[cfe-commits] r60489 - in /cfe/trunk: lib/Analysis/BasicConstraintManager.cpp test/Analysis/null-deref-ps.c
Ted Kremenek
kremenek at apple.com
Wed Dec 3 10:56:19 PST 2008
Author: kremenek
Date: Wed Dec 3 12:56:12 2008
New Revision: 60489
URL: http://llvm.org/viewvc/llvm-project?rev=60489&view=rev
Log:
BasicConstraintManager:
- Fix nonsensical logic in AssumeSymLE. When comparing 'sym <= constant' and the
constant is the minimum integer value, add the constraint that 'sym ==
constant' when the path is deemed feasible. All other cases are feasible.
- Improve AssumeSymLT to address <rdar://problem/6407949>. When comparing
'sym < constant' and constant is the minimum integer value we know the
path is infeasible.
- Add test case for <rdar://problem/6407949>.
Modified:
cfe/trunk/lib/Analysis/BasicConstraintManager.cpp
cfe/trunk/test/Analysis/null-deref-ps.c
Modified: cfe/trunk/lib/Analysis/BasicConstraintManager.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Analysis/BasicConstraintManager.cpp?rev=60489&r1=60488&r2=60489&view=diff
==============================================================================
--- cfe/trunk/lib/Analysis/BasicConstraintManager.cpp (original)
+++ cfe/trunk/lib/Analysis/BasicConstraintManager.cpp Wed Dec 3 12:56:12 2008
@@ -312,6 +312,13 @@
const GRState*
BasicConstraintManager::AssumeSymLT(const GRState* St, SymbolID sym,
const llvm::APSInt& V, bool& isFeasible) {
+
+ // Is 'V' the smallest possible value?
+ if (V == llvm::APSInt::getMinValue(V.getBitWidth(), V.isSigned())) {
+ // sym cannot be any value less than 'V'. This path is infeasible.
+ isFeasible = false;
+ return St;
+ }
// FIXME: For now have assuming x < y be the same as assuming sym != V;
return AssumeSymNE(St, sym, V, isFeasible);
@@ -345,17 +352,28 @@
BasicConstraintManager::AssumeSymLE(const GRState* St, SymbolID sym,
const llvm::APSInt& V, bool& isFeasible) {
- // FIXME: Primitive logic for now. Only reject a path if the value of
- // sym is a constant X and !(X <= V).
-
+ // Reject a path if the value of sym is a constant X and !(X <= V).
if (const llvm::APSInt* X = getSymVal(St, sym)) {
isFeasible = *X <= V;
return St;
}
- isFeasible = !isNotEqual(St, sym, V) ||
- (V != llvm::APSInt::getMinValue(V.getBitWidth(), V.isSigned()));
-
+ // Sym is not a constant, but it is worth looking to see if V is the
+ // minimum integer value.
+ if (V == llvm::APSInt::getMinValue(V.getBitWidth(), V.isSigned())) {
+ // If we know that sym != V, then this condition is infeasible since
+ // there is no other value less than V.
+ isFeasible = !isNotEqual(St, sym, V);
+
+ // If the path is still feasible then as a consequence we know that
+ // 'sym == V' because we cannot have 'sym < V' (no smaller values).
+ // Add this constraint.
+ if (isFeasible)
+ return AddEQ(St, sym, V);
+ }
+ else
+ isFeasible = true;
+
return St;
}
Modified: cfe/trunk/test/Analysis/null-deref-ps.c
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/null-deref-ps.c?rev=60489&r1=60488&r2=60489&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/null-deref-ps.c (original)
+++ cfe/trunk/test/Analysis/null-deref-ps.c Wed Dec 3 12:56:12 2008
@@ -134,3 +134,13 @@
return p;
}
+// Test case from <rdar://problem/6407949>
+void f11(unsigned i) {
+ int *x = 0;
+ if (i >= 0) {
+ // always true
+ } else {
+ *x = 42; // no-warning
+ }
+}
+
More information about the cfe-commits
mailing list