https://gcc.gnu.org/bugzilla/show_bug.cgi?id=112977
--- Comment #2 from GCC Commits <cvs-commit at gcc dot gnu.org> --- The master branch has been updated by David Malcolm <dmalc...@gcc.gnu.org>: https://gcc.gnu.org/g:e503f9aca9192654d83f141ae7865a3c9d90bf0d commit r14-8391-ge503f9aca9192654d83f141ae7865a3c9d90bf0d Author: David Malcolm <dmalc...@redhat.com> Date: Wed Jan 24 10:11:35 2024 -0500 analyzer: fix taint false +ve due to overzealous state purging [PR112977] gcc/analyzer/ChangeLog: PR analyzer/112977 * engine.cc (impl_region_model_context::on_liveness_change): Pass m_ext_state to sm_state_map::on_liveness_change. * program-state.cc (sm_state_map::on_svalue_leak): Guard removal of map entry based on can_purge_p. (sm_state_map::on_liveness_change): Add ext_state param. Add workaround for bad interaction between state purging and alt-inherited sm-state. * program-state.h (sm_state_map::on_liveness_change): Add ext_state param. * sm-taint.cc (taint_state_machine::has_alt_get_inherited_state_p): New. (taint_state_machine::can_purge_p): Return false for "has_lb" and "has_ub". * sm.h (state_machine::has_alt_get_inherited_state_p): New vfunc. gcc/testsuite/ChangeLog: PR analyzer/112977 * gcc.dg/plugin/plugin.exp: Add taint-pr112977.c. * gcc.dg/plugin/taint-pr112977.c: New test. Signed-off-by: David Malcolm <dmalc...@redhat.com>
