git.ipfire.org Git - thirdparty/gcc.git/commit

author	David Malcolm <dmalcolm@redhat.com>
	Mon, 9 Feb 2026 23:41:22 +0000 (18:41 -0500)
committer	David Malcolm <dmalcolm@redhat.com>
	Mon, 9 Feb 2026 23:41:22 +0000 (18:41 -0500)
commit	13c2da6cdbd1a39ed253cf8f74085347bd8ff43c
tree	6df91d4a28116eff16cb27cd3d722e88b964ddaa	tree
parent	5269ab4a7c30aa5e57dc650d44363023ddcec56d	commit \| diff

sarif output: Fix ICE due to overzealous caching [PR124014]

PR diagnostics/124014 identifies an ICE in sarif output of
diagnostics that occur after free_lang_data has called
tree_diagnostics_defaults, which happens e.g. with lto.

The issue is that in r16-413-g8ab6899dce92e6 I introduced to sarif_sink
a cached pointer to the logical_locations::manager, which for tree-using
clients is part of the compiler_data_hooks. Hence for the case above, the
pointer is freed from under the sarif_sink, and any diagnostic
issued after that point with a current_function_decl will
trigger a use-after-free.

Fix by removing the cached pointer.

gcc/ChangeLog:
PR diagnostics/124014
* diagnostics/sarif-sink.cc
(sarif_builder::get_logical_location_manager): Reimplement, to
eliminate m_logical_loc_mgr.
(sarif_builder::m_logical_loc_mgr): Drop field.
(sarif_builder::sarif_builder): Update for removed field.
(sarif_builder::set_any_logical_locs_arr): Likewise.
(sarif_builder::ensure_sarif_logical_location_for): Likewise.
(sarif_builder::make_minimal_sarif_logical_location): Likewise.

gcc/testsuite/ChangeLog:
PR diagnostics/124014
* gcc.dg/sarif-output/ice-pr124014.c: New test.

Signed-off-by: David Malcolm <dmalcolm@redhat.com>

gcc/diagnostics/sarif-sink.cc		diff \| blob \| blame \| history
gcc/testsuite/gcc.dg/sarif-output/ice-pr124014.c	[new file with mode: 0644]	blob