Thanks Sebastian! On Nov 24, 2008, at 11:35 AM, Sebastian Redl wrote:
> Author: cornedbee > Date: Mon Nov 24 13:35:33 2008 > New Revision: 59974 > > URL: http://llvm.org/viewvc/llvm-project?rev=59974&view=rev > Log: > Fix crash of array bounds checking under 64-bit. > There might be other, similar bugs lurking there. > > Modified: > cfe/trunk/lib/Analysis/BasicConstraintManager.cpp > cfe/trunk/lib/Analysis/RegionStore.cpp > > Modified: cfe/trunk/lib/Analysis/BasicConstraintManager.cpp > URL: > http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Analysis/BasicConstraintManager.cpp?rev=59974&r1=59973&r2=59974&view=diff > > = > = > = > = > = > = > = > = > ====================================================================== > --- cfe/trunk/lib/Analysis/BasicConstraintManager.cpp (original) > +++ cfe/trunk/lib/Analysis/BasicConstraintManager.cpp Mon Nov 24 > 13:35:33 2008 > @@ -369,8 +369,14 @@ > } > > const llvm::APSInt& Zero = > getBasicVals().getZeroWithPtrWidth(false); > - const llvm::APSInt& IdxV = > cast<nonloc::ConcreteInt>(Idx).getValue(); > - const llvm::APSInt& UBV = > cast<nonloc::ConcreteInt>(UpperBound).getValue(); > + llvm::APSInt IdxV = cast<nonloc::ConcreteInt>(Idx).getValue(); > + // IdxV might be too narrow. > + if (IdxV.getBitWidth() < Zero.getBitWidth()) > + IdxV.extend(Zero.getBitWidth()); > + // UBV might be too narrow, too. > + llvm::APSInt UBV = > cast<nonloc::ConcreteInt>(UpperBound).getValue(); > + if (UBV.getBitWidth() < Zero.getBitWidth()) > + UBV.extend(Zero.getBitWidth()); > > bool InBound = (Zero <= IdxV) && (IdxV < UBV); > > > Modified: cfe/trunk/lib/Analysis/RegionStore.cpp > URL: > http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Analysis/RegionStore.cpp?rev=59974&r1=59973&r2=59974&view=diff > > = > = > = > = > = > = > = > = > ====================================================================== > --- cfe/trunk/lib/Analysis/RegionStore.cpp (original) > +++ cfe/trunk/lib/Analysis/RegionStore.cpp Mon Nov 24 13:35:33 2008 > @@ -254,12 +254,15 @@ > if ((CI1 = dyn_cast<nonloc::ConcreteInt>(&Idx)) && > (CI2 = dyn_cast<nonloc::ConcreteInt>(&Offset))) { > > - // Temporary SVal to hold a potential signed APSInt. > + // Temporary SVal to hold a potential signed and extended APSInt. > SVal SignedInt; > > - // Index might be unsigned. We have to convert it to signed. > - if (CI2->getValue().isUnsigned()) { > + // Index might be unsigned. We have to convert it to signed. It > might also > + // be less wide than the size. We have to extend it. > + if (CI2->getValue().isUnsigned() || > + CI2->getValue().getBitWidth() < CI1- > >getValue().getBitWidth()) { > llvm::APSInt SI = CI2->getValue(); > + SI.extend(CI1->getValue().getBitWidth()); > SI.setIsSigned(true); > SignedInt = nonloc::ConcreteInt(getBasicVals().getValue(SI)); > CI2 = cast<nonloc::ConcreteInt>(&SignedInt); > > > _______________________________________________ > cfe-commits mailing list > [email protected] > http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits _______________________________________________ cfe-commits mailing list [email protected] http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
