r183451 - [analyzer] Ensure that pieces with invalid locations always get removed from the BugReport
Jordan Rose
jordan_rose at apple.com
Thu Jun 6 15:11:53 PDT 2013
On Jun 6, 2013, at 15:02 , Anna Zaks <ganna at apple.com> wrote:
> Author: zaks
> Date: Thu Jun 6 17:02:58 2013
> New Revision: 183451
>
> URL: http://llvm.org/viewvc/llvm-project?rev=183451&view=rev
> Log:
> [analyzer] Ensure that pieces with invalid locations always get removed from the BugReport
>
> The function in which we were doing it used to be conditionalized. Add a new unconditional
> cleanup step.
>
> This fixes PR16227 (radar://14073870) - a crash when generating html output for one of the test files.
>
> Modified:
> cfe/trunk/lib/StaticAnalyzer/Core/BugReporter.cpp
> cfe/trunk/test/Analysis/unix-fns.c
>
> Modified: cfe/trunk/lib/StaticAnalyzer/Core/BugReporter.cpp
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/BugReporter.cpp?rev=183451&r1=183450&r2=183451&view=diff
> ==============================================================================
> --- cfe/trunk/lib/StaticAnalyzer/Core/BugReporter.cpp (original)
> +++ cfe/trunk/lib/StaticAnalyzer/Core/BugReporter.cpp Thu Jun 6 17:02:58 2013
> @@ -162,13 +162,6 @@ static bool removeUnneededCalls(PathPiec
> IntrusiveRefCntPtr<PathDiagnosticPiece> piece(pieces.front());
> pieces.pop_front();
>
> - // Throw away pieces with invalid locations. Note that we can't throw away
> - // calls just yet because they might have something interesting inside them.
> - // If so, their locations will be adjusted as necessary later.
> - if (piece->getKind() != PathDiagnosticPiece::Call &&
> - piece->getLocation().asLocation().isInvalid())
> - continue;
> -
> switch (piece->getKind()) {
> case PathDiagnosticPiece::Call: {
> PathDiagnosticCallPiece *call = cast<PathDiagnosticCallPiece>(piece);
> @@ -218,8 +211,7 @@ static bool hasImplicitBody(const Decl *
> }
>
> /// Recursively scan through a path and make sure that all call pieces have
> -/// valid locations. Note that all other pieces with invalid locations should
> -/// have already been pruned out.
> +/// valid locations.
> static void adjustCallLocations(PathPieces &Pieces,
> PathDiagnosticLocation *LastCallLocation = 0) {
> for (PathPieces::iterator I = Pieces.begin(), E = Pieces.end(); I != E; ++I) {
> @@ -252,6 +244,26 @@ static void adjustCallLocations(PathPiec
> }
> }
>
> +/// Remove all pieces with invalid locations as these cannot be serialized.
> +/// We might have pieces with invalid locations as a result of inlining Body
> +/// Farm generated functions.
> +static void removePiecesWithInvalidLocations(PathPieces &Pieces) {
> + for (PathPieces::iterator I = Pieces.begin(), E = Pieces.end(); I != E; ++I) {
> + if (PathDiagnosticCallPiece *C = dyn_cast<PathDiagnosticCallPiece>(*I))
> + removePiecesWithInvalidLocations(C->path);
> +
> + if (PathDiagnosticMacroPiece *M = dyn_cast<PathDiagnosticMacroPiece>(*I))
> + removePiecesWithInvalidLocations(M->subPieces);
> +
> + if (!(*I)->getLocation().isValid() ||
> + !(*I)->getLocation().asLocation().isValid()) {
> + Pieces.erase(I);
I is not valid after this erase(), so ++I could crash. The right thing to do here is "I = Pieces.erase(I)" (and then not increment I).
> + continue;
> + }
> +
> + }
> +}
> +
> //===----------------------------------------------------------------------===//
> // PathDiagnosticBuilder and its associated routines and helper objects.
> //===----------------------------------------------------------------------===//
> @@ -3151,8 +3163,11 @@ bool GRBugReporter::generatePathDiagnost
> (void)stillHasNotes;
> }
>
> + // Redirect all call pieces to have valid locations.
> adjustCallLocations(PD.getMutablePieces());
>
> + removePiecesWithInvalidLocations(PD.getMutablePieces());
> +
> if (ActiveScheme == PathDiagnosticConsumer::AlternateExtensive) {
> SourceManager &SM = getSourceManager();
>
>
> Modified: cfe/trunk/test/Analysis/unix-fns.c
> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/unix-fns.c?rev=183451&r1=183450&r2=183451&view=diff
> ==============================================================================
> --- cfe/trunk/test/Analysis/unix-fns.c (original)
> +++ cfe/trunk/test/Analysis/unix-fns.c Thu Jun 6 17:02:58 2013
> @@ -1,6 +1,6 @@
> // RUN: %clang_cc1 -triple x86_64-apple-darwin10 -analyze -analyzer-checker=core,unix.API,osx.API %s -analyzer-store=region -analyzer-output=plist -analyzer-eagerly-assume -analyzer-config faux-bodies=true -analyzer-config path-diagnostics-alternate=false -fblocks -verify -o %t.plist
> // RUN: FileCheck --input-file=%t.plist %s
> -
> +// RUN: %clang_cc1 -analyze -analyzer-checker=core,unix.API,osx.API -analyzer-output=html -analyzer-config faux-bodies=true -fblocks -o %T/dir %s
This should use a variant on %t, not a subfolder in %T, so that the test's name is included in the temporary directory. We've used "%t.dir" before.
> struct _opaque_pthread_once_t {
> long __sig;
> char __opaque[8];
>
>
> _______________________________________________
> cfe-commits mailing list
> cfe-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20130606/c86e4a2b/attachment.html>
More information about the cfe-commits
mailing list