[infer][clang] fix unitialized value false positive for values not initialized in the throw branch

Summary: The checker should not report unitinialzed values on the throw branch.

Reviewed By: ddino

Differential Revision: D6267019

fbshipit-source-id: 05768f1
master
Jeremy Dubreil 7 years ago committed by Facebook Github Bot
parent 18782be7c9
commit 4a1eae048a

@ -103,6 +103,9 @@ module TransferFunctions (CFG : ProcCfg.S) = struct
| Assign (((lhs_var, _), _), _, _) -> | Assign (((lhs_var, _), _), _, _) ->
let uninit_vars = D.remove lhs_var astate.uninit_vars in let uninit_vars = D.remove lhs_var astate.uninit_vars in
{astate with uninit_vars} {astate with uninit_vars}
| Call (_, Direct callee_pname, _, _, _)
when Typ.Procname.equal callee_pname BuiltinDecl.objc_cpp_throw ->
{astate with uninit_vars= D.empty}
| Call (_, call, actuals, _, loc) -> | Call (_, call, actuals, _, loc) ->
(* in case of intraprocedural only analysis we assume that parameters passed by reference (* in case of intraprocedural only analysis we assume that parameters passed by reference
to a function will be initialized inside that function *) to a function will be initialized inside that function *)

@ -1,6 +1,8 @@
codetoanalyze/cpp/uninit/uninit.cpp, FP_no_warning_noreturn_callee_ok, 7, UNINITIALIZED_VALUE, []
codetoanalyze/cpp/uninit/uninit.cpp, bad1, 2, UNINITIALIZED_VALUE, [] codetoanalyze/cpp/uninit/uninit.cpp, bad1, 2, UNINITIALIZED_VALUE, []
codetoanalyze/cpp/uninit/uninit.cpp, bad2, 2, UNINITIALIZED_VALUE, [] codetoanalyze/cpp/uninit/uninit.cpp, bad2, 2, UNINITIALIZED_VALUE, []
codetoanalyze/cpp/uninit/uninit.cpp, branch1_FP, 11, UNINITIALIZED_VALUE, [] codetoanalyze/cpp/uninit/uninit.cpp, branch1_FP, 11, UNINITIALIZED_VALUE, []
codetoanalyze/cpp/uninit/uninit.cpp, loop1_FP, 10, UNINITIALIZED_VALUE, [] codetoanalyze/cpp/uninit/uninit.cpp, loop1_FP, 10, UNINITIALIZED_VALUE, []
codetoanalyze/cpp/uninit/uninit.cpp, no_init_return_bad, 2, UNINITIALIZED_VALUE, [] codetoanalyze/cpp/uninit/uninit.cpp, no_init_return_bad, 2, UNINITIALIZED_VALUE, []
codetoanalyze/cpp/uninit/uninit.cpp, ret_undef, 2, UNINITIALIZED_VALUE, [] codetoanalyze/cpp/uninit/uninit.cpp, ret_undef, 2, UNINITIALIZED_VALUE, []
codetoanalyze/cpp/uninit/uninit.cpp, warning_when_throw_in_other_branch_bad, 9, UNINITIALIZED_VALUE, []

@ -224,3 +224,37 @@ int capture_by_ref_init_ok() {
[&x]() { x = 1; }(); [&x]() { x = 1; }();
return x; return x;
} }
int no_warning_on_throw_ok(bool t) {
int x;
if (t) {
x = 2;
} else {
throw;
}
return x;
}
int warning_when_throw_in_other_branch_bad(int t) {
int x;
if (t > 0) {
x = 2;
} else if (t < 0) {
// reports because x is not initialized in this branch
} else {
throw;
}
return x;
}
[[noreturn]] void noreturn_function() {}
int FP_no_warning_noreturn_callee_ok(bool t) {
int x;
if (t) {
x = 2;
} else {
noreturn_function();
}
return x;
}

Loading…
Cancel
Save