From bb977228e642e0d12365862a3838dd5005ef783b Mon Sep 17 00:00:00 2001 From: Ted Kremenek Date: Tue, 28 Jul 2009 19:24:31 +0000 Subject: [PATCH] Fix regression in attribute 'nonnull' checking when a transition node was created but not added to the destination NodeSet. This fixes PR 4630. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@77353 91177308-0d34-0410-b5e6-96231b3b80d8 --- include/clang/Analysis/PathSensitive/Checker.h | 4 ++++ lib/Analysis/GRExprEngineInternalChecks.cpp | 2 +- test/Analysis/uninit-vals-ps.c | 18 ++++++++++++++++++ 3 files changed, 23 insertions(+), 1 deletion(-) diff --git a/include/clang/Analysis/PathSensitive/Checker.h b/include/clang/Analysis/PathSensitive/Checker.h index 611a135e6c..f70b6129c4 100644 --- a/include/clang/Analysis/PathSensitive/Checker.h +++ b/include/clang/Analysis/PathSensitive/Checker.h @@ -72,6 +72,10 @@ public: return B.generateNode(S, state, Pred); } + void addTransition(ExplodedNode *node) { + Dst.Add(node); + } + void EmitReport(BugReport *R) { Eng.getBugReporter().EmitReport(R); } diff --git a/lib/Analysis/GRExprEngineInternalChecks.cpp b/lib/Analysis/GRExprEngineInternalChecks.cpp index 06fe5b8267..f3ee5b6418 100644 --- a/lib/Analysis/GRExprEngineInternalChecks.cpp +++ b/lib/Analysis/GRExprEngineInternalChecks.cpp @@ -616,7 +616,7 @@ public: // If we reach here all of the arguments passed the nonnull check. // If 'state' has been updated generated a new node. if (state != originalState) - C.generateNode(CE, state); + C.addTransition(C.generateNode(CE, state)); } }; } // end anonymous namespace diff --git a/test/Analysis/uninit-vals-ps.c b/test/Analysis/uninit-vals-ps.c index 622b04f843..4482b13236 100644 --- a/test/Analysis/uninit-vals-ps.c +++ b/test/Analysis/uninit-vals-ps.c @@ -84,3 +84,21 @@ CFStringRef rdar_6451816(CFNumberRef nr) { return CFStringConvertEncodingToIANACharSetName(encoding); // no-warning } +// PR 4630 - false warning with nonnull attribute +// This false positive (due to a regression) caused the analyzer to falsely +// flag a "return of uninitialized value" warning in the first branch due to +// the nonnull attribute. +void pr_4630_aux(char *x, int *y) __attribute__ ((nonnull (1))); +void pr_4630_aux_2(char *x, int *y); +int pr_4630(char *a, int y) { + int x; + if (y) { + pr_4630_aux(a, &x); + return x; // no-warning + } + else { + pr_4630_aux_2(a, &x); + return x; // no-warning + } +} + -- 2.40.0