[PATCH] D77148: [analyzer] ApiModeling: Add buffer size arg constraint with multiplier involved
Gabor Marton via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Wed Apr 1 07:41:05 PDT 2020
martong marked 2 inline comments as done.
martong added inline comments.
================
Comment at: clang/test/Analysis/std-c-library-functions-arg-constraints.c:155
+ __buf_size_arg_constraint_mul(buf, s, sizeof(short));
+ clang_analyzer_eval(s * sizeof(short) <= 6); // \
+ // report-warning{{TRUE}} \
----------------
balazske wrote:
> `s <= 3` is better here? We know that the buffer has space for 3 short's. But it is better to assume nothing about `sizeof(short)`.
That would have been better if the range based constraint solver was able to solve the in-equation to `s`. So, even though the analyzer knows that `s * 2 <= 6` it cannot reason about `s` itself. This is the limitation of the solver. I believe @baloghadamsoftware has a few patches that directs this deficiency: D49074 and D50256
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D77148/new/
https://reviews.llvm.org/D77148
More information about the cfe-commits
mailing list