[PATCH] D77150: [Analyzer] New Option for ContainerModeling: AggressiveEraseModeling
Balogh, Ádám via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Tue Mar 31 09:22:27 PDT 2020
baloghadamsoftware created this revision.
baloghadamsoftware added reviewers: NoQ, Szelethus.
baloghadamsoftware added a project: clang.
Herald added subscribers: ASDenysPetrov, martong, steakhal, Charusso, gamesh411, dkrupp, donat.nagy, mikhail.ramalho, a.sidorin, rnkovacs, szepet, xazax.hun, whisperity.
A typical (bad) algorithm for erasing elements of a list is the following:
for(auto i = L.begin(); i != L.end(); ++i) {
if (condition(*i))
i = L.erase(i);
}
If `condition()` returns true for the last element, then `erase()` returns the past-the-end iterator which the loop tries to increment which leads to undefined behavior. However, the iterator range checker does not find this bug because the "loop iteration before that last iteration" cannot be recognized by the analyzer. Instead we added an option in this patch to `ContainerModeling` which enables the modeling checker to assume after every erase that the result is the past-the-end iterator (if this case is possible).
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D77150
Files:
clang/include/clang/StaticAnalyzer/Checkers/Checkers.td
clang/lib/StaticAnalyzer/Checkers/ContainerModeling.cpp
clang/test/Analysis/analyzer-config.c
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D77150.253873.patch
Type: text/x-patch
Size: 5419 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20200331/edbdbb5d/attachment-0001.bin>
More information about the cfe-commits
mailing list