[clang] [clang] fix wrong result of pointers comparison between unknown and stack (PR #122404)
via cfe-commits
cfe-commits at lists.llvm.org
Thu Jan 9 17:59:11 PST 2025
https://github.com/mzyKi created https://github.com/llvm/llvm-project/pull/122404
Related Issue #122403
>From 777965f3149c0ec09bc9e71424e7d42e5721d11f Mon Sep 17 00:00:00 2001
From: miaozhiyuan <miaozhiyuan at feysh.com>
Date: Fri, 10 Jan 2025 09:55:20 +0800
Subject: [PATCH] [clang] fix wrong result of pointers comparison between
unknown and stack
---
.../StaticAnalyzer/Core/SimpleSValBuilder.cpp | 6 +++
clang/test/Analysis/stream_issue122403.c | 48 +++++++++++++++++++
2 files changed, 54 insertions(+)
create mode 100644 clang/test/Analysis/stream_issue122403.c
diff --git a/clang/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp b/clang/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp
index 455621739f6935..1fb51ef403fa12 100644
--- a/clang/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp
+++ b/clang/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp
@@ -952,6 +952,12 @@ SVal SimpleSValBuilder::evalBinOpLL(ProgramStateRef state,
const MemSpaceRegion *RightMS = RightBase->getMemorySpace();
const MemSpaceRegion *UnknownMS = MemMgr.getUnknownRegion();
+ if (LeftMS != RightMS &&
+ ((isa<UnknownSpaceRegion>(LeftMS) && isa<StackSpaceRegion>(RightMS)) ||
+ (isa<StackSpaceRegion>(LeftMS) && isa<UnknownSpaceRegion>(RightMS)))) {
+ return UnknownVal();
+ }
+
// If the two regions are from different known memory spaces they cannot be
// equal. Also, assume that no symbolic region (whose memory space is
// unknown) is on the stack.
diff --git a/clang/test/Analysis/stream_issue122403.c b/clang/test/Analysis/stream_issue122403.c
new file mode 100644
index 00000000000000..b9582a1cf7e95e
--- /dev/null
+++ b/clang/test/Analysis/stream_issue122403.c
@@ -0,0 +1,48 @@
+// RUN: %clang_analyze_cc1 -triple=x86_64-pc-linux-gnu -analyzer-checker=core,unix.Stream,debug.ExprInspection \
+// RUN: -analyzer-config eagerly-assume=false,unix.Stream:Pedantic=true -verify %s
+// RUN: %clang_analyze_cc1 -triple=armv8-none-linux-eabi -analyzer-checker=core,unix.Stream,debug.ExprInspection \
+// RUN: -analyzer-config eagerly-assume=false,unix.Stream:Pedantic=true -verify %s
+// RUN: %clang_analyze_cc1 -triple=aarch64-linux-gnu -analyzer-checker=core,unix.Stream,debug.ExprInspection \
+// RUN: -analyzer-config eagerly-assume=false,unix.Stream:Pedantic=true -verify %s
+// RUN: %clang_analyze_cc1 -triple=hexagon -analyzer-checker=core,unix.Stream,debug.ExprInspection \
+// RUN: -analyzer-config eagerly-assume=false,unix.Stream:Pedantic=true -verify %s
+
+#include "Inputs/system-header-simulator.h"
+
+char *get_str(char *Input);
+
+void check_f_leak() {
+ FILE *fp = fopen("test", "rb");
+ if (NULL == fp) {
+ return;
+ }
+ char str[64];
+ if (get_str(str) != str) {
+ fclose(fp);
+ }
+}// expected-warning {{Opened stream never closed. Potential resource leak}}
+
+void check_f_leak_2() {
+ FILE *fp = fopen("test", "rb");
+ if (NULL == fp) {
+ return;
+ }
+ char str[64];
+ if (get_str(str) != NULL) {
+ fclose(fp);
+ }
+}// expected-warning {{Opened stream never closed. Potential resource leak}}
+
+
+char *get_str_other(char *Input) {return Input;}
+
+void check_f_leak_3() {
+ FILE *fp = fopen("test", "rb");
+ if (NULL == fp) {
+ return;
+ }
+ char str[64];
+ if (get_str_other(str) != str) {
+ fclose(fp);
+ }
+}// expected-warning {{Opened stream never closed. Potential resource leak}}
\ No newline at end of file
More information about the cfe-commits
mailing list