[clang] [analyzer] Model overflow builtins (PR #102602)
Pavel Skripkin via cfe-commits
cfe-commits at lists.llvm.org
Fri Aug 9 13:57:53 PDT 2024
================
@@ -21,16 +21,67 @@
#include "clang/StaticAnalyzer/Core/PathSensitive/CallDescription.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
+#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerHelpers.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/DynamicExtent.h"
+#include "clang/StaticAnalyzer/Core/PathSensitive/SVals.h"
using namespace clang;
using namespace ento;
namespace {
+QualType getOverflowBuiltinResultType(const CallEvent &Call) {
+ assert(Call.getNumArgs() == 3);
+
+ return Call.getArgExpr(2)->getType()->getPointeeType();
+}
+
+QualType getOverflowBuiltinResultType(const CallEvent &Call, CheckerContext &C,
+ unsigned BI) {
----------------
pskrgag wrote:
> Is it because its not always present in the declaration of the builting?
Yeah. If I try `cast<FunctionDecl>(Call.getDecl())->getParamDecl(2)`, then CSA crashes, since `Decl` for `builtin` has 0 params.
https://github.com/llvm/llvm-project/pull/102602
More information about the cfe-commits
mailing list