[PATCH] D41797: [analyzer] Suppress escape of this-pointer during construction.

Artem Dergachev via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Fri Jan 5 17:32:56 PST 2018 

NoQ created this revision.
NoQ added reviewers: dcoughlin, xazax.hun, a.sidorin, george.karpenkov, szepet.
Herald added subscribers: cfe-commits, rnkovacs.

This one's easy. Under `-analyzer-config c++-allocator-inlining=true`, since https://reviews.llvm.org/D41406, we've teached `MallocChecker` to use the new callback, `check::NewAllocator`, which fires between the end of the `operator new()` call and the beginning of the constructor call. Because the constructor call causes a pointer escape event, during which the pointer returned by `operator new()` immediately escapes, `MallocChecker` immediately loses track of the allocated symbol and becomes completely useless. In particular, `NewDeleteLeaks` suffers a lot.

I'm open to suggestions regarding whether we should suppress this sort of pointer escape on the checker side or globally.


Repository:
  rC Clang

https://reviews.llvm.org/D41797

Files:
  lib/StaticAnalyzer/Core/CallEvent.cpp
  test/Analysis/NewDeleteLeaks-PR19102.cpp


Index: test/Analysis/NewDeleteLeaks-PR19102.cpp
===================================================================
--- test/Analysis/NewDeleteLeaks-PR19102.cpp
+++ test/Analysis/NewDeleteLeaks-PR19102.cpp
@@ -1,4 +1,5 @@
 // RUN: %clang_analyze_cc1 -analyzer-checker=core,cplusplus.NewDeleteLeaks -verify %s
+// RUN: %clang_analyze_cc1 -analyzer-checker=core,cplusplus.NewDeleteLeaks -analyzer-config