analyzer: Fix embarrassing regression in BasicStore when invalidating struct

author Ted Kremenek <kremenek@apple.com>

Mon, 23 Mar 2009 15:42:58 +0000 (15:42 +0000)

committer Ted Kremenek <kremenek@apple.com>

Mon, 23 Mar 2009 15:42:58 +0000 (15:42 +0000)
author Ted Kremenek <kremenek@apple.com>
Mon, 23 Mar 2009 15:42:58 +0000 (15:42 +0000)
committer Ted Kremenek <kremenek@apple.com>
Mon, 23 Mar 2009 15:42:58 +0000 (15:42 +0000)
diff --git a/include/clang/Analysis/PathSensitive/SymbolManager.h b/include/clang/Analysis/PathSensitive/SymbolManager.h

index dfc1ae81ee6406ad4d7339b5aa83da6faaea9e8f..b188cab888d720f26cc5d3aa2677a3919787bf2d 100644 (file)
--- a/include/clang/Analysis/PathSensitive/SymbolManager.h
+++ b/include/clang/Analysis/PathSensitive/SymbolManager.h
@@ -218,6 +218,8 @@ public:
      : SymbolCounter(0), BPAlloc(bpalloc), Ctx(ctx) {}
    
    ~SymbolManager();
+  
+  static bool canSymbolicate(QualType T);
  
    /// Make a unique symbol for MemRegion R according to its kind.
    SymbolRef getRegionRValueSymbol(const MemRegion* R);
diff --git a/lib/Analysis/BasicStore.cpp b/lib/Analysis/BasicStore.cpp

index b883f8806141b09afe482a974e89422c48c96f91..01260480d19255281fdbe14a2df18de39a59b1d4 100644 (file)
--- a/lib/Analysis/BasicStore.cpp
+++ b/lib/Analysis/BasicStore.cpp
@@ -525,6 +525,10 @@ Store BasicStoreManager::getInitialStore() {
        // Punt on static variables for now.
        if (VD->getStorageClass() == VarDecl::Static)
          continue;
+      
+      // Only handle simple types that we can symbolicate.
+      if (!SymbolManager::canSymbolicate(VD->getType()))
+        continue;
  
        // Initialize globals and parameters to symbolic values.
        // Initialize local variables to undefined.
diff --git a/lib/Analysis/SymbolManager.cpp b/lib/Analysis/SymbolManager.cpp

index 4d101f186bd5e143799fdd49e280a15e65f30a46..efc7cd3b86f23e18e4985a1b82f83adde150e952 100644 (file)
--- a/lib/Analysis/SymbolManager.cpp
+++ b/lib/Analysis/SymbolManager.cpp
@@ -94,6 +94,10 @@ QualType SymbolRegionRValue::getType(ASTContext& C) const {
  
  SymbolManager::~SymbolManager() {}
  
+bool SymbolManager::canSymbolicate(QualType T) {
+  return Loc::IsLocType(T) || T->isIntegerType();  
+}
+
  void SymbolReaper::markLive(SymbolRef sym) {
    TheLiving = F.Add(TheLiving, sym);
    TheDead = F.Remove(TheDead, sym);
diff --git a/test/Analysis/misc-ps.m b/test/Analysis/misc-ps.m

index ae777a5e26684a7637c515e5a1706194235645c5..1f4b7632bc74bb925a05150cc6405ebf0f4f44b3 100644 (file)
--- a/test/Analysis/misc-ps.m
+++ b/test/Analysis/misc-ps.m
@@ -24,6 +24,19 @@ extern id NSAllocateObject(Class aClass, NSUInteger extraBytes, NSZone *zone);
  - (void)handleFailureInMethod:(SEL)selector object:(id)object file:(NSString *)fileName lineNumber:(NSInteger)line description:(NSString *)format,...;
  @end
  extern NSString * const NSConnectionReplyMode;
+typedef float CGFloat;
+typedef struct _NSPoint {
+    CGFloat x;
+    CGFloat y;
+} NSPoint;
+typedef struct _NSSize {
+    CGFloat width;
+    CGFloat height;
+} NSSize;
+typedef struct _NSRect {
+    NSPoint origin;
+    NSSize size;
+} NSRect;
  
  // Reduced test case from crash in <rdar://problem/6253157>
  @interface A @end
@@ -201,3 +214,14 @@ int rdar6695527(double x) {
    if (!x) { return 0; }
    return 1;
  }
+
+// <rdar://problem/6708148> - Test that we properly invalidate structs
+//  passed-by-reference to a function.
+void pr6708148_invalidate(NSRect *x);
+void pr6708148_use(NSRect x);
+void pr6708148_test(void) {
+  NSRect x;
+  pr6708148_invalidate(&x);
+  pr6708148_use(x); // no-warning
+}
+
author	Ted Kremenek <kremenek@apple.com>
	Mon, 23 Mar 2009 15:42:58 +0000 (15:42 +0000)
committer	Ted Kremenek <kremenek@apple.com>
	Mon, 23 Mar 2009 15:42:58 +0000 (15:42 +0000)
include/clang/Analysis/PathSensitive/SymbolManager.h		patch \| blob \| history
lib/Analysis/BasicStore.cpp		patch \| blob \| history
lib/Analysis/SymbolManager.cpp		patch \| blob \| history
test/Analysis/misc-ps.m		patch \| blob \| history