analyzer: avoid ICE with missing arguments (PR 93375)

author David Malcolm <dmalcolm@redhat.com>

Wed, 22 Jan 2020 21:26:38 +0000 (16:26 -0500)

committer David Malcolm <dmalcolm@redhat.com>

Thu, 23 Jan 2020 16:24:16 +0000 (11:24 -0500)
author David Malcolm <dmalcolm@redhat.com>
Wed, 22 Jan 2020 21:26:38 +0000 (16:26 -0500)
committer David Malcolm <dmalcolm@redhat.com>
Thu, 23 Jan 2020 16:24:16 +0000 (11:24 -0500)
diff --git a/gcc/analyzer/ChangeLog b/gcc/analyzer/ChangeLog

index 16613e4..34c311d 100644 (file)
--- a/gcc/analyzer/ChangeLog
+++ b/gcc/analyzer/ChangeLog
@@ -1,3 +1,11 @@
+2020-01-23  David Malcolm  <dmalcolm@redhat.com>
+
+       PR analyzer/93375
+       * supergraph.cc (callgraph_superedge::get_arg_for_parm): Fail
+       gracefully is the number of parameters at the callee exceeds the
+       number of arguments at the call stmt.
+       (callgraph_superedge::get_parm_for_arg): Likewise.
+
  2020-01-22  David Malcolm  <dmalcolm@redhat.com>
  
         PR analyzer/93382
diff --git a/gcc/analyzer/supergraph.cc b/gcc/analyzer/supergraph.cc

index 4660239..a5bf52d 100644 (file)
--- a/gcc/analyzer/supergraph.cc
+++ b/gcc/analyzer/supergraph.cc
@@ -879,16 +879,19 @@ callgraph_superedge::get_arg_for_parm (tree parm_to_find,
    gcc_assert  (TREE_CODE (parm_to_find) == PARM_DECL);
  
    tree callee = get_callee_decl ();
+  const gcall *call_stmt = get_call_stmt ();
  
-  int i = 0;
+  unsigned i = 0;
    for (tree iter_parm = DECL_ARGUMENTS (callee); iter_parm;
         iter_parm = DECL_CHAIN (iter_parm), ++i)
      {
+      if (i >= gimple_call_num_args (call_stmt))
+       return NULL_TREE;
        if (iter_parm == parm_to_find)
         {
           if (out)
             *out = callsite_expr::from_zero_based_param (i);
-         return gimple_call_arg (get_call_stmt (), i);
+         return gimple_call_arg (call_stmt, i);
         }
      }
  
@@ -906,12 +909,15 @@ callgraph_superedge::get_parm_for_arg (tree arg_to_find,
                                        callsite_expr *out) const
  {
    tree callee = get_callee_decl ();
+  const gcall *call_stmt = get_call_stmt ();
  
-  int i = 0;
+  unsigned i = 0;
    for (tree iter_parm = DECL_ARGUMENTS (callee); iter_parm;
         iter_parm = DECL_CHAIN (iter_parm), ++i)
      {
-      tree param = gimple_call_arg (get_call_stmt (), i);
+      if (i >= gimple_call_num_args (call_stmt))
+       return NULL_TREE;
+      tree param = gimple_call_arg (call_stmt, i);
        if (arg_to_find == param)
         {
           if (out)
diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog

index 5c390ba..ef4c6fc 100644 (file)
--- a/gcc/testsuite/ChangeLog
+++ b/gcc/testsuite/ChangeLog
@@ -1,3 +1,8 @@
+2020-01-23  David Malcolm  <dmalcolm@redhat.com>
+
+       PR analyzer/93375
+       * gcc.dg/analyzer/pr93375.c: New test.
+
  2020-01-23  Jason Merrill  <jason@redhat.com>
  
         * lib/target-supports.exp (check_effective_target_unsigned_char):
diff --git a/gcc/testsuite/gcc.dg/analyzer/pr93375.c b/gcc/testsuite/gcc.dg/analyzer/pr93375.c

new file mode 100644 (file)

index 0000000..93a3e87
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/analyzer/pr93375.c
@@ -0,0 +1,15 @@
+/* { dg-additional-options "-Wno-implicit-int" } */
+
+void
+en (jm)
+{
+}
+
+void
+p2 ()
+{
+  char *rl = 0;
+
+  en ();
+  __builtin_memcpy (rl, 0, sizeof (0)); /* { dg-warning "dereference of NULL" } */
+}
author	David Malcolm <dmalcolm@redhat.com>
	Wed, 22 Jan 2020 21:26:38 +0000 (16:26 -0500)
committer	David Malcolm <dmalcolm@redhat.com>
	Thu, 23 Jan 2020 16:24:16 +0000 (11:24 -0500)
gcc/analyzer/ChangeLog		patch \| blob \| history
gcc/analyzer/supergraph.cc		patch \| blob \| history
gcc/testsuite/ChangeLog		patch \| blob \| history
gcc/testsuite/gcc.dg/analyzer/pr93375.c	[new file with mode: 0644]	patch \| blob