[cfe-commits] r146144 - in /cfe/trunk: lib/StaticAnalyzer/Checkers/CMakeLists.txt lib/StaticAnalyzer/Checkers/Checkers.td lib/StaticAnalyzer/Checkers/MallocSizeofChecker.cpp test/Analysis/malloc-sizeof.c
Ted Kremenek
kremenek at apple.com
Fri Dec 9 15:07:55 PST 2011
On Dec 9, 2011, at 6:06 AM, Peter Collingbourne wrote:
> Not yet, but I can imagine the sorts of false positives that will
> be encountered (for example, allocations of sizeof(x) cast to y*,
> where sizeof(x) is guaranteed by the standard to be at least as large
> as sizeof(y), such as y being an unsigned variant of x, or x and y
> being structs and y's field list being a prefix of x's). I don't
> think we have a general mechanism for identifying these sorts of
> false positives at the moment, do we?
I don't think there is a general mechanism, and this really seems specific to this checker anyway. I'd expect to gradually see the evolution of helper function in the checker that encodes these heuristics.
>
> (Incidentally, possible false negatives may involve use of size_t
> or other platform-dependent typedefs... not sure what to do about
> these, other than perhaps testing that the same typedef is used in
> both cases).
What about comparing the original, desugared type?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20111209/1bbf47e5/attachment.html>
More information about the cfe-commits
mailing list