[cfe-commits] r157860 - in /cfe/trunk: lib/StaticAnalyzer/Core/ExplodedGraph.cpp test/Analysis/engine/ test/Analysis/engine/replay-without-inlining.c
Anna Zaks
ganna at apple.com
Fri Jun 1 16:48:44 PDT 2012
Author: zaks
Date: Fri Jun 1 18:48:44 2012
New Revision: 157860
URL: http://llvm.org/viewvc/llvm-project?rev=157860&view=rev
Log:
[analyzer] Fix a spurious undef value warning.
When we timeout or exceed a max number of blocks within an inlined
function, we retry with no inlining starting from a node right before
the CallEnter node. We assume the state of that node is the state of the
program before we start evaluating the call. However, the node pruning
removes this node as unimportant.
Teach the node pruning to keep the predecessors of the call enter nodes.
Added:
cfe/trunk/test/Analysis/engine/
cfe/trunk/test/Analysis/engine/replay-without-inlining.c
Modified:
cfe/trunk/lib/StaticAnalyzer/Core/ExplodedGraph.cpp
Modified: cfe/trunk/lib/StaticAnalyzer/Core/ExplodedGraph.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/ExplodedGraph.cpp?rev=157860&r1=157859&r2=157860&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Core/ExplodedGraph.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Core/ExplodedGraph.cpp Fri Jun 1 18:48:44 2012
@@ -67,6 +67,8 @@
// (6) The 'GDM' is the same as the predecessor.
// (7) The LocationContext is the same as the predecessor.
// (8) The PostStmt is for a non-consumed Stmt or Expr.
+ // (9) The successor is a CallExpr StmtPoint (so that we would be able to
+ // find it when retrying a call with no inlining).
// Conditions 1 and 2.
if (node->pred_size() != 1 || node->succ_size() != 1)
@@ -109,7 +111,13 @@
return false;
}
- return true;
+ // Condition 9.
+ const ProgramPoint SuccLoc = succ->getLocation();
+ if (const StmtPoint *SP = dyn_cast<StmtPoint>(&SuccLoc))
+ if (isa<CallExpr>(SP->getStmt()))
+ return false;
+
+ return true;
}
void ExplodedGraph::collectNode(ExplodedNode *node) {
Added: cfe/trunk/test/Analysis/engine/replay-without-inlining.c
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/engine/replay-without-inlining.c?rev=157860&view=auto
==============================================================================
--- cfe/trunk/test/Analysis/engine/replay-without-inlining.c (added)
+++ cfe/trunk/test/Analysis/engine/replay-without-inlining.c Fri Jun 1 18:48:44 2012
@@ -0,0 +1,57 @@
+// RUN: %clang_cc1 -analyze -analyzer-checker=core,unix.Malloc -verify %s
+
+typedef struct {
+ char I[4];
+ int S;
+} Hdr;
+typedef struct {
+ short w;
+} Hdr2;
+typedef struct {
+ Hdr2 usedtobeundef;
+} Info;
+typedef struct {
+ const unsigned char *ib;
+ int cur;
+ int end;
+} IB;
+inline unsigned long gl(IB *input);
+inline void gbs(IB *input, unsigned char *buf, int count);
+void getB(IB *st, Hdr2 *usedtobeundef);
+inline unsigned char gb(IB *input) {
+ if (input->cur + 1 > input->end)
+ ;
+ return input->ib[(input->cur)++];
+}
+static void getID(IB *st, char str[4]) {
+ str[0] = gb(st);
+ str[1] = gb(st);
+ str[2] = gb(st);
+ str[3] = gb(st);
+}
+static void getH(IB *st, Hdr *header) {
+ getID (st, header->I);
+ header->S = gl(st);
+}
+static void readILBM(IB *st, Info *pic) {
+ // Initialize field;
+ pic->usedtobeundef.w = 5;
+
+ // Time out in the function so that we will be forced to retry with no inlining.
+ Hdr header;
+ getH (st, &header);
+ getID(st, header.I);
+ int i = 0;
+ while (st->cur < st->end && i < 4) {
+ i++;
+ getH (st, &header);
+ }
+}
+int bitmapImageRepFromIFF(IB st, const unsigned char *ib, int il) {
+ Info pic;
+ st.ib = ib;
+ st.cur = 0;
+ st.end = il;
+ readILBM(&st,&pic);
+ return pic.usedtobeundef.w; // No undefined value warning here.
+}
More information about the cfe-commits
mailing list