for (const VariableArrayType *VA =FindVA(E->getArgumentType().getTypePtr());
VA != 0; VA = FindVA(VA->getElementType().getTypePtr()))
lastBlock = addStmt(VA->getSizeExpr());
- } else {
- // For sizeof(x), where 'x' is a VLA, we should include the computation
- // of the lvalue of 'x'.
- Expr *subEx = E->getArgumentExpr();
- if (subEx->getType()->isVariableArrayType()) {
- assert(subEx->isLValue());
- lastBlock = addStmt(subEx);
- }
}
-
return lastBlock;
}
if (!T->isIncompleteType() && !T->isConstantSizeType()) {
assert(T->isVariableArrayType() && "Unknown non-constant-sized type.");
- // FIXME: Add support for VLA type arguments, not just VLA expressions.
+ // FIXME: Add support for VLA type arguments and VLA expressions.
// When that happens, we should probably refactor VLASizeChecker's code.
- if (Ex->isArgumentType()) {
- Dst.Add(Pred);
- return;
- }
-
- // Get the size by getting the extent of the sub-expression.
- // First, visit the sub-expression to find its region.
- const Expr *Arg = Ex->getArgumentExpr();
- const ProgramState *state = Pred->getState();
- const MemRegion *MR = state->getSVal(Arg).getAsRegion();
-
- // If the subexpression can't be resolved to a region, we don't know
- // anything about its size. Just leave the state as is and continue.
- if (!MR) {
- Dst.Add(Pred);
- return;
- }
-
- // The result is the extent of the VLA.
- SVal Extent = cast<SubRegion>(MR)->getExtent(svalBuilder);
- MakeNode(Dst, Ex, Pred, state->BindExpr(Ex, Extent));
-
+ Dst.Add(Pred);
return;
}
else if (T->getAs<ObjCObjectType>()) {
--- /dev/null
+// RUN: %clang_cc1 -Wno-array-bounds -analyze -analyzer-checker=core,experimental.unix,experimental.security.ArrayBound -analyzer-store=region -verify %s
+// XFAIL: *
+
+// Once we better handle modeling of sizes of VLAs, we can pull this back
+// into outofbound.c.
+
+void sizeof_vla(int a) {
+ if (a == 5) {
+ char x[a];
+ int y[sizeof(x)];
+ y[4] = 4; // no-warning
+ y[5] = 5; // expected-warning{{out-of-bound}}
+ }
+}
+
+void sizeof_vla_2(int a) {
+ if (a == 5) {
+ char x[a];
+ int y[sizeof(x) / sizeof(char)];
+ y[4] = 4; // no-warning
+ y[5] = 5; // expected-warning{{out-of-bound}}
+ }
+}
+
+void sizeof_vla_3(int a) {
+ if (a == 5) {
+ char x[a];
+ int y[sizeof(*&*&*&x)];
+ y[4] = 4; // no-warning
+ y[5] = 5; // expected-warning{{out-of-bound}}
+ }
+}
}
}
-void sizeof_vla(int a) {
- if (a == 5) {
- char x[a];
- int y[sizeof(x)];
- y[4] = 4; // no-warning
- y[5] = 5; // expected-warning{{out-of-bound}}
- }
-}
-
-void sizeof_vla_2(int a) {
- if (a == 5) {
- char x[a];
- int y[sizeof(x) / sizeof(char)];
- y[4] = 4; // no-warning
- y[5] = 5; // expected-warning{{out-of-bound}}
- }
-}
-
-void sizeof_vla_3(int a) {
- if (a == 5) {
- char x[a];
- int y[sizeof(*&*&*&x)];
- y[4] = 4; // no-warning
- y[5] = 5; // expected-warning{{out-of-bound}}
- }
-}
-
void alloca_region(int a) {
if (a == 5) {
char *x = __builtin_alloca(a);
// RUN: %clang_cc1 -fsyntax-only -Wuninitialized -Wconditional-uninitialized -fsyntax-only -fblocks %s -verify
+typedef __typeof(sizeof(int)) size_t;
+void *malloc(size_t);
+
int test1() {
int x; // expected-note{{variable 'x' is declared here}} expected-note{{add initialization to silence this warning}}
return x; // expected-warning{{variable 'x' is uninitialized when used here}}
*len += new_len; // expected-warning {{variable 'new_len' may be uninitialized when used here}}
}
}
+
+// Test that sizeof(VLA) doesn't trigger a warning.
+void test_vla_sizeof(int x) {
+ double (*memory)[2][x] = malloc(sizeof(*memory)); // no-warning
+}
+
projects / clang / commitdiff