[PATCH] D15007: [analyzer] Improve modelling of nullptr_t in the analyzer. Fix PR25414.
Gábor Horváth via cfe-commits
cfe-commits at lists.llvm.org
Thu Nov 26 01:34:05 PST 2015
xazax.hun created this revision.
xazax.hun added reviewers: zaks.anna, dcoughlin.
xazax.hun added subscribers: cfe-commits, dkrupp.
This is a fix for https://llvm.org/bugs/show_bug.cgi?id=25414
This patch is intended to improve the modelling of std::nullptr_t.
http://reviews.llvm.org/D15007
Files:
lib/StaticAnalyzer/Core/RegionStore.cpp
test/Analysis/nullptr.cpp
Index: test/Analysis/nullptr.cpp
===================================================================
--- test/Analysis/nullptr.cpp
+++ test/Analysis/nullptr.cpp
@@ -1,4 +1,6 @@
-// RUN: %clang_cc1 -std=c++11 -Wno-conversion-null -analyze -analyzer-checker=core -analyzer-store region -verify %s
+// RUN: %clang_cc1 -std=c++11 -Wno-conversion-null -analyze -analyzer-checker=core,debug.ExprInspection -analyzer-store region -verify %s
+
+void clang_analyzer_eval(int);
// test to see if nullptr is detected as a null pointer
void foo1(void) {
@@ -87,3 +89,29 @@
// Create MaterializeTemporaryExpr with a nullptr inside.
const nullptr_t &r = nullptr;
}
+
+struct X {
+ virtual void f() {}
+};
+
+void invokeF(X* x) {
+ x->f(); // expected-warning{{Called C++ object pointer is null}}
+}
+
+struct Type {
+ decltype(nullptr) x;
+};
+
+void shouldNotCrash() {
+ decltype(nullptr) p;
+ invokeF(p);
+ invokeF(nullptr);
+ X *x = Type().x;
+ x->f();
+}
+
+void f(decltype(nullptr) p) {
+ int *q = nullptr;
+ clang_analyzer_eval(p == 0); // expected-warning{{TRUE}}
+ clang_analyzer_eval(q == 0); // expected-warning{{TRUE}}
+}
Index: lib/StaticAnalyzer/Core/RegionStore.cpp
===================================================================
--- lib/StaticAnalyzer/Core/RegionStore.cpp
+++ lib/StaticAnalyzer/Core/RegionStore.cpp
@@ -1362,6 +1362,9 @@
if (!L.getAs<loc::MemRegionVal>()) {
return UnknownVal();
}
+ if (!T.isNull() && T->isNullPtrType()) {
+ return svalBuilder.makeZeroVal(T);
+ }
const MemRegion *MR = L.castAs<loc::MemRegionVal>().getRegion();
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D15007.41213.patch
Type: text/x-patch
Size: 1598 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20151126/f301fac1/attachment.bin>
More information about the cfe-commits
mailing list