When I conducted static analysis without core checkers, clang encountered
a crash by division by zero. The cause of the division-by-zero is
that BasicValueFactory::evalAPSInt() blindly operates divisions with
*any* known values. It means the SVal builder operates divisions even if
RHS value is zero. My fix is simply adding a RHS check before performing
the division in BasicValueFactory::evalAPSInt().
http://reviews.llvm.org/D10145
Files:
lib/StaticAnalyzer/Core/BasicValueFactory.cpp
Index: lib/StaticAnalyzer/Core/BasicValueFactory.cpp
===================================================================
--- lib/StaticAnalyzer/Core/BasicValueFactory.cpp
+++ lib/StaticAnalyzer/Core/BasicValueFactory.cpp
@@ -154,9 +154,13 @@
return &getValue( V1 * V2 );
case BO_Div:
+ if (V2 == 0) // Avoid division by zero
+ return nullptr;
return &getValue( V1 / V2 );
case BO_Rem:
+ if (V2 == 0) // Avoid division by zero
+ return nullptr;
return &getValue( V1 % V2 );
case BO_Add:
EMAIL PREFERENCES
http://reviews.llvm.org/settings/panel/emailpreferences/
Index: lib/StaticAnalyzer/Core/BasicValueFactory.cpp
===================================================================
--- lib/StaticAnalyzer/Core/BasicValueFactory.cpp
+++ lib/StaticAnalyzer/Core/BasicValueFactory.cpp
@@ -154,9 +154,13 @@
return &getValue( V1 * V2 );
case BO_Div:
+ if (V2 == 0) // Avoid division by zero
+ return nullptr;
return &getValue( V1 / V2 );
case BO_Rem:
+ if (V2 == 0) // Avoid division by zero
+ return nullptr;
return &getValue( V1 % V2 );
case BO_Add:
_______________________________________________
cfe-commits mailing list
[email protected]
http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
