Andrew, to improve the context of the late warnings I'm trying
to see how to get the execution path(s) leading from function
entry up to a statement. For example, for the code below I'd
like to "collect" and show the three conditionals in the context
of the warning:
extern char a[9];
void f (int m, int n, void *s)
{
if (m < 3) m = 3;
if (n < 4) n = 4;
if (s != 0)
{
char *d = a + 3;
__builtin_memcpy (d, s, m + n);
}
}
At a minimum, I'd like to print a note after the warning:
warning: ‘__builtin_memcpy’ writing between 7 and 2147483647 bytes
into a region of size 6 overflows the destination [-Wstringop-overflow=]
note: when 'm >= 3 && n >= 4 && s != 0'
(The final version would point to each conditional in the source
like the static analyzer does.)
For conditions that involve ranges used in the statements (i.e.,
the first two conditions in the source above), I wonder if rather
than traversing the CFG in a separate step, I might be able to
use Ranger to collect the conditions at the time it populates its
cache (i.e., when I call it to get range info for each statement).
I imagine I would need to derive a new class from gimple_ranger
and override some virtual member functions. (And maybe also do
the same for ranger_cache?)
Does this sound like something I should be able to do within
the framework? If yes, do you have any tips or suggestions for
where/how to start?
Thanks
Martin
PS I'm assuming -O0 for the above test case where the m + n
expression is a sum of two PHIs. With -O1 and higher some of
the integer conditionals end up transformed into MAX_EXPRs so
it will likely need to be handled differently or I may not be
able to capture all the conditions reliably. I don't know how
much that might compromise the result.
