[committed] analyzer: fix reproducer for PR 93375

Message ID 20200207004107.19351-1-dmalcolm@redhat.com
State New
Headers show
  • [committed] analyzer: fix reproducer for PR 93375
Related show

Commit Message

David Malcolm Feb. 7, 2020, 12:41 a.m.
Reproducing the ICE in PR analyzer/93375 required some kind of
analyzer diagnostic occurring after a call with fewer arguments
than required by the callee.

The testcase used __builtin_memcpy with a NULL argument for this.

On x86_64-pc-linux-gnu this happened to be already optimized into:
  _4 = MEM <unsigned int> [(char * {ref-all})0B];
  MEM <unsigned int> [(char * {ref-all})rl_1] = _4;
by the time of the analyzer pass, leading to the diagnostic in question
  warning: dereference of NULL ‘rl’ [CWE-690] [-Wanalyzer-null-dereference]

On other targets e.g. arm-unknown-linux-gnueabi, the builtin isn't
optimized at the time of the analyzer pass, leading to this diagnostic
  warning: use of NULL ‘rl’ where non-null expected [CWE-690] [-Wanalyzer-null-argument]
  <built-in>: note: argument 1 of ‘__builtin_memcpy’ must be non-null

This patch fixes the test case by using a custom function marked as
nonnull.  I manually verified that it still reproduces the ICE if the
patch for the PR is reverted, and verified the messages on
x86_64-pc-linux-gnu and arm-unknown-linux-gnueabi.

Successfully regrtested on x86_64-pc-linux-gnu.
Pushed to master as r10-6496-g13f5b93e6453d121abc15c718dfcc588aca976c3.

	PR analyzer/93375
	* gcc.dg/analyzer/pr93375.c: Rework test case to avoid per-target
	differences in how __builtin_memcpy has been optimized at the time
	the analyzer runs.
 gcc/testsuite/gcc.dg/analyzer/pr93375.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)



diff --git a/gcc/testsuite/gcc.dg/analyzer/pr93375.c b/gcc/testsuite/gcc.dg/analyzer/pr93375.c
index 93a3e87f2cb..f6108547fb7 100644
--- a/gcc/testsuite/gcc.dg/analyzer/pr93375.c
+++ b/gcc/testsuite/gcc.dg/analyzer/pr93375.c
@@ -1,5 +1,7 @@ 
 /* { dg-additional-options "-Wno-implicit-int" } */
+extern void foo (void *) __attribute__((nonnull));
 en (jm)
@@ -11,5 +13,5 @@  p2 ()
   char *rl = 0;
   en ();
-  __builtin_memcpy (rl, 0, sizeof (0)); /* { dg-warning "dereference of NULL" } */
+  foo (rl); /* { dg-warning "use of NULL 'rl' where non-null expected" } */