[PATCH] D39691: [analyzer] Model correct dispatch_once() 'done' value in BodyFarm
Devin Coughlin via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Mon Nov 6 11:22:12 PST 2017
dcoughlin created this revision.
Herald added subscribers: szepet, kristof.beyls, xazax.hun, javed.absar, aemerson.
The analyzer's BodyFarm models dispatch_once() by comparing the passed-in predicate against a known 'done' value. If the predicate does not have that value, the model updates the predicate to have that value and executes the passed in block.
Unfortunately, the current model uses the wrong 'done' value: 1 instead of ~0. This interferes with libdispatch's static inline function _dispatch_once(), which enables a fast path if the block has already been executed. That function uses __builtin_assume() to tell the compiler that the done flag is set to ~0 on exit. When r302880 added modeling of __builtin_assume(), this caused the analyzer to assume 1 == ~0, which in turn caused the analyzer to never explore any code after a call to dispatch_once().
This patch regains the missing coverage by updating BodyFarm to use the correct 'done' value.
rdar://problem/34413048
https://reviews.llvm.org/D39691
Files:
lib/Analysis/BodyFarm.cpp
test/Analysis/unix-fns.c
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D39691.121753.patch
Type: text/x-patch
Size: 112187 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20171106/e19d4557/attachment-0001.bin>
More information about the cfe-commits
mailing list