mirror/gcc
2
0
Fork 0
mirror of git://gcc.gnu.org/git/gcc.git synced 2025-04-09 17:11:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

analyzer: decls are not on the heap

Browse Source 
Whilst debugging the remaining state explosion in PR analyzer/93355
I noticed that half of the states at an exploding program point had:
  'malloc': {'&buf': 'non-heap'}
whereas the other half didn't, presumably depending on whether the path
to each enode had used this local buffer:
  char buf[400];

This patch tweaks malloc_state_machine::get_default_state to be smarter
about this, so that we can implicitly treat pointers to decls as
non-heap, preventing pointless differences between sm_state_map
instances.  With that, all of the states in question have equal (empty)
malloc sm-state - though the state explosion continues for other reasons.

gcc/analyzer/ChangeLog:
	PR analyzer/93355
	* sm-malloc.cc (malloc_state_machine::get_default_state): Look at
	the base region when considering pointers.  Treat pointers to
	decls as being non-heap.
This commit is contained in:
David Malcolm 2020-09-18 17:34:50 -04:00
parent 7db5967f10
commit 15e7b93ba4
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
gcc/analyzer/sm-malloc.cc
View File

@ -183,7 +183,9 @@ public:
if (const region_svalue *ptr = sval->dyn_cast_region_svalue ())
{
const region *reg = ptr->get_pointee ();
if (reg->get_kind () == RK_STRING)
const region *base_reg = reg->get_base_region ();
if (base_reg->get_kind () == RK_DECL
|| base_reg->get_kind () == RK_STRING)
return m_non_heap;
}
return m_start;