---------------------------------------- > Date: Mon, 17 Aug 2015 19:29:29 +0000 > To: hiradi...@msn.com; jordan_r...@apple.com; kreme...@apple.com; > daniel.marjam...@evidente.se; mclow.li...@gmail.com; adasg...@codeaurora.org; > zaks.a...@gmail.com > From: zaks.a...@gmail.com > CC: cfe-commits@lists.llvm.org > Subject: Re: [PATCH] D9924: Ignore report when the argument to malloc is > assigned known value > > zaks.anna added a comment. > >> x = a/b; where n < b > >> malloc (x*n); Then x*n will not overflow > > > I am not convinced that the new rule is strong enough. 'a' can be any > expression. For example, maybe you have (b-1)*a/b and the denominator cancels > out something unrelated to 'n' in the numerator? Maybe we could change the > rule to "where n==b"? By the way, that is the only subcase that is being > tested.
Please correct me if I'm wrong. My point was, as long as `n<b' n*x would not overflow unless `a' (the numerator) overflows in the first place. Assuming `a' does not overflow, `a/b' would not overflow as well, since this is an integer division. and since, a/b < a/n => x*n < a which does not overflow. Maybe, I should add a check that `a, b, n' are positive. So, in this case static analyzer can choose to be strict and reject false positives. If `a' might overflow, then in this case we can emit warning stating that the overflow is caused because `a' might overflow. > >> With regards to copy paste, I'm not sure about how to do this in a different >> way. > > > I suggest to experiment with refactoring out common parts into subroutines. Thanks, I'll try to refactor parts of it. -Aditya > > > http://reviews.llvm.org/D9924 > > > _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
