[cfe-commits] r107236 - in /cfe/trunk: lib/Checker/SimpleSValuator.cpp test/Analysis/ptr-arith.c

Jordy Rose jediknil at belkadan.com
Tue Jun 29 18:35:20 PDT 2010 

Author: jrose
Date: Tue Jun 29 20:35:20 2010
New Revision: 107236

URL: http://llvm.org/viewvc/llvm-project?rev=107236&view=rev
Log:
Pointers casted as integers still count as locations to SimpleSValuator, so don't crash if we do a funny thing like ((int)ptr)&1. Fixes PR7527.

Modified:
    cfe/trunk/lib/Checker/SimpleSValuator.cpp
    cfe/trunk/test/Analysis/ptr-arith.c

Modified: cfe/trunk/lib/Checker/SimpleSValuator.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Checker/SimpleSValuator.cpp?rev=107236&r1=107235&r2=107236&view=diff
==============================================================================
--- cfe/trunk/lib/Checker/SimpleSValuator.cpp (original)
+++ cfe/trunk/lib/Checker/SimpleSValuator.cpp Tue Jun 29 20:35:20 2010
@@ -502,7 +502,12 @@
                                   QualType resultTy) {
   // Only comparisons and subtractions are valid operations on two pointers.
   // See [C99 6.5.5 through 6.5.14] or [C++0x 5.6 through 5.15].
-  assert(BinaryOperator::isComparisonOp(op) || op == BinaryOperator::Sub);
+  // However, if a pointer is casted to an integer, EvalBinOpNN may end up
+  // calling this function with another operation (PR7527). We don't attempt to
+  // model this for now, but it could be useful, particularly when the
+  // "location" is actually an integer value that's been passed through a void*.
+  if (!(BinaryOperator::isComparisonOp(op) || op == BinaryOperator::Sub))
+    return UnknownVal();
 
   // Special cases for when both sides are identical.
   if (lhs == rhs) {

Modified: cfe/trunk/test/Analysis/ptr-arith.c
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/ptr-arith.c?rev=107236&r1=107235&r2=107236&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/ptr-arith.c (original)
+++ cfe/trunk/test/Analysis/ptr-arith.c Tue Jun 29 20:35:20 2010
@@ -281,3 +281,8 @@
   if (&a <= p)
     WARN; // expected-warning{{}}
 }
+
+void PR7527 (int *p) {
+  if (((int) p) & 1) // not crash
+    return;
+}

More information about the cfe-commits mailing list