[cfe-commits] r41546 - /cfe/trunk/Sema/SemaChecking.cpp

Ted Kremenek kremenek at apple.com
Tue Aug 28 10:02:56 PDT 2007 

Author: kremenek
Date: Tue Aug 28 12:02:55 2007
New Revision: 41546

URL: http://llvm.org/viewvc/llvm-project?rev=41546&view=rev
Log:
Fixed return-of-stack-address checker to correctly handle stack/global
variables that have a pointer type, or arrays that contain pointers.

This fixes a crash on the following code:

int *h[3];

int **foo(int i)
{
   return &(h[i]);
}

This bug was reported by Keith Bauer (thanks!).

Modified:
    cfe/trunk/Sema/SemaChecking.cpp

Modified: cfe/trunk/Sema/SemaChecking.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/Sema/SemaChecking.cpp?rev=41546&r1=41545&r2=41546&view=diff

==============================================================================
--- cfe/trunk/Sema/SemaChecking.cpp (original)
+++ cfe/trunk/Sema/SemaChecking.cpp Tue Aug 28 12:02:55 2007
@@ -427,8 +427,8 @@
 ///  of a stack variable or (2) is something we cannot determine leads to
 ///  the address of a stack variable based on such local checking.
 ///
-///  EvalAddr processes expressions that are pointers, and EvalVal handles
-///  expressions that are rvalues or variable references.
+///  EvalAddr processes expressions that are pointers that are used as
+///  references (and not L-values).  EvalVal handles all other values.
 ///  At the base case of the recursion is a check for a DeclRefExpr* in 
 ///  the refers to a stack variable.
 ///
@@ -550,9 +550,10 @@
 ///   See the comments for EvalAddr for more details.
 static DeclRefExpr* EvalVal(Expr *E) {
   
-  // We should only be called for evaluating non-pointer expressions.
-  assert (!E->getType()->isPointerType() && "EvalVal doesn't work on pointers");
-  
+  // We should only be called for evaluating non-pointer expressions, or
+  // expressions with a pointer type that are not used as references but instead
+  // are l-values (e.g., DeclRefExpr with a pointer type).
+    
   // Our "symbolic interpreter" is just a dispatch off the currently
   // viewed AST node.  We then recursively traverse the AST by calling
   // EvalAddr and EvalVal appropriately.

More information about the cfe-commits mailing list