[PATCH] [analyzer][Review request] Better modelling of memcpy by the CStringChecker (PR16731)

Anton Yartsev anton.yartsev at gmail.com
Thu Oct 10 10:57:56 PDT 2013


Here is the patch and pach description from D1887 
<http://llvm-reviews.chandlerc.com/D1887>:

The approach establishes the following rules of invalidation/escape for 
the source and destination buffers passed to memcpy():
- source buffer is const-invalidated without const-pointer-escape the 
address of the top-level region.
- destination buffer is regularly invalidated without pointer-escape the 
address of the top-level region.

This rules are derived from the rules suggested by Jordan in the days 
prior to r191342 when it was unable to associate processing behavior 
with the particular region/symbol (see D1486 
<http://llvm-reviews.chandlerc.com/D1486> for detailes).
Here are rules from Jordan:
 > 1. Const-invalidate 'src', with pointer escape.
- invalidate metadata of indirect regions
- invalidate contents of indirect regions
- (unwanted) const-pointer-escape the address of the top-level region

 > 2. Const-invalidate 'dst', with pointer escape.
- invalidate the metadata of indirect regions (that "in anticipation" 
thing that goes with our loss of knowledge)
- invalidate the contents of indirect regions (ditto)
- (unwanted) const-pointer-escape the address of the top-level region

 > 3. Regular-invalidate 'dst' without pointer escape.
- (harmlessly repeated) invalidate the contents of indirect regions
- invalidate the contents of the top-level region


-- 
Anton

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20131010/c8943520/attachment.html>


More information about the cfe-commits mailing list