[PATCH] D38801: [analyzer] In getSVal() API, disable auto-detection of void type as char type.
Artem Dergachev via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Wed Oct 11 07:42:12 PDT 2017
NoQ created this revision.
Herald added a subscriber: szepet.
In https://reviews.llvm.org/D38358, we ended up believing that reading the first byte of the void pointer is not the intended behavior of `ProgramState::getSVal(Loc)`. Hence the fix.
Additionally, allow specifying the type in the `ProgramState::getSVal(const MemRegion *)` override (i personally like this API better, and it is also used in the affected checker).
https://reviews.llvm.org/D38801
Files:
include/clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h
lib/StaticAnalyzer/Checkers/CallAndMessageChecker.cpp
lib/StaticAnalyzer/Core/RegionStore.cpp
Index: lib/StaticAnalyzer/Core/RegionStore.cpp
===================================================================
--- lib/StaticAnalyzer/Core/RegionStore.cpp
+++ lib/StaticAnalyzer/Core/RegionStore.cpp
@@ -1403,10 +1403,7 @@
T = Ctx.VoidTy;
}
assert(!T.isNull() && "Unable to auto-detect binding type!");
- if (T->isVoidType()) {
- // When trying to dereference a void pointer, read the first byte.
- T = Ctx.CharTy;
- }
+ assert(!T->isVoidType() && "Attempting to dereference a void pointer!");
MR = GetElementZeroRegion(cast<SubRegion>(MR), T);
}
Index: lib/StaticAnalyzer/Checkers/CallAndMessageChecker.cpp
===================================================================
--- lib/StaticAnalyzer/Checkers/CallAndMessageChecker.cpp
+++ lib/StaticAnalyzer/Checkers/CallAndMessageChecker.cpp
@@ -179,7 +179,7 @@
if (const MemRegion *SValMemRegion = V.getAsRegion()) {
const ProgramStateRef State = C.getState();
- const SVal PSV = State->getSVal(SValMemRegion);
+ const SVal PSV = State->getSVal(SValMemRegion, C.getASTContext().CharTy);
if (PSV.isUndef()) {
if (ExplodedNode *N = C.generateErrorNode()) {
LazyInit_BT(BD, BT);
Index: include/clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h
===================================================================
--- include/clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h
+++ include/clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h
@@ -308,8 +308,12 @@
/// \brief Return the value bound to the specified location.
/// Returns UnknownVal() if none found.
- SVal getSVal(const MemRegion* R) const;
+ SVal getSVal(const MemRegion* R, QualType T = QualType()) const;
+ /// \brief Return the value bound to the specified location, assuming
+ /// that the value is a scalar integer or an enumeration or a pointer.
+ /// Returns UnknownVal() if none found or the region is not known to hold
+ /// a value of such type.
SVal getSValAsScalarOrLoc(const MemRegion *R) const;
/// \brief Visits the symbols reachable from the given SVal using the provided
@@ -758,9 +762,10 @@
return getStateManager().StoreMgr->getBinding(getStore(), LV, T);
}
-inline SVal ProgramState::getSVal(const MemRegion* R) const {
+inline SVal ProgramState::getSVal(const MemRegion* R, QualType T) const {
return getStateManager().StoreMgr->getBinding(getStore(),
- loc::MemRegionVal(R));
+ loc::MemRegionVal(R),
+ T);
}
inline BasicValueFactory &ProgramState::getBasicVals() const {
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D38801.118616.patch
Type: text/x-patch
Size: 2682 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20171011/6655b0cf/attachment.bin>
More information about the cfe-commits
mailing list