From 4f51908b6098e737d356907991b3cf0f86a6c0c8 Mon Sep 17 00:00:00 2001 From: Vince Bridgers Date: Sat, 9 Sep 2023 21:08:47 +0200 Subject: [PATCH] [analyzer] Fix crash analyzing _BitInt() in evalIntegralCast evalIntegralCast was using makeIntVal, and when _BitInt() types were introduced this exposed a crash in evalIntegralCast as a result. Improve evalIntegralCast to use makeIntVal more efficiently to avoid the crash exposed by use of _BitInt. This was caught with our internal randomized testing. /llvm/include/llvm/ADT/APInt.h:1510: int64_t llvm::APInt::getSExtValue() const: Assertion `getSignificantBits() <= 64 && "Too many bits for int64_t"' failed.a ... #9
llvm::APInt::getSExtValue() const /llvm/include/llvm/ADT/APInt.h:1510:5 llvm::IntrusiveRefCntPtr, clang::ento::SVal, clang::QualType, clang::QualType) /clang/lib/StaticAnalyzer/Core/SValBuilder.cpp:607:24 clang::Expr const*, clang::ento::ExplodedNode*, clang::ento::ExplodedNodeSet&) /clang/lib/StaticAnalyzer/Core/ExprEngineC.cpp:413:61 ... Fixes: https://github.com/llvm/llvm-project/issues/61960 Reviewed By: donat.nagy --- clang/lib/StaticAnalyzer/Core/SValBuilder.cpp | 8 +++----- clang/test/Analysis/bitint-no-crash.c | 13 +++++++++++++ 2 files changed, 16 insertions(+), 5 deletions(-) create mode 100644 clang/test/Analysis/bitint-no-crash.c diff --git a/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp b/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp index 4fe828bdf7681f..f827f43eaa7da6 100644 --- a/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp +++ b/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp @@ -598,11 +598,9 @@ SVal SValBuilder::evalIntegralCast(ProgramStateRef state, SVal val, APSIntType ToType(getContext().getTypeSize(castTy), castTy->isUnsignedIntegerType()); llvm::APSInt ToTypeMax = ToType.getMaxValue(); - NonLoc ToTypeMaxVal = - makeIntVal(ToTypeMax.isUnsigned() ? ToTypeMax.getZExtValue() - : ToTypeMax.getSExtValue(), - castTy) - .castAs(); + + NonLoc ToTypeMaxVal = makeIntVal(ToTypeMax); + // Check the range of the symbol being casted against the maximum value of the // target type. NonLoc FromVal = val.castAs(); diff --git a/clang/test/Analysis/bitint-no-crash.c b/clang/test/Analysis/bitint-no-crash.c new file mode 100644 index 00000000000000..0a367fa930dc9b --- /dev/null +++ b/clang/test/Analysis/bitint-no-crash.c @@ -0,0 +1,13 @@ + // RUN: %clang_analyze_cc1 -analyzer-checker=core \ + // RUN: -analyzer-checker=debug.ExprInspection \ + // RUN: -triple x86_64-pc-linux-gnu \ + // RUN: -verify %s + +// Don't crash when using _BitInt(). Pin to the x86_64 triple for now, +// since not all architectures support _BitInt() +// expected-no-diagnostics +_BitInt(256) a; +_BitInt(129) b; +void c() { + b = a; +}