On Wed, Nov 13, 2024 at 9:57 AM Jakub Jelinek <ja...@redhat.com> wrote:
>
> On Tue, Nov 12, 2024 at 06:34:39PM +0100, Jakub Jelinek wrote:
> > What do you think about this? So far lightly tested.
>
> Unfortunately bootstrap/regtest revealed some issues in the patch,
> the tree-ssa-ccp.cc changes break bootstrap because fntype in there
> may be NULL and that is what get_nonnull_args handles by just returning
> NULL, but obviously TYPE_ATTRIBUTES (fntype) can't be accessed, so I've
> added if (!fntype) continue;
> And the ubsan tests worked in C but not C++ due to extra warning, so I've
> adjusted them.
>
> This has been successfully bootstrapped/regtested on x86_64-linux and
> i686-linux.
The middle-end changes are OK.
Richard.
> 2024-11-13 Jakub Jelinek <ja...@redhat.com>
>
> PR c/117023
> gcc/
> * gimple.h (infer_nonnull_range_by_attribute): Add a tree *
> argument defaulted to NULL.
> * gimple.cc (infer_nonnull_range_by_attribute): Add op2 argument.
> Handle also nonnull_if_nonzero attributes.
> * tree.cc (get_nonnull_args): Fix comment typo.
> * builtins.cc (validate_arglist): Handle nonnull_if_nonzero attribute.
> * tree-ssa-ccp.cc (pass_post_ipa_warn::execute): Handle
> nonnull_if_nonzero attributes.
> * ubsan.cc (instrument_nonnull_arg): Adjust
> infer_nonnull_range_by_attribute caller. If it returned true and
> filed in non-NULL arg2, check that arg2 is non-zero as another
> condition next to checking that arg is zero.
> * doc/extend.texi (nonnull_if_nonzero): Document new attribute.
> gcc/c-family/
> * c-attribs.cc (handle_nonnull_if_nonzero_attribute): New
> function.
> (c_common_gnu_attributes): Add nonnull_if_nonzero attribute.
> (handle_nonnull_attribute): Fix comment typo.
> * c-common.cc (struct nonnull_arg_ctx): Add other member.
> (check_function_nonnull): Also check nonnull_if_nonzero attributes.
> (check_nonnull_arg): Use different warning wording if pctx->other
> is non-zero.
> (check_function_arguments): Initialize ctx.other.
> gcc/testsuite/
> * gcc.dg/nonnull-8.c: New test.
> * gcc.dg/nonnull-9.c: New test.
> * gcc.dg/nonnull-10.c: New test.
> * c-c++-common/ubsan/nonnull-6.c: New test.
> * c-c++-common/ubsan/nonnull-7.c: New test.
>
> --- gcc/gimple.h.jj 2024-09-23 16:01:12.393215457 +0200
> +++ gcc/gimple.h 2024-11-12 12:24:06.544215672 +0100
> @@ -1661,7 +1661,7 @@ extern bool nonfreeing_call_p (gimple *)
> extern bool nonbarrier_call_p (gimple *);
> extern bool infer_nonnull_range (gimple *, tree);
> extern bool infer_nonnull_range_by_dereference (gimple *, tree);
> -extern bool infer_nonnull_range_by_attribute (gimple *, tree);
> +extern bool infer_nonnull_range_by_attribute (gimple *, tree, tree * = NULL);
> extern void sort_case_labels (vec<tree> &);
> extern void preprocess_case_label_vec_for_gimple (vec<tree> &, tree, tree *);
> extern void gimple_seq_set_location (gimple_seq, location_t);
> --- gcc/gimple.cc.jj 2024-10-31 08:45:38.241824084 +0100
> +++ gcc/gimple.cc 2024-11-12 14:30:29.104618853 +0100
> @@ -3089,10 +3089,16 @@ infer_nonnull_range_by_dereference (gimp
> }
>
> /* Return true if OP can be inferred to be a non-NULL after STMT
> - executes by using attributes. */
> + executes by using attributes. If OP2 is non-NULL and nonnull_if_nonzero
> + is the only attribute implying OP being non-NULL and the corresponding
> + argument isn't non-zero INTEGER_CST, set *OP2 to the corresponding
> + argument. */
> bool
> -infer_nonnull_range_by_attribute (gimple *stmt, tree op)
> +infer_nonnull_range_by_attribute (gimple *stmt, tree op, tree *op2)
> {
> + if (op2)
> + *op2 = NULL_TREE;
> +
> /* We can only assume that a pointer dereference will yield
> non-NULL if -fdelete-null-pointer-checks is enabled. */
> if (!flag_delete_null_pointer_checks
> @@ -3109,9 +3115,10 @@ infer_nonnull_range_by_attribute (gimple
> attrs = lookup_attribute ("nonnull", attrs);
>
> /* If "nonnull" wasn't specified, we know nothing about
> - the argument. */
> + the argument, unless "nonnull_if_nonzero" attribute is
> + present. */
> if (attrs == NULL_TREE)
> - return false;
> + break;
>
> /* If "nonnull" applies to all the arguments, then ARG
> is non-null if it's in the argument list. */
> @@ -3138,6 +3145,37 @@ infer_nonnull_range_by_attribute (gimple
> }
> }
> }
> +
> + for (attrs = TYPE_ATTRIBUTES (fntype);
> + (attrs = lookup_attribute ("nonnull_if_nonzero", attrs));
> + attrs = TREE_CHAIN (attrs))
> + {
> + tree args = TREE_VALUE (attrs);
> + unsigned int idx = TREE_INT_CST_LOW (TREE_VALUE (args)) - 1;
> + unsigned int idx2
> + = TREE_INT_CST_LOW (TREE_VALUE (TREE_CHAIN (args))) - 1;
> + if (idx < gimple_call_num_args (stmt)
> + && idx2 < gimple_call_num_args (stmt)
> + && operand_equal_p (op, gimple_call_arg (stmt, idx), 0))
> + {
> + tree arg2 = gimple_call_arg (stmt, idx2);
> + if (!INTEGRAL_TYPE_P (TREE_TYPE (arg2)))
> + return false;
> + if (integer_nonzerop (arg2))
> + return true;
> + if (integer_zerop (arg2))
> + return false;
> + if (op2)
> + {
> + /* This case is meant for ubsan instrumentation.
