); // { dg-warning "argument 2 is null but the corresponding size argument 1 range|value is \\\[1, 2]" }
}
}
WRONLY (3, 1) void
wr3_1 (int, int, void*); // { dg-message "in a call to function 'wr3_1' declared with attribute 'access \\\(write_only, 3, 1\\\)" }
void test_wr3_1 (void)
{
{
void *null = 0;
void *p = &null;
wr3_1 (SR (0, 1), 0, null);
wr3_1 (SR (1, 1), 0, p);
}
void *null = 0;
wr3_1 (SR (1, 2), 1, null); // { dg-warning "argument 3 is null but the corresponding size argument 1 range|value is \\\[1, 2]" }
}
WRONLY (2, 1) void
wr2_1 (int, void*);
void test_wrd2_1 (int n)
{
wr2_1 (0, 0);
wr2_1 (SR (-1, 1), 0);
wr2_1 (SR (0, 1), 0);
wr2_1 (SR (1, 2), 0); // { dg-warning "argument 2 is null but the corresponding size argument 1 range|value is \\\[1, 2]" }
/* This should probably be diagnosed but to avoid false positives
caused by jump threading and such it would have to be done
earlier than it is now. */
wr2_1 (n, 0); // { dg-warning "argument 2 is null" "unimplemented" { xfail *-*-* } }
}
/* Exercise pointer to an incomplete type other than void. */
struct Incomplete;
extern struct Incomplete inc;
extern char ax[];
WRONLY (1, 2) void
wr1_2_inc (struct Incomplete*, unsigned);
void test_wr1_2_inc (struct Incomplete *pinc, unsigned n)
{
wr1_2_inc (0, 0);
wr1_2_inc (0, 1); // { dg-warning "argument 1 is null but the corresponding size argument 2 value is 1" }
wr1_2_inc (pinc, 1);
wr1_2_inc (&inc, 1);
wr1_2_inc (pinc, 123);
wr1_2_inc (&inc, 456);
char a3[3];
pinc = (struct Incomplete*)a3;
wr1_2_inc (pinc, SR (3, 4));
wr1_2_inc (pinc, SR (4, 5));
// { dg-warning "'wr1_2_inc' writing between 4 and 5 bytes into a region of size 3" "small buffer cast to incomplete" { target *-*-* } .-1 }
pinc = (struct Incomplete*)ax;
wr1_2_inc (pinc, SR (123, 456));
char vla[n];
pinc = (struct Incomplete*)vla;
wr1_2_inc (pinc, SR (345, 456));
}
RDONLY (1, 3) WRONLY (2, 4) void
rd1_3_wr2_4 (const void*, void*, int, int);
void test_rd1_3_wr2_4 (const void *s, void *d, int n1, int n2)
{
rd1_3_wr2_4 (s, d, 1, 2);
rd1_3_wr2_4 (s, d, 123, 456);
rd1_3_wr2_4 (s, d, INT_MAX, INT_MAX);
rd1_3_wr2_4 (s, d, -1, 2); // { dg-warning "argument 3 value -1 is negative" }
const int ir_min_m1 = SR (INT_MIN, -1);
rd1_3_wr2_4 (s, d, ir_min_m1, 2); // { dg-warning "argument 3 range|value \\\[-\[0-9\]+, -1] is negative" }
rd1_3_wr2_4 (s, d, SR (-1, 0), 2);
rd1_3_wr2_4 (s, d, SR (INT_MIN, INT_MAX), 2);
rd1_3_wr2_4 (s, d, n1, n2);
const char s11[11] = "0123456789";
rd1_3_wr2_4 (s11, d, 11, n2);
rd1_3_wr2_4 (s11, d, 12, n2); // { dg-warning "'rd1_3_wr2_4' reading 12 bytes from a region of size 11" }
rd1_3_wr2_4 (s11, d, SR (0, 11), n2);
rd1_3_wr2_4 (s11, d, SR (0, 12), n2);
rd1_3_wr2_4 (s11, d, SR (11, 12), n2);
rd1_3_wr2_4 (s11, d, SR (11, INT_MAX), n2);
rd1_3_wr2_4 (s11, d, SR (12, 13), n2); // { dg-warning "'rd1_3_wr2_4' reading between 12 and 13 bytes from a region of size 11" }
char d4[4];
rd1_3_wr2_4 (s, d4, n1, 4);
rd1_3_wr2_4 (s, d4, n1, 5); // { dg-warning "'rd1_3_wr2_4' writing 5 bytes into a region of size 4" }
rd1_3_wr2_4 (s11, d4, SR (12, 13), SR (5, 6));
// { dg-warning "'rd1_3_wr2_4' reading between 12 and 13 bytes from a region of size 11" "read" { target *-*-* } .-1 }
// { dg-warning "'rd1_3_wr2_4' writing between 5 and 6 bytes into a region of size 4" "read" { target *-*-* } .-2 }
}
/* Verify that function pointers are handled. */
RDONLY (1) void (*pfrd1)(const void*, const void*);
void test_pfrd1 (void)
{
pfrd1 ("" + SR (0, 9), "" + SR (1, 9));
pfrd1 ("" + SR (1, 2), ""); // { dg-warning "reading 1 byte from a region of size 0" }
}
WRONLY (4, 3) void (*pfwr4_3)(int, const char*, int, int32_t*);
void test_pfwr4_3 (void)
{
int32_t i;
pfwr4_3 (3, "", 0, &i + SR (0, 9));
pfwr4_3 (5, "", 1, &i + SR (1, 2)); // { dg-warning "writing 4 bytes into a region of size 0" }
}
|
