From 10a0d4957162e39a922341ffbef5a394035cf17c Mon Sep 17 00:00:00 2001
From: Jakub Jelinek <jakub@redhat.com>
Date: Mon, 27 Jun 2005 14:17:39 +0200
Subject: builtin-attrs.def (DEF_ATTR_FOR_INT): Add for 5 and 6.

	* builtin-attrs.def (DEF_ATTR_FOR_INT): Add for 5 and 6.
	(DEF_LIST_INT_INT): Add for 4,0, 4,5, 5,0, 5,6.
	(ATTR_NOTHROW_NONNULL_4, ATTR_NOTHROW_NONNULL_5): Define.
	(ATTR_FORMAT_PRINTF_4_0, ATTR_FORMAT_PRINTF_4_5,
	ATTR_FORMAT_PRINTF_5_0, ATTR_FORMAT_PRINTF_5_6): Define.
	* builtins.c: Include tree-flow.h.
	(expand_builtin_mempcpy, expand_builtin_memmove): Comment fixes.
	(expand_builtin_object_size, expand_builtin_memory_chk,
	maybe_emit_chk_warning, maybe_emit_sprintf_chk_warning,
	compute_object_offset, compute_builtin_object_size,
	fold_builtin_object_size): New functions.
	(expand_builtin): Handle BUILT_IN_OBJECT_SIZE and BUILT_IN_*_CHK.
	(fold_builtin_1): Likewise.  Handle BUILT_IN_{,V}{,F}PRINTF
	and BUILT_IN_{,F}PRINTF_UNLOCKED.
	(fold_builtin_memory_chk, fold_builtin_stxcpy_chk,
	fold_builtin_strncpy_chk, fold_builtin_strcat_chk,
	fold_builtin_strncat_chk, fold_builtin_sprintf_chk,
	fold_builtin_snprintf_chk, fold_builtin_printf, fold_builtin_fprintf):
	New functions.
	* builtins.def (BUILT_IN_OBJECT_SIZE, BUILT_IN_MEMCPY_CHK,
	BUILT_IN_MEMMOVE_CHK, BUILT_IN_MEMPCPY_CHK, BUILT_IN_MEMSET_CHK,
	BUILT_IN_STPCPY_CHK, BUILT_IN_STRCAT_CHK, BUILT_IN_STRCPY_CHK,
	BUILT_IN_STRNCAT_CHK, BUILT_IN_STRNCPY_CHK, BUILT_IN_SNPRINTF_CHK,
	BUILT_IN_SPRINTF_CHK, BUILT_IN_VSNPRINTF_CHK, BUILT_IN_VSPRINTF_CHK,
	BUILT_IN_FPRINTF_CHK, BUILT_IN_PRINTF_CHK, BUILT_IN_VFPRINTF_CHK,
	BUILT_IN_VPRINTF_CHK): New builtins.
	* builtin-types.def (DEF_FUNCTION_TYPE_5, DEF_FUNCTION_TYPE_VAR_4):
	Document.
	(BT_FN_SIZE_CONST_PTR_INT, BT_FN_INT_INT_CONST_STRING_VALIST_ARG,
	BT_FN_PTR_PTR_CONST_PTR_SIZE_SIZE, BT_FN_PTR_PTR_INT_SIZE_SIZE,
	BT_FN_STRING_STRING_CONST_STRING_SIZE_SIZE,
	BT_FN_INT_FILEPTR_INT_CONST_STRING_VALIST_ARG,
	BT_FN_INT_STRING_INT_SIZE_CONST_STRING_VALIST_ARG,
	BT_FN_INT_STRING_SIZE_INT_SIZE_CONST_STRING_VALIST_ARG,
	BT_FN_INT_INT_CONST_STRING_VAR, BT_FN_INT_FILEPTR_INT_CONST_STRING_VAR,
	BT_FN_INT_STRING_INT_SIZE_CONST_STRING_VAR,
	BT_FN_INT_STRING_SIZE_INT_SIZE_CONST_STRING_VAR): New types.
	* c-common.c (DEF_FUNCTION_TYPE_5, DEF_FUNCTION_TYPE_6,
	DEF_FUNCTION_TYPE_VAR_4, DEF_FUNCTION_TYPE_VAR_5): Define.
	* Makefile.in (OBJS-common): Add tree-object-size.o.
	(tree-object-size.o): Add dependencies.
	* tree-pass.h (pass_object_sizes): Add.
	* tree-optimize.c (init_tree_optimization_passes): Add
	pass_object_sizes.
	* tree-object-size.c: New file.
	* tree.h (fold_builtin_memory_chk, fold_builtin_stxcpy_chk,
	fold_builtin_strncpy_chk, fold_builtin_snprintf_chk,
	compute_builtin_object_size, init_object_sizes, fini_object_sizes):
	New prototypes.
	* tree-ssa-ccp.c (get_strlen): Rename to ...
	(get_maxval_strlen): ...this function.  Handle also computing of maximum
	string length and maximum integral value.
	(ccp_fold_builtin): Handle BUILT_IN_*_CHK.  Use get_maxval_strlen
	instead of get_strlen.  Pass CALLEE and ARGLIST variables to the
	folding functions instead of computing them again.
	(execute_fold_all_builtins): Retry ccp_fold_builtin if a builtin changed
	into some other builtin.
	* doc/extend.texi (Object Size Checking): Document.