> + The caller can check at runtime if *OP2 is
> + non-zero and OP is null. */
> + *op2 = arg2;
> + return true;
> + }
> + return tree_expr_nonzero_p (arg2);
> + }
> + }
> }
>
> /* If this function is marked as returning non-null, then we can
> --- gcc/tree.cc.jj 2024-10-31 08:46:20.767225624 +0100
> +++ gcc/tree.cc 2024-11-12 13:54:28.115035591 +0100
> @@ -14768,7 +14768,7 @@ get_nonnull_args (const_tree fntype)
> /* A function declaration can specify multiple attribute nonnull,
> each with zero or more arguments. The loop below creates a bitmap
> representing a union of all the arguments. An empty (but non-null)
> - bitmap means that all arguments have been declaraed nonnull. */
> + bitmap means that all arguments have been declared nonnull. */
> for ( ; attrs; attrs = TREE_CHAIN (attrs))
> {
> attrs = lookup_attribute ("nonnull", attrs);
> --- gcc/builtins.cc.jj 2024-11-01 23:03:43.515359648 +0100
> +++ gcc/builtins.cc 2024-11-12 18:06:55.850789518 +0100
> @@ -1149,6 +1149,24 @@ validate_arglist (const_tree callexpr, .
>
> BITMAP_FREE (argmap);
>
> + if (res)
> + for (tree attrs = TYPE_ATTRIBUTES (TREE_TYPE (TREE_TYPE (fn)));
> + (attrs = lookup_attribute ("nonnull_if_nonzero", attrs));
> + attrs = TREE_CHAIN (attrs))
> + {
> + tree args = TREE_VALUE (attrs);
> + unsigned int idx = TREE_INT_CST_LOW (TREE_VALUE (args)) - 1;
> + unsigned int idx2
> + = TREE_INT_CST_LOW (TREE_VALUE (TREE_CHAIN (args))) - 1;
> + if (idx < (unsigned) call_expr_nargs (callexpr)
> + && idx2 < (unsigned) call_expr_nargs (callexpr)
> + && POINTER_TYPE_P (TREE_TYPE (CALL_EXPR_ARG (callexpr, idx)))
> + && integer_zerop (CALL_EXPR_ARG (callexpr, idx))
> + && INTEGRAL_TYPE_P (TREE_TYPE (CALL_EXPR_ARG (callexpr, idx2)))
> + && integer_nonzerop (CALL_EXPR_ARG (callexpr, idx2)))
> + return false;
> + }
> +
> return res;
> }
>
> --- gcc/tree-ssa-ccp.cc.jj 2024-10-25 10:00:29.536766884 +0200
> +++ gcc/tree-ssa-ccp.cc 2024-11-12 23:31:51.290755985 +0100
> @@ -155,6 +155,7 @@ along with GCC; see the file COPYING3.
> #include "ipa-cp.h"
> #include "ipa-prop.h"
> #include "internal-fn.h"
> +#include "gimple-range.h"
>
> /* Possible lattice values. */
> typedef enum
> @@ -4547,6 +4548,7 @@ unsigned int
> pass_post_ipa_warn::execute (function *fun)
> {
> basic_block bb;
> + gimple_ranger *ranger = NULL;
>
> FOR_EACH_BB_FN (bb, fun)
> {
> @@ -4558,14 +4560,15 @@ pass_post_ipa_warn::execute (function *f
> continue;
>
> tree fntype = gimple_call_fntype (stmt);
> - bitmap nonnullargs = get_nonnull_args (fntype);
> - if (!nonnullargs)
> + if (!fntype)
> continue;
> + bitmap nonnullargs = get_nonnull_args (fntype);
>
> tree fndecl = gimple_call_fndecl (stmt);
> const bool closure = fndecl && DECL_LAMBDA_FUNCTION_P (fndecl);
>
> - for (unsigned i = 0; i < gimple_call_num_args (stmt); i++)
> + for (unsigned i = nonnullargs ? 0 : ~0U;
> + i < gimple_call_num_args (stmt); i++)
> {
> tree arg = gimple_call_arg (stmt, i);
> if (TREE_CODE (TREE_TYPE (arg)) != POINTER_TYPE)
> @@ -4613,8 +4616,67 @@ pass_post_ipa_warn::execute (function *f
> fndecl, "nonnull");
> }
> BITMAP_FREE (nonnullargs);
> +
> + for (tree attrs = TYPE_ATTRIBUTES (fntype);
> + (attrs = lookup_attribute ("nonnull_if_nonzero", attrs));
> + attrs = TREE_CHAIN (attrs))
> + {
> + tree args = TREE_VALUE (attrs);
> + unsigned int idx = TREE_INT_CST_LOW (TREE_VALUE (args)) - 1;
> + unsigned int idx2
> + = TREE_INT_CST_LOW (TREE_VALUE (TREE_CHAIN (args))) - 1;
> + if (idx < gimple_call_num_args (stmt)
> + && idx2 < gimple_call_num_args (stmt))
> + {
> + tree arg = gimple_call_arg (stmt, idx);
> + tree arg2 = gimple_call_arg (stmt, idx2);
> + if (TREE_CODE (TREE_TYPE (arg)) != POINTER_TYPE
> + || !integer_zerop (arg)
> + || !INTEGRAL_TYPE_P (TREE_TYPE (arg2))
> + || integer_zerop (arg2)
> + || ((TREE_CODE (fntype) == METHOD_TYPE || closure)
> + && (idx == 0 || idx2 == 0)))
> + continue;
> + if (!integer_nonzerop (arg2)
> + && !tree_expr_nonzero_p (arg2))
> + {
> + if (TREE_CODE (arg2) != SSA_NAME || optimize < 2)
> + continue;
> + if (!ranger)
> + ranger = enable_ranger (cfun);
> +
> + int_range_max vr;
> + get_range_query (cfun)->range_of_expr (vr, arg2, stmt);
> + if (range_includes_zero_p (vr))
> + continue;
> + }
> + unsigned argno = idx + 1;
> + unsigned argno2 = idx2 + 1;
> + location_t loc = (EXPR_HAS_LOCATION (arg)
> + ? EXPR_LOCATION (arg)
> + : gimple_location (stmt));
> + auto_diagnostic_group d;
> +
> + if (!warning_at (loc, OPT_Wnonnull,
> + "argument %u null where non-null "
> + "expected because argument %u is "
> + "nonzero", argno, argno2))
