diff options
Diffstat (limited to 'lib/StaticAnalyzer/Checkers/UndefResultChecker.cpp')
| -rw-r--r-- | lib/StaticAnalyzer/Checkers/UndefResultChecker.cpp | 33 |
1 files changed, 26 insertions, 7 deletions
diff --git a/lib/StaticAnalyzer/Checkers/UndefResultChecker.cpp b/lib/StaticAnalyzer/Checkers/UndefResultChecker.cpp index 172ce346f1ba7..b9a93bedca2ee 100644 --- a/lib/StaticAnalyzer/Checkers/UndefResultChecker.cpp +++ b/lib/StaticAnalyzer/Checkers/UndefResultChecker.cpp @@ -37,12 +37,11 @@ public: static bool isArrayIndexOutOfBounds(CheckerContext &C, const Expr *Ex) { ProgramStateRef state = C.getState(); - const LocationContext *LCtx = C.getLocationContext(); if (!isa<ArraySubscriptExpr>(Ex)) return false; - SVal Loc = state->getSVal(Ex, LCtx); + SVal Loc = C.getSVal(Ex); if (!Loc.isValid()) return false; @@ -64,11 +63,18 @@ static bool isShiftOverflow(const BinaryOperator *B, CheckerContext &C) { B->getRHS(), C.getASTContext().getIntWidth(B->getLHS()->getType())); } +static bool isLeftShiftResultUnrepresentable(const BinaryOperator *B, + CheckerContext &C) { + SValBuilder &SB = C.getSValBuilder(); + ProgramStateRef State = C.getState(); + const llvm::APSInt *LHS = SB.getKnownValue(State, C.getSVal(B->getLHS())); + const llvm::APSInt *RHS = SB.getKnownValue(State, C.getSVal(B->getRHS())); + return (unsigned)RHS->getZExtValue() > LHS->countLeadingZeros(); +} + void UndefResultChecker::checkPostStmt(const BinaryOperator *B, CheckerContext &C) const { - ProgramStateRef state = C.getState(); - const LocationContext *LCtx = C.getLocationContext(); - if (state->getSVal(B, LCtx).isUndef()) { + if (C.getSVal(B).isUndef()) { // Do not report assignments of uninitialized values inside swap functions. // This should allow to swap partially uninitialized structs @@ -92,11 +98,11 @@ void UndefResultChecker::checkPostStmt(const BinaryOperator *B, const Expr *Ex = nullptr; bool isLeft = true; - if (state->getSVal(B->getLHS(), LCtx).isUndef()) { + if (C.getSVal(B->getLHS()).isUndef()) { Ex = B->getLHS()->IgnoreParenCasts(); isLeft = true; } - else if (state->getSVal(B->getRHS(), LCtx).isUndef()) { + else if (C.getSVal(B->getRHS()).isUndef()) { Ex = B->getRHS()->IgnoreParenCasts(); isLeft = false; } @@ -141,6 +147,19 @@ void UndefResultChecker::checkPostStmt(const BinaryOperator *B, C.isNegative(B->getLHS())) { OS << "The result of the left shift is undefined because the left " "operand is negative"; + } else if (B->getOpcode() == BinaryOperatorKind::BO_Shl && + isLeftShiftResultUnrepresentable(B, C)) { + ProgramStateRef State = C.getState(); + SValBuilder &SB = C.getSValBuilder(); + const llvm::APSInt *LHS = + SB.getKnownValue(State, C.getSVal(B->getLHS())); + const llvm::APSInt *RHS = + SB.getKnownValue(State, C.getSVal(B->getRHS())); + OS << "The result of the left shift is undefined due to shifting \'" + << LHS->getSExtValue() << "\' by \'" << RHS->getZExtValue() + << "\', which is unrepresentable in the unsigned version of " + << "the return type \'" << B->getLHS()->getType().getAsString() + << "\'"; } else { OS << "The result of the '" << BinaryOperator::getOpcodeStr(B->getOpcode()) |