[clang] [WIP] [analyzer] Refactor MallocChecker to use `BindExpr` in `evalCall` (PR #106081)
Pavel Skripkin via cfe-commits
cfe-commits at lists.llvm.org
Wed Aug 28 01:53:50 PDT 2024
================
@@ -1736,6 +1816,25 @@ MallocChecker::MallocMemReturnsAttr(CheckerContext &C, const CallEvent &Call,
return MallocMemAux(C, Call, UnknownVal(), UndefinedVal(), State, Family);
}
+ProgramStateRef MallocChecker::MallocBindRetval(CheckerContext &C,
+ const CallEvent &Call,
+ ProgramStateRef State,
+ bool isAlloca) const {
+ const Expr *CE = Call.getOriginExpr();
+
+ // We expect the allocation functions to return a pointer.
+ if (!Loc::isLocType(CE->getType()))
+ return nullptr;
+
+ unsigned Count = C.blockCount();
+ SValBuilder &SVB = C.getSValBuilder();
+ const LocationContext *LCtx = C.getPredecessor()->getLocationContext();
+ DefinedSVal RetVal = (isAlloca ? SVB.getAllocaRegionVal(CE, LCtx, Count)
+ : SVB.getConjuredHeapSymbolVal(CE, LCtx, Count)
+ .castAs<DefinedSVal>());
----------------
pskrgag wrote:
Ignore previous comment... We can just cast `DefinedOrUnknownSVal` to `DefinedSVal` inside `getConjuredHeapSymbolVal`, since we sure there won't be FP number.
Will update the PR, thanks!
https://github.com/llvm/llvm-project/pull/106081
More information about the cfe-commits
mailing list