> + continue;
> +
> + tree fndecl = gimple_call_fndecl (stmt);
> + if (fndecl && DECL_IS_UNDECLARED_BUILTIN (fndecl))
> + inform (loc, "in a call to built-in function %qD",
> + fndecl);
> + else if (fndecl)
> + inform (DECL_SOURCE_LOCATION (fndecl),
> + "in a call to function %qD declared %qs",
> + fndecl, "nonnull_if_nonzero");
> + }
> + }
> }
> }
> + if (ranger)
> + disable_ranger (cfun);
> return 0;
> }
>
> --- gcc/ubsan.cc.jj 2024-10-25 10:00:29.556766598 +0200
> +++ gcc/ubsan.cc 2024-11-12 13:01:38.079628478 +0100
> @@ -2047,8 +2047,9 @@ instrument_nonnull_arg (gimple_stmt_iter
> for (unsigned int i = 0; i < gimple_call_num_args (stmt); i++)
> {
> tree arg = gimple_call_arg (stmt, i);
> + tree arg2;
> if (POINTER_TYPE_P (TREE_TYPE (arg))
> - && infer_nonnull_range_by_attribute (stmt, arg))
> + && infer_nonnull_range_by_attribute (stmt, arg, &arg2))
> {
> gimple *g;
> if (!is_gimple_val (arg))
> @@ -2058,6 +2059,13 @@ instrument_nonnull_arg (gimple_stmt_iter
> gsi_safe_insert_before (gsi, g);
> arg = gimple_assign_lhs (g);
> }
> + if (arg2 && !is_gimple_val (arg2))
> + {
> + g = gimple_build_assign (make_ssa_name (TREE_TYPE (arg2)),
> arg2);
> + gimple_set_location (g, loc[0]);
> + gsi_safe_insert_before (gsi, g);
> + arg2 = gimple_assign_lhs (g);
> + }
>
> basic_block then_bb, fallthru_bb;
> *gsi = create_cond_insert_point (gsi, true, false, true,
> @@ -2069,6 +2077,18 @@ instrument_nonnull_arg (gimple_stmt_iter
> gsi_insert_after (gsi, g, GSI_NEW_STMT);
>
> *gsi = gsi_after_labels (then_bb);
> + if (arg2)
> + {
> + *gsi = create_cond_insert_point (gsi, true, false, true,
> + &then_bb, &fallthru_bb);
> + g = gimple_build_cond (NE_EXPR, arg2,
> + build_zero_cst (TREE_TYPE (arg2)),
> + NULL_TREE, NULL_TREE);
> + gimple_set_location (g, loc[0]);
> + gsi_insert_after (gsi, g, GSI_NEW_STMT);
> +
> + *gsi = gsi_after_labels (then_bb);
> + }
> if (flag_sanitize_trap & SANITIZE_NONNULL_ATTRIBUTE)
> g = gimple_build_call (builtin_decl_explicit (BUILT_IN_TRAP), 0);
> else
> --- gcc/doc/extend.texi.jj 2024-11-11 20:04:33.377202404 +0100
> +++ gcc/doc/extend.texi 2024-11-12 17:54:26.062340704 +0100
> @@ -2755,9 +2755,10 @@ object size, for example in functions th
> Note that the @code{access} attribute merely specifies how an object
> referenced by the pointer argument can be accessed; it does not imply that
> an access @strong{will} happen. Also, the @code{access} attribute does not
> -imply the attribute @code{nonnull}; it may be appropriate to add both
> attributes
> -at the declaration of a function that unconditionally manipulates a buffer
> via
> -a pointer argument. See the @code{nonnull} attribute for more information
> and
> +imply the attribute @code{nonnull} nor the attribute
> @code{nonnull_if_nonzero};
> +it may be appropriate to add both attributes at the declaration of a function
> +that unconditionally manipulates a buffer via a pointer argument. See the
> +@code{nonnull} or @code{nonnull_if_nonzero} attributes for more information
> and
> caveats.
>
> @cindex @code{alias} function attribute
> @@ -3789,6 +3790,34 @@ my_memcpy (void *dest, const void *src,
> __attribute__((nonnull));
> @end smallexample
>
> +@cindex @code{nonnull_if_nonzero} function attribute
> +@item nonnull_if_nonzero
> +@itemx nonnull_if_nonzero (@var{arg-index}, @var{arg2-index})
> +The @code{nonnull_if_nonzero} attribute is a conditional version of the
> +@code{nonnull} attribute. It has two arguments, the first argument
> +shall be argument index of a pointer argument which must be in some
> +cases non-null and the second argument shall be argument index of an
> +integral argument (other than boolean). If the integral argument is
> +zero, the pointer argument can be null, if it is non-zero, the pointer
> +argument must not be null.
> +
> +@smallexample
> +extern void *
> +my_memcpy (void *dest, const void *src, size_t len)
> + __attribute__((nonnull (1, 2)));
> +extern void *
> +my_memcpy2 (void *dest, const void *src, size_t len)
> + __attribute__((nonnull_if_nonzero (1, 3),
> + nonnull_if_nonzero (2, 3)));
> +@end smallexample
> +
> +With these declarations, it is invalid to call
> +@code{my_memcpy (NULL, NULL, 0);} or to
> +call @code{my_memcpy2 (NULL, NULL, 4);} but it is valid
> +to call @code{my_memcpy2 (NULL, NULL, 0);}. This attribute should be
> +used on declarations which have e.g.@: an exception for zero sizes,
> +in which case null may be passed.
> +
> @cindex @code{noplt} function attribute
> @item noplt
> The @code{noplt} attribute is the counterpart to option @option{-fno-plt}.
