From 806486c7818ece98a00fb0ed988b2a3dd982f5c4 Mon Sep 17 00:00:00 2001 From: Artem Dergachev Date: Fri, 4 May 2018 21:56:51 +0000 Subject: [analyzer] pr18953: Split C++ zero-initialization from default initialization. The bindDefault() API of the ProgramState allows setting a default value for reads from memory regions that were not preceded by writes. It was used for implementing C++ zeroing constructors (i.e. default constructors that boil down to setting all fields of the object to 0). Because differences between zeroing consturctors and other forms of default initialization have been piling up (in particular, zeroing constructors can be called multiple times over the same object, probably even at the same offset, requiring a careful and potentially slow cleanup of previous bindings in the RegionStore), we split the API in two: bindDefaultInitial() for modeling initial values and bindDefaultZero() for modeling zeroing constructors. This fixes a few assertion failures from which the investigation originated. The imperfect protection from both inability of the RegionStore to support binding extents and lack of information in ASTRecordLayout has been loosened because it's, well, imperfect, and it is unclear if it fixing more than it was breaking. Differential Revision: https://reviews.llvm.org/D46368 llvm-svn: 331561 --- clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp') diff --git a/clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp index 8fb255c4232..31fd70ed449 100644 --- a/clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp +++ b/clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp @@ -1273,7 +1273,7 @@ ProgramStateRef MallocChecker::MallocMemAux(CheckerContext &C, State = State->BindExpr(CE, C.getLocationContext(), RetVal); // Fill the region with the initialization value. - State = State->bindDefault(RetVal, Init, LCtx); + State = State->bindDefaultInitial(RetVal, Init, LCtx); // Set the region's extent equal to the Size parameter. const SymbolicRegion *R = -- cgit v1.2.3