Should we revert the previous "fix" in RegionStore, then?
On Nov 27, 2012, at 17:49 , Ted Kremenek <[email protected]> wrote: > Author: kremenek > Date: Tue Nov 27 19:49:01 2012 > New Revision: 168757 > > URL: http://llvm.org/viewvc/llvm-project?rev=168757&view=rev > Log: > Fix another false positive due to a CXX temporary object appearing in a C > initializer. > > The stop-gap here is to just drop such objects when processing the > InitListExpr. > We still need a better solution. > > Fixes <rdar://problem/12755044>. > > Modified: > cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineC.cpp > cfe/trunk/test/Analysis/misc-ps-region-store.cpp > > Modified: cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineC.cpp > URL: > http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineC.cpp?rev=168757&r1=168756&r2=168757&view=diff > ============================================================================== > --- cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineC.cpp (original) > +++ cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineC.cpp Tue Nov 27 19:49:01 2012 > @@ -581,8 +581,10 @@ > > for (InitListExpr::const_reverse_iterator it = IE->rbegin(), > ei = IE->rend(); it != ei; ++it) { > - vals = getBasicVals().consVals(state->getSVal(cast<Expr>(*it), LCtx), > - vals); > + SVal V = state->getSVal(cast<Expr>(*it), LCtx); > + if (dyn_cast_or_null<CXXTempObjectRegion>(V.getAsRegion())) > + V = UnknownVal(); > + vals = getBasicVals().consVals(V, vals); > } > > B.generateNode(IE, Pred, > > Modified: cfe/trunk/test/Analysis/misc-ps-region-store.cpp > URL: > http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/misc-ps-region-store.cpp?rev=168757&r1=168756&r2=168757&view=diff > ============================================================================== > --- cfe/trunk/test/Analysis/misc-ps-region-store.cpp (original) > +++ cfe/trunk/test/Analysis/misc-ps-region-store.cpp Tue Nov 27 19:49:01 2012 > @@ -656,3 +656,41 @@ > return w.x; > } > > +// This testcase tests whether we treat the anonymous union and union > +// the same way. This previously resulted in a "return of stack address" > +// warning because the anonymous union resulting in a temporary object > +// getting put into the initializer. We still aren't handling this > correctly, > +// but now if a temporary object appears in an initializer we just ignore it. > +// Fixes <rdar://problem/12755044>. > + > +struct Rdar12755044_foo > +{ > + struct Rdar12755044_bar > + { > + union baz > + { > + int i; > + }; > + } aBar; > +}; > + > +struct Rdar12755044_foo_anon > +{ > + struct Rdar12755044_bar > + { > + union > + { > + int i; > + }; > + } aBar; > +}; > + > +const Rdar12755044_foo_anon *radar12755044_anon() { > + static const Rdar12755044_foo_anon Rdar12755044_foo_list[] = { { { } } }; > + return Rdar12755044_foo_list; // no-warning > +} > + > +const Rdar12755044_foo *radar12755044() { > + static const Rdar12755044_foo Rdar12755044_foo_list[] = { { { } } }; > + return Rdar12755044_foo_list; // no-warning > +} > > > _______________________________________________ > cfe-commits mailing list > [email protected] > http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits _______________________________________________ cfe-commits mailing list [email protected] http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
