public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
* [Bug analyzer/109239] New: -Wanalyzer-deref-before-check seen on Linux kernel due to inlining with -fno-delete-null-pointer-checks @ 2023-03-21 19:14 dmalcolm at gcc dot gnu.org 2023-03-22 12:42 ` [Bug analyzer/109239] " cvs-commit at gcc dot gnu.org 2023-03-22 12:48 ` dmalcolm at gcc dot gnu.org 0 siblings, 2 replies; 3+ messages in thread From: dmalcolm at gcc dot gnu.org @ 2023-03-21 19:14 UTC (permalink / raw) To: gcc-bugs https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109239 Bug ID: 109239 Summary: -Wanalyzer-deref-before-check seen on Linux kernel due to inlining with -fno-delete-null-pointer-checks Product: gcc Version: 13.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: analyzer Assignee: dmalcolm at gcc dot gnu.org Reporter: dmalcolm at gcc dot gnu.org Target Milestone: --- Created attachment 54724 --> https://gcc.gnu.org/bugzilla/attachment.cgi?id=54724&action=edit Reproducer I'm seeing various -Wanalyzer-deref-before-check false positives on the Linux kernel; hopefully the attached is a representative reproducer for all of them. When compiled with: -fanalyzer -fno-delete-null-pointer-checks -O2 trunk falsely complains: In function 'bus_get', inlined from 'bus_remove_file' at <source>:122:7, inlined from 'remove_probe_files' at <source>:139:3, inlined from 'bus_unregister' at <source>:150:3: <source>:105:6: warning: check of 'bus' for NULL after already dereferencing it [-Wanalyzer-deref-before-check] 105 | if (bus) { | ^ 'bus_unregister': events 1-2 | | 147 | if (bus->dev_root) | | ~~~^~~~~~~~~~ | | | | | (1) pointer 'bus' is dereferenced here |...... | 150 | remove_probe_files(bus); | | ~ | | | | | (2) inlined call to 'remove_probe_files' from 'bus_unregister' | +--> 'remove_probe_files': event 3 | | 139 | bus_remove_file(bus, &bus_attr_drivers_autoprobe); | | ^ | | | | | (3) inlined call to 'bus_remove_file' from 'remove_probe_files' | +--> 'bus_remove_file': event 4 | | 122 | if (bus_get(bus)) { | | ^ | | | | | (4) inlined call to 'bus_get' from 'bus_remove_file' | +--> 'bus_get': event 5 | | 105 | if (bus) { | | ^ | | | | | (5) pointer 'bus' is checked for NULL here but it was already dereferenced at (1) | Compiler returned: 0 Trunk: https://godbolt.org/z/ErKf6fz86 ^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug analyzer/109239] -Wanalyzer-deref-before-check seen on Linux kernel due to inlining with -fno-delete-null-pointer-checks 2023-03-21 19:14 [Bug analyzer/109239] New: -Wanalyzer-deref-before-check seen on Linux kernel due to inlining with -fno-delete-null-pointer-checks dmalcolm at gcc dot gnu.org @ 2023-03-22 12:42 ` cvs-commit at gcc dot gnu.org 2023-03-22 12:48 ` dmalcolm at gcc dot gnu.org 1 sibling, 0 replies; 3+ messages in thread From: cvs-commit at gcc dot gnu.org @ 2023-03-22 12:42 UTC (permalink / raw) To: gcc-bugs https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109239 --- Comment #1 from CVS Commits <cvs-commit at gcc dot gnu.org> --- The master branch has been updated by David Malcolm <dmalcolm@gcc.gnu.org>: https://gcc.gnu.org/g:0c652ebbf79bd168766097f3ac4c1b3b79d68a43 commit r13-6800-g0c652ebbf79bd168766097f3ac4c1b3b79d68a43 Author: David Malcolm <dmalcolm@redhat.com> Date: Wed Mar 22 08:40:34 2023 -0400 analyzer: fix false +ves from -Wanalyzer-deref-before-check due to inlining [PR109239] The patch has this effect on my integration tests of -fanalyzer: Comparison: GOOD: 129 (17.70% -> 17.92%) BAD: 600 -> 591 (-9) which is purely due to improvements to -Wanalyzer-deref-before-check on the Linux kernel: -Wanalyzer-deref-before-check: GOOD: 1 (4.55% -> 7.69%) BAD: 21 -> 12 (-9) Known false positives: 16 -> 10 (-6) linux-5.10.162: 7 -> 1 (-6) Suspected false positives: 3 -> 0 (-3) linux-5.10.162: 3 -> 0 (-3) gcc/analyzer/ChangeLog: PR analyzer/109239 * program-point.cc: Include "analyzer/inlining-iterator.h". (program_point::effectively_intraprocedural_p): New function. * program-point.h (program_point::effectively_intraprocedural_p): New decl. * sm-malloc.cc (deref_before_check::emit): Use it when rejecting interprocedural cases, so that we reject interprocedural cases that have become intraprocedural due to inlining. gcc/testsuite/ChangeLog: PR analyzer/109239 * gcc.dg/analyzer/deref-before-check-pr109239-linux-bus.c: New test. Signed-off-by: David Malcolm <dmalcolm@redhat.com> ^ permalink raw reply [flat|nested] 3+ messages in thread
* [Bug analyzer/109239] -Wanalyzer-deref-before-check seen on Linux kernel due to inlining with -fno-delete-null-pointer-checks 2023-03-21 19:14 [Bug analyzer/109239] New: -Wanalyzer-deref-before-check seen on Linux kernel due to inlining with -fno-delete-null-pointer-checks dmalcolm at gcc dot gnu.org 2023-03-22 12:42 ` [Bug analyzer/109239] " cvs-commit at gcc dot gnu.org @ 2023-03-22 12:48 ` dmalcolm at gcc dot gnu.org 1 sibling, 0 replies; 3+ messages in thread From: dmalcolm at gcc dot gnu.org @ 2023-03-22 12:48 UTC (permalink / raw) To: gcc-bugs https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109239 David Malcolm <dmalcolm at gcc dot gnu.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|UNCONFIRMED |RESOLVED --- Comment #2 from David Malcolm <dmalcolm at gcc dot gnu.org> --- Should be fixed by the above patch ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-03-22 12:48 UTC | newest] Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2023-03-21 19:14 [Bug analyzer/109239] New: -Wanalyzer-deref-before-check seen on Linux kernel due to inlining with -fno-delete-null-pointer-checks dmalcolm at gcc dot gnu.org 2023-03-22 12:42 ` [Bug analyzer/109239] " cvs-commit at gcc dot gnu.org 2023-03-22 12:48 ` dmalcolm at gcc dot gnu.org
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).