NoQ added a comment.
Nice, thanks.
================
Comment at: lib/StaticAnalyzer/Checkers/MallocChecker.cpp:662-676
if (Family == AF_Malloc && CheckAlloc) {
if (FunI == II_malloc || FunI == II_realloc || FunI == II_reallocf ||
FunI == II_calloc || FunI == II_valloc || FunI == II_strdup ||
FunI == II_win_strdup || FunI == II_strndup || FunI == II_wcsdup ||
FunI == II_win_wcsdup || FunI == II_kmalloc ||
FunI == II_g_malloc || FunI == II_g_malloc0 ||
FunI == II_g_realloc || FunI == II_g_try_malloc ||
----------------
These lists are getting long, i guess they should be refactored into a simple
`II` -> `Kind` pointer map lookup eventually.
================
Comment at: lib/StaticAnalyzer/Checkers/MallocChecker.cpp:890-891
State = ProcessZeroAllocation(C, CE, 1, State);
- } else if (FunI == II_free || FunI == II_g_free) {
+ } else if (FunI == II_recallocarray) {
+ State = CallocMem(C, CE, State, true);
+ State = ProcessZeroAllocation(C, CE, 0, State);
----------------
The moved array is not all zeros, just the new part, right? It should be more
accurate to realloc() here. Not sure if we actually model realloc() by moving
memory contents (at least, i'm sure we're not modeling it perfectly). If we
simply invalidate the newly allocated region, it should be fine to simply
re-use `ReallocMemAux()` here. If we try to mark the newly added bytes as
uninitialized, then you might need to pass a flag to zero-initialize them
instead.
Repository:
rC Clang
https://reviews.llvm.org/D45149
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
