From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTPS id A61473858D28 for ; Thu, 16 Mar 2023 17:55:52 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org A61473858D28 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1678989352; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=yvRs7PfFtsI2QdfYtdqdFP+Wz9LF4SVq9NswVBzrFko=; b=BLVwkm2NxIMdDPNBOprH73juOb8dAlCIL6cNTQyGIDpDSM9VBNR25/47Nu+EwZ+iDfOMoB Fskr5jey2FHSrhxNdM7l3SocoCigvjapUgZ2z6NDHK234xVQZOBdKSG/rcE4PNvQp24N6B x8wTHM2UthEQgLGE8TlUqttc5/WVSms= Received: from mail-qk1-f199.google.com (mail-qk1-f199.google.com [209.85.222.199]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-44-ngPJV8OfNXO7OzlO3aUCaQ-1; Thu, 16 Mar 2023 13:55:51 -0400 X-MC-Unique: ngPJV8OfNXO7OzlO3aUCaQ-1 Received: by mail-qk1-f199.google.com with SMTP id d21-20020a05620a141500b00745e786ddd5so1337150qkj.19 for ; Thu, 16 Mar 2023 10:55:51 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1678989351; h=mime-version:user-agent:content-transfer-encoding:references :in-reply-to:date:to:from:subject:message-id:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=yvRs7PfFtsI2QdfYtdqdFP+Wz9LF4SVq9NswVBzrFko=; b=I2cnaabnYrsxcrmiQZxEay72XIM4tCaN5Jr43Vmxp+IlzEQY8ky7y1T5uRn7DX/Zsl p7z8M5pEnz2AEWt1DU1ePG2oxvko+ya+tcO8B6BPdzhIryFPoD1bk524862c80ygjcmH AuuOsop489tVJa8QEAAbRCS+lZCiqQqdXx43MTts3fm/LRGbTr/sr02xYdHEhcn9vr1t /Ez7E8rugbq+raTMjm+1NddhVBbFnTKGm9gxMwezCKjdnpEKAAGrOPQG397FGA3rKwa/ 3v0+gmuC2u1l8gIY/RpDCoIbnayvQXEjw+E/hgz6hna3aKDCw9W6Hhf9SOrjJgpQPHqk dqfA== X-Gm-Message-State: AO0yUKUoFfJjjhXx+QKABYeDywzjdmtl19XnYqBl4m8a1jjfnxYE0oQJ WaM7F2ErUPFFDMPasFxySjl7KOFjLwQ2GinwnSuBfdK/FjbjrQGctIlYYDygugCrWg+yz9GaolT jAgNlCuVcANAn7HnusQ== X-Received: by 2002:a05:6214:489:b0:56e:a6bb:47ae with SMTP id pt9-20020a056214048900b0056ea6bb47aemr34963227qvb.12.1678989350535; Thu, 16 Mar 2023 10:55:50 -0700 (PDT) X-Google-Smtp-Source: AK7set9fqHzPtLXBwshPwqW4kH1+lRkTfgcBTrEtmH1nUZxL6Q8h2p9Ls737lFnNWezcKXA2wuP7qA== X-Received: by 2002:a05:6214:489:b0:56e:a6bb:47ae with SMTP id pt9-20020a056214048900b0056ea6bb47aemr34963166qvb.12.1678989349895; Thu, 16 Mar 2023 10:55:49 -0700 (PDT) Received: from t14s.localdomain (c-73-69-212-193.hsd1.ma.comcast.net. [73.69.212.193]) by smtp.gmail.com with ESMTPSA id bj30-20020a05620a191e00b0074235386738sm11669qkb.37.2023.03.16.10.55.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 16 Mar 2023 10:55:49 -0700 (PDT) Message-ID: Subject: Re: [PATCH] testsuite: Handle default_packed targets in gcc.dg/plugin From: David Malcolm To: Hans-Peter Nilsson , gcc-patches@gcc.gnu.org Date: Thu, 16 Mar 2023 13:55:48 -0400 In-Reply-To: <20230309185616.E420F20438@pchp3.se.axis.com> References: <20230309185616.E420F20438@pchp3.se.axis.com> User-Agent: Evolution 3.44.4 (3.44.4-1.fc36) MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-10.2 required=5.0 tests=BAYES_00,BODY_8BITS,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On Thu, 2023-03-09 at 19:56 +0100, Hans-Peter Nilsson wrote: > It's not obvious to me whether considered best to include or > exclude these tests that depend on structure layout details. > If excluding, the obvious alternative to this patch is then > to add a top one-liner (to dg-skip-if the test for > default_packed targets or a similar excluding expression). > I'm fine either way, just suggesting the following, which > handles the cris-elf test-case failures I see for these > tests, and causes no change in results for native > x86_64-pc-linux-gnu. Thanks for looking at this. How about a third option: can the structs be explicitly marked as being packed, by adding __attribute__((__packed__)) to the various structs?