[analyzer] Better model for copying of array fields in implicit copy ctors.

- Find the correct region to represent the first array element when constructing a CXXConstructorCall. - If the array is trivial, model the copy with a primitive load/store. - Don't warn about the "uninitialized" subscript in the AST -- we don't use the helper variable that Sema provides. <rdar://problem/13091608> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178602 91177308-0d34-0410-b5e6-96231b3b80d8
author: Jordan Rose <jordan_rose@apple.com> 2013-04-03 01:39:08 +0000
committer: Jordan Rose <jordan_rose@apple.com> 2013-04-03 01:39:08 +0000
commit: ecee1651c100342366a9417c85c6e50399039930 (patch)
tree: df70d7d6ab62bd4765089fb11aac8b0e18067fbb /lib/StaticAnalyzer/Checkers/UndefinedArraySubscriptChecker.cpp
parent: 73c56bb0c8e722f4f0c0a044f13064d381f1ec8d (diff)
1 files changed, 22 insertions, 12 deletions
diff --git a/lib/StaticAnalyzer/Checkers/UndefinedArraySubscriptChecker.cpp b/lib/StaticAnalyzer/Checkers/UndefinedArraySubscriptChecker.cpp
index be3a34f3ea..176ee48082 100644
--- a/lib/StaticAnalyzer/Checkers/UndefinedArraySubscriptChecker.cpp
+++ b/lib/StaticAnalyzer/Checkers/UndefinedArraySubscriptChecker.cpp
@@ -34,18 +34,28 @@ public:
 void 
 UndefinedArraySubscriptChecker::checkPreStmt(const ArraySubscriptExpr *A,
                                              CheckerContext &C) const {
-  if (C.getState()->getSVal(A->getIdx(), C.getLocationContext()).isUndef()) {
-    if (ExplodedNode *N = C.generateSink()) {
-      if (!BT)
-        BT.reset(new BuiltinBug("Array subscript is undefined"));
-
-      // Generate a report for this bug.
-      BugReport *R = new BugReport(*BT, BT->getName(), N);
-      R->addRange(A->getIdx()->getSourceRange());
-      bugreporter::trackNullOrUndefValue(N, A->getIdx(), *R);
-      C.emitReport(R);
-    }
-  }
+  const Expr *Index = A->getIdx();
+  if (!C.getSVal(Index).isUndef())
+    return;
+
+  // Sema generates anonymous array variables for copying array struct fields.
+  // Don't warn if we're in an implicitly-generated constructor.
+  const Decl *D = C.getLocationContext()->getDecl();
+  if (const CXXConstructorDecl *Ctor = dyn_cast<CXXConstructorDecl>(D))
+    if (Ctor->isImplicitlyDefined())
+      return;
+
+  ExplodedNode *N = C.generateSink();
+  if (!N)
+    return;
+  if (!BT)
+    BT.reset(new BuiltinBug("Array subscript is undefined"));
+
+  // Generate a report for this bug.
+  BugReport *R = new BugReport(*BT, BT->getName(), N);
+  R->addRange(A->getIdx()->getSourceRange());
+  bugreporter::trackNullOrUndefValue(N, A->getIdx(), *R);
+  C.emitReport(R);
 }
 
 void ento::registerUndefinedArraySubscriptChecker(CheckerManager &mgr) {
author	Jordan Rose <jordan_rose@apple.com>	2013-04-03 01:39:08 +0000
committer	Jordan Rose <jordan_rose@apple.com>	2013-04-03 01:39:08 +0000
commit	ecee1651c100342366a9417c85c6e50399039930 (patch)
tree	df70d7d6ab62bd4765089fb11aac8b0e18067fbb /lib/StaticAnalyzer/Checkers/UndefinedArraySubscriptChecker.cpp
parent	73c56bb0c8e722f4f0c0a044f13064d381f1ec8d (diff)