The false warning:
pr93993.f90:19:0:
19 | allocate (tm) ! { dg-warning "dereference of possibly-NULL" }
|
Warning: dereference of possibly-NULL ‘_6’ [CWE-690] [-Wanalyzer-possible-null-dereference]
in the reproducer for PR analyzer/93993 is due to a BUILTIN_EXPECT in
the chain of SSA expressions between the malloc and the condition
guarding the edge: the analyzer didn't "know" about the relationship
between initial argument to BUILTIN_EXPECT and the return value.
This patch implements support for BUILTIN_EXPECT so that the return
value is known to be equal to the initial argument. This adds
constraints when exploring the CFG edges, eliminating the above
false positive.
Doing so also eliminated the leak warning from the reproducer. The
issue was that leaked_pvs was empty within
impl_region_model_context::on_state_leak, due to the leaking region
being a view, of type struct Pdtet_8 *, of a region of type
struct pdtet_8 *, which led region_model::get_representative_path_var to
return a NULL_TREE value.
Hence the patch also implements view support for
region_model::get_representative_path_var, restoring the leak
diagnostic, albeit changing the wording to:
Warning: leak of ‘(struct Pdtet_8) qb’ [CWE-401] [-Wanalyzer-malloc-leak]
It's not clear to me if we should emit leaks at a fortran "end program"
(currently we suppress them for leaks at the end of main).
gcc/analyzer/ChangeLog:
PR analyzer/93993
* region-model.cc (region_model::on_call_pre): Handle
BUILT_IN_EXPECT and its variants.
(region_model::add_any_constraints_from_ssa_def_stmt): Split out
gassign handling into add_any_constraints_from_gassign; add gcall
handling.
(region_model::add_any_constraints_from_gassign): New function,
based on the above. Add handling for NOP_EXPR.
(region_model::add_any_constraints_from_gcall): New function.
(region_model::get_representative_path_var): Handle views.
* region-model.h
(region_model::add_any_constraints_from_ssa_def_stmt): New decl.
(region_model::add_any_constraints_from_gassign): New decl.
gcc/testsuite/ChangeLog:
PR analyzer/93993
* gcc.dg/analyzer/expect-1.c: New test.
* gcc.dg/analyzer/malloc-4.c: New test.
* gfortran.dg/analyzer/pr93993.f90: Remove xfail from dg-bogus.
Move location of leak warning and update message.
