From 1a830c0636472e47a7503a5ed879725149e2e728 Mon Sep 17 00:00:00 2001 From: Jakub Jelinek Date: Tue, 3 Aug 2021 12:44:17 +0200 Subject: [PATCH] analyzer: Fix ICE on MD builtin [PR101721] The following testcase ICEs because DECL_FUNCTION_CODE asserts the builtin is BUILT_IN_NORMAL, but it sees a backend (MD) builtin instead. The FE, normal and MD builtin numbers overlap, so one should always check what kind of builtin it is before looking at specific codes. On the other side, region-model.cc has: if (fndecl_built_in_p (callee_fndecl, BUILT_IN_NORMAL) && gimple_builtin_call_types_compatible_p (call, callee_fndecl)) switch (DECL_UNCHECKED_FUNCTION_CODE (callee_fndecl)) which IMO should use DECL_FUNCTION_CODE instead, it checked first it is a normal builtin... 2021-08-03 Jakub Jelinek PR analyzer/101721 * sm-malloc.cc (known_allocator_p): Only check DECL_FUNCTION_CODE on BUILT_IN_NORMAL builtins. * gcc.dg/analyzer/pr101721.c: New test. --- gcc/analyzer/sm-malloc.cc | 2 +- gcc/testsuite/gcc.dg/analyzer/pr101721.c | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) create mode 100644 gcc/testsuite/gcc.dg/analyzer/pr101721.c diff --git a/gcc/analyzer/sm-malloc.cc b/gcc/analyzer/sm-malloc.cc index 4f07d1f9257..74c6fee2638 100644 --- a/gcc/analyzer/sm-malloc.cc +++ b/gcc/analyzer/sm-malloc.cc @@ -1543,7 +1543,7 @@ known_allocator_p (const_tree fndecl, const gcall *call) /* ... or it is a builtin allocator that allocates objects freed with __builtin_free. */ - if (fndecl_built_in_p (fndecl)) + if (fndecl_built_in_p (fndecl, BUILT_IN_NORMAL)) switch (DECL_FUNCTION_CODE (fndecl)) { case BUILT_IN_MALLOC: diff --git a/gcc/testsuite/gcc.dg/analyzer/pr101721.c b/gcc/testsuite/gcc.dg/analyzer/pr101721.c new file mode 100644 index 00000000000..07ef2d65cc3 --- /dev/null +++ b/gcc/testsuite/gcc.dg/analyzer/pr101721.c @@ -0,0 +1,8 @@ +/* PR analyzer/101721 */ +/* { dg-do compile { target i?86-*-* x86_64-*-* } } */ + +void +foo () +{ + __builtin_ia32_pause (); +}