analyzer: fix ICE on escaped unknown pointers [PR96611]

PR analyzer/96611 reports an ICE within the handling for unknown functions, when passing a pointer to something accessed via a global pointer, after an unknown function has already been called. The first unknown function leads to the store being flagged, so the access to the global pointer leads to (*unknown_svalue) for the base region of the argument to the 2nd function, and thus *unknown_svalue being reachable by the 2nd unknown function, triggering an assertion failure. Handle this case by rejecting attempts to get a cluster for the unknown pointer, fixing the ICE. gcc/analyzer/ChangeLog: PR analyzer/96611 * store.cc (store::mark_as_escaped): Reject attempts to get a cluster for an unknown pointer. gcc/testsuite/ChangeLog: PR analyzer/96611 * gcc.dg/analyzer/pr96611.c: New test.
author: David Malcolm <dmalcolm@redhat.com> 2020-08-14 10:48:30 -0400
committer: Giuliano Belinassi <giuliano.belinassi@usp.br> 2020-08-17 15:08:14 -0300
commit: fd151a9ade829371897e4661f11ae296ab3bb174 (patch)
tree: a19fb922a343c447d8920372ab8dc9cb3806c8ed /gcc/testsuite
parent: c6ce0e5b967476fe698fefdb941d2944efe56090 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/gcc/testsuite/gcc.dg/analyzer/pr96611.c b/gcc/testsuite/gcc.dg/analyzer/pr96611.c
new file mode 100644
index 00000000000..4f7502361cb
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/analyzer/pr96611.c
@@ -0,0 +1,14 @@
+struct s { int a; } *ptr;
+void unknown_int_ptr (int *);
+void unknown_void (void);
+
+void test_1 ()
+{
+  unknown_int_ptr (&ptr->a);
+}
+
+void test_2 ()
+{
+  unknown_void ();
+  unknown_int_ptr (&ptr->a);
+}
author	David Malcolm <dmalcolm@redhat.com>	2020-08-14 10:48:30 -0400
committer	Giuliano Belinassi <giuliano.belinassi@usp.br>	2020-08-17 15:08:14 -0300
commit	fd151a9ade829371897e4661f11ae296ab3bb174 (patch)
tree	a19fb922a343c447d8920372ab8dc9cb3806c8ed /gcc/testsuite
parent	c6ce0e5b967476fe698fefdb941d2944efe56090 (diff)