<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Yes, indeed, this is simply unimplemented. Like, so much
unimplemented that the analyzer is unable to figure out how to
handle CXXTypeidExpr so it gives up on the current execution path.
See ExprEngine::Visit, the top part of the switch.<br>
<br>
It shouldn't be that hard to implement in a reasonable manner. I
guess, the values that it returns would always be symbolic (as in,
an invalidated structure), but consistent as long as we know the
type (and it should probably produce a new value every time we don't
know the type on the current path).<br>
<br>
<div class="moz-cite-prefix">On 6/10/19 6:26 PM, Torry Chen via
cfe-dev wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CADmWND9TrtzZgSUB-NcGHoGWM9LNAc2EjCPXks1aW6N06pJnCg@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">Hi all,<br>
<br>
I've been using the unix.Malloc checker to detect memory
management issues in our code base. But we found the checker
seems to stop exploring after seeing a call to typeid(). Below
is a bad code example and unix.Malloc should warn about a
double-free. But if I uncomment the line calling typeid(), the
checker doesn't report any bug.<br>
<br>
This prevents it from checking some of our templated functions
that call typeid(). Could someone please let me know why this
happens and how do I make the checker continue to work after
seeing typeid()?<br>
<br>
Thank you!<br>
Torry<br>
<br>
<font face="courier new, monospace">void double_free(int size) {<br>
char *data = (char *)malloc(size);<br>
<br>
for (int i = 0; i < size; i++)<br>
data[i] = i;<br>
<br>
// auto tname = typeid(uint64_t).name(); // typeid() seems
to stop analyzer<br>
// printf("Type name is %s\n", tname);<br>
<br>
free(data);<br>
free(data); // Should warn: Attempt to free released memory<br>
}<br>
<br>
int main(int argc, char** argv) {<br>
double_free(argc);<br>
<br>
return 0;<br>
}</font><br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
cfe-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:cfe-dev@lists.llvm.org">cfe-dev@lists.llvm.org</a>
<a class="moz-txt-link-freetext" href="https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev">https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev</a>
</pre>
</blockquote>
<br>
</body>
</html>