diff options
author | David Malcolm <dmalcolm@redhat.com> | 2024-03-23 09:52:38 -0400 |
---|---|---|
committer | David Malcolm <dmalcolm@redhat.com> | 2024-03-23 09:52:38 -0400 |
commit | 80a0cb37456c49dbc25cca7cd554f78bc504373e (patch) | |
tree | 94d28adaad6f7ece21869683d69e407b56cfacc9 /gcc | |
parent | 2e4b3374cb7af10e188bb5100526ad3150b9b272 (diff) | |
download | gcc-80a0cb37456c49dbc25cca7cd554f78bc504373e.zip gcc-80a0cb37456c49dbc25cca7cd554f78bc504373e.tar.gz gcc-80a0cb37456c49dbc25cca7cd554f78bc504373e.tar.bz2 |
analyzer: fix ICE and false positive with -Wanalyzer-deref-before-check [PR114408]
gcc/analyzer/ChangeLog:
PR analyzer/114408
* engine.cc (impl_run_checkers): Free up any dominance info that
we may have created.
* kf.cc (class kf_ubsan_handler): New.
(register_sanitizer_builtins): New.
(register_known_functions): Call register_sanitizer_builtins.
gcc/testsuite/ChangeLog:
PR analyzer/114408
* c-c++-common/analyzer/deref-before-check-pr114408.c: New test.
* c-c++-common/ubsan/analyzer-ice-pr114408.c: New test.
Signed-off-by: David Malcolm <dmalcolm@redhat.com>
Diffstat (limited to 'gcc')
-rw-r--r-- | gcc/analyzer/engine.cc | 7 | ||||
-rw-r--r-- | gcc/analyzer/kf.cc | 22 | ||||
-rw-r--r-- | gcc/testsuite/c-c++-common/analyzer/deref-before-check-pr114408.c | 22 | ||||
-rw-r--r-- | gcc/testsuite/c-c++-common/ubsan/analyzer-ice-pr114408.c | 9 |
4 files changed, 60 insertions, 0 deletions
diff --git a/gcc/analyzer/engine.cc b/gcc/analyzer/engine.cc index ad310b4..e0dc0e6 100644 --- a/gcc/analyzer/engine.cc +++ b/gcc/analyzer/engine.cc @@ -6251,6 +6251,13 @@ impl_run_checkers (logger *logger) eng.get_model_manager ()->dump_untracked_regions (); delete purge_map; + + /* Free up any dominance info that we may have created. */ + FOR_EACH_FUNCTION_WITH_GIMPLE_BODY (node) + { + function *fun = node->get_fun (); + free_dominance_info (fun, CDI_DOMINATORS); + } } /* Handle -fdump-analyzer and -fdump-analyzer-stderr. */ diff --git a/gcc/analyzer/kf.cc b/gcc/analyzer/kf.cc index d197ccb..6931f07 100644 --- a/gcc/analyzer/kf.cc +++ b/gcc/analyzer/kf.cc @@ -2198,6 +2198,27 @@ register_atomic_builtins (known_function_manager &kfm) make_unique<kf_atomic_fetch_op> (BIT_IOR_EXPR)); } +/* Handle calls to the various __builtin___ubsan_handle_*. + These can return, but continuing after such a return + isn't likely to be interesting to the user of the analyzer. + Hence we terminate the analysis path at one of these calls. */ + +class kf_ubsan_handler : public internal_known_function +{ + void impl_call_post (const call_details &cd) const final override + { + if (cd.get_ctxt ()) + cd.get_ctxt ()->terminate_path (); + } +}; + +static void +register_sanitizer_builtins (known_function_manager &kfm) +{ + kfm.add (BUILT_IN_UBSAN_HANDLE_NONNULL_ARG, + make_unique<kf_ubsan_handler> ()); +} + /* Populate KFM with instances of known functions supported by the core of the analyzer (as opposed to plugins). */ @@ -2224,6 +2245,7 @@ register_known_functions (known_function_manager &kfm, kfm.add (BUILT_IN_STACK_SAVE, make_unique<kf_stack_save> ()); register_atomic_builtins (kfm); + register_sanitizer_builtins (kfm); register_varargs_builtins (kfm); } diff --git a/gcc/testsuite/c-c++-common/analyzer/deref-before-check-pr114408.c b/gcc/testsuite/c-c++-common/analyzer/deref-before-check-pr114408.c new file mode 100644 index 0000000..d557202 --- /dev/null +++ b/gcc/testsuite/c-c++-common/analyzer/deref-before-check-pr114408.c @@ -0,0 +1,22 @@ +extern void unknown_returns (const char *p); +extern void unknown_noreturn (const char *p) __attribute__((__noreturn__)); + +void test_1 (const char *p) +{ + if (p) + unknown_returns (p); + __builtin_strcmp ("a", p); /* { dg-message "pointer 'p' is dereferenced here" "" { target c } } */ + if (p) /* { dg-warning "check of 'p' for NULL after already dereferencing it" "" { target c } } */ + unknown_returns (p); + __builtin_strcmp ("a", p); +} + +void test_2 (const char *p) +{ + if (p) + unknown_noreturn (p); + __builtin_strcmp ("a", p); + if (p) /* { dg-bogus "check of 'p' for NULL after already dereferencing it" } */ + unknown_noreturn (p); + __builtin_strcmp ("a", p); +} diff --git a/gcc/testsuite/c-c++-common/ubsan/analyzer-ice-pr114408.c b/gcc/testsuite/c-c++-common/ubsan/analyzer-ice-pr114408.c new file mode 100644 index 0000000..55f91872 --- /dev/null +++ b/gcc/testsuite/c-c++-common/ubsan/analyzer-ice-pr114408.c @@ -0,0 +1,9 @@ +/* { dg-do run } */ +/* { dg-require-effective-target analyzer } */ +/* { dg-options "-fanalyzer -fsanitize=undefined" } */ + +int main(){} + +int HMAP_unset_copy(const char *key) { + return __builtin_strcmp("a", key) + __builtin_strcmp("a", key); +} |