================
@@ -0,0 +1,188 @@
+// RUN: %clang -Wno-constant-conversion -Wno-array-bounds
-Wno-division-by-zero -Wno-shift-negative-value -Wno-shift-count-negative
-Wno-int-to-pointer-cast -O0
-fsanitize=alignment,array-bounds,bool,float-cast-overflow,implicit-integer-sign-change,implicit-signed-integer-truncation,implicit-unsigned-integer-truncation,integer-divide-by-zero,nonnull-attribute,null,nullability-arg,nullability-assign,nullability-return,pointer-overflow,returns-nonnull-attribute,shift-base,shift-exponent,signed-integer-overflow,unreachable,unsigned-integer-overflow,unsigned-shift-base,vla-bound
%s -o %t1 && %run %t1 2>&1 | FileCheck %s --check-prefix=CHECK-R
+// RUN: %clang -Wno-constant-conversion -Wno-array-bounds
-Wno-division-by-zero -Wno-shift-negative-value -Wno-shift-count-negative
-Wno-int-to-pointer-cast
-fsanitize=array-bounds,enum,float-cast-overflow,integer-divide-by-zero,implicit-unsigned-integer-truncation,implicit-signed-integer-truncation,implicit-integer-sign-change,unsigned-integer-overflow,signed-integer-overflow,shift-base,shift-exponent
-O0 -S -emit-llvm -o - %s | FileCheck %s --check-prefix=CHECK-IR
+
+#include <stdint.h>
+#include <stdio.h>
+
+uint32_t float_divide_by_zero() {
+ float f = 1.0f / 0.0f;
+ // CHECK-IR: constant { i16, i16, [8 x i8] } { i16 1, i16 32, [8 x i8]
c"'float'\00" }
+ _BitInt(37) r = (_BitInt(37))f;
+ // CHECK-R: {{.*}}bit-int.c:[[@LINE-1]]:19: runtime error: inf is outside
the range of representable values of type
+ // CHECK-IR: constant { i16, i16, [20 x i8] } { i16 2, i16 13, [20 x i8]
c"'_BitInt(37)'\00%\00\00\00\00\00" }
+ return r;
+}
+
+uint32_t integer_divide_by_zero() __attribute__((no_sanitize("memory"))) {
+ _BitInt(37) x = 1 / 0;
+ // CHECK-R: {{.*}}bit-int.c:[[@LINE-1]]:21: runtime error: division by zero
+ // CHECK-IR: constant { i16, i16, [32 x i8] } { i16 0, i16 10, [32 x i8]
c"'uint32_t' (aka 'unsigned int')\00" }
+ return x;
+}
+
+uint32_t implicit_unsigned_integer_truncation() {
+ unsigned _BitInt(37) x = 2U;
+ x += float_divide_by_zero();
+ x += integer_divide_by_zero();
+ x = x + 0xFFFFFFFFFFFFFFFFULL;
+ // CHECK-R: {{.*}}bit-int.c:[[@LINE-1]]:9: runtime error: unsigned integer
overflow:
+ // CHECK-IR: constant { i16, i16, [23 x i8] } { i16 0, i16 12, [23 x i8]
c"'unsigned _BitInt(37)'\00" }
+ uint32_t r = x & 0xFFFFFFFF;
+ return r;
+}
+
+uint32_t pointer_overflow() __attribute__((no_sanitize("address"))) {
+ _BitInt(37) *x = (_BitInt(37) *)1;
+ _BitInt(37) *y = x - 1;
+ // CHECK-R: {{.*}}bit-int.c:[[@LINE-1]]:22: runtime error: pointer index
expression with base
+ uint32_t r = *(_BitInt(37) *)&y;
+ // CHECK-R: {{.*}}bit-int.c:[[@LINE-1]]:16: runtime error: implicit
conversion from type
+ return r;
+}
+
+uint32_t vla_bound(_BitInt(37) x) {
+ _BitInt(37) a[x - 1];
+ // CHECK-R: {{.*}}bit-int.c:[[@LINE-1]]:17: runtime error: variable length
array bound evaluates to non-positive value
+ return 0;
+}
+
+uint32_t nullability_arg(_BitInt(37) *_Nonnull x)
+ __attribute__((no_sanitize("address"))) {
+ _BitInt(37) y = *(_BitInt(37) *)&x;
+ return y;
+}
----------------
earnol wrote:
> hmm, does no `CHECK:` line imply that there isn't a diagnostic? I think it
> will just silently pass... maybe if these are in a different file where there
> are no diagnostics expected it would work as intended?
Yes. It will silently pass, yet unexpected diagnostics in the middle of the
check script can throw the FileCheck off and it will barf. My idea is having at
least some check (which can provide false negative error detection: detects not
error when there is an error) is better compared to no check at all completely.
CHECK-NOT will not work here as it will require the line which should not be
encountered and line is not known in this case.
CHECK-EMPTY also does not look like a right choice.
> That could be brittle though if the diagnostic gets spelled differently, or
> if there's a typo in the check. Maybe its easy if UBSAN errors change the
> return code, though?
You have given me a great idea. These examples can be moved to different test
file which will be compiled with -fsanitize-trap option. It this case it would
be easy to detect the ubsan activation did not happened. On the other hand it
will require extra file and i wanted to pack all ubsan _BitInt tests into
single file. But probably it is not that bad, if it is the price for check
precision.
Alternatively FileCheck can be used with with "--implicit-check-not error"
option to verify the fact runtime error was not thrown.
What approach do you think will be the best?
https://github.com/llvm/llvm-project/pull/93612
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
