[cfe-commits] r59974 - in /cfe/trunk/lib/Analysis: BasicConstraintManager.cpp RegionStore.cpp

Mon Nov 24 11:42:44 PST 2008

Thanks Sebastian!

On Nov 24, 2008, at 11:35 AM, Sebastian Redl wrote:

> Author: cornedbee
> Date: Mon Nov 24 13:35:33 2008
> New Revision: 59974
>
> URL: http://llvm.org/viewvc/llvm-project?rev=59974&view=rev
> Log:
> Fix crash of array bounds checking under 64-bit.
> There might be other, similar bugs lurking there.
>
> Modified:
>    cfe/trunk/lib/Analysis/BasicConstraintManager.cpp
>    cfe/trunk/lib/Analysis/RegionStore.cpp
>
> Modified: cfe/trunk/lib/Analysis/BasicConstraintManager.cpp
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Analysis/BasicConstraintManager.cpp?rev=59974&r1=59973&r2=59974&view=diff
>
> =
> =
> =
> =
> =
> =
> =
> =
> ======================================================================
> --- cfe/trunk/lib/Analysis/BasicConstraintManager.cpp (original)
> +++ cfe/trunk/lib/Analysis/BasicConstraintManager.cpp Mon Nov 24  
> 13:35:33 2008
> @@ -369,8 +369,14 @@
>   }
>
>   const llvm::APSInt& Zero =  
> getBasicVals().getZeroWithPtrWidth(false);
> -  const llvm::APSInt& IdxV =  
> cast<nonloc::ConcreteInt>(Idx).getValue();
> -  const llvm::APSInt& UBV =  
> cast<nonloc::ConcreteInt>(UpperBound).getValue();
> +  llvm::APSInt IdxV = cast<nonloc::ConcreteInt>(Idx).getValue();
> +  // IdxV might be too narrow.
> +  if (IdxV.getBitWidth() < Zero.getBitWidth())
> +    IdxV.extend(Zero.getBitWidth());
> +  // UBV might be too narrow, too.
> +  llvm::APSInt UBV =  
> cast<nonloc::ConcreteInt>(UpperBound).getValue();
> +  if (UBV.getBitWidth() < Zero.getBitWidth())
> +    UBV.extend(Zero.getBitWidth());
>
>   bool InBound = (Zero <= IdxV) && (IdxV < UBV);
>
>
> Modified: cfe/trunk/lib/Analysis/RegionStore.cpp
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Analysis/RegionStore.cpp?rev=59974&r1=59973&r2=59974&view=diff
>
> = 
> = 
> = 
> = 
> = 
> = 
> = 
> = 
> ======================================================================
> --- cfe/trunk/lib/Analysis/RegionStore.cpp (original)
> +++ cfe/trunk/lib/Analysis/RegionStore.cpp Mon Nov 24 13:35:33 2008
> @@ -254,12 +254,15 @@
>   if ((CI1 = dyn_cast<nonloc::ConcreteInt>(&Idx)) &&
>       (CI2 = dyn_cast<nonloc::ConcreteInt>(&Offset))) {
>
> -    // Temporary SVal to hold a potential signed APSInt.
> +    // Temporary SVal to hold a potential signed and extended APSInt.
>     SVal SignedInt;
>
> -    // Index might be unsigned. We have to convert it to signed.
> -    if (CI2->getValue().isUnsigned()) {
> +    // Index might be unsigned. We have to convert it to signed. It  
> might also
> +    // be less wide than the size. We have to extend it.
> +    if (CI2->getValue().isUnsigned() ||
> +        CI2->getValue().getBitWidth() < CI1- 
> >getValue().getBitWidth()) {
>       llvm::APSInt SI = CI2->getValue();
> +      SI.extend(CI1->getValue().getBitWidth());
>       SI.setIsSigned(true);
>       SignedInt = nonloc::ConcreteInt(getBasicVals().getValue(SI));
>       CI2 = cast<nonloc::ConcreteInt>(&SignedInt);
>
>
> _______________________________________________
> cfe-commits mailing list
> cfe-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits