[PATCH] D58067: [Analyzer] Crash fix for FindLastStoreBRVisitor
Balogh, Ádám via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Mon Feb 11 11:59:06 PST 2019
baloghadamsoftware marked 3 inline comments as done.
baloghadamsoftware added a comment.
I tried very hard to create a test case where we are crashing on a true positive but I did not succeed. I am not sure whether it is possible so fixing the false positive in `CallAndMessageUnInitRefArg` also fixes the crash without this patch. However I am confident the bug is still a bug in the visitor and maybe in the future it will be used for complex values as well which could be `LazyCompoundVal`s. Also you can see in the test case `uninit-vals.m` that even if it does not crash it prints nonsense bug path notes caused by this same bug which is fixed by this patch.
================
Comment at: lib/StaticAnalyzer/Core/BugReporterVisitors.cpp:159
+/// exploded nodes.
+bool matchesValue(const ExplodedNode *LeftNode, SVal LeftVal,
+ const ExplodedNode *RightNode, SVal RightVal) {
----------------
Maybe we should find a better name. Even better we could place this function into `LazyCompoundVal` but with 'Store` or `ProgramStateRef` parameters instead of `ExplodedNode*`.
================
Comment at: test/Analysis/uninit-vals.m:401
- b = a; // expected-note{{Value assigned to 'c'}}
clang_analyzer_eval(b.y == 2); // expected-warning{{TRUE}}
----------------
What was this nonsense?
================
Comment at: test/Analysis/uninit-vals.m:418
- b = a; // expected-note{{Value assigned to 'c'}}
clang_analyzer_eval(b.x == 1); // expected-warning{{TRUE}}
----------------
This one too...
Repository:
rC Clang
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D58067/new/
https://reviews.llvm.org/D58067
More information about the cfe-commits
mailing list