r184257 - [analyzer] Do not create a CompoundVal for lvalue InitListExprs.

[Anna Zaks]

Author: zaks
Date: Tue Jun 18 18:16:20 2013
New Revision: 184257

URL: http://llvm.org/viewvc/llvm-project?rev=184257&view=rev
Log:
[analyzer] Do not create a CompoundVal for lvalue InitListExprs.

These should be treated like scalars. This fixes a crash reported in radar://14164698.

Modified:
    cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineC.cpp
    cfe/trunk/test/Analysis/cxx11-crashes.cpp

Modified: cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineC.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineC.cpp?rev=184257&r1=184256&r2=184257&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineC.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineC.cpp Tue Jun 18 18:16:20 2013
@@ -579,9 +579,10 @@ void ExprEngine::VisitInitListExpr(const
   const LocationContext *LCtx = Pred->getLocationContext();
   QualType T = getContext().getCanonicalType(IE->getType());
   unsigned NumInitElements = IE->getNumInits();
-  
-  if (T->isArrayType() || T->isRecordType() || T->isVectorType() ||
-      T->isAnyComplexType()) {
+
+  if (!IE->isGLValue() &&
+      (T->isArrayType() || T->isRecordType() || T->isVectorType() ||
+       T->isAnyComplexType())) {
     llvm::ImmutableList<SVal> vals = getBasicVals().getEmptySValList();
     
     // Handle base case where the initializer has no elements.
@@ -606,7 +607,9 @@ void ExprEngine::VisitInitListExpr(const
     return;
   }
 
-  // Handle scalars: int{5} and int{}.
+  // Handle scalars: int{5} and int{} and GLvalues.
+  // Note, if the InitListExpr is a GLvalue, it means that there is an address
+  // representing it, so it must have a single init element.
   assert(NumInitElements <= 1);
 
   SVal V;

Modified: cfe/trunk/test/Analysis/cxx11-crashes.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/cxx11-crashes.cpp?rev=184257&r1=184256&r2=184257&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/cxx11-crashes.cpp (original)
+++ cfe/trunk/test/Analysis/cxx11-crashes.cpp Tue Jun 18 18:16:20 2013
@@ -65,3 +65,24 @@ bool begin(double *it) {
   bool *a = reinterpret_cast<type &>(*( reinterpret_cast<char *>( it )));
   return *a;
 }
+
+// radar://14164698 Don't crash on "assuming" a ComoundVal.
+class JSONWireProtocolInputStream {
+public:
+  virtual ~JSONWireProtocolInputStream();
+};
+class JSONWireProtocolReader {
+public:
+  JSONWireProtocolReader(JSONWireProtocolInputStream& istream)
+  : _istream{istream} {} // On evaluating a bind here,
+                         // the dereference checker issues an assume on a CompoundVal.
+~JSONWireProtocolReader();
+private:
+JSONWireProtocolInputStream& _istream;
+};
+class SocketWireProtocolStream : public JSONWireProtocolInputStream {
+};
+void test() {
+  SocketWireProtocolStream stream{};
+  JSONWireProtocolReader reader{stream};
+}
\ No newline at end of file