[PATCH] D48884: [CStringSyntaxChecker] Check strlcpy sizeof syntax

Mikhail Ramalho via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Fri Jul 20 09:12:45 PDT 2018 

mikhail.ramalho added inline comments.


================
Comment at: cfe/trunk/lib/StaticAnalyzer/Checkers/CStringSyntaxChecker.cpp:164
+    uint64_t ILRawVal = IL->getValue().getZExtValue();
+    if (const auto *Buffer = dyn_cast<ConstantArrayType>(DstArgDecl->getType())) {
+      ASTContext &C = BR.getContext();
----------------
I'm getting a segfault when analyzing tmux on this line. The backtrace:
```
#0  0x00007fffe98167b2 in llvm::PointerIntPairInfo<void*, 1u, llvm::PointerUnionUIntTraits<clang::Type const*, clang::ExtQuals const*> >::getPointer (
    Value=<error reading variable: Cannot access memory at address 0x8>)
    at ../include/llvm/ADT/PointerIntPair.h:152
#1  llvm::PointerIntPair<void*, 1u, bool, llvm::PointerUnionUIntTraits<clang::Type const*, clang::ExtQuals const*>, llvm::PointerIntPairInfo<void*, 1u, llvm::PointerUnionUIntTraits<clang::Type const*, clang::ExtQuals const*> > >::getPointer (this=<optimized out>)
    at ../include/llvm/ADT/PointerIntPair.h:56
#2  llvm::PointerUnion<clang::Type const*, clang::ExtQuals const*>::isNull (
    this=<optimized out>) at ../include/llvm/ADT/PointerUnion.h:117
#3  clang::QualType::isNull (this=<synthetic pointer>)
    at ../tools/clang/include/clang/AST/Type.h:721
#4  clang::QualType::getCommonPtr (this=<synthetic pointer>)
    at ../tools/clang/include/clang/AST/Type.h:671
#5  clang::QualType::getTypePtr (this=<synthetic pointer>)
    at ../tools/clang/include/clang/AST/Type.h:5883
#6  llvm::simplify_type<clang::QualType>::getSimplifiedValue (
    Val=<error reading variable: Cannot access memory at address 0x8>)
    at ../tools/clang/include/clang/AST/Type.h:1261
#7  llvm::simplify_type<clang::QualType const>::getSimplifiedValue (Val=...)
    at ../include/llvm/Support/Casting.h:49
#8  llvm::isa_impl_wrap<clang::ConstantArrayType, clang::QualType const, clang::Type const*>::doit (Val=...) at ../include/llvm/Support/Casting.h:125
#9  llvm::isa<clang::ConstantArrayType, clang::QualType> (Val=...)
    at ../include/llvm/Support/Casting.h:144
#10 llvm::dyn_cast<clang::ConstantArrayType, clang::QualType> (Val=...)
    at ../include/llvm/Support/Casting.h:324
#11 (anonymous namespace)::WalkAST::containsBadStrlcpyPattern (this=0x7fffffffa230, 
    CE=0xab1440)
    at ../tools/clang/lib/StaticAnalyzer/Checkers/CStringSyntaxChecker.cpp:164
#12 (anonymous namespace)::WalkAST::VisitCallExpr (this=0x7fffffffa230, CE=0xab1440)
    at ../tools/clang/lib/StaticAnalyzer/Checkers/CStringSyntaxChecker.cpp:206
#13 0x00007fffe98179e8 in clang::StmtVisitorBase<clang::make_ptr, (anonymous namespace)::WalkAST, void>::Visit (S=<optimized out>, this=0x7fffffffa230)
    at ../tools/clang/include/clang/AST/StmtIterator.h:97
#14 (anonymous namespace)::WalkAST::VisitChildren (this=0x7fffffffa230, S=<optimized out>)
    at ../tools/clang/lib/StaticAnalyzer/Checkers/CStringSyntaxChecker.cpp:233
#15 0x00007fffe98179e8 in clang::StmtVisitorBase<clang::make_ptr, (anonymous namespace)::WalkAST, void>::Visit (S=<optimized out>, this=0x7fffffffa230)
    at ../tools/clang/include/clang/AST/StmtIterator.h:97
#16 (anonymous namespace)::WalkAST::VisitChildren (this=0x7fffffffa230, S=<optimized out>)
    at ../tools/clang/lib/StaticAnalyzer/Checkers/CStringSyntaxChecker.cpp:233
#17 0x00007fffe9817aab in clang::StmtVisitorBase<clang::make_ptr, (anonymous namespace)::WalkAST, void>::Visit (S=<optimized out>, this=0x7fffffffa230)
    at ../tools/clang/include/clang/StaticAnalyzer/Core/Checker.h:53
