public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
From: "cvs-commit at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug analyzer/98969] [11 Regression] ICE: Segmentation fault (in print_mem_ref) Date: Wed, 17 Feb 2021 15:38:35 +0000 [thread overview] Message-ID: <bug-98969-4-4noqBMSuKB@http.gcc.gnu.org/bugzilla/> (raw) In-Reply-To: <bug-98969-4@http.gcc.gnu.org/bugzilla/> https://gcc.gnu.org/bugzilla/show_bug.cgi?id=98969 --- Comment #12 from CVS Commits <cvs-commit at gcc dot gnu.org> --- The master branch has been updated by David Malcolm <dmalcolm@gcc.gnu.org>: https://gcc.gnu.org/g:e0139b2a912585496f23c352f0e2c56895f78fbf commit r11-7270-ge0139b2a912585496f23c352f0e2c56895f78fbf Author: David Malcolm <dmalcolm@redhat.com> Date: Wed Feb 17 10:37:16 2021 -0500 analyzer: fix false leak involving params [PR98969] This patch updates the svalue liveness code so that the initial value of parameters at top-level functions to the analysis are treated as live (since the values are presumably still live within the outside-of-the-analysis calling code). This fixes the false leak in PR analyzer/98969 seen on: void test (long int i) { struct foo *f = (struct foo *)i; f->expr = __builtin_malloc (1024); } since the calling code can presumably still access the allocated buffer via: ((struct foo *)i)->expr The patch also removes the expected leak warnings from g++.dg/analyzer/pr99064.C and gcc.dg/analyzer/pr96841.c, which now appear to me to be false positives. gcc/analyzer/ChangeLog: PR analyzer/98969 * constraint-manager.cc (dead_svalue_purger::should_purge_p): Update for change to svalue::live_p. * program-state.cc (sm_state_map::on_liveness_change): Likewise. (program_state::detect_leaks): Likewise. * region-model-reachability.cc (reachable_regions::init_cluster): When dealing with a symbolic region, if the underlying pointer is implicitly live, add the region to the reachable regions. * region-model.cc (region_model::compare_initial_and_pointer): Move logic for detecting initial values of params to initial_svalue::initial_value_of_param_p. * svalue.cc (svalue::live_p): Convert "live_svalues" from a reference to a pointer; support it being NULL. (svalue::implicitly_live_p): Convert first param from a refererence to a pointer. (region_svalue::implicitly_live_p): Likewise. (constant_svalue::implicitly_live_p): Likewise. (initial_svalue::implicitly_live_p): Likewise. Treat the initial values of params for the top level frame as still live. (initial_svalue::initial_value_of_param_p): New function, taken from a test in region_model::compare_initial_and_pointer. (unaryop_svalue::implicitly_live_p): Convert first param from a refererence to a pointer. (binop_svalue::implicitly_live_p): Likewise. (sub_svalue::implicitly_live_p): Likewise. (unmergeable_svalue::implicitly_live_p): Likewise. * svalue.h (svalue::live_p): Likewise. (svalue::implicitly_live_p): Likewise. (region_svalue::implicitly_live_p): Likewise. (constant_svalue::implicitly_live_p): Likewise. (initial_svalue::implicitly_live_p): Likewise. (initial_svalue::initial_value_of_param_p): New decl. (unaryop_svalue::implicitly_live_p): Convert first param from a refererence to a pointer. (binop_svalue::implicitly_live_p): Likewise. (sub_svalue::implicitly_live_p): Likewise. (unmergeable_svalue::implicitly_live_p): Likewise. gcc/testsuite/ChangeLog: PR analyzer/98969 * g++.dg/analyzer/pr99064.C: Convert dg-bogus to dg-warning. * gcc.dg/analyzer/pr96841.c: Add -Wno-analyzer-too-complex to options. Remove false leak directive. * gcc.dg/analyzer/pr98969.c (test_1): Remove xfail from leak false positive. (test_3): New.
next prev parent reply other threads:[~2021-02-17 15:38 UTC|newest] Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-02-04 17:06 [Bug c/98969] New: " asolokha at gmx dot com 2021-02-04 20:34 ` [Bug c/98969] " msebor at gcc dot gnu.org 2021-02-04 20:50 ` msebor at gcc dot gnu.org 2021-02-04 20:52 ` jakub at gcc dot gnu.org 2021-02-05 8:15 ` [Bug analyzer/98969] " rguenth at gcc dot gnu.org 2021-02-05 14:08 ` jakub at gcc dot gnu.org 2021-02-05 14:18 ` dmalcolm at gcc dot gnu.org 2021-02-06 16:16 ` msebor at gcc dot gnu.org 2021-02-06 17:10 ` msebor at gcc dot gnu.org 2021-02-11 1:59 ` dmalcolm at gcc dot gnu.org 2021-02-12 1:32 ` cvs-commit at gcc dot gnu.org 2021-02-12 1:36 ` dmalcolm at gcc dot gnu.org 2021-02-17 15:38 ` cvs-commit at gcc dot gnu.org [this message] 2021-02-17 15:40 ` dmalcolm at gcc dot gnu.org
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-98969-4-4noqBMSuKB@http.gcc.gnu.org/bugzilla/ \ --to=gcc-bugzilla@gcc.gnu.org \ --cc=gcc-bugs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).