Successfully bootstrapped & regrtested on x86_64-pc-linux-gnu.
Pushed to trunk as 3bb85b868722e69aef0d37858c0dc3c88d92a0eb.
gcc/analyzer/ChangeLog:
* store.cc (binding_cluster::get_any_binding): Make symbolic reads
from a cluster with concrete bindings return unknown.
gcc/testsuite/ChangeLog:
* gcc.dg/analyzer/symbolic-7.c: New test.
Signed-off-by: David Malcolm <dmalc...@redhat.com>
---
gcc/analyzer/store.cc | 10 +++++
gcc/testsuite/gcc.dg/analyzer/symbolic-7.c | 44 ++++++++++++++++++++++
2 files changed, 54 insertions(+)
create mode 100644 gcc/testsuite/gcc.dg/analyzer/symbolic-7.c
diff --git a/gcc/analyzer/store.cc b/gcc/analyzer/store.cc
index b643b631863..320370326bd 100644
--- a/gcc/analyzer/store.cc
+++ b/gcc/analyzer/store.cc
@@ -1177,6 +1177,16 @@ binding_cluster::get_any_binding (store_manager *mgr,
return rmm_mgr->get_or_create_unknown_svalue (reg->get_type ());
}
+ /* Alternatively, if this is a symbolic read and the cluster has any
bindings,
+ then we don't know if we're reading those values or not, so the result
+ is also "UNKNOWN". */
+ if (reg->get_offset ().symbolic_p ()
+ && m_map.elements () > 0)
+ {
+ region_model_manager *rmm_mgr = mgr->get_svalue_manager ();
+ return rmm_mgr->get_or_create_unknown_svalue (reg->get_type ());
+ }
+
if (const svalue *compound_sval = maybe_get_compound_binding (mgr, reg))
return compound_sval;
diff --git a/gcc/testsuite/gcc.dg/analyzer/symbolic-7.c
b/gcc/testsuite/gcc.dg/analyzer/symbolic-7.c
new file mode 100644
index 00000000000..4f013677f86
--- /dev/null
+++ b/gcc/testsuite/gcc.dg/analyzer/symbolic-7.c
@@ -0,0 +1,44 @@
+#include "analyzer-decls.h"
+
+extern void maybe_write (int *);
+
+void test_1 (int i)
+{
+ /* An array with purely concrete bindings. */
+ int arr[2];
+ arr[0] = 1066;
+ arr[1] = 1776;
+
+ /* Concrete reads. */
+ __analyzer_eval (arr[0] == 1066); /* { dg-warning "TRUE" } */
+ __analyzer_eval (arr[1] == 1776); /* { dg-warning "TRUE" } */
+
+ /* Symbolic read. */
+ __analyzer_describe (0, arr[i]); /* { dg-warning "svalue:
'UNKNOWN\\(int\\)'" } */
+ __analyzer_eval (arr[i] == 1776); /* { dg-warning "UNKNOWN" } */
+}
+
+void test_2 (int i)
+{
+ /* An array that could have been touched. */
+ int arr[2];
+ maybe_write (arr);
+
+ /* Concrete reads. */
+ __analyzer_eval (arr[0] == 42); /* { dg-warning "UNKNOWN" } */
+
+ /* Symbolic read. */
+ __analyzer_eval (arr[i] == 42); /* { dg-warning "UNKNOWN" } */
+}
+
+void test_3 (int i)
+{
+ /* An array that can't have been touched. */
+ int arr[2];
+
+ /* Concrete reads. */
+ __analyzer_eval (arr[0] == 42); /* { dg-warning "UNKNOWN" } */
+
+ /* Symbolic read. */
+ __analyzer_eval (arr[i] == 42); /* { dg-warning "UNKNOWN" } */
+}
--
2.26.3
