[PATCH] D12163: [Patch] [Analyzer] BugReporter.cpp:2869: Assertion failed: !RemainingNodes.empty() && "No error node found in the trimmed graph" (PR 24184)
Anna Zaks via cfe-commits
cfe-commits at lists.llvm.org
Wed Aug 19 19:00:01 PDT 2015
zaks.anna added a comment.
I have some minor nits but looks good otherwise. Thanks for fixing this!
================
Comment at: include/clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h:290
@@ -289,2 +289,3 @@
const ProgramPointTag *Tag = nullptr) {
- if (!State || (State == Pred->getState() && !Tag && !MarkAsSink))
+ // It may not be safe to use the "Pred" node with no tag because the "Pred"
+ // node may be recycled in the "shouldCollect" reclamation function. See
----------------
Please, remove the reference to the method name, the comment might get stale if the function name changes. Also, please, remove the PR reference from here.
================
Comment at: test/Analysis/malloc.c:1389
@@ -1388,2 +1388,3 @@
char *m = realloc(a->p, size); // expected-warning {{Attempt to free released memory}}
- return a->p;
+ //PR24184: Object "a->p" was returned at next line after being freed by calling "realloc" at previous line.
+ return a->p; // expected-warning {{Use of memory after it is freed}}
----------------
Some wordsmithing: Object "a->p" is returned after being freed by calling "realloc".
http://reviews.llvm.org/D12163
More information about the cfe-commits
mailing list