[PATCH] D31029: [analyzer] Fix logical not for pointers with different bit width
Daniel Marjamäki via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Thu Mar 16 06:48:38 PDT 2017
danielmarjamaki created this revision.
The Static Analyzer assumed that all pointers had the same bit width. Now pass the type to the 'makeNull' method, to construct a null
pointer of the appropiate bit width.
Example code that does not work well:
int main(void) {
__cm void *cm_p = 0;
if (cm_p == 0)
(void)cm_p;
}
Unfortunately there is no proper testcase here. The problem is seen with a custom target.
Repository:
rL LLVM
https://reviews.llvm.org/D31029
Files:
include/clang/StaticAnalyzer/Core/PathSensitive/BasicValueFactory.h
include/clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h
lib/StaticAnalyzer/Core/ExprEngineC.cpp
Index: lib/StaticAnalyzer/Core/ExprEngineC.cpp
===================================================================
--- lib/StaticAnalyzer/Core/ExprEngineC.cpp
+++ lib/StaticAnalyzer/Core/ExprEngineC.cpp
@@ -980,10 +980,9 @@
// transfer functions as "0 == E".
SVal Result;
if (Optional<Loc> LV = V.getAs<Loc>()) {
- Loc X = svalBuilder.makeNull();
+ Loc X = svalBuilder.makeNullWithType(Ex->getType());
Result = evalBinOp(state, BO_EQ, *LV, X, U->getType());
- }
- else if (Ex->getType()->isFloatingType()) {
+ } else if (Ex->getType()->isFloatingType()) {
// FIXME: handle floating point types.
Result = UnknownVal();
} else {
Index: include/clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h
===================================================================
--- include/clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h
+++ include/clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h
@@ -310,10 +310,14 @@
return nonloc::ConcreteInt(BasicVals.getTruthValue(b));
}
- Loc makeNull() {
- return loc::ConcreteInt(BasicVals.getZeroWithPtrWidth());
+ // Pass type to accomodate for different pointer bit-witdths of different
+ // address spaces.
+ Loc makeNullWithType(QualType type) {
+ return loc::ConcreteInt(BasicVals.getZeroWithTypeSize(type));
}
+ Loc makeNull() { return loc::ConcreteInt(BasicVals.getZeroWithPtrWidth()); }
+
Loc makeLoc(SymbolRef sym) {
return loc::MemRegionVal(MemMgr.getSymbolicRegion(sym));
}
Index: include/clang/StaticAnalyzer/Core/PathSensitive/BasicValueFactory.h
===================================================================
--- include/clang/StaticAnalyzer/Core/PathSensitive/BasicValueFactory.h
+++ include/clang/StaticAnalyzer/Core/PathSensitive/BasicValueFactory.h
@@ -176,6 +176,11 @@
return getValue(X);
}
+ inline const llvm::APSInt &getZeroWithTypeSize(QualType T,
+ bool isUnsigned = true) {
+ return getValue(0, Ctx.getTypeSize(T), isUnsigned);
+ }
+
inline const llvm::APSInt& getZeroWithPtrWidth(bool isUnsigned = true) {
return getValue(0, Ctx.getTypeSize(Ctx.VoidPtrTy), isUnsigned);
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D31029.91994.patch
Type: text/x-patch
Size: 2291 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20170316/db97f16d/attachment-0001.bin>
More information about the cfe-commits
mailing list