From 7e3cda9744204d19e0691bcb473cac1529b5fadd Mon Sep 17 00:00:00 2001 From: Zhongxing Xu Date: Mon, 18 Jan 2010 03:27:34 +0000 Subject: [PATCH] If the symbol has not been tracked, do not free it. This is possible when free is called on a pointer that does not get its value directly from malloc. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@93706 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/Analysis/MallocChecker.cpp | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/Analysis/MallocChecker.cpp b/lib/Analysis/MallocChecker.cpp index fab73ee7b1..5bd27912e4 100644 --- a/lib/Analysis/MallocChecker.cpp +++ b/lib/Analysis/MallocChecker.cpp @@ -170,7 +170,12 @@ const GRState *MallocChecker::FreeMemAux(CheckerContext &C, const CallExpr *CE, assert(Sym); const RefState *RS = state->get(Sym); - assert(RS); + + // If the symbol has not been tracked, return. This is possible when free() is + // called on a pointer that does not get its pointee directly from malloc(). + // Full support of this requires inter-procedural analysis. + if (!RS) + return state; // Check double free. if (RS->isReleased()) { -- 2.40.0