[PATCH] D47617: [Analyzer] Fix Z3 crash (PR37646)

Thu, 31 May 2018 21:36:36 -0700 

vlad.tsyrklevich created this revision.
vlad.tsyrklevich added reviewers: george.karpenkov, NoQ, ddcc.
Herald added subscribers: cfe-commits, a.sidorin, szepet, xazax.hun.

Fix another Z3ConstraintManager crash, use fixAPSInt() to extend a
boolean APSInt.


Repository:
  rC Clang

https://reviews.llvm.org/D47617

Files:
  lib/StaticAnalyzer/Core/Z3ConstraintManager.cpp
  test/Analysis/pr37646.c


Index: test/Analysis/pr37646.c
===================================================================
--- /dev/null
+++ test/Analysis/pr37646.c
@@ -0,0 +1,11 @@
+// REQUIRES: z3
+// RUN: %clang_analyze_cc1 -triple x86_64-apple-darwin9 -analyzer-checker=core 
-analyzer-store=region -analyzer-constraints=z3 -verify %s
+// expected-no-diagnostics
+
+_Bool b;
+void c() {
+  _Bool a = b | 0;
+  for (;;)
+    if (a)
+      ;
+}
Index: lib/StaticAnalyzer/Core/Z3ConstraintManager.cpp
===================================================================
--- lib/StaticAnalyzer/Core/Z3ConstraintManager.cpp
+++ lib/StaticAnalyzer/Core/Z3ConstraintManager.cpp
@@ -1211,8 +1211,10 @@
     if (!LHS || !RHS)
       return nullptr;
 
-    llvm::APSInt ConvertedLHS = *LHS, ConvertedRHS = *RHS;
-    QualType LTy = getAPSIntType(*LHS), RTy = getAPSIntType(*RHS);
+    llvm::APSInt ConvertedLHS, ConvertedRHS;
+    QualType LTy, RTy;
+    std::tie(ConvertedLHS, LTy) = fixAPSInt(*LHS);
+    std::tie(ConvertedRHS, RTy) = fixAPSInt(*RHS);
     doIntTypeConversion<llvm::APSInt, Z3ConstraintManager::castAPSInt>(
         ConvertedLHS, LTy, ConvertedRHS, RTy);
     return BV.evalAPSInt(BSE->getOpcode(), ConvertedLHS, ConvertedRHS);



Index: test/Analysis/pr37646.c
===================================================================
--- /dev/null
+++ test/Analysis/pr37646.c
@@ -0,0 +1,11 @@
+// REQUIRES: z3
+// RUN: %clang_analyze_cc1 -triple x86_64-apple-darwin9 -analyzer-checker=core -analyzer-store=region -analyzer-constraints=z3 -verify %s
+// expected-no-diagnostics
+
+_Bool b;
+void c() {
+  _Bool a = b | 0;
+  for (;;)
+    if (a)
+      ;
+}
Index: lib/StaticAnalyzer/Core/Z3ConstraintManager.cpp
===================================================================
--- lib/StaticAnalyzer/Core/Z3ConstraintManager.cpp
+++ lib/StaticAnalyzer/Core/Z3ConstraintManager.cpp
@@ -1211,8 +1211,10 @@
     if (!LHS || !RHS)
       return nullptr;
 
-    llvm::APSInt ConvertedLHS = *LHS, ConvertedRHS = *RHS;
-    QualType LTy = getAPSIntType(*LHS), RTy = getAPSIntType(*RHS);
+    llvm::APSInt ConvertedLHS, ConvertedRHS;
+    QualType LTy, RTy;
+    std::tie(ConvertedLHS, LTy) = fixAPSInt(*LHS);
+    std::tie(ConvertedRHS, RTy) = fixAPSInt(*RHS);
     doIntTypeConversion<llvm::APSInt, Z3ConstraintManager::castAPSInt>(
         ConvertedLHS, LTy, ConvertedRHS, RTy);
     return BV.evalAPSInt(BSE->getOpcode(), ConvertedLHS, ConvertedRHS);

_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

Reply via email to