[clang] [analyzer] Refine invalidation caused by `fread` (PR #93408)
DonĂ¡t Nagy via cfe-commits
cfe-commits at lists.llvm.org
Mon May 27 05:01:04 PDT 2024
================
@@ -717,18 +717,71 @@ const ExplodedNode *StreamChecker::getAcquisitionSite(const ExplodedNode *N,
return nullptr;
}
+/// Invalidate only the requested elements instead of the whole buffer.
+/// This is basically a refinement of the more generic 'escapeArgs' or
+/// the plain old 'invalidateRegions'.
+/// This only works if the \p StartIndex and \p Count are concrete or
+/// perfectly-constrained.
+static ProgramStateRef
+escapeByStartIndexAndCount(ProgramStateRef State, CheckerContext &C,
+ const CallEvent &Call, const MemRegion *Buffer,
+ QualType ElemType, SVal StartIndex, SVal Count) {
+ if (!llvm::isa_and_nonnull<SubRegion>(Buffer))
+ return State;
+
+ auto UnboxAsInt = [&C, &State](SVal V) -> std::optional<int64_t> {
+ auto &SVB = C.getSValBuilder();
+ if (const llvm::APSInt *Int = SVB.getKnownValue(State, V))
+ return Int->tryExtValue();
+ return std::nullopt;
+ };
+
+ auto StartIndexVal = UnboxAsInt(StartIndex);
+ auto CountVal = UnboxAsInt(Count);
----------------
NagyDonat wrote:
```suggestion
std::optional<int64_t> StartIndexVal = UnboxAsInt(StartIndex);
std::optional<int64_t> CountVal = UnboxAsInt(Count);
```
The explicitly specified type would make this code easier to read (without it, my first guess was that these are `int` variables because the lambda is named `...AsInt`).
https://github.com/llvm/llvm-project/pull/93408
More information about the cfe-commits
mailing list