llvmbot wrote:
<!--LLVM PR SUMMARY COMMENT--> @llvm/pr-subscribers-clang-static-analyzer-1 @llvm/pr-subscribers-clang Author: Exile (mzyKi) <details> <summary>Changes</summary> fixed #<!-- -->72618 inlined_uses_arg call_vprintf_bad, but still fail in call_vsprintf_bad in valist-uninitialized-no-undef.c --- Full diff: https://github.com/llvm/llvm-project/pull/72951.diff 1 Files Affected: - (modified) clang/lib/StaticAnalyzer/Checkers/ValistChecker.cpp (+34-2) ``````````diff diff --git a/clang/lib/StaticAnalyzer/Checkers/ValistChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/ValistChecker.cpp index 2d1b873abf73f09..0ac7b092aa86278 100644 --- a/clang/lib/StaticAnalyzer/Checkers/ValistChecker.cpp +++ b/clang/lib/StaticAnalyzer/Checkers/ValistChecker.cpp @@ -27,8 +27,9 @@ REGISTER_SET_WITH_PROGRAMSTATE(InitializedVALists, const MemRegion *) namespace { typedef SmallVector<const MemRegion *, 2> RegionVector; -class ValistChecker : public Checker<check::PreCall, check::PreStmt<VAArgExpr>, - check::DeadSymbols> { +class ValistChecker + : public Checker<check::PreCall, check::PreStmt<VAArgExpr>, + check::PreStmt<DeclStmt>, check::DeadSymbols> { mutable std::unique_ptr<BugType> BT_leakedvalist, BT_uninitaccess; struct VAListAccepter { @@ -49,11 +50,13 @@ class ValistChecker : public Checker<check::PreCall, check::PreStmt<VAArgExpr>, bool ChecksEnabled[CK_NumCheckKinds] = {false}; CheckerNameRef CheckNames[CK_NumCheckKinds]; + void checkPreStmt(const DeclStmt *DS, CheckerContext &C) const; void checkPreStmt(const VAArgExpr *VAA, CheckerContext &C) const; void checkPreCall(const CallEvent &Call, CheckerContext &C) const; void checkDeadSymbols(SymbolReaper &SR, CheckerContext &C) const; private: + bool isWinValistType(const VarDecl *VD) const; const MemRegion *getVAListAsRegion(SVal SV, const Expr *VAExpr, bool &IsSymbolic, CheckerContext &C) const; const ExplodedNode *getStartCallSite(const ExplodedNode *N, @@ -160,6 +163,35 @@ void ValistChecker::checkPreCall(const CallEvent &Call, } } +bool ValistChecker::isWinValistType(const VarDecl *VD) const { + ASTContext &Ctx = VD->getASTContext(); + QualType T = VD->getType(); + if (T.isNull()) { + return false; + } + return T.getDesugaredType(Ctx)->isPointerType() && + T.getDesugaredType(Ctx)->getPointeeType()->isCharType(); +} + +void ValistChecker::checkPreStmt(const DeclStmt *DS, CheckerContext &C) const { + for (const auto *I : DS->decls()) { + if (const auto *D = dyn_cast<VarDecl>(I)) { + if (isWinValistType(D)) { + ProgramStateRef State = C.getState(); + const LocationContext *LC = C.getLocationContext(); + const VarRegion *R = State->getRegion(D, LC); + MemRegionManager &MR = R->getMemRegionManager(); + SValBuilder &SVB = C.getSValBuilder(); + const ElementRegion *ER = + MR.getElementRegion(C.getASTContext().CharTy, + SVB.makeZeroArrayIndex(), R, C.getASTContext()); + State = State->bindLoc(State->getLValue(D, LC), SVB.makeLoc(ER), LC); + C.addTransition(State); + } + } + } +} + const MemRegion *ValistChecker::getVAListAsRegion(SVal SV, const Expr *E, bool &IsSymbolic, CheckerContext &C) const { `````````` </details> https://github.com/llvm/llvm-project/pull/72951 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
