[PATCH] D31029: [analyzer] Fix logical not for pointers with different bit width
Daniel Marjamäki via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Thu Mar 23 02:31:30 PDT 2017
danielmarjamaki updated this revision to Diff 92773.
danielmarjamaki added a comment.
Added a testcase that will crash without the fix. Used the amdgcn target as that happens to use different pointer bit widths for different address spaces.
Updated the comment. I am not good at english so I hope the grammar is ok.
Repository:
rL LLVM
https://reviews.llvm.org/D31029
Files:
include/clang/StaticAnalyzer/Core/PathSensitive/BasicValueFactory.h
include/clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h
lib/StaticAnalyzer/Core/ExprEngineC.cpp
test/Analysis/ptr.cl
Index: test/Analysis/ptr.cl
===================================================================
--- test/Analysis/ptr.cl
+++ test/Analysis/ptr.cl
@@ -0,0 +1,10 @@
+// RUN: %clang_analyze_cc1 -triple amdgcn-unknown-unknown -target-cpu verde -analyze -analyzer-checker=core %s
+
+#define __cm __attribute__((address_space(256)))
+
+// Don't crash when pointer bit-widths are different for different address spaces
+void dontCrash(void) {
+ __cm void *cm_p = 0;
+ if (!cm_p)
+ (void)cm_p;
+}
Index: lib/StaticAnalyzer/Core/ExprEngineC.cpp
===================================================================
--- lib/StaticAnalyzer/Core/ExprEngineC.cpp
+++ lib/StaticAnalyzer/Core/ExprEngineC.cpp
@@ -980,10 +980,9 @@
// transfer functions as "0 == E".
SVal Result;
if (Optional<Loc> LV = V.getAs<Loc>()) {
- Loc X = svalBuilder.makeNull();
+ Loc X = svalBuilder.makeNullWithType(Ex->getType());
Result = evalBinOp(state, BO_EQ, *LV, X, U->getType());
- }
- else if (Ex->getType()->isFloatingType()) {
+ } else if (Ex->getType()->isFloatingType()) {
// FIXME: handle floating point types.
Result = UnknownVal();
} else {
Index: include/clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h
===================================================================
--- include/clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h
+++ include/clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h
@@ -310,10 +310,15 @@
return nonloc::ConcreteInt(BasicVals.getTruthValue(b));
}
- Loc makeNull() {
- return loc::ConcreteInt(BasicVals.getZeroWithPtrWidth());
+ /// Create NULL pointer, with proper pointer bit-width for given address
+ /// space.
+ /// \param type pointer type.
+ Loc makeNullWithType(QualType type) {
+ return loc::ConcreteInt(BasicVals.getZeroWithTypeSize(type));
}
+ Loc makeNull() { return loc::ConcreteInt(BasicVals.getZeroWithPtrWidth()); }
+
Loc makeLoc(SymbolRef sym) {
return loc::MemRegionVal(MemMgr.getSymbolicRegion(sym));
}
Index: include/clang/StaticAnalyzer/Core/PathSensitive/BasicValueFactory.h
===================================================================
--- include/clang/StaticAnalyzer/Core/PathSensitive/BasicValueFactory.h
+++ include/clang/StaticAnalyzer/Core/PathSensitive/BasicValueFactory.h
@@ -176,7 +176,12 @@
return getValue(X);
}
- inline const llvm::APSInt& getZeroWithPtrWidth(bool isUnsigned = true) {
+ inline const llvm::APSInt &getZeroWithTypeSize(QualType T,
+ bool isUnsigned = true) {
+ return getValue(0, Ctx.getTypeSize(T), isUnsigned);
+ }
+
+ inline const llvm::APSInt &getZeroWithPtrWidth(bool isUnsigned = true) {
return getValue(0, Ctx.getTypeSize(Ctx.VoidPtrTy), isUnsigned);
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D31029.92773.patch
Type: text/x-patch
Size: 2887 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20170323/6a095f15/attachment.bin>
More information about the cfe-commits
mailing list