analyzer: fix missing check for uninit of return values

author David Malcolm <dmalcolm@redhat.com>

Fri, 28 Jan 2022 18:37:51 +0000 (13:37 -0500)

committer David Malcolm <dmalcolm@redhat.com>

Wed, 2 Feb 2022 14:55:29 +0000 (09:55 -0500)
author David Malcolm <dmalcolm@redhat.com>
Fri, 28 Jan 2022 18:37:51 +0000 (13:37 -0500)
committer David Malcolm <dmalcolm@redhat.com>
Wed, 2 Feb 2022 14:55:29 +0000 (09:55 -0500)
diff --git a/gcc/analyzer/region-model.cc b/gcc/analyzer/region-model.cc

index 58c7028..6e7a21d 100644 (file)
--- a/gcc/analyzer/region-model.cc
+++ b/gcc/analyzer/region-model.cc
@@ -1559,7 +1559,11 @@ region_model::on_return (const greturn *return_stmt, region_model_context *ctxt)
    tree rhs = gimple_return_retval (return_stmt);
  
    if (lhs && rhs)
-    copy_region (get_lvalue (lhs, ctxt), get_lvalue (rhs, ctxt), ctxt);
+    {
+      const svalue *sval = get_rvalue (rhs, ctxt);
+      const region *ret_reg = get_lvalue (lhs, ctxt);
+      set_value (ret_reg, sval, ctxt);
+    }
  }
  
  /* Update this model for a call and return of setjmp/sigsetjmp at CALL within
@@ -3618,15 +3622,11 @@ region_model::pop_frame (const region *result_dst_reg,
    tree result = DECL_RESULT (fndecl);
    if (result && TREE_TYPE (result) != void_type_node)
      {
+      const svalue *retval = get_rvalue (result, ctxt);
        if (result_dst_reg)
-       {
-         /* Copy the result to RESULT_DST_REG.  */
-         copy_region (result_dst_reg,
-                      get_lvalue (result, ctxt),
-                      ctxt);
-       }
+       set_value (result_dst_reg, retval, ctxt);
        if (out_result)
-       *out_result = get_rvalue (result, ctxt);
+       *out_result = retval;
      }
  
    /* Pop the frame.  */
@@ -4758,8 +4758,9 @@ test_compound_assignment ()
    model.set_value (c_y, int_m3, NULL);
  
    /* Copy c to d.  */
-  model.copy_region (model.get_lvalue (d, NULL), model.get_lvalue (c, NULL),
-                    NULL);
+  const svalue *sval = model.get_rvalue (c, NULL);
+  model.set_value (model.get_lvalue (d, NULL), sval, NULL);
+
    /* Check that the fields have the same svalues.  */
    ASSERT_EQ (model.get_rvalue (c_x, NULL), model.get_rvalue (d_x, NULL));
    ASSERT_EQ (model.get_rvalue (c_y, NULL), model.get_rvalue (d_y, NULL));
diff --git a/gcc/analyzer/region-model.h b/gcc/analyzer/region-model.h

index 3fa090d..46cf37e 100644 (file)
--- a/gcc/analyzer/region-model.h
+++ b/gcc/analyzer/region-model.h
@@ -676,8 +676,6 @@ class region_model
    void zero_fill_region (const region *reg);
    void mark_region_as_unknown (const region *reg, uncertainty_t *uncertainty);
  
-  void copy_region (const region *dst_reg, const region *src_reg,
-                   region_model_context *ctxt);
    tristate eval_condition (const svalue *lhs,
                            enum tree_code op,
                            const svalue *rhs) const;
diff --git a/gcc/analyzer/region.cc b/gcc/analyzer/region.cc

index 77554b8..0adc75e 100644 (file)
--- a/gcc/analyzer/region.cc
+++ b/gcc/analyzer/region.cc
@@ -539,21 +539,6 @@ region::get_relative_concrete_offset (bit_offset_t *) const
    return false;
  }
  
