[cfe-commits] [patch] Tracking simple arithmetic constraints (PR2695) (resubmitted)

Zhongxing Xu xuzhongxing at gmail.com
Sat Jun 5 20:04:09 PDT 2010

Hi Jordy,

This patch looks good to me.

About overflow, in the future it could be filtered in another specific
integer overflow checker. For example, if we have code:

  if (x + c1 > c2) ...

and c2 - c1 > MAX_INT, it's better to process this case in a overflow
checker to say that this condition could never be true and emit a warning
about it. Then abort the path or proceed as the condition indicates.

With this integer overflow checker, the process of overflow in constraint
manager could be simpler or different. For example, we could emit warning
once an overflow occurs, and ignore their cancel out effects entirely.

On Sun, Jun 6, 2010 at 9:01 AM, Jordy Rose <jediknil at belkadan.com> wrote:

> *ping*
> Very basic support for handling conditions involving addition and
> subtraction, such as this:
>  char* name = malloc(1);
>  if (length+1 == 10) {
>    free(name);
>  }
>  if (length+1 == 10) {
>    name = malloc(1); // no-warning
>  }
>  free(name);
> Fixes PR2695; next on the list would be to expand this for the case in
> PR4550, which uses shifts. These will be harder, of course, since shifts
> and the rest of the binary operations (except XOR) destroy information.
> Hoping this is a reasonable way to implement this? In particular, I get
> the feeling that there's an easier way to perform APSInt operations and
> catch overflow.
> _______________________________________________
> cfe-commits mailing list
> cfe-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20100606/1c33b7f2/attachment.html>

More information about the cfe-commits mailing list