[PATCH] [StaticAnalyzer]Handle Destructor call generated by C++ delete expr
Jordan Rose
jordan_rose at apple.com
Fri Sep 20 18:49:22 PDT 2013
Came up with two more missing tests:
```
NoReturnDtor *fooArray = 0;
delete[] fooArray; // should not call destructor, checked below
clang_analyzer_eval(true); // expected-warning{{TRUE}}
```
```
NoReturnDtor *p = new NoReturnDtor[2];
delete[] p; // Calls the base destructor which aborts, checked below
clang_analyzer_eval(true); // no warn
```
The first one works, but the second one doesn't. I know our array handling is weak, but we should probably still understand why. Is it a CFG issue?
================
Comment at: lib/StaticAnalyzer/Core/ExprEngine.cpp:580
@@ +579,3 @@
+ if (State->isNull(ArgVal).isConstrainedTrue()) {
+ QualType DTy = DE->getDestroyedType();
+ const CXXDestructorDecl *Dtor = DTy->getAsCXXRecordDecl()->getDestructor();
----------------
This is now missing the part that drills down to the base element. Since we don't care about qualifiers, we can just use getBaseElementTypeUnsafe. (No one's actually checking that all PostImplicitCalls have a valid decl, but they probably should.)
http://llvm-reviews.chandlerc.com/D1594
More information about the cfe-commits
mailing list