mirror of
https://github.com/llvm/llvm-project.git
synced 2025-04-26 23:06:04 +00:00
5374c07ab9
This builtin does not actually evaluate its arguments for side effects, so we shouldn't include them in the CFG. In the analyzer, rely on the constant expression evaluator to get the proper semantics, at least for now. (In the future, we could get ambitious and try to provide path- sensitive size values.) In theory, this does pose a problem for liveness analysis: a variable can be used within the __builtin_object_size argument expression but not show up as live. However, it is very unlikely that such a value would be used to compute the object size and not used to access the object in some way. <rdar://problem/14760817> llvm-svn: 188679
25 lines
904 B
C++
25 lines
904 B
C++
// RUN: %clang_cc1 -triple x86_64-apple-darwin10 -analyze -analyzer-checker=core,debug.ExprInspection %s -std=c++11 -verify
|
|
|
|
void clang_analyzer_eval(bool);
|
|
|
|
void testAddressof(int x) {
|
|
clang_analyzer_eval(&x == __builtin_addressof(x)); // expected-warning{{TRUE}}
|
|
}
|
|
|
|
void testSize() {
|
|
struct {
|
|
int x;
|
|
int y;
|
|
char z;
|
|
} object;
|
|
clang_analyzer_eval(__builtin_object_size(&object.y, 0) == sizeof(object) - sizeof(int)); // expected-warning{{TRUE}}
|
|
|
|
// Clang can't actually evaluate these builtin "calls", but importantly they don't actually evaluate the argument expression either.
|
|
int i = 0;
|
|
char buf[10];
|
|
clang_analyzer_eval(__builtin_object_size(&buf[i++], 0) == sizeof(buf)); // expected-warning{{FALSE}}
|
|
clang_analyzer_eval(__builtin_object_size(&buf[++i], 0) == sizeof(buf) - 1); // expected-warning{{FALSE}}
|
|
|
|
clang_analyzer_eval(i == 0); // expected-warning{{TRUE}}
|
|
}
|