[clang] [analyzer] Use AllocaRegion in MallocChecker (PR #72402)
Artem Dergachev via cfe-commits
cfe-commits at lists.llvm.org
Wed Nov 15 13:07:17 PST 2023
================
@@ -266,13 +266,18 @@ void CheckUseZeroAllocated1(void) {
}
char CheckUseZeroAllocated2(void) {
+ // FIXME: The return value of `alloca()` is modeled with `AllocaRegion`
+ // instead of `SymbolicRegion`, so the current implementation of
+ // `MallocChecker::checkUseZeroAllocated()` cannot handle it; and we get an
+ // unrelated, but suitable warning from core.uninitialized.UndefReturn.
char *p = alloca(0);
- return *p; // expected-warning {{Use of memory allocated with size zero}}
+ return *p; // expected-warning {{Undefined or garbage value returned to caller}}
----------------
haoNoQ wrote:
So we'd have no warning in case of
```c++
char CheckUseZeroAllocatedAndInitialized(void) {
char *p = alloca(0);
*p = 4;
return *p;
}
```
? Might be worth testing.
(It's probably not hard to fix it as well? It's not like `AllocaRegion` is special when it comes to being able to carry dynamic extent?)
https://github.com/llvm/llvm-project/pull/72402
More information about the cfe-commits
mailing list