From: David Malcolm Date: Wed, 29 Mar 2023 18:16:47 +0000 (-0400) Subject: analyzer: handle (NULL == &VAR) [PR107345] X-Git-Tag: releases/gcc-12.3.0~159 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=111fb5d3cafd0f7f2a0d01aa9e1213013fa0cc83;p=thirdparty%2Fgcc.git analyzer: handle (NULL == &VAR) [PR107345] Cherrypicked from r13-3468-g18faaeb3af42f3. gcc/analyzer/ChangeLog: PR analyzer/107345 * region-model.cc (region_model::eval_condition_without_cm): Ensure that constants are on the right-hand side before checking for them. gcc/testsuite/ChangeLog: PR analyzer/107345 * gcc.dg/analyzer/pr107345.c: New test. Signed-off-by: David Malcolm --- diff --git a/gcc/analyzer/region-model.cc b/gcc/analyzer/region-model.cc index bfee042c08fb..4cfe870eb5a6 100644 --- a/gcc/analyzer/region-model.cc +++ b/gcc/analyzer/region-model.cc @@ -2992,10 +2992,19 @@ region_model::eval_condition_without_cm (const svalue *lhs, /* Otherwise, only known through constraints. */ } - /* If we have a pair of constants, compare them. */ if (const constant_svalue *cst_lhs = lhs->dyn_cast_constant_svalue ()) - if (const constant_svalue *cst_rhs = rhs->dyn_cast_constant_svalue ()) - return constant_svalue::eval_condition (cst_lhs, op, cst_rhs); + { + /* If we have a pair of constants, compare them. */ + if (const constant_svalue *cst_rhs = rhs->dyn_cast_constant_svalue ()) + return constant_svalue::eval_condition (cst_lhs, op, cst_rhs); + else + { + /* When we have one constant, put it on the RHS. */ + std::swap (lhs, rhs); + op = swap_tree_comparison (op); + } + } + gcc_assert (lhs->get_kind () != SK_CONSTANT); /* Handle comparison against zero. */ if (const constant_svalue *cst_rhs = rhs->dyn_cast_constant_svalue ()) diff --git a/gcc/testsuite/gcc.dg/analyzer/pr107345.c b/gcc/testsuite/gcc.dg/analyzer/pr107345.c new file mode 100644 index 000000000000..540596d1182b --- /dev/null +++ b/gcc/testsuite/gcc.dg/analyzer/pr107345.c @@ -0,0 +1,17 @@ +/* Ensure the analyzer treats (NULL == &e) as being false for this case, + where the logic is sufficiently complicated to not be optimized away. */ + +#include + +int main() { + int e = 10086; + int *f = &e; + int g = 0; + int *h[2][1]; + h[1][0] = f; + if (g == (h[1][0])) { /* { dg-warning "comparison between pointer and integer" } */ + unsigned int *i = 0; + } + printf("NPD_FLAG: %d\n ", *f); + return 0; +}