[cfe-dev] [StaticAnalyzer] getting back
Daniel Marjamäki via cfe-dev
cfe-dev at lists.llvm.org
Wed Dec 2 14:16:36 PST 2020
Hello!
I have started looking at clang static analyzer in some spare time.
And I feel like a newbie.
I am currently looking into improving the checking for signed integer overflow.
If I want to get some early feedback .. would it be preferable to send
a patch to this email list or can I post some kind of "Draft" pull
request in the reviews.llvm.org..
Here is a simple test case, I want to diagnose the addition:
int f(int x) { return 0x7ffffff0 < x && x + 32 < 0x7fffffff; }
In short. Right now my solution is to modify SimpleSValBuilder so it
will return UndefinedVal() for a signed integer addition that
overflows.
With that change in SimpleSValBuilder, I see this diagnostic:
/home/danielm/cppcheck/1.c:1:43: warning: The result of the '+'
expression is undefined [core.UndefinedBinaryOperatorResult]
int f(int x) { return 0x7ffffff0 < x && x + 32 < 0x7fffffff; }
~~^~~~
Well if my approach sounds good a patch will come on reviews.llvm.org
soonish. Otherwise I'll rewrite it..
I do not feel that the diagnostic is very clear. It would be nice to
write something about "Signed integer overflow". Would it feel like a
good approach to put some logic in UndefinedBinaryOperatorResult to
make the message more clear..
Best regards,
Daniel Marjamäki
More information about the cfe-dev
mailing list