> --- gcc/c-family/c-attribs.cc.jj 2024-10-25 10:00:29.313770074 +0200
> +++ gcc/c-family/c-attribs.cc 2024-11-12 12:07:29.224220859 +0100
> @@ -139,6 +139,8 @@ static tree handle_vector_size_attribute
> static tree handle_vector_mask_attribute (tree *, tree, tree, int,
> bool *) ATTRIBUTE_NONNULL(3);
> static tree handle_nonnull_attribute (tree *, tree, tree, int, bool *);
> +static tree handle_nonnull_if_nonzero_attribute (tree *, tree, tree, int,
> + bool *);
> static tree handle_nonstring_attribute (tree *, tree, tree, int, bool *);
> static tree handle_nothrow_attribute (tree *, tree, tree, int, bool *);
> static tree handle_expected_throw_attribute (tree *, tree, tree, int, bool
> *);
> @@ -488,6 +490,8 @@ const struct attribute_spec c_common_gnu
> handle_tls_model_attribute, NULL },
> { "nonnull", 0, -1, false, true, true, false,
> handle_nonnull_attribute, NULL },
> + { "nonnull_if_nonzero", 2, 2, false, true, true, false,
> + handle_nonnull_if_nonzero_attribute, NULL },
> { "nonstring", 0, 0, true, false, false, false,
> handle_nonstring_attribute, NULL },
> { "nothrow", 0, 0, true, false, false, false,
> @@ -5000,7 +5004,7 @@ handle_nonnull_attribute (tree *node, tr
> /* NEXT is null when the attribute includes just one argument.
> That's used to tell positional_argument to avoid mentioning
> the argument number in diagnostics (since there's just one
> - mentioning it is unnecessary and coule be confusing). */
> + mentioning it is unnecessary and could be confusing). */
> tree next = TREE_CHAIN (args);
> if (tree val = positional_argument (type, name, pos, POINTER_TYPE,
> next || i > 1 ? i : 0))
> @@ -5015,6 +5019,29 @@ handle_nonnull_attribute (tree *node, tr
>
> return NULL_TREE;
> }
> +
> +/* Handle the "nonnull_if_nonzero" attribute. */
> +
> +static tree
> +handle_nonnull_if_nonzero_attribute (tree *node, tree name,
> + tree args, int ARG_UNUSED (flags),
> + bool *no_add_attrs)
> +{
> + tree type = *node;
> + tree pos = TREE_VALUE (args);
> + tree pos2 = TREE_VALUE (TREE_CHAIN (args));
> + tree val = positional_argument (type, name, pos, POINTER_TYPE, 1);
> + tree val2 = positional_argument (type, name, pos2, INTEGER_TYPE, 2);
> + if (val && val2)
> + {
> + TREE_VALUE (args) = val;
> + TREE_VALUE (TREE_CHAIN (args)) = val2;
> + }
> + else
> + *no_add_attrs = true;
> +
> + return NULL_TREE;
> +}
>
> /* Handle the "fd_arg", "fd_arg_read" and "fd_arg_write" attributes */
>
> --- gcc/c-family/c-common.cc.jj 2024-11-11 20:04:33.358202671 +0100
> +++ gcc/c-family/c-common.cc 2024-11-12 16:53:19.148000499 +0100
> @@ -5718,6 +5718,8 @@ struct nonnull_arg_ctx
> /* The function whose arguments are being checked and its type (used
> for calls through function pointers). */
> const_tree fndecl, fntype;
> + /* For nonnull_if_nonzero, index of the other argument. */
> + unsigned HOST_WIDE_INT other;
> /* True if a warning has been issued. */
> bool warned_p;
> };
> @@ -5756,23 +5758,19 @@ check_function_nonnull (nonnull_arg_ctx
> }
>
> tree attrs = lookup_attribute ("nonnull", TYPE_ATTRIBUTES (ctx.fntype));
> - if (attrs == NULL_TREE)
> - return ctx.warned_p;
>
> tree a = attrs;
> /* See if any of the nonnull attributes has no arguments. If so,
> then every pointer argument is checked (in which case the check
> for pointer type is done in check_nonnull_arg). */
> - if (TREE_VALUE (a) != NULL_TREE)
> - do
> - a = lookup_attribute ("nonnull", TREE_CHAIN (a));
> - while (a != NULL_TREE && TREE_VALUE (a) != NULL_TREE);
> + while (a != NULL_TREE && TREE_VALUE (a) != NULL_TREE)
> + a = lookup_attribute ("nonnull", TREE_CHAIN (a));
>
> if (a != NULL_TREE)
> for (int i = firstarg; i < nargs; i++)
> check_function_arguments_recurse (check_nonnull_arg, &ctx, argarray[i],
> i + 1, OPT_Wnonnull);
> - else
> + else if (attrs)
> {
> /* Walk the argument list. If we encounter an argument number we
> should check for non-null, do it. */
> @@ -5791,6 +5789,28 @@ check_function_nonnull (nonnull_arg_ctx
> OPT_Wnonnull);
> }
> }
> + if (a == NULL_TREE)
> + for (attrs = TYPE_ATTRIBUTES (ctx.fntype);
> + (attrs = lookup_attribute ("nonnull_if_nonzero", attrs));
> + attrs = TREE_CHAIN (attrs))
> + {
> + tree args = TREE_VALUE (attrs);
> + unsigned int idx = TREE_INT_CST_LOW (TREE_VALUE (args)) - 1;
> + unsigned int idx2
> + = TREE_INT_CST_LOW (TREE_VALUE (TREE_CHAIN (args))) - 1;
> + if (idx < (unsigned) nargs - firstarg
> + && idx2 < (unsigned) nargs - firstarg
> + && INTEGRAL_TYPE_P (TREE_TYPE (argarray[firstarg + idx2]))
> + && integer_nonzerop (argarray[firstarg + idx2]))
