[BoundsSafety][NFC] Fix remaining bounds safety test failures in next (#9862)

* [BoundsSafety] Fix missing error diagnostic for explicitly casted null pointers

Previously code like this

```
void receive(int* __counted_by(5));

void test(void) {
  receive((int*) NULL);
}
```

would not emit an error diagnostic despite the fact the `test` function
would unconditionally trap.

The problem was that `Expr::isNullPointerConstant` does not look through
explicit casts and so cases where an explicitly NULL pointer constant
was converted to a `__counted_by` or `__sized_by` pointer with a
constant count were not caught.

To fix this `Expr::isNullPointerConstantIgnoreCastsAndOVEs` is used
instead.

rdar://139748843

* [BoundsSafety][NFC] Fix some remaining test failures in next

* Fix BoundsSafety/PCH/count-increment-with-pch.c by adding target triple

* Fix Sema/builtin-counted-by-ref.c

---------

Co-authored-by: Dan Liew <[email protected]>

Author: rapidsna

clang/lib/Sema/SemaExpr.cpp

@@ -7747,7 +7747,7 @@ bool checkDynamicCountSizeForAssignmentWithKnownCount(
 
   const bool IsImplicitInitExpr = isa<ImplicitValueInitExpr>(RHSExpr);
   const bool IsNull =
-      IsImplicitInitExpr || RHSExpr->isNullPointerConstant(
+      IsImplicitInitExpr || RHSExpr->isNullPointerConstantIgnoreCastsAndOVEs(
                                 S.Context, Expr::NPC_ValueDependentIsNotNull);
   const bool IsNonnull = CAT; // Array decays to nonnull pointer.
 

clang/test/BoundsSafety/AST/redundant-attrs.c

@@ -22,4 +22,4 @@ my_c_ptr_nullable_bidi_t __bidi_indexable def_c_nullable_bidi_ptr;
 // CHECK-NEXT: PointerType {{.*}} 'const int *__bidi_indexable'
 // CHECK-NEXT: QualType {{.*}} 'const int' const
 // CHECK-NEXT: BuiltinType {{.*}} 'int'
-// CHECK-NEXT: VarDecl {{.*}} def_c_nullable_bidi_ptr 'my_c_ptr_nullable_bidi_t':'const int *__bidi_indexable'
+// CHECK-NEXT: VarDecl {{.*}} def_c_nullable_bidi_ptr 'const int *__bidi_indexable _Nullable':'const int *__bidi_indexable'

clang/test/BoundsSafety/CodeGen/bounds-safety-introduced-arithmetic-ubsan-checks-O2.c

@@ -66,8 +66,8 @@ void f_outlen(char *__counted_by(*outLen) derOut, unsigned long long *outLen) {
 // UBSAN-NEXT:    [[TMP0:%.*]] = ptrtoint ptr [[TMP_SROA_0_0_COPYLOAD]] to i64, {{!nosanitize ![0-9]+}}
 // UBSAN-NEXT:    [[TMP1:%.*]] = add i64 [[OFFSET]], [[TMP0]], {{!nosanitize ![0-9]+}}
 // UBSAN-NEXT:    [[TMP2:%.*]] = icmp ne ptr [[TMP_SROA_0_0_COPYLOAD]], null, {{!nosanitize ![0-9]+}}
-// UBSAN-NEXT:    [[TMP3:%.*]] = icmp ne i64 [[TMP1]], 0, {{!nosanitize ![0-9]+}}
-// UBSAN-NEXT:    [[TMP4:%.*]] = and i1 [[TMP2]], [[TMP3]], {{!nosanitize ![0-9]+}}
+// UBSAN-NEXT:    [[TMP3:%.*]] = icmp eq i64 [[TMP1]], 0
+// UBSAN-NEXT:    [[TMP4:%.*]] = xor i1 [[TMP2]], [[TMP3]]
 // UBSAN-NEXT:    [[TMP5:%.*]] = icmp uge i64 [[TMP1]], [[TMP0]], {{!nosanitize ![0-9]+}}
 // UBSAN-NEXT:    [[TMP6:%.*]] = and i1 [[TMP5]], [[TMP4]], {{!nosanitize ![0-9]+}}
 // UBSAN-NEXT:    br i1 [[TMP6]], label [[CONT:%.*]], label [[TRAP:%.*]], {{!nosanitize ![0-9]+}}

clang/test/BoundsSafety/PCH/count-increment-with-pch.c

@@ -1,11 +1,11 @@
 // NOTE: Assertions have been autogenerated by utils/update_cc_test_checks.py
 