-/* Copy from SRC_REG to DST_REG, using CTXT for any issues that occur.  */
-
-void
-region_model::copy_region (const region *dst_reg, const region *src_reg,
-                          region_model_context *ctxt)
-{
-  gcc_assert (dst_reg);
-  gcc_assert (src_reg);
-  if (dst_reg == src_reg)
-    return;
-
-  const svalue *sval = get_store_value (src_reg, ctxt);
-  set_value (dst_reg, sval, ctxt);
-}
-
  /* Dump a description of this region to stderr.  */
  
  DEBUG_FUNCTION void
diff --git a/gcc/testsuite/gcc.dg/analyzer/torture/ubsan-1.c b/gcc/testsuite/gcc.dg/analyzer/torture/ubsan-1.c

index b9f34f1..2e1e6a0 100644 (file)
--- a/gcc/testsuite/gcc.dg/analyzer/torture/ubsan-1.c
+++ b/gcc/testsuite/gcc.dg/analyzer/torture/ubsan-1.c
@@ -19,6 +19,7 @@ int test_2 (int *arr, int i, int n)
      __analyzer_eval (arr[i]); /* { dg-warning "TRUE" } */
    else
      __analyzer_eval (arr[i]); /* { dg-warning "FALSE" } */
+  return 1;
  }
  
  int test_3 (int arr[], int i, int n)
@@ -29,6 +30,7 @@ int test_3 (int arr[], int i, int n)
      __analyzer_eval (arr[i]); /* { dg-warning "TRUE" } */
    else
      __analyzer_eval (arr[i]); /* { dg-warning "FALSE" } */
+  return 1;
  }
  
  void test_4 (int i, int n)
diff --git a/gcc/testsuite/gcc.dg/analyzer/torture/uninit-trivial-auto-var-init-pattern.c b/gcc/testsuite/gcc.dg/analyzer/torture/uninit-trivial-auto-var-init-pattern.c

new file mode 100644 (file)

index 0000000..2445ee5
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/analyzer/torture/uninit-trivial-auto-var-init-pattern.c
@@ -0,0 +1,10 @@
+/* { dg-skip-if "" { *-*-* } { "-fno-fat-lto-objects" } { "" } } */
+/* { dg-additional-options "-ftrivial-auto-var-init=pattern" } */
+
+int test_1 (void)
+{
+  int i; /* { dg-message "region created on stack here" } */
+  return i; /* { dg-warning "use of uninitialized value 'i.*'" } */
+  /* FIXME: the LTO build sometimes shows SSA names here
+     (PR analyzer/94976).  */
+}
diff --git a/gcc/testsuite/gcc.dg/analyzer/torture/uninit-trivial-auto-var-init-uninitialized.c b/gcc/testsuite/gcc.dg/analyzer/torture/uninit-trivial-auto-var-init-uninitialized.c

new file mode 100644 (file)

index 0000000..7c4dd27
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/analyzer/torture/uninit-trivial-auto-var-init-uninitialized.c
@@ -0,0 +1,10 @@
+/* { dg-skip-if "" { *-*-* } { "-fno-fat-lto-objects" } { "" } } */
+/* { dg-additional-options "-ftrivial-auto-var-init=uninitialized" } */
+
+int test_1 (void)
+{
+  int i; /* { dg-message "region created on stack here" } */
+  return i; /* { dg-warning "use of uninitialized value 'i.*'" } */
+  /* FIXME: the LTO build sometimes shows SSA names here
+     (PR analyzer/94976).  */
+}
diff --git a/gcc/testsuite/gcc.dg/analyzer/torture/uninit-trivial-auto-var-init-zero.c b/gcc/testsuite/gcc.dg/analyzer/torture/uninit-trivial-auto-var-init-zero.c

new file mode 100644 (file)

