Translate builtin_expect as its first argument. Avoids weird symb. exec. problems

Reviewed By: akotulski Differential Revision: D3348097 fbshipit-source-id: 8f19072
9 years ago · bf9d194e43
parent e873a2c502
commit bf9d194e43
5 changed files with 59 additions and 51 deletions
--- a/infer/models/c/src/infer_builtins.c
+++ b/infer/models/c/src/infer_builtins.c
@ -84,8 +84,6 @@ clock_t __infer_nondet_clock_t() {
  return t;
 }

-long infer__builtin_expect(long e, long x) { return e; }
-
 void* infer__builtin___memset_chk(void* dest,
                                  int val,
                                  unsigned long len,
--- a/infer/src/backend/config.ml
+++ b/infer/src/backend/config.ml
@ -212,6 +212,7 @@ let whitelisted_cpp_methods = [
  ["google"; "Check_NEImpl"];
  ["google"; "Check_LEImpl"];
  ["google"; "Check_GTImpl"];
+  ["google"; "Check_GEImpl"];
  ["google"; "Check_EQImpl"]
 ]

--- a/infer/src/clang/cTrans.ml
+++ b/infer/src/clang/cTrans.ml
@ -860,6 +860,13 @@ struct
        CTrans_utils.builtin_trans trans_state_pri sil_loc si function_type callee_pname_opt with
      | Some builtin -> builtin
      | None ->
+          (* Translate call to __builtin_expect as the first argument *)
+          (* for simpler symbolic execution *)
+          match callee_pname_opt, result_trans_subexprs with
+          | Some pname, [_; fst_arg_res; _]
+            when Procname.to_string pname = CFrontend_config.builtin_expect ->
+              fst_arg_res
+          | _ ->
              let res_trans_call =
                match cast_trans context act_params sil_loc callee_pname_opt function_type with
                | Some (instr, cast_exp) ->
@ -867,20 +874,18 @@ struct
                      instrs = [instr];
                      exps = [(cast_exp, function_type)]; }
                | None ->
-                let call_flags = { Sil.cf_default with Sil.cf_is_objc_block = is_call_to_block; } in
-                create_call_instr trans_state function_type sil_fe act_params sil_loc call_flags
-                  ~is_objc_method:false in
+                    let call_flags =
+                      { Sil.cf_default with Sil.cf_is_objc_block = is_call_to_block; } in
+                    create_call_instr trans_state function_type sil_fe act_params sil_loc
+                      call_flags ~is_objc_method:false in
              let nname = "Call "^(Sil.exp_to_string sil_fe) in
              let all_res_trans = result_trans_subexprs @ [res_trans_call] in
-          let res_trans_to_parent =
-            PriorityNode.compute_results_to_parent trans_state_pri sil_loc nname si all_res_trans in
+              let res_trans_to_parent = PriorityNode.compute_results_to_parent trans_state_pri
+                  sil_loc nname si all_res_trans in
              (match callee_pname_opt with
               | Some callee_pname ->
-               let open CContext in
                   if not (Builtin.is_registered callee_pname) then
-                 begin
-                   Cg.add_edge context.cg procname callee_pname;
-                 end
+                     Cg.add_edge context.CContext.cg procname callee_pname
               | None -> ());
              { res_trans_to_parent with exps = res_trans_call.exps }

--- a/infer/src/clang/cTrans_models.ml
+++ b/infer/src/clang/cTrans_models.ml
@ -70,7 +70,6 @@ let get_builtinname method_name =
  else None

 let is_modeled_builtin funct =
-  funct = CFrontend_config.builtin_expect ||
  funct = CFrontend_config.builtin_memset_chk

 let is_assert_log_s funct =
--- a/infer/tests/codetoanalyze/cpp/errors/assertions/check_examples.cpp
+++ b/infer/tests/codetoanalyze/cpp/errors/assertions/check_examples.cpp
@ -64,3 +64,8 @@ int check_gt_example(int x) {
  CHECK_GT(x, 5);
  return x;
 }
+
+int empty_check_ok(int index, std::vector<int> v) {
+  CHECK(index >= 1 && index < v.size());
+  return v[index]; // doesn't report empty vector
+}