[PATCH] D98726: [analyzer] Enabling MallocChecker to take up after SmartPtrModelling
Deep Majumder via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Wed Apr 28 06:50:23 PDT 2021
RedDocMD added a comment.
In D98726#2721228 <https://reviews.llvm.org/D98726#2721228>, @NoQ wrote:
>> when the visitor encounters an `ExplodedNode`
>
> Weird. `finalizeVisitor()` accepts not any node but the error node. Your screenshot suggests that the error node is not in the standard library but in user code. Might it be that there are multiple error nodes and you're looking at the wrong one? As usual, you can set conditional breakpoints by node IDs.
Okay no you are right. I was looking at the wrong error node. There are two. Lets take the following code:
#include <memory>
int foo() {
std::unique_ptr<int> P(new int(10));
int *raw = new int(13);
int b = *raw;
return b;
}
There is clearly a leak but that is getting squelched. Now for the two error nodes:
- This is the error node we expect, it points to our source code.
F16513445: Screenshot 2021-04-28 at 19-14-34 Screenshot.png <https://reviews.llvm.org/F16513445>
- This is another error, somewhere in the `unique_ptr.h` file.
F16513472: Screenshot 2021-04-28 at 19-15-04 Screenshot.png <https://reviews.llvm.org/F16513472>
The second one is the one that causes the first one to get squelched. I suppose how this point was reached was due to the `StaticAnalyzer` trying to reason about the destructor of `unique_ptr`, which is implicitly called in at the end of the function.
For reference, here <https://termbin.com/q1v0> is the dot file for the exploded graph dump.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D98726/new/
https://reviews.llvm.org/D98726
More information about the cfe-commits
mailing list