projects / platform / upstream / llvm.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c5a7f92)
[analyzer] Fix a crash reported in PR 14400.
authorAnna Zaks <ganna@apple.com>
Mon, 26 Nov 2012 19:11:46 +0000 (19:11 +0000)
committerAnna Zaks <ganna@apple.com>
Mon, 26 Nov 2012 19:11:46 +0000 (19:11 +0000)
The AllocaRegion did not have the superRegion (based on LocationContext)
as part of it's hash. As a consequence, the AllocaRegions from
different frames were uniqued to be the same region.

llvm-svn: 168599

clang/lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp patch | blob | history
clang/lib/StaticAnalyzer/Core/MemRegion.cpp patch | blob | history
clang/test/Analysis/misc-ps-region-store.cpp patch | blob | history

diff --git a/clang/lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp
index 6ef022b..24f8cdd 100644 (file)
--- a/clang/lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp
@@ -68,6 +68,7 @@ bool BuiltinFunctionChecker::evalCall(const CallExpr *CE,
     DefinedOrUnknownSVal extentMatchesSizeArg =
       svalBuilder.evalEQ(state, Extent, Size);
     state = state->assume(extentMatchesSizeArg, true);
+    assert(state && "The region should not have any previous constraints");
 
     C.addTransition(state->BindExpr(CE, LCtx, loc::MemRegionVal(R)));
     return true;
diff --git a/clang/lib/StaticAnalyzer/Core/MemRegion.cpp b/clang/lib/StaticAnalyzer/Core/MemRegion.cpp
index fab10cf..37f65ec 100644 (file)
--- a/clang/lib/StaticAnalyzer/Core/MemRegion.cpp
+++ b/clang/lib/StaticAnalyzer/Core/MemRegion.cpp
@@ -272,10 +272,11 @@ void ObjCStringRegion::ProfileRegion(llvm::FoldingSetNodeID& ID,
 
 void AllocaRegion::ProfileRegion(llvm::FoldingSetNodeID& ID,
                                  const Expr *Ex, unsigned cnt,
-                                 const MemRegion *) {
+                                 const MemRegion *superRegion) {
   ID.AddInteger((unsigned) AllocaRegionKind);
   ID.AddPointer(Ex);
   ID.AddInteger(cnt);
+  ID.AddPointer(superRegion);
 }
 
 void AllocaRegion::Profile(llvm::FoldingSetNodeID& ID) const {
diff --git a/clang/test/Analysis/misc-ps-region-store.cpp b/clang/test/Analysis/misc-ps-region-store.cpp
index a106cf0..adbc5b1 100644 (file)
--- a/clang/test/Analysis/misc-ps-region-store.cpp
+++ b/clang/test/Analysis/misc-ps-region-store.cpp
@@ -628,3 +628,8 @@ void test_inline() {
   a.bar();
 }
 
+void test_alloca_in_a_recursive_function(int p1) {
+    __builtin_alloca (p1);
+    test_alloca_in_a_recursive_function(1);
+    test_alloca_in_a_recursive_function(2);
+}
Domain: System / Toolchain;