[PATCH] D75432: [analyzer][NFC][MallocChecker] Convert many parameters into CallEvent

Valeriy Savchenko via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Wed May 20 08:10:52 PDT 2020


vsavchenko added a comment.

Hi, @Szelethus, I don't know exactly which of the changes (this one, https://reviews.llvm.org/D75430, or https://reviews.llvm.org/D75431) causes a crash on SQLite, but it's definitely one of these.

**Steps to reproduce**

  clang -cc1 -Wdeprecated-objc-isa-usage -Werror=deprecated-objc-isa-usage -Werror=implicit-function-declaration -analyze -disable-free -main-file-name sqlite3.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=osx -analyzer-checker=security.insecureAPI.decodeValueOfObjCType -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -analyzer-config-compatibility-mode=true -mrelocation-model pic -pic-level 2 -mthread-model posix -mframe-pointer=all -fno-strict-return -fno-rounding-math -munwind-tables -faligned-alloc-unavailable -target-cpu core2 -dwarf-column-info -target-linker-version 556.6 -Wno-reorder-init-list -Wno-implicit-int-float-conversion -Wno-c99-designator -Wno-final-dtor-non-final-class -Wno-extra-semi-stmt -Wno-misleading-indentation -Wno-quoted-include-in-framework-header -Wno-implicit-fallthrough -Wno-enum-enum-conversion -Wno-enum-float-conversion -ferror-limit 19 -stack-protector 1 -fblocks -fencode-extended-block-signature -fregister-global-dtors-with-atexit -fgnuc-version=4.2.1 -fmax-type-align=16 -analyzer-checker=alpha.unix.SimpleStream,alpha.security.taint,cplusplus.NewDeleteLeaks,core,cplusplus,deadcode,security,unix,osx,nullability -analyzer-config serialize-stats=true,stable-report-filename=true -x c sqlite3-258aa5.c

**Output**

  Assertion failed: (FromPtr && ToPtr && "By this point, FreeMemAux and MallocMemAux should have checked " "whether the argument or the return value is symbolic!"), function ReallocMemAux, file /Users/vsavchenko/source/llvm-project/clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp, line 2409.

Attached file is the exact version of SQLite source code to reproduce the issue: F11965188: sqlite3-258aa5.c <https://reviews.llvm.org/F11965188>


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D75432/new/

https://reviews.llvm.org/D75432





More information about the cfe-commits mailing list