a017ed04cc
Add basic support for `builtin_*_overflow` primitives.
These helps a lot for checking custom calloc-like functions with
inlinable body. Without such support code like
```c
#include <stddef.h>
#include <stdlib.h>
static void *myMalloc(size_t a1, size_t a2)
{
size_t res;
if (__builtin_mul_overflow(a1, a2, &res))
return NULL;
return malloc(res);
}
void test(void)
{
char *ptr = myMalloc(10, 1);
ptr[20] = 10;
}
````
does not trigger any warnings.
31 lines
1.2 KiB
C
31 lines
1.2 KiB
C
// RUN: %clang_analyze_cc1 -analyzer-checker=core -analyzer-output text \
|
|
// RUN: -verify %s
|
|
|
|
void test_no_overflow_note(int a, int b)
|
|
{
|
|
int res;
|
|
|
|
if (__builtin_add_overflow(a, b, &res)) // expected-note {{Assuming no overflow}}
|
|
// expected-note@-1 {{Taking false branch}}
|
|
return;
|
|
|
|
if (res) { // expected-note {{Assuming 'res' is not equal to 0}}
|
|
// expected-note@-1 {{Taking true branch}}
|
|
int *ptr = 0; // expected-note {{'ptr' initialized to a null pointer value}}
|
|
int var = *(int *) ptr; //expected-warning {{Dereference of null pointer}}
|
|
//expected-note@-1 {{Dereference of null pointer}}
|
|
}
|
|
}
|
|
|
|
void test_overflow_note(int a, int b)
|
|
{
|
|
int res; // expected-note{{'res' declared without an initial value}}
|
|
|
|
if (__builtin_add_overflow(a, b, &res)) { // expected-note {{Assuming overflow}}
|
|
// expected-note@-1 {{Taking true branch}}
|
|
int var = res; // expected-warning{{Assigned value is garbage or undefined}}
|
|
// expected-note@-1 {{Assigned value is garbage or undefined}}
|
|
return;
|
|
}
|
|
}
|