> + {
> + ctx.other = firstarg + idx2 + 1;
> + check_function_arguments_recurse (check_nonnull_arg, &ctx,
> + argarray[firstarg + idx],
> + firstarg + idx + 1,
> + OPT_Wnonnull);
> + ctx.other = 0;
> + }
> + }
> return ctx.warned_p;
> }
>
> @@ -5972,13 +5992,23 @@ check_nonnull_arg (void *ctx, tree param
> }
> else
> {
> - warned = warning_at (loc, OPT_Wnonnull,
> - "argument %u null where non-null expected",
> - (unsigned) param_num);
> + if (pctx->other)
> + warned = warning_at (loc, OPT_Wnonnull,
> + "argument %u null where non-null expected "
> + "because argument %u is nonzero",
> + (unsigned) param_num,
> + TREE_CODE (pctx->fntype) == METHOD_TYPE
> + ? (unsigned) pctx->other - 1
> + : (unsigned) pctx->other);
> + else
> + warned = warning_at (loc, OPT_Wnonnull,
> + "argument %u null where non-null expected",
> + (unsigned) param_num);
> if (warned && pctx->fndecl)
> inform (DECL_SOURCE_LOCATION (pctx->fndecl),
> "in a call to function %qD declared %qs",
> - pctx->fndecl, "nonnull");
> + pctx->fndecl,
> + pctx->other ? "nonnull_if_nonzero" : "nonnull");
> }
>
> if (warned)
> @@ -6224,7 +6254,7 @@ check_function_arguments (location_t loc
> to do this if format checking is enabled. */
> if (warn_nonnull)
> {
> - nonnull_arg_ctx ctx = { loc, fndecl, fntype, false };
> + nonnull_arg_ctx ctx = { loc, fndecl, fntype, 0, false };
> warned_p = check_function_nonnull (ctx, nargs, argarray);
> }
>
> --- gcc/testsuite/gcc.dg/nonnull-8.c.jj 2024-11-12 15:08:22.138633984 +0100
> +++ gcc/testsuite/gcc.dg/nonnull-8.c 2024-11-12 17:02:45.213024228 +0100
> @@ -0,0 +1,57 @@
> +/* Test for the "nonnull_if_nonzero" function attribute. */
> +/* { dg-do compile } */
> +/* { dg-options "-Wnonnull" } */
> +
> +#include <stddef.h>
> +
> +extern void func1 (char *, char *, int)
> + __attribute__((nonnull_if_nonzero (1, 3), nonnull_if_nonzero (2, 3)));
> +
> +extern void func2 (char *, char *, unsigned long)
> + __attribute__((nonnull_if_nonzero (1, 3)));
> +
> +enum E { E0 = 0, E1 = __INT_MAX__ };
> +extern void func3 (char *, int, char *, enum E)
> + __attribute__((nonnull_if_nonzero (1, 4), nonnull_if_nonzero (3, 2)));
> +
> +extern void func4 (long, char *, char *, long)
> + __attribute__((nonnull_if_nonzero (2, 1)))
> + __attribute__((nonnull_if_nonzero (3, 4)));
> +
> +void
> +foo (int i1, int i2, int i3, char *cp1, char *cp2, char *cp3)
> +{
> + func1 (cp1, cp2, i1);
> + func1 (cp1, cp2, 0);
> + func1 (cp1, cp2, 42);
> + func1 (NULL, NULL, 0);
> + func1 (NULL, NULL, i1);
> +
> + func1 (NULL, cp2, 42); /* { dg-warning "argument 1 null where non-null
> expected because argument 3 is nonzero" } */
> + func1 (cp1, NULL, 1); /* { dg-warning "argument 2 null where non-null
> expected because argument 3 is nonzero" } */
> +
> + func2 (cp1, NULL, 17);
> + func2 (NULL, cp2, 0);
> + func2 (NULL, cp1, 2); /* { dg-warning "argument 1 null where non-null
> expected because argument 3 is nonzero" } */
> +
> + func3 (NULL, i2, cp3, i3);
> + func3 (cp1, i2, NULL, i3);
> + func3 (NULL, i2, cp3, E0);
> + func3 (cp1, 0, NULL, E1);
> + func3 (NULL, i2, cp3, E1); /* { dg-warning "argument 1 null where non-null
> expected because argument 4 is nonzero" } */
> + func3 (cp3, 5, NULL, i3); /* { dg-warning "argument 3 null where non-null
> expected because argument 2 is nonzero" } */
> +
> + func1 (i2 ? cp1 : NULL, cp2, i3);
> + func1 (i2 ? NULL : cp1, cp2, i3);
> + func1 (i2 ? (i3 ? cp1 : NULL) : cp2, cp3, i1);
> + func1 (i1 ? cp1 : NULL, cp2, 0);
> + func1 (i1 ? NULL : cp1, cp2, 0);
> + func1 (i1 ? (i2 ? cp1 : NULL) : cp2, cp3, 0);
> + func1 (i1 ? cp1 : NULL, cp2, 1); /* { dg-warning "argument 1 null where
> non-null expected because argument 3 is nonzero" } */
> + func1 (i1 ? NULL : cp1, cp2, 2); /* { dg-warning "argument 1 null where
> non-null expected because argument 3 is nonzero" } */
> + func1 (i1 ? (i2 ? cp1 : NULL) : cp2, cp3, 3); /* { dg-warning "argument 1
> null where non-null expected because argument 3 is nonzero" } */
> +
> + func4 (0, NULL, NULL, 0);
> + func4 (-1, NULL, cp1, 0); /* { dg-warning "argument 2 null where non-null
> expected because argument 1 is nonzero" } */
> + func4 (0, cp1, NULL, 77); /* { dg-warning "argument 3 null where non-null
> expected because argument 4 is nonzero" } */
> +}
> --- gcc/testsuite/gcc.dg/nonnull-9.c.jj 2024-11-12 15:36:03.014255810 +0100
> +++ gcc/testsuite/gcc.dg/nonnull-9.c 2024-11-12 16:01:48.208513109 +0100
> @@ -0,0 +1,40 @@
> +/* Test for the invalid use of the "nonnull_if_nonzero" function attribute.
