{
const unaryop_svalue *unaryop_summary_sval
= as_a <const unaryop_svalue *> (summary_sval);
+ const svalue *summary_arg = unaryop_summary_sval->get_arg ();
+ const svalue *caller_arg = convert_svalue_from_summary (summary_arg);
+ if (!caller_arg)
+ return NULL;
region_model_manager *mgr = get_manager ();
- return mgr->get_or_create_unaryop
- (summary_sval->get_type (),
- unaryop_summary_sval->get_op (),
- convert_svalue_from_summary (unaryop_summary_sval->get_arg ()));
+ return mgr->get_or_create_unaryop (summary_sval->get_type (),
+ unaryop_summary_sval->get_op (),
+ caller_arg);
}
break;
case SK_BINOP:
{
const binop_svalue *binop_summary_sval
= as_a <const binop_svalue *> (summary_sval);
+ const svalue *summary_arg0 = binop_summary_sval->get_arg0 ();
+ const svalue *caller_arg0 = convert_svalue_from_summary (summary_arg0);
+ if (!caller_arg0)
+ return NULL;
+ const svalue *summary_arg1 = binop_summary_sval->get_arg1 ();
+ const svalue *caller_arg1 = convert_svalue_from_summary (summary_arg1);
+ if (!caller_arg1)
+ return NULL;
region_model_manager *mgr = get_manager ();
- return mgr->get_or_create_binop
- (summary_sval->get_type (),
- binop_summary_sval->get_op (),
- convert_svalue_from_summary (binop_summary_sval->get_arg0 ()),
- convert_svalue_from_summary (binop_summary_sval->get_arg1 ()));
+ return mgr->get_or_create_binop (summary_sval->get_type (),
+ binop_summary_sval->get_op (),
+ caller_arg0,
+ caller_arg1);
}
break;
case SK_SUB:
impl_region_model_context::on_unknown_change (const svalue *sval,
bool is_mutable)
{
+ if (!sval->can_have_associated_state_p ())
+ return;
for (sm_state_map *smap : m_new_state->m_checker_states)
smap->on_unknown_change (sval, is_mutable, m_ext_state);
}
warning_at (call->location, 0, "%s", t.as_string ());
}
+/* Handle the on_call_pre part of "__analyzer_get_unknown_ptr". */
+
+void
+region_model::impl_call_analyzer_get_unknown_ptr (const call_details &cd)
+{
+ const svalue *ptr_sval
+ = m_mgr->get_or_create_unknown_svalue (cd.get_lhs_type ());
+ cd.maybe_set_lhs (ptr_sval);
+}
+
/* Handle the on_call_pre part of "__builtin_expect" etc. */
void
{
/* This is handled elsewhere. */
}
+ else if (is_special_named_call_p (call, "__analyzer_get_unknown_ptr",
+ 0))
+ {
+ call_details cd (call, this, ctxt);
+ impl_call_analyzer_get_unknown_ptr (cd);
+ }
else
*out_unknown_side_effects = on_call_pre (call, ctxt,
out_terminate_path);
void impl_call_analyzer_dump_escaped (const gcall *call);
void impl_call_analyzer_eval (const gcall *call,
region_model_context *ctxt);
+ void impl_call_analyzer_get_unknown_ptr (const call_details &cd);
void impl_call_builtin_expect (const call_details &cd);
void impl_call_calloc (const call_details &cd);
bool impl_call_error (const call_details &cd, unsigned min_args,
= r.convert_region_from_summary (summary_base_reg))
{
const region *caller_base_reg = caller_reg->get_base_region ();
- binding_cluster *caller_cluster
- = get_or_create_cluster (caller_base_reg);
- if (summary_cluster->escaped_p ())
- caller_cluster->mark_as_escaped ();
- if (summary_cluster->touched_p ())
- caller_cluster->m_touched = true;
+ if (caller_base_reg->tracked_p ()
+ && !caller_base_reg->symbolic_for_unknown_ptr_p ())
+ {
+ binding_cluster *caller_cluster
+ = get_or_create_cluster (caller_base_reg);
+ if (summary_cluster->escaped_p ())
+ caller_cluster->mark_as_escaped ();
+ if (summary_cluster->touched_p ())
+ caller_cluster->m_touched = true;
+ }
}
switch (summary_base_reg->get_kind ())
will emit a warning with text "TRUE", FALSE" or "UNKNOWN" based on the
truthfulness of the argument. This is useful for writing DejaGnu tests.
+@smallexample
+__analyzer_get_unknown_ptr ();
+@end smallexample
+will obtain an unknown @code{void *}.
@subsection Other Debugging Techniques
truthfulness of the argument. */
extern void __analyzer_eval (int);
+/* Obtain an "unknown" void *. */
+extern void *__analyzer_get_unknown_ptr (void);
+
#endif /* #ifndef ANALYZER_DECLS_H. */
__analyzer_eval (y == j); /* { dg-warning "TRUE" } */
}
+void test_summarized_writes_param_to_ptr_unknown (int j)
+{
+ int *p = (int *)__analyzer_get_unknown_ptr ();
+ writes_param_to_ptr (j, p);
+ __analyzer_eval (*p == j); /* { dg-warning "UNKNOWN" } */
+}
+
int g;
void writes_to_global (int i)
projects / thirdparty / gcc.git / commitdiff
