From: Zhongxing Xu <xuzhongxing@gmail.com>
Date: Mon, 29 Jun 2009 06:43:40 +0000 (+0000)
Subject: Invalidate the alloca region by setting its default value to conjured symbol.
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=a03f157f154d0013e9c3eee261062959371aa868;p=clang

Invalidate the alloca region by setting its default value to conjured symbol.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@74419 91177308-0d34-0410-b5e6-96231b3b80d8
---

diff --git a/lib/Analysis/CFRefCount.cpp b/lib/Analysis/CFRefCount.cpp
index 1010b65209..618214e1c5 100644
--- a/lib/Analysis/CFRefCount.cpp
+++ b/lib/Analysis/CFRefCount.cpp
@@ -2796,7 +2796,7 @@ void CFRefCount::EvalSummary(ExplodedNodeSet<GRState>& Dst,
         //  to identify conjured symbols by an expression pair: the enclosing
         //  expression (the context) and the expression itself.  This should
         //  disambiguate conjured symbols. 
-        
+        unsigned Count = Builder.getCurrentBlockCount();
         const TypedRegion* R = dyn_cast<TypedRegion>(MR->getRegion());
 
         if (R) {
@@ -2833,7 +2833,7 @@ void CFRefCount::EvalSummary(ExplodedNodeSet<GRState>& Dst,
           
           if (R->isBoundable()) {
             // Set the value of the variable to be a conjured symbol.
-            unsigned Count = Builder.getCurrentBlockCount();
+
             QualType T = R->getValueType(Ctx);
           
             if (Loc::IsLocType(T) || (T->isIntegerType() && T->isScalarType())){
@@ -2895,6 +2895,15 @@ void CFRefCount::EvalSummary(ExplodedNodeSet<GRState>& Dst,
             }
           }
         }
+        else if (isa<AllocaRegion>(MR->getRegion())) {
+          // Invalidate the alloca region by setting its default value to 
+          // conjured symbol. The type of the symbol is irrelavant.
+          SVal V = ValMgr.getConjuredSymbolVal(*I, Eng.getContext().IntTy, 
+                                               Count);
+          StoreManager& StoreMgr = 
+                    Eng.getStateManager().getStoreManager();
+          state = StoreMgr.setDefaultValue(state, MR->getRegion(), V);
+        }
         else
           state = state->bindLoc(*MR, UnknownVal());
       }
diff --git a/test/Analysis/array-struct.c b/test/Analysis/array-struct.c
index 13035760fa..da7df4b28e 100644
--- a/test/Analysis/array-struct.c
+++ b/test/Analysis/array-struct.c
@@ -168,3 +168,15 @@ void f17() {
   if (t.e.d)
     x = 1;
 }
+
+void read(char*);
+
+void f18() {
+  char *q;
+  char *p = (char *) __builtin_alloca(10);
+  read(p);
+  q = p;
+  q++;
+  if (*q) { // no-warning
+  }
+}