[cfe-commits] r166363 - in /cfe/trunk: lib/StaticAnalyzer/Core/ExprEngineCXX.cpp test/Analysis/new-with-exceptions.cpp

Jordan Rose jordan_rose at apple.com
Fri Oct 19 19:32:51 PDT 2012 

Author: jrose
Date: Fri Oct 19 21:32:51 2012
New Revision: 166363

URL: http://llvm.org/viewvc/llvm-project?rev=166363&view=rev
Log:
[analyzer] Assume 'new' never returns NULL if it could throw an exception.

This is actually required by the C++ standard in
[basic.stc.dynamic.allocation]p3:

  If an allocation function declared with a non-throwing
  exception-specification fails to allocate storage, it shall return a
  null pointer. Any other allocation function that fails to allocate
  storage shall indicate failure only by throwing an exception of a type
  that would match a handler of type std::bad_alloc.

We don't bother checking for the specific exception type, but just go off
the operator new prototype. This should help with a certain class of lazy
initalization false positives.

<rdar://problem/12115221>

Added:
    cfe/trunk/test/Analysis/new-with-exceptions.cpp
Modified:
    cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp

Modified: cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp?rev=166363&r1=166362&r2=166363&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp Fri Oct 19 21:32:51 2012
@@ -229,6 +229,18 @@
   // we should be using the usual pre-/(default-)eval-/post-call checks here.
   State = Call->invalidateRegions(blockCount);
 
+  // If we're compiling with exceptions enabled, and this allocation function
+  // is not declared as non-throwing, failures /must/ be signalled by
+  // exceptions, and thus the return value will never be NULL.
+  // C++11 [basic.stc.dynamic.allocation]p3.
+  FunctionDecl *FD = CNE->getOperatorNew();
+  if (FD && getContext().getLangOpts().CXXExceptions) {
+    QualType Ty = FD->getType();
+    if (const FunctionProtoType *ProtoType = Ty->getAs<FunctionProtoType>())
+      if (!ProtoType->isNothrow(getContext()))
+        State = State->assume(symVal, true);
+  }
+
   if (CNE->isArray()) {
     // FIXME: allocating an array requires simulating the constructors.
     // For now, just return a symbolicated region.
@@ -246,7 +258,6 @@
   // CXXNewExpr, we need to make sure that the constructed object is not
   // immediately invalidated here. (The placement call should happen before
   // the constructor call anyway.)
-  FunctionDecl *FD = CNE->getOperatorNew();
   if (FD && FD->isReservedGlobalPlacementOperator()) {
     // Non-array placement new should always return the placement location.
     SVal PlacementLoc = State->getSVal(CNE->getPlacementArg(0), LCtx);

Added: cfe/trunk/test/Analysis/new-with-exceptions.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/new-with-exceptions.cpp?rev=166363&view=auto
==============================================================================
--- cfe/trunk/test/Analysis/new-with-exceptions.cpp (added)
+++ cfe/trunk/test/Analysis/new-with-exceptions.cpp Fri Oct 19 21:32:51 2012
@@ -0,0 +1,71 @@
+// RUN: %clang_cc1 -analyze -analyzer-checker=core,debug.ExprInspection -analyzer-store region -std=c++11 -fexceptions -fcxx-exceptions -verify -DEXCEPTIONS %s
+// RUN: %clang_cc1 -analyze -analyzer-checker=core,debug.ExprInspection -analyzer-store region -std=c++11 -verify %s
+
+void clang_analyzer_eval(bool);
+
+typedef __typeof__(sizeof(int)) size_t;
+extern "C" void *malloc(size_t);
+
+// This is the standard placement new.
+inline void* operator new(size_t, void* __p) throw()
+{
+  return __p;
+}
+
+struct NoThrow {
+  void *operator new(size_t) throw();
+};
+
+struct NoExcept {
+  void *operator new(size_t) noexcept;
+};
+
+struct DefaultThrow {
+  void *operator new(size_t);
+};
+
+struct ExplicitThrow {
+  void *operator new(size_t) throw(int);
+};
+
+void testNew() {
+  clang_analyzer_eval(new NoThrow); // expected-warning{{UNKNOWN}}
+  clang_analyzer_eval(new NoExcept); // expected-warning{{UNKNOWN}}
+
+  clang_analyzer_eval(new DefaultThrow);
+  clang_analyzer_eval(new ExplicitThrow);
+#ifdef EXCEPTIONS
+  // expected-warning at -3 {{TRUE}}
+  // expected-warning at -3 {{TRUE}}
+#else
+  // expected-warning at -6 {{UNKNOWN}}
+  // expected-warning at -6 {{UNKNOWN}}
+#endif
+}
+
+void testNewArray() {
+  clang_analyzer_eval(new NoThrow[2]);
+  clang_analyzer_eval(new NoExcept[2]);
+  clang_analyzer_eval(new DefaultThrow[2]);
+  clang_analyzer_eval(new ExplicitThrow[2]);
+#ifdef EXCEPTIONS
+  // expected-warning at -5 {{TRUE}}
+  // expected-warning at -5 {{TRUE}}
+  // expected-warning at -5 {{TRUE}}
+  // expected-warning at -5 {{TRUE}}
+#else
+  // expected-warning at -10 {{UNKNOWN}}
+  // expected-warning at -10 {{UNKNOWN}}
+  // expected-warning at -10 {{UNKNOWN}}
+  // expected-warning at -10 {{UNKNOWN}}
+#endif
+}
+
+extern void *operator new[](size_t, int) noexcept;
+
+void testNewArrayNoThrow() {
+  clang_analyzer_eval(new (1) NoThrow[2]); // expected-warning{{UNKNOWN}}
+  clang_analyzer_eval(new (1) NoExcept[2]); // expected-warning{{UNKNOWN}}
+  clang_analyzer_eval(new (1) DefaultThrow[2]); // expected-warning{{UNKNOWN}}
+  clang_analyzer_eval(new (1) ExplicitThrow[2]); // expected-warning{{UNKNOWN}}
+}

More information about the cfe-commits mailing list