https://github.com/balazske approved this pull request.
This looks good now, documentation could be a bit more exact in that operations
on standard streams are not checked by the checker, like any other operation on
streams that are not opened on the analysis path.
https://github.com/balazske updated
https://github.com/llvm/llvm-project/pull/100100
From e4440b82f3d1fe5c7cafbad87da0e266d35a619e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date: Tue, 23 Jul 2024 11:20:22 +0200
Subject: [PATCH 1/2] [clang][ASTImporter] Fix import of
balazske wrote:
> Exactly. I didn't want to rush too much, but I can share that my current idea
> is to call `assumeNoAliasingWithStdStreams` only on the success path.
This can be a better (and more simple) solution.
https://github.com/llvm/llvm-project/pull/100901
balazske wrote:
In the state dump I see that `stdout` seems to be NULL (last line in
"constraints"). This explains why the `StateNull` becomes NULL, because call to
`assumeNoAliasingWithStdStreams` was called already. I think the better
solution is to check NULL-ness of the std stream
https://github.com/balazske approved this pull request.
https://github.com/llvm/llvm-project/pull/100903
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/balazske closed
https://github.com/llvm/llvm-project/pull/97078
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/balazske updated
https://github.com/llvm/llvm-project/pull/96501
From b431151f83fa2980e4a132191ccf5713ab69806b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date: Mon, 24 Jun 2024 16:48:54 +0200
Subject: [PATCH 1/2] [clang][analyzer] Improve
@@ -1,13 +1,14 @@
// RUN: %clang_analyze_cc1 -triple i686-unknown-linux
-analyzer-checker=alpha.security.MmapWriteExec -analyzer-config
alpha.security.MmapWriteExec:MmapProtExec=1 -analyzer-config
alpha.security.MmapWriteExec:MmapProtRead=4
https://github.com/balazske updated
https://github.com/llvm/llvm-project/pull/97078
From 1f04ce794a3aefc0f5622a9dea0a92a1e2b50be9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date: Tue, 25 Jun 2024 16:27:00 +0200
Subject: [PATCH 1/3] [clang][analyzer] MmapWriteExecChecker
balazske wrote:
I removed the options to specify `PROT_` values. These should not be needed
because detection from macro value should work in normal cases (probably this
functionality was not available when the options were added).
https://github.com/llvm/llvm-project/pull/97078
balazske wrote:
Documentation of the checker could be updated with this new behavior.
https://github.com/llvm/llvm-project/pull/100085
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/balazske updated
https://github.com/llvm/llvm-project/pull/97078
From 1f04ce794a3aefc0f5622a9dea0a92a1e2b50be9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date: Tue, 25 Jun 2024 16:27:00 +0200
Subject: [PATCH 1/2] [clang][analyzer] MmapWriteExecChecker
https://github.com/balazske created
https://github.com/llvm/llvm-project/pull/100100
Default values of template parameters (non-type, type, template) were not
correctly handled in the "inherited" case. This occurs if the first declaration
contains the default value but a next one not. The
@@ -21,30 +21,55 @@
#include "clang/StaticAnalyzer/Core/PathSensitive/CallDescription.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
+#include
https://github.com/balazske edited
https://github.com/llvm/llvm-project/pull/99281
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/balazske created
https://github.com/llvm/llvm-project/pull/99281
After the last change in PR #87144 regressions appeared in some cases. The
problem was that if multiple anonymous enums are present in a class and are
imported as new the import of the second enum can fail
https://github.com/balazske created
https://github.com/llvm/llvm-project/pull/97078
Read the 'mmap' flags from macro values and use a better test for the error
situation.
