r367802 - [Analyzer] Iterator Checkers - Fix for Crash on Iterator Differences

Hans Wennborg via cfe-commits cfe-commits at lists.llvm.org
Fri Aug 9 03:18:38 PDT 2019 

Merged to release_90 in r368427.

On Mon, Aug 5, 2019 at 8:44 AM Adam Balogh via cfe-commits
<cfe-commits at lists.llvm.org> wrote:
>
> Author: baloghadamsoftware
> Date: Sun Aug  4 23:45:41 2019
> New Revision: 367802
>
> URL: http://llvm.org/viewvc/llvm-project?rev=367802&view=rev
> Log:
> [Analyzer] Iterator Checkers - Fix for Crash on Iterator Differences
>
> Iterators differences were mistakenly handled as random decrements which
> causes an assertion. This patch fixes this.
>
>
> Modified:
>     cfe/trunk/lib/StaticAnalyzer/Checkers/IteratorChecker.cpp
>     cfe/trunk/test/Analysis/Inputs/system-header-simulator-cxx.h
>     cfe/trunk/test/Analysis/diagnostics/explicit-suppression.cpp
>     cfe/trunk/test/Analysis/iterator-range.cpp
>
> Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/IteratorChecker.cpp
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/IteratorChecker.cpp?rev=367802&r1=367801&r2=367802&view=diff
> ==============================================================================
> --- cfe/trunk/lib/StaticAnalyzer/Checkers/IteratorChecker.cpp (original)
> +++ cfe/trunk/lib/StaticAnalyzer/Checkers/IteratorChecker.cpp Sun Aug  4 23:45:41 2019
> @@ -406,13 +406,15 @@ void IteratorChecker::checkPreCall(const
>        } else if (isRandomIncrOrDecrOperator(Func->getOverloadedOperator())) {
>          if (const auto *InstCall = dyn_cast<CXXInstanceCall>(&Call)) {
>            // Check for out-of-range incrementions and decrementions
> -          if (Call.getNumArgs() >= 1) {
> +          if (Call.getNumArgs() >= 1 &&
> +              Call.getArgExpr(0)->getType()->isIntegralOrEnumerationType()) {
>              verifyRandomIncrOrDecr(C, Func->getOverloadedOperator(),
>                                     InstCall->getCXXThisVal(),
>                                     Call.getArgSVal(0));
>            }
>          } else {
> -          if (Call.getNumArgs() >= 2) {
> +          if (Call.getNumArgs() >= 2 &&
> +              Call.getArgExpr(1)->getType()->isIntegralOrEnumerationType()) {
>              verifyRandomIncrOrDecr(C, Func->getOverloadedOperator(),
>                                     Call.getArgSVal(0), Call.getArgSVal(1));
>            }
> @@ -590,14 +592,16 @@ void IteratorChecker::checkPostCall(cons
>        return;
>      } else if (isRandomIncrOrDecrOperator(Func->getOverloadedOperator())) {
>        if (const auto *InstCall = dyn_cast<CXXInstanceCall>(&Call)) {
> -        if (Call.getNumArgs() >= 1) {
> +        if (Call.getNumArgs() >= 1 &&
> +              Call.getArgExpr(0)->getType()->isIntegralOrEnumerationType()) {
>            handleRandomIncrOrDecr(C, Func->getOverloadedOperator(),
>                                   Call.getReturnValue(),
>                                   InstCall->getCXXThisVal(), Call.getArgSVal(0));
>            return;
>          }
>        } else {
> -        if (Call.getNumArgs() >= 2) {
> +        if (Call.getNumArgs() >= 2 &&
> +              Call.getArgExpr(1)->getType()->isIntegralOrEnumerationType()) {
>            handleRandomIncrOrDecr(C, Func->getOverloadedOperator(),
>                                   Call.getReturnValue(), Call.getArgSVal(0),
>                                   Call.getArgSVal(1));
>
> Modified: cfe/trunk/test/Analysis/Inputs/system-header-simulator-cxx.h
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/Inputs/system-header-simulator-cxx.h?rev=367802&r1=367801&r2=367802&view=diff
> ==============================================================================
> --- cfe/trunk/test/Analysis/Inputs/system-header-simulator-cxx.h (original)
> +++ cfe/trunk/test/Analysis/Inputs/system-header-simulator-cxx.h Sun Aug  4 23:45:41 2019
> @@ -70,6 +70,9 @@ template <typename T, typename Ptr, type
>      return ptr -= n;
>    }
>
> +  template<typename U, typename Ptr2, typename Ref2>
> +  difference_type operator-(const __vector_iterator<U, Ptr2, Ref2> &rhs);
> +
>    Ref operator*() const { return *ptr; }
>    Ptr operator->() const { return *ptr; }
>
>
> Modified: cfe/trunk/test/Analysis/diagnostics/explicit-suppression.cpp
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/diagnostics/explicit-suppression.cpp?rev=367802&r1=367801&r2=367802&view=diff
> ==============================================================================
> --- cfe/trunk/test/Analysis/diagnostics/explicit-suppression.cpp (original)
> +++ cfe/trunk/test/Analysis/diagnostics/explicit-suppression.cpp Sun Aug  4 23:45:41 2019
> @@ -19,6 +19,6 @@ class C {
>  void testCopyNull(C *I, C *E) {
>    std::copy(I, E, (C *)0);
>  #ifndef SUPPRESSED
> -  // expected-warning at ../Inputs/system-header-simulator-cxx.h:677 {{Called C++ object pointer is null}}
> +  // expected-warning at ../Inputs/system-header-simulator-cxx.h:680 {{Called C++ object pointer is null}}
>  #endif
>  }
>
> Modified: cfe/trunk/test/Analysis/iterator-range.cpp
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/iterator-range.cpp?rev=367802&r1=367801&r2=367802&view=diff
> ==============================================================================
> --- cfe/trunk/test/Analysis/iterator-range.cpp (original)
> +++ cfe/trunk/test/Analysis/iterator-range.cpp Sun Aug  4 23:45:41 2019
> @@ -236,3 +236,8 @@ void good_derived(simple_container c) {
>      *i0; // no-warning
>    }
>  }
> +
> +void iter_diff(std::vector<int> &V) {
> +  auto i0 = V.begin(), i1 = V.end();
> +  ptrdiff_t len = i1 - i0; // no-crash
> +}
>
>
> _______________________________________________
> cfe-commits mailing list
> cfe-commits at lists.llvm.org
> https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

More information about the cfe-commits mailing list