[pushed] analyzer: fix ICE on strlen ((char *)&VECTOR_CST) [PR111361]
Checks
Commit Message
Successfully bootstrapped & regrtested on x86_64-pc-linux-gnu.
Successful run of analyzer integration tests on x86_64-pc-linux-gnu.
Pushed to trunk as r14-8257-gd5604febcfb094.
gcc/analyzer/ChangeLog:
PR analyzer/111361
* region-model.cc (svalue_byte_range_has_null_terminator_1): The
initial byte of an all-zeroes SVAL is a zero byte. Remove
gcc_unreachable from SK_CONSTANT for constants that aren't
STRING_CST or INTEGER_CST.
gcc/testsuite/ChangeLog:
PR analyzer/111361
* c-c++-common/analyzer/strlen-pr111361.c: New test.
* c-c++-common/analyzer/strncpy-1.c (test_zero_fill): Remove fixed
xfail.
* c-c++-common/analyzer/strncpy-pr111361.c: New test.
Signed-off-by: David Malcolm <dmalcolm@redhat.com>
---
gcc/analyzer/region-model.cc | 9 ++++++++-
.../c-c++-common/analyzer/strlen-pr111361.c | 18 ++++++++++++++++++
.../c-c++-common/analyzer/strncpy-1.c | 3 +--
.../c-c++-common/analyzer/strncpy-pr111361.c | 8 ++++++++
4 files changed, 35 insertions(+), 3 deletions(-)
create mode 100644 gcc/testsuite/c-c++-common/analyzer/strlen-pr111361.c
create mode 100644 gcc/testsuite/c-c++-common/analyzer/strncpy-pr111361.c
@@ -3605,6 +3605,14 @@ svalue_byte_range_has_null_terminator_1 (const svalue *sval,
byte_offset_t *out_bytes_read,
logger *logger)
{
+ if (bytes.m_start_byte_offset == 0
+ && sval->all_zeroes_p ())
+ {
+ /* The initial byte of an all-zeroes SVAL is a zero byte. */
+ *out_bytes_read = 1;
+ return tristate (true);
+ }
+
switch (sval->get_kind ())
{
case SK_CONSTANT:
@@ -3631,7 +3639,6 @@ svalue_byte_range_has_null_terminator_1 (const svalue *sval,
return tristate::TS_UNKNOWN;
default:
- gcc_unreachable ();
break;
}
}
new file mode 100644
@@ -0,0 +1,18 @@
+#include "analyzer-decls.h"
+
+typedef int __attribute__((__vector_size__ (32))) V;
+
+typedef __SIZE_TYPE__ size_t;
+
+static size_t __attribute__((noinline))
+call_strlen (const char *p)
+{
+ return __builtin_strlen (p);
+}
+
+void
+foo (void *out)
+{
+ V v = (V) { };
+ __analyzer_eval (call_strlen ((const char *)&v) == 0); /* { dg-warning "TRUE" } */
+}
@@ -44,8 +44,7 @@ test_zero_fill (char *dst)
__analyzer_eval (dst[4] == '\0'); /* { dg-warning "TRUE" "correct" { xfail *-*-* } } */
/* { dg-bogus "UNKNOWN" "status quo" { xfail *-*-* } .-1 } */
__analyzer_eval (__analyzer_get_strlen (dst) == 0); /* { dg-warning "TRUE" } */
- __analyzer_eval (__analyzer_get_strlen (dst + 1) == 0); /* { dg-warning "TRUE" "correct" { xfail *-*-* } } */
- /* { dg-bogus "UNKNOWN" "status quo" { xfail *-*-* } .-1 } */
+ __analyzer_eval (__analyzer_get_strlen (dst + 1) == 0); /* { dg-warning "TRUE" } */
}
char *test_unterminated_concrete_a (char *dst)
new file mode 100644
@@ -0,0 +1,8 @@
+typedef int __attribute__((__vector_size__ (32))) V;
+
+void
+foo (char *out)
+{
+ V v = (V) { };
+ __builtin_strncpy (out, (char *)&v, 5);
+}