Re: [PATCH] D11832: [Patch] [Analyzer] false positive: Potential leak connected with memcpy (PR 22954)

Devin Coughlin via cfe-commits Thu, 13 Aug 2015 18:14:48 -0700

dcoughlin added a comment.

I'm still looking at this. Higher-level comments coming soon.



================
Comment at: lib/StaticAnalyzer/Core/RegionStore.cpp:1110
@@ +1109,3 @@
+      assert(RO.getOffset() >= 0 && "Offset should not be negative");
+      uint64_t LowerOffset = RO.getOffset();
+      uint64_t UpperOffset = LowerOffset + *NumElements * ElemSize;
----------------
R0.getOffset() will assert if R0 is a symbolic region offset. This can happen 
if the invalidated array is itself in an array (e.g., someOtherArray[i].array) 
or is in a union.

================
Comment at: lib/StaticAnalyzer/Core/RegionStore.cpp:1118
@@ +1117,3 @@
+               ++I) {
+            uint64_t ROffset = I.getKey().getOffset();
+            if (ROffset >= LowerOffset && ROffset <= UpperOffset)
----------------
getOffset() here will assert also if there is any key with a symbolic offset in 
SuperR.

================
Comment at: lib/StaticAnalyzer/Core/RegionStore.cpp:1119
@@ +1118,3 @@
+            uint64_t ROffset = I.getKey().getOffset();
+            if (ROffset >= LowerOffset && ROffset <= UpperOffset)
+              B = B.removeBinding(I.getKey());
----------------
Should this be ROffset < UpperOffset?


http://reviews.llvm.org/D11832



_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

Re: [PATCH] D11832: [Patch] [Analyzer] false positive: Potential leak connected with memcpy (PR 22954)

Reply via email to