[PATCH] D37120: [analyzer] Fix modeling arithmetic
Artem Dergachev via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Fri Aug 25 04:28:00 PDT 2017
NoQ added a comment.
I guess we'd need more assertions to catch invalid symbols, will have a look.
================
Comment at: lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp:371-373
+ return makeSymExprValNN(
+ state, op, lhs.castAs<nonloc::LocAsInteger>(),
+ rhs.castAs<nonloc::ConcreteInt>(), resultTy);
----------------
For now this code would return `UnknownVal` in most cases (pointer is not tainted, or not symbolic, or contains an offset), and still construct an invalid symbol in the rest of the cases (`makeSymExprValNN` would add the number to the pointer symbol, instead of modelling an offset within the pointed-to region).
Once D35450 finally lands (sorry for the delays...), it'd return `UnknownVal` less often and crash more often.
================
Comment at: lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp:375-377
// FIXME: This only makes sense for comparisons. If we want to, say,
// add 1 to a LocAsInteger, we'd better unpack the Loc and add to it,
// then pack it back into a LocAsInteger.
----------------
I guess you're trying to address this FIXME i recently added. This is probably the way to go: just take the `Loc` behind the `LocAsInteger`, cast it to `char *` (because pointer type shouldn't affect how much bytes of offset are added, anymore), add your integer to it, pack back into `LocAsInteger`.
Repository:
rL LLVM
https://reviews.llvm.org/D37120
More information about the cfe-commits
mailing list