[clang] [clang][analyzer] Improve modeling of 'popen' and 'pclose' in StdLibraryFunctionsChecker (PR #78895)

Balazs Benics via cfe-commits cfe-commits at lists.llvm.org
Wed Jan 24 10:08:27 PST 2024


================
@@ -2211,6 +2221,15 @@ void StdLibraryFunctionsChecker::initFunctionSummaries(
                   ErrnoNEZeroIrrelevant, GenericFailureMsg)
             .ArgConstraint(NotNull(ArgNo(0))));
 
+    // int pclose(FILE *stream);
+    addToFunctionSummaryMap(
+        "pclose", Signature(ArgTypes{FilePtrTy}, RetType{IntTy}),
+        Summary(NoEvalCall)
+            .Case({ReturnValueCondition(WithinRange, {{0, IntMax}})},
+                  ErrnoMustNotBeChecked, GenericSuccessMsg)
+            .Case(ReturnsMinusOne, ErrnoNEZeroIrrelevant, GenericFailureMsg)
+            .ArgConstraint(NotNull(ArgNo(0))));
+
----------------
steakhal wrote:

Quoting manpage: `on success, returns the exit status of the command`, consequently, this might be negative on success.

I believe the manpage for `exit(3)` should tell us what values can we expect as exit codes.
> The exit() function causes normal process termination and the
       least significant byte of status (i.e., status & 0xFF) is
       returned to the parent (see [wait(2)](https://man7.org/linux/man-pages/man2/wait.2.html)).

So, I believe any value could be an exit code, that is representable by a signed char (if CHAR_BITS == 8, then [-128,127])

Also add tests for the range for the result of the `pclose`.

https://github.com/llvm/llvm-project/pull/78895


More information about the cfe-commits mailing list