index 0000000..6486d25
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/analyzer/torture/uninit-trivial-auto-var-init-zero.c
@@ -0,0 +1,10 @@
+/* { dg-skip-if "" { *-*-* } { "-fno-fat-lto-objects" } { "" } } */
+/* { dg-additional-options "-ftrivial-auto-var-init=zero" } */
+
+int test_1 (void)
+{
+  int i; /* { dg-message "region created on stack here" } */
+  return i; /* { dg-warning "use of uninitialized value 'i.*'" } */
+  /* FIXME: the LTO build sometimes shows SSA names here
+     (PR analyzer/94976).  */
+}
diff --git a/gcc/testsuite/gcc.dg/analyzer/uninit-trivial-auto-var-init-pattern.c b/gcc/testsuite/gcc.dg/analyzer/uninit-trivial-auto-var-init-pattern.c

deleted file mode 100644 (file)

index 0b78dc6..0000000
--- a/gcc/testsuite/gcc.dg/analyzer/uninit-trivial-auto-var-init-pattern.c
+++ /dev/null
@@ -1,7 +0,0 @@
-/* { dg-additional-options "-ftrivial-auto-var-init=pattern" } */
-
-int test_1 (void)
-{
-  int i; /* { dg-message "region created on stack here" } */
-  return i; /* { dg-warning "use of uninitialized value 'i'" } */
-}
diff --git a/gcc/testsuite/gcc.dg/analyzer/uninit-trivial-auto-var-init-uninitialized.c b/gcc/testsuite/gcc.dg/analyzer/uninit-trivial-auto-var-init-uninitialized.c

deleted file mode 100644 (file)

index 124d3a3..0000000
--- a/gcc/testsuite/gcc.dg/analyzer/uninit-trivial-auto-var-init-uninitialized.c
+++ /dev/null
@@ -1,7 +0,0 @@
-/* { dg-additional-options "-ftrivial-auto-var-init=uninitialized" } */
-
-int test_1 (void)
-{
-  int i; /* { dg-message "region created on stack here" } */
-  return i; /* { dg-warning "use of uninitialized value 'i'" } */
-}
diff --git a/gcc/testsuite/gcc.dg/analyzer/uninit-trivial-auto-var-init-zero.c b/gcc/testsuite/gcc.dg/analyzer/uninit-trivial-auto-var-init-zero.c

deleted file mode 100644 (file)

index ef7dc67..0000000
--- a/gcc/testsuite/gcc.dg/analyzer/uninit-trivial-auto-var-init-zero.c
+++ /dev/null
@@ -1,7 +0,0 @@
-/* { dg-additional-options "-ftrivial-auto-var-init=zero" } */
-
-int test_1 (void)
-{
-  int i; /* { dg-message "region created on stack here" } */
-  return i; /* { dg-warning "use of uninitialized value 'i'" } */
-}
author	David Malcolm <dmalcolm@redhat.com>
	Fri, 28 Jan 2022 18:37:51 +0000 (13:37 -0500)
committer	David Malcolm <dmalcolm@redhat.com>
	Wed, 2 Feb 2022 14:55:29 +0000 (09:55 -0500)
gcc/analyzer/region-model.cc		patch \| blob \| history
gcc/analyzer/region-model.h		patch \| blob \| history
gcc/analyzer/region.cc		patch \| blob \| history
gcc/testsuite/gcc.dg/analyzer/torture/ubsan-1.c		patch \| blob \| history
gcc/testsuite/gcc.dg/analyzer/torture/uninit-trivial-auto-var-init-pattern.c	[new file with mode: 0644]	patch \| blob
gcc/testsuite/gcc.dg/analyzer/torture/uninit-trivial-auto-var-init-uninitialized.c	[new file with mode: 0644]	patch \| blob
gcc/testsuite/gcc.dg/analyzer/torture/uninit-trivial-auto-var-init-zero.c	[new file with mode: 0644]	patch \| blob
gcc/testsuite/gcc.dg/analyzer/uninit-trivial-auto-var-init-pattern.c	[deleted file]	patch \| blob \| history
gcc/testsuite/gcc.dg/analyzer/uninit-trivial-auto-var-init-uninitialized.c	[deleted file]	patch \| blob \| history
gcc/testsuite/gcc.dg/analyzer/uninit-trivial-auto-var-init-zero.c	[deleted file]	patch \| blob \| history