public inbox for gcc-bugs@sourceware.org help / color / mirror / Atom feed
From: "dmalcolm at gcc dot gnu.org" <gcc-bugzilla@gcc.gnu.org> To: gcc-bugs@gcc.gnu.org Subject: [Bug analyzer/99886] New: Infinite loop in -fanalyzer seen on gcc.dg/analyzer/malloc-1.c with -fanalyzer-verbosity=0 Date: Fri, 02 Apr 2021 22:15:56 +0000 [thread overview] Message-ID: <bug-99886-4@http.gcc.gnu.org/bugzilla/> (raw) https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99886 Bug ID: 99886 Summary: Infinite loop in -fanalyzer seen on gcc.dg/analyzer/malloc-1.c with -fanalyzer-verbosity=0 Product: gcc Version: 11.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: analyzer Assignee: dmalcolm at gcc dot gnu.org Reporter: dmalcolm at gcc dot gnu.org Target Milestone: --- Reproducer: #include <stdlib.h> struct coord { float x; float y; }; void test_34 (void) { float *q; struct coord *p = malloc (sizeof (struct coord)); if (!p) return; p->x = 0.0f; q = &p->x; free (p); *q = 1.0f; /* { dg-warning "use after 'free' of 'q'" } */ }; when compiled with: -fanalyzer -fanalyzer-verbosity=0 Doesn't happen at other verbosity levels. Seems to be getting stuck here in diagnostic_manager::consolidate_conditions: (gdb) bt #0 0x00000000024a8777 in vec<ana::checker_event*, va_heap, vl_ptr>::length (this=0x7fffffffca98) at ../../src/gcc/vec.h:1439 #1 0x00000000024c0d30 in ana::checker_path::num_events (this=0x7fffffffca90) at ../../src/gcc/analyzer/checker-path.h:503 #2 0x00000000024c0138 in ana::diagnostic_manager::consolidate_conditions (this=0x7fffffffcf00, path=0x7fffffffca90) at ../../src/gcc/analyzer/diagnostic-manager.cc:2203 #3 0x00000000024bf433 in ana::diagnostic_manager::prune_path (this=0x7fffffffcf00, path=0x7fffffffca90, sm=0x0, sval=0x0, state=0x0) at ../../src/gcc/analyzer/diagnostic-manager.cc:1783 #4 0x00000000024be1b6 in ana::diagnostic_manager::emit_saved_diagnostic (this=0x7fffffffcf00, eg=..., sd=...) at ../../src/gcc/analyzer/diagnostic-manager.cc:1131 #5 0x00000000024c1af1 in ana::dedupe_winners::emit_best (this=0x7fffffffcc20, dm=0x7fffffffcf00, eg=...) at ../../src/gcc/analyzer/diagnostic-manager.cc:1051 #6 0x00000000024bdfa6 in ana::diagnostic_manager::emit_saved_diagnostics (this=0x7fffffffcf00, eg=...) at ../../src/gcc/analyzer/diagnostic-manager.cc:1100 #7 0x0000000001830e13 in ana::impl_run_checkers (logger=0x35ccbf0) at ../../src/gcc/analyzer/engine.cc:4892
next reply other threads:[~2021-04-02 22:15 UTC|newest] Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-04-02 22:15 dmalcolm at gcc dot gnu.org [this message] 2021-04-02 22:41 ` [Bug analyzer/99886] Delay " dmalcolm at gcc dot gnu.org 2021-04-05 14:49 ` cvs-commit at gcc dot gnu.org 2021-04-05 14:52 ` dmalcolm at gcc dot gnu.org
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=bug-99886-4@http.gcc.gnu.org/bugzilla/ \ --to=gcc-bugzilla@gcc.gnu.org \ --cc=gcc-bugs@gcc.gnu.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).