diff options
| author | David Malcolm <dmalcolm@redhat.com> | 2021-07-28 14:47:54 -0400 |
|---|---|---|
| committer | David Malcolm <dmalcolm@redhat.com> | 2021-07-28 14:47:54 -0400 |
| commit | 37eb3ef48c9840475646528751b5f8ffb7eb34ce (patch) | |
| tree | 214065a8dd069d3f24e7ed4d1a2e183c07f52d9a /gcc | |
| parent | b5081130166a4f2e363f116e0e6b43d83422c947 (diff) | |
| download | gcc-37eb3ef48c9840475646528751b5f8ffb7eb34ce.zip gcc-37eb3ef48c9840475646528751b5f8ffb7eb34ce.tar.gz gcc-37eb3ef48c9840475646528751b5f8ffb7eb34ce.tar.bz2 | |
analyzer: play better with -fsanitize=bounds
gcc/analyzer/ChangeLog:
* region-model.cc (region_model::on_call_pre): Treat
IFN_UBSAN_BOUNDS, BUILT_IN_STACK_SAVE, and BUILT_IN_STACK_RESTORE
as no-ops, rather than handling them as unknown functions.
gcc/testsuite/ChangeLog:
* gcc.dg/analyzer/torture/ubsan-1.c: New test.
Signed-off-by: David Malcolm <dmalcolm@redhat.com>
Diffstat (limited to 'gcc')
| -rw-r--r-- | gcc/analyzer/region-model.cc | 6 | ||||
| -rw-r--r-- | gcc/testsuite/gcc.dg/analyzer/torture/ubsan-1.c | 60 |
2 files changed, 66 insertions, 0 deletions
diff --git a/gcc/analyzer/region-model.cc b/gcc/analyzer/region-model.cc index 92fa917..1bc411b 100644 --- a/gcc/analyzer/region-model.cc +++ b/gcc/analyzer/region-model.cc @@ -1082,6 +1082,8 @@ region_model::on_call_pre (const gcall *call, region_model_context *ctxt, case IFN_BUILTIN_EXPECT: impl_call_builtin_expect (cd); return false; + case IFN_UBSAN_BOUNDS: + return false; } } @@ -1137,6 +1139,10 @@ region_model::on_call_pre (const gcall *call, region_model_context *ctxt, impl_call_strlen (cd); return false; + case BUILT_IN_STACK_SAVE: + case BUILT_IN_STACK_RESTORE: + return false; + /* Stdio builtins. */ case BUILT_IN_FPRINTF: case BUILT_IN_FPRINTF_UNLOCKED: diff --git a/gcc/testsuite/gcc.dg/analyzer/torture/ubsan-1.c b/gcc/testsuite/gcc.dg/analyzer/torture/ubsan-1.c new file mode 100644 index 0000000..b9f34f1 --- /dev/null +++ b/gcc/testsuite/gcc.dg/analyzer/torture/ubsan-1.c @@ -0,0 +1,60 @@ +/* { dg-skip-if "" { *-*-* } { "-fno-fat-lto-objects" } { "" } } */ +/* { dg-additional-options "-fsanitize=bounds" } */ + +#include <stdlib.h> +#include "../analyzer-decls.h" + +int test_1 (int *arr, int i, int n) +{ + if (i >= n) + return 0; + return arr[i]; +} + +int test_2 (int *arr, int i, int n) +{ + if (i >= n) + return 0; + if (arr[i]) + __analyzer_eval (arr[i]); /* { dg-warning "TRUE" } */ + else + __analyzer_eval (arr[i]); /* { dg-warning "FALSE" } */ +} + +int test_3 (int arr[], int i, int n) +{ + if (i >= n) + return 0; + if (arr[i]) + __analyzer_eval (arr[i]); /* { dg-warning "TRUE" } */ + else + __analyzer_eval (arr[i]); /* { dg-warning "FALSE" } */ +} + +void test_4 (int i, int n) +{ + int arr[n]; + arr[i] = 42; + __analyzer_eval (arr[i] == 42); /* { dg-warning "TRUE" } */ +} + +void test_5 (int i, int n) +{ + int *arr = malloc (sizeof(int) * n); + if (arr) + { + arr[i] = 42; + __analyzer_eval (arr[i] == 42); /* { dg-warning "TRUE" } */ + } + free (arr); +} + +int global; + +void test_6 (int i, int n) +{ + int arr[n]; + int saved = global; + arr[i] = 42; + __analyzer_eval (saved == global); /* { dg-warning "TRUE" } */ +} |