From: David Malcolm <dmalcolm@redhat.com>
Date: Tue, 22 Jun 2021 17:44:57 +0000 (-0400)
Subject: analyzer: fix ICE on malloc/alloca param type mismatch [PR101143]
X-Git-Tag: upstream/12.2.0~6966
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=ea4e32181d7a36055b57421abd0ced4735654cf6;p=platform%2Fupstream%2Fgcc.git

analyzer: fix ICE on malloc/alloca param type mismatch [PR101143]

gcc/analyzer/ChangeLog:
	PR analyzer/101143
	* region-model.cc (compat_types_p): New function.
	(region_model::create_region_for_heap_alloc): Convert assertion to
	an error check.
	(region_model::create_region_for_alloca): Likewise.

gcc/testsuite/ChangeLog:
	PR analyzer/101143
	* gcc.dg/analyzer/pr101143.c: New test.

Signed-off-by: David Malcolm <dmalcolm@redhat.com>
---

diff --git a/gcc/analyzer/region-model.cc b/gcc/analyzer/region-model.cc
index 462fe6d..ee11e82 100644
--- a/gcc/analyzer/region-model.cc
+++ b/gcc/analyzer/region-model.cc
@@ -1443,6 +1443,17 @@ assert_compat_types (tree src_type, tree dst_type)
     }
 }
 
+/* Return true if SRC_TYPE can be converted to DST_TYPE as a no-op.  */
+
+static bool
+compat_types_p (tree src_type, tree dst_type)
+{
+  if (src_type && dst_type && !VOID_TYPE_P (dst_type))
+    if (!(useless_type_conversion_p (src_type, dst_type)))
+      return false;
+  return true;
+}
+
 /* Get the region for PV within this region_model,
    emitting any diagnostics to CTXT.  */
 
@@ -3402,8 +3413,8 @@ const region *
 region_model::create_region_for_heap_alloc (const svalue *size_in_bytes)
 {
   const region *reg = m_mgr->create_region_for_heap_alloc ();
-  assert_compat_types (size_in_bytes->get_type (), size_type_node);
-  set_dynamic_extents (reg, size_in_bytes);
+  if (compat_types_p (size_in_bytes->get_type (), size_type_node))
+    set_dynamic_extents (reg, size_in_bytes);
   return reg;
 }
 
@@ -3414,8 +3425,8 @@ const region *
 region_model::create_region_for_alloca (const svalue *size_in_bytes)
 {
   const region *reg = m_mgr->create_region_for_alloca (m_current_frame);
-  assert_compat_types (size_in_bytes->get_type (), size_type_node);
-  set_dynamic_extents (reg, size_in_bytes);
+  if (compat_types_p (size_in_bytes->get_type (), size_type_node))
+    set_dynamic_extents (reg, size_in_bytes);
   return reg;
 }
 
diff --git a/gcc/testsuite/gcc.dg/analyzer/pr101143.c b/gcc/testsuite/gcc.dg/analyzer/pr101143.c
new file mode 100644
index 0000000..bcc0974
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/analyzer/pr101143.c
@@ -0,0 +1,18 @@
+/* { dg-additional-options "-Wno-builtin-declaration-mismatch" } */
+
+extern void *malloc (unsigned int);
+extern void *alloca (unsigned int);
+extern void unknown_fn (void *);
+
+void *
+test_malloc (void)
+{
+  return malloc (sizeof (int));
+}
+
+void *
+test_alloca (void)
+{
+  void *p = alloca (sizeof (int));
+  unknown_fn (p);
+}