[PATCH] D23963: [analyzer] pr28449 - Move literal rvalue construction away from RegionStore.
Phabricator via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Fri Oct 13 13:55:15 PDT 2017
This revision was automatically updated to reflect the committed changes.
Closed by commit rL315750: [analyzer] pr28449: Fix support for various array initializers. (authored by dergachev).
Changed prior to commit:
https://reviews.llvm.org/D23963?vs=118625&id=118974#toc
Repository:
rL LLVM
https://reviews.llvm.org/D23963
Files:
cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp
cfe/trunk/test/Analysis/compound-literals.c
cfe/trunk/test/Analysis/objc-encode.m
Index: cfe/trunk/test/Analysis/objc-encode.m
===================================================================
--- cfe/trunk/test/Analysis/objc-encode.m
+++ cfe/trunk/test/Analysis/objc-encode.m
@@ -0,0 +1,9 @@
+// RUN: %clang_cc1 -analyze -analyzer-checker=debug.ExprInspection -verify %s
+// expected-no-diagnostics
+
+void clang_analyzer_eval(int);
+
+// rdar://problem/34831581: Used to crash.
+void foo(void) {
+ char buf1[] = @encode(int **);
+}
Index: cfe/trunk/test/Analysis/compound-literals.c
===================================================================
--- cfe/trunk/test/Analysis/compound-literals.c
+++ cfe/trunk/test/Analysis/compound-literals.c
@@ -0,0 +1,9 @@
+// RUN: %clang_cc1 -triple=i386-apple-darwin10 -analyze -analyzer-checker=debug.ExprInspection -verify %s
+void clang_analyzer_eval(int);
+
+// pr28449: Used to crash.
+void foo(void) {
+ static const unsigned short array[] = (const unsigned short[]){0x0F00};
+ // FIXME: Should be true.
+ clang_analyzer_eval(array[0] == 0x0F00); // expected-warning{{UNKNOWN}}
+}
Index: cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp
===================================================================
--- cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp
+++ cfe/trunk/lib/StaticAnalyzer/Core/RegionStore.cpp
@@ -2088,15 +2088,12 @@
if (const ConstantArrayType* CAT = dyn_cast<ConstantArrayType>(AT))
Size = CAT->getSize().getZExtValue();
- // Check if the init expr is a string literal.
+ // Check if the init expr is a literal. If so, bind the rvalue instead.
+ // FIXME: It's not responsibility of the Store to transform this lvalue
+ // to rvalue. ExprEngine or maybe even CFG should do this before binding.
if (Optional<loc::MemRegionVal> MRV = Init.getAs<loc::MemRegionVal>()) {
- const StringRegion *S = cast<StringRegion>(MRV->getRegion());
-
- // Treat the string as a lazy compound value.
- StoreRef store(B.asStore(), *this);
- nonloc::LazyCompoundVal LCV = svalBuilder.makeLazyCompoundVal(store, S)
- .castAs<nonloc::LazyCompoundVal>();
- return bindAggregate(B, R, LCV);
+ SVal V = getBinding(B.asStore(), *MRV, R->getValueType());
+ return bindAggregate(B, R, V);
}
// Handle lazy compound values.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D23963.118974.patch
Type: text/x-patch
Size: 2244 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20171013/6220e316/attachment.bin>
More information about the cfe-commits
mailing list