> */
> +/* { dg-do compile } */
> +/* { dg-options "-std=gnu17 -pedantic-errors" } */
> +
> +extern void func1 () __attribute__((nonnull_if_nonzero)); /* { dg-error
> "wrong number of arguments specified for 'nonnull_if_nonzero' attribute" } */
> +/* { dg-message "expected 2, found 0" "" { target *-*-* } .-1 } */
> +
> +extern void func2 (char *) __attribute__((nonnull_if_nonzero(1))); /* {
> dg-error "wrong number of arguments specified for 'nonnull_if_nonzero'
> attribute" } */
> +/* { dg-message "expected 2, found 1" "" { target *-*-* } .-1 } */
> +
> +extern void func3 (char *) __attribute__((nonnull_if_nonzero(1, 2, 3))); /*
> { dg-error "wrong number of arguments specified for 'nonnull_if_nonzero'
> attribute" } */
> +/* { dg-message "expected 2, found 3" "" { target *-*-* } .-1 } */
> +
> +extern void func4 (char *, int) __attribute__((nonnull_if_nonzero(3, 2)));
> /* { dg-warning "'nonnull_if_nonzero' attribute argument 1 value '3' exceeds
> the number of function parameters 2" } */
> +
> +extern void func5 (char *, int) __attribute__((nonnull_if_nonzero(1, 3)));
> /* { dg-warning "nonnull_if_nonzero' attribute argument 2 value '3' exceeds
> the number of function parameters 2" } */
> +
> +extern void func6 (char *, int) __attribute__((nonnull_if_nonzero (foo,
> 2))); /* { dg-warning ".nonnull_if_nonzero. attribute argument 1 is invalid"
> } */
> +/* { dg-error ".foo. undeclared" "undeclared argument" { target *-*-* } .-1
> } */
> +
> +extern void func7 (char *, int) __attribute__((nonnull_if_nonzero (1,
> bar))); /* { dg-warning ".nonnull_if_nonzero. attribute argument 2 is
> invalid" } */
> +/* { dg-error ".bar. undeclared" "undeclared argument" { target *-*-* } .-1
> } */
> +
> +extern void func8 (int, int) __attribute__((nonnull_if_nonzero(1, 2))); /* {
> dg-warning "'nonnull_if_nonzero' attribute argument 1 value '1' refers to
> parameter type 'int'" } */
> +
> +extern void func9 (char *, float) __attribute__((nonnull_if_nonzero(1, 2)));
> /* { dg-warning "'nonnull_if_nonzero' attribute argument 2 value '2' refers
> to parameter type 'float'" } */
> +
> +extern void func10 (char *, _Bool) __attribute__((nonnull_if_nonzero(1,
> 2))); /* { dg-warning "'nonnull_if_nonzero' attribute argument 2 value '2'
> refers to parameter type '_Bool'" } */
> +
> +extern void func11 (char *, char *) __attribute__((nonnull_if_nonzero(1,
> 2))); /* { dg-warning "'nonnull_if_nonzero' attribute argument 2 value '2'
> refers to parameter type 'char \\\*'" } */
> +
> +void
> +foo (void)
> +{
> +}
> +
> +void
> +bar (void)
> +{
> +}
> --- gcc/testsuite/gcc.dg/nonnull-10.c.jj 2024-11-12 17:04:10.170826997
> +0100
> +++ gcc/testsuite/gcc.dg/nonnull-10.c 2024-11-12 17:36:40.542340272 +0100
> @@ -0,0 +1,162 @@
> +/* { dg-do compile } */
> +/* { dg-options "-O2 -Wnonnull" } */
> +
> +#define N(x, y) __attribute__ ((nonnull_if_nonzero (x, y)))
> +
> +void N (1, 2) f1_1 (void *, int);
> +
> +void N (1, 3) f2_1 (void *, void *, int);
> +void N (1, 3) N (2, 3) f2_1_2 (void *, void *, int);
> +
> +void N (1, 4) N (3, 5) f3_1_3 (void *, void *, void *, int, int);
> +
> +void N (1, 5) N (2, 5) N (4, 5) g4_1_2_4 (void *, void *, void *, void *,
> long);
> +void N (1, 5) N (3, 5) N (4, 5) g4_1_3_4 (void *, void *, void *, void *,
> long);
> +void N (2, 5) N (3, 5) N (4, 5) g4_2_3_4 (void *, void *, void *, void *,
> long);
> +
> +void N (1, 17) N (3, 17) N (5, 17) N (7, 17) N (11, 17) N (13, 17)
> +g16_1_3_5_7_11_13 (void *, void *, void *, void *,
> + void *, void *, void *, void *,
> + void *, void *, void *, void *,
> + void *, void *, void *, void *, int);
> +
> +static void *null (void) { return 0; }
> +
> +void
> +test (int t, long u)
> +{
> + void *p0 = null ();
> + void *px = &px;
> +
> + f1_1 (p0, 0);
> + f1_1 (p0, t);
> + f1_1 (p0, 42); /* { dg-warning "argument 1 null where non-null expected
> because argument 2 is nonzero" } */
> + if (t)
> + f1_1 (p0, t); /* { dg-warning "argument 1 null where non-null expected
> because argument 2 is nonzero" } */
> + f1_1 (px, 17);
> +
> + f2_1 (p0, px, 0);
> + f2_1 (p0, px, t);
> + f2_1 (p0, px, 5); /* { dg-warning "argument 1 null where non-null
> expected because argument 3 is nonzero" } */
> + if (t > 4)
> + f2_1 (p0, px, t); /* { dg-warning "argument 1 null where non-null
> expected because argument 3 is nonzero" } */
> + f2_1 (px, p0, 17);
> + f2_1 (p0, p0, 0);
> + if (t < 0)
> + f2_1 (p0, p0, t); /* { dg-warning "argument 1 null where non-null
> expected because argument 3 is nonzero" } */
> +
> + f2_1_2 (p0, p0, 0);
> + f2_1_2 (p0, p0, t);
> + f2_1_2 (p0, px, 1); /* { dg-warning "argument 1 null where non-null
> expected because argument 3 is nonzero" } */
> + if (t > 8)
> + f2_1_2 (p0, px, t); /* { dg-warning "argument 1 null where non-null
