projects / gcc.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d503cd9)
analyzer: fix ICE on casting float to pointer [PR96764]
authorDavid Malcolm <dmalcolm@redhat.com>
Thu, 27 Aug 2020 22:20:24 +0000 (18:20 -0400)
committerDavid Malcolm <dmalcolm@redhat.com>
Mon, 31 Aug 2020 20:06:50 +0000 (16:06 -0400)
gcc/analyzer/ChangeLog:
PR analyzer/96764
* region-model-manager.cc
(region_model_manager::maybe_fold_unaryop): Handle VIEW_CONVERT_EXPR.
(region_model_manager::get_or_create_cast): Move logic for
real->integer casting to...
(get_code_for_cast): ...this new function, and add logic for
real->non-integer casts.
(region_model_manager::maybe_fold_sub_svalue): Handle
VIEW_CONVERT_EXPR.
* region-model.cc
(region_model::add_any_constraints_from_gassign): Likewise.
* svalue.cc (svalue::maybe_undo_cast): Likewise.
(unaryop_svalue::dump_to_pp): Likewise.

gcc/testsuite/ChangeLog:
PR analyzer/96764
* gcc.dg/analyzer/pr96764.c: New test.

gcc/analyzer/region-model-manager.cc patch | blob | history
gcc/analyzer/region-model.cc patch | blob | history
gcc/analyzer/svalue.cc patch | blob | history
gcc/testsuite/gcc.dg/analyzer/pr96764.c [new file with mode: 0644] patch | blob

diff --git a/gcc/analyzer/region-model-manager.cc b/gcc/analyzer/region-model-manager.cc
index 9bfb0812998fe09a85e497d1baec220a2ae295d2..da8fa01077bcef75223daa9b5ddcd20f0ad1af15 100644 (file)
--- a/gcc/analyzer/region-model-manager.cc
+++ b/gcc/analyzer/region-model-manager.cc
@@ -324,6 +324,7 @@ region_model_manager::maybe_fold_unaryop (tree type, enum tree_code op,
   switch (op)
     {
     default: break;
+    case VIEW_CONVERT_EXPR:
     case NOP_EXPR:
       {
        /* Handle redundant casts.  */
@@ -390,6 +391,30 @@ region_model_manager::get_or_create_unaryop (tree type, enum tree_code op,
   return unaryop_sval;
 }
 
+/* Get a tree code for a cast to DST_TYPE from SRC_TYPE.
+   Use NOP_EXPR if possible (e.g. to help fold_unary convert casts
+   of 0 to (T*) to simple pointer constants), but use FIX_TRUNC_EXPR
+   and VIEW_CONVERT_EXPR for cases that fold_unary would otherwise crash
+   on.  */
+
+static enum tree_code
+get_code_for_cast (tree dst_type, tree src_type)
+{
+  gcc_assert (dst_type);
+  if (!src_type)
+    return NOP_EXPR;
+
+  if (TREE_CODE (src_type) == REAL_TYPE)
+    {
+      if (TREE_CODE (dst_type) == INTEGER_TYPE)
+       return FIX_TRUNC_EXPR;
+      else
+       return VIEW_CONVERT_EXPR;
+    }
+
+  return NOP_EXPR;
+}
+
 /* Return the svalue * for a cast of ARG to type TYPE, creating it
    if necessary.  */
 
@@ -397,11 +422,8 @@ const svalue *
 region_model_manager::get_or_create_cast (tree type, const svalue *arg)
 {
   gcc_assert (type);
-  if (arg->get_type ())
-    if (TREE_CODE (type) == INTEGER_TYPE
-       && TREE_CODE (arg->get_type ()) == REAL_TYPE)
-      return get_or_create_unaryop (type, FIX_TRUNC_EXPR, arg);
-  return get_or_create_unaryop (type, NOP_EXPR, arg);
+  enum tree_code op = get_code_for_cast (type, arg->get_type ());
+  return get_or_create_unaryop (type, op, arg);
 }
 
 /* Subroutine of region_model_manager::get_or_create_binop.
@@ -561,7 +583,8 @@ region_model_manager::maybe_fold_sub_svalue (tree type,
   if (const unaryop_svalue *unary
       = parent_svalue->dyn_cast_unaryop_svalue ())
     {
-      if (unary->get_op () == NOP_EXPR)
+      if (unary->get_op () == NOP_EXPR
+         || unary->get_op () == VIEW_CONVERT_EXPR)
        if (tree cst = unary->get_arg ()->maybe_get_constant ())
          if (zerop (cst))
            {
diff --git a/gcc/analyzer/region-model.cc b/gcc/analyzer/region-model.cc
index 02bbfa54781f98341a3df9e4836bb2287c6858a2..1f794dacc133924935b64080e2fb4e317dff3dd5 100644 (file)
--- a/gcc/analyzer/region-model.cc
+++ b/gcc/analyzer/region-model.cc
@@ -1764,6 +1764,7 @@ region_model::add_any_constraints_from_gassign (enum tree_code op,
       break;
 
     case NOP_EXPR:
+    case VIEW_CONVERT_EXPR:
       {
        add_constraint (gimple_assign_rhs1 (assign), op, rhs, ctxt);
       }
diff --git a/gcc/analyzer/svalue.cc b/gcc/analyzer/svalue.cc
index a1c6241a0badff83fd92cff12e40aebc8b4b541f..fcab578674e32f8ac44f3cb0a5b3501bd7fe5ac5 100644 (file)
--- a/gcc/analyzer/svalue.cc
+++ b/gcc/analyzer/svalue.cc
@@ -128,16 +128,19 @@ svalue::maybe_get_constant () const
     return NULL_TREE;
 }
 
-/* If this svalue is a cast (i.e a unaryop NOP_EXPR), return the underlying
-   svalue.
+/* If this svalue is a cast (i.e a unaryop NOP_EXPR or VIEW_CONVERT_EXPR),
+   return the underlying svalue.
    Otherwise return NULL.  */
 
 const svalue *
 svalue::maybe_undo_cast () const
 {
   if (const unaryop_svalue *unaryop_sval = dyn_cast_unaryop_svalue ())
-    if (unaryop_sval->get_op () == NOP_EXPR)
-      return unaryop_sval->get_arg ();
+    {
+      enum tree_code op = unaryop_sval->get_op ();
+      if (op == NOP_EXPR || op == VIEW_CONVERT_EXPR)
+       return unaryop_sval->get_arg ();
+    }
   return NULL;
 }
 
@@ -566,7 +569,7 @@ unaryop_svalue::dump_to_pp (pretty_printer *pp, bool simple) const
 {
   if (simple)
     {
-      if (m_op == NOP_EXPR)
+      if (m_op == VIEW_CONVERT_EXPR || m_op == NOP_EXPR)
        {
          pp_string (pp, "CAST(");
          dump_tree (pp, get_type ());
diff --git a/gcc/testsuite/gcc.dg/analyzer/pr96764.c b/gcc/testsuite/gcc.dg/analyzer/pr96764.c
new file mode 100644 (file)
index 0000000..70b25d3
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/analyzer/pr96764.c
@@ -0,0 +1,6 @@
+void
+ar (int *hd)
+{
+  int **zv = &hd;
+  *(double *) zv = 0.0;
+}