projects / gcc.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: fc34d04)
analyzer: simplify region_model::push_frame
authorDavid Malcolm <dmalcolm@redhat.com>
Fri, 21 Aug 2020 21:19:15 +0000 (17:19 -0400)
committerDavid Malcolm <dmalcolm@redhat.com>
Sat, 22 Aug 2020 13:51:22 +0000 (09:51 -0400)
region_model::push_frame was binding arguments for both the default SSA
name for each parameter, and the underlying parameter.

Simplify the generated states by only binding the default SSA name if
it exists, or the parameter if there is no default SSA name.

gcc/analyzer/ChangeLog:
* region-model.cc (region_model::push_frame): Bind the default
SSA name for each parm if it exists, falling back to the parm
itself otherwise, rather than doing both.

gcc/testsuite/ChangeLog:
* gcc.dg/analyzer/malloc-ipa-8-double-free.c: Drop
-fanalyzer-verbose-state-changes.

gcc/analyzer/region-model.cc patch | blob | history
gcc/testsuite/gcc.dg/analyzer/malloc-ipa-8-double-free.c patch | blob | history

diff --git a/gcc/analyzer/region-model.cc b/gcc/analyzer/region-model.cc
index b8a0f9ffd3d5fa340a68b81c635b5c73adb14883..02bbfa54781f98341a3df9e4836bb2287c6858a2 100644 (file)
--- a/gcc/analyzer/region-model.cc
+++ b/gcc/analyzer/region-model.cc
@@ -2353,17 +2353,12 @@ region_model::push_frame (function *fun, const vec<const svalue *> *arg_svals,
             rest of the params as uninitialized.  */
          if (idx >= arg_svals->length ())
            break;
+         tree parm_lval = iter_parm;
+         if (tree parm_default_ssa = ssa_default_def (fun, iter_parm))
+           parm_lval = parm_default_ssa;
+         const region *parm_reg = get_lvalue (parm_lval, ctxt);
          const svalue *arg_sval = (*arg_svals)[idx];
-         const region *parm_reg = get_lvalue (iter_parm, ctxt);
          set_value (parm_reg, arg_sval, ctxt);
-
-         /* Also do it for default SSA name (sharing the same value).  */
-         tree parm_default_ssa = ssa_default_def (fun, iter_parm);
-         if (parm_default_ssa)
-           {
-             const region *defssa_reg = get_lvalue (parm_default_ssa, ctxt);
-             set_value (defssa_reg, arg_sval, ctxt);
-           }
        }
     }
   else
@@ -2375,10 +2370,10 @@ region_model::push_frame (function *fun, const vec<const svalue *> *arg_svals,
       for (tree iter_parm = DECL_ARGUMENTS (fndecl); iter_parm;
           iter_parm = DECL_CHAIN (iter_parm))
        {
-         on_top_level_param (iter_parm, ctxt);
-         tree parm_default_ssa = ssa_default_def (fun, iter_parm);
-         if (parm_default_ssa)
+         if (tree parm_default_ssa = ssa_default_def (fun, iter_parm))
            on_top_level_param (parm_default_ssa, ctxt);
+         else
+           on_top_level_param (iter_parm, ctxt);
        }
     }
 
diff --git a/gcc/testsuite/gcc.dg/analyzer/malloc-ipa-8-double-free.c b/gcc/testsuite/gcc.dg/analyzer/malloc-ipa-8-double-free.c
index cdf5ac1832454aa4567db5188d2e4118c3bfe33b..580862b0138b67a296a504656bcb494fae453472 100644 (file)
--- a/gcc/testsuite/gcc.dg/analyzer/malloc-ipa-8-double-free.c
+++ b/gcc/testsuite/gcc.dg/analyzer/malloc-ipa-8-double-free.c
@@ -1,6 +1,6 @@
 /* Example of a multilevel wrapper around malloc/free, with a double-'free'.  */
 
-/* { dg-additional-options "-fdiagnostics-show-line-numbers -fdiagnostics-path-format=inline-events -fanalyzer-checker=malloc -fanalyzer-verbose-state-changes -fdiagnostics-show-caret" } */
+/* { dg-additional-options "-fdiagnostics-show-line-numbers -fdiagnostics-path-format=inline-events -fanalyzer-checker=malloc -fdiagnostics-show-caret" } */
 /* { dg-enable-nn-line-numbers "" } */
 
 #include <stdlib.h>
@@ -83,7 +83,7 @@ void test (int i)
                   |   NN |   return malloc (size);
                   |      |          ~~~~~~~~~~~~~
                   |      |          |
-                  |      |          (6) allocated here (state of '<unknown>': 'start' -> 'unchecked', NULL origin)
+                  |      |          (6) allocated here
                   |
            <------+
            |
@@ -96,7 +96,7 @@ void test (int i)
            |   NN |   if (!result)
            |      |      ~                              
            |      |      |
-           |      |      (8) assuming 'result' is non-NULL (state of 'result': 'unchecked' -> 'nonnull', NULL origin)
+           |      |      (8) assuming 'result' is non-NULL
            |      |      (9) following 'false' branch (when 'result' is non-NULL)...
            |   NN |     abort ();
            |   NN |   result->i = i;
@@ -140,7 +140,7 @@ void test (int i)
                   |   NN |   free (ptr);
                   |      |   ~~~~~~~~~~
                   |      |   |
-                  |      |   (16) first 'free' here (state of 'ptr': 'nonnull' -> 'freed', NULL origin)
+                  |      |   (16) first 'free' here
                   |
            <------+
            |
@@ -187,7 +187,7 @@ void test (int i)
                   |   NN |   free (ptr);
                   |      |   ~~~~~~~~~~
                   |      |   |
-                  |      |   (23) second 'free' here; first 'free' was at (16) ('ptr' is in state 'freed')
+                  |      |   (23) second 'free' here; first 'free' was at (16)
                   |
    { dg-end-multiline-output "" } */