From b1dbf158db83b2b630621fa856a54c65d64e8632 Mon Sep 17 00:00:00 2001 From: Ted Kremenek Date: Thu, 19 Feb 2009 18:18:48 +0000 Subject: [PATCH] retain/release checker: Fix crasher when the leak site is the same expression that allocates an object. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65047 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/Analysis/CFRefCount.cpp | 32 ++++++++++++++++++++------------ 1 file changed, 20 insertions(+), 12 deletions(-) diff --git a/lib/Analysis/CFRefCount.cpp b/lib/Analysis/CFRefCount.cpp index 939e20a02d..c86b960af1 100644 --- a/lib/Analysis/CFRefCount.cpp +++ b/lib/Analysis/CFRefCount.cpp @@ -2586,7 +2586,6 @@ CFRefLeakReport::getEndPath(BugReporter& br, const ExplodedNode* EndN){ while (LeakN) { ProgramPoint P = LeakN->getLocation(); - if (const PostStmt *PS = dyn_cast(&P)) S = PS->getStmt(); @@ -2597,18 +2596,27 @@ CFRefLeakReport::getEndPath(BugReporter& br, const ExplodedNode* EndN){ // Scan 'S' for uses of Sym. GRStateRef state(LeakN->getState(), BR.getStateManager()); bool foundSymbol = false; - - for (Stmt::child_iterator I=S->child_begin(), E=S->child_end(); - I!=E; ++I) - if (Expr *Ex = dyn_cast_or_null(*I)) { - SVal X = state.GetSVal(Ex); - if (isa(X) && - cast(X).getSymbol() == Sym){ - foundSymbol = true; - break; + + // First check if 'S' itself binds to the symbol. + if (Expr *Ex = dyn_cast(S)) { + SVal X = state.GetSVal(Ex); + if (isa(X) && + cast(X).getSymbol() == Sym) + foundSymbol = true; + } + + if (!foundSymbol) + for (Stmt::child_iterator I=S->child_begin(), E=S->child_end(); + I!=E; ++I) + if (Expr *Ex = dyn_cast_or_null(*I)) { + SVal X = state.GetSVal(Ex); + if (isa(X) && + cast(X).getSymbol() == Sym){ + foundSymbol = true; + break; + } } - } - + if (foundSymbol) break; }