https://github.com/balazske updated https://github.com/llvm/llvm-project/pull/111846
From a9e1790691e01892f7e1b17523cd43421445f3ba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= <balazs.k...@ericsson.com> Date: Thu, 10 Oct 2024 16:28:50 +0200 Subject: [PATCH 1/3] [clang][analyzer] PointerSubChecker should not warn on pointers converted to numerical value Pointer values casted to integer (non-pointer) type should be able to be subtracted as usual. --- clang/lib/StaticAnalyzer/Checkers/PointerSubChecker.cpp | 4 ++++ clang/test/Analysis/pointer-sub.c | 7 +++++++ 2 files changed, 11 insertions(+) diff --git a/clang/lib/StaticAnalyzer/Checkers/PointerSubChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/PointerSubChecker.cpp index f0dc5efd75f7d6..7a85d9e2073068 100644 --- a/clang/lib/StaticAnalyzer/Checkers/PointerSubChecker.cpp +++ b/clang/lib/StaticAnalyzer/Checkers/PointerSubChecker.cpp @@ -61,6 +61,10 @@ void PointerSubChecker::checkPreStmt(const BinaryOperator *B, if (LR->getSymbolicBase() || RR->getSymbolicBase()) return; + if (!B->getLHS()->getType()->isPointerType() || + !B->getRHS()->getType()->isPointerType()) + return; + const auto *ElemLR = dyn_cast<ElementRegion>(LR); const auto *ElemRR = dyn_cast<ElementRegion>(RR); diff --git a/clang/test/Analysis/pointer-sub.c b/clang/test/Analysis/pointer-sub.c index 1c9d676ebb8f24..7a1dcb653a28c4 100644 --- a/clang/test/Analysis/pointer-sub.c +++ b/clang/test/Analysis/pointer-sub.c @@ -10,6 +10,9 @@ void f1(void) { d = &x - (&x + 1); // no-warning d = (&x + 0) - &x; // no-warning d = (z + 10) - z; // no-warning + d = (unsigned long)&y - (unsigned long)&x; // no-warning + unsigned long l = 1; + d = l - (unsigned long)&y; // no-warning } void f2(void) { @@ -28,6 +31,10 @@ void f2(void) { d = (int *)((char *)(&a[4]) + sizeof(int)) - &a[4]; // no-warning (pointers into the same array data) d = (int *)((char *)(&a[4]) + 1) - &a[4]; // expected-warning{{Subtraction of two pointers that}} + + long a1 = (long)&a[1]; + long b1 = (long)&b[1]; + d = a1 - b1; } void f3(void) { From 92fa6a06789a4e3cb4ce9ee552e760f521419bd5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= <balazs.k...@ericsson.com> Date: Thu, 10 Oct 2024 17:55:21 +0200 Subject: [PATCH 2/3] added test for typedef type --- clang/test/Analysis/pointer-sub.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/clang/test/Analysis/pointer-sub.c b/clang/test/Analysis/pointer-sub.c index 7a1dcb653a28c4..8f9d7cb4a2148f 100644 --- a/clang/test/Analysis/pointer-sub.c +++ b/clang/test/Analysis/pointer-sub.c @@ -1,5 +1,7 @@ // RUN: %clang_analyze_cc1 -analyzer-checker=security.PointerSub -analyzer-output=text-minimal -verify %s +typedef int * Ptr; + void f1(void) { int x, y, z[10]; int d = &y - &x; // expected-warning{{Subtraction of two pointers that do not point into the same array is undefined behavior}} @@ -13,6 +15,9 @@ void f1(void) { d = (unsigned long)&y - (unsigned long)&x; // no-warning unsigned long l = 1; d = l - (unsigned long)&y; // no-warning + Ptr p1 = &x; + Ptr p2 = &y; + d = p1 - p2; // expected-warning{{Subtraction of two pointers that do not point into the same array is undefined behavior}} } void f2(void) { From 4ce3f4f238f264dcc4f8b1b586cac757c55b63f3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= <balazs.k...@ericsson.com> Date: Fri, 11 Oct 2024 11:03:53 +0200 Subject: [PATCH 3/3] using 'long long' for pointer address --- clang/test/Analysis/pointer-sub.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/clang/test/Analysis/pointer-sub.c b/clang/test/Analysis/pointer-sub.c index 8f9d7cb4a2148f..25fb7f043d468c 100644 --- a/clang/test/Analysis/pointer-sub.c +++ b/clang/test/Analysis/pointer-sub.c @@ -12,9 +12,9 @@ void f1(void) { d = &x - (&x + 1); // no-warning d = (&x + 0) - &x; // no-warning d = (z + 10) - z; // no-warning - d = (unsigned long)&y - (unsigned long)&x; // no-warning - unsigned long l = 1; - d = l - (unsigned long)&y; // no-warning + d = (long long)&y - (long long)&x; // no-warning + long long l = 1; + d = l - (long long)&y; // no-warning Ptr p1 = &x; Ptr p2 = &y; d = p1 - p2; // expected-warning{{Subtraction of two pointers that do not point into the same array is undefined behavior}} @@ -37,8 +37,8 @@ void f2(void) { d = (int *)((char *)(&a[4]) + sizeof(int)) - &a[4]; // no-warning (pointers into the same array data) d = (int *)((char *)(&a[4]) + 1) - &a[4]; // expected-warning{{Subtraction of two pointers that}} - long a1 = (long)&a[1]; - long b1 = (long)&b[1]; + long long a1 = (long long)&a[1]; + long long b1 = (long long)&b[1]; d = a1 - b1; } _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits