https://gcc.gnu.org/g:67e1433a94f8ca82e2c36b79af44256430c73c38
commit r14-9935-g67e1433a94f8ca82e2c36b79af44256430c73c38
Author: Stefan Schulze Frielinghaus <stefa...@linux.ibm.com>
Date: Fri Apr 12 11:06:24 2024 +0200
analyzer: Bail out on function pointer for -Wanalyzer-allocation-size
On s390 pr94688.c is failing due to excess error
pr94688.c:6:5: warning: allocated buffer size is not a multiple of the
pointee's size [CWE-131] [-Wanalyzer-allocation-size]
This is because on s390 functions are by default aligned to an 8-byte
boundary and during function type construction size is set to function
boundary. Thus, for the assignment
a.0_1 = (void (*<T237>) ()) &a;
we have that the right-hand side is pointing to a 4-byte memory region
whereas the size of the function pointer is 8 byte and a warning is
emitted.
Since -Wanalyzer-allocation-size is not about pointers to code, bail out
early.
gcc/analyzer/ChangeLog:
* region-model.cc (region_model::check_region_size): Bail out
early on function pointers.
Diff:
---
gcc/analyzer/region-model.cc | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/gcc/analyzer/region-model.cc b/gcc/analyzer/region-model.cc
index 665873dbe94..bebe2ed3cd6 100644
--- a/gcc/analyzer/region-model.cc
+++ b/gcc/analyzer/region-model.cc
@@ -3514,6 +3514,10 @@ region_model::check_region_size (const region *lhs_reg,
const svalue *rhs_sval,
|| TYPE_SIZE_UNIT (pointee_type) == NULL_TREE)
return;
+ /* Bail out early on function pointers. */
+ if (TREE_CODE (pointee_type) == FUNCTION_TYPE)
+ return;
+
/* Bail out early on pointers to structs where we can
not deduce whether the buffer size is compatible. */
bool is_struct = RECORD_OR_UNION_TYPE_P (pointee_type);
