[PATCH] D14203: [analyzer] Improve pointer arithmetic checker.
Gábor Horváth via cfe-commits
cfe-commits at lists.llvm.org
Fri Oct 30 08:38:12 PDT 2015
xazax.hun created this revision.
xazax.hun added reviewers: zaks.anna, dcoughlin.
xazax.hun added subscribers: cfe-commits, dkrupp.
This patch is intended to improve pointer arithmetic checker.
>From now on it tries to only warn, when the pointer arithmetic is likely to cause an error. For example when the pointer points to a single object, or an array of derived types.
Note that this check does not free the stored information right now, because it caused some trouble when I was checking the following code.
struct trie {
struct trie* next;
};
struct kwset {
struct trie *trie;
unsigned char y[10];
struct trie* next[10];
int d;
};
typedef struct trie trie_t;
typedef struct kwset kwset_t;
void f(kwset_t *kws, char const *p, char const *q) {
struct trie const *trie;
struct trie * const *next = kws->next;
register unsigned char c;
register char const *end = p;
register char const *lim = q;
register int d = 1;
register unsigned char const *y = kws->y;
d = y[c = (end+=d)[-1]];
trie = next[c]; // Here the analyzer tought that kws->next is a dead region, so the stored information was unavailable for the array. adding a kws = 0 or similar line to the end of the function fixed the problem. Is this a bug in liveness analysis fo regions?
}
http://reviews.llvm.org/D14203
Files:
PointerArithm.patch
lib/StaticAnalyzer/Checkers/PointerArithChecker.cpp
test/Analysis/PR24184.cpp
test/Analysis/fields.c
test/Analysis/ptr-arith.c
test/Analysis/ptr-arith.cpp
test/Analysis/rdar-6442306-1.m
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D14203.38813.patch
Type: text/x-patch
Size: 18082 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20151030/4e459f65/attachment.bin>
More information about the cfe-commits
mailing list