diff options
| author | Jordan Rose <jordan_rose@apple.com> | 2013-03-20 20:35:53 +0000 |
|---|---|---|
| committer | Jordan Rose <jordan_rose@apple.com> | 2013-03-20 20:35:53 +0000 |
| commit | f8ddc098981d4d85cad4e72fc6dfcfe83b842b66 (patch) | |
| tree | f03f97abd1fd285147db499e1c4379d961cdc49a /include/clang/StaticAnalyzer | |
| parent | e1a2e90876cbe2187250939374d26036ccba2ad6 (diff) | |
[analyzer] Invalidate regions indirectly accessible through const pointers.
In this case, the value of 'x' may be changed after the call to indirectAccess:
struct Wrapper {
int *ptr;
};
void indirectAccess(const Wrapper &w);
void test() {
int x = 42;
Wrapper w = { x };
clang_analyzer_eval(x == 42); // TRUE
indirectAccess(w);
clang_analyzer_eval(x == 42); // UNKNOWN
}
This is important for modelling return-by-value objects in C++, to show
that the contents of the struct are escaping in the return copy-constructor.
<rdar://problem/13239826>
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@177570 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'include/clang/StaticAnalyzer')
| -rw-r--r-- | include/clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h | 23 | ||||
| -rw-r--r-- | include/clang/StaticAnalyzer/Core/PathSensitive/Store.h | 1 |
2 files changed, 15 insertions, 9 deletions
diff --git a/include/clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h b/include/clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h index 39e7429344..fe5325b5d7 100644 --- a/include/clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h +++ b/include/clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h @@ -240,12 +240,15 @@ public: /// \param IS the set of invalidated symbols. /// \param Call if non-null, the invalidated regions represent parameters to /// the call and should be considered directly invalidated. - ProgramStateRef invalidateRegions(ArrayRef<const MemRegion *> Regions, - const Expr *E, unsigned BlockCount, - const LocationContext *LCtx, - bool CausesPointerEscape, - InvalidatedSymbols *IS = 0, - const CallEvent *Call = 0) const; + /// \param ConstRegions the set of regions whose contents are accessible, + /// even though the regions themselves should not be invalidated. + ProgramStateRef + invalidateRegions(ArrayRef<const MemRegion *> Regions, const Expr *E, + unsigned BlockCount, const LocationContext *LCtx, + bool CausesPointerEscape, InvalidatedSymbols *IS = 0, + const CallEvent *Call = 0, + ArrayRef<const MemRegion *> ConstRegions = + ArrayRef<const MemRegion *>()) const; /// enterStackFrame - Returns the state for entry to the given stack frame, /// preserving the current state. @@ -415,14 +418,16 @@ public: private: friend void ProgramStateRetain(const ProgramState *state); friend void ProgramStateRelease(const ProgramState *state); - - ProgramStateRef + + /// \sa invalidateRegions() + ProgramStateRef invalidateRegionsImpl(ArrayRef<const MemRegion *> Regions, const Expr *E, unsigned BlockCount, const LocationContext *LCtx, bool ResultsInSymbolEscape, InvalidatedSymbols &IS, - const CallEvent *Call) const; + const CallEvent *Call, + ArrayRef<const MemRegion *> ConstRegions) const; }; //===----------------------------------------------------------------------===// diff --git a/include/clang/StaticAnalyzer/Core/PathSensitive/Store.h b/include/clang/StaticAnalyzer/Core/PathSensitive/Store.h index 066cd20e18..8318fe0c26 100644 --- a/include/clang/StaticAnalyzer/Core/PathSensitive/Store.h +++ b/include/clang/StaticAnalyzer/Core/PathSensitive/Store.h @@ -197,6 +197,7 @@ public: const LocationContext *LCtx, InvalidatedSymbols &IS, const CallEvent *Call, + ArrayRef<const MemRegion *> ConstRegions, InvalidatedRegions *Invalidated) = 0; /// enterStackFrame - Let the StoreManager to do something when execution |