search

Quuxplusone / LLVMBugzillaTest

0 stars 0 forks source link

C++ parameter defaults are ignored #12912

Open Quuxplusone opened 12 years ago

Quuxplusone commented 12 years ago
Bugzilla Link PR13385
Status NEW
Importance P enhancement
Reported by Craig Hughes (craig+clang@trickplay.com)
Reported on 2012-07-17 16:44:17 -0700
Last modified on 2012-08-23 13:16:37 -0700
Version unspecified
Hardware All All
CC jrose@belkadan.com, kremenek@apple.com, llvm-bugs@lists.llvm.org
Fixed by commit(s)
Attachments test.cpp (870 bytes, application/octet-stream)
Blocks
Blocked by
See also 
Created attachment 8916
Sample C++ program showing default arguments being ignored when passed
implicitly

I have a C++ function which uses parameter defaults, eg:

MyObject * get_obj(bool destroy = false);

If I call that function explicitly with

foo = get_obj(false);

the static analyzer treats it differently than if I call it with the (same)
implicit argument:

foo = get_object();

The attached short example program shows this problem -- essentially, in my
code if "false" is passed to that function, it will return non-null or
assert().  If I explicitly pass "false", then clang correctly realizes that foo
will be non-NULL.  But with the implicit argument, clang thinks foo can be NULL
and complains.

Compile sample with this:

scan-build clang++ -o test test.cpp
test.cpp:38:24: warning: Access to field 'some_contents' results in a
dereference of a null pointer (loaded from variable 'ptr')
    ptr->some_contents = 42;
    ~~~                ^
1 warning generated.
scan-build: 1 bugs found.
Quuxplusone commented 12 years ago

Attached test.cpp (870 bytes, application/octet-stream): Sample C++ program showing default arguments being ignored when passed implicitly

Quuxplusone commented 12 years ago

Cloned to rdar://problem/12156507

Quuxplusone commented 12 years ago 
This is harder than I thought initially because we can't just add the wrapped
expression to the CFG. If you call the function more than once, you'll end up
with the same Expr * showing up more than once, which is usually a Bad Thing.

However, I've put in a fix that works for constant literals in r162453.
Quuxplusone commented 12 years ago 
(In reply to comment #2)
> This is harder than I thought initially because we can't just add the wrapped
> expression to the CFG. If you call the function more than once, you'll end up
> with the same Expr * showing up more than once, which is usually a Bad Thing.
>
> However, I've put in a fix that works for constant literals in r162453.

Right.  Either we can clone the expressions into the CFG, or represent the
initializer expression with a separate CFG that we "stitch together" in the
static analyzer.  The first solution is better because it will allow the
compiler warnings to see those expressions as well (as they won't be doing any
stitching via IPA like the analyzer).