#18 (anonymous namespace)::CStringSyntaxChecker::checkASTCodeBody (BR=..., Mgr=..., 
    D=0xab04d8, this=0x6882b0)
    at ../tools/clang/lib/StaticAnalyzer/Checkers/CStringSyntaxChecker.cpp:243
#19 clang::ento::check::ASTCodeBody::_checkBody<(anonymous namespace)::CStringSyntaxChecker> (checker=0x6882b0, D=0xab04d8, mgr=..., BR=...)
    at ../tools/clang/include/clang/StaticAnalyzer/Core/Checker.h:52
#20 0x00007fffe91c590f in clang::ento::CheckerFn<void (clang::Decl const*, clang::ento::AnalysisManager&, clang::ento::BugReporter&)>::operator()(clang::Decl const*, clang::ento::AnalysisManager&, clang::ento::BugReporter&) const (ps#2=..., ps#1=..., ps#0=0xab04d8, 
    this=<synthetic pointer>)
    at ../tools/clang/include/clang/StaticAnalyzer/Core/CheckerManager.h:70
#21 clang::ento::CheckerManager::runCheckersOnASTBody (this=<optimized out>, 
    D=D at entry=0xab04d8, mgr=..., BR=...)
    at ../tools/clang/lib/StaticAnalyzer/Core/CheckerManager.cpp:93
#22 0x00007fffea464515 in (anonymous namespace)::AnalysisConsumer::HandleCode (
    this=this at entry=0x686cf0, D=D at entry=0xab04d8, Mode=1, 
    IMode=IMode at entry=clang::ento::ExprEngine::Inline_Minimal, 
    VisitedCallees=VisitedCallees at entry=0x0)
    at ../tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:720
#23 0x00007fffea46db6c in (anonymous namespace)::AnalysisConsumer::VisitFunctionDecl (
    FD=0xab04d8, this=0x686cf0)
    at ../tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:362
#24 clang::RecursiveASTVisitor<(anonymous namespace)::AnalysisConsumer>::WalkUpFromFunctionDecl (D=0xab04d8, this=0x686cf0) at tools/clang/include/clang/AST/DeclNodes.inc:389
#25 clang::RecursiveASTVisitor<(anonymous namespace)::AnalysisConsumer>::TraverseFunctionDecl (this=0x686cf0, D=0xab04d8)
    at ../tools/clang/include/clang/AST/RecursiveASTVisitor.h:2006
#26 0x00007fffea465f11 in clang::RecursiveASTVisitor<(anonymous namespace)::AnalysisConsumer>::TraverseDecl (this=0x686cf0, D=0xab04d8)
    at tools/clang/include/clang/AST/DeclNodes.inc:389
#27 0x00007fffea46f0fe in (anonymous namespace)::AnalysisConsumer::runAnalysisOnTranslationUnit (this=this at entry=0x686cf0, C=...)
    at ../tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:556
#28 0x00007fffea47061b in (anonymous namespace)::AnalysisConsumer::HandleTranslationUnit (
    this=0x686cf0, C=...)
    at ../tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:591
#29 0x00007fffebe08d49 in clang::ParseAST (S=..., PrintStats=<optimized out>, 
    SkipFunctionBodies=<optimized out>) at ../tools/clang/lib/Parse/ParseAST.cpp:170
#30 0x00007ffff14fa0c6 in clang::FrontendAction::Execute (this=this at entry=0x66e380)
    at ../tools/clang/lib/Frontend/FrontendAction.cpp:910
#31 0x00007ffff14bb946 in clang::CompilerInstance::ExecuteAction (
    this=this at entry=0x664e10, Act=...)
    at ../tools/clang/lib/Frontend/CompilerInstance.cpp:961
#32 0x00007ffff1229222 in clang::ExecuteCompilerInvocation (Clang=Clang at entry=0x664e10)
    at ../tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:257
#33 0x0000000000411418 in cc1_main (Argv=..., Argv0=<optimized out>, 
    MainAddr=MainAddr at entry=0x40db90 <GetExecutablePath[abi:cxx11](char const*, bool)>)
    at ../tools/clang/tools/driver/cc1_main.cpp:216
#34 0x000000000040c562 in ExecuteCC1Tool (Tool=..., argv=...)
    at ../tools/clang/tools/driver/driver.cpp:310
#35 main (argc_=<optimized out>, argv_=<optimized out>)
    at ../tools/clang/tools/driver/driver.cpp:382
```


Repository:
  rL LLVM

https://reviews.llvm.org/D48884

More information about the llvm-commits mailing list