Author: dergachev Date: Mon Mar 12 16:52:36 2018 New Revision: 327352 URL: http://llvm.org/viewvc/llvm-project?rev=327352&view=rev Log: [CFG] [analyzer] Don't add construction context to a return-by-reference call.
Call expressions that return objects by an lvalue reference or an rvalue reference have a value type in the AST but wear an auxiliary flag of being an lvalue or an xvalue respectively. Use the helper method for obtaining the actual return type of the function. Fixes a crash. Differential Revision: https://reviews.llvm.org/D44273 Modified: cfe/trunk/include/clang/Analysis/CFG.h cfe/trunk/lib/Analysis/CFG.cpp cfe/trunk/test/Analysis/temp-obj-dtors-cfg-output.cpp cfe/trunk/test/Analysis/temporaries.cpp Modified: cfe/trunk/include/clang/Analysis/CFG.h URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/Analysis/CFG.h?rev=327352&r1=327351&r2=327352&view=diff ============================================================================== --- cfe/trunk/include/clang/Analysis/CFG.h (original) +++ cfe/trunk/include/clang/Analysis/CFG.h Mon Mar 12 16:52:36 2018 @@ -183,14 +183,16 @@ class CFGCXXRecordTypedCall : public CFG public: /// Returns true when call expression \p CE needs to be represented /// by CFGCXXRecordTypedCall, as opposed to a regular CFGStmt. - static bool isCXXRecordTypedCall(CallExpr *CE) { - return CE->getType().getCanonicalType()->getAsCXXRecordDecl(); + static bool isCXXRecordTypedCall(CallExpr *CE, const ASTContext &ACtx) { + return CE->getCallReturnType(ACtx).getCanonicalType()->getAsCXXRecordDecl(); } explicit CFGCXXRecordTypedCall(CallExpr *CE, - const TemporaryObjectConstructionContext *C) + const TemporaryObjectConstructionContext *C) : CFGStmt(CE, CXXRecordTypedCall) { - assert(isCXXRecordTypedCall(CE)); + // FIXME: This is not protected against squeezing a non-record-typed-call + // into the constructor. An assertion would require passing an ASTContext + // which would mean paying for something we don't use. assert(C); Data2.setPointer(const_cast<TemporaryObjectConstructionContext *>(C)); } Modified: cfe/trunk/lib/Analysis/CFG.cpp URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Analysis/CFG.cpp?rev=327352&r1=327351&r2=327352&view=diff ============================================================================== --- cfe/trunk/lib/Analysis/CFG.cpp (original) +++ cfe/trunk/lib/Analysis/CFG.cpp Mon Mar 12 16:52:36 2018 @@ -751,7 +751,7 @@ private: void appendCall(CFGBlock *B, CallExpr *CE) { if (BuildOpts.AddRichCXXConstructors) { - if (CFGCXXRecordTypedCall::isCXXRecordTypedCall(CE)) { + if (CFGCXXRecordTypedCall::isCXXRecordTypedCall(CE, *Context)) { if (const ConstructionContextLayer *Layer = ConstructionContextMap.lookup(CE)) { const ConstructionContext *CC = @@ -1265,7 +1265,7 @@ void CFGBuilder::findConstructionContext case Stmt::CXXOperatorCallExprClass: case Stmt::UserDefinedLiteralClass: { auto *CE = cast<CallExpr>(Child); - if (CFGCXXRecordTypedCall::isCXXRecordTypedCall(CE)) + if (CFGCXXRecordTypedCall::isCXXRecordTypedCall(CE, *Context)) consumeConstructionContext(Layer, CE); break; } Modified: cfe/trunk/test/Analysis/temp-obj-dtors-cfg-output.cpp URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/temp-obj-dtors-cfg-output.cpp?rev=327352&r1=327351&r2=327352&view=diff ============================================================================== --- cfe/trunk/test/Analysis/temp-obj-dtors-cfg-output.cpp (original) +++ cfe/trunk/test/Analysis/temp-obj-dtors-cfg-output.cpp Mon Mar 12 16:52:36 2018 @@ -205,6 +205,21 @@ int testConsistencyNestedNormalReturn(bo return 0; } +namespace pass_references_through { +class C { +public: + ~C() {} +}; + +const C &foo1(); +C &&foo2(); + +// In these examples the foo() expression has record type, not reference type. +// Don't try to figure out how to perform construction of the record here. +const C &bar1() { return foo1(); } // no-crash +C &&bar2() { return foo2(); } // no-crash +} // end namespace pass_references_through + // CHECK: [B1 (ENTRY)] // CHECK: Succs (1): B0 // CHECK: [B0 (EXIT)] @@ -1402,3 +1417,29 @@ int testConsistencyNestedNormalReturn(bo // CHECK: Succs (2): B8 B1 // CHECK: [B0 (EXIT)] // CHECK: Preds (3): B1 B2 B4 +// CHECK: [B1 (ENTRY)] +// CHECK: Succs (1): B0 +// CHECK: [B0 (EXIT)] +// CHECK: Preds (1): B1 +// CHECK: [B2 (ENTRY)] +// CHECK: Succs (1): B1 +// CHECK: [B1] +// CHECK: 1: foo1 +// CHECK: 2: [B1.1] (ImplicitCastExpr, FunctionToPointerDecay, const class pass_references_through::C &(*)(void)) +// CHECK: 3: [B1.2]() +// CHECK: 4: return [B1.3]; +// CHECK: Preds (1): B2 +// CHECK: Succs (1): B0 +// CHECK: [B0 (EXIT)] +// CHECK: Preds (1): B1 +// CHECK: [B2 (ENTRY)] +// CHECK: Succs (1): B1 +// CHECK: [B1] +// CHECK: 1: foo2 +// CHECK: 2: [B1.1] (ImplicitCastExpr, FunctionToPointerDecay, class pass_references_through::C &&(*)(void)) +// CHECK: 3: [B1.2]() +// CHECK: 4: return [B1.3]; +// CHECK: Preds (1): B2 +// CHECK: Succs (1): B0 +// CHECK: [B0 (EXIT)] +// CHECK: Preds (1): B1 Modified: cfe/trunk/test/Analysis/temporaries.cpp URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/temporaries.cpp?rev=327352&r1=327351&r2=327352&view=diff ============================================================================== --- cfe/trunk/test/Analysis/temporaries.cpp (original) +++ cfe/trunk/test/Analysis/temporaries.cpp Mon Mar 12 16:52:36 2018 @@ -1032,4 +1032,17 @@ void test() { } } // end namespace implicit_constructor_conversion +namespace pass_references_through { +class C { +public: + ~C() {} +}; +const C &foo1(); +C &&foo2(); + +// In these examples the foo() expression has record type, not reference type. +// Don't try to figure out how to perform construction of the record here. +const C &bar1() { return foo1(); } // no-crash +C &&bar2() { return foo2(); } // no-crash +} // end namespace pass_references_through _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