> expected because argument 3 is nonzero" } */
> + f2_1_2 (px, p0, -3); /* { dg-warning "argument 2 null where non-null
> expected because argument 3 is nonzero" } */
> + if (t < -2)
> + f2_1_2 (px, p0, t); /* { dg-warning "argument 2 null where non-null
> expected because argument 3 is nonzero" } */
> + f2_1_2 (p0, p0, 8); /* { dg-warning "argument 1 null where non-null
> expected because argument 3 is nonzero" } */
> + /* { dg-warning "argument 2 null where non-null expected because argument
> 3 is nonzero" "argument 2" { target *-*-* } .-1 } */
> + if (t > 7)
> + f2_1_2 (p0, p0, t); /* { dg-warning "argument 1 null where non-null
> expected because argument 3 is nonzero" } */
> + /* { dg-warning "argument 2 null where non-null expected because argument
> 3 is nonzero" "argument 2" { target *-*-* } .-1 } */
> +
> + f3_1_3 (p0, p0, p0, 0, 0);
> + f3_1_3 (p0, p0, px, 0, 6);
> + f3_1_3 (px, p0, p0, 2, 0);
> + f3_1_3 (p0, p0, p0, t, t);
> + f3_1_3 (p0, p0, px, t, 6);
> + f3_1_3 (px, p0, p0, 2, t);
> + f3_1_3 (p0, px, px, 8, 2); /* { dg-warning "argument 1 null where non-null
> expected because argument 4 is nonzero" } */
> + if (t > 9)
> + f3_1_3 (p0, px, px, t, 3); /* { dg-warning "argument 1 null where
> non-null expected because argument 4 is nonzero" } */
> + f3_1_3 (px, p0, px, 9, 10);
> + if (t > 11)
> + f3_1_3 (px, p0, px, t, t);
> + f3_1_3 (px, px, p0, 10, 11); /* { dg-warning "argument 3 null where
> non-null expected because argument 5 is nonzero" } */
> + if (t < -5)
> + f3_1_3 (px, px, p0, 0, t); /* { dg-warning "argument 3 null where
> non-null expected because argument 5 is nonzero" } */
> + f3_1_3 (p0, p0, px, 11, 12); /* { dg-warning "argument 1 null where
> non-null expected because argument 4 is nonzero" } */
> + if (t > 26)
> + f3_1_3 (p0, p0, px, t, 0); /* { dg-warning "argument 1 null where
> non-null expected because argument 4 is nonzero" } */
> + f3_1_3 (px, p0, p0, 12, 13); /* { dg-warning "argument 3 null where
> non-null expected because argument 5 is nonzero" } */
> + if (t > 31)
> + f3_1_3 (px, p0, p0, 12, t); /* { dg-warning "argument 3 null where
> non-null expected because argument 5 is nonzero" } */
> + f3_1_3 (p0, p0, p0, 13, 14); /* { dg-warning "argument 1 null where
> non-null expected because argument 4 is nonzero" } */
> + /* { dg-warning "argument 3 null where non-null expected because argument
> 5 is nonzero" "argument 3" { target *-*-* } .-1 } */
> + if (t > 28)
> + f3_1_3 (p0, p0, p0, t, t + 1); /* { dg-warning "argument 1 null where
> non-null expected because argument 4 is nonzero" } */
> + /* { dg-warning "argument 3 null where non-null expected because argument
> 5 is nonzero" "argument 3" { target *-*-* } .-1 } */
> +
> + g4_1_2_4 (p0, px, px, px, u);
> + g4_1_2_4 (px, p0, px, px, u);
> + g4_1_2_4 (px, px, p0, px, u);
> + g4_1_2_4 (px, px, px, p0, u);
> + g4_1_2_4 (p0, px, px, px, 0);
> + g4_1_2_4 (px, p0, px, px, 0);
> + g4_1_2_4 (px, px, p0, px, 0);
> + g4_1_2_4 (px, px, px, p0, 0);
> + g4_1_2_4 (p0, px, px, px, 15); /* { dg-warning "argument 1 null where
> non-null expected because argument 5 is nonzero" } */
> + if (u)
> + g4_1_2_4 (p0, px, px, px, u); /* { dg-warning "argument 1 null where
> non-null expected because argument 5 is nonzero" } */
> + g4_1_2_4 (px, p0, px, px, 16); /* { dg-warning "argument 2 null where
> non-null expected because argument 5 is nonzero" } */
> + if (u > 2)
> + g4_1_2_4 (px, p0, px, px, u); /* { dg-warning "argument 2 null where
> non-null expected because argument 5 is nonzero" } */
> + g4_1_2_4 (px, px, p0, px, 17);
> + if (u > 3)
> + g4_1_2_4 (px, px, p0, px, u);
> + g4_1_2_4 (px, px, px, p0, 18); /* { dg-warning "argument 4 null where
> non-null expected because argument 5 is nonzero" } */
> + if (u < -2 || u > 10)
> + g4_1_2_4 (px, px, px, p0, u); /* { dg-warning "argument 4 null where
> non-null expected because argument 5 is nonzero" } */
> +
> + g4_1_3_4 (p0, px, px, px, u);
> + g4_1_3_4 (px, p0, px, px, u);
> + g4_1_3_4 (px, px, p0, px, u);
> + g4_1_3_4 (px, px, px, p0, u);
> + g4_1_3_4 (p0, px, px, px, 0);
> + g4_1_3_4 (px, p0, px, px, 0);
> + g4_1_3_4 (px, px, p0, px, 0);
> + g4_1_3_4 (px, px, px, p0, 0);
> + g4_1_3_4 (p0, px, px, px, 20); /* { dg-warning "argument 1 null where
> non-null expected because argument 5 is nonzero" } */
> + if (u > 4)
> + g4_1_3_4 (p0, px, px, px, u); /* { dg-warning "argument 1 null where
> non-null expected because argument 5 is nonzero" } */
> + g4_1_3_4 (px, p0, px, px, 21);
> + if (u > 6 || u < -24)
> + g4_1_3_4 (px, p0, px, px, u);
> + g4_1_3_4 (px, px, p0, px, 22); /* { dg-warning "argument 3 null where
> non-null expected because argument 5 is nonzero" } */
> + if (u > 9)
> + g4_1_3_4 (px, px, p0, px, u - 3); /* { dg-warning "argument 3 null where
