[cfe-commits] [PATCH] Fix for PR7218, and analyzer support for calloc()
Ted Kremenek
kremenek at apple.com
Fri May 28 18:19:57 PDT 2010
Thanks Jordy. My initial thought is that this looks great, but I need to test it out a bit and verify that it has the right semantics.
On May 28, 2010, at 5:28 PM, Jordy Rose wrote:
> Ah, right. That would be necessary, huh. Thanks.
>
> Jordy
>
>
> On Fri, 28 May 2010 17:20:36 -0700, Ted Kremenek <kremenek at apple.com>
> wrote:
>> Hi Jordy,
>>
>> I don't see your patch. Did you forget to attach it?
>>
>> Ted
>>
>> On May 28, 2010, at 5:11 PM, Jordy Rose wrote:
>>
>>>
>>> Fixes PR7218 "Assigning to buf[0] makes buf[1] valid" by not allowing
>>> arrays and symbolic regions to have direct bindings, only bindings to
>>> element 0. (The exception is symbolic regions for references, since
> they
>>> don't have elements.)
>>>
>>> On top of that, adds support for calloc(), treating its result as a
>>> malloc-region that needs freeing, whose contents are initialized to 0.
>>>
>>> I'm not entirely happy with the replacement of *p with p[0] in
>>> GRExprEngine, but that seems to be the last place where you can tell
> the
>>> difference between a binding to p and a binding to p[0].
>>>
>>> This could be split into two patches, of course, though I worked on it
>>> all
>>> simultaneously. The calloc() part requires a way to set default
> elements
>>> for regions -- I did it by using the assumption that arrays and
> symbolic
>>> regions couldn't get direct bindings, only default ones, but it could
>>> also
>>> be done by adding another method to Store (really RegionStore).
>>>
>>> Jordy
>>> _______________________________________________
>>> cfe-commits mailing list
>>> cfe-commits at cs.uiuc.edu
>>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
> <calloc-and-first-element.patch>
More information about the cfe-commits
mailing list