Fixed bogus culling of uninitialized-values "taint" propagation during assignments.

We accidentally were throttling the propagation of uninitialized state across
assignments (e.g. x = y).  Thanks to Anders Carlsson for spotting this problem.

Added test cases to test suite to provide regression testing for the
uninitialized values analysis.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@44306 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/Analysis/UninitializedValues.cpp b/Analysis/UninitializedValues.cpp
index 0a496595f63f9136f8ccaf409c7f6fe4f0754bc6..8a27b71b8fd253f9745a9b6f5a1890a3bbdd8288 100644 (file)
--- a/Analysis/UninitializedValues.cpp
+++ b/Analysis/UninitializedValues.cpp
@@ -101,6 +101,8 @@ BlockVarDecl* TransferFuncs::FindBlockVarDecl(Stmt *S) {
     else if (DeclRefExpr* DR = dyn_cast<DeclRefExpr>(S)) {
       if (BlockVarDecl* VD = dyn_cast<BlockVarDecl>(DR->getDecl()))
         return VD;
+      else
+        return NULL;
     }
     else return NULL;
 }
@@ -108,16 +110,10 @@ BlockVarDecl* TransferFuncs::FindBlockVarDecl(Stmt *S) {
 bool TransferFuncs::VisitBinaryOperator(BinaryOperator* B) {
   if (BlockVarDecl* VD = FindBlockVarDecl(B->getLHS()))
     if (B->isAssignmentOp()) {
-      if (AD.FullUninitTaint) {
-        if (B->getOpcode() == BinaryOperator::Assign)
-          return V(VD,AD) = Visit(B->getRHS());
-        else // Handle +=, -=, *=, etc.  We do want '&', not '&&'.
-          return V(VD,AD) = Visit(B->getLHS()) & Visit(B->getRHS());
-      }
-      else {
-        Visit(B->getLHS()); Visit(B->getRHS());
-        return Initialized;
-      }
+      if (B->getOpcode() == BinaryOperator::Assign)
+        return V(VD,AD) = Visit(B->getRHS());
+      else // Handle +=, -=, *=, etc.  We do want '&', not '&&'.
+        return V(VD,AD) = Visit(B->getLHS()) & Visit(B->getRHS());
     }
 
   return VisitStmt(B);

diff --git a/test/Analysis/uninit-vals.c b/test/Analysis/uninit-vals.c
new file mode 100644 (file)
index 0000000..641acd1
--- /dev/null
+++ b/test/Analysis/uninit-vals.c
@@ -0,0 +1,29 @@
+// RUN: clang -warn-uninit-values -verify %s
+
+int f1() {
+  int x;
+  return x; // expected-warning{use of uninitialized variable}
+}
+
+int f2(int x) {
+  int y;
+  int z = x + y; // expected-warning {use of uninitialized variable}
+  return z;
+}
+
+
+int f3(int x) {
+  int y;
+  return x ? 1 : y; // expected-warning {use of uninitialized variable}
+}
+
+int f4(int x) {
+  int y;
+  if (x) y = 1;
+  return y; // no-warning
+}
+
+int f5() {
+  int a;
+  a = 30; // no-warning
+}