Author: kremenek
Date: Wed Sep 1 18:00:46 2010
New Revision: 112761
URL: http://llvm.org/viewvc/llvm-project?rev=112761&view=rev
Log:
Don't assert in the analyzer when analyze code does a byte load from a function's address. Fixes PR 8052.
Modified:
cfe/trunk/lib/Checker/RegionStore.cpp
cfe/trunk/lib/Checker/Store.cpp
cfe/trunk/test/Analysis/misc-ps-region-store.m
Modified: cfe/trunk/lib/Checker/RegionStore.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Checker/RegionStore.cpp?rev=112761&r1=112760&r2=112761&view=diff
==============================================================================
--- cfe/trunk/lib/Checker/RegionStore.cpp (original)
+++ cfe/trunk/lib/Checker/RegionStore.cpp Wed Sep 1 18:00:46 2010
@@ -1087,6 +1087,10 @@
return ValMgr.makeIntVal(c, T);
}
}
+
+ // Check for loads from a code text region. For such loads, just give up.
+ if (const CodeTextRegion *cR = dyn_cast<CodeTextRegion>(superR))
+ return UnknownVal();
// Handle the case where we are indexing into a larger scalar object.
// For example, this handles:
Modified: cfe/trunk/lib/Checker/Store.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Checker/Store.cpp?rev=112761&r1=112760&r2=112761&view=diff
==============================================================================
--- cfe/trunk/lib/Checker/Store.cpp (original)
+++ cfe/trunk/lib/Checker/Store.cpp Wed Sep 1 18:00:46 2010
@@ -101,17 +101,10 @@
assert(0 && "Invalid region cast");
break;
}
-
+
case MemRegion::FunctionTextRegionKind:
case MemRegion::BlockTextRegionKind:
- case MemRegion::BlockDataRegionKind: {
- // CodeTextRegion should be cast to only a function or block pointer type,
- // although they can in practice be casted to anything, e.g, void*, char*,
- // etc.
- // Just return the region.
- return R;
- }
-
+ case MemRegion::BlockDataRegionKind:
case MemRegion::StringRegionKind:
// FIXME: Need to handle arbitrary downcasts.
case MemRegion::SymbolicRegionKind:
Modified: cfe/trunk/test/Analysis/misc-ps-region-store.m
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/misc-ps-region-store.m?rev=112761&r1=112760&r2=112761&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/misc-ps-region-store.m (original)
+++ cfe/trunk/test/Analysis/misc-ps-region-store.m Wed Sep 1 18:00:46 2010
@@ -1066,3 +1066,27 @@
// Do not warn that the value of 'foo' is uninitialized.
return foo; // no-warning
}
+
+// PR 8052 - Don't crash when reasoning about loads from a function address.\n
+typedef unsigned int __uint32_t;
+typedef unsigned long vm_offset_t;
+typedef __uint32_t pd_entry_t;
+typedef unsigned char u_char;
+typedef unsigned int u_int;
+typedef unsigned long u_long;
+extern int bootMP_size;
+void bootMP(void);
+static void
+pr8052(u_int boot_addr)
+{
+ int x;
+ int size = *(int *) ((u_long) & bootMP_size);
+ u_char *src = (u_char *) ((u_long) bootMP);
+ u_char *dst = (u_char *) boot_addr + ((vm_offset_t) ((((((((1 <<
+12) / (sizeof(pd_entry_t))) - 1) - 1) - (260 - 2))) << 22) | ((0) << 12)));
+ for (x = 0;
+ x < size;
+ ++x)
+ *dst++ = *src++;
+}
+