[Bug analyzer/108867] New: RFE: analyzer could suppress false positives by detecting functions that are likely missing __attribute__((noreturn))

[Bug analyzer/108867] New: RFE: analyzer could suppress false positives by detecting functions that are likely missing __attribute__((noreturn))

[dmalcolm at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108867

            Bug ID: 108867
           Summary: RFE: analyzer could suppress false positives by
                    detecting functions that are likely missing
                    __attribute__((noreturn))
           Product: gcc
           Version: 13.0
            Status: UNCONFIRMED
          Severity: normal
          Priority: P3
         Component: analyzer
          Assignee: dmalcolm at gcc dot gnu.org
          Reporter: dmalcolm at gcc dot gnu.org
  Target Milestone: ---

Created attachment 54498
  --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=54498&action=edit
Reproducer

The attached (from Doom) has 31 false positives from
-Wanalyzer-use-of-uninitialized-value, and a -Wanalyzer-null-dereference
diagnostic:
  https://godbolt.org/z/h4qadxfK9

I think all of the uninit warnings follow calls to I_Error, which is defined in
a different TU (i_system.c), and calls exit(-1).

If I manually add __attribute__((noreturn)) to I_Error, then all of the
-Wanalyzer-use-of-uninitialized-value go away:
  https://godbolt.org/z/Gb7P5hK11
leaving just the -Wanalyzer-null-dereference diagnostic.

RFE: try to detect likely candidates for __attribute__((noreturn)), and use
them to suppress such warnings (with a note informing the user when it's done,
and a fix-it hint).

That said, I think many of the uninit false +ves are follow-on warnings, where
we should only warn about the first use of an uninit value in an execution
path, and not on subsequent ones.

[Bug analyzer/108867] RFE: analyzer could suppress false positives by detecting functions that are likely missing __attribute__((noreturn))

[egallager at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108867

Eric Gallager <egallager at gcc dot gnu.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |egallager at gcc dot gnu.org
           Keywords|                            |diagnostic

--- Comment #1 from Eric Gallager <egallager at gcc dot gnu.org> ---
Note that GCC already has -Wmissing-noreturn/-Wsuggest-attribute=noreturn as a
regular warning flag; I'm guessing the analyzer would help provide improved
accuracy with better analysis info, though?

[Bug analyzer/108867] RFE: analyzer could suppress false positives by detecting functions that are likely missing __attribute__((noreturn))

[dmalcolm at gcc dot gnu.org]

https://gcc.gnu.org/bugzilla/show_bug.cgi?id=108867

--- Comment #2 from David Malcolm <dmalcolm at gcc dot gnu.org> ---
Yeah, IIRC -Wmissing-noreturn/-Wsuggest-attribute=noreturn work on a function
that we have the implementation of, whereas I'm interested in handling the case
where we *don't* have the source.

If code paths after such a function tend to show UB based on something that was
checked in a condition guarding the call to such a function and doesn't happen
on the other path, then maybe such a function isn't meant to return.  Perhaps
if the function name contains the string "error", "fail" or "assert" with some
capitalization also???  (ugly, I know)