[Bug analyzer/105057] [12 Regression] ICE: in get_or_create_cluster, at analyzer/store.cc:2658 with -fanalyzer
cvs-commit at gcc dot gnu.org
gcc-bugzilla@gcc.gnu.org
Sat Mar 26 13:07:09 GMT 2022
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105057
--- Comment #2 from CVS Commits <cvs-commit at gcc dot gnu.org> ---
The master branch has been updated by David Malcolm <dmalcolm@gcc.gnu.org>:
https://gcc.gnu.org/g:8c8993c75309901e03418eba1d6239b9a39a43b7
commit r12-7827-g8c8993c75309901e03418eba1d6239b9a39a43b7
Author: David Malcolm <dmalcolm@redhat.com>
Date: Fri Mar 25 16:50:51 2022 -0400
analyzer: fix ICE on memset of untracked region [PR105057]
In r12-7809-g5f6197d7c197f9d2b7fb2e1a19dac39a023755e8 I added an
optimization to avoid tracking the state of certain memory regions
in the store.
Unfortunately, I didn't cover every way in which
store::get_or_create_cluster can be called for a base region, leading
to assertion failure ICEs in -fanalyzer on certain function calls
with certain params.
I've worked through all uses of store::get_or_create_cluster and found
four places where the assertion could fire.
This patch fixes them, and adds regression tests where possible.
gcc/analyzer/ChangeLog:
PR analyzer/105057
* store.cc (binding_cluster::make_unknown_relative_to): Reject
attempts to create a cluster for untracked base regions.
(store::set_value): Likewise.
(store::fill_region): Likewise.
(store::mark_region_as_unknown): Likewise.
gcc/testsuite/ChangeLog:
PR analyzer/105057
* gcc.dg/analyzer/fread-2.c: New test, as a regression test for
ICE in store::set_value on untracked base region.
* gcc.dg/analyzer/memset-2.c: Likewise, for ICE in
store::fill_region.
* gcc.dg/analyzer/strcpy-2.c: Likewise, for ICE in
store::mark_region_as_unknown.
Signed-off-by: David Malcolm <dmalcolm@redhat.com>
More information about the Gcc-bugs
mailing list