From: Ted Kremenek <kremenek@apple.com>
Date: Tue, 22 Jun 2010 23:58:31 +0000 (+0000)
Subject: Correctly construct an ElementRegion for alloca() + pointer arithmetic.  Fixes analyzer
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=3f8612b46949a73729ef0e0d985cc8cce1ec096f;p=clang

Correctly construct an ElementRegion for alloca() + pointer arithmetic.  Fixes analyzer
crash reported in PR 7450.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106609 91177308-0d34-0410-b5e6-96231b3b80d8
---

diff --git a/lib/Checker/RegionStore.cpp b/lib/Checker/RegionStore.cpp
index 6f8c2504bd..a9d12dfb4a 100644
--- a/lib/Checker/RegionStore.cpp
+++ b/lib/Checker/RegionStore.cpp
@@ -883,8 +883,7 @@ SVal RegionStoreManager::EvalBinOp(BinaryOperator::Opcode Op, Loc L, NonLoc R,
     }
     case MemRegion::AllocaRegionKind: {
       const AllocaRegion *AR = cast<AllocaRegion>(MR);
-      QualType T = getContext().CharTy; // Create an ElementRegion of bytes.
-      QualType EleTy = T->getAs<PointerType>()->getPointeeType();
+      QualType EleTy = getContext().CharTy; // Create an ElementRegion of bytes.
       SVal ZeroIdx = ValMgr.makeZeroArrayIndex();
       ER = MRMgr.getElementRegion(EleTy, ZeroIdx, AR, getContext());
       break;
diff --git a/test/Analysis/misc-ps-region-store.m b/test/Analysis/misc-ps-region-store.m
index 52516abc39..6b4f658a3f 100644
--- a/test/Analysis/misc-ps-region-store.m
+++ b/test/Analysis/misc-ps-region-store.m
@@ -1033,3 +1033,11 @@ double rdar_8032791_1() {
    return x;
 }
 
+// PR 7450 - Handle pointer arithmetic with __builtin_alloca
+void pr_7450_aux(void *x);
+void pr_7450() {
+  void *p = __builtin_alloca(10);
+  // Don't crash when analyzing the following statement.
+  pr_7450_aux(p + 8);
+}
+