[analyzer] Fix "RhsLoc and LhsLoc bitwidth must be same"

clang: <root>/clang/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp:727:
void assertEqualBitWidths(clang::ento::ProgramStateRef,
  clang::ento::Loc, clang::ento::Loc): Assertion `RhsBitwidth ==
  LhsBitwidth && "RhsLoc and LhsLoc bitwidth must be same!"'

This change adjusts the bitwidth of the smaller operand for an evalBinOp
as a result of a comparison operation. This can occur in the specific
case represented by the test cases for a target with different pointer
sizes.

Reviewed By: NoQ

Differential Revision: https://reviews.llvm.org/D122513
This commit is contained in:
Vince Bridgers 2022-03-25 17:30:59 -05:00 committed by einvbri
parent 5898979387
commit fe8b2236ef
2 changed files with 52 additions and 2 deletions

View File

@ -682,8 +682,11 @@ SVal SValBuilder::evalCastSubKind(loc::ConcreteInt V, QualType CastTy,
}
// Pointer to any pointer.
if (Loc::isLocType(CastTy))
return V;
if (Loc::isLocType(CastTy)) {
llvm::APSInt Value = V.getValue();
BasicVals.getAPSIntType(CastTy).apply(Value);
return loc::ConcreteInt(BasicVals.getValue(Value));
}
// Pointer to whatever else.
return UnknownVal();

View File

@ -0,0 +1,47 @@
// RUN: %clang_analyze_cc1 -triple amdgcn-unknown-unknown \
// RUN: -analyze -analyzer-checker=core -DAMDGCN_TRIPLE \
// RUN: -analyze -analyzer-checker=debug.ExprInspection \
// RUN: -Wno-implicit-int -Wno-int-conversion -verify %s
//
// RUN: %clang_analyze_cc1 -triple amdgcn-unknown-unknown \
// RUN: -analyze -analyzer-checker=core -DDEFAULT_TRIPLE \
// RUN: -analyze -analyzer-checker=debug.ExprInspection \
// RUN: -Wno-implicit-int -Wno-int-conversion -verify %s
// From https://llvm.org/docs/AMDGPUUsage.html#address-spaces,
// select address space 3 (local), since the pointer size is
// different than Generic.
// expected-no-diagnostics
#define DEVICE __attribute__((address_space(3)))
#if defined(AMDGCN_TRIPLE)
// this crashes
int fn1() {
int val = 0;
DEVICE int *dptr = val;
return dptr == (void *)0;
}
// does not crash
int fn2() {
int val = 0;
DEVICE int *dptr = val;
return dptr == (DEVICE void *)0;
}
// this crashes
int fn3() {
int val = 0;
int *dptr = val;
return dptr == (DEVICE void *)0;
}
#endif
// does not crash
int fn4() {
int val = 0;
int *dptr = val;
return dptr == (void *)0;
}