commit 1894dce96476dbe58c0e60d47f8987cbeb3d3869
author Ted Kremenek <kremenek@apple.com> Tue Aug 25 20:51:30 2009 +0000
committer Ted Kremenek <kremenek@apple.com> Tue Aug 25 20:51:30 2009 +0000
tree 1968e5508a01c66260a9e35563bb1d96ae2aa379
parent 78ca7b3d34dda4ef584eb897985698ea062d07e1

Fix crash reported in <rdar://problem/7124210> by "back-porting" some of the
implicit cast logic in RegionStoreManager to BasicStoreManager. This involved
moving CastRetriedVal from RegionStoreManager to StoreManager.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@80026 91177308-0d34-0410-b5e6-96231b3b80d8

include/clang/Analysis/PathSensitive/Store.h

diff --git a/include/clang/Analysis/PathSensitive/Store.h b/include/clang/Analysis/PathSensitive/Store.h
index ffc3e24..51143ec 100644
--- a/include/clang/Analysis/PathSensitive/Store.h
+++ b/include/clang/Analysis/PathSensitive/Store.h
@@ -177,10 +177,16 @@
   /// iterBindings - Iterate over the bindings in the Store.
   virtual void iterBindings(Store store, BindingsHandler& f) = 0;
 
-private:
+protected:
   CastResult MakeElementRegion(const GRState *state, const MemRegion *region,
                                QualType pointeeTy, QualType castToTy,
                                uint64_t index = 0);
+  
+  /// CastRetrievedVal - Used by subclasses of StoreManager to implement
+  ///  implicit casts that arise from loads from regions that are reinterpreted
+  ///  as another region.
+  SValuator::CastResult CastRetrievedVal(SVal val, const GRState *state,
+                                         const TypedRegion *R, QualType castTy);    
 };
 
 // FIXME: Do we still need this?

lib/Analysis/BasicStore.cpp

diff --git a/lib/Analysis/BasicStore.cpp b/lib/Analysis/BasicStore.cpp
index cb2af0f..e211339 100644
--- a/lib/Analysis/BasicStore.cpp
+++ b/lib/Analysis/BasicStore.cpp
@@ -271,7 +271,7 @@
   if (isa<UnknownVal>(loc))
     return SValuator::CastResult(state, UnknownVal());
   
-  assert (!isa<UndefinedVal>(loc));
+  assert(!isa<UndefinedVal>(loc));
   
   switch (loc.getSubKind()) {
 
@@ -296,8 +296,12 @@
         return SValuator::CastResult(state, UnknownVal());
       
       BindingsTy B = GetBindings(state->getStore());
-      BindingsTy::data_type* T = B.lookup(R);
-      return SValuator::CastResult(state, T ? *T : UnknownVal());
+      BindingsTy::data_type *Val = B.lookup(R);
+      
+      if (!Val)
+        break;
+      
+      return CastRetrievedVal(*Val, state, cast<TypedRegion>(R), T);
     }
       
     case loc::ConcreteIntKind:

lib/Analysis/RegionStore.cpp

diff --git a/lib/Analysis/RegionStore.cpp b/lib/Analysis/RegionStore.cpp
index 53ef054..9225bfb 100644
--- a/lib/Analysis/RegionStore.cpp
+++ b/lib/Analysis/RegionStore.cpp
@@ -299,9 +299,6 @@
   SVal RetrieveFieldOrElementCommon(const GRState *state, const TypedRegion *R,
                                     QualType Ty, const MemRegion *superR);
   
-  SValuator::CastResult CastRetrievedVal(SVal val, const GRState *state,
-                                         const TypedRegion *R, QualType castTy);
-
   /// Retrieve the values in a struct and return a CompoundVal, used when doing
   /// struct copy: 
   /// struct s x, y; 
@@ -1247,17 +1244,6 @@
 #endif
 }
 
-SValuator::CastResult RegionStoreManager::CastRetrievedVal(SVal V,
-                                                           const GRState *state,
-                                                           const TypedRegion *R,
-                                                           QualType castTy) {
-  if (castTy.isNull())
-    return SValuator::CastResult(state, V);
-  
-  ASTContext &Ctx = getContext();  
-  return ValMgr.getSValuator().EvalCast(V, state, castTy, R->getValueType(Ctx));
-}
-
 //===----------------------------------------------------------------------===//
 // Binding values to regions.
 //===----------------------------------------------------------------------===//

lib/Analysis/Store.cpp

diff --git a/lib/Analysis/Store.cpp b/lib/Analysis/Store.cpp
index fca69e6..e2412f6 100644
--- a/lib/Analysis/Store.cpp
+++ b/lib/Analysis/Store.cpp
@@ -197,3 +197,19 @@
   
   return CastResult(state, R);
 }
+
+
+/// CastRetrievedVal - Used by subclasses of StoreManager to implement
+///  implicit casts that arise from loads from regions that are reinterpreted
+///  as another region.
+SValuator::CastResult StoreManager::CastRetrievedVal(SVal V,
+                                                     const GRState *state,
+                                                     const TypedRegion *R,
+                                                     QualType castTy) {
+  if (castTy.isNull())
+    return SValuator::CastResult(state, V);
+  
+  ASTContext &Ctx = ValMgr.getContext();  
+  return ValMgr.getSValuator().EvalCast(V, state, castTy, R->getValueType(Ctx));
+}
+

test/Analysis/misc-ps.m

diff --git a/test/Analysis/misc-ps.m b/test/Analysis/misc-ps.m
index 1ca209d..e748777 100644
--- a/test/Analysis/misc-ps.m
+++ b/test/Analysis/misc-ps.m
@@ -533,3 +533,12 @@
   return j;
 }
 
+// This test case previously crashed with -analyzer-store=basic because the
+// symbolic value stored in 'x' wouldn't be implicitly casted to a signed value
+// during the comparison.
+int rdar_7124210(unsigned int x) {
+  enum { SOME_CONSTANT = 123 };
+  int compare = ((signed) SOME_CONSTANT) == *((signed *) &x);
+  return compare ? 0 : 1; // Forces the evaluation of the symbolic constraint.
+}
+