[PATCH] D80903: [analyzer] Ignore calculated indices of <= 0 in VLASizeChecker

Vince Bridgers via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Thu Jun 4 05:29:32 PDT 2020 

This revision was automatically updated to reflect the committed changes.
Closed by commit rGbd425825411a: [analyzer] Ignore calculated indices of <= 0 in VLASizeChecker (authored by vabridgers, committed by einvbri <vince.a.bridgers at ericsson.com>).

Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D80903/new/

https://reviews.llvm.org/D80903

Files:
  clang/lib/StaticAnalyzer/Checkers/VLASizeChecker.cpp
  clang/test/Analysis/vla.c


Index: clang/test/Analysis/vla.c
===================================================================
--- clang/test/Analysis/vla.c
+++ clang/test/Analysis/vla.c
@@ -137,3 +137,17 @@
   clang_analyzer_eval(clang_analyzer_getExtent(&vla3m) == 2 * x * 4 * sizeof(int));
   // expected-warning at -1{{TRUE}}
 }
+
+// https://bugs.llvm.org/show_bug.cgi?id=46128
+// analyzer doesn't handle more than simple symbolic expressions.
+// Just don't crash.
+extern void foo(void);
+int a;
+void b() {
+  int c = a + 1;
+  for (;;) {
+    int d[c];
+    for (; 0 < c;)
+      foo();
+  }
+} // no-crash
Index: clang/lib/StaticAnalyzer/Checkers/VLASizeChecker.cpp
===================================================================
--- clang/lib/StaticAnalyzer/Checkers/VLASizeChecker.cpp
+++ clang/lib/StaticAnalyzer/Checkers/VLASizeChecker.cpp
@@ -126,7 +126,12 @@
       // Size overflow check does not work with symbolic expressions because a
       // overflow situation can not be detected easily.
       uint64_t IndexL = IndexLVal->getZExtValue();
-      assert(IndexL > 0 && "Index length should have been checked for zero.");
+      // FIXME: See https://reviews.llvm.org/D80903 for discussion of
+      // some difference in assume and getKnownValue that leads to
+      // unexpected behavior. Just bail on IndexL == 0 at this point.
+      if (IndexL == 0)
+        return nullptr;
+
       if (KnownSize <= SizeMax / IndexL) {
         KnownSize *= IndexL;
       } else {


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D80903.268438.patch
Type: text/x-patch
Size: 1471 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20200604/8553612e/attachment.bin>

More information about the cfe-commits mailing list