[cfe-commits] r158587 - in /cfe/trunk: lib/StaticAnalyzer/Core/RegionStore.cpp test/Analysis/cxx-crashes.cpp
Anna Zaks
ganna at apple.com
Fri Jun 15 18:42:47 PDT 2012
On Jun 15, 2012, at 6:28 PM, Jordan Rose wrote:
> Author: jrose
> Date: Fri Jun 15 20:28:00 2012
> New Revision: 158587
>
> URL: http://llvm.org/viewvc/llvm-project?rev=158587&view=rev
> Log:
> [analyzer] Return an UnknownVal when we try to get the binding for a VLA.
>
> This happens in C++ mode right at the declaration of a struct VLA;
> MallocChecker sees a bind and tries to get see if it's an escaping bind.
> It's likely that our handling of this is still incomplete,
Might be worth filing a bug to track this.
> but it fixes a
> crash on valid without disturbing anything else for now.
>
> Modified:
> cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp
> cfe/trunk/test/Analysis/cxx-crashes.cpp
>
> Modified: cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp?rev=158587&r1=158586&r2=158587&view=diff
> ==============================================================================
> --- cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp (original)
> +++ cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp Fri Jun 15 20:28:00 2012
> @@ -1055,8 +1055,12 @@
> if (RTy->isUnionType())
> return UnknownVal();
>
> - if (RTy->isArrayType())
> - return getBindingForArray(store, R);
> + if (RTy->isArrayType()) {
> + if (RTy->isConstantArrayType())
There seems to be no need for a nested 'if' here.
> + return getBindingForArray(store, R);
> + else
> + return UnknownVal();
> + }
>
> // FIXME: handle Vector types.
> if (RTy->isVectorType())
>
> Modified: cfe/trunk/test/Analysis/cxx-crashes.cpp
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/cxx-crashes.cpp?rev=158587&r1=158586&r2=158587&view=diff
> ==============================================================================
> --- cfe/trunk/test/Analysis/cxx-crashes.cpp (original)
> +++ cfe/trunk/test/Analysis/cxx-crashes.cpp Fri Jun 15 20:28:00 2012
> @@ -1,4 +1,6 @@
> -// RUN: %clang_cc1 -analyze -analyzer-checker=core -verify %s
> +// RUN: %clang_cc1 -analyze -analyzer-checker=core,unix.Malloc,debug.ExprInspection -verify %s
> +
> +void clang_analyzer_eval(bool);
>
> int f1(char *dst) {
> char *p = dst + 4;
> @@ -54,3 +56,17 @@
> void C::f() { }
>
> }
> +
> +
> +void vla(int n) {
> + int nums[n];
> + nums[0] = 1;
> + clang_analyzer_eval(nums[0] == 1); // expected-warning{{TRUE}}
> +
> + // This used to fail with MallocChecker on, and /only/ in C++ mode.
> + // This struct is POD, though, so it should be fine to put it in a VLA.
> + struct { int x; } structs[n];
> + structs[0].x = 1;
> + clang_analyzer_eval(structs[0].x == 1); // expected-warning{{TRUE}}
> +}
> +
>
>
> _______________________________________________
> cfe-commits mailing list
> cfe-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
More information about the cfe-commits
mailing list