Author: Artem Dergachev Date: 2020-05-22T16:14:48+03:00 New Revision: 99b94f29ac5dbbce0585d16f631359a66f279ea4
URL: https://github.com/llvm/llvm-project/commit/99b94f29ac5dbbce0585d16f631359a66f279ea4 DIFF: https://github.com/llvm/llvm-project/commit/99b94f29ac5dbbce0585d16f631359a66f279ea4.diff LOG: [analyzer] LoopUnrolling: fix crash when a parameter is a loop counter. When loop counter is a function parameter "isPossiblyEscaped" will not find the variable declaration which lead to hitting "llvm_unreachable". Parameters of reference type should be escaped like global variables; otherwise treat them as unescaped. Patch by Abbas Sabra! Differential Revision: https://reviews.llvm.org/D80171 Added: Modified: clang/lib/StaticAnalyzer/Core/LoopUnrolling.cpp clang/test/Analysis/loop-unrolling.cpp Removed: ################################################################################ diff --git a/clang/lib/StaticAnalyzer/Core/LoopUnrolling.cpp b/clang/lib/StaticAnalyzer/Core/LoopUnrolling.cpp index 6bc937567800..dc268e562237 100644 --- a/clang/lib/StaticAnalyzer/Core/LoopUnrolling.cpp +++ b/clang/lib/StaticAnalyzer/Core/LoopUnrolling.cpp @@ -164,6 +164,11 @@ static bool isPossiblyEscaped(const VarDecl *VD, ExplodedNode *N) { if (VD->hasGlobalStorage()) return true; + const bool isParm = isa<ParmVarDecl>(VD); + // Reference parameters are assumed as escaped variables. + if (isParm && VD->getType()->isReferenceType()) + return true; + while (!N->pred_empty()) { // FIXME: getStmtForDiagnostics() does nasty things in order to provide // a valid statement for body farms, do we need this behavior here? @@ -193,6 +198,11 @@ static bool isPossiblyEscaped(const VarDecl *VD, ExplodedNode *N) { N = N->getFirstPred(); } + + // Parameter declaration will not be found. + if (isParm) + return false; + llvm_unreachable("Reached root without finding the declaration of VD"); } diff --git a/clang/test/Analysis/loop-unrolling.cpp b/clang/test/Analysis/loop-unrolling.cpp index 761bf5af6a8b..e8ba8b9476ae 100644 --- a/clang/test/Analysis/loop-unrolling.cpp +++ b/clang/test/Analysis/loop-unrolling.cpp @@ -499,3 +499,15 @@ void pr34943() { clang_analyzer_numTimesReached(); // expected-warning {{6}} } } + +void parm_by_value_as_loop_counter(int i) { + for (i = 0; i < 10; ++i) { + clang_analyzer_numTimesReached(); // expected-warning {{10}} + } +} + +void parm_by_ref_as_loop_counter(int &i) { + for (i = 0; i < 10; ++i) { + clang_analyzer_numTimesReached(); // expected-warning {{4}} + } +} _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