=20 The tests are all about detecting problems with padding bits, and presumably we can have padding bits on all targets if we explicitly ask for them. Does that make for a simpler patch? Dave >=20 > Beware that some of the tests have lines with trailing > whitespace.=C2=A0 Where lines are changed in this patch, the > trailing whitespace is removed. >=20 > Ok to commit? >=20 > -- >8 -- > It's a judgement call whether to just skip some of these > tests rather than trying to match messages depending on the > layout of structures, but better include than exclude. >=20 > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0* gcc.dg/plugin/infoleak-= 2.c, > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0gcc.dg/plugin/infoleak-CV= E-2011-1078-1.c, > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0gcc.dg/plugin/infoleak-CV= E-2011-1078-2.c, > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0gcc.dg/plugin/infoleak-CV= E-2017-18549-1.c, > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0gcc.dg/plugin/infoleak-CV= E-2017-18550-1.c, > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0gcc.dg/plugin/infoleak-an= tipatterns-1.c, > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0gcc.dg/plugin/infoleak-fi= xit-1.c: Handle default_packed > targets. > --- > =C2=A0gcc/testsuite/gcc.dg/plugin/infoleak-2.c=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 | 13 ++++++++--- > -- > =C2=A0.../gcc.dg/plugin/infoleak-CVE-2011-1078-1.c=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 | 10 +++++----- > =C2=A0.../gcc.dg/plugin/infoleak-CVE-2011-1078-2.c=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0 | 10 +++++----- > =C2=A0.../gcc.dg/plugin/infoleak-CVE-2017-18549-1.c=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0 | 10 +++++----- > =C2=A0.../gcc.dg/plugin/infoleak-CVE-2017-18550-1.c=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0 |=C2=A0 7 ++++--- > =C2=A0.../gcc.dg/plugin/infoleak-antipatterns-1.c=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0 | 10 +++++----- > =C2=A0gcc/testsuite/gcc.dg/plugin/infoleak-fixit-1.c=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0 | 10 ++++++---- > =C2=A07 files changed, 38 insertions(+), 32 deletions(-) >=20 > diff --git a/gcc/testsuite/gcc.dg/plugin/infoleak-2.c > b/gcc/testsuite/gcc.dg/plugin/infoleak-2.c > index 252f8f25918a..4ba484b3c6be 100644 > --- a/gcc/testsuite/gcc.dg/plugin/infoleak-2.c > +++ b/gcc/testsuite/gcc.dg/plugin/infoleak-2.c > @@ -18,16 +18,19 @@ struct st > =C2=A0=C2=A0 int b:1; /* { dg-message "field 'b' is uninitialized \\(1 bi= t\\)" > "field" } */ > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 /* { d= g-message "padding after field 'b' is uninitialized > \\(7 bits\\)" "padding" { target *-*-* } .-1 } */ > =C2=A0=C2=A0 u8 d;=C2=A0=C2=A0=C2=A0 /* { dg-message "field 'd' is uninit= ialized \\(1 byte\\)" > } */ > -=C2=A0 int c:7; /* { dg-message "padding after field 'c' is uninitialize= d > \\(9 bits\\)" } */ > -=C2=A0 u16 e;=C2=A0=C2=A0 /* { dg-message "padding after field 'e' is un= initialized > \\(2 bytes\\)" } */=C2=A0=20 > +=C2=A0 int c:7; /* { dg-message "padding after field 'c' is uninitialize= d > \\(9 bits\\)" "padding" { target { ! default_packed } } } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 /* { dg-mes= sage "padding after field 'c' is uninitialized > \\(1 bit\\)" "padding" { target default_packed } .-1 } */ > +=C2=A0 u16 e;=C2=A0=C2=A0 /* { dg-message "padding after field 'e' is un= initialized > \\(2 bytes\\)" "padding" { target { ! default_packed } } } */ > =C2=A0}; > =C2=A0 > =C2=A0void test (void __user *dst, u16 v) > =C2=A0{ > =C2=A0=C2=A0 struct st s; /* { dg-message "region created on stack here" > "where" } */ > -=C2=A0 /* { dg-message "capacity: 12 bytes" "capacity" { target *-*-* } > .