[PATCH] D22862: [analyzer] Fix for PR15623: eliminate unwanted ProgramState checker data propagation.
Artem Dergachev via cfe-commits
cfe-commits at lists.llvm.org
Mon Aug 15 02:37:52 PDT 2016
NoQ added a comment.
> @dcoughlin, @NoQ, could you, please, tell, how you get dumps of symbolic expressions and constraints like "(conj_$6{void *}) != 0U"? Tried different debug.* checkers and clang_analyzer_explain() but failed.
That's `SVal.dump()`, `SymbolRef->dump()`, `MemRegion.dump()` (you can also push those directly into `llvm::errs()`), `ProgramStateRef->dump()`, and ultimately `ExprEngine.ViewExplodedGraph()` (the last one can be activated in run-time with `debug.ViewExplodedGraph` checker or with `-analyzer-viz-egraph-graphviz` which was the one i used, see also http://clang-analyzer.llvm.org/checker_dev_manual.html#commands In fact `clang-analyzer-explain()` was an attempt to make these dumps a bit more understandable.
> Hm, updated to trunk, now the test passes without the patch. Changing "_Bool" to "int" in the test reproduces the issue.
Aha, i see! The cast to `int` gets represented as a `nonloc::LocAsInteger` value:
&element{SymRegion{conj_$6{void *}},0 S64b,char} [as 32 bit integer]
which is, of course, incorrect, and Devin's fix makes perfect sense here in my opinion :)
https://reviews.llvm.org/D22862
More information about the cfe-commits
mailing list