diff options
author | Jordan Rose <jordan_rose@apple.com> | 2013-08-19 16:27:34 +0000 |
---|---|---|
committer | Jordan Rose <jordan_rose@apple.com> | 2013-08-19 16:27:34 +0000 |
commit | a728e927c6e58f26b2c8615a8baa761d2f157e4b (patch) | |
tree | 4aaf8bbf2d4b42bfdc26771b6c30e14cff37fd12 /www/analyzer | |
parent | 7d0dcd2de023e2667a3f1f14daff9d087fab9bf7 (diff) |
[analyzer] Assume that strings are no longer than SIZE_MAX/4.
This keeps the analyzer from making silly assumptions, like thinking
strlen(foo)+1 could wrap around to 0. This fixes PR16558.
Patch by Karthik Bhat!
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@188680 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'www/analyzer')
-rw-r--r-- | www/analyzer/open_projects.html | 5 |
1 files changed, 0 insertions, 5 deletions
diff --git a/www/analyzer/open_projects.html b/www/analyzer/open_projects.html index a5f5538662..4a888adbb6 100644 --- a/www/analyzer/open_projects.html +++ b/www/analyzer/open_projects.html @@ -174,11 +174,6 @@ mailing list</a> to notify other members of the community.</p> <i>(Difficulty: Easy)</i></p> </li> - <li>Teach CStringChecker that strings are never longer than, say, <code>SIZE_MAX/4</code> characters.</li> - <p>Though most of CStringChecker's functionality is disabled (due to poor diagnostics for error edge cases), it's still used to model certain operations like <code>strlen</code>, which should give the same result each time it's called on a string. However, assuming that the string length is an arbitrary symbolic value can give strange results -- for example, <code>strlen(str)+1</code> could wrap around to 0. (This is the root cause of <a href="http://llvm.org/bugs/show_bug.cgi?id=16558">PR16558</a>.) In practice, strings are never that long, so picking some large upper bound and recording that in the state would make plenty of sense, and would fix these false positives. - <i>(Difficulty: Easy)</i></p> - </li> - <li>Implement iterators invalidation checker. <p><i>(Difficulty: Easy)</i></p> </li> |