diff options
| author | Ted Kremenek <kremenek@apple.com> | 2009-01-30 00:08:43 +0000 |
|---|---|---|
| committer | Ted Kremenek <kremenek@apple.com> | 2009-01-30 00:08:43 +0000 |
| commit | 7594e2a59a5ffc4abd80fea5d00d9be2496fe3fa (patch) | |
| tree | 8d096fc1653230433bbf40fffd112e711d1d943e /clang/test | |
| parent | 711e882c1bc0a59893e491f114e8917607242ea5 (diff) | |
| download | bcm5719-llvm-7594e2a59a5ffc4abd80fea5d00d9be2496fe3fa.tar.gz bcm5719-llvm-7594e2a59a5ffc4abd80fea5d00d9be2496fe3fa.zip | |
Fix a couple bugs:
- NonLoc::MakeVal() would use sizeof(unsigned) (literally) instead of consulting
ASTContext for the size (in bits) of 'int'. While it worked, it was a
conflation of concepts and using ASTContext.IntTy is 100% correct.
- RegionStore::getSizeInElements() no longer assumes that a VarRegion has the
type "ConstantArray", and handles the case when uses use ordinary variables
as if they were arrays.
- Fixed ElementRegion::getRValueType() to just return the rvalue type of its
"array region" in the case the array didn't have ArrayType.
- All of this fixes <rdar://problem/6541136>
llvm-svn: 63347
Diffstat (limited to 'clang/test')
| -rw-r--r-- | clang/test/Analysis/rdar-6541136-region.c | 19 | ||||
| -rw-r--r-- | clang/test/Analysis/rdar-6541136.c | 20 |
2 files changed, 39 insertions, 0 deletions
diff --git a/clang/test/Analysis/rdar-6541136-region.c b/clang/test/Analysis/rdar-6541136-region.c new file mode 100644 index 00000000000..4fd2214daa5 --- /dev/null +++ b/clang/test/Analysis/rdar-6541136-region.c @@ -0,0 +1,19 @@ +// RUN: clang -verify -analyze -checker-cfref -analyzer-store-region %s + +struct tea_cheese { unsigned magic; }; +typedef struct tea_cheese kernel_tea_cheese_t; +extern kernel_tea_cheese_t _wonky_gesticulate_cheese; + +// This test case exercises the ElementRegion::getRValueType() logic. + + +void foo( void ) +{ + kernel_tea_cheese_t *wonky = &_wonky_gesticulate_cheese; + struct load_wine *cmd = (void*) &wonky[1]; + cmd = cmd; + char *p = (void*) &wonky[1]; + *p = 1; + kernel_tea_cheese_t *q = &wonky[1]; + kernel_tea_cheese_t r = *q; // expected-warning{{out-of-bound memory position}} +} diff --git a/clang/test/Analysis/rdar-6541136.c b/clang/test/Analysis/rdar-6541136.c new file mode 100644 index 00000000000..919a21dc21c --- /dev/null +++ b/clang/test/Analysis/rdar-6541136.c @@ -0,0 +1,20 @@ +// clang -verify -analyze -checker-cfref -analyzer-store-basic %s + +struct tea_cheese { unsigned magic; }; +typedef struct tea_cheese kernel_tea_cheese_t; +extern kernel_tea_cheese_t _wonky_gesticulate_cheese; + +// This test case exercises the ElementRegion::getRValueType() logic. +// All it tests is that it does not crash or do anything weird. +// The out-of-bounds-access on line 19 is caught using the region store variant. + +void foo( void ) +{ + kernel_tea_cheese_t *wonky = &_wonky_gesticulate_cheese; + struct load_wine *cmd = (void*) &wonky[1]; + cmd = cmd; + char *p = (void*) &wonky[1]; + *p = 1; + kernel_tea_cheese_t *q = &wonky[1]; + kernel_tea_cheese_t r = *q; // no-warning +} |
