https://gcc.gnu.org/bugzilla/show_bug.cgi?id=118300
David Malcolm <dmalcolm at gcc dot gnu.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |dmalcolm at gcc dot gnu.org
--- Comment #4 from David Malcolm <dmalcolm at gcc dot gnu.org> ---
Created attachment 60053
--> https://gcc.gnu.org/bugzilla/attachment.cgi?id=60053&action=edit
Work-in-progress fix
Attaching a work-in-progress fix that makes -fanalyzer treat all of the
IFN_UBSAN_* as no-ops.
Needs test coverage, and perhaps we should extend this to make the analyzer try
to detect possible UB at compile-time.
With this patch, the test case output becomes:
$ ./xgcc -S -B. -fanalyzer -fsanitize=undefined t.c
t.c: In function ‘main’:
t.c:5:10: warning: dereference of possibly-NULL ‘new’ [CWE-690]
[-Wanalyzer-possible-null-dereference]
5 | *new = malloc(sizeof(int*));
| ~~~~~^~~~~~~~~~~~~~~~~~~~~~
‘main’: events 1-2
4 | int*** new = malloc(sizeof(int**));
| ^~~~~~~~~~~~~~~~~~~~~
| |
| (1) this call could return NULL
5 | *new = malloc(sizeof(int*));
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~
| |
| (2) ⚠️ ‘new’ could be NULL: unchecked value from (1)
t.c:6:11: warning: dereference of possibly-NULL ‘*new’ [CWE-690]
[-Wanalyzer-possible-null-dereference]
6 | **new = malloc(sizeof(int));
| ~~~~~~^~~~~~~~~~~~~~~~~~~~~
‘main’: events 1-2
5 | *new = malloc(sizeof(int*));
| ^~~~~~~~~~~~~~~~~~~~
| |
| (1) this call could return NULL
6 | **new = malloc(sizeof(int));
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~
| |
| (2) ⚠️ ‘*new’ could be NULL: unchecked value from (1)
which looks correct to me.
