[PATCH] D12726: [analyzer] A fix for symbolic element region index lifetime.
Artem Dergachev via cfe-commits
cfe-commits at lists.llvm.org
Fri Sep 18 00:57:40 PDT 2015
NoQ updated this revision to Diff 35067.
NoQ added a comment.
Thanks for the quick reply, sorry for the delay! Was afk for a couple of days.
Yeah, right, in fact i didn't even fix the issue for store keys at all; only for store values and environment values.
It also seems much harder to test store keys, because it's quite a problem to guess the symbolic key once the symbol is not present anywhere else, though i can imagine an artificial checker that would rely on that. A test like...
int a[1];
{
int x = conjure_index();
a[x] = 0;
if (x != 0)
return;
clang_analyzer_eval(a[0] == 0); // expected-warning{{TRUE}}
}
clang_analyzer_eval(a[0] == 0); // expected-warning{{TRUE}}
...should have exposed such problem, but this kind of lookup doesn't seem to be supported by the store yet (that is, the first `expected-warning{{TRUE}}` fails as well).
Hmm, what if i expand the `debug.ExprInspection` checker to allow testing `SymbolReaper` directly? Updated the diff with a proof of concept, which fixes the issue for the store keys and adds a test. I can split the `ExprInspection` change into a separate commit/review if necessary. It might be useful for testing other `SymbolReaper`-related patches as well.
http://reviews.llvm.org/D12726
Files:
lib/StaticAnalyzer/Checkers/ExprInspectionChecker.cpp
lib/StaticAnalyzer/Core/Environment.cpp
lib/StaticAnalyzer/Core/RegionStore.cpp
test/Analysis/return-ptr-range.cpp
test/Analysis/symbol-reaper.c
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D12726.35067.patch
Type: text/x-patch
Size: 7562 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20150918/f4e04b67/attachment-0001.bin>
More information about the cfe-commits
mailing list