From patchwork Wed Jan 26 14:53:18 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Malcolm X-Patchwork-Id: 50454 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 465043864838 for ; Wed, 26 Jan 2022 14:53:56 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 465043864838 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1643208836; bh=SwfUvY8P0qCCuDcPUrXRqB+MmoNZicBqsM0xQlKIDI8=; h=To:Subject:Date:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:From; b=sgBfyQlQYB0Jc1qWI0ygHREoyIZaZTeumUe0XkCasdq2RQcWh8CGrC7P8yixJo0cf 3JcjjiluLFjRz0MchgB2Ca4Hwzh856KjnKXKsT6ioEBIEgd7ttQxq0XfS6a6Q23X86 7c7H9wwHu4H63IGVg+j9qy21ounc+3twfA/NNUPQ= X-Original-To: gcc-patches@gcc.gnu.org Delivered-To: gcc-patches@gcc.gnu.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id A811B3858411 for ; Wed, 26 Jan 2022 14:53:26 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org A811B3858411 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-241-bqPwE3AOOVupV399QDEWeA-1; Wed, 26 Jan 2022 09:53:24 -0500 X-MC-Unique: bqPwE3AOOVupV399QDEWeA-1 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 79BD2185302B for ; Wed, 26 Jan 2022 14:53:23 +0000 (UTC) Received: from t14s.localdomain.com (unknown [10.2.17.161]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2D2B27CAF8; Wed, 26 Jan 2022 14:53:23 +0000 (UTC) To: gcc-patches@gcc.gnu.org Subject: [committed] analyzer: fix missing uninit warning on args to stdio builtins [PR104224] Date: Wed, 26 Jan 2022 09:53:18 -0500 Message-Id: <20220126145318.2906900-1-dmalcolm@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-13.0 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.4 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: David Malcolm via Gcc-patches From: David Malcolm Reply-To: David Malcolm Errors-To: gcc-patches-bounces+patchwork=sourceware.org@gcc.gnu.org Sender: "Gcc-patches" We were failing to check for uninitialized arguments to stdio builtins, such as when passing local "go" to the call to "printf" in "main" in the testcase. Successfully bootstrapped & regrtested on x86_64-pc-linux-gnu. Pushed to trunk as r12-6876-g9ff3e2368d86c1bf7d1e8876a14e58c0d6617ffe. gcc/analyzer/ChangeLog: PR analyzer/104224 * region-model.cc (region_model::check_call_args): New. (region_model::on_call_pre): Call it when ignoring stdio builtins. * region-model.h (region_model::check_call_args): New decl gcc/testsuite/ChangeLog: PR analyzer/104224 * gcc.dg/analyzer/pr104224.c: New test. Signed-off-by: David Malcolm --- gcc/analyzer/region-model.cc | 11 +++ gcc/analyzer/region-model.h | 2 + gcc/testsuite/gcc.dg/analyzer/pr104224.c | 106 +++++++++++++++++++++++ 3 files changed, 119 insertions(+) create mode 100644 gcc/testsuite/gcc.dg/analyzer/pr104224.c diff --git a/gcc/analyzer/region-model.cc b/gcc/analyzer/region-model.cc index f6b7f986a39..a559bc84eb0 100644 --- a/gcc/analyzer/region-model.cc +++ b/gcc/analyzer/region-model.cc @@ -1044,6 +1044,16 @@ region_model::on_stmt_pre (const gimple *stmt, } } +/* Ensure that all arguments at the call described by CD are checked + for poisoned values, by calling get_rvalue on each argument. */ + +void +region_model::check_call_args (const call_details &cd) const +{ + for (unsigned arg_idx = 0; arg_idx < cd.num_args (); arg_idx++) + cd.get_arg_svalue (arg_idx); +} + /* Update this model for the CALL stmt, using CTXT to report any diagnostics - the first half. @@ -1173,6 +1183,7 @@ region_model::on_call_pre (const gcall *call, region_model_context *ctxt, /* These stdio builtins have external effects that are out of scope for the analyzer: we only want to model the effects on the return value. */ + check_call_args (cd); break; } else if (is_named_call_p (callee_fndecl, "malloc", call, 1)) diff --git a/gcc/analyzer/region-model.h b/gcc/analyzer/region-model.h index c78efe8f215..40958842bce 100644 --- a/gcc/analyzer/region-model.h +++ b/gcc/analyzer/region-model.h @@ -832,6 +832,8 @@ class region_model void check_region_for_read (const region *src_reg, region_model_context *ctxt) const; + void check_call_args (const call_details &cd) const; + /* Storing this here to avoid passing it around everywhere. */ region_model_manager *const m_mgr; diff --git a/gcc/testsuite/gcc.dg/analyzer/pr104224.c b/gcc/testsuite/gcc.dg/analyzer/pr104224.c new file mode 100644 index 00000000000..8f69d72befa --- /dev/null +++ b/gcc/testsuite/gcc.dg/analyzer/pr104224.c @@ -0,0 +1,106 @@ +#include + +struct test { + int one; + int two; +}; + +void func2(const struct test *t) +{ + if (t->one == 0) + printf("init func2\n"); + + if (t->two == 0) /* { dg-warning "uninitialized" } */ + printf("uninit func2\n"); +} + +void func1(struct test *t) +{ + t->one = 1; + func2(t); +} + +int func3(int num) +{ + if (num) + return num; + else + return 0; +} + +void func4(int *a, int max) +{ + int i; + // skip the first + for (i=1; i