This revision was automatically updated to reflect the committed changes.
Closed by commit rL315296: [analyzer] Implement pointer arithmetic on constants
(authored by xazax).
Changed prior to commit:
https://reviews.llvm.org/D37478?vs=118182&id=118342#toc
Repository:
rL LLVM
https://reviews.llvm.org/D37478
Files:
cfe/trunk/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp
cfe/trunk/test/Analysis/pointer-arithmetic.c
Index: cfe/trunk/test/Analysis/pointer-arithmetic.c
===================================================================
--- cfe/trunk/test/Analysis/pointer-arithmetic.c
+++ cfe/trunk/test/Analysis/pointer-arithmetic.c
@@ -0,0 +1,30 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=core -verify %s
+
+int test1() {
+ int *p = (int *)sizeof(int);
+ p -= 1;
+ return *p; // expected-warning {{Dereference of null pointer}}
+}
+
+int test2() {
+ int *p = (int *)sizeof(int);
+ p -= 2;
+ p += 1;
+ return *p; // expected-warning {{Dereference of null pointer}}
+}
+
+int test3() {
+ int *p = (int *)sizeof(int);
+ p++;
+ p--;
+ p--;
+ return *p; // expected-warning {{Dereference of null pointer}}
+}
+
+int test4() {
+ // This is a special case where pointer arithmetic is not calculated to
+ // preserve useful warnings on dereferences of null pointers.
+ int *p = 0;
+ p += 1;
+ return *p; // expected-warning {{Dereference of null pointer}}
+}
Index: cfe/trunk/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp
===================================================================
--- cfe/trunk/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp
+++ cfe/trunk/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp
@@ -922,6 +922,10 @@
if (rhs.isZeroConstant())
return lhs;
+ // Perserve the null pointer so that it can be found by the DerefChecker.
+ if (lhs.isZeroConstant())
+ return lhs;
+
// We are dealing with pointer arithmetic.
// Handle pointer arithmetic on constant values.
@@ -937,6 +941,8 @@
// Offset the increment by the pointer size.
llvm::APSInt Multiplicand(rightI.getBitWidth(), /* isUnsigned */ true);
+ QualType pointeeType = resultTy->getPointeeType();
+ Multiplicand =
getContext().getTypeSizeInChars(pointeeType).getQuantity();
rightI *= Multiplicand;
// Compute the adjusted pointer.
Index: cfe/trunk/test/Analysis/pointer-arithmetic.c
===================================================================
--- cfe/trunk/test/Analysis/pointer-arithmetic.c
+++ cfe/trunk/test/Analysis/pointer-arithmetic.c
@@ -0,0 +1,30 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=core -verify %s
+
+int test1() {
+ int *p = (int *)sizeof(int);
+ p -= 1;
+ return *p; // expected-warning {{Dereference of null pointer}}
+}
+
+int test2() {
+ int *p = (int *)sizeof(int);
+ p -= 2;
+ p += 1;
+ return *p; // expected-warning {{Dereference of null pointer}}
+}
+
+int test3() {
+ int *p = (int *)sizeof(int);
+ p++;
+ p--;
+ p--;
+ return *p; // expected-warning {{Dereference of null pointer}}
+}
+
+int test4() {
+ // This is a special case where pointer arithmetic is not calculated to
+ // preserve useful warnings on dereferences of null pointers.
+ int *p = 0;
+ p += 1;
+ return *p; // expected-warning {{Dereference of null pointer}}
+}
Index: cfe/trunk/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp
===================================================================
--- cfe/trunk/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp
+++ cfe/trunk/lib/StaticAnalyzer/Core/SimpleSValBuilder.cpp
@@ -922,6 +922,10 @@
if (rhs.isZeroConstant())
return lhs;
+ // Perserve the null pointer so that it can be found by the DerefChecker.
+ if (lhs.isZeroConstant())
+ return lhs;
+
// We are dealing with pointer arithmetic.
// Handle pointer arithmetic on constant values.
@@ -937,6 +941,8 @@
// Offset the increment by the pointer size.
llvm::APSInt Multiplicand(rightI.getBitWidth(), /* isUnsigned */ true);
+ QualType pointeeType = resultTy->getPointeeType();
+ Multiplicand = getContext().getTypeSizeInChars(pointeeType).getQuantity();
rightI *= Multiplicand;
// Compute the adjusted pointer.
_______________________________________________
cfe-commits mailing list
[email protected]
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
