[analyzer] Teach ConstraintManager to ignore NonLoc <> NonLoc comparisons.

These aren't generated by default, but they are needed when either side of
the comparison is tainted.

Should fix our internal buildbot.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@177846 91177308-0d34-0410-b5e6-96231b3b80d8

2 files changed, 18 insertions, 2 deletions

diff --git a/lib/StaticAnalyzer/Core/SimpleConstraintManager.cpp b/lib/StaticAnalyzer/Core/SimpleConstraintManager.cpp
index f6404f0f77..9b759df48f 100644
--- a/lib/StaticAnalyzer/Core/SimpleConstraintManager.cpp
+++ b/lib/StaticAnalyzer/Core/SimpleConstraintManager.cpp
@@ -50,8 +50,13 @@ bool SimpleConstraintManager::canReasonAbout(SVal X) const {
     }
 
     if (const SymSymExpr *SSE = dyn_cast<SymSymExpr>(SE)) {
-      if (BinaryOperator::isComparisonOp(SSE->getOpcode()))
-        return true;
+      if (BinaryOperator::isComparisonOp(SSE->getOpcode())) {
+        // We handle Loc <> Loc comparisons, but not (yet) NonLoc <> NonLoc.
+        if (Loc::isLocType(SSE->getLHS()->getType())) {
+          assert(Loc::isLocType(SSE->getRHS()->getType()));
+          return true;
+        }
+      }
     }
 
     return false;
diff --git a/test/Analysis/taint-generic.c b/test/Analysis/taint-generic.c
index 696db67713..fe27070026 100644
--- a/test/Analysis/taint-generic.c
+++ b/test/Analysis/taint-generic.c
@@ -212,3 +212,14 @@ int SymSymExprWithDiffTypes(void* p) {
   return 5/j; // expected-warning {{Division by a tainted value, possibly zero}}
 }
 
+
+void constraintManagerShouldTreatAsOpaque(int rhs) {
+  int i;
+  scanf("%d", &i);
+  // This comparison used to hit an assertion in the constraint manager,
+  // which didn't handle NonLoc sym-sym comparisons.
+  if (i < rhs)
+    return;
+  if (i < rhs)
+    *(volatile int *) 0; // no-warning
+}