[cfe-commits] r144831 - in /cfe/trunk: lib/StaticAnalyzer/Core/RegionStore.cpp test/Analysis/misc-ps-region-store.cpp

Jim Goodnow II jim at thegoodnows.net
Wed Nov 16 12:29:27 PST 2011 

Author: jgoodnowii
Date: Wed Nov 16 14:29:27 2011
New Revision: 144831

URL: http://llvm.org/viewvc/llvm-project?rev=144831&view=rev
Log:
Fixed crash with initializer lists and unnamed bitfields in the RegionStore
Manager. Added test to ensure proper binding of initialized values.
This patch fixes PR11249.

Modified:
    cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp
    cfe/trunk/test/Analysis/misc-ps-region-store.cpp

Modified: cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp?rev=144831&r1=144830&r2=144831&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp Wed Nov 16 14:29:27 2011
@@ -1506,11 +1506,15 @@
   RecordDecl::field_iterator FI, FE;
   StoreRef newStore(store, *this);
   
-  for (FI = RD->field_begin(), FE = RD->field_end(); FI != FE; ++FI, ++VI) {
+  for (FI = RD->field_begin(), FE = RD->field_end(); FI != FE; ++FI) {
 
     if (VI == VE)
       break;
 
+    // Skip any unnamed bitfields to stay in sync with the initializers.
+    if ((*FI)->isUnnamedBitfield())
+      continue;
+
     QualType FTy = (*FI)->getType();
     const FieldRegion* FR = MRMgr.getFieldRegion(*FI, R);
 
@@ -1520,6 +1524,7 @@
       newStore = BindStruct(newStore.getStore(), FR, *VI);
     else
       newStore = Bind(newStore.getStore(), svalBuilder.makeLoc(FR), *VI);
+    ++VI;
   }
 
   // There may be fewer values in the initialize list than the fields of struct.

Modified: cfe/trunk/test/Analysis/misc-ps-region-store.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/misc-ps-region-store.cpp?rev=144831&r1=144830&r2=144831&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/misc-ps-region-store.cpp (original)
+++ cfe/trunk/test/Analysis/misc-ps-region-store.cpp Wed Nov 16 14:29:27 2011
@@ -466,4 +466,21 @@
   *p = 0xDEADBEEF;
 }
 
+// This used to crash the analyzer because of the unnamed bitfield.
+void PR11249()
+{
+  struct {
+    char f1:4;
+    char   :4;
+    char f2[1];
+    char f3;
+  } V = { 1, {2}, 3 };
+  int *p = 0;
+  if (V.f1 != 1)
+    *p = 0xDEADBEEF;  // no-warning
+  if (V.f2[0] != 2)
+    *p = 0xDEADBEEF;  // no-warning
+  if (V.f3 != 3)
+    *p = 0xDEADBEEF;  // no-warning
+}

More information about the cfe-commits mailing list