Fix bug in GRExprEngine::VisitSizeOfAlignOfExpr() where we do not add

'Pred' to 'Dst' for cases we currently don't handle.  This fixes
<rdar://problem/7593875>.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@95048 91177308-0d34-0410-b5e6-96231b3b80d8

2 files changed, 16 insertions, 0 deletions

diff --git a/lib/Checker/GRExprEngine.cpp b/lib/Checker/GRExprEngine.cpp
index 77715ac621..52e4fc12f8 100644
--- a/lib/Checker/GRExprEngine.cpp
+++ b/lib/Checker/GRExprEngine.cpp
@@ -2461,12 +2461,14 @@ void GRExprEngine::VisitSizeOfAlignOfExpr(SizeOfAlignOfExpr* Ex,
     }
     else if (!T.getTypePtr()->isConstantSizeType()) {
       // FIXME: Add support for VLAs.
+      Dst.Add(Pred);
       return;
     }
     else if (T->isObjCInterfaceType()) {
       // Some code tries to take the sizeof an ObjCInterfaceType, relying that
       // the compiler has laid out its representation.  Just report Unknown
       // for these.
+      Dst.Add(Pred);
       return;
     }
     else {
diff --git a/test/Analysis/misc-ps.m b/test/Analysis/misc-ps.m
index dea09367d1..acf49f8e67 100644
--- a/test/Analysis/misc-ps.m
+++ b/test/Analysis/misc-ps.m
@@ -837,3 +837,17 @@ void f(kwset_t *kws, char const *p, char const *q) {
   d = delta[c = (end+=d)[-1]]; // no-warning
   trie = next[c];
 }
+
+//===----------------------------------------------------------------------===//
+// <rdar://problem/7593875> When handling sizeof(VLA) it leads to a hole in
+// the ExplodedGraph (causing a false positive)
+//===----------------------------------------------------------------------===//
+
+int rdar_7593875_aux(int x);
+int rdar_7593875(int n) {
+  int z[n > 10 ? 10 : n]; // VLA.
+  int v;
+  v = rdar_7593875_aux(sizeof(z));
+  // Previously we got a false positive about 'v' being uninitialized.
+  return v; // no-warning
+}