	* gcc.c-torture/execute/builtins/lib/main.c (abort): Add prototype.
	* gcc.c-torture/execute/builtins/lib/strncat.c (strncat): Avoid
	testing uninitialized var.

	* gcc.c-torture/execute/builtins/chk.h: New.
	* gcc.c-torture/execute/builtins/lib/chk.c: New.
	* gcc.c-torture/execute/builtins/memcpy-chk.c: New test.
	* gcc.c-torture/execute/builtins/memcpy-chk-lib.c: New.
	* gcc.c-torture/execute/builtins/memmove-chk.c: New test.
	* gcc.c-torture/execute/builtins/memmove-chk-lib.c: New.
	* gcc.c-torture/execute/builtins/mempcpy-chk.c: New test.
	* gcc.c-torture/execute/builtins/mempcpy-chk-lib.c: New.
	* gcc.c-torture/execute/builtins/memset-chk.c: New test.
	* gcc.c-torture/execute/builtins/memset-chk-lib.c: New.
	* gcc.c-torture/execute/builtins/snprintf-chk.c: New test.
	* gcc.c-torture/execute/builtins/snprintf-chk-lib.c: New.
	* gcc.c-torture/execute/builtins/sprintf-chk.c: New test.
	* gcc.c-torture/execute/builtins/sprintf-chk-lib.c: New.
	* gcc.c-torture/execute/builtins/stpcpy-chk.c: New test.
	* gcc.c-torture/execute/builtins/stpcpy-chk-lib.c: New.
	* gcc.c-torture/execute/builtins/strcat-chk.c: New test.
	* gcc.c-torture/execute/builtins/strcat-chk-lib.c: New.
	* gcc.c-torture/execute/builtins/strcpy-chk.c: New test.
	* gcc.c-torture/execute/builtins/strcpy-chk-lib.c: New.
	* gcc.c-torture/execute/builtins/strncat-chk.c: New test.
	* gcc.c-torture/execute/builtins/strncat-chk-lib.c: New.
	* gcc.c-torture/execute/builtins/strncpy-chk.c: New test.
	* gcc.c-torture/execute/builtins/strncpy-chk-lib.c: New.
	* gcc.c-torture/execute/builtins/vsnprintf-chk.c: New test.
	* gcc.c-torture/execute/builtins/vsnprintf-chk-lib.c: New.
	* gcc.c-torture/execute/builtins/vsprintf-chk.c: New test.
	* gcc.c-torture/execute/builtins/vsprintf-chk-lib.c: New.
	* gcc.dg/builtin-object-size-1.c: New test.
	* gcc.dg/builtin-object-size-2.c: New test.
	* gcc.dg/builtin-object-size-3.c: New test.
	* gcc.dg/builtin-object-size-4.c: New test.
	* gcc.dg/builtin-object-size-5.c: New test.
	* gcc.dg/builtin-stringop-chk-1.c: New test.
	* gcc.dg/builtin-stringop-chk-2.c: New test.
	* gcc.dg/tree-ssa/builtin-fprintf-1.c: New test.
	* gcc.dg/tree-ssa/builtin-fprintf-chk-1.c: New test.
	* gcc.dg/tree-ssa/builtin-printf-1.c: New test.
	* gcc.dg/tree-ssa/builtin-printf-chk-1.c: New test.
	* gcc.dg/tree-ssa/builtin-vfprintf-1.c: New test.
	* gcc.dg/tree-ssa/builtin-vfprintf-chk-1.c: New test.
	* gcc.dg/tree-ssa/builtin-vprintf-1.c: New test.
	* gcc.dg/tree-ssa/builtin-vprintf-chk-1.c: New test.
	* gcc.c-torture/execute/printf-1.c: New test.
	* gcc.c-torture/execute/fprintf-1.c: New test.
	* gcc.c-torture/execute/vprintf-1.c: New test.
	* gcc.c-torture/execute/vfprintf-1.c: New test.
	* gcc.c-torture/execute/printf-chk-1.c: New test.
	* gcc.c-torture/execute/fprintf-chk-1.c: New test.
	* gcc.c-torture/execute/vprintf-chk-1.c: New test.
	* gcc.c-torture/execute/vfprintf-chk-1.c: New test.

