r248021 - [analyzer] A fix for substraction of an integer from a pointer.
Gabor Horvath via cfe-commits
cfe-commits at lists.llvm.org
Fri Sep 18 12:13:23 PDT 2015
Author: xazax
Date: Fri Sep 18 14:13:22 2015
New Revision: 248021
URL: http://llvm.org/viewvc/llvm-project?rev=248021&view=rev
Log:
[analyzer] A fix for substraction of an integer from a pointer.
Patch by Artem Dergachev!
Differential Revision: http://reviews.llvm.org/D12725
Modified:
cfe/trunk/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp
cfe/trunk/test/Analysis/ptr-arith.c
Modified: cfe/trunk/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp?rev=248021&r1=248020&r2=248021&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp Fri Sep 18 14:13:22 2015
@@ -911,8 +911,9 @@ SVal SimpleSValBuilder::evalBinOpLN(Prog
elementType = elemReg->getElementType();
}
else if (isa<SubRegion>(region)) {
+ assert(op == BO_Add || op == BO_Sub);
+ index = (op == BO_Add) ? rhs : evalMinus(rhs);
superR = region;
- index = rhs;
if (resultTy->isAnyPointerType())
elementType = resultTy->getPointeeType();
}
Modified: cfe/trunk/test/Analysis/ptr-arith.c
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/ptr-arith.c?rev=248021&r1=248020&r2=248021&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/ptr-arith.c (original)
+++ cfe/trunk/test/Analysis/ptr-arith.c Fri Sep 18 14:13:22 2015
@@ -296,3 +296,20 @@ void symbolicFieldRegion(struct Point *p
clang_analyzer_eval(&points[i].x < &points[i].y);// expected-warning{{TRUE}}
}
+void negativeIndex(char *str) {
+ *(str + 1) = 'a';
+ clang_analyzer_eval(*(str + 1) == 'a'); // expected-warning{{TRUE}}
+ clang_analyzer_eval(*(str - 1) == 'a'); // expected-warning{{UNKNOWN}}
+
+ char *ptr1 = str - 1;
+ clang_analyzer_eval(*ptr1 == 'a'); // expected-warning{{UNKNOWN}}
+
+ char *ptr2 = str;
+ ptr2 -= 1;
+ clang_analyzer_eval(*ptr2 == 'a'); // expected-warning{{UNKNOWN}}
+
+ char *ptr3 = str;
+ --ptr3;
+ clang_analyzer_eval(*ptr3 == 'a'); // expected-warning{{UNKNOWN}}
+}
+
More information about the cfe-commits
mailing list