[PATCH] D31868: [analyzer] Check NULL pointer dereference issue for memset function
Artem Dergachev via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Tue Apr 18 07:17:19 PDT 2017
NoQ added a comment.
Wow, so you're doing the binding thing now? Thanks! It was not critical for landing this patch, so you could have fixed comments here, allowing us to commit what's already done, and then proceed with further improvements. It's also easier to review and aligns with the LLVM's policy of incremental development.
Could you add test cases for the new feature? For instance,
void foo() {
int *x = malloc(sizeof(int));
memset(x, 0, sizeof(int));
1 / *x; // expected-warning{{Division by zero}}
}
void bar() {
int *x = malloc(sizeof(int));
memset(x, 0, 1);
1 / *x; // no-warning
}
Tests that involve setting memory to anything but 0 are also welcome!
================
Comment at: lib/StaticAnalyzer/Checkers/CStringChecker.cpp:2066
+
+ if (StateSameSize) {
+ SVal ConstVal = State->getSVal(Const, LCtx);
----------------
I believe that if the size is not the same, you'd still need to do invalidation.
Repository:
rL LLVM
https://reviews.llvm.org/D31868
More information about the cfe-commits
mailing list