From 1f04ce794a3aefc0f5622a9dea0a92a1e2b50be9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date:
balazske wrote:
Even protobuf contains this type of code:
https://codechecker-demo.eastus.cloudapp.azure.com/Default/report-detail?run=protobuf_v3.13.0_pointersub1=on=New=alpha.core.PointerSub=5545776=1bcd310fbaeccbcc13645b9b277239a2=%2adescriptor.pb.cc
balazske wrote:
If the array bounds checker does the same job then the array bounds check it is
not needed in this checker. Specially if it makes no difference if the indexing
is used at pointer subtraction.
https://github.com/llvm/llvm-project/pull/96501
https://github.com/balazske closed
https://github.com/llvm/llvm-project/pull/96295
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
balazske wrote:
I fixed a test that contained the entire option help description. I think this
is not needed, removed it and only included the first line of the description.
https://github.com/llvm/llvm-project/pull/96295
___
cfe-commits mailing list
https://github.com/balazske updated
https://github.com/llvm/llvm-project/pull/96295
From 0c57ad1ca36a841dff700eb98f878475e0243b88 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date: Fri, 21 Jun 2024 12:13:02 +0200
Subject: [PATCH 1/3] [clang][analyzer] Improve
balazske wrote:
The warning message may be still misleading if the LHS or RHS "arrays" are
non-array variables. Is it better to improve the messages in this case (or
detect if `offsetof` can be used and include it in the message)?
https://github.com/llvm/llvm-project/pull/96501
balazske wrote:
These results look correct according to the checker, but I am not sure if such
results are useful or really invalid:
https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=vim_v8.2.1920_pointersub1=on=New=alpha.core.PointerSub
In these cases the address
https://github.com/balazske created
https://github.com/llvm/llvm-project/pull/96501
The checker could report false positives if pointer arithmetic was done on
pointers to non-array data before pointer subtraction. Another problem is fixed
that could cause false positive if members of the same
https://github.com/balazske closed
https://github.com/llvm/llvm-project/pull/95899
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/balazske updated
https://github.com/llvm/llvm-project/pull/96295
From 0c57ad1ca36a841dff700eb98f878475e0243b88 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date: Fri, 21 Jun 2024 12:13:02 +0200
Subject: [PATCH 1/2] [clang][analyzer] Improve
https://github.com/balazske closed
https://github.com/llvm/llvm-project/pull/89887
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
balazske wrote:
I have not enough resources to create a reproducer and it is not trivial, so I
would merge this change now.
https://github.com/llvm/llvm-project/pull/89887
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://github.com/balazske created
https://github.com/llvm/llvm-project/pull/96295
None
From 0c57ad1ca36a841dff700eb98f878475e0243b88 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date: Fri, 21 Jun 2024 12:13:02 +0200
Subject: [PATCH] [clang][analyzer] Improve
https://github.com/balazske closed
https://github.com/llvm/llvm-project/pull/95003
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/balazske approved this pull request.
At least the `StreamChecker` part looks correct, Probably we can test on the
opensource projects if there appear too many bad results (but probably not many
resource leak cases are found).
https://github.com/llvm/llvm-project/pull/94957
balazske wrote:
> > I did not find a similar test for `MallocChecker` but there could be one
> > with similar test functions.
>
> I'm not sure what tests you are referring to. I did fix your other
> observations.
I meant another test file where the `NoStateChangeFuncVisitor` is tested (if
https://github.com/balazske updated
https://github.com/llvm/llvm-project/pull/95899
From 1eb6e7ebde0e97e1cd077dc27ffd3ebd6ed0e93d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date: Tue, 18 Jun 2024 10:09:24 +0200
Subject: [PATCH 1/4] [clang][analyzer] Add notes to
@@ -144,9 +144,24 @@ void PointerSubChecker::checkPreStmt(const BinaryOperator
*B,
// Allow arithmetic on different symbolic regions.
if (isa(SuperLR) || isa(SuperRR))
return;
+if (const auto *SuperDLR = dyn_cast(SuperLR))
+ DiffDeclL =
https://github.com/balazske updated
https://github.com/llvm/llvm-project/pull/95899
From 1eb6e7ebde0e97e1cd077dc27ffd3ebd6ed0e93d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date: Tue, 18 Jun 2024 10:09:24 +0200
Subject: [PATCH 1/3] [clang][analyzer] Add notes to
https://github.com/balazske updated
https://github.com/llvm/llvm-project/pull/95899
From 1eb6e7ebde0e97e1cd077dc27ffd3ebd6ed0e93d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date: Tue, 18 Jun 2024 10:09:24 +0200
Subject: [PATCH 1/2] [clang][analyzer] Add notes to
balazske wrote:
I found difficult results from the checker where it is not obvious what the
problem is.
