forked from OSchip/llvm-project
b8ac93c73b
Summary: https://bugs.llvm.org/show_bug.cgi?id=43102 In today's edition of "Is this any better now that it isn't crashing?", I'd like to show you a very interesting test case with loop widening. Looking at the included test case, it's immediately obvious that this is not only a false positive, but also a very bad bug report in general. We can see how the analyzer mistakenly invalidated `b`, instead of its pointee, resulting in it reporting a null pointer dereference error. Not only that, the point at which this change of value is noted at is at the loop, rather then at the method call. It turns out that `FindLastStoreVisitor` works correctly, rather the supplied explodedgraph is faulty, because `BlockEdge` really is the `ProgramPoint` where this happens. {F9855739} So it's fair to say that this needs improving on multiple fronts. In any case, at least the crash is gone. Full ExplodedGraph: {F9855743} Reviewers: NoQ, xazax.hun, baloghadamsoftware, Charusso, dcoughlin, rnkovacs, TWeaver Subscribers: JesperAntonsson, uabelho, Ka-Ka, bjope, whisperity, szepet, a.sidorin, mikhail.ramalho, donat.nagy, dkrupp, gamesh411, cfe-commits Tags: #clang Differential Revision: https://reviews.llvm.org/D66716 llvm-svn: 372269 |
||
|---|---|---|
| .. | ||
| plugins | ||
| AnalysisDeclContext.cpp | ||
| BodyFarm.cpp | ||
| CFG.cpp | ||
| CFGReachabilityAnalysis.cpp | ||
| CFGStmtMap.cpp | ||
| CMakeLists.txt | ||
| CallGraph.cpp | ||
| CloneDetection.cpp | ||
| CocoaConventions.cpp | ||
| CodeInjector.cpp | ||
| ConstructionContext.cpp | ||
| Consumed.cpp | ||
| Dominators.cpp | ||
| ExprMutationAnalyzer.cpp | ||
| LiveVariables.cpp | ||
| ObjCNoReturn.cpp | ||
| PathDiagnostic.cpp | ||
| PostOrderCFGView.cpp | ||
| ProgramPoint.cpp | ||
| ReachableCode.cpp | ||
| RetainSummaryManager.cpp | ||
| ThreadSafety.cpp | ||
| ThreadSafetyCommon.cpp | ||
| ThreadSafetyLogical.cpp | ||
| ThreadSafetyTIL.cpp | ||
| UninitializedValues.cpp | ||