 // Test without pch.
-// RUN: %clang_cc1 -fbounds-safety -include %s -fsyntax-only -verify %s
+// RUN: %clang_cc1 -fbounds-safety -include %s -triple arm64-apple-ios -fsyntax-only -verify %s
 
 // Test with pch.
-// RUN: %clang_cc1 -fbounds-safety -emit-pch -o %t %s
-// RUN: %clang_cc1 -fbounds-safety -include-pch %t -verify -emit-llvm -O0 %s -o - | FileCheck %s
+// RUN: %clang_cc1 -fbounds-safety -triple arm64-apple-ios -emit-pch -o %t %s
+// RUN: %clang_cc1 -fbounds-safety -triple arm64-apple-ios -include-pch %t -verify -emit-llvm -O0 %s -o - | FileCheck %s
 // expected-no-diagnostics
 #include <ptrcheck.h>
 

clang/test/BoundsSafety/Sema/SystemHeaders/include/static-bound-ptr-init.h

@@ -0,0 +1,3 @@
+#pragma clang system_header
+
+const char *mock_system_func(void);

clang/test/BoundsSafety/Sema/bounds-safety-call-param-warning-regressions.c

@@ -1,9 +1,6 @@
 
 // RUN: %clang_cc1 -fsyntax-only -fbounds-safety -verify %s
-// RUN: %clang_cc1 -fsyntax-only -fbounds-safety -clang-vendor-feature=+disableOVEimplicitConv -verify %s
-
 // RUN: %clang_cc1 -fsyntax-only -verify %s
-// RUN: %clang_cc1 -fsyntax-only -clang-vendor-feature=+disableOVEimplicitConv -verify %s
 
 #include <stdint.h>
 #include <ptrcheck.h>

clang/test/BoundsSafety/Sema/complex-typespecs-with-bounds.c

@@ -53,7 +53,7 @@ typedef typeof(*bar) * my_manual_ptr_t;
 void typedefs_of_typeof() {
     // expected-error@+1{{initializing 'my_t *__single' (aka 'char *__single') with an expression of incompatible type 'char * _Nullable' casts away '__unsafe_indexable' qualifier; use '__unsafe_forge_single' or '__unsafe_forge_bidi_indexable' to perform this conversion}}
     my_t * __single p1 = bar;
-    // expected-error@+1{{initializing 'my_ptr_t __single' (aka 'char *__single') with an expression of incompatible type 'char * _Nullable' casts away '__unsafe_indexable' qualifier; use '__unsafe_forge_single' or '__unsafe_forge_bidi_indexable' to perform this conversion}}
+    // expected-error@+1{{initializing 'char *__single _Nullable' with an expression of incompatible type 'char * _Nullable' casts away '__unsafe_indexable' qualifier; use '__unsafe_forge_single' or '__unsafe_forge_bidi_indexable' to perform this conversion}}
     my_ptr_t __single p2 = bar;
     // expected-error@+1{{initializing 'my_manual_ptr_t __single' (aka 'char *__single') with an expression of incompatible type 'char * _Nullable' casts away '__unsafe_indexable' qualifier; use '__unsafe_forge_single' or '__unsafe_forge_bidi_indexable' to perform this conversion}}
     my_manual_ptr_t __single p3 = bar;

clang/test/BoundsSafety/Sema/late-parsing-do-not-regress-others.c

@@ -14,11 +14,11 @@
 #define UNLOCK_FUNCTION(...)            __attribute__ ((unlock_function(__VA_ARGS__)))
 
