From: Anna Zaks Date: Thu, 31 Jan 2013 01:19:52 +0000 (+0000) Subject: [analyzer] Fix a bug in region store that lead to undefined value false X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=5255f27362ffbfedea889870bf8d5812dae97553;p=clang [analyzer] Fix a bug in region store that lead to undefined value false positives. The includeSuffix was only set on the first iteration through the function, resulting in invalid regions being produced by getLazyBinding (ex: zoomRegion.y). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@174016 91177308-0d34-0410-b5e6-96231b3b80d8 --- diff --git a/lib/StaticAnalyzer/Core/RegionStore.cpp b/lib/StaticAnalyzer/Core/RegionStore.cpp index bbc34f2e05..a37223a528 100644 --- a/lib/StaticAnalyzer/Core/RegionStore.cpp +++ b/lib/StaticAnalyzer/Core/RegionStore.cpp @@ -489,8 +489,7 @@ public: // Part of public interface to class. /// Get the state and region whose binding this region R corresponds to. std::pair getLazyBinding(RegionBindingsConstRef B, const MemRegion *R, - const MemRegion *originalRegion, - bool includeSuffix = false); + const MemRegion *originalRegion); //===------------------------------------------------------------------===// // State pruning. @@ -1220,9 +1219,7 @@ SVal RegionStoreManager::getBinding(RegionBindingsConstRef B, Loc L, QualType T) std::pair RegionStoreManager::getLazyBinding(RegionBindingsConstRef B, const MemRegion *R, - const MemRegion *originalRegion, - bool includeSuffix) { - + const MemRegion *originalRegion) { if (originalRegion != R) { if (Optional OV = B.getDefaultBinding(R)) { if (const nonloc::LazyCompoundVal *V = @@ -1244,10 +1241,8 @@ RegionStoreManager::getLazyBinding(RegionBindingsConstRef B, getLazyBinding(B, FR->getSuperRegion(), originalRegion); if (X.second) { - if (includeSuffix) - return std::make_pair(X.first, - MRMgr.getFieldRegionWithSuper(FR, X.second)); - return X; + return std::make_pair(X.first, + MRMgr.getFieldRegionWithSuper(FR, X.second)); } } @@ -1259,11 +1254,9 @@ RegionStoreManager::getLazyBinding(RegionBindingsConstRef B, getLazyBinding(B, baseReg->getSuperRegion(), originalRegion); if (X.second) { - if (includeSuffix) - return std::make_pair(X.first, - MRMgr.getCXXBaseObjectRegionWithSuper(baseReg, - X.second)); - return X; + return std::make_pair(X.first, + MRMgr.getCXXBaseObjectRegionWithSuper(baseReg, + X.second)); } } @@ -1408,8 +1401,7 @@ RegionStoreManager::getBindingForFieldOrElementCommon(RegionBindingsConstRef B, // Lazy binding? Store lazyBindingStore = NULL; const MemRegion *lazyBindingRegion = NULL; - llvm::tie(lazyBindingStore, lazyBindingRegion) = getLazyBinding(B, R, R, - true); + llvm::tie(lazyBindingStore, lazyBindingRegion) = getLazyBinding(B, R, R); if (lazyBindingRegion) return getLazyBinding(lazyBindingRegion, getRegionBindings(lazyBindingStore)); diff --git a/test/Analysis/array-struct-region.c b/test/Analysis/array-struct-region.c index d628c47cb0..c4d9aff95f 100644 --- a/test/Analysis/array-struct-region.c +++ b/test/Analysis/array-struct-region.c @@ -253,6 +253,19 @@ int testStructFieldChainsNested(int index, int anotherIndex) { return 0; } +typedef struct { + int zoomLevel; + struct point center; +} Outer; + +extern int test13116945(struct point x); +static void radar13116945(struct point centerCoordinate) { + Outer zoomRegion; + zoomRegion.zoomLevel = 0; + zoomRegion.center = centerCoordinate; + Outer r = zoomRegion; + test13116945(r.center); // no-warning +} // -------------------- // False positives @@ -289,4 +302,3 @@ void testFieldChainIsNotEnough(int index) { // FIXME: Should be TRUE. clang_analyzer_eval(vals[index].a[0].x == 42); // expected-warning{{UNKNOWN}} } -