[PATCH] D47416: [analyzer] Clean up the program state map of DanglingInternalBufferChecker
Reka Kovacs via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Sat Jun 9 07:26:11 PDT 2018
rnkovacs updated this revision to Diff 150625.
rnkovacs marked an inline comment as done.
rnkovacs edited the summary of this revision.
rnkovacs added a comment.
Herald added a subscriber: mikhail.ramalho.
Fixed naming and added an extra pass for regions left behind by incomplete destructors.
https://reviews.llvm.org/D47416
Files:
lib/StaticAnalyzer/Checkers/DanglingInternalBufferChecker.cpp
Index: lib/StaticAnalyzer/Checkers/DanglingInternalBufferChecker.cpp
===================================================================
--- lib/StaticAnalyzer/Checkers/DanglingInternalBufferChecker.cpp
+++ lib/StaticAnalyzer/Checkers/DanglingInternalBufferChecker.cpp
@@ -26,7 +26,8 @@
namespace {
-class DanglingInternalBufferChecker : public Checker<check::PostCall> {
+class DanglingInternalBufferChecker : public Checker<check::DeadSymbols,
+ check::PostCall> {
CallDescription CStrFn;
public:
@@ -36,6 +37,9 @@
/// corresponding string object region in the ProgramState. Mark the symbol
/// released if the string object is destroyed.
void checkPostCall(const CallEvent &Call, CheckerContext &C) const;
+
+ /// Clean up the ProgramState map.
+ void checkDeadSymbols(SymbolReaper &SymReaper, CheckerContext &C) const;
};
} // end anonymous namespace
@@ -76,12 +80,32 @@
// FIXME: What if Origin is null?
const Expr *Origin = Call.getOriginExpr();
State = allocation_state::markReleased(State, *StrBufferPtr, Origin);
+ State = State->remove<RawPtrMap>(TypedR);
C.addTransition(State);
return;
}
}
}
+void DanglingInternalBufferChecker::checkDeadSymbols(SymbolReaper &SymReaper,
+ CheckerContext &C) const {
+ if (!SymReaper.hasDeadSymbols())
+ return;
+
+ ProgramStateRef State = C.getState();
+ RawPtrMapTy RPM = State->get<RawPtrMap>();
+ for (const auto Entry : RPM) {
+ if (SymReaper.isDead(Entry.second))
+ State = State->remove<RawPtrMap>(Entry.first);
+ if (!SymReaper.isLiveRegion(Entry.first))
+ // Due to incomplete destructor support, some dead regions might still
+ // remain in the program state map. Clean them up.
+ State = State->remove<RawPtrMap>(Entry.first);
+ }
+
+ C.addTransition(State);
+}
+
void ento::registerDanglingInternalBufferChecker(CheckerManager &Mgr) {
registerNewDeleteChecker(Mgr);
Mgr.registerChecker<DanglingInternalBufferChecker>();
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D47416.150625.patch
Type: text/x-patch
Size: 2100 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20180609/56c8ccc0/attachment-0001.bin>
More information about the cfe-commits
mailing list