granicus.if.org Git - clang/commit

author	Artem Dergachev <artem.dergachev@gmail.com>
	Fri, 30 Mar 2018 19:27:42 +0000 (19:27 +0000)
committer	Artem Dergachev <artem.dergachev@gmail.com>
	Fri, 30 Mar 2018 19:27:42 +0000 (19:27 +0000)
commit	3b5fc21d04df2e2c193f0f2e7e563e4b67929265
tree	f52736721f93a8d298eaced045983177761ad465	tree \| snapshot
parent	fe12415cbaac2be6f3e51113f900f36cacee55d7	commit \| diff

[analyzer] Track null or undef values through pointer arithmetic.

Pointer arithmetic on null or undefined pointers results in null or undefined
pointers. This is obvious for undefined pointers; for null pointers it follows
from our incorrect-but-somehow-working approach that declares that 0 (Loc)
doesn't necessarily represent a pointer of numeric address value 0, but instead
it represents any pointer that will cause a valid "null pointer dereference"
issue when dereferenced.

For now we've been seeing through pointer arithmetic at the original dereference
expression, i.e. in bugreporter::getDerefExpr(), but not during further
investigation of the value's origins in bugreporter::trackNullOrUndefValue().
The patch fixes it.

Differential Revision: https://reviews.llvm.org/D45071

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@328896 91177308-0d34-0410-b5e6-96231b3b80d8

lib/StaticAnalyzer/Core/BugReporterVisitors.cpp		diff \| blob \| history
test/Analysis/inlining/inline-defensive-checks.c		diff \| blob \| history
test/Analysis/null-deref-path-notes.c		diff \| blob \| history