diff options
| author | David Malcolm <dmalcolm@redhat.com> | 2020-02-10 10:01:46 -0500 |
|---|---|---|
| committer | David Malcolm <dmalcolm@redhat.com> | 2020-02-10 17:56:45 -0500 |
| commit | e953f9588d4a7ea4183d14914f915329cc37941f (patch) | |
| tree | 7f0dee21c8dc9de1a24fa2abfe7ccf77099adcc3 /gcc | |
| parent | f57aa9503ff170ff6c8549718bd736f6c8168bab (diff) | |
| download | gcc-e953f9588d4a7ea4183d14914f915329cc37941f.zip gcc-e953f9588d4a7ea4183d14914f915329cc37941f.tar.gz gcc-e953f9588d4a7ea4183d14914f915329cc37941f.tar.bz2 | |
analyzer: fix ICE reporting NULL dereference (PR 93647)
gcc/analyzer/ChangeLog:
PR analyzer/93647
* diagnostic-manager.cc
(diagnostic_manager::prune_for_sm_diagnostic): Bulletproof against
VAR being constant.
* region-model.cc (region_model::get_lvalue_1): Provide a better
error message when encountering an unhandled tree code.
gcc/testsuite/ChangeLog:
PR analyzer/93647
* gcc.dg/analyzer/torture/pr93647.c: New test.
Diffstat (limited to 'gcc')
| -rw-r--r-- | gcc/analyzer/ChangeLog | 9 | ||||
| -rw-r--r-- | gcc/analyzer/diagnostic-manager.cc | 6 | ||||
| -rw-r--r-- | gcc/analyzer/region-model.cc | 2 | ||||
| -rw-r--r-- | gcc/testsuite/ChangeLog | 5 | ||||
| -rw-r--r-- | gcc/testsuite/gcc.dg/analyzer/torture/pr93647.c | 14 |
5 files changed, 36 insertions, 0 deletions
diff --git a/gcc/analyzer/ChangeLog b/gcc/analyzer/ChangeLog index e24976b..0960a49 100644 --- a/gcc/analyzer/ChangeLog +++ b/gcc/analyzer/ChangeLog @@ -1,5 +1,14 @@ 2020-02-10 David Malcolm <dmalcolm@redhat.com> + PR analyzer/93647 + * diagnostic-manager.cc + (diagnostic_manager::prune_for_sm_diagnostic): Bulletproof against + VAR being constant. + * region-model.cc (region_model::get_lvalue_1): Provide a better + error message when encountering an unhandled tree code. + +2020-02-10 David Malcolm <dmalcolm@redhat.com> + PR analyzer/93405 * region-model.cc (region_model::get_lvalue_1): Implement CONST_DECL. diff --git a/gcc/analyzer/diagnostic-manager.cc b/gcc/analyzer/diagnostic-manager.cc index 1a82d5f..5801525 100644 --- a/gcc/analyzer/diagnostic-manager.cc +++ b/gcc/analyzer/diagnostic-manager.cc @@ -965,6 +965,12 @@ diagnostic_manager::prune_for_sm_diagnostic (checker_path *path, tree var, state_machine::state_t state) const { + /* If we have a constant (such as NULL), assume its state is also + constant, so as not to attempt to get its lvalue whilst tracking the + origin of the state. */ + if (var && CONSTANT_CLASS_P (var)) + var = NULL_TREE; + int idx = path->num_events () - 1; while (idx >= 0 && idx < (signed)path->num_events ()) { diff --git a/gcc/analyzer/region-model.cc b/gcc/analyzer/region-model.cc index 86a5b42..a88a85d 100644 --- a/gcc/analyzer/region-model.cc +++ b/gcc/analyzer/region-model.cc @@ -4614,6 +4614,8 @@ region_model::get_lvalue_1 (path_var pv, region_model_context *ctxt) switch (TREE_CODE (expr)) { default: + internal_error ("unhandled tree code in region_model::get_lvalue_1: %qs", + get_tree_code_name (TREE_CODE (expr))); gcc_unreachable (); case ARRAY_REF: diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog index d6d0112..bb7ecda 100644 --- a/gcc/testsuite/ChangeLog +++ b/gcc/testsuite/ChangeLog @@ -1,3 +1,8 @@ +2020-02-10 David Malcolm <dmalcolm@redhat.com> + + PR analyzer/93647 + * gcc.dg/analyzer/torture/pr93647.c: New test. + 2020-02-10 Jakub Jelinek <jakub@redhat.com> PR target/93637 diff --git a/gcc/testsuite/gcc.dg/analyzer/torture/pr93647.c b/gcc/testsuite/gcc.dg/analyzer/torture/pr93647.c new file mode 100644 index 0000000..fbfe570 --- /dev/null +++ b/gcc/testsuite/gcc.dg/analyzer/torture/pr93647.c @@ -0,0 +1,14 @@ +/* { dg-skip-if "" { *-*-* } { "-fno-fat-lto-objects" } { "" } } */ + +int *tz; + +void +ky (int); + +void +wd (void) +{ + tz = 0; + ky (*tz); /* { dg-warning "dereference of NULL" } */ +} + |