From 5c96c27e7f35e49a36c6ffdc55cdd5de0230f7af Mon Sep 17 00:00:00 2001 From: Ted Kremenek Date: Wed, 21 May 2008 15:48:33 +0000 Subject: [PATCH] Fixed bug in the transfer function for dereferences: the loaded value from EvalLoad should bind to the UnaryOperator*, not its subexpression. Added test case to exercise this fix when checking for uses of uninitialized values. Patch by Zhongxing Xu! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@51377 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/Analysis/GRExprEngine.cpp | 2 +- test/Analysis/uninit-vals-ps.c | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/lib/Analysis/GRExprEngine.cpp b/lib/Analysis/GRExprEngine.cpp index 71d7ed3403..ce64875797 100644 --- a/lib/Analysis/GRExprEngine.cpp +++ b/lib/Analysis/GRExprEngine.cpp @@ -1596,7 +1596,7 @@ void GRExprEngine::VisitUnaryOperator(UnaryOperator* U, NodeTy* Pred, if (asLVal) MakeNode(Dst, U, *I, SetRVal(St, U, location)); else - EvalLoad(Dst, Ex, *I, St, location); + EvalLoad(Dst, U, *I, St, location); } return; diff --git a/test/Analysis/uninit-vals-ps.c b/test/Analysis/uninit-vals-ps.c index 503ab1abbc..707f78a96b 100644 --- a/test/Analysis/uninit-vals-ps.c +++ b/test/Analysis/uninit-vals-ps.c @@ -33,3 +33,11 @@ int f2_b() { return ((x+1)+2+((x))) + 1 ? 1 : 2; // expected-warning{{Branch}} } +int f3(void) { + int i; + int *p = &i; + if (*p > 0) // expected-warning{{Branch condition evaluates to an uninitialized value}} + return 0; + else + return 1; +} -- 2.40.0