Author: Vince Bridgers Date: 2020-03-30T14:13:08-05:00 New Revision: defd95ef45171252ee8491729d3f3c863bbfe530
URL: https://github.com/llvm/llvm-project/commit/defd95ef45171252ee8491729d3f3c863bbfe530 DIFF: https://github.com/llvm/llvm-project/commit/defd95ef45171252ee8491729d3f3c863bbfe530.diff LOG: [analyzer] Fix StdLibraryFunctionsChecker NotNull Constraint Check Summary: This check was causing a crash in a test case where the 0th argument was uninitialized ('Assertion `T::isKind(*this)' at line SVals.h:104). This was happening since the argument was actually undefined, but the castAs assumes the value is DefinedOrUnknownSVal. The fix appears to be simply to check for an undefined value and skip the check allowing the uninitalized value checker to detect the error. I included a test case that I verified to produce the negative case prior to the fix, and passes with the fix. Reviewers: martong, NoQ Subscribers: xazax.hun, szepet, rnkovacs, a.sidorin, mikhail.ramalho, Szelethus, donat.nagy, Charusso, ASDenysPetrov, baloghadamsoftware, dkrupp, cfe-commits Tags: #clang Differential Revision: https://reviews.llvm.org/D77012 Added: Modified: clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp clang/test/Analysis/std-c-library-functions.c Removed: ################################################################################ diff --git a/clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp index cd257ffdc939..6e5f5f8b5874 100644 --- a/clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp +++ b/clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp @@ -190,6 +190,9 @@ class StdLibraryFunctionsChecker ProgramStateRef apply(ProgramStateRef State, const CallEvent &Call, const Summary &Summary) const override { SVal V = getArgSVal(Call, getArgNo()); + if (V.isUndef()) + return State; + DefinedOrUnknownSVal L = V.castAs<DefinedOrUnknownSVal>(); if (!L.getAs<Loc>()) return State; diff --git a/clang/test/Analysis/std-c-library-functions.c b/clang/test/Analysis/std-c-library-functions.c index 3f700a7c39a4..a275ea6720ad 100644 --- a/clang/test/Analysis/std-c-library-functions.c +++ b/clang/test/Analysis/std-c-library-functions.c @@ -89,6 +89,14 @@ void test_fread_fwrite(FILE *fp, int *buf) { clang_analyzer_eval(z <= y); // expected-warning{{TRUE}} } +void test_fread_uninitialized(void) { + void *ptr; + size_t sz; + size_t nmem; + FILE *fp; + (void)fread(ptr, sz, nmem, fp); // expected-warning {{1st function call argument is an uninitialized value}} +} + ssize_t getline(char **, size_t *, FILE *); void test_getline(FILE *fp) { char *line = 0; _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
