dnrops
/
clang
mirror of https://github.com/microsoft/clang.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[analyzer] operator new: Fix path diagnostics around the operator call. 

Implements finding appropriate source locations for intermediate diagnostic
pieces in path-sensitive bug reports that need to descend into an inlined
operator new() call that was called via new-expression. The diagnostics have
worked correctly when operator new() was called "directly".

Differential Revision: https://reviews.llvm.org/D41409
rdar://problem/12180598


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@322791 91177308-0d34-0410-b5e6-96231b3b80d8
This commit is contained in:
Artem Dergachev 2018-01-18 00:10:21 +00:00
parent 549b9af49d
commit a86510b134
2 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/StaticAnalyzer/Core/PathDiagnostic.cpp
View File

@ -574,8 +574,11 @@ getLocationForCaller(const StackFrameContext *SFC,
return PathDiagnosticLocation::createEnd(CallerBody, SM, CallerCtx);
return PathDiagnosticLocation::create(CallerInfo->getDecl(), SM);
}
case CFGElement::NewAllocator: {
const CFGNewAllocator &Alloc = Source.castAs<CFGNewAllocator>();
return PathDiagnosticLocation(Alloc.getAllocatorExpr(), SM, CallerCtx);
}
case CFGElement::TemporaryDtor:
case CFGElement::NewAllocator:
llvm_unreachable("not yet implemented!");
case CFGElement::LifetimeEnds:
case CFGElement::LoopExit:

11
test/Analysis/new-ctor-malloc.cpp
View File

@ -1,4 +1,4 @@
// RUN: %clang_analyze_cc1 -analyzer-checker=core,debug.ExprInspection,unix.Malloc -analyzer-config c++-allocator-inlining=true -std=c++11 -verify %s
// RUN: %clang_analyze_cc1 -analyzer-checker=core,debug.ExprInspection,unix.Malloc -analyzer-config c++-allocator-inlining=true -analyzer-output=text -std=c++11 -verify %s
void clang_analyzer_eval(bool);
@ -7,12 +7,15 @@ typedef __typeof__(sizeof(int)) size_t;
void *malloc(size_t size);
void *operator new(size_t size) throw() {
void *x = malloc(size);
if (!x)
void *x = malloc(size); // expected-note {{Memory is allocated}}
if (!x) // expected-note {{Assuming 'x' is non-null}}
// expected-note@-1 {{Taking false branch}}
return nullptr;
return x;
}
void checkNewAndConstructorInlining() {
int *s = new int;
int *s = new int; // expected-note {{Calling 'operator new'}}
// expected-note@-1{{Returning from 'operator new'}}
} // expected-warning {{Potential leak of memory pointed to by 's'}}
// expected-note@-1 {{Potential leak of memory pointed to by 's'}}