[cfe-dev] [analyzer] Possible symbol leak?

Aleksei Sidorin a.sidorin at samsung.com
Thu Jul 31 02:20:37 PDT 2014


Hello,
I found an issue in analyzer that seems strange to me. 
SymbolRegionValues related to a region remain alive after binding a new 
value to this region even if there is no any references to this symbol. 
Test sample:

void testStoreConstraint(int i) {
   if (i < 10)  // create a new symbol related to a region
     i = 0;     // bind a new value to this region
   else
     i = 1;     // bind a new value to this region
   (void)i;     // but symbol is still alive here in constraints
}

and one of ProgramStates in the end of analysis, before the final 
PostStmtPurgeDeadSymbols node (the second state is almost the same):

Store (direct and default bindings), 0x6284fe8 :
  (i,0,direct) : 1 S32b
Expressions:
  (0x6283f50,0x6278190) i : &i
Ranges of symbol values:
  reg_$0<i> : { [10, 2147483647] }


Can somebody tell me why reg_$0<i> is alive?

-- 
Best regards,
Aleksei Sidorin
Software Engineer,
IMSWL-IMCG, SRR, Samsung Electronics

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20140731/4682bed6/attachment.html>


More information about the cfe-dev mailing list