riscv-gnu-toolchain/gcc.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	David Malcolm <dmalcolm@redhat.com>	2022-02-09 14:35:31 -0500
committer	David Malcolm <dmalcolm@redhat.com>	2022-02-09 17:37:39 -0500
commit	91b27d984ce17473c80896bd79c63e2c50185d4e (patch)
tree	463ed75ca9c0ef9523210d69e0ced780db24f9e4 /gcc/go
parent	e50a79552d567cd49703103d478ab93d805f60c1 (diff)
download	gcc-91b27d984ce17473c80896bd79c63e2c50185d4e.zip gcc-91b27d984ce17473c80896bd79c63e2c50185d4e.tar.gz gcc-91b27d984ce17473c80896bd79c63e2c50185d4e.tar.bz2

analyzer: more uninit test coverage

In addition to other test coverage, this adds the examples from https://cwe.mitre.org/data/definitions/457.html (aka "CWE-457: Use of Uninitialized Variable") For reference, the output from -fanalyzer looks like this (after stripping away the DejaGnu directives): uninit-CWE-457-examples.c: In function 'example_2_bad_code': uninit-CWE-457-examples.c:56:3: warning: use of uninitialized value 'bN' [CWE-457] [-Wanalyzer-use-of-uninitialized-value] 56 | repaint(aN, bN); /* { dg-warning "use of uninitialized value 'bN'" } */ | ^~~~~~~~~~~~~~~ 'example_2_bad_code': events 1-4 | | 34 | int aN, bN; | | ^~ | | | | | (1) region created on stack here | 35 | switch (ctl) { | | ~~~~~~ | | | | | (2) following 'default:' branch... |...... | 51 | default: | | ~~~~~~~ | | | | | (3) ...to here |...... | 56 | repaint(aN, bN); | | ~~~~~~~~~~~~~~~ | | | | | (4) use of uninitialized value 'bN' here | uninit-CWE-457-examples.c: In function 'example_3_bad_code': uninit-CWE-457-examples.c:95:3: warning: use of uninitialized value 'test_string' [CWE-457] [-Wanalyzer-use-of-uninitialized-value] 95 | printf("%s", test_string); | ^~~~~~~~~~~~~~~~~~~~~~~~~ 'example_3_bad_code': events 1-4 | | 90 | char *test_string; | | ^~~~~~~~~~~ | | | | | (1) region created on stack here | 91 | if (i != err_val) | | ~ | | | | | (2) following 'false' branch (when 'i == err_val')... |...... | 95 | printf("%s", test_string); | | ~~~~~~~~~~~~~~~~~~~~~~~~~ | | | | | (3) ...to here | | (4) use of uninitialized value 'test_string' here | gcc/testsuite/ChangeLog: * gcc.dg/analyzer/uninit-1.c: Add test coverage for shifts, comparisons, +, -, *, /, and __builtin_strlen. * gcc.dg/analyzer/uninit-CWE-457-examples.c: New test. Signed-off-by: David Malcolm <dmalcolm@redhat.com>

Diffstat (limited to 'gcc/go')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: