kinu created this revision.
Herald added a reviewer: NoQ.
Herald added a project: All.
kinu requested review of this revision.
Herald added a project: clang.
Herald added a subscriber: cfe-commits.
This fix doesn't fix the problem of non-populated fields in base classes
(even if they are accessed in the code), and therefore could be a cause of
false positives, but fix most (if not all) of crashes.
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D159235
Files:
clang/lib/Analysis/FlowSensitive/RecordOps.cpp
clang/unittests/Analysis/FlowSensitive/TransferTest.cpp
Index: clang/unittests/Analysis/FlowSensitive/TransferTest.cpp
===================================================================
--- clang/unittests/Analysis/FlowSensitive/TransferTest.cpp
+++ clang/unittests/Analysis/FlowSensitive/TransferTest.cpp
@@ -16,10 +16,8 @@
#include "clang/Analysis/FlowSensitive/StorageLocation.h"
#include "clang/Analysis/FlowSensitive/Value.h"
#include "clang/Basic/LangStandard.h"
-#include "llvm/ADT/ArrayRef.h"
#include "llvm/ADT/SmallVector.h"
#include "llvm/ADT/StringRef.h"
-#include "llvm/Support/Casting.h"
#include "llvm/Testing/Support/Error.h"
#include "gmock/gmock.h"
#include "gtest/gtest.h"
@@ -2253,6 +2251,49 @@
ASTContext &ASTCtx) {});
}
+TEST(TransferTest, CopyConstructorWithInheritance) {
+ // This is a crash repro.
+ std::string Code = R"(
+ struct B { int Foo; };
+ struct S : public B {};
+ void target() {
+ S S1 = { 1 };
+ S S2(S1);
+ // [p1]
+ S2.Foo = 2;
+ // [p2]
+ }
+ )";
+ runDataflow(
+ Code,
+ [](const llvm::StringMap<DataflowAnalysisState<NoopLattice>> &Results,
+ ASTContext &ASTCtx) {
+ // FIXME: Add tests to check if `Foo` exists both in S1 and S2 once
+ // initialization with inheritance is fixed.
+ });
+}
+
+TEST(TransferTest, CopyConstructorWithBaseInitAndInheritance) {
+ // This is a crash repro.
+ std::string Code = R"(
+ struct Foo { int Bar; };
+ struct B { Foo F = { 1 }; };
+ struct S : public B {};
+ void target() {
+ S S1 = {};
+ S S2(S1);
+ // [p]
+ }
+ )";
+ runDataflow(
+ Code,
+ [](const llvm::StringMap<DataflowAnalysisState<NoopLattice>> &Results,
+ ASTContext &ASTCtx) {
+ // FIXME: Add tests to check if `Bar` exists both in S1 and S2 once
+ // initialization with inheritance is fixed.
+ });
+}
+
TEST(TransferTest, MoveConstructor) {
std::string Code = R"(
namespace std {
@@ -2328,6 +2369,22 @@
});
}
+TEST(TransferTest, ReturnStructWithInheritance) {
+ // This is a crash repro.
+ std::string Code = R"(
+ struct B { int Foo; };
+ struct S : public B { };
+ S target() {
+ S S1 = { 1 };
+ return S1;
+ }
+ )";
+ runDataflow(
+ Code,
+ [](const llvm::StringMap<DataflowAnalysisState<NoopLattice>> &Results,
+ ASTContext &ASTCtx) {});
+}
+
TEST(TransferTest, BindTemporary) {
std::string Code = R"(
struct A {
Index: clang/lib/Analysis/FlowSensitive/RecordOps.cpp
===================================================================
--- clang/lib/Analysis/FlowSensitive/RecordOps.cpp
+++ clang/lib/Analysis/FlowSensitive/RecordOps.cpp
@@ -35,8 +35,8 @@
});
assert(compatibleTypes);
- for (auto [Field, DstFieldLoc] : Dst.children()) {
- StorageLocation *SrcFieldLoc = Src.getChild(*Field);
+ for (auto [Field, SrcFieldLoc] : Src.children()) {
+ StorageLocation *DstFieldLoc = Dst.getChild(*Field);
assert(Field->getType()->isReferenceType() ||
(SrcFieldLoc != nullptr && DstFieldLoc != nullptr));
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
