https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101081
Bug ID: 101081 Summary: analyzer testsuite failures seen with new glibc due to malloc attribute Product: gcc Version: 12.0 Status: UNCONFIRMED Severity: normal Priority: P3 Component: analyzer Assignee: dmalcolm at gcc dot gnu.org Reporter: dmalcolm at gcc dot gnu.org Target Milestone: --- Fedora's build of GCC showed some new analyzer failures: +FAIL: gcc.dg/analyzer/analyzer-verbosity-2a.c (test for excess errors) +FAIL: gcc.dg/analyzer/analyzer-verbosity-3a.c (test for excess errors) +FAIL: gcc.dg/analyzer/edges-1.c (test for excess errors) +FAIL: gcc.dg/analyzer/file-1.c (test for excess errors) +FAIL: gcc.dg/analyzer/file-2.c (test for excess errors) +FAIL: gcc.dg/analyzer/file-paths-1.c (test for excess errors) +FAIL: gcc.dg/analyzer/file-pr58237.c (test for excess errors) +FAIL: gcc.dg/analyzer/pr99716-1.c (test for excess errors) which appeared between: gcc/11.1.1/3.fc35: glibc-2.33.9000-2.fc35.x86_64 gcc/11.1.1/4.fc35: glibc-2.33.9000-13.fc35.x86_64 These testcases all use <stdio.h> Almost all of these seem to be due to new -Wanalyzer-malloc-leak warnings, where the testcases are expecting to emit -Wanalyzer-file-leak (from sm-file.cc), but are now *also* emitting -Wanalyzer-malloc-leak. Presumably the new glibc gained __attribute__((malloc)) within stdio.h. As well as these, pr99716-1.c adds these excess errors: /builddir/build/BUILD/gcc-11.1.1-20210531/gcc/testsuite/gcc.dg/analyzer/pr99716-1.c:11:5: warning: use of possibly-NULL 'fp' where non-null expected [CWE-690] [-Wanalyzer-possible-null-argument] /builddir/build/BUILD/gcc-11.1.1-20210531/gcc/testsuite/gcc.dg/analyzer/pr99716-1.c:23:5: warning: use of possibly-NULL 'fp' where non-null expected [CWE-690] [-Wanalyzer-possible-null-argument] /builddir/build/BUILD/gcc-11.1.1-20210531/gcc/testsuite/gcc.dg/analyzer/pr99716-1.c:36:5: warning: use of possibly-NULL '*fpp' where non-null expected [CWE-690] [-Wanalyzer-possible-null-argument] which look like genuine warnings: passing unchecked ptrs to fprintf. Looks like: (a) these testcases should avoid <stdio.h> and instead have their own copy of the decls, to avoid <stdio.h> from changing under us (b) the malloc attribute gave us some genuine warnings, so it's valuable; the analyzer should do something to support this, but it's probably overkill to emit *both* -Wanalyzer-malloc-leak and -Wanalyzer-file-leak.