From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 2209) id 4040F3858D28; Fri, 7 Oct 2022 16:43:29 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 4040F3858D28 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gcc.gnu.org; s=default; t=1665161009; bh=qzf9b5jrSkjLKCqEaEWeHomH5y0fx2qUgyDlKDX8ECc=; h=From:To:Subject:Date:From; b=Z0qf7st1E7ZRt3GkQsD+JBOm9Mk9J669nyPflFYrEFKxVTq+6HtbOR3ZcAnnMq3wp ZyQ3bgfrUAV9P1oiuNG8GvOQdlw1mEBKoCFyP8AE/2HGWXNeqrxrpbYx5P3PULtG69 ma3ZNJ0ArjTMNgYpzbmGlf3QJjQVA18zL7gi5DPQ= MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset="utf-8" From: David Malcolm To: gcc-cvs@gcc.gnu.org Subject: [gcc r13-3168] analyzer: extract bits from integer constants [PR105783] X-Act-Checkin: gcc X-Git-Author: David Malcolm X-Git-Refname: refs/heads/master X-Git-Oldrev: eb491ea5c10955c667ceeda76dede393c93a377b X-Git-Newrev: f09b99550a3c6cd16f5e9150ebd4b1d87033dcbd Message-Id: <20221007164329.4040F3858D28@sourceware.org> Date: Fri, 7 Oct 2022 16:43:29 +0000 (GMT) List-Id: https://gcc.gnu.org/g:f09b99550a3c6cd16f5e9150ebd4b1d87033dcbd commit r13-3168-gf09b99550a3c6cd16f5e9150ebd4b1d87033dcbd Author: David Malcolm Date: Fri Oct 7 12:41:59 2022 -0400 analyzer: extract bits from integer constants [PR105783] Fix a false positive from -Wanalyzer-null-dereference due to -fanalyzer failing to grok the value of a particular boolean field initialized to a constant. gcc/analyzer/ChangeLog: PR analyzer/105783 * region-model.cc (selftest::get_bit): New function. (selftest::test_bits_within_svalue_folding): New. (selfftest::analyzer_region_model_cc_tests): Call it. * svalue.cc (constant_svalue::maybe_fold_bits_within): Handle the case of extracting a single bit. gcc/testsuite/ChangeLog: PR analyzer/105783 * gcc.dg/analyzer/pr105783.c: New test. Signed-off-by: David Malcolm Diff: --- gcc/analyzer/region-model.cc | 52 ++++++++++++++++++++++++++++++++ gcc/analyzer/svalue.cc | 17 ++++++++++- gcc/testsuite/gcc.dg/analyzer/pr105783.c | 26 ++++++++++++++++ 3 files changed, 94 insertions(+), 1 deletion(-) diff --git a/gcc/analyzer/region-model.cc b/gcc/analyzer/region-model.cc index c50f5c6fb96..81ef41edee4 100644 --- a/gcc/analyzer/region-model.cc +++ b/gcc/analyzer/region-model.cc @@ -7132,6 +7132,57 @@ test_sub_svalue_folding () ASSERT_EQ (sub->get_type (), TREE_TYPE (ct.m_x_field)); } +/* Get BIT within VAL as a symbolic value within MGR. */ + +static const svalue * +get_bit (region_model_manager *mgr, + bit_offset_t bit, + unsigned HOST_WIDE_INT val) +{ + const svalue *inner_svalue + = mgr->get_or_create_int_cst (unsigned_type_node, val); + return mgr->get_or_create_bits_within (boolean_type_node, + bit_range (bit, 1), + inner_svalue); +} + +/* Verify that bits_within_svalues are folded as expected. */ + +static void +test_bits_within_svalue_folding () +{ + region_model_manager mgr; + + const svalue *zero = mgr.get_or_create_int_cst (boolean_type_node, 0); + const svalue *one = mgr.get_or_create_int_cst (boolean_type_node, 1); + + { + const unsigned val = 0x0000; + for (unsigned bit = 0; bit < 16; bit++) + ASSERT_EQ (get_bit (&mgr, bit, val), zero); + } + + { + const unsigned val = 0x0001; + ASSERT_EQ (get_bit (&mgr, 0, val), one); + for (unsigned bit = 1; bit < 16; bit++) + ASSERT_EQ (get_bit (&mgr, bit, val), zero); + } + + { + const unsigned val = 0x8000; + for (unsigned bit = 0; bit < 15; bit++) + ASSERT_EQ (get_bit (&mgr, bit, val), zero); + ASSERT_EQ (get_bit (&mgr, 15, val), one); + } + + { + const unsigned val = 0xFFFF; + for (unsigned bit = 0; bit < 16; bit++) + ASSERT_EQ (get_bit (&mgr, bit, val), one); + } +} + /* Test that region::descendent_of_p works as expected. */ static void @@ -8488,6 +8539,7 @@ analyzer_region_model_cc_tests () test_unaryop_svalue_folding (); test_binop_svalue_folding (); test_sub_svalue_folding (); + test_bits_within_svalue_folding (); test_descendent_of_p (); test_bit_range_regions (); test_assignment (); diff --git a/gcc/analyzer/svalue.cc b/gcc/analyzer/svalue.cc index 9ec46d626da..a0838c0f588 100644 --- a/gcc/analyzer/svalue.cc +++ b/gcc/analyzer/svalue.cc @@ -868,7 +868,7 @@ constant_svalue::eval_condition (const constant_svalue *lhs, const svalue * constant_svalue::maybe_fold_bits_within (tree type, - const bit_range &, + const bit_range &bits, region_model_manager *mgr) const { /* Bits within an all-zero value are also all zero. */ @@ -879,6 +879,21 @@ constant_svalue::maybe_fold_bits_within (tree type, else return this; } + + /* Handle the case of extracting a single bit. */ + if (bits.m_size_in_bits == 1 + && TREE_CODE (m_cst_expr) == INTEGER_CST + && type + && INTEGRAL_TYPE_P (type)) + { + unsigned HOST_WIDE_INT bit = bits.m_start_bit_offset.to_uhwi (); + unsigned HOST_WIDE_INT mask = (1 << bit); + unsigned HOST_WIDE_INT val_as_hwi = tree_to_uhwi (m_cst_expr); + unsigned HOST_WIDE_INT masked_val = val_as_hwi & mask; + int result = masked_val ? 1 : 0; + return mgr->get_or_create_int_cst (type, result); + } + /* Otherwise, don't fold. */ return NULL; } diff --git a/gcc/testsuite/gcc.dg/analyzer/pr105783.c b/gcc/testsuite/gcc.dg/analyzer/pr105783.c new file mode 100644 index 00000000000..00f44d04b64 --- /dev/null +++ b/gcc/testsuite/gcc.dg/analyzer/pr105783.c @@ -0,0 +1,26 @@ +/* { dg-additional-options "-O" } */ + +struct ss_s { + union out_or_counting_u { + char *newstr; + unsigned long long cnt; + } uu; + _Bool counting; +}; + +struct ss_s ss_init(void) { + struct ss_s rr = { .counting = 1 }; + return rr; +} + +void ss_out(struct ss_s *t, char cc) { + if (!t->counting) { + *t->uu.newstr++ = cc; + } +} + +int main() { + struct ss_s ss = ss_init(); + ss_out(&ss, 'a'); +} +