https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91582
--- Comment #6 from Martin Sebor ---
Author: msebor
Date: Sat Dec 14 00:52:46 2019
New Revision: 279392
URL: https://gcc.gnu.org/viewcvs?rev=279392=gcc=rev
Log:
PR middle-end/91582 - missing heap overflow detection for strcpy
PR middle-end/92868 - ICE: tree check: expected integer_cst, have ssa_name
gcc/ChangeLog:
PR middle-end/91582
PR middle-end/92868
* builtins.c (addr_decl_size): New function.
(gimple_call_alloc_size): Add arguments.
(compute_objsize): Add an argument. Set *PDECL even for allocated
objects.
Correct checking for negative wide_int.
Correct handling of negative outer offsets into unknown regions
or with unknown inner offsets.
Extend offsets to at most sizetype precision.
Only handle constant subobject sizes.
* builtins.h (gimple_call_alloc_size): Add arguments.
* tree.c (component_ref_size): Always return sizetype.
* tree-ssa-strlen.c (strinfo::alloc): New member.
(get_addr_stridx): Add argument.
(get_stridx): Use ptrdiff_t. Add argument.
(new_strinfo): Set new member.
(get_string_length): Handle alloca and VLA.
(dump_strlen_info): Dump more state.
(maybe_invalidate): Print more info. Decrease indentation.
(unshare_strinfo): Set new member.
(valid_builtin_call): Handle alloca and VLA.
(maybe_warn_overflow): Check and set no-warning bit. Improve
handling of offsets. Print allocated objects.
(handle_builtin_strlen): Handle strinfo records with null lengths.
(handle_builtin_strcpy): Add argument. Call maybe_warn_overflow.
(is_strlen_related_p): Handle dynamically allocated objects.
(get_range): Add argument.
(handle_builtin_malloc): Rename...
(handle_alloc): ...to this and handle all allocation functions.
(handle_builtin_memset): Call maybe_warn_overflow.
(count_nonzero_bytes): Handle more MEM_REF forms.
(strlen_check_and_optimize_call): Call handle_alloc_call. Pass
arguments to more callees.
(handle_integral_assign): Add argument. Create strinfo entries
for MEM_REF assignments.
(check_and_optimize_stmt): Handle more MEM_REF forms.
gcc/testsuite/ChangeLog:
PR middle-end/91582
* c-c++-common/Wrestrict.c: Adjust expected warnings.
* gcc/testsuite/c-c++-common/Wstringop-truncation-4.c: Enable more
warnings.
* gcc/testsuite/c-c++-common/Wstringop-truncation.c: Remove an xfail.
* gcc.dg/Warray-bounds-46.c: Disable -Wstringop-overflow.
* gcc.dg/Warray-bounds-47.c: Same.
* gcc.dg/Warray-bounds-52.c: New test.
* gcc.dg/Wstringop-overflow-27.c: New test.
* gcc.dg/Wstringop-overflow-28.c: New test.
* gcc.dg/Wstringop-overflow-29.c: New test.
* gcc.dg/attr-alloc_size.c (test): Disable -Warray-bounds.
* gcc.dg/attr-copy-2.c: Adjust expected warnings.
* gcc.dg/builtin-stringop-chk-5.c: Adjust text of expected messages.
* gcc.dg/strlenopt-86.c: Relax test.
* gcc.target/i386/pr82002-1.c: Prune expected warnings.
Added:
trunk/gcc/testsuite/gcc.dg/Warray-bounds-52.c
trunk/gcc/testsuite/gcc.dg/Wstringop-overflow-27.c
trunk/gcc/testsuite/gcc.dg/Wstringop-overflow-28.c
trunk/gcc/testsuite/gcc.dg/Wstringop-overflow-29.c
Modified:
trunk/gcc/ChangeLog
trunk/gcc/builtins.c
trunk/gcc/builtins.h
trunk/gcc/testsuite/ChangeLog
trunk/gcc/testsuite/c-c++-common/Wrestrict.c
trunk/gcc/testsuite/c-c++-common/Wstringop-truncation-4.c
trunk/gcc/testsuite/c-c++-common/Wstringop-truncation.c
trunk/gcc/testsuite/g++.dg/warn/Wstringop-overflow-3.C
trunk/gcc/testsuite/gcc.dg/Warray-bounds-46.c
trunk/gcc/testsuite/gcc.dg/Warray-bounds-47.c
trunk/gcc/testsuite/gcc.dg/attr-alloc_size.c
trunk/gcc/testsuite/gcc.dg/attr-copy-2.c
trunk/gcc/testsuite/gcc.dg/builtin-stringop-chk-5.c
trunk/gcc/testsuite/gcc.dg/strlenopt-86.c
trunk/gcc/testsuite/gcc.target/i386/pr82002-1.c
trunk/gcc/tree-ssa-strlen.c
trunk/gcc/tree-ssa-strlen.h
trunk/gcc/tree.c