> non-null expected because argument 5 is nonzero" } */
> + g4_1_3_4 (px, px, px, p0, 23); /* { dg-warning "argument 4 null where
> non-null expected because argument 5 is nonzero" } */
> + if (u > 10)
> + g4_1_3_4 (px, px, px, p0, u); /* { dg-warning "argument 4 null where
> non-null expected because argument 5 is nonzero" } */
> +
> + g4_2_3_4 (p0, px, px, px, u);
> + g4_2_3_4 (px, p0, px, px, u);
> + g4_2_3_4 (px, px, p0, px, u);
> + g4_2_3_4 (px, px, px, p0, u);
> + g4_2_3_4 (p0, px, px, px, 0);
> + g4_2_3_4 (px, p0, px, px, 0);
> + g4_2_3_4 (px, px, p0, px, 0);
> + g4_2_3_4 (px, px, px, p0, 0);
> + g4_2_3_4 (p0, px, px, px, 1);
> + if (u > 12)
> + g4_2_3_4 (p0, px, px, px, u);
> + g4_2_3_4 (px, p0, px, px, 2); /* { dg-warning "argument 2 null where
> non-null expected because argument 5 is nonzero" } */
> + if (u > 17)
> + g4_2_3_4 (px, p0, px, px, u - 3); /* { dg-warning "argument 2 null where
> non-null expected because argument 5 is nonzero" } */
> + g4_2_3_4 (px, px, p0, px, 3); /* { dg-warning "argument 3 null where
> non-null expected because argument 5 is nonzero" } */
> + if (u > 24)
> + g4_2_3_4 (px, px, p0, px, u); /* { dg-warning "argument 3 null where
> non-null expected because argument 5 is nonzero" } */
> + g4_2_3_4 (px, px, px, p0, 4); /* { dg-warning "argument 4 null where
> non-null expected because argument 5 is nonzero" } */
> + if (u > 42)
> + g4_2_3_4 (px, px, px, p0, u); /* { dg-warning "argument 4 null where
> non-null expected because argument 5 is nonzero" } */
> +
> + g16_1_3_5_7_11_13 (px, px, px, px, px, px, px, px,
> + px, px, px, px, px, px, px, px, 17);
> + g16_1_3_5_7_11_13 (p0, p0, p0, p0, p0, p0, p0, p0,
> + p0, p0, p0, p0, p0, p0, p0, p0, t);
> + g16_1_3_5_7_11_13 (p0, p0, p0, p0, p0, p0, p0, p0,
> + p0, p0, p0, p0, p0, p0, p0, p0, 0);
> +
> + g16_1_3_5_7_11_13 (px, p0, px, p0, px, p0, px, p0, p0, p0, px, p0, p0, p0,
> p0, p0, 2); /* { dg-warning "argument 13 null where non-null expected because
> argument 17 is nonzero" } */
> + if (t > 122)
> + g16_1_3_5_7_11_13 (px, p0, px, p0, px, p0, px, p0, p0, p0, px, p0, p0,
> p0, p0, p0, t); /* { dg-warning "argument 13 null where non-null expected
> because argument 17 is nonzero" } */
> +}
> --- gcc/testsuite/c-c++-common/ubsan/nonnull-6.c.jj 2024-11-12
> 23:16:27.686866970 +0100
> +++ gcc/testsuite/c-c++-common/ubsan/nonnull-6.c 2024-11-13
> 09:13:05.077160640 +0100
> @@ -0,0 +1,28 @@
> +/* { dg-do run } */
> +/* { dg-options "-fsanitize=undefined -fno-sanitize-recover=undefined" } */
> +
> +__attribute__((noipa, nonnull_if_nonzero (1, 4)))
> +__attribute__((nonnull (3), nonnull_if_nonzero (5, 2))) void
> +foo (void *a, unsigned long b, void *c, int d, void *e)
> +{
> + (void) a;
> + (void) b;
> + (void) c;
> + (void) d;
> + (void) e;
> +}
> +
> +__attribute__((noipa))
> +void
> +bar (void *a, unsigned long b, void *c, int d, void *e)
> +{
> + foo (a, b, c, d, e);
> +}
> +
> +int
> +main ()
> +{
> + char x;
> + bar (&x, 42, &x, 1, &x);
> + bar (0, 0, &x, 0, 0);
> +}
> --- gcc/testsuite/c-c++-common/ubsan/nonnull-7.c.jj 2024-11-12
> 23:16:27.686866970 +0100
> +++ gcc/testsuite/c-c++-common/ubsan/nonnull-7.c 2024-11-13
> 09:13:45.732591954 +0100
> @@ -0,0 +1,39 @@
> +/* { dg-do run } */
> +/* { dg-options "-fsanitize=nonnull-attribute" } */
> +
> +__attribute__((noipa, nonnull_if_nonzero (1, 4)))
> +__attribute__((nonnull (3), nonnull_if_nonzero (5, 2))) void
> +foo (void *a, unsigned long b, void *c, int d, void *e)
> +{
> + (void) a;
> + (void) b;
> + (void) c;
> + (void) d;
> + (void) e;
> +}
> +
> +__attribute__((noipa))
> +void
> +bar (void *a, unsigned long b, void *c, int d, void *e)
> +{
> + foo (a, b, c, d, e);
> +}
> +
> +int
> +main ()
> +{
> + char x;
> + bar (&x, 42, 0, 1, &x);
> + bar (0, 25, &x, 7, &x);
> + bar (&x, -82, &x, 68, 0);
> + foo (&x, 42, 0, 1, &x);
> + foo (0, 25, &x, 7, &x);
> + foo (&x, -82, &x, 68, 0);
> +}
> +
> +/* { dg-output "\.c:19:\[0-9]*:\[^\n\r]*null pointer passed as argument 3,
> which is declared to never be null\[^\n\r]*(\n|\r\n|\r)" } */
> +/* { dg-output "\[^\n\r]*\.c:19:\[0-9]*:\[^\n\r]*null pointer passed as
> argument 1, which is declared to never be null\[^\n\r]*(\n|\r\n|\r)" } */
> +/* { dg-output "\[^\n\r]*\.c:19:\[0-9]*:\[^\n\r]*null pointer passed as
> argument 5, which is declared to never be null\[^\n\r]*(\n|\r\n|\r)" } */
> +/* { dg-output "\[^\n\r]*\.c:29:\[0-9]*:\[^\n\r]*null pointer passed as
> argument 3, which is declared to never be null\[^\n\r]*(\n|\r\n|\r)" } */
> +/* { dg-output "\[^\n\r]*\.c:30:\[0-9]*:\[^\n\r]*null pointer passed as
> argument 1, which is declared to never be null\[^\n\r]*(\n|\r\n|\r)" } */
> +/* { dg-output "\[^\n\r]*\.c:31:\[0-9]*:\[^\n\r]*null pointer passed as
> argument 5, which is declared to never be null" } */
>
> Jakub
>
