[clang] [analyzer] Refine invalidation caused by `fread` (PR #93408)
via cfe-commits
cfe-commits at lists.llvm.org
Tue Jun 25 03:11:28 PDT 2024
vabridgers wrote:
Hi @steakhal , this change seems to have exposed by div/0 error in a very particular corner we came across after integrating this change. Could you try this case to see if can repro?
The div/0 is occurring at line 1093:
bool IncompleteLastElement = (NumBytesRead % ElemSizeInChars) != 0;
clang -cc1 -analyze -analyzer-checker=unix.Stream -analyzer-opt-analyze-headers test.c
This is the test source.
# 1 "" 3
typedef FILE;
void *b;
a() {
FILE f = fopen("", "");
fread(b, 1, 1, f);
}
The crash ...
`$ clang -cc1 -analyze -analyzer-checker=unix.Stream -analyzer-opt-analyze-headers test.c`
`PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script.`
`Stack dump:`
`0. Program arguments: clang -cc1 -analyze -analyzer-checker=unix.Stream -analyzer-opt-analyze-headers test.c`
`1. <eof> parser at end of file`
`2. While analyzing stack:`
` #0 Calling a`
`3. :5:3: Error evaluating statement`
`4. :5:3: Error evaluating statement`
` #0 0x000000000686046a llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) llvm/lib/Support/Unix/Signals.inc:723:22`
` #1 0x00000000068608a4 PrintStackTraceSignalHandler(void*) llvm/lib/Support/Unix/Signals.inc:798:1`
` #2 0x000000000685e1bd llvm::sys::RunSignalHandlers() llvm/lib/Support/Signals.cpp:105:20`
` #3 0x000000000685fe54 SignalHandler(int) llvm/lib/Support/Unix/Signals.inc:413:1`
` #4 0x00007f931d2c1630 __restore_rt sigaction.c:0:0`
` #5 0x0000000009fc96ff tryToInvalidateFReadBufferByElements(llvm::IntrusiveRefCntPtr<clang::ento::ProgramState const>, clang::ento::CheckerContext&, clang::ento::CallEvent const&, clang::ento::NonLoc, clang::ento::NonLoc) clang/lib/StaticAnalyzer/Checkers/StreamChecker.cpp:1093:48`
https://github.com/llvm/llvm-project/pull/93408
More information about the cfe-commits
mailing list