Fix a bug found by Thomas Clement where 'return [[[NSString alloc] init] autorelease...

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@71432 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/lib/Analysis/CFRefCount.cpp b/lib/Analysis/CFRefCount.cpp
index d3702ec8eb797438d67eba07f410dc8e4da074ed..ebc4dcc6ff5df9cfb9699ecbcedeff4e6f31939f 100644 (file)
--- a/lib/Analysis/CFRefCount.cpp
+++ b/lib/Analysis/CFRefCount.cpp
@@ -3314,12 +3314,20 @@ CFRefCount::HandleAutoreleaseCounts(GRStateRef state, GenericNodeBuilder Bd,
   assert(!isGCEnabled() && "Autorelease counts in GC mode?");  
   unsigned Cnt = V.getCount();
   
+  // FIXME: Handle sending 'autorelease' to already released object.
+
+  if (V.getKind() == RefVal::ReturnedOwned)
+    ++Cnt;
+  
   if (ACnt <= Cnt) {
     if (ACnt == Cnt) {
       V.clearCounts();
-      V = V ^ RefVal::NotOwned;
+      if (V.getKind() == RefVal::ReturnedOwned)
+        V = V ^ RefVal::ReturnedNotOwned;
+      else
+        V = V ^ RefVal::NotOwned;
     }
-    else {      
+    else {
       V.setCount(Cnt - ACnt);
       V.setAutoreleaseCount(0);
     }

diff --git a/test/Analysis/NSString.m b/test/Analysis/NSString.m
index 702551bbda3e6d8312610336e1868086eb3e8b13..d5a7870a99338aa0e6281165a65bc86a5815d9b8 100644 (file)
--- a/test/Analysis/NSString.m
+++ b/test/Analysis/NSString.m
@@ -36,6 +36,7 @@ typedef struct _NSZone NSZone;
 - (BOOL)isEqual:(id)object;
 - (oneway void)release;
 - (id)retain;
+- (id)autorelease;
 @end
 @protocol NSCopying
 - (id)copyWithZone:(NSZone *)zone;
@@ -173,6 +174,17 @@ void f13(void) {
   CFRelease(ref); // expected-warning{{Reference-counted object is used after it is released}}
 }
 
+// Test regular use of -autorelease
+@interface TestAutorelease
+-(NSString*) getString;
+@end
+@implementation TestAutorelease
+-(NSString*) getString {
+  NSString *str = [[NSString alloc] init];
+  return [str autorelease]; // no-warning
+}
+@end
+
 @interface C1 : NSObject {}
 - (NSString*) getShared;
 + (C1*) sharedInstance;