[cfe-commits] r80026 - in /cfe/trunk: include/clang/Analysis/PathSensitive/Store.h lib/Analysis/BasicStore.cpp lib/Analysis/RegionStore.cpp lib/Analysis/Store.cpp test/Analysis/misc-ps.m
Ted Kremenek
kremenek at apple.com
Tue Aug 25 13:51:30 PDT 2009
Author: kremenek
Date: Tue Aug 25 15:51:30 2009
New Revision: 80026
URL: http://llvm.org/viewvc/llvm-project?rev=80026&view=rev
Log:
Fix crash reported in <rdar://problem/7124210> by "back-porting" some of the
implicit cast logic in RegionStoreManager to BasicStoreManager. This involved
moving CastRetriedVal from RegionStoreManager to StoreManager.
Modified:
cfe/trunk/include/clang/Analysis/PathSensitive/Store.h
cfe/trunk/lib/Analysis/BasicStore.cpp
cfe/trunk/lib/Analysis/RegionStore.cpp
cfe/trunk/lib/Analysis/Store.cpp
cfe/trunk/test/Analysis/misc-ps.m
Modified: cfe/trunk/include/clang/Analysis/PathSensitive/Store.h
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/Analysis/PathSensitive/Store.h?rev=80026&r1=80025&r2=80026&view=diff
==============================================================================
--- cfe/trunk/include/clang/Analysis/PathSensitive/Store.h (original)
+++ cfe/trunk/include/clang/Analysis/PathSensitive/Store.h Tue Aug 25 15:51:30 2009
@@ -177,10 +177,16 @@
/// iterBindings - Iterate over the bindings in the Store.
virtual void iterBindings(Store store, BindingsHandler& f) = 0;
-private:
+protected:
CastResult MakeElementRegion(const GRState *state, const MemRegion *region,
QualType pointeeTy, QualType castToTy,
uint64_t index = 0);
+
+ /// CastRetrievedVal - Used by subclasses of StoreManager to implement
+ /// implicit casts that arise from loads from regions that are reinterpreted
+ /// as another region.
+ SValuator::CastResult CastRetrievedVal(SVal val, const GRState *state,
+ const TypedRegion *R, QualType castTy);
};
// FIXME: Do we still need this?
Modified: cfe/trunk/lib/Analysis/BasicStore.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Analysis/BasicStore.cpp?rev=80026&r1=80025&r2=80026&view=diff
==============================================================================
--- cfe/trunk/lib/Analysis/BasicStore.cpp (original)
+++ cfe/trunk/lib/Analysis/BasicStore.cpp Tue Aug 25 15:51:30 2009
@@ -271,7 +271,7 @@
if (isa<UnknownVal>(loc))
return SValuator::CastResult(state, UnknownVal());
- assert (!isa<UndefinedVal>(loc));
+ assert(!isa<UndefinedVal>(loc));
switch (loc.getSubKind()) {
@@ -296,8 +296,12 @@
return SValuator::CastResult(state, UnknownVal());
BindingsTy B = GetBindings(state->getStore());
- BindingsTy::data_type* T = B.lookup(R);
- return SValuator::CastResult(state, T ? *T : UnknownVal());
+ BindingsTy::data_type *Val = B.lookup(R);
+
+ if (!Val)
+ break;
+
+ return CastRetrievedVal(*Val, state, cast<TypedRegion>(R), T);
}
case loc::ConcreteIntKind:
Modified: cfe/trunk/lib/Analysis/RegionStore.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Analysis/RegionStore.cpp?rev=80026&r1=80025&r2=80026&view=diff
==============================================================================
--- cfe/trunk/lib/Analysis/RegionStore.cpp (original)
+++ cfe/trunk/lib/Analysis/RegionStore.cpp Tue Aug 25 15:51:30 2009
@@ -299,9 +299,6 @@
SVal RetrieveFieldOrElementCommon(const GRState *state, const TypedRegion *R,
QualType Ty, const MemRegion *superR);
- SValuator::CastResult CastRetrievedVal(SVal val, const GRState *state,
- const TypedRegion *R, QualType castTy);
-
/// Retrieve the values in a struct and return a CompoundVal, used when doing
/// struct copy:
/// struct s x, y;
@@ -1247,17 +1244,6 @@
#endif
}
-SValuator::CastResult RegionStoreManager::CastRetrievedVal(SVal V,
- const GRState *state,
- const TypedRegion *R,
- QualType castTy) {
- if (castTy.isNull())
- return SValuator::CastResult(state, V);
-
- ASTContext &Ctx = getContext();
- return ValMgr.getSValuator().EvalCast(V, state, castTy, R->getValueType(Ctx));
-}
-
//===----------------------------------------------------------------------===//
// Binding values to regions.
//===----------------------------------------------------------------------===//
Modified: cfe/trunk/lib/Analysis/Store.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Analysis/Store.cpp?rev=80026&r1=80025&r2=80026&view=diff
==============================================================================
--- cfe/trunk/lib/Analysis/Store.cpp (original)
+++ cfe/trunk/lib/Analysis/Store.cpp Tue Aug 25 15:51:30 2009
@@ -197,3 +197,19 @@
return CastResult(state, R);
}
+
+
+/// CastRetrievedVal - Used by subclasses of StoreManager to implement
+/// implicit casts that arise from loads from regions that are reinterpreted
+/// as another region.
+SValuator::CastResult StoreManager::CastRetrievedVal(SVal V,
+ const GRState *state,
+ const TypedRegion *R,
+ QualType castTy) {
+ if (castTy.isNull())
+ return SValuator::CastResult(state, V);
+
+ ASTContext &Ctx = ValMgr.getContext();
+ return ValMgr.getSValuator().EvalCast(V, state, castTy, R->getValueType(Ctx));
+}
+
Modified: cfe/trunk/test/Analysis/misc-ps.m
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/misc-ps.m?rev=80026&r1=80025&r2=80026&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/misc-ps.m (original)
+++ cfe/trunk/test/Analysis/misc-ps.m Tue Aug 25 15:51:30 2009
@@ -533,3 +533,12 @@
return j;
}
+// This test case previously crashed with -analyzer-store=basic because the
+// symbolic value stored in 'x' wouldn't be implicitly casted to a signed value
+// during the comparison.
+int rdar_7124210(unsigned int x) {
+ enum { SOME_CONSTANT = 123 };
+ int compare = ((signed) SOME_CONSTANT) == *((signed *) &x);
+ return compare ? 0 : 1; // Forces the evaluation of the symbolic constraint.
+}
+
More information about the cfe-commits
mailing list