MatCat.OpenSource/8sa1-gcc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
e4bb1bd60a
8sa1-gcc/gcc/testsuite/gcc.dg/analyzer/data-model-10.c
David Malcolm e4bb1bd60a analyzer: avoid printing '<unknown>' for SSA names [PR99771] 
We don't want to print '<unknown>' in our diagnostics, but
PR analyzer/99771 lists various cases where -fanalyzer does, due to
using the SSA_NAME for a temporary when determining the best tree to
use.

This can happen in two ways:

(a) ...when a better expression than the SSA_NAME could be built, but
finding it requires traversing the relationships in the region_model
in a graph-like way, rather than by considering individual svalues and
regions.

(b) ...when the only remaining user of the underlying svalue is the
SSA_NAME, typically due to the diagnostic referring to a temporary.

I've been experimenting with fixing (a), but don't have a good fix yet.
In the meantime, this patch addresses (b) by detecting if we have
the SSA_NAME for a temporary, and, for the cases where it's possible,
reconstructing a tree by walking the def-stmts.  This fixes various
cases of (b) and ameliorates some cases of (a).

gcc/analyzer/ChangeLog:
	PR analyzer/99771
	* analyzer.cc (maybe_reconstruct_from_def_stmt): New.
	(fixup_tree_for_diagnostic_1): New.
	(fixup_tree_for_diagnostic): New.
	* analyzer.h (fixup_tree_for_diagnostic): New decl.
	* checker-path.cc (call_event::get_desc): Call
	fixup_tree_for_diagnostic and use it for the call_with_state call.
	(warning_event::get_desc): Likewise for the final_event and
	make_label_text calls.
	* engine.cc (impl_region_model_context::on_state_leak): Likewise
	for the on_leak and add_diagnostic calls.
	* region-model.cc (region_model::get_representative_tree):
	Likewise for the result.

gcc/testsuite/ChangeLog:
	PR analyzer/99771
	* gcc.dg/analyzer/data-model-10.c: Update expected output.
	* gcc.dg/analyzer/malloc-ipa-13.c: Likewise.
	* gcc.dg/analyzer/malloc-ipa-13a.c: New test.
	* gcc.dg/analyzer/pr99771-1.c: New test.
2021-03-31 19:16:48 -04:00

19 lines
456 B
C
Raw Blame History

#include <stdlib.h>
struct foo
{
char **m_f;
};
struct foo *
test (void)
{
struct foo *new_table = (struct foo *) malloc(sizeof(struct foo));
if (!new_table)
return NULL;
new_table->m_f = (char **)malloc(sizeof(char **));
*new_table->m_f = NULL; /* { dg-warning "dereference of possibly-NULL '\\*new_table.m_f'" } */
/* { dg-message "'\\*new_table.m_f' could be NULL" "final event wording" { target *-*-* } .-1 } */
return new_table;
}
Reference in New Issue View Git Blame Copy Permalink