From: Ted Kremenek <kremenek@apple.com>
Date: Mon, 23 Mar 2009 17:10:25 +0000 (+0000)
Subject: analyzer: Provide temporary workaround for false positive reported by
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=68ac94a8d7c7a967ace59c565736d07e80de77e7;p=clang

analyzer: Provide temporary workaround for false positive reported by
<rdar://problem/6704930> involving SimpleConstraintManager not reasoning well
about symbolic constraint values involving arithmetic operators.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@67534 91177308-0d34-0410-b5e6-96231b3b80d8
---

diff --git a/lib/Analysis/SimpleConstraintManager.cpp b/lib/Analysis/SimpleConstraintManager.cpp
index a4d59bec88..e6f940e57c 100644
--- a/lib/Analysis/SimpleConstraintManager.cpp
+++ b/lib/Analysis/SimpleConstraintManager.cpp
@@ -29,6 +29,17 @@ bool SimpleConstraintManager::canReasonAbout(SVal X) const {
       case BinaryOperator::Or:
       case BinaryOperator::Xor:
         return false;
+        // We don't reason yet about arithmetic constraints on symbolic values.
+      case BinaryOperator::Mul:
+      case BinaryOperator::Div:
+      case BinaryOperator::Rem:
+      case BinaryOperator::Add:
+      case BinaryOperator::Sub:
+      case BinaryOperator::Shl:
+      case BinaryOperator::Shr:
+        return false;
+
+        // All other cases.
       default:
         return true;
     }
diff --git a/test/Analysis/retain-release.m b/test/Analysis/retain-release.m
index 50a809c36a..9fd15d3e7a 100644
--- a/test/Analysis/retain-release.m
+++ b/test/Analysis/retain-release.m
@@ -299,8 +299,8 @@ static void rdar_6659160(char *inkind, char *inname)
   NSString *kind = [[NSString alloc] initWithUTF8String:inkind];  // expected-warning{{leak}}
   
   // We do allow stringWithUTF8String to fail.  This isn't really correct, as
-  // far as returning nil.  In most error conditions it will throw an exception.
-  // If allocation fails it could return nil, but again this
+  // far as returning 0.  In most error conditions it will throw an exception.
+  // If allocation fails it could return 0, but again this
   // isn't expected.
   NSString *name = [NSString stringWithUTF8String:inname];
   if(!name)
@@ -360,3 +360,37 @@ void pr3820_DeallocAfterRelease(void)
   [foo dealloc]; // expected-warning{{used after it is released}}
   // message sent to released object
 }
+
+// From <rdar://problem/6704930>.  The problem here is that 'length' binds to
+// '($0 - 1)' after '--length', but SimpleConstraintManager doesn't know how to
+// reason about '($0 - 1) > constant'.  As a temporary hack, we drop the value
+// of '($0 - 1)' and conjure a new symbol.
+void rdar6704930(unsigned char *s, unsigned int length) {
+  NSString* name = 0;
+  if (s != 0) {
+    if (length > 0) {
+      while (length > 0) {
+        if (*s == ':') {
+          ++s;
+          --length;
+          name = [[NSString alloc] init]; // no-warning
+          break;
+        }
+        ++s;
+        --length;
+      }
+      if ((length == 0) && (name != 0)) {
+        [name release];
+        name = 0;
+      }
+      if (length == 0) { // no ':' found -> use it all as name
+        name = [[NSString alloc] init]; // no-warning
+      }
+    }
+  }
+
+  if (name != 0) {
+    [name release];
+  }
+}
+