From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTPS id B07773858283 for ; Thu, 11 Aug 2022 19:26:04 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org B07773858283 Received: from mail-qk1-f198.google.com (mail-qk1-f198.google.com [209.85.222.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_128_GCM_SHA256) id us-mta-288-6n7yT4ZoPPa2p9UqZV9M8A-1; Thu, 11 Aug 2022 15:26:02 -0400 X-MC-Unique: 6n7yT4ZoPPa2p9UqZV9M8A-1 Received: by mail-qk1-f198.google.com with SMTP id i15-20020a05620a404f00b006b55998179bso15404571qko.4 for ; Thu, 11 Aug 2022 12:26:02 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:user-agent:references :in-reply-to:date:to:from:subject:message-id:x-gm-message-state:from :to:cc; bh=c+yZ5RNpx1IgwlQG9BOlP7zOBlMJriuPBOHJV2/zAWg=; b=iDRqfzL9i+/7hQQPDqhLChSqzvcAvCps1wCgWY9u4Akoz8xe15K8AeI7L5nKm/mId/ jHFDpxGwDnjDfKJbuQEvdcPTI0vtrdZc4SyKGaDW1bTBHwo3R5dcyNf4O7M/p6aOS6Va w4vv3XfI7gOoe7LvzdJb6bVOAUGAsR1Jn7wSWfwUhzjDE3VqmqVVtVNd7kuyMZPp6biN s20s7Lh24vsoFDlnDGK481nb5I4kQGQusiTfkniX58E0rN31ypAssVsAofqlEtpplb8Z 5hZCWc3HgUfsEKNX7fkLhiQ1wfXpTRuluxK9C9ys1TnFfTBGKUtZX4ZuqxMJU8VAOWh6 rDTg== X-Gm-Message-State: ACgBeo0vn4wFiSQ7RL9jNJUlBvQ5Tgb7s6LFSB4tdAUgfM9W8ylsr73V +ySTdHRhX9PjTGa8sARwxhhtpR8KnhmD+NHxNZfmXiIdsJtQG2WRtpknIpK3gjmQeqKv7N0MsnC DdOVAkUfhjJgh/4XYuw== X-Received: by 2002:a0c:8ec4:0:b0:47a:aa82:58b6 with SMTP id y4-20020a0c8ec4000000b0047aaa8258b6mr517078qvb.46.1660245960001; Thu, 11 Aug 2022 12:26:00 -0700 (PDT) X-Google-Smtp-Source: AA6agR4paVdGdxhv+JZw7ZL77oT77Wz06yiu+c/OIkS73QnSDN0juVKi9qWN4KHJ22srfA7mWqBZ8Q== X-Received: by 2002:a0c:8ec4:0:b0:47a:aa82:58b6 with SMTP id y4-20020a0c8ec4000000b0047aaa8258b6mr517069qvb.46.1660245959709; Thu, 11 Aug 2022 12:25:59 -0700 (PDT) Received: from t14s.localdomain (c-73-69-212-193.hsd1.nh.comcast.net. [73.69.212.193]) by smtp.gmail.com with ESMTPSA id c13-20020ac87dcd000000b0034358bfc3c8sm196039qte.67.2022.08.11.12.25.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 11 Aug 2022 12:25:58 -0700 (PDT) Message-ID: <3ed2bf522657f1f46a1a75be4e67b2ccdb45dd1c.camel@redhat.com> Subject: Re: [PATCH 1/2 v2] analyzer: consider that realloc could shrink the buffer [PR106539] From: David Malcolm To: Tim Lange , gcc-patches@gcc.gnu.org Date: Thu, 11 Aug 2022 15:25:57 -0400 In-Reply-To: <20220811172452.65996-1-mail@tim-lange.me> References: <20220809211943.82098-1-mail@tim-lange.me> <20220811172452.65996-1-mail@tim-lange.me> User-Agent: Evolution 3.38.4 (3.38.4-1.fc33) MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00, BODY_8BITS, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: gcc-patches@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-patches mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 11 Aug 2022 19:26:06 -0000 On Thu, 2022-08-11 at 19:24 +0200, Tim Lange wrote: > This patch adds the "shrinks buffer" case to the success_with_move > modelling of realloc. Thanks for the updated patch. > > Regression-tested on Linux x86-64, further ran the analyzer tests > with > the -m32 option. [...snip...] > --- /dev/null > +++ b/gcc/testsuite/gcc.dg/analyzer/realloc-5.c > @@ -0,0 +1,45 @@ > +#include "analyzer-decls.h" > + > +typedef __SIZE_TYPE__ size_t; > + > +#define NULL ((void *)0) > + > +extern void *malloc (size_t __size) > +  __attribute__ ((__nothrow__ , __leaf__)) > +  __attribute__ ((__malloc__)) > +  __attribute__ ((__alloc_size__ (1))); > +extern void *realloc (void *__ptr, size_t __size) > +  __attribute__ ((__nothrow__ , __leaf__)) > +  __attribute__ ((__warn_unused_result__)) > +  __attribute__ ((__alloc_size__ (2))); > +extern void free (void *__ptr) > +  __attribute__ ((__nothrow__ , __leaf__)); > +extern void *memset (void *__ptr, int __value, size_t __size); > + > +/* realloc where the region shrinks on success_with_move.  */ > + > +void test_1 () > +{ > +  char *p = malloc (16); > +  if (!p) > +    return; > +  memset (p, 1, 16); > + > +  char *q = realloc (p, 8); > +  if (!q) > +    { > +      free (p); > +      return; > +    } > +  else if (p != q) > +    { > +      __analyzer_dump_capacity (q); /* { dg-warning "capacity: > '\\(\[^\n\r\]*\\)8'" } */ > +      __analyzer_eval (q[8] == 1); /* { dg-line eval } */ > +    > +      /* { dg-warning "UNKNOWN" "warning" { target *-*-* } eval } */ > +      /* { dg-warning "overread" "warning" { target *-*-* } eval } > */ Strictly speaking, this "overread" warning is dependent on the followup patch, but assuming that that patch is OK, this patch is also OK. Thanks Dave > +      /* { dg-warning "use of uninitialized value" "warning" { > target *-*-* } eval } */ > +    } > + > +  free (q); > +}