rnkovacs added a comment. > Return value of `dyn_cast_or_null` should be checked before use. Otherwise we > may put a null pointer into the map as a key and eventually crash in > `checkDeadSymbols`.
Hm, so with the last `CallDescription` patch we removed some code here that essentially checked if the same region was null before this cast, which means two things: a) in the previous version it probably should have been a `dyn_cast` instead of `dyn_cast_or_null`, but now that makes it accidentally fine, and b) I should have thought about this when that code was removed. > Reka: Why did we restrict ourselves to `TypedValueRegions` here? While we are > mostly interested in local string variables and temporaries, which would of > course be typed, i guess there's nothing that prevents us from checking that > we don't `delete` or mutate a string in a `SymbolicRegion` somewhere between > obtaining and using its inner pointer. I think the reason is that previously `CallDescription`s didn't match fully qualified function names and the type was needed to see if the object was a `string`. Repository: rC Clang https://reviews.llvm.org/D51385 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
