[PATCH] D38358: [analyzer] Fix autodetection of getSVal()'s type argument.

Devin Coughlin via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Thu Sep 28 16:57:29 PDT 2017

dcoughlin added a comment.

This is such a nasty bug! It is great to see a fix. I have two comments inline, one of which is just a nit.

Comment at: lib/StaticAnalyzer/Core/RegionStore.cpp:1404
+          // When trying to dereference a void pointer, read the first byte.
+          T = Ctx.CharTy;
+        }
Nit: It seems a bit odd to read the first byte here since (unless I'm misunderstanding) this would never be triggered by actual C semantics, only by a checker. Did you consider just returning UnknownVal() in this case?

Comment at: lib/StaticAnalyzer/Core/RegionStore.cpp:1408
+    assert(!T.isNull() && "Unable to auto-detect binding type!");
+    assert(!T->isVoidType() && "Attempted to retrieve a void value!");
I think you missed handling the AllocaRegion case from the old version in your new version. This means the assert will fire on the following when core.alpha is enabled:
void foo(void *dest) {
  void *src = __builtin_alloca(5);
  memcpy(dest, src, 1);


More information about the cfe-commits mailing list