One type is this case where a negative index is found (any of these results, or
check the first one):
https://github.com/balazske created
https://github.com/llvm/llvm-project/pull/95899
Notes are added to indicate the array declarations of the arrays in a found
invalid pointer subtraction.
From 1eb6e7ebde0e97e1cd077dc27ffd3ebd6ed0e93d Mon Sep 17 00:00:00 2001
From:
balazske wrote:
I did not get crash with this script and latest clang. Probably there is a
difference in the used system headers (`iostream` and `string` is included)?
https://github.com/llvm/llvm-project/pull/87144
___
cfe-commits mailing list
@@ -393,6 +401,173 @@ ProgramStateRef
CStringChecker::checkNonNull(CheckerContext ,
return stateNonNull;
}
+static std::optional getIndex(ProgramStateRef State,
+ const ElementRegion *ER, CharKind CK) {
+ SValBuilder =
balazske wrote:
It should be possible in `StreamChecker` to perform the invalidations even if
the `StreamState` is not found (stream was not opened). Another possible
solution is that a generic invalidation support is added to
`StdLibraryFunctionsChecker` that can be used for stream related
https://github.com/balazske approved this pull request.
It looks now OK at least to my knowledge.
https://github.com/llvm/llvm-project/pull/93408
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
@@ -696,6 +732,69 @@ struct StreamOperationEvaluator {
} // end anonymous namespace
+//===--===//
+// Definition of NoStreamStateChangeVisitor.
@@ -696,6 +730,69 @@ struct StreamOperationEvaluator {
} // end anonymous namespace
+//===--===//
+// Definition of NoStreamStateChangeVisitor.
https://github.com/balazske edited
https://github.com/llvm/llvm-project/pull/94957
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/balazske commented:
I did not find big issues. But a description could be added to the
`NoOwnershipChangeVisitor` to explain what it does, and to `StreamChecker` for
what is it used. I did not find a similar test for `MallocChecker` but there
could be one with similar test
@@ -0,0 +1,179 @@
+// RUN: %clang_analyze_cc1 -verify %s -analyzer-output=text \
+// RUN: -analyzer-checker=core \
+// RUN: -analyzer-checker=unix.Stream
balazske wrote:
This file can have a better name (like "stream-notes-missing-close.cpp").
https://github.com/balazske created
https://github.com/llvm/llvm-project/pull/95003
The checker was renamed at some time ago but the documentation was not updated.
The section is now just moved and renamed. The documentation is still very
simple and needs improvement.