-1 } */ > -=C2=A0 /* { dg-message "suggest forcing zero-initialization by providing > a '\\{0\\}' initializer" "fix-it" { target *-*-* } .-2 } */=C2=A0=20 > +=C2=A0 /* { dg-message "capacity: 12 bytes" "capacity" { target { ! > default_packed } } .-1 } */ > +=C2=A0 /* { dg-message "capacity: 9 bytes" "capacity" { target > default_packed } .-2 } */ > +=C2=A0 /* { dg-message "suggest forcing zero-initialization by providing > a '\\{0\\}' initializer" "fix-it" { target *-*-* } .-3 } */ > =C2=A0=C2=A0 s.e =3D v; > =C2=A0=C2=A0 copy_to_user(dst, &s, sizeof (struct st)); /* { dg-warning > "potential exposure of sensitive information by copying uninitialized > data from stack" "warning" } */ > -=C2=A0 /* { dg-message "10 bytes are uninitialized" "note how much" { > target *-*-* } .-1 } */ > +=C2=A0 /* { dg-message "10 bytes are uninitialized" "note how much" { > target { ! default_packed } } .-1 } */ > +=C2=A0 /* { dg-message "7 bytes are uninitialized" "note how much" { > target default_packed } .-2 } */ > =C2=A0} > diff --git a/gcc/testsuite/gcc.dg/plugin/infoleak-CVE-2011-1078-1.c > b/gcc/testsuite/gcc.dg/plugin/infoleak-CVE-2011-1078-1.c > index 3616fbe176b3..9269b911b22f 100644 > --- a/gcc/testsuite/gcc.dg/plugin/infoleak-CVE-2011-1078-1.c > +++ b/gcc/testsuite/gcc.dg/plugin/infoleak-CVE-2011-1078-1.c > @@ -51,7 +51,7 @@ struct socket { > =C2=A0 > =C2=A0struct sco_conninfo { > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0__u16 hci_handle; > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0__u8=C2=A0 dev_class[3]; /* { = dg-message "padding after field > 'dev_class' is uninitialized \\(1 byte\\)" } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0__u8=C2=A0 dev_class[3]; /* { = dg-message "padding after field > 'dev_class' is uninitialized \\(1 byte\\)" "padding" { target { ! > default_packed } } } */ > =C2=A0}; > =C2=A0 > =C2=A0struct sco_conn { > @@ -83,8 +83,8 @@ static int sco_sock_getsockopt_old_broken(struct > socket *sock, int optname, char > =C2=A0{ > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0struct sock *sk =3D sock-= >sk; > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/* [...snip...] */ > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0struct sco_conninfo cinfo; /* = { dg-message "region created on > stack here" "where" } */ > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 /* { dg-message "capaci= ty: 6 > bytes" "capacity" { target *-*-* } .-1 } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0struct sco_conninfo cinfo; /* = { dg-message "region created on > stack here" "where" { target { ! default_packed } } } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 /* { dg-message "capaci= ty: 6 > bytes" "capacity" { target { ! default_packed } } .-1 } */ > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/* Note: 40 bits of field= s, padded to 48.=C2=A0 */ > =C2=A0 > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0int len, err =3D 0; > @@ -101,8 +101,8 @@ static int sco_sock_getsockopt_old_broken(struct > socket *sock, int optname, char > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0memcpy(cinfo.dev_class, sco_pi(sk)->conn->hcon- > >dev_class, 3); > =C2=A0 > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0len =3D min_t(unsigned int, len, sizeof(cinfo)); > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0if (copy_to_user(optval, (char *)&cinfo, len)) /* { > dg-warning "potential exposure of sensitive information by copying > uninitialized data from stack" "warning" { target *-*-* } } */ > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/* { dg-m= essage "1 byte is uninitialized" > "how much note" { target *-*-* } .