[PATCH] D77012: [analyzer] Fix StdLibraryFunctionsChecker NotNull Constraint Check
Vince Bridgers via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Sun Mar 29 06:22:50 PDT 2020
vabridgers created this revision.
vabridgers added reviewers: martong, NoQ.
Herald added subscribers: ASDenysPetrov, Charusso, donat.nagy, Szelethus, mikhail.ramalho, a.sidorin, rnkovacs, szepet, xazax.hun.
Herald added a project: clang.
This check was causing a crash in a test case where the 0th argument was
uninitialized ('Assertion `T::isKind(*this)' at line SVals.h:104). This
was happening since the argument was actually undefined, but the castAs
assumes the value is DefinedOrUnknownSVal.
The fix appears to be simply to check for an undefined value and skip
the check allowing the uninitalized value checker to detect the error.
I included a test case that I verified to produce the negative case
prior to the fix, and passes with the fix.
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D77012
Files:
clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp
clang/test/Analysis/std-c-library-functions.c
Index: clang/test/Analysis/std-c-library-functions.c
===================================================================
--- clang/test/Analysis/std-c-library-functions.c
+++ clang/test/Analysis/std-c-library-functions.c
@@ -89,6 +89,16 @@
clang_analyzer_eval(z <= y); // expected-warning{{TRUE}}
}
+
+void test_fread_uninitialized(void)
+{
+ void *ptr;
+ size_t sz;
+ size_t nmem;
+ FILE *fp;
+ (void) fread(ptr, sz, nmem, fp); // expected-warning {{1st function call argument is an uninitialized value}}
+}
+
ssize_t getline(char **, size_t *, FILE *);
void test_getline(FILE *fp) {
char *line = 0;
Index: clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp
===================================================================
--- clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp
+++ clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp
@@ -190,6 +190,9 @@
ProgramStateRef apply(ProgramStateRef State, const CallEvent &Call,
const Summary &Summary) const override {
SVal V = getArgSVal(Call, getArgNo());
+ if (V.isUndef())
+ return State;
+
DefinedOrUnknownSVal L = V.castAs<DefinedOrUnknownSVal>();
if (!L.getAs<Loc>())
return State;
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D77012.253415.patch
Type: text/x-patch
Size: 1278 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20200329/5edfa618/attachment-0001.bin>
More information about the cfe-commits
mailing list