From
https://github.com/balazske closed
https://github.com/llvm/llvm-project/pull/93676
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/balazske updated
https://github.com/llvm/llvm-project/pull/93676
From a896030e71d09ebe7239d6fab343606918ee4c1b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date: Wed, 29 May 2024 14:28:43 +0200
Subject: [PATCH 1/5] [clang][analyzer] Improved
@@ -0,0 +1,443 @@
+// RUN: %clang_analyze_cc1 -verify %s \
+// RUN: -triple x86_64-linux-gnu \
+// RUN: -analyzer-checker=core,unix.Stream,alpha.security.taint \
+// RUN: -analyzer-checker=debug.ExprInspection
+
+#include
@@ -0,0 +1,443 @@
+// RUN: %clang_analyze_cc1 -verify %s \
+// RUN: -triple x86_64-linux-gnu \
+// RUN: -analyzer-checker=core,unix.Stream,alpha.security.taint \
+// RUN: -analyzer-checker=debug.ExprInspection
+
+#include
@@ -0,0 +1,116 @@
+//===--*- C++
-*--//
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM
Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier:
https://github.com/balazske edited
https://github.com/llvm/llvm-project/pull/93408
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -0,0 +1,443 @@
+// RUN: %clang_analyze_cc1 -verify %s \
+// RUN: -triple x86_64-linux-gnu \
+// RUN: -analyzer-checker=core,unix.Stream,alpha.security.taint \
+// RUN: -analyzer-checker=debug.ExprInspection
+
+#include
@@ -0,0 +1,443 @@
+// RUN: %clang_analyze_cc1 -verify %s \
+// RUN: -triple x86_64-linux-gnu \
+// RUN: -analyzer-checker=core,unix.Stream,alpha.security.taint \
+// RUN: -analyzer-checker=debug.ExprInspection
+
+#include
@@ -0,0 +1,443 @@
+// RUN: %clang_analyze_cc1 -verify %s \
+// RUN: -triple x86_64-linux-gnu \
+// RUN: -analyzer-checker=core,unix.Stream,alpha.security.taint \
+// RUN: -analyzer-checker=debug.ExprInspection
+
+#include
https://github.com/balazske updated
https://github.com/llvm/llvm-project/pull/93676
From a896030e71d09ebe7239d6fab343606918ee4c1b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date: Wed, 29 May 2024 14:28:43 +0200
Subject: [PATCH 1/4] [clang][analyzer] Improved
@@ -0,0 +1,412 @@
+// RUN: %clang_analyze_cc1 -verify %s \
+// RUN: -triple x86_64-linux-gnu \
+// RUN: -analyzer-checker=core,unix.Stream,alpha.security.taint \
+// RUN: -analyzer-checker=debug.ExprInspection
+
+#include
@@ -0,0 +1,412 @@
+// RUN: %clang_analyze_cc1 -verify %s \
+// RUN: -triple x86_64-linux-gnu \
+// RUN: -analyzer-checker=core,unix.Stream,alpha.security.taint \
+// RUN: -analyzer-checker=debug.ExprInspection
+
+#include
@@ -0,0 +1,412 @@
+// RUN: %clang_analyze_cc1 -verify %s \
+// RUN: -triple x86_64-linux-gnu \
+// RUN: -analyzer-checker=core,unix.Stream,alpha.security.taint \
+// RUN: -analyzer-checker=debug.ExprInspection
+
+#include
@@ -907,6 +945,73 @@ void StreamChecker::preWrite(const FnDescription *Desc,
const CallEvent ,
C.addTransition(State);
}
+static std::optional getPointeeType(const MemRegion *R) {
+ if (!R)
+return std::nullopt;
+ if (const auto *ER = dyn_cast(R))
+return
@@ -0,0 +1,412 @@
+// RUN: %clang_analyze_cc1 -verify %s \
+// RUN: -triple x86_64-linux-gnu \
+// RUN: -analyzer-checker=core,unix.Stream,alpha.security.taint \
+// RUN: -analyzer-checker=debug.ExprInspection
+
+#include
@@ -0,0 +1,412 @@
+// RUN: %clang_analyze_cc1 -verify %s \
+// RUN: -triple x86_64-linux-gnu \
+// RUN: -analyzer-checker=core,unix.Stream,alpha.security.taint \
+// RUN: -analyzer-checker=debug.ExprInspection
+
+#include
@@ -907,6 +945,73 @@ void StreamChecker::preWrite(const FnDescription *Desc,
const CallEvent ,
C.addTransition(State);
}
+static std::optional getPointeeType(const MemRegion *R) {
+ if (!R)
+return std::nullopt;
+ if (const auto *ER = dyn_cast(R))
+return
https://github.com/balazske edited
https://github.com/llvm/llvm-project/pull/93408
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/balazske commented:
It looks relatively good, I found only smaller issues.
