]> granicus.if.org Git - clang/commitdiff
projects / clang / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 688a248)
Teach GRSimpleVals::EvalNE and GRSimplVals::EvalEQ about TypedRegionViews and
authorTed Kremenek <kremenek@apple.com>
Mon, 9 Mar 2009 20:35:15 +0000 (20:35 +0000)
committerTed Kremenek <kremenek@apple.com>
Mon, 9 Mar 2009 20:35:15 +0000 (20:35 +0000)
SymbolicRegions. This fixes a serious regression when checking symbolic pointers
against null.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@66444 91177308-0d34-0410-b5e6-96231b3b80d8

lib/Analysis/GRSimpleVals.cpp patch | blob | history

diff --git a/lib/Analysis/GRSimpleVals.cpp b/lib/Analysis/GRSimpleVals.cpp
index 90d9e57bfd4920158aabed3e03e7662a3ee822ca..e2dde76e2000f6a39313a6c68211bb34392978b0 100644 (file)
--- a/lib/Analysis/GRSimpleVals.cpp
+++ b/lib/Analysis/GRSimpleVals.cpp
@@ -262,6 +262,17 @@ SVal GRSimpleVals::EvalBinOp(GRExprEngine& Eng, BinaryOperator::Opcode Op,
 }
 
 // Pointer arithmetic.
+static Loc StripViews(Loc X) {
+  if (isa<loc::MemRegionVal>(X)) {
+    const SymbolicRegion *Region =
+      cast<loc::MemRegionVal>(X).getRegion()->getAs<SymbolicRegion>();
+    
+    if (Region)
+      return Loc::MakeVal(Region->getSymbol());
+  }
+  
+  return X;
+}
 
 SVal GRSimpleVals::EvalBinOp(GRExprEngine& Eng, BinaryOperator::Opcode Op,
                              Loc L, NonLoc R) {  
@@ -274,7 +285,8 @@ SVal GRSimpleVals::EvalBinOp(GRExprEngine& Eng, BinaryOperator::Opcode Op,
 SVal GRSimpleVals::EvalEQ(GRExprEngine& Eng, Loc L, Loc R) {
   
   BasicValueFactory& BasicVals = Eng.getBasicVals();
-  
+
+TryAgain:
   switch (L.getSubKind()) {
 
     default:
@@ -320,7 +332,20 @@ SVal GRSimpleVals::EvalEQ(GRExprEngine& Eng, Loc L, Loc R) {
       return UnknownVal();      
     }
       
-    case loc::MemRegionKind:
+    case loc::MemRegionKind: {
+      // See if 'L' and 'R' both wrap symbols.
+      Loc LTmp = StripViews(L);
+      Loc RTmp = StripViews(R);
+      
+      if (LTmp != L || RTmp != R) {
+        L = LTmp;
+        R = RTmp;
+        goto TryAgain;
+      }
+    }    
+    
+    // Fall-through.
+      
     case loc::FuncValKind:
     case loc::GotoLabelKind:
       return NonLoc::MakeIntTruthVal(BasicVals, L == R);
@@ -333,6 +358,7 @@ SVal GRSimpleVals::EvalNE(GRExprEngine& Eng, Loc L, Loc R) {
   
   BasicValueFactory& BasicVals = Eng.getBasicVals();
 
+TryAgain:
   switch (L.getSubKind()) {
 
     default:
@@ -357,7 +383,7 @@ SVal GRSimpleVals::EvalNE(GRExprEngine& Eng, Loc L, Loc R) {
       }
       
       break;
-      
+
     case loc::SymbolValKind: {
       if (isa<loc::ConcreteInt>(R)) {          
         const SymIntConstraint& C =
@@ -378,7 +404,18 @@ SVal GRSimpleVals::EvalNE(GRExprEngine& Eng, Loc L, Loc R) {
       break;
     }
       
-    case loc::MemRegionKind:
+    case loc::MemRegionKind: {
+      // See if 'L' and 'R' both wrap symbols.
+      Loc LTmp = StripViews(L);
+      Loc RTmp = StripViews(R);
+      
+      if (LTmp != L || RTmp != R) {
+        L = LTmp;
+        R = RTmp;
+        goto TryAgain;
+      }
+    }
+      
     case loc::FuncValKind:
     case loc::GotoLabelKind:
       return NonLoc::MakeIntTruthVal(BasicVals, L != R);
Unnamed repository; edit this file 'description' to name the repository.