[committed] analyzer: fix ICE on writes to errno [PR107777]

Message ID 20221122001421.3254582-1-dmalcolm@redhat.com
State New
Headers
Series [committed] analyzer: fix ICE on writes to errno [PR107777] |

Commit Message

David Malcolm Nov. 22, 2022, 12:14 a.m. UTC
  Successfully bootstrapped & regrtested on x86_64-pc-linux-gnu.
Pushed to trunk as r13-4219-g358dab90186b30.

gcc/analyzer/ChangeLog:
	PR analyzer/107777
	* call-summary.cc
	(call_summary_replay::convert_region_from_summary_1): Handle
	RK_THREAD_LOCAL and RK_ERRNO in switch.
	* region-model.cc (region_model::get_representative_path_var_1):
	Likewise.

gcc/testsuite/ChangeLog:
	PR analyzer/107777
	* gcc.dg/analyzer/call-summaries-errno.c: New test.
	* gcc.dg/analyzer/errno-pr107777.c: New test.

Signed-off-by: David Malcolm <dmalcolm@redhat.com>
---
 gcc/analyzer/call-summary.cc                  |  2 ++
 gcc/analyzer/region-model.cc                  |  2 ++
 .../gcc.dg/analyzer/call-summaries-errno.c    | 17 ++++++++++++++++
 .../gcc.dg/analyzer/errno-pr107777.c          | 20 +++++++++++++++++++
 4 files changed, 41 insertions(+)
 create mode 100644 gcc/testsuite/gcc.dg/analyzer/call-summaries-errno.c
 create mode 100644 gcc/testsuite/gcc.dg/analyzer/errno-pr107777.c
  

Patch

diff --git a/gcc/analyzer/call-summary.cc b/gcc/analyzer/call-summary.cc
index ebc7b5028ec..4c4694b5381 100644
--- a/gcc/analyzer/call-summary.cc
+++ b/gcc/analyzer/call-summary.cc
@@ -575,6 +575,7 @@  call_summary_replay::convert_region_from_summary_1 (const region *summary_reg)
     case RK_CODE:
     case RK_STACK:
     case RK_HEAP:
+    case RK_THREAD_LOCAL:
     case RK_ROOT:
       /* These should never be pointed to by a region_svalue.  */
       gcc_unreachable ();
@@ -582,6 +583,7 @@  call_summary_replay::convert_region_from_summary_1 (const region *summary_reg)
     case RK_FUNCTION:
     case RK_LABEL:
     case RK_STRING:
+    case RK_ERRNO:
     case RK_UNKNOWN:
       /* We can reuse these regions directly.  */
       return summary_reg;
diff --git a/gcc/analyzer/region-model.cc b/gcc/analyzer/region-model.cc
index 81f58a59f4f..1d5b09a6805 100644
--- a/gcc/analyzer/region-model.cc
+++ b/gcc/analyzer/region-model.cc
@@ -4754,6 +4754,7 @@  region_model::get_representative_path_var_1 (const region *reg,
     case RK_CODE:
     case RK_HEAP:
     case RK_STACK:
+    case RK_THREAD_LOCAL:
     case RK_ROOT:
        /* Regions that represent memory spaces are not expressible as trees.  */
       return path_var (NULL_TREE, 0);
@@ -4873,6 +4874,7 @@  region_model::get_representative_path_var_1 (const region *reg,
       }
 
     case RK_VAR_ARG:
+    case RK_ERRNO:
     case RK_UNKNOWN:
       return path_var (NULL_TREE, 0);
     }
diff --git a/gcc/testsuite/gcc.dg/analyzer/call-summaries-errno.c b/gcc/testsuite/gcc.dg/analyzer/call-summaries-errno.c
new file mode 100644
index 00000000000..e4333b30bb7
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/analyzer/call-summaries-errno.c
@@ -0,0 +1,17 @@ 
+/* { dg-additional-options "-fanalyzer-call-summaries" } */
+
+#include <errno.h>
+#include "analyzer-decls.h"
+
+void sets_errno (int x)
+{
+  errno = x;
+}
+
+void test_sets_errno (int y)
+{
+  sets_errno (y);
+  sets_errno (y);
+
+  __analyzer_eval (errno == y); /* { dg-warning "TRUE" } */  
+}
diff --git a/gcc/testsuite/gcc.dg/analyzer/errno-pr107777.c b/gcc/testsuite/gcc.dg/analyzer/errno-pr107777.c
new file mode 100644
index 00000000000..65687393657
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/analyzer/errno-pr107777.c
@@ -0,0 +1,20 @@ 
+int *
+__errno_location (void);
+
+long int
+read (int, void *, unsigned long int);
+
+struct IOBUF {
+  int fd;
+};
+
+void
+do_getline_end_data (struct IOBUF *iop, int tree)
+{
+  char end_data;
+
+  if (tree)
+    *__errno_location () = 0;
+
+  read (iop->fd, &end_data, sizeof end_data);
+}