-1 } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0if (copy_to_user(optval, (char *)&cinfo, len)) /* { > dg-warning "potential exposure of sensitive information by copying > uninitialized data from stack" "warning" { target { ! default_packed > } } } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/* { dg-m= essage "1 byte is uninitialized" > "how much note" { target { ! default_packed } } .-1 } */ > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0err= =3D -1; > =C2=A0 > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/* [...snip...] */ > diff --git a/gcc/testsuite/gcc.dg/plugin/infoleak-CVE-2011-1078-2.c > b/gcc/testsuite/gcc.dg/plugin/infoleak-CVE-2011-1078-2.c > index 2096bda71798..d5f598b0878e 100644 > --- a/gcc/testsuite/gcc.dg/plugin/infoleak-CVE-2011-1078-2.c > +++ b/gcc/testsuite/gcc.dg/plugin/infoleak-CVE-2011-1078-2.c > @@ -15,22 +15,22 @@ typedef unsigned short __u16; > =C2=A0 > =C2=A0struct sco_conninfo { > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0__u16 hci_handle; > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0__u8=C2=A0 dev_class[3]; /* { = dg-message "padding after field > 'dev_class' is uninitialized \\(1 byte\\)" } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0__u8=C2=A0 dev_class[3]; /* { = dg-message "padding after field > 'dev_class' is uninitialized \\(1 byte\\)" "padding"=C2=A0 { target { ! > default_packed } } } */ > =C2=A0}; > =C2=A0 > =C2=A0/* Adapted from sco_sock_getsockopt_old in net/bluetooth/sco.c.=C2= =A0 */ > =C2=A0 > =C2=A0int test_1 (char __user *optval, const struct sco_conninfo *in) > =C2=A0{ > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0struct sco_conninfo cinfo; /* = { dg-message "region created on > stack here" "where" } */ > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 /* { dg-message "capaci= ty: 6 > bytes" "capacity" { target *-*-* } .-1 } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0struct sco_conninfo cinfo; /* = { dg-message "region created on > stack here" "where" { target { ! default_packed } } } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 /* { dg-message "capaci= ty: 6 > bytes" "capacity" { target { ! default_packed } } .-1 } */ > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/* Note: 40 bits of field= s, padded to 48.=C2=A0 */ > =C2=A0 > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0cinfo.hci_handle =3D in->= hci_handle; > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0memcpy(cinfo.dev_class, i= n->dev_class, 3); > =C2=A0 > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0copy_to_user(optval, &cinfo, s= izeof(cinfo)); /* { dg-warning > "potential exposure of sensitive information by copying uninitialized > data from stack" "warning" } */ > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/* { dg-message "1 byte is uni= nitialized" "how much note" { > target *-*-* } .-1 } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0copy_to_user(optval, &cinfo, s= izeof(cinfo)); /* { dg-warning > "potential exposure of sensitive information by copying uninitialized > data from stack" "warning" { target { ! default_packed } } } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/* { dg-message "1 byte is uni= nitialized" "how much note" { > target { ! default_packed } } .