[cfe-commits] r173547 - [analyzer] Track null object lvalues back through C++ method calls.
Jordan Rose
jordan_rose at apple.com
Fri Jan 25 17:28:23 PST 2013
Author: jrose
Date: Fri Jan 25 19:28:23 2013
New Revision: 173547
URL: http://llvm.org/viewvc/llvm-project?rev=173547&view=rev
Log:
[analyzer] Track null object lvalues back through C++ method calls.
The expression 'a->b.c()' contains a call to the 'c' method of 'a->b'.
We emit an error if 'a' is NULL, but previously didn't actually track
the null value back through the 'a->b' expression, which caused us to
miss important false-positive-suppression cases, including
<rdar://problem/12676053>.
Added:
cfe/trunk/test/Analysis/inlining/false-positive-suppression.cpp
Modified:
cfe/trunk/lib/StaticAnalyzer/Checkers/CallAndMessageChecker.cpp
Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/CallAndMessageChecker.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/CallAndMessageChecker.cpp?rev=173547&r1=173546&r2=173547&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Checkers/CallAndMessageChecker.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Checkers/CallAndMessageChecker.cpp Fri Jan 25 19:28:23 2013
@@ -76,6 +76,8 @@ void CallAndMessageChecker::emitBadCall(
BugReport *R = new BugReport(*BT, BT->getName(), N);
if (BadE) {
R->addRange(BadE->getSourceRange());
+ if (BadE->isGLValue())
+ BadE = bugreporter::getDerefExpr(BadE);
bugreporter::trackNullOrUndefValue(N, BadE, *R);
}
C.emitReport(R);
Added: cfe/trunk/test/Analysis/inlining/false-positive-suppression.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/inlining/false-positive-suppression.cpp?rev=173547&view=auto
==============================================================================
--- cfe/trunk/test/Analysis/inlining/false-positive-suppression.cpp (added)
+++ cfe/trunk/test/Analysis/inlining/false-positive-suppression.cpp Fri Jan 25 19:28:23 2013
@@ -0,0 +1,36 @@
+// RUN: %clang_cc1 -analyze -analyzer-checker=core -analyzer-config suppress-null-return-paths=false -verify %s
+// RUN: %clang_cc1 -analyze -analyzer-checker=core -verify -DSUPPRESSED=1 %s
+
+#ifdef SUPPRESSED
+// expected-no-diagnostics
+#endif
+
+namespace rdar12676053 {
+ // Delta-reduced from a preprocessed file.
+ template<class T>
+ class RefCount {
+ T *ref;
+ public:
+ T *operator->() const {
+ return ref ? ref : 0;
+ }
+ };
+
+ class string {};
+
+ class ParserInputState {
+ public:
+ string filename;
+ };
+
+ class Parser {
+ void setFilename(const string& f) {
+ inputState->filename = f;
+#ifndef SUPPRESSED
+// expected-warning at -2 {{Called C++ object pointer is null}}
+#endif
+ }
+ protected:
+ RefCount<ParserInputState> inputState;
+ };
+}
\ No newline at end of file
More information about the cfe-commits
mailing list