 void elf_fun_params(int lvar EXCLUSIVE_LOCK_FUNCTION()); // \
-  // expected-warning {{'exclusive_lock_function' attribute only applies to functions}}
+  // expected-warning {{'exclusive_lock_function' attribute applies to function parameters only if their type is a reference to a 'scoped_lockable'-annotated type}}
 void slf_fun_params(int lvar SHARED_LOCK_FUNCTION()); // \
-  // expected-warning {{'shared_lock_function' attribute only applies to functions}}
+  // expected-warning {{'shared_lock_function' attribute applies to function parameters only if their type is a reference to a 'scoped_lockable'-annotated type}}
 void uf_fun_params(int lvar UNLOCK_FUNCTION()); // \
-  // expected-warning {{'unlock_function' attribute only applies to functions}}
+  // expected-warning {{'unlock_function' attribute applies to function parameters only if their type is a reference to a 'scoped_lockable'-annotated type}}
 
 // regression tests added for rdar://92699615
 typedef bool __attribute__((capability("role"))) role_t;

clang/test/BoundsSafety/Sema/static-bound-ptr-init.c

@@ -1,8 +1,9 @@
 
-// RUN: %clang_cc1 -fsyntax-only -fbounds-safety -verify %s
-// RUN: %clang_cc1 -fsyntax-only -fbounds-safety -x objective-c -fbounds-attributes-objc-experimental -verify %s
+// RUN: %clang_cc1 -fsyntax-only -fbounds-safety -I%S/SystemHeaders/include -verify %s
+// RUN: %clang_cc1 -fsyntax-only -fbounds-safety -I%S/SystemHeaders/include -x objective-c -fbounds-attributes-objc-experimental -verify %s
 
 #include <ptrcheck.h>
+#include <static-bound-ptr-init.h>
 struct T {
     void (*fp)(const struct T *t);
     int i;
@@ -57,10 +58,10 @@ void *__single s_p3 = foo;
 // T -> U: P
 void *__unsafe_indexable ui_p2 = foo;
 
-// Special case: "unspecified" should convert to __unsafe_indexable
-const char *__unsafe_indexable ui_p3 = __builtin_xnu_type_signature(struct T);
-
 void Test () {
+    // Special case: "unspecified" should convert to __unsafe_indexable
+    const char *__unsafe_indexable ui_p3 = mock_system_func();
+
     static int len1;
     // B -> C: R
     // expected-warning@+1{{possibly initializing 'c_p1' of type 'int *__single __counted_by(len1)' (aka 'int *__single') and implicit count value of 0 with non-null, which creates a non-dereferenceable pointer; explicitly set count value to 0 to remove this warning}}

clang/test/Sema/builtin-counted-by-ref.c

@@ -34,6 +34,9 @@ void test2(struct fam_struct *ptr, int idx) {
 void test3(struct fam_struct *ptr, int idx) {
   __builtin_counted_by_ref(&ptr->array[0]);                         // expected-error {{'__builtin_counted_by_ref' argument must reference a flexible array member}}
   __builtin_counted_by_ref(&ptr->array[idx]);                       // expected-error {{'__builtin_counted_by_ref' argument must reference a flexible array member}}
+  // XXX: These are extra diagnostics that -fbounds-safety emits, which the upstream doesn't have yet.
+  // expected-note@+2{{remove '&' to get address as 'int *' instead of 'int (*)[] __counted_by(count)' (aka 'int (*)[]')}}
+  // expected-error@+1{{cannot take address of incomplete __counted_by array}}
   __builtin_counted_by_ref(&ptr->array);                            // expected-error {{'__builtin_counted_by_ref' argument must reference a flexible array member}}
   __builtin_counted_by_ref(ptr->x);                                 // expected-error {{'__builtin_counted_by_ref' argument must reference a flexible array member}}
   __builtin_counted_by_ref(&ptr->x);                                // expected-error {{'__builtin_counted_by_ref' argument must reference a flexible array member}}