-1 } */ > =C2=A0} > =C2=A0 > =C2=A0int test_2 (char __user *optval, const struct sco_conninfo *in) > diff --git a/gcc/testsuite/gcc.dg/plugin/infoleak-CVE-2017-18549-1.c > b/gcc/testsuite/gcc.dg/plugin/infoleak-CVE-2017-18549-1.c > index 8a1c816cc1b5..8fcf9a904a2a 100644 > --- a/gcc/testsuite/gcc.dg/plugin/infoleak-CVE-2017-18549-1.c > +++ b/gcc/testsuite/gcc.dg/plugin/infoleak-CVE-2017-18549-1.c > @@ -35,7 +35,7 @@ struct aac_srb_reply > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0__le32=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0scsi_status; > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0__le32=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0data_xfer_length; > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0__le32=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0sense_data_size; > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0u8=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0sense_data[AAC_SEN= SE_BUFFERSIZE]; /* { dg- > message "padding after field 'sense_data' is uninitialized \\(2 > bytes\\)" } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0u8=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0sense_data[AAC_SEN= SE_BUFFERSIZE]; /* { dg- > message "padding after field 'sense_data' is uninitialized \\(2 > bytes\\)" "padding" { target { ! default_packed } } } */ > =C2=A0}; > =C2=A0 > =C2=A0#define=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0ST_OK=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A00 > @@ -50,8 +50,8 @@ static int aac_send_raw_srb(/* [...snip...] */ > =C2=A0 > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/* [...snip...] */ > =C2=A0 > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0struct aac_srb_reply reply; /*= { dg-message "region created > on stack here" "memspace message" } */ > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/* { dg-message "capacity: 52 = bytes" "capacity message" { > target *-*-* } .-1 } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0struct aac_srb_reply reply; /*= { dg-message "region created > on stack here" "memspace message" { target { ! default_packed } } } > */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/* { dg-message "capacity: 52 = bytes" "capacity message" { > target { ! default_packed } } .-1 } */ > =C2=A0 > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0reply.status =3D ST_OK; > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0 > @@ -65,8 +65,8 @@ static int aac_send_raw_srb(/* [...snip...] */ > =C2=A0 > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/* [...snip...] */ > =C2=A0 > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if (copy_to_user(user_reply, &= reply, /* { dg-warning > "potential exposure of sensitive information by copying uninitialized > data from stack" } */ > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 /* { dg-message "2 bytes > are uninitialized" "note how much" { target *-*-* } .-1 } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if (copy_to_user(user_reply, &= reply, /* { dg-warning > "potential exposure of sensitive information by copying uninitialized > data from stack" "padding" { target { ! default_packed } } } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 /* { dg-message "2 bytes > are uninitialized" "note how much" { target { ! default_packed } } .- > 1 } */ > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 si= zeof(struct aac_srb_reply))) { > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0/* [...snip...] */ > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0} > diff --git a/gcc/testsuite/gcc.dg/plugin/infoleak-CVE-2017-18550-1.c > b/gcc/testsuite/gcc.dg/plugin/infoleak-CVE-2017-18550-1.c > index 4272da96bab0..a7361f937401 100644 > --- a/gcc/testsuite/gcc.dg/plugin/infoleak-CVE-2017-18550-1.c > +++ b/gcc/testsuite/gcc.dg/plugin/infoleak-CVE-2017-18550-1.c > @@ -31,7 +31,7 @@ struct