From-SVN: r101352
---
 gcc/testsuite/gcc.dg/builtin-stringop-chk-2.c | 137 ++++++++++++++++++++++++++
 1 file changed, 137 insertions(+)
 create mode 100644 gcc/testsuite/gcc.dg/builtin-stringop-chk-2.c

(limited to 'gcc/testsuite/gcc.dg/builtin-stringop-chk-2.c')

diff --git a/gcc/testsuite/gcc.dg/builtin-stringop-chk-2.c b/gcc/testsuite/gcc.dg/builtin-stringop-chk-2.c
new file mode 100644
index 0000000..adccd0f
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/builtin-stringop-chk-2.c
@@ -0,0 +1,137 @@
+/* This file was miscompiled by an earlier version of the object size
+   checking patch.  Object size in one of the memcpy calls was
+   incorrectly determined to be 0 while it should be (size_t) -1
+   (== unknown).  */
+/* { dg-do compile } */
+/* { dg-options "-O2" } */
+
+#include "../gcc.c-torture/execute/builtins/chk.h"
+   
+void *bar (int);
+extern void *malloc (__SIZE_TYPE__);
+
+struct A
+{
+  int i, j, k;
+};
+
+/* Here all object sizes are not known at compile time.  There
+   should be no warning, nor any checker functions called.  */
+
+void
+foo (const struct A *x, int y, const unsigned char *z)
+{
+  unsigned int b;
+  unsigned char *c = 0;
+
+  b = (x->i & 0xff) == 1 ? 3 : 4;
+  if (y)
+    c = bar (x->j * x->k);
+
+  const unsigned char *d = z;
+  unsigned char *e = c;
+  unsigned char *f = c + x->j * x->k;
+  int g = 0;
+
+  while (e < f)
+    {
+      unsigned int h = *d++;
+
+      if (h & 128)
+	{
+	  h = h - 128;
+	  g = e + h * b > f;
+	  if (g)
+	    h = (f - e) / b;
+	  if (b < 4)
+	    do
+	      {
+		memcpy (e, d, 3);
+		e += 3;
+	      }
+	    while (--h);
+	  else
+	    do
+	      {
+		memcpy (e, d, 4);
+		e += 4;
+	      }
+	    while (--h);
+	  d += b;
+	}
+      else
+	{
+	  h *= b;
+	  g = e + h > f;
+	  if (g)
+	    h = f - e;
+	  memcpy (e, d, h);
+	  e += h;
+	  d += h;
+	}
+    }
+}
+
+/* The same routine, slightly modified:
+   1) c has known size at compile time
+   2) e += h was changed into e += 16.
+      GCC could actually through VRP determine that
+      in e += h is (h >= 0 && h <= 127), thus know
+      it is pointer addition and not subtraction and
+      know e's __builtin_object_size (e, 0) is at 512,
+      but we are not there yet.  */
+
+unsigned char *
+baz (const struct A *x, const unsigned char *z)
+{
+  unsigned int b;
+  unsigned char *c = 0;
+
+  b = (x->i & 0xff) == 1 ? 3 : 4;
+  c = malloc (512);
+
+  const unsigned char *d = z;
+  unsigned char *e = c;
+  unsigned char *f = c + x->j * x->k;
+  int g = 0;
+
+  while (e < f)
+    {
+      unsigned int h = *d++;
+
+      if (h & 128)
+	{
+	  h = h - 128;
+	  g = e + h * b > f;
+	  if (g)
+	    h = (f - e) / b;
+	  if (b < 4)
+	    do
+	      {
+		memcpy (e, d, 3);
+		e += 3;
+	      }
+	    while (--h);
+	  else
+	    do
+	      {
+		memcpy (e, d, 513); /* { dg-warning "will always overflow" "memcpy" } */
+		e += 4;
+	      }
+	    while (--h);
+	  d += b;
+	}
+      else
+	{
+	  h *= b;
+	  g = e + h > f;
+	  if (g)
+	    h = f - e;
+	  memcpy (e, d, h);
+	  /* e += h; */
+	  e += 16;
+	  d += h;
+	}
+    }
+  return c;
+}
-- 
cgit v1.1