Commit a23c9071 authored by Hans Wennborg's avatar Hans Wennborg
Browse files

Merging r367802: 

------------------------------------------------------------------------
r367802 | baloghadamsoftware | 2019-08-05 08:45:41 +0200 (Mon, 05 Aug 2019) | 6 lines

[Analyzer] Iterator Checkers - Fix for Crash on Iterator Differences

Iterators differences were mistakenly handled as random decrements which
causes an assertion. This patch fixes this.


------------------------------------------------------------------------

llvm-svn: 368427
parent 542fb41b

clang/lib/StaticAnalyzer/Checkers/IteratorChecker.cpp

+8 −4
Original line number Diff line number Diff line
@@ -406,13 +406,15 @@ void IteratorChecker::checkPreCall(const CallEvent &Call, 
      } else if (isRandomIncrOrDecrOperator(Func->getOverloadedOperator())) {

        if (const auto *InstCall = dyn_cast<CXXInstanceCall>(&Call)) {

          // Check for out-of-range incrementions and decrementions

          if (Call.getNumArgs() >= 1) {

          if (Call.getNumArgs() >= 1 &&

              Call.getArgExpr(0)->getType()->isIntegralOrEnumerationType()) {

            verifyRandomIncrOrDecr(C, Func->getOverloadedOperator(),

                                   InstCall->getCXXThisVal(),

                                   Call.getArgSVal(0));

          }

        } else {

          if (Call.getNumArgs() >= 2) {

          if (Call.getNumArgs() >= 2 &&

              Call.getArgExpr(1)->getType()->isIntegralOrEnumerationType()) {

            verifyRandomIncrOrDecr(C, Func->getOverloadedOperator(),

                                   Call.getArgSVal(0), Call.getArgSVal(1));

          }
@@ -590,14 +592,16 @@ void IteratorChecker::checkPostCall(const CallEvent &Call, 
      return;

    } else if (isRandomIncrOrDecrOperator(Func->getOverloadedOperator())) {

      if (const auto *InstCall = dyn_cast<CXXInstanceCall>(&Call)) {

        if (Call.getNumArgs() >= 1) {

        if (Call.getNumArgs() >= 1 &&

              Call.getArgExpr(0)->getType()->isIntegralOrEnumerationType()) {

          handleRandomIncrOrDecr(C, Func->getOverloadedOperator(),

                                 Call.getReturnValue(),

                                 InstCall->getCXXThisVal(), Call.getArgSVal(0));

          return;

        }

      } else {

        if (Call.getNumArgs() >= 2) {

        if (Call.getNumArgs() >= 2 &&

              Call.getArgExpr(1)->getType()->isIntegralOrEnumerationType()) {

          handleRandomIncrOrDecr(C, Func->getOverloadedOperator(),

                                 Call.getReturnValue(), Call.getArgSVal(0),

                                 Call.getArgSVal(1));

clang/test/Analysis/Inputs/system-header-simulator-cxx.h

+3 −0
Original line number Diff line number Diff line
@@ -70,6 +70,9 @@ template <typename T, typename Ptr, typename Ref> struct __vector_iterator { 
    return ptr -= n;

  }



  template<typename U, typename Ptr2, typename Ref2>

  difference_type operator-(const __vector_iterator<U, Ptr2, Ref2> &rhs);



  Ref operator*() const { return *ptr; }

  Ptr operator->() const { return *ptr; }

clang/test/Analysis/diagnostics/explicit-suppression.cpp

+1 −1
Original line number Diff line number Diff line
@@ -19,6 +19,6 @@ class C { 
void testCopyNull(C *I, C *E) {

  std::copy(I, E, (C *)0);

#ifndef SUPPRESSED

  // expected-warning@../Inputs/system-header-simulator-cxx.h:677 {{Called C++ object pointer is null}}

  // expected-warning@../Inputs/system-header-simulator-cxx.h:680 {{Called C++ object pointer is null}}

#endif

}

clang/test/Analysis/iterator-range.cpp

+5 −0
Original line number Diff line number Diff line
@@ -236,3 +236,8 @@ void good_derived(simple_container c) { 
    *i0; // no-warning

  }

}



void iter_diff(std::vector<int> &V) {

  auto i0 = V.begin(), i1 = V.end();

  ptrdiff_t len = i1 - i0; // no-crash

}