https://github.com/llvm/llvm-project/pull/93408
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://github.com/balazske approved this pull request.
https://github.com/llvm/llvm-project/pull/93923
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/balazske closed
https://github.com/llvm/llvm-project/pull/93980
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -0,0 +1,74 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=alpha.core.PointerSub -verify %s
+
+void f1(void) {
+ int x, y, z[10];
+ int d = - // expected-warning{{Subtraction of two pointers that do
not point into the same array is undefined behavior}}
+ d = z - //
https://github.com/balazske commented:
The change looks good, only the test can be made more exact.
https://github.com/llvm/llvm-project/pull/93923
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
@@ -9674,6 +9674,40 @@ TEST_P(ASTImporterOptionSpecificTestBase,
ImportInstantiatedFromMember) {
EXPECT_TRUE(ImportedPartialSpecialization->getInstantiatedFromMember());
}
+AST_MATCHER_P(EnumDecl, hasEnumConstName, StringRef, ConstName) {
+ for (EnumConstantDecl *D :
@@ -9674,6 +9674,40 @@ TEST_P(ASTImporterOptionSpecificTestBase,
ImportInstantiatedFromMember) {
EXPECT_TRUE(ImportedPartialSpecialization->getInstantiatedFromMember());
}
+AST_MATCHER_P(EnumDecl, hasEnumConstName, StringRef, ConstName) {
+ for (EnumConstantDecl *D :
https://github.com/balazske edited
https://github.com/llvm/llvm-project/pull/93923
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/balazske updated
https://github.com/llvm/llvm-project/pull/93980
From 033c7c2187f4dcbd050c69c5279ae2dcfe02c529 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date: Wed, 29 May 2024 16:47:42 +0200
Subject: [PATCH 1/2] [clang][analyzer] Move
@@ -1179,6 +1179,41 @@ security.insecureAPI.DeprecatedOrUnsafeBufferHandling (C)
strncpy(buf, "a", 1); // warn
}
+.. _security-putenv-stack-array:
+
+security.PutenvStackArray (C)
+"
+Finds calls to the ``putenv`` function which pass a pointer
@@ -1179,6 +1179,41 @@ security.insecureAPI.DeprecatedOrUnsafeBufferHandling (C)
strncpy(buf, "a", 1); // warn
}
+.. _security-putenv-stack-array:
+
+security.PutenvStackArray (C)
+"
+Finds calls to the ``putenv`` function which pass a pointer
balazske wrote:
I found [this
https://github.com/balazske created
https://github.com/llvm/llvm-project/pull/93980
Checker alpha.security.PutenvStackArray is moved to security.PutenvStackArray.
From 033c7c2187f4dcbd050c69c5279ae2dcfe02c529 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date: Wed, 29 May
@@ -9674,6 +9674,27 @@ TEST_P(ASTImporterOptionSpecificTestBase,
ImportInstantiatedFromMember) {
EXPECT_TRUE(ImportedPartialSpecialization->getInstantiatedFromMember());
}
+TEST_P(ASTImporterOptionSpecificTestBase, ImportAnonymousEnum) {
+ const char *ToCode =
+ R"(
https://github.com/balazske edited
https://github.com/llvm/llvm-project/pull/93923
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/balazske commented:
Does this work on the following code?
```
struct A {
enum { E1,E2 } x;
enum { E3,E4 } y;
};
```
https://github.com/llvm/llvm-project/pull/93923
___
cfe-commits mailing list
balazske wrote:
With the current version I have the following observations:
- There is a warning for `( + 1) - ` and `( - 1) - `. Should this be
fixed?
