[all-commits] [llvm/llvm-project] 536606: [StaticAnalyzer] Fix state update in VisitObjCForC...
Ziqing Luo via All-commits
all-commits at lists.llvm.org
Thu Jan 30 16:22:09 PST 2025
Branch: refs/heads/main
Home: https://github.com/llvm/llvm-project
Commit: 536606f6f617b4a33389819a3a20c5cbb735ed7e
https://github.com/llvm/llvm-project/commit/536606f6f617b4a33389819a3a20c5cbb735ed7e
Author: Ziqing Luo <ziqing at udel.edu>
Date: 2025-01-30 (Thu, 30 Jan 2025)
Changed paths:
M clang/lib/StaticAnalyzer/Core/ExprEngineObjC.cpp
A clang/test/Analysis/bugfix-124477.m
M clang/unittests/StaticAnalyzer/CMakeLists.txt
A clang/unittests/StaticAnalyzer/ObjcBug-124477.cpp
Log Message:
-----------
[StaticAnalyzer] Fix state update in VisitObjCForCollectionStmt (#124477)
In `VisitObjCForCollectionStmt`, the function does `evalLocation` for
the current element at the original source state `Pred`. The evaluation
may result in a new state, say `PredNew`. I.e., there is a transition:
`Pred -> PredNew`, though it is a very rare case that `Pred` is NOT
identical to `PredNew`. (This explains why the bug exists for many years
but no one noticed until recently a crash observed downstream.) Later,
the original code does NOT use `PredNew` as the new source state in
`StmtNodeBuilder` for next transitions. In cases `Pred != PredNew`, the
program ill behaves.
(rdar://143280254)
To unsubscribe from these emails, change your notification settings at https://github.com/llvm/llvm-project/settings/notifications
More information about the All-commits
mailing list