xazax.hun updated this revision to Diff 41221.
xazax.hun added a comment.
Improved test cases.
http://reviews.llvm.org/D15007
Files:
lib/StaticAnalyzer/Core/RegionStore.cpp
test/Analysis/nullptr.cpp
Index: test/Analysis/nullptr.cpp
===================================================================
--- test/Analysis/nullptr.cpp
+++ test/Analysis/nullptr.cpp
@@ -1,4 +1,6 @@
-// RUN: %clang_cc1 -std=c++11 -Wno-conversion-null -analyze
-analyzer-checker=core -analyzer-store region -verify %s
+// RUN: %clang_cc1 -std=c++11 -Wno-conversion-null -analyze
-analyzer-checker=core,debug.ExprInspection -analyzer-store region -verify %s
+
+void clang_analyzer_eval(int);
// test to see if nullptr is detected as a null pointer
void foo1(void) {
@@ -87,3 +89,35 @@
// Create MaterializeTemporaryExpr with a nullptr inside.
const nullptr_t &r = nullptr;
}
+
+int getSymbol();
+
+struct X {
+ virtual void f() {}
+};
+
+void invokeF(X* x) {
+ x->f(); // expected-warning{{Called C++ object pointer is null}}
+}
+
+struct Type {
+ decltype(nullptr) x;
+};
+
+void shouldNotCrash() {
+ decltype(nullptr) p;
+ if (getSymbol())
+ invokeF(p);
+ if (getSymbol())
+ invokeF(nullptr);
+ if (getSymbol()) {
+ X *x = Type().x;
+ x->f(); // expected-warning{{Called C++ object pointer is null}}
+ }
+}
+
+void f(decltype(nullptr) p) {
+ int *q = nullptr;
+ clang_analyzer_eval(p == 0); // expected-warning{{TRUE}}
+ clang_analyzer_eval(q == 0); // expected-warning{{TRUE}}
+}
Index: lib/StaticAnalyzer/Core/RegionStore.cpp
===================================================================
--- lib/StaticAnalyzer/Core/RegionStore.cpp
+++ lib/StaticAnalyzer/Core/RegionStore.cpp
@@ -1362,6 +1362,9 @@
if (!L.getAs<loc::MemRegionVal>()) {
return UnknownVal();
}
+ if (!T.isNull() && T->isNullPtrType()) {
+ return svalBuilder.makeZeroVal(T);
+ }
const MemRegion *MR = L.castAs<loc::MemRegionVal>().getRegion();
Index: test/Analysis/nullptr.cpp
===================================================================
--- test/Analysis/nullptr.cpp
+++ test/Analysis/nullptr.cpp
@@ -1,4 +1,6 @@
-// RUN: %clang_cc1 -std=c++11 -Wno-conversion-null -analyze -analyzer-checker=core -analyzer-store region -verify %s
+// RUN: %clang_cc1 -std=c++11 -Wno-conversion-null -analyze -analyzer-checker=core,debug.ExprInspection -analyzer-store region -verify %s
+
+void clang_analyzer_eval(int);
// test to see if nullptr is detected as a null pointer
void foo1(void) {
@@ -87,3 +89,35 @@
// Create MaterializeTemporaryExpr with a nullptr inside.
const nullptr_t &r = nullptr;
}
+
+int getSymbol();
+
+struct X {
+ virtual void f() {}
+};
+
+void invokeF(X* x) {
+ x->f(); // expected-warning{{Called C++ object pointer is null}}
+}
+
+struct Type {
+ decltype(nullptr) x;
+};
+
+void shouldNotCrash() {
+ decltype(nullptr) p;
+ if (getSymbol())
+ invokeF(p);
+ if (getSymbol())
+ invokeF(nullptr);
+ if (getSymbol()) {
+ X *x = Type().x;
+ x->f(); // expected-warning{{Called C++ object pointer is null}}
+ }
+}
+
+void f(decltype(nullptr) p) {
+ int *q = nullptr;
+ clang_analyzer_eval(p == 0); // expected-warning{{TRUE}}
+ clang_analyzer_eval(q == 0); // expected-warning{{TRUE}}
+}
Index: lib/StaticAnalyzer/Core/RegionStore.cpp
===================================================================
--- lib/StaticAnalyzer/Core/RegionStore.cpp
+++ lib/StaticAnalyzer/Core/RegionStore.cpp
@@ -1362,6 +1362,9 @@
if (!L.getAs<loc::MemRegionVal>()) {
return UnknownVal();
}
+ if (!T.isNull() && T->isNullPtrType()) {
+ return svalBuilder.makeZeroVal(T);
+ }
const MemRegion *MR = L.castAs<loc::MemRegionVal>().getRegion();
_______________________________________________
cfe-commits mailing list
[email protected]
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
