r185608 - [analyzer] Make sure that inlined defensive checks work on div by zero.

Anna Zaks ganna at apple.com
Wed Jul 3 19:38:06 PDT 2013 

Author: zaks
Date: Wed Jul  3 21:38:06 2013
New Revision: 185608

URL: http://llvm.org/viewvc/llvm-project?rev=185608&view=rev
Log:
[analyzer] Make sure that inlined defensive checks work on div by zero.

This suppresses a false positive in std::hash_map.
Fixes  radar://14255587.

Modified:
    cfe/trunk/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp
    cfe/trunk/test/Analysis/inlining/false-positive-suppression.c
    cfe/trunk/test/Analysis/inlining/inline-defensive-checks.c

Modified: cfe/trunk/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp?rev=185608&r1=185607&r2=185608&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp Wed Jul  3 21:38:06 2013
@@ -532,7 +532,8 @@ PathDiagnosticPiece *FindLastStoreBRVisi
   // If we have an expression that provided the value, try to track where it
   // came from.
   if (InitE) {
-    if (V.isUndef() || V.getAs<loc::ConcreteInt>()) {
+    if (V.isUndef() ||
+        V.getAs<loc::ConcreteInt>() || V.getAs<nonloc::ConcreteInt>()) {
       if (!IsParam)
         InitE = InitE->IgnoreParenCasts();
       bugreporter::trackNullOrUndefValue(StoreSite, InitE, BR, IsParam,
@@ -996,12 +997,15 @@ bool bugreporter::trackNullOrUndefValue(
         BugReporterVisitor *ConstraintTracker =
           new TrackConstraintBRVisitor(V.castAs<DefinedSVal>(), false);
         report.addVisitor(ConstraintTracker);
+      }
 
-        // Add visitor, which will suppress inline defensive checks.
-        if (LVState->isNull(V).isConstrainedTrue() &&
-            EnableNullFPSuppression) {
+      // Add visitor, which will suppress inline defensive checks.
+      if (Optional<DefinedSVal> DV = V.getAs<DefinedSVal>()) {
+        if (!DV->isZeroConstant() &&
+          LVState->isNull(*DV).isConstrainedTrue() &&
+          EnableNullFPSuppression) {
           BugReporterVisitor *IDCSuppressor =
-            new SuppressInlineDefensiveChecksVisitor(V.castAs<DefinedSVal>(),
+            new SuppressInlineDefensiveChecksVisitor(*DV,
                                                      LVNode);
           report.addVisitor(IDCSuppressor);
         }

Modified: cfe/trunk/test/Analysis/inlining/false-positive-suppression.c
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/inlining/false-positive-suppression.c?rev=185608&r1=185607&r2=185608&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/inlining/false-positive-suppression.c (original)
+++ cfe/trunk/test/Analysis/inlining/false-positive-suppression.c Wed Jul  3 21:38:06 2013
@@ -84,6 +84,14 @@ void testMultipleStore(void *p) {
 #endif
 }
 
+// Test that div by zero does not get suppressed. This is a policy choice.
+int retZero() {
+  return 0;
+}
+int triggerDivZero () {
+  int y = retZero();
+  return 5/y; // expected-warning {{Division by zero}}
+}
 
 // --------------------------
 // "Suppression suppression"

Modified: cfe/trunk/test/Analysis/inlining/inline-defensive-checks.c
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/inlining/inline-defensive-checks.c?rev=185608&r1=185607&r2=185608&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/inlining/inline-defensive-checks.c (original)
+++ cfe/trunk/test/Analysis/inlining/inline-defensive-checks.c Wed Jul  3 21:38:06 2013
@@ -110,3 +110,32 @@ void testConstantOffset(char *value) {
     cursor++;
   }
 }
+
+// Ensure idc works for integer zero values (ex: suppressed div by zero).
+void idcZero(int assume) {
+  if (assume)
+    ;
+}
+
+int idcTriggerZeroValue(int m) {
+  idcZero(m);
+  return 5/m; // no-warning
+}
+
+int idcTriggerZeroValueThroughCall(int i) {
+  return 5/i; // no-warning
+}
+void idcTrackZeroValueThroughCall(int x) {
+  idcZero(x);
+  idcTriggerZeroValueThroughCall(x);
+}
+
+int idcTriggerZeroThroughDoubleAssignemnt(int i) {
+  return 5/i; // no-warning
+}
+void idcTrackZeroThroughDoubleAssignemnt(int x) {
+  idcZero(x);
+  int y = x;
+  int z = y;
+  idcTriggerZeroValueThroughCall(z);
+}

More information about the cfe-commits mailing list