- The code `(int *)((char *)([4]) + sizeof(int)) - [4]` produces no warning
but `(int *)((char *)([4]) + 1) - [4]` produces warning. For
https://github.com/balazske updated
https://github.com/llvm/llvm-project/pull/93676
From a896030e71d09ebe7239d6fab343606918ee4c1b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date: Wed, 29 May 2024 14:28:43 +0200
Subject: [PATCH 1/3] [clang][analyzer] Improved
@@ -0,0 +1,74 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=alpha.core.PointerSub -verify %s
+
+void f1(void) {
+ int x, y, z[10];
+ int d = - // expected-warning{{Subtraction of two pointers that do
not point into the same array is undefined behavior}}
+ d = z - //
https://github.com/balazske updated
https://github.com/llvm/llvm-project/pull/93676
From a896030e71d09ebe7239d6fab343606918ee4c1b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date: Wed, 29 May 2024 14:28:43 +0200
Subject: [PATCH 1/2] [clang][analyzer] Improved
@@ -44,24 +44,30 @@ void PointerSubChecker::checkPreStmt(const BinaryOperator
*B,
const MemRegion *LR = LV.getAsRegion();
const MemRegion *RR = RV.getAsRegion();
-
- if (!(LR && RR))
-return;
-
- const MemRegion *BaseLR = LR->getBaseRegion();
- const MemRegion
https://github.com/balazske created
https://github.com/llvm/llvm-project/pull/93676
The checker is made more exact (only pointer into array is allowed) and more
tests are added.
From a896030e71d09ebe7239d6fab343606918ee4c1b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
@@ -937,8 +990,21 @@ void StreamChecker::evalFreadFwrite(const FnDescription
*Desc,
// At read, invalidate the buffer in any case of error or success,
// except if EOF was already present.
- if (IsFread && !E.isStreamEof())
-State = escapeArgs(State, C, Call, {0});
@@ -717,18 +717,71 @@ const ExplodedNode
*StreamChecker::getAcquisitionSite(const ExplodedNode *N,
return nullptr;
}
+/// Invalidate only the requested elements instead of the whole buffer.
+/// This is basically a refinement of the more generic 'escapeArgs' or
+/// the
@@ -717,18 +717,71 @@ const ExplodedNode
*StreamChecker::getAcquisitionSite(const ExplodedNode *N,
return nullptr;
}
+/// Invalidate only the requested elements instead of the whole buffer.
+/// This is basically a refinement of the more generic 'escapeArgs' or
+/// the
https://github.com/balazske closed
https://github.com/llvm/llvm-project/pull/93299
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
balazske wrote:
> Could you please show your commands which reproduced this crash? I tested
> locally with the following commands and it runs OK.
>
> ```c++
> clang++ -cc1 -std=c++17 -emit-pch -o test.cpp.ast test.cpp
> clang++ -cc1 -x c++ -ast-merge test.cpp.ast /dev/null -ast-dump
> ```
https://github.com/balazske created
https://github.com/llvm/llvm-project/pull/93299
None
From 9baa8cc3a1a738a43deee811b51593db85d5c88c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date: Fri, 24 May 2024 15:22:22 +0200
Subject: [PATCH] [clang][analyzer]
https://github.com/balazske closed
https://github.com/llvm/llvm-project/pull/92424
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/balazske updated
https://github.com/llvm/llvm-project/pull/92424
From 769523d392204eac6c48cb80a2282212f3edbbe4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?=
Date: Fri, 10 May 2024 17:30:23 +0200
Subject: [PATCH 1/4] [clang][analyzer] Move checker
https://github.com/balazske edited
https://github.com/llvm/llvm-project/pull/92424
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
balazske wrote:
The problem is that there is a distance between getting the "InsertPos" and the
insetion into the list. Between getting the `InsertPos`
(`VarTemplate->findSpecialization`) and the insertion further AST import
statements can occur and probably it can cause the list of
balazske wrote:
I could reproduce this assertion (with CTU analysis on project "contour"):
```
clang-19: llvm-project/clang/lib/AST/DeclTemplate.cpp:370: void
clang::RedeclarableTemplateDecl::addSpecializationImpl(llvm::FoldingSetVector&,
EntryType*, void*) [with Derived =
1 - 100 of 673 matches
Mail list logo