================
Comment at: lib/StaticAnalyzer/Core/ExprEngine.cpp:579-580
@@ +578,4 @@
+ // dont run destructor.
+ if (!ArgVal.isUnknown() &&
+ State->isNull(ArgVal).isConstrainedTrue()) {
+ StmtNodeBuilder Bldr(Pred, Dst, *currBldrCtx);
----------------
The isUnknown() is redundant here...if it's unknown, `isNull` won't result in a
known-true outcome.
================
Comment at: lib/StaticAnalyzer/Core/ExprEngine.cpp:586
@@ +585,3 @@
+ VisitCXXDestructor(DE->getDestroyedType(),
+ ArgVal.getAsRegion(),
+ DE, /*IsBase=*/ false,
----------------
Since this might be NULL, we should still fix up VisitCXXDestructor to use
UnknownVal instead of unconditionally using a loc::MemRegionVal.
================
Comment at: lib/StaticAnalyzer/Checkers/MallocChecker.cpp:1793-1796
@@ -1792,3 +1792,6 @@
- if (isReleased(Sym, C)) {
+ // FIXME: In case of double delete of class instance. The call to destructor
+ // on second delete result in use of memory after free but doesn't correspond
+ // to any stmt. Currently skipping through handle the same.
+ if (isReleased(Sym, C) && S) {
ReportUseAfterFree(C, S->getSourceRange(), Sym);
----------------
Anna's right here; if we don't have a statement, we can just pass an invalid
source range, or perhaps change the argument to ReportUseAfterFree to be an
Optional<SourceRange>.
http://llvm-reviews.chandlerc.com/D1594
_______________________________________________
cfe-commits mailing list
[email protected]
http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
