[PATCH] [StaticAnalyzer]Handle Destructor call generated by C++ delete expr
Jordan Rose
jordan_rose at apple.com
Thu Sep 12 09:34:41 PDT 2013
I don't think this is the right approach; see comments.
Also, nitpick: it'd be nice if the tests also followed the LLVM style and general spacing rules. Watch for "delte" typos too.
================
Comment at: lib/StaticAnalyzer/Checkers/MallocChecker.cpp:1793
@@ -1792,3 +1792,3 @@
- if (isReleased(Sym, C)) {
+ if (isReleased(Sym, C) && S) {
ReportUseAfterFree(C, S->getSourceRange(), Sym);
----------------
I'm not sure this is the right fix; we definitely still want to report this. Please mark this with a FIXME comment, at least.
================
Comment at: lib/StaticAnalyzer/Core/ExprEngineCXX.cpp:299-307
@@ -298,2 +298,11 @@
// invalidate the entire array).
+
+ // If the memory region is null do not call the
+ // destructors. Return a node with state same as previous node.
+ // Do not process further.
+ if (!Dest) {
+ StmtNodeBuilder Bldr(Pred, Dst, *currBldrCtx);
+ Bldr.generateNode(S, Pred, State);
+ return;
+ }
SVal DestVal = loc::MemRegionVal(Dest);
----------------
This is wrong; if the MemRegion* is null that might just mean we can't model it (the UnknownVal case). That's unusual, but it doesn't mean we shouldn't run the destructor. This check should go in `ProcessDeleteDtor`, where you can actually check if the given argument value is null.
http://llvm-reviews.chandlerc.com/D1594
More information about the cfe-commits
mailing list