aac_hba_info { > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0u8=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0driver_name[50]; /* { dg-message "field 'driver_name' > is uninitialized \\(50 bytes\\)" } */ > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0u8=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0adapter_number; > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0u8=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0=C2=A0system_io_bus_number; > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0u8=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0device_number; /* { dg-message "padding after field > 'device_number' is uninitialized \\(3 bytes\\)" } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0u8=C2=A0=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0device_number; /* { dg-message "padding after field > 'device_number' is uninitialized \\(3 bytes\\)" "padding" { target { > ! default_packed } } } */ > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0u32=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0function_number; > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0u32=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0vendor_id; > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0u32=C2=A0=C2=A0=C2=A0=C2= =A0=C2=A0device_id; > @@ -108,7 +108,8 @@ struct pci_bus { > =C2=A0static int aac_get_hba_info(struct aac_dev *dev, void __user *arg) > =C2=A0{ > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0struct aac_hba_info hbain= fo; /* { dg-message "region created > on stack here" "memspace message" } */ > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/* { dg-message "capacity: 200= bytes" "capacity message" { > target *-*-* } .-1 } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/* { dg-message "capacity: 200= bytes" "capacity message" { > target { ! default_packed } } .-1 } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0/* { dg-message "capacity: 194= bytes" "capacity message" { > target default_packed } .-2 } */ > =C2=A0 > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0hbainfo.adapter_number=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=3D (u8) dev->id; > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0hbainfo.system_io_bus_num= ber=C2=A0=C2=A0=C2=A0=C2=A0=3D dev->pdev->bus->number; > @@ -121,7 +122,7 @@ static int aac_get_hba_info(struct aac_dev *dev, > void __user *arg) > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0hbainfo.sub_system_id=C2= =A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=3D dev->pde= v- > >subsystem_device; > =C2=A0 > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0if (copy_to_user(arg, &hb= ainfo, sizeof(struct aac_hba_info))) > { /* { dg-warning "potential exposure of sensitive information by > copying uninitialized data from stack" "warning" } */ > -=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0/* { dg-message "177 bytes are uninitialized" "how > much" { target *-*-* } .-1 } */ > +=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0/* { dg-message "177 bytes are uninitialized" "how > much" { target { ! default_packed } } .