[cfe-commits] r159940 - in /cfe/trunk: include/clang/StaticAnalyzer/Core/PathSensitive/Calls.h lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp test/Analysis/inline.c

Jordan Rose jordan_rose at apple.com
Mon Jul 9 09:54:49 PDT 2012 

Author: jrose
Date: Mon Jul  9 11:54:49 2012
New Revision: 159940

URL: http://llvm.org/viewvc/llvm-project?rev=159940&view=rev
Log:
[analyzer] When inlining, make sure we use the definition decl.

This was a regression introduced during the CallEvent changes; a call to
FunctionDecl::hasBody was also being used to replace the decl found by
lookup with the actual definition. To keep from making this mistake again
(particularly if/when we start inlining Objective-C methods), this commit
adds a "getDefinition()" method to CallEvent, which should do the right
thing under any circumstances.

Modified:
    cfe/trunk/include/clang/StaticAnalyzer/Core/PathSensitive/Calls.h
    cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
    cfe/trunk/test/Analysis/inline.c

Modified: cfe/trunk/include/clang/StaticAnalyzer/Core/PathSensitive/Calls.h
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/StaticAnalyzer/Core/PathSensitive/Calls.h?rev=159940&r1=159939&r2=159940&view=diff
==============================================================================
--- cfe/trunk/include/clang/StaticAnalyzer/Core/PathSensitive/Calls.h (original)
+++ cfe/trunk/include/clang/StaticAnalyzer/Core/PathSensitive/Calls.h Mon Jul  9 11:54:49 2012
@@ -80,6 +80,12 @@
   /// called. May be null.
   virtual const Decl *getDecl() const = 0;
 
+  /// \brief Returns the definition of the function or method that will be
+  /// called. May be null.
+  ///
+  /// This is used when deciding how to inline the call.
+  virtual const Decl *getDefinition() const { return getDecl(); }
+
   /// \brief Returns the expression whose value will be the result of this call.
   /// May be null.
   virtual const Expr *getOriginExpr() const = 0;
@@ -194,6 +200,14 @@
 public:
   virtual const FunctionDecl *getDecl() const = 0;
 
+  const Decl *getDefinition() const {
+    const FunctionDecl *FD = getDecl();
+    // Note that hasBody() will fill FD with the definition FunctionDecl.
+    if (FD && FD->hasBody(FD))
+      return FD;
+    return 0;
+  }
+
   bool argumentsMayEscape() const;
 
   static bool classof(const CallEvent *CA) {
@@ -325,6 +339,10 @@
     return BR->getDecl();
   }
 
+  const Decl *getDefinition() const {
+    return getBlockDecl();
+  }
+
   static bool classof(const CallEvent *CA) {
     return CA->getKind() == CE_Block;
   }
@@ -452,6 +470,16 @@
     return Msg->getReceiverRange();
   }
 
+  const Decl *getDefinition() const {
+    const ObjCMethodDecl *MD = getDecl();
+    for (Decl::redecl_iterator I = MD->redecls_begin(), E = MD->redecls_end();
+         I != E; ++I) {
+      if (cast<ObjCMethodDecl>(*I)->isThisDeclarationADefinition())
+        return *I;
+    }
+    return 0;
+  }
+
   static bool classof(const CallEvent *CA) {
     return CA->getKind() >= CE_BEG_OBJC_CALLS &&
            CA->getKind() <= CE_END_OBJC_CALLS;

Modified: cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp?rev=159940&r1=159939&r2=159940&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp Mon Jul  9 11:54:49 2012
@@ -274,7 +274,10 @@
   const StackFrameContext *CallerSFC =
     Pred->getLocationContext()->getCurrentStackFrame();
 
-  const Decl *D = Call.getDecl();
+  const Decl *D = Call.getDefinition();
+  if (!D)
+    return false;
+
   const LocationContext *ParentOfCallee = 0;
 
   switch (Call.getKind()) {
@@ -298,9 +301,7 @@
     return false;
   case CE_Block: {
     const BlockDataRegion *BR = cast<BlockCall>(Call).getBlockRegion();
-    if (!BR)
-      return false;
-    D = BR->getDecl();
+    assert(BR && "If we have the block definition we should have its region");
     AnalysisDeclContext *BlockCtx = AMgr.getAnalysisDeclContext(D);
     ParentOfCallee = BlockCtx->getBlockInvocationContext(CallerSFC,
                                                          cast<BlockDecl>(D),
@@ -313,8 +314,8 @@
     // that a particular method will be called at runtime.
     return false;
   }
-  
-  if (!D || !shouldInlineDecl(D, Pred))
+
+  if (!shouldInlineDecl(D, Pred))
     return false;
   
   if (!ParentOfCallee)

Modified: cfe/trunk/test/Analysis/inline.c
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/inline.c?rev=159940&r1=159939&r2=159940&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/inline.c (original)
+++ cfe/trunk/test/Analysis/inline.c Mon Jul  9 11:54:49 2012
@@ -1,4 +1,6 @@
-// RUN: %clang_cc1 -analyze -analyzer-checker=core -analyzer-ipa=inlining -analyzer-store region -verify %s
+// RUN: %clang_cc1 -analyze -analyzer-checker=core,debug.ExprInspection -analyzer-ipa=inlining -analyzer-store region -verify %s
+
+void clang_analyzer_eval(int);
 
 int test1_f1() {
   int y = 1;
@@ -90,3 +92,14 @@
 }
 
 
+// Test inlining a forward-declared function.
+// This regressed when CallEvent was first introduced.
+int plus1(int x);
+void test() {
+  clang_analyzer_eval(plus1(2) == 3); // expected-warning{{TRUE}}
+}
+
+int plus1(int x) {
+  return x + 1;
+}
+

More information about the cfe-commits mailing list