[PATCH] D69599: [analyzer] DynamicSize: Remove 'getSizeInElements()' from store
Csaba Dabis via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Fri Nov 1 13:35:08 PDT 2019
Charusso added a comment.
In D69599#1730707 <https://reviews.llvm.org/D69599#1730707>, @NoQ wrote:
> > This is the first step to mitigate that issue.
>
> What's the issue?
Well, after I mentioned an issue I have realized the somewhat path-insensitive `getSizeInElements()` does not touch the (void *) return value. Basically the expression `int *foo = malloc()` could not compile, and I had felt that the assumptions about the overflow are wrong. Now I see that none of the overflow tests would compile, so I think we just bypass a cast here-and-there. Therefore there is no issue, just I was surprised.
================
Comment at: clang/lib/StaticAnalyzer/Core/DynamicSize.cpp:37-39
+ const llvm::APSInt *SizeInt = SVB.getKnownValue(State, Size);
+ if (!SizeInt)
+ return UnknownVal();
----------------
NoQ wrote:
> Even if the size is not concrete, you can ask `SValBuilder` to perform the division. It's going to be a symbolic expression which we won't be able to work with anyway, but these days we believe that it's still worth it, in hope that our constraint solver eventually gets better.
Good idea, thanks!
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D69599/new/
https://reviews.llvm.org/D69599
More information about the cfe-commits
mailing list