From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 2209) id 3C4873877416; Fri, 18 Jun 2021 17:26:14 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 3C4873877416 MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="utf-8" From: David Malcolm To: gcc-cvs@gcc.gnu.org Subject: [gcc r12-1649] analyzer: fix issue with symbolic reads with concrete bindings X-Act-Checkin: gcc X-Git-Author: David Malcolm X-Git-Refname: refs/heads/master X-Git-Oldrev: 83faf7eacd2081a373afb6069fd923c2dc497271 X-Git-Newrev: 3bb85b868722e69aef0d37858c0dc3c88d92a0eb Message-Id: <20210618172614.3C4873877416@sourceware.org> Date: Fri, 18 Jun 2021 17:26:14 +0000 (GMT) X-BeenThere: gcc-cvs@gcc.gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Gcc-cvs mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Jun 2021 17:26:14 -0000 https://gcc.gnu.org/g:3bb85b868722e69aef0d37858c0dc3c88d92a0eb commit r12-1649-g3bb85b868722e69aef0d37858c0dc3c88d92a0eb Author: David Malcolm Date: Fri Jun 18 13:24:19 2021 -0400 analyzer: fix issue with symbolic reads with concrete bindings gcc/analyzer/ChangeLog: * store.cc (binding_cluster::get_any_binding): Make symbolic reads from a cluster with concrete bindings return unknown. gcc/testsuite/ChangeLog: * gcc.dg/analyzer/symbolic-7.c: New test. Signed-off-by: David Malcolm Diff: --- gcc/analyzer/store.cc | 10 +++++++ gcc/testsuite/gcc.dg/analyzer/symbolic-7.c | 44 ++++++++++++++++++++++++++++++ 2 files changed, 54 insertions(+) diff --git a/gcc/analyzer/store.cc b/gcc/analyzer/store.cc index b643b631863..320370326bd 100644 --- a/gcc/analyzer/store.cc +++ b/gcc/analyzer/store.cc @@ -1177,6 +1177,16 @@ binding_cluster::get_any_binding (store_manager *mgr, return rmm_mgr->get_or_create_unknown_svalue (reg->get_type ()); } + /* Alternatively, if this is a symbolic read and the cluster has any bindings, + then we don't know if we're reading those values or not, so the result + is also "UNKNOWN". */ + if (reg->get_offset ().symbolic_p () + && m_map.elements () > 0) + { + region_model_manager *rmm_mgr = mgr->get_svalue_manager (); + return rmm_mgr->get_or_create_unknown_svalue (reg->get_type ()); + } + if (const svalue *compound_sval = maybe_get_compound_binding (mgr, reg)) return compound_sval; diff --git a/gcc/testsuite/gcc.dg/analyzer/symbolic-7.c b/gcc/testsuite/gcc.dg/analyzer/symbolic-7.c new file mode 100644 index 00000000000..4f013677f86 --- /dev/null +++ b/gcc/testsuite/gcc.dg/analyzer/symbolic-7.c @@ -0,0 +1,44 @@ +#include "analyzer-decls.h" + +extern void maybe_write (int *); + +void test_1 (int i) +{ + /* An array with purely concrete bindings. */ + int arr[2]; + arr[0] = 1066; + arr[1] = 1776; + + /* Concrete reads. */ + __analyzer_eval (arr[0] == 1066); /* { dg-warning "TRUE" } */ + __analyzer_eval (arr[1] == 1776); /* { dg-warning "TRUE" } */ + + /* Symbolic read. */ + __analyzer_describe (0, arr[i]); /* { dg-warning "svalue: 'UNKNOWN\\(int\\)'" } */ + __analyzer_eval (arr[i] == 1776); /* { dg-warning "UNKNOWN" } */ +} + +void test_2 (int i) +{ + /* An array that could have been touched. */ + int arr[2]; + maybe_write (arr); + + /* Concrete reads. */ + __analyzer_eval (arr[0] == 42); /* { dg-warning "UNKNOWN" } */ + + /* Symbolic read. */ + __analyzer_eval (arr[i] == 42); /* { dg-warning "UNKNOWN" } */ +} + +void test_3 (int i) +{ + /* An array that can't have been touched. */ + int arr[2]; + + /* Concrete reads. */ + __analyzer_eval (arr[0] == 42); /* { dg-warning "UNKNOWN" } */ + + /* Symbolic read. */ + __analyzer_eval (arr[i] == 42); /* { dg-warning "UNKNOWN" } */ +}