From: David Malcolm <dmalcolm@redhat.com>
Date: Wed, 12 Feb 2020 15:56:28 +0000 (-0500)
Subject: analyzer: fix wording for assignment from NULL
X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=0993ad65cc4e462223e9337d9b2d3b82a887c6c8;p=gcc.git

analyzer: fix wording for assignment from NULL

This patch improves the wording of the state-transition event (1) in
the -Wanalyzer-null-dereference diagnostic for:

void test (void)
{
  int *p = NULL;
  *p = 1;
}

taking the path description from:

  ‘test’: events 1-2
    |
    |    5 |   int *p = NULL;
    |      |        ^
    |      |        |
    |      |        (1) assuming ‘p’ is NULL
    |    6 |   *p = 1;
    |      |   ~~~~~~
    |      |      |
    |      |      (2) dereference of NULL ‘p’
    |

to:

  ‘test’: events 1-2
    |
    |    5 |   int *p = NULL;
    |      |        ^
    |      |        |
    |      |        (1) ‘p’ is NULL
    |    6 |   *p = 1;
    |      |   ~~~~~~
    |      |      |
    |      |      (2) dereference of NULL ‘p’
    |

since the "assuming" at (1) only makes sense for state transitions
due to comparisons, not for assignments.

gcc/analyzer/ChangeLog:
	* sm-malloc.cc (malloc_diagnostic::describe_state_change): For
	transition to the "null" state, only say "assuming" when
	transitioning from the "unchecked" state.

gcc/testsuite/ChangeLog:
	* gcc.dg/analyzer/malloc-1.c (test_48): New.
---

diff --git a/gcc/analyzer/ChangeLog b/gcc/analyzer/ChangeLog
index 9f1e25d1e90..5945abc04ee 100644
--- a/gcc/analyzer/ChangeLog
+++ b/gcc/analyzer/ChangeLog
@@ -1,3 +1,9 @@
+2020-02-17  David Malcolm  <dmalcolm@redhat.com>
+
+	* sm-malloc.cc (malloc_diagnostic::describe_state_change): For
+	transition to the "null" state, only say "assuming" when
+	transitioning from the "unchecked" state.
+
 2020-02-17  David Malcolm  <dmalcolm@redhat.com>
 
 	* diagnostic-manager.h (diagnostic_manager::get_saved_diagnostic):
diff --git a/gcc/analyzer/sm-malloc.cc b/gcc/analyzer/sm-malloc.cc
index bdd0731b5d1..46225b6f700 100644
--- a/gcc/analyzer/sm-malloc.cc
+++ b/gcc/analyzer/sm-malloc.cc
@@ -130,8 +130,15 @@ public:
       return change.formatted_print ("assuming %qE is non-NULL",
 				     change.m_expr);
     if (change.m_new_state == m_sm.m_null)
-      return change.formatted_print ("assuming %qE is NULL",
-				     change.m_expr);
+      {
+	if (change.m_old_state == m_sm.m_unchecked)
+	  return change.formatted_print ("assuming %qE is NULL",
+					 change.m_expr);
+	else
+	  return change.formatted_print ("%qE is NULL",
+					 change.m_expr);
+      }
+
     return label_text ();
   }
 
diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog
index 83c581c4e0c..a08ad2e7175 100644
--- a/gcc/testsuite/ChangeLog
+++ b/gcc/testsuite/ChangeLog
@@ -1,3 +1,7 @@
+2020-02-17  David Malcolm  <dmalcolm@redhat.com>
+
+	* gcc.dg/analyzer/malloc-1.c (test_48): New.
+
 2020-02-17  Jiufu Guo  <guojiufu@linux.ibm.com>
 
 	PR target/93047
diff --git a/gcc/testsuite/gcc.dg/analyzer/malloc-1.c b/gcc/testsuite/gcc.dg/analyzer/malloc-1.c
index c13170560af..3024e546137 100644
--- a/gcc/testsuite/gcc.dg/analyzer/malloc-1.c
+++ b/gcc/testsuite/gcc.dg/analyzer/malloc-1.c
@@ -583,3 +583,9 @@ int test_47 (void)
   }
   return p_size;
 }
+
+void test_48 (void)
+{
+  int *p = NULL; /* { dg-message "'p' is NULL" } */
+  *p = 1; /* { dg-warning "dereference of NULL 'p'" } */
+}