-1 } */ > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0= =C2=A0=C2=A0=C2=A0=C2=A0/* [...snip...] */ > =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0} > =C2=A0 > diff --git a/gcc/testsuite/gcc.dg/plugin/infoleak-antipatterns-1.c > b/gcc/testsuite/gcc.dg/plugin/infoleak-antipatterns-1.c > index 500845364388..d9db2b3bdebc 100644 > --- a/gcc/testsuite/gcc.dg/plugin/infoleak-antipatterns-1.c > +++ b/gcc/testsuite/gcc.dg/plugin/infoleak-antipatterns-1.c > @@ -90,21 +90,21 @@ int infoleak_heap_missing_a_field(void __user > *dst, u32 v) > =C2=A0 > =C2=A0struct infoleak_3 > =C2=A0{ > -=C2=A0 u8 a; /* { dg-message "padding after field 'a' is uninitialized > \\(3 bytes\\)" } */ > +=C2=A0 u8 a; /* { dg-message "padding after field 'a' is uninitialized > \\(3 bytes\\)" "padding" { target { ! default_packed } } } */ > =C2=A0=C2=A0 /* padding here */ > =C2=A0=C2=A0 u32 b; > =C2=A0}; > =C2=A0 > =C2=A0int infoleak_stack_padding(void __user *dst, u8 p, u32 q) > =C2=A0{ > -=C2=A0 struct infoleak_3 st; /* { dg-message "region created on stack > here" "where" } */ > -=C2=A0 /* { dg-message "capacity: 8 bytes" "capacity" { target *-*-* } .= - > 1 } */ > +=C2=A0 struct infoleak_3 st; /* { dg-message "region created on stack > here" "where" { target { ! default_packed } } } */ > +=C2=A0 /* { dg-message "capacity: 8 bytes" "capacity" { target { ! > default_packed } } .-1 } */ > =C2=A0 > =C2=A0=C2=A0 st.a =3D p; > =C2=A0=C2=A0 st.b =3D q; > =C2=A0=C2=A0 /* No initialization of padding.=C2=A0 */ > -=C2=A0 if (copy_to_user(dst, &st, sizeof(st))) /* { dg-warning "potentia= l > exposure of sensitive information by copying uninitialized data from > stack" "warning" } */ > -=C2=A0=C2=A0=C2=A0 /* { dg-message "3 bytes are uninitialized" "note how= much" { > target *-*-* } .-1 } */ > +=C2=A0 if (copy_to_user(dst, &st, sizeof(st))) /* { dg-warning "potentia= l > exposure of sensitive information by copying uninitialized data from > stack" "warning" { target { ! default_packed } } } */ > +=C2=A0=C2=A0=C2=A0 /* { dg-message "3 bytes are uninitialized" "note how= much" { > target { ! default_packed } } .-1 } */ > =C2=A0=C2=A0=C2=A0=C2=A0 return -EFAULT; > =C2=A0=C2=A0 return 0; > =C2=A0} > diff --git a/gcc/testsuite/gcc.dg/plugin/infoleak-fixit-1.c > b/gcc/testsuite/gcc.dg/plugin/infoleak-fixit-1.c > index 6961b44f76b9..192c9e7802ad 100644 > --- a/gcc/testsuite/gcc.dg/plugin/infoleak-fixit-1.c > +++ b/gcc/testsuite/gcc.dg/plugin/infoleak-fixit-1.c > @@ -11,16 +11,18 @@ typedef unsigned int u32; > =C2=A0 > =C2=A0struct st > =C2=A0{ > -=C2=A0 u8 i;=C2=A0 /* { dg-message "padding after field 'i' is uninitial= ized > \\(3 bytes\\)" } */ > +=C2=A0 u8 i;=C2=A0 /* { dg-message "padding after field 'i' is uninitial= ized > \\(3 bytes\\)" "padding" { target { ! default_packed } } } */ > =C2=A0=C2=A0 u32 j; /* { dg-message "field 'j' is uninitialized \\(4 byte= s\\)" > } */ > =C2=A0}; > =C2=A0 > =C2=A0void test (void __user *dst, u8 a) > =C2=A0{ > =C2=A0=C2=A0 struct st s; /* { dg-message "region created on stack here" > "where" } */ > -=C2=A0 /* { dg-message "capacity: 8 bytes" "capacity" { target *-*-* } .= - > 1 } */ > -=C2=A0 /* { dg-message "suggest forcing zero-initialization by providing > a '.0.' initializer" "fix-it hint" { target *-*-* } .-2 } */=C2=A0=20 > +=C2=A0 /* { dg-message "capacity: 8 bytes" "capacity" { target { ! > default_packed } } .-1 } */ > +=C2=A0 /* { dg-message "capacity: 5 bytes" "capacity" { target > default_packed } .-2 } */ > +=C2=A0 /* { dg-message "suggest forcing zero-initialization by providing > a '.0.' initializer" "fix-it hint" { target *-*-* } .-3 } */ > =C2=A0=C2=A0 s.i =3D a; > =C2=A0=C2=A0 copy_to_user(dst, &s, sizeof (struct st)); /* { dg-warning > "potential exposure of sensitive information by copying uninitialized > data from stack" "warning" } */ > -=C2=A0 /* { dg-message "7 bytes are uninitialized" "note how much" { > target *-*-* } .-1 } */ > +=C2=A0 /* { dg-message "7 bytes are uninitialized" "note how much" { > target { ! default_packed } } .-1 } */ > +=C2=A0 /* { dg-message "4 bytes are uninitialized" "note how much" { > target default_packed } .-2 } */ > =C2=A0}