[cfe-commits] r165671 - in /cfe/trunk: lib/StaticAnalyzer/Core/MemRegion.cpp test/Analysis/unions.cpp
Eric Christopher
echristo at gmail.com
Wed Oct 10 15:49:05 PDT 2012
Author: echristo
Date: Wed Oct 10 17:49:05 2012
New Revision: 165671
URL: http://llvm.org/viewvc/llvm-project?rev=165671&view=rev
Log:
Temporarily Revert "[analyzer] Treat fields of unions as having symbolic offsets."
Author: Jordan Rose <jordan_rose at apple.com>
Date: Wed Oct 10 21:31:21 2012 +0000
[analyzer] Treat fields of unions as having symbolic offsets.
This allows only one field to be active at a time in RegionStore.
This isn't quite the correct behavior for unions, but it at least
would handle the case of "value goes in, value comes out" from the
same field.
RegionStore currently has a number of places where any access to a union
results in UnknownVal being returned. However, it is clearly missing
some cases, or the original issue wouldn't have occurred. It is probably
now safe to remove those changes, but that's a potentially destabilizing
change that should wait for more thorough testing.
Fixes PR14054.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@165660 91177308-0d34-0410-b5e6-96231b3b80d8
This reverts commit cf9030e480f77ab349672f00ad302e216c26c92c.
Removed:
cfe/trunk/test/Analysis/unions.cpp
Modified:
cfe/trunk/lib/StaticAnalyzer/Core/MemRegion.cpp
Modified: cfe/trunk/lib/StaticAnalyzer/Core/MemRegion.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/MemRegion.cpp?rev=165671&r1=165670&r2=165671&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Core/MemRegion.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Core/MemRegion.cpp Wed Oct 10 17:49:05 2012
@@ -1168,12 +1168,8 @@
R = FR->getSuperRegion();
const RecordDecl *RD = FR->getDecl()->getParent();
- if (/*RD->isUnion() || */!RD->isCompleteDefinition()) {
+ if (!RD->isCompleteDefinition()) {
// We cannot compute offset for incomplete type.
- // For unions, we could treat everything as offset 0, but we'd rather
- // treat each field as a symbolic offset so they aren't stored on top
- // of each other, since we depend on things in typed regions actually
- // matching their types.
SymbolicOffsetBase = R;
}
Removed: cfe/trunk/test/Analysis/unions.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/unions.cpp?rev=165670&view=auto
==============================================================================
--- cfe/trunk/test/Analysis/unions.cpp (original)
+++ cfe/trunk/test/Analysis/unions.cpp (removed)
@@ -1,50 +0,0 @@
-// RUN: %clang_cc1 -analyze -analyzer-checker=core %s -verify
-
-namespace PR14054_reduced {
- struct Definition;
- struct ParseNode {
- union {
- Definition *lexdef;
- ParseNode *data;
- } pn_u;
- };
- struct Definition : public ParseNode { };
-
- void CloneParseTree(ParseNode *opn, ParseNode *pn, ParseNode *x) {
- // This used to cause an assertion failure because:
- // 1. The implicit operator= for unions assigns all members of the union,
- // not just the active one (b/c there's no way to know which is active).
- // 2. RegionStore dutifully stored all the variants at the same offset;
- // the last one won.
- // 3. We asked for the value of the first variant but got back a conjured
- // symbol for the second variant.
- // 4. We ended up trying to add a base cast to a region of the wrong type.
- //
- // Now (at the time this test was added), we instead treat all variants of
- // a union as different offsets, but only allow one to be active at a time.
- *pn = *opn;
- x = pn->pn_u.lexdef->pn_u.lexdef;
- }
-}
-
-namespace PR14054_original {
- struct Definition;
- struct ParseNode {
- union {
- struct {
- union {};
- Definition *lexdef;
- } name;
- class {
- int *target;
- ParseNode *data;
- } xmlpi;
- } pn_u;
- };
- struct Definition : public ParseNode { };
-
- void CloneParseTree(ParseNode *opn, ParseNode *pn, ParseNode *x) {
- pn->pn_u = opn->pn_u;
- x = pn->pn_u.name.lexdef->pn_u.name.lexdef;
- }
-}
More information about the cfe-commits
mailing list