[cfe-commits] [PATCH] Fix uninitialized variable tracking for compound assignments

[Richard Smith]

Hi,

The attached patch fixes a bug in the uninitialized variables warning in
the handling of compound assignments. We previously would not report an
issue with this code:

int compound_assign(int *arr, int n) {
  int sum;
  for (int i = 0; i < n; ++i)
    sum += arr[i];
  return sum / n;
}

The problem is that, in the CFG's ordering, we see the DeclRefExpr for
'sum' before the DeclRefExpr for 'arr', so we've already handled 'sum' (and
decided that it escapes the analysis and must be initialization) before we
see the BinaryOperator and try to treat it as a use.

The patch replaces the 'track the last DeclRefExpr we saw' technique with a
separate pass to classify the DeclRefExprs as use or initialization. Fixing
this exposed some "false" positives on some benchmarking code which looks
like:

void f() {
  volatile int n;
  for (int i = 0; i < N; ++i)
    n += f();
}

... so the patch classifies compound-assignments as neither initialization
nor use (it leaves the variable uninitialized if it was before, and leaves
it initialized if it was before).

As a minor tweak, I've also given the same treatment to const& function
parameters: these are no longer treated as initializing the argument (but
nor are they treated as uses, since that introduces some false positives in
my testing corpus).

Please review!

Thanks,
Richard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20120715/50c93a02/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: uninit-compound.diff
Type: application/octet-stream
Size: 20909 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20120715/50c93a02/attachment.obj>