1 /* PR middle-end/87041 - -Wformat "reading through null pointer" on
2 unreachable code
3 Test to verify that the applicable subset of -Wformat-overflow warnings
4 are issued for the printf function.
5 { dg-do compile }
6 { dg-options "-O -Wformat -Wformat-overflow=1 -ftrack-macro-expansion=0" }
7 { dg-require-effective-target int32plus } */
8
9 /* When debugging, define LINE to the line number of the test case to exercise
10 and avoid exercising any of the others. The buffer and objsize macros
11 below make use of LINE to avoid warnings for other lines. */
12 #ifndef LINE
13 # define LINE 0
14 #endif
15
16 #define INT_MAX __INT_MAX__
17
18 typedef __SIZE_TYPE__ size_t;
19
20 #if !__cplusplus
21 typedef __WCHAR_TYPE__ wchar_t;
22 #endif
23
24 typedef __WINT_TYPE__ wint_t;
25
26 typedef unsigned char UChar;
27
28 void sink (void*, ...);
29
30 int dummy_printf (const char*, ...);
31
32 const char chr_no_nul = 'a';
33 const char arr_no_nul[] = { 'a', 'b' };
34
35
36 /* Helper to expand function to either __builtin_f or dummy_f to
37 make debugging GCC easy. */
38 #define T(...) \
39 (((!LINE || LINE == __LINE__) \
40 ? __builtin_printf : dummy_printf) (__VA_ARGS__))
41
42 /* Exercise the "%c" directive with constant arguments. */
43
test_printf_c_const(int width)44 void test_printf_c_const (int width)
45 {
46 /* Verify that a warning is issued for exceeding INT_MAX bytes and
47 not otherwise. */
48 T ("%*c", INT_MAX - 1, '1');
49 T ("%*c", INT_MAX, '1');
50 T ("X%*c", INT_MAX - 1, '1');
51 T ("X%*c", INT_MAX, '1'); /* { dg-warning "directive output of \[0-9\]+ bytes causes result to exceed .INT_MAX." } */
52
53 T ("%*c%*c", INT_MAX - 1, '1', INT_MAX - 1, '2'); /* { dg-warning "directive output of \[0-9\]+ bytes causes result to exceed .INT_MAX." } */
54
55 T ("%*cX", INT_MAX - 2, '1');
56 T ("%*cX", INT_MAX - 1, '1');
57 T ("%*cX", INT_MAX, '1'); /* { dg-warning "output of \[0-9\]+ bytes causes result to exceed .INT_MAX." } */
58
59 if (width < INT_MAX - 1)
60 width = INT_MAX - 1;
61 T ("%*cX", width, '1');
62 T ("%*cXY", width, '1'); /* { dg-warning ".XY. directive output of 2 bytes causes result to exceed .INT_MAX." } */
63
64 /* Also exercise a non-constant format string. The warning points
65 to the line where the format is declared (see bug 87773) so avoid
66 triggering that bug here. */
67 const char *fmt = "%*cXYZ"; T (fmt, width, '1'); /* { dg-warning ".XYZ. directive output of 3 bytes causes result to exceed .INT_MAX." } */
68 }
69
70
71 /* Exercise the "%s" directive with constant arguments. */
72
test_printf_s_const(int width)73 void test_printf_s_const (int width)
74 {
75 const char *nulptr = 0;
76
77 T ("%s", nulptr); /* { dg-warning "\\\[-Wformat|-Wnonnull]" } */
78 T ("%.0s", nulptr); /* { dg-warning ".%.0s. directive argument is null" } */
79
80 /* Verify no warning is issued for unreachable code. */
81 if (nulptr)
82 T ("%s", nulptr);
83
84 T ("%s", &chr_no_nul); /* { dg-warning ".%s. directive argument is not a nul-terminated string" } */
85 T ("%s", arr_no_nul); /* { dg-warning ".%s. directive argument is not a nul-terminated string" } */
86
87 /* Verify that output in excess of INT_MAX bytes is diagnosed even
88 when the size of the destination object is unknown. */
89 T ("%*s", INT_MAX - 1, "");
90 T ("%*s", INT_MAX, "");
91 T ("X%*s", INT_MAX, ""); /* { dg-warning "directive output of \[0-9\]+ bytes causes result to exceed .INT_MAX." } */
92
93 if (width < INT_MAX - 1)
94 width = INT_MAX - 1;
95 T ("%*sX", width, "1");
96 T ("%*sXY", width, "1"); /* { dg-warning ".XY. directive output of 2 bytes causes result to exceed .INT_MAX." } */
97 }
98
99
100 const wchar_t wchr_no_nul = L'a';
101 const wchar_t warr_no_nul[] = { L'a', L'b' };
102
103 /* Exercise the "%s" directive with constant arguments. */
104
test_printf_ls_const(int width)105 void test_printf_ls_const (int width)
106 {
107 const wchar_t *nulptr = 0;
108
109 T ("%ls", nulptr); /* { dg-warning ".%ls. directive argument is null" } */
110 T ("%.0ls", nulptr); /* { dg-warning ".%.0ls. directive argument is null" } */
111
112 /* Verify no warning is issued for unreachable code. */
113 if (nulptr)
114 T ("%ls", nulptr);
115
116 T ("%ls", &wchr_no_nul); /* { dg-warning ".%ls. directive argument is not a nul-terminated string" } */
117 T ("%ls", warr_no_nul); /* { dg-warning ".%ls. directive argument is not a nul-terminated string" "pr88211" { xfail *-*-* } } */
118
119 /* Verify that output in excess of INT_MAX bytes is diagnosed even
120 when the size of the destination object is unknown. */
121 T ("%*ls", INT_MAX - 1, L"");
122 T ("%*ls", INT_MAX, L"");
123 T ("X%*ls", INT_MAX, L""); /* { dg-warning "directive output of \[0-9\]+ bytes causes result to exceed .INT_MAX." } */
124
125 if (width < INT_MAX - 1)
126 width = INT_MAX - 1;
127 T ("%*lsX", width, L"1");
128 T ("%*lsXY", width, L"1"); /* { dg-warning ".XY. directive output of 2 bytes causes result to exceed .INT_MAX." } */
129 }
130