iterator end() const { return ExprBindings.end(); }
- /// GetSVal - Fetches the current binding of the expression in the
+ /// getSVal - Fetches the current binding of the expression in the
/// Environment.
- SVal getSVal(const Stmt* Ex, SValBuilder& svalBuilder) const;
+ SVal getSVal(const Stmt* Ex, SValBuilder& svalBuilder,
+ bool useOnlyDirectBindings = false) const;
/// Profile - Profile the contents of an Environment object for use
/// in a FoldingSet.
const llvm::APSInt *getSymVal(SymbolRef sym) const;
/// Returns the SVal bound to the statement 'S' in the state's environment.
- SVal getSVal(const Stmt* S) const;
+ SVal getSVal(const Stmt* S, bool useOnlyDirectBindings = false) const;
SVal getSValAsScalarOrLoc(const Stmt *Ex) const;
return getStateManager().getSymVal(this, sym);
}
-inline SVal GRState::getSVal(const Stmt* Ex) const {
- return Env.getSVal(Ex, *getStateManager().svalBuilder);
+inline SVal GRState::getSVal(const Stmt* Ex, bool useOnlyDirectBindings) const{
+ return Env.getSVal(Ex, *getStateManager().svalBuilder,
+ useOnlyDirectBindings);
}
inline SVal GRState::getSValAsScalarOrLoc(const Stmt *S) const {
ExplodedNode *N = *I;
const GRState *stateLoad = N->getState();
- SVal theValueVal_untested = stateLoad->getSVal(theValueExpr);
+
+ // Use direct bindings from the environment since we are forcing a load
+ // from a location that the Environment would typically not be used
+ // to bind a value.
+ SVal theValueVal_untested = stateLoad->getSVal(theValueExpr, true);
+
SVal oldValueVal_untested = stateLoad->getSVal(oldValueExpr);
// FIXME: Issue an error.
return UnknownVal();
}
-SVal Environment::getSVal(const Stmt *E, SValBuilder& svalBuilder) const {
+SVal Environment::getSVal(const Stmt *E, SValBuilder& svalBuilder,
+ bool useOnlyDirectBindings) const {
+
+ if (useOnlyDirectBindings) {
+ // This branch is rarely taken, but can be exercised by
+ // checkers that explicitly bind values to arbitrary
+ // expressions. It is crucial that we do not ignore any
+ // expression here, and do a direct lookup.
+ return lookupExpr(E);
+ }
+
for (;;) {
switch (E->getStmtClass()) {
case Stmt::AddrLabelExprClass:
--- /dev/null
+// RUN: %clang_cc1 -triple x86_64-apple-darwin9 -analyze -analyzer-checker=core,osx -analyzer-store=region -verify -fblocks -analyzer-opt-analyze-nested-blocks %s
+
+// Test handling of OSAtomicCompareAndSwap when C++ inserts "no-op" casts and we
+// do a forced load and binding to the environment on an expression that would regularly
+// not have an environment binding. This previously triggered a crash (<rdar://problem/9339920>).
+// NOTE: It is critical that the function called is OSAtomicCompareAndSwapIntBarrier.
+bool OSAtomicCompareAndSwapIntBarrier( int __oldValue, int __newValue, volatile int *__theValue ) ;
+static int _rdar9339920_x = 0;
+int rdar9339920_aux();
+
+int rdar9339920_test() {
+ int rdar9339920_x = rdar9339920_aux();
+ if (rdar9339920_x != _rdar9339920_x) {
+ if (OSAtomicCompareAndSwapIntBarrier(_rdar9339920_x, rdar9339920_x, &_rdar9339920_x))
+ return 1;
+ }
+ return 0;
+}
+
projects / clang / commitdiff