[cfe-commits] r66444 - /cfe/trunk/lib/Analysis/GRSimpleVals.cpp

Ted Kremenek kremenek at apple.com
Mon Mar 9 13:35:15 PDT 2009


Author: kremenek
Date: Mon Mar  9 15:35:15 2009
New Revision: 66444

URL: http://llvm.org/viewvc/llvm-project?rev=66444&view=rev
Log:
Teach GRSimpleVals::EvalNE and GRSimplVals::EvalEQ about TypedRegionViews and
SymbolicRegions. This fixes a serious regression when checking symbolic pointers
against null.

Modified:
    cfe/trunk/lib/Analysis/GRSimpleVals.cpp

Modified: cfe/trunk/lib/Analysis/GRSimpleVals.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Analysis/GRSimpleVals.cpp?rev=66444&r1=66443&r2=66444&view=diff

==============================================================================
--- cfe/trunk/lib/Analysis/GRSimpleVals.cpp (original)
+++ cfe/trunk/lib/Analysis/GRSimpleVals.cpp Mon Mar  9 15:35:15 2009
@@ -262,6 +262,17 @@
 }
 
 // Pointer arithmetic.
+static Loc StripViews(Loc X) {
+  if (isa<loc::MemRegionVal>(X)) {
+    const SymbolicRegion *Region =
+      cast<loc::MemRegionVal>(X).getRegion()->getAs<SymbolicRegion>();
+    
+    if (Region)
+      return Loc::MakeVal(Region->getSymbol());
+  }
+  
+  return X;
+}
 
 SVal GRSimpleVals::EvalBinOp(GRExprEngine& Eng, BinaryOperator::Opcode Op,
                              Loc L, NonLoc R) {  
@@ -274,7 +285,8 @@
 SVal GRSimpleVals::EvalEQ(GRExprEngine& Eng, Loc L, Loc R) {
   
   BasicValueFactory& BasicVals = Eng.getBasicVals();
-  
+
+TryAgain:
   switch (L.getSubKind()) {
 
     default:
@@ -320,7 +332,20 @@
       return UnknownVal();      
     }
       
-    case loc::MemRegionKind:
+    case loc::MemRegionKind: {
+      // See if 'L' and 'R' both wrap symbols.
+      Loc LTmp = StripViews(L);
+      Loc RTmp = StripViews(R);
+      
+      if (LTmp != L || RTmp != R) {
+        L = LTmp;
+        R = RTmp;
+        goto TryAgain;
+      }
+    }    
+    
+    // Fall-through.
+      
     case loc::FuncValKind:
     case loc::GotoLabelKind:
       return NonLoc::MakeIntTruthVal(BasicVals, L == R);
@@ -333,6 +358,7 @@
   
   BasicValueFactory& BasicVals = Eng.getBasicVals();
 
+TryAgain:
   switch (L.getSubKind()) {
 
     default:
@@ -357,7 +383,7 @@
       }
       
       break;
-      
+
     case loc::SymbolValKind: {
       if (isa<loc::ConcreteInt>(R)) {          
         const SymIntConstraint& C =
@@ -378,7 +404,18 @@
       break;
     }
       
-    case loc::MemRegionKind:
+    case loc::MemRegionKind: {
+      // See if 'L' and 'R' both wrap symbols.
+      Loc LTmp = StripViews(L);
+      Loc RTmp = StripViews(R);
+      
+      if (LTmp != L || RTmp != R) {
+        L = LTmp;
+        R = RTmp;
+        goto TryAgain;
+      }
+    }
+      
     case loc::FuncValKind:
     case loc::GotoLabelKind:
       return NonLoc::MakeIntTruthVal(BasicVals, L != R);





More information about the cfe-commits mailing list