From: Ted Kremenek <kremenek@apple.com>
Date: Thu, 19 Feb 2009 18:18:48 +0000 (+0000)
Subject: retain/release checker: Fix crasher when the leak site is the same expression that...
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=b1dbf158db83b2b630621fa856a54c65d64e8632;p=clang
retain/release checker: Fix crasher when the leak site is the same expression that allocates an object.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65047 91177308-0d34-0410-b5e6-96231b3b80d8
---
diff --git a/lib/Analysis/CFRefCount.cpp b/lib/Analysis/CFRefCount.cpp
index 939e20a02d..c86b960af1 100644
--- a/lib/Analysis/CFRefCount.cpp
+++ b/lib/Analysis/CFRefCount.cpp
@@ -2586,7 +2586,6 @@ CFRefLeakReport::getEndPath(BugReporter& br, const ExplodedNode<GRState>* EndN){
while (LeakN) {
ProgramPoint P = LeakN->getLocation();
-
if (const PostStmt *PS = dyn_cast<PostStmt>(&P))
S = PS->getStmt();
@@ -2597,18 +2596,27 @@ CFRefLeakReport::getEndPath(BugReporter& br, const ExplodedNode<GRState>* EndN){
// Scan 'S' for uses of Sym.
GRStateRef state(LeakN->getState(), BR.getStateManager());
bool foundSymbol = false;
-
- for (Stmt::child_iterator I=S->child_begin(), E=S->child_end();
- I!=E; ++I)
- if (Expr *Ex = dyn_cast_or_null<Expr>(*I)) {
- SVal X = state.GetSVal(Ex);
- if (isa<loc::SymbolVal>(X) &&
- cast<loc::SymbolVal>(X).getSymbol() == Sym){
- foundSymbol = true;
- break;
+
+ // First check if 'S' itself binds to the symbol.
+ if (Expr *Ex = dyn_cast<Expr>(S)) {
+ SVal X = state.GetSVal(Ex);
+ if (isa<loc::SymbolVal>(X) &&
+ cast<loc::SymbolVal>(X).getSymbol() == Sym)
+ foundSymbol = true;
+ }
+
+ if (!foundSymbol)
+ for (Stmt::child_iterator I=S->child_begin(), E=S->child_end();
+ I!=E; ++I)
+ if (Expr *Ex = dyn_cast_or_null<Expr>(*I)) {
+ SVal X = state.GetSVal(Ex);
+ if (isa<loc::SymbolVal>(X) &&
+ cast<loc::SymbolVal>(X).getSymbol() == Sym){
+ foundSymbol = true;
+ break;
+ }
}
- }
-
+
if (foundSymbol)
break;
}