diff options
| author | Ted Kremenek <kremenek@apple.com> | 2009-10-16 20:46:24 +0000 |
|---|---|---|
| committer | Ted Kremenek <kremenek@apple.com> | 2009-10-16 20:46:24 +0000 |
| commit | 70bf6d61028ee5c12b910f191a3a6113218a4e77 (patch) | |
| tree | b980db97f7279ad58a1981392f51caba5b20ad47 | |
| parent | 31fcde13ac7d7e44a9287632e9c8826cefa76a96 (diff) | |
| download | bcm5719-llvm-70bf6d61028ee5c12b910f191a3a6113218a4e77.tar.gz bcm5719-llvm-70bf6d61028ee5c12b910f191a3a6113218a4e77.zip | |
Fix static analyzer crash due to recently add symbolic-value constant folding. The issue was falsely
converting the constant value of the LHS of a '<<'/'>>' operation to the same APSInt value of the
RHS.
llvm-svn: 84269
| -rw-r--r-- | clang/lib/Analysis/SimpleSValuator.cpp | 10 | ||||
| -rw-r--r-- | clang/test/Analysis/misc-ps.m | 12 |
2 files changed, 21 insertions, 1 deletions
diff --git a/clang/lib/Analysis/SimpleSValuator.cpp b/clang/lib/Analysis/SimpleSValuator.cpp index 636ce15c332..5af4c062e08 100644 --- a/clang/lib/Analysis/SimpleSValuator.cpp +++ b/clang/lib/Analysis/SimpleSValuator.cpp @@ -349,7 +349,15 @@ SVal SimpleSValuator::EvalBinOpNN(const GRState *state, // Does the symbol simplify to a constant? if (Sym->getType(ValMgr.getContext())->isIntegerType()) if (const llvm::APSInt *Constant = state->getSymVal(Sym)) { - // What should we convert it to? + // For shifts, there is no need to perform any conversions + // of the constant. + if (BinaryOperator::isShiftOp(op)) { + lhs = nonloc::ConcreteInt(*Constant); + continue; + } + + // Other cases: do an implicit conversion. This shouldn't be + // necessary once we support truncation/extension of symbolic values. if (nonloc::ConcreteInt *rhs_I = dyn_cast<nonloc::ConcreteInt>(&rhs)){ BasicValueFactory &BVF = ValMgr.getBasicValueFactory(); lhs = nonloc::ConcreteInt(BVF.Convert(rhs_I->getValue(), diff --git a/clang/test/Analysis/misc-ps.m b/clang/test/Analysis/misc-ps.m index 10e5823c206..48d1111a601 100644 --- a/clang/test/Analysis/misc-ps.m +++ b/clang/test/Analysis/misc-ps.m @@ -691,4 +691,16 @@ void test_constant_symbol(signed char x) { } } +// Test constant-folding of symbolic values, where a folded symbolic value is used in a +// bitshift operation. This previously caused a crash because it triggered an assertion +// in APSInt. +void test_symbol_fold_with_shift(unsigned int * p, unsigned int n, + const unsigned int * grumpkin, unsigned int dn) { + unsigned int i; + unsigned int tempsub[8]; + unsigned int *solgrumpkin = tempsub + n; + for (i = 0; i < n; i++) + solgrumpkin[i] = (i < dn) ? ~grumpkin[i] : 0xFFFFFFFF; + for (i <<= 5; i < (n << 5); i++) {} +} |
