[clang] [WIP] [analyzer] Refactor MallocChecker to use `BindExpr` in `evalCall` (PR #106081)
DonĂ¡t Nagy via cfe-commits
cfe-commits at lists.llvm.org
Tue Aug 27 09:02:34 PDT 2024
================
@@ -1854,28 +1945,27 @@ static ProgramStateRef MallocUpdateRefState(CheckerContext &C, const Expr *E,
// Get the return value.
if (!RetVal)
- RetVal = C.getSVal(E);
+ RetVal = State->getSVal(E, C.getLocationContext());
// We expect the malloc functions to return a pointer.
if (!RetVal->getAs<Loc>())
return nullptr;
SymbolRef Sym = RetVal->getAsLocSymbol();
- // This is a return value of a function that was not inlined, such as malloc()
- // or new(). We've checked that in the caller. Therefore, it must be a symbol.
- assert(Sym);
- // FIXME: In theory this assertion should fail for `alloca()` calls (because
- // `AllocaRegion`s are not symbolic); but in practice this does not happen.
+ // FIXME: Following if fails for `alloca()` calls (because
+ // `AllocaRegion`s are not symbolic);
// As the current code appears to work correctly, I'm not touching this issue
// now, but it would be good to investigate and clarify this.
// Also note that perhaps the special `AllocaRegion` should be replaced by
// `SymbolicRegion` (or turned into a subclass of `SymbolicRegion`) to enable
// proper tracking of memory allocated by `alloca()` -- and after that change
// this assertion would become valid again.
- // Set the symbol's state to Allocated.
- return State->set<RegionState>(Sym, RefState::getAllocated(Family, E));
+ if (Sym)
+ return State->set<RegionState>(Sym, RefState::getAllocated(Family, E));
+ else
----------------
NagyDonat wrote:
IIRC the convention is that we do not use "else" after return.
https://github.com/llvm/llvm-project/pull/106081
More information about the cfe-commits
mailing list