================
@@ -1,130 +0,0 @@
-// RUN: %clang_analyze_cc1 -Wno-array-bounds -verify %s \
-// RUN: -analyzer-checker=core \
-// RUN: -analyzer-checker=unix \
-// RUN: -analyzer-checker=security.ArrayBound \
-// RUN: -analyzer-config unix.DynamicMemoryModeling:Optimistic=true
-
-typedef __typeof(sizeof(int)) size_t;
-void *malloc(size_t);
-void *calloc(size_t, size_t);
-
-char f1(void) {
- char* s = "abcd";
- char c = s[4]; // no-warning
- return s[5] + c; // expected-warning{{Out of bound access to memory after}}
-}
-
-void f2(void) {
- int *p = malloc(12);
- p[3] = 4; // expected-warning{{Out of bound access to memory after}}
-}
-
-struct three_words {
- int c[3];
-};
-
-struct seven_words {
- int c[7];
-};
-
-void f3(void) {
- struct three_words a, *p;
- p = &a;
- p[0] = a; // no-warning
- p[1] = a; // expected-warning{{Out of bound access to memory after}}
-}
----------------
NagyDonat wrote:
This is very close to
[scalarOverflow](https://github.com/llvm/llvm-project/blob/72768d9bb8ad3e97a852270726f04d7167d9ef50/clang/test/Analysis/out-of-bounds-diagnostics.c#L188)
in `out-of-bounds-diagnostics.c`. The only difference is that this uses a
`struct` instead of an `int`, which is not relevant for the logic of the
checker (neither is special cased, and there are lots of cases verifying that
`struct`s work properly), so I'm discarding this.
https://github.com/llvm/llvm-project/pull/128508
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
