[cfe-commits] r91981 - in /cfe/trunk: lib/Analysis/SValuator.cpp test/Analysis/misc-ps-region-store.m
Ted Kremenek
kremenek at apple.com
Tue Dec 22 18:52:14 PST 2009
Author: kremenek
Date: Tue Dec 22 20:52:14 2009
New Revision: 91981
URL: http://llvm.org/viewvc/llvm-project?rev=91981&view=rev
Log:
Fix PR 5857. When casting from a symbolic region to an integer back to a pointer value, we were not correctly layering the correct ElementRegion on the original SymbolicRegion.
Modified:
cfe/trunk/lib/Analysis/SValuator.cpp
cfe/trunk/test/Analysis/misc-ps-region-store.m
Modified: cfe/trunk/lib/Analysis/SValuator.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Analysis/SValuator.cpp?rev=91981&r1=91980&r2=91981&view=diff
==============================================================================
--- cfe/trunk/lib/Analysis/SValuator.cpp (original)
+++ cfe/trunk/lib/Analysis/SValuator.cpp Tue Dec 22 20:52:14 2009
@@ -72,10 +72,14 @@
// Check for casts from integers to pointers.
if (Loc::IsLocType(castTy) && originalTy->isIntegerType()) {
if (nonloc::LocAsInteger *LV = dyn_cast<nonloc::LocAsInteger>(&val)) {
- // Just unpackage the lval and return it.
+ if (const MemRegion *R = LV->getLoc().getAsRegion()) {
+ StoreManager &storeMgr = ValMgr.getStateManager().getStoreManager();
+ R = storeMgr.CastRegion(R, castTy);
+ return R ? CastResult(state, loc::MemRegionVal(R))
+ : CastResult(state, UnknownVal());
+ }
return CastResult(state, LV->getLoc());
}
-
goto DispatchCast;
}
@@ -136,15 +140,12 @@
// different type. If the MemRegion* returned is NULL, this expression
// evaluates to UnknownVal.
R = storeMgr.CastRegion(R, castTy);
-
- if (R)
- return CastResult(state, loc::MemRegionVal(R));
-
- return CastResult(state, UnknownVal());
+ return R ? CastResult(state, loc::MemRegionVal(R))
+ : CastResult(state, UnknownVal());
}
- // All other cases.
DispatchCast:
+ // All other cases.
return CastResult(state,
isa<Loc>(val) ? EvalCastL(cast<Loc>(val), castTy)
: EvalCastNL(cast<NonLoc>(val), castTy));
Modified: cfe/trunk/test/Analysis/misc-ps-region-store.m
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/misc-ps-region-store.m?rev=91981&r1=91980&r2=91981&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/misc-ps-region-store.m (original)
+++ cfe/trunk/test/Analysis/misc-ps-region-store.m Tue Dec 22 20:52:14 2009
@@ -1,5 +1,5 @@
// RUN: %clang_cc1 -triple i386-apple-darwin9 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=region -verify -fblocks -analyzer-opt-analyze-nested-blocks %s
-// RUN: %clang_cc1 -triple x86_64-apple-darwin9 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=region -verify -fblocks -analyzer-opt-analyze-nested-blocks %s
+// RUN: %clang_cc1 -triple x86_64-apple-darwin9 -DTEST_64 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=region -verify -fblocks -analyzer-opt-analyze-nested-blocks %s
typedef struct objc_selector *SEL;
typedef signed char BOOL;
@@ -23,6 +23,13 @@
@end
extern NSString * const NSConnectionReplyMode;
+#ifdef TEST_64
+typedef long long int64_t;
+typedef int64_t intptr_t;
+#else
+typedef int int32_t;
+typedef int32_t intptr_t;
+#endif
//---------------------------------------------------------------------------
// Test case 'checkaccess_union' differs for region store and basic store.
@@ -636,3 +643,22 @@
}();
}
+//===----------------------------------------------------------------------===//
+// PR 5857 - Test loading an integer from a byte array that has also been
+// reinterpreted to be loaded as a field.
+//===----------------------------------------------------------------------===//
+
+typedef struct { int x; } TestFieldLoad;
+int pr5857(char *src) {
+ TestFieldLoad *tfl = (TestFieldLoad *) (intptr_t) src;
+ int y = tfl->x;
+ long long *z = (long long *) (intptr_t) src;
+ long long w = 0;
+ int n = 0;
+ for (n = 0; n < y; ++n) {
+ // Previously we crashed analyzing this statement.
+ w = *z++;
+ }
+ return 1;
+}
+
More information about the cfe-commits
mailing list