[PATCH] D9924: Ignore report when the argument to malloc is assigned known value
Aditya K via cfe-commits
cfe-commits at lists.llvm.org
Mon Aug 17 13:18:06 PDT 2015
----------------------------------------
> Date: Mon, 17 Aug 2015 19:29:29 +0000
> To: hiraditya at msn.com; jordan_rose at apple.com; kremenek at apple.com; daniel.marjamaki at evidente.se; mclow.lists at gmail.com; adasgupt at codeaurora.org; zaks.anna at gmail.com
> From: zaks.anna at gmail.com
> CC: cfe-commits at lists.llvm.org
> Subject: Re: [PATCH] D9924: Ignore report when the argument to malloc is assigned known value
>
> zaks.anna added a comment.
>
>> x = a/b; where n < b
>
>> malloc (x*n); Then x*n will not overflow
>
>
> I am not convinced that the new rule is strong enough. 'a' can be any expression. For example, maybe you have (b-1)*a/b and the denominator cancels out something unrelated to 'n' in the numerator? Maybe we could change the rule to "where n==b"? By the way, that is the only subcase that is being tested.
Please correct me if I'm wrong.
My point was, as long as `n<b' n*x would not overflow unless `a' (the numerator) overflows in the first place.
Assuming `a' does not overflow, `a/b' would not overflow as well, since this is an integer division.
and since, a/b < a/n
=> x*n < a which does not overflow.
Maybe, I should add a check that `a, b, n' are positive.
So, in this case static analyzer can choose to be strict and reject false positives.
If `a' might overflow, then in this case we can emit warning stating that the overflow is caused because `a' might overflow.
>
>> With regards to copy paste, I'm not sure about how to do this in a different way.
>
>
> I suggest to experiment with refactoring out common parts into subroutines.
Thanks, I'll try to refactor parts of it.
-Aditya
>
>
> http://reviews.llvm.org/D9924
>
>
>
More information about the cfe-commits
mailing list