[PATCH] D66716: [analyzer] PR43102: Fix an assertion and an out-of-bounds error for diagnostic location construction
Kristóf Umann via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Wed Sep 18 15:23:03 PDT 2019
This revision was not accepted when it landed; it landed in state "Needs Review".
This revision was automatically updated to reflect the committed changes.
Closed by commit rL372269: [analyzer] PR43102: Fix an assertion and an out-of-bounds error for diagnostic… (authored by Szelethus, committed by ).
Herald added a project: LLVM.
Herald added a subscriber: llvm-commits.
Changed prior to commit:
https://reviews.llvm.org/D66716?vs=217041&id=220760#toc
Repository:
rL LLVM
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D66716/new/
https://reviews.llvm.org/D66716
Files:
cfe/trunk/lib/Analysis/PathDiagnostic.cpp
cfe/trunk/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp
cfe/trunk/test/Analysis/loop-widening.cpp
Index: cfe/trunk/test/Analysis/loop-widening.cpp
===================================================================
--- cfe/trunk/test/Analysis/loop-widening.cpp
+++ cfe/trunk/test/Analysis/loop-widening.cpp
@@ -0,0 +1,27 @@
+// RUN: %clang_analyze_cc1 -verify %s \
+// RUN: -analyzer-checker=core \
+// RUN: -analyzer-config widen-loops=true \
+// RUN: -analyzer-config track-conditions=false \
+// RUN: -analyzer-max-loop 2 -analyzer-output=text
+
+namespace pr43102 {
+class A {
+public:
+ void m_fn1();
+};
+bool g;
+void fn1() {
+ A a;
+ A *b = &a;
+
+ for (;;) { // expected-note{{Loop condition is true. Entering loop body}}
+ // expected-note at -1{{Loop condition is true. Entering loop body}}
+ // expected-note at -2{{Value assigned to 'b'}}
+ // no crash during bug report construction
+
+ g = !b; // expected-note{{Assuming 'b' is null}}
+ b->m_fn1(); // expected-warning{{Called C++ object pointer is null}}
+ // expected-note at -1{{Called C++ object pointer is null}}
+ }
+}
+} // end of namespace pr43102
Index: cfe/trunk/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp
===================================================================
--- cfe/trunk/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp
+++ cfe/trunk/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp
@@ -1438,6 +1438,7 @@
if (!StoreSite)
return nullptr;
+
Satisfied = true;
// If we have an expression that provided the value, try to track where it
@@ -1802,7 +1803,7 @@
if (ControlDeps.isControlDependent(OriginB, NB)) {
// We don't really want to explain for range loops. Evidence suggests that
// the only thing that leads to is the addition of calls to operator!=.
- if (isa<CXXForRangeStmt>(NB->getTerminator()))
+ if (llvm::isa_and_nonnull<CXXForRangeStmt>(NB->getTerminatorStmt()))
return nullptr;
if (const Expr *Condition = NB->getLastCondition()) {
Index: cfe/trunk/lib/Analysis/PathDiagnostic.cpp
===================================================================
--- cfe/trunk/lib/Analysis/PathDiagnostic.cpp
+++ cfe/trunk/lib/Analysis/PathDiagnostic.cpp
@@ -695,14 +695,18 @@
return PathDiagnosticLocation(
CEB->getLocationContext()->getDecl()->getSourceRange().getEnd(), SMng);
} else if (Optional<BlockEntrance> BE = P.getAs<BlockEntrance>()) {
- CFGElement BlockFront = BE->getBlock()->front();
- if (auto StmtElt = BlockFront.getAs<CFGStmt>()) {
- return PathDiagnosticLocation(StmtElt->getStmt()->getBeginLoc(), SMng);
- } else if (auto NewAllocElt = BlockFront.getAs<CFGNewAllocator>()) {
- return PathDiagnosticLocation(
- NewAllocElt->getAllocatorExpr()->getBeginLoc(), SMng);
+ if (Optional<CFGElement> BlockFront = BE->getFirstElement()) {
+ if (auto StmtElt = BlockFront->getAs<CFGStmt>()) {
+ return PathDiagnosticLocation(StmtElt->getStmt()->getBeginLoc(), SMng);
+ } else if (auto NewAllocElt = BlockFront->getAs<CFGNewAllocator>()) {
+ return PathDiagnosticLocation(
+ NewAllocElt->getAllocatorExpr()->getBeginLoc(), SMng);
+ }
+ llvm_unreachable("Unexpected CFG element at front of block");
}
- llvm_unreachable("Unexpected CFG element at front of block");
+
+ return PathDiagnosticLocation(
+ BE->getBlock()->getTerminatorStmt()->getBeginLoc(), SMng);
} else if (Optional<FunctionExitPoint> FE = P.getAs<FunctionExitPoint>()) {
return PathDiagnosticLocation(FE->getStmt(), SMng,
FE->getLocationContext());
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D66716.220760.patch
Type: text/x-patch
Size: 3589 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20190918/2593e079/attachment.bin>
More information about the cfe-commits
mailing list