[PATCH] [analyzer][Review request] Better modelling of memcpy by the CStringChecker (PR16731)
Anton Yartsev
anton.yartsev at gmail.com
Thu Oct 10 10:57:56 PDT 2013
Here is the patch and pach description from D1887
<http://llvm-reviews.chandlerc.com/D1887>:
The approach establishes the following rules of invalidation/escape for
the source and destination buffers passed to memcpy():
- source buffer is const-invalidated without const-pointer-escape the
address of the top-level region.
- destination buffer is regularly invalidated without pointer-escape the
address of the top-level region.
This rules are derived from the rules suggested by Jordan in the days
prior to r191342 when it was unable to associate processing behavior
with the particular region/symbol (see D1486
<http://llvm-reviews.chandlerc.com/D1486> for detailes).
Here are rules from Jordan:
> 1. Const-invalidate 'src', with pointer escape.
- invalidate metadata of indirect regions
- invalidate contents of indirect regions
- (unwanted) const-pointer-escape the address of the top-level region
> 2. Const-invalidate 'dst', with pointer escape.
- invalidate the metadata of indirect regions (that "in anticipation"
thing that goes with our loss of knowledge)
- invalidate the contents of indirect regions (ditto)
- (unwanted) const-pointer-escape the address of the top-level region
> 3. Regular-invalidate 'dst' without pointer escape.
- (harmlessly repeated) invalidate the contents of indirect regions
- invalidate the contents of the top-level region
--
Anton
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20131010/c8943520/attachment.html>
More information about the cfe-commits
mailing list