[clang] [clang][StaticAnalyzer] Fix crash in SimpleSValBuilder with unsigned __int128 and negative literals (PR #150225)
Balazs Benics via cfe-commits
cfe-commits at lists.llvm.org
Fri Jul 25 06:16:46 PDT 2025
================
@@ -217,12 +217,27 @@ SVal SimpleSValBuilder::MakeSymIntVal(const SymExpr *LHS,
// Change a+(-N) into a-N, and a-(-N) into a+N
// Adjust addition/subtraction of negative value, to
// subtraction/addition of the negated value.
- APSIntType resultIntTy = BasicVals.getAPSIntType(resultTy);
- if (isNegationValuePreserving(RHS, resultIntTy)) {
- ConvertedRHS = BasicVals.getValue(-resultIntTy.convert(RHS));
- op = (op == BO_Add) ? BO_Sub : BO_Add;
- } else {
+ // Check if resultTy is valid before using it
+ if (resultTy.isNull()) {
ConvertedRHS = BasicVals.Convert(resultTy, RHS);
+ } else {
+ APSIntType resultIntTy = BasicVals.getAPSIntType(resultTy);
+ if (isNegationValuePreserving(RHS, resultIntTy)) {
+ // For large unsigned types, we need to be careful about the conversion
+ // to avoid issues with very large intermediate values
+ if (resultIntTy.isUnsigned() && resultIntTy.getBitWidth() > 64) {
+ // For large unsigned types, convert the absolute value directly
+ // instead of converting the negative value and then negating
+ llvm::APSInt AbsRHS = RHS;
+ AbsRHS.negate();
+ ConvertedRHS = BasicVals.Convert(resultTy, AbsRHS);
+ } else {
+ ConvertedRHS = BasicVals.getValue(-resultIntTy.convert(RHS));
+ }
+ op = (op == BO_Add) ? BO_Sub : BO_Add;
+ } else {
+ ConvertedRHS = BasicVals.Convert(resultTy, RHS);
+ }
----------------
steakhal wrote:
I've not checked this part. I'll come back once we finished with the rest.
https://github.com/llvm/llvm-project/pull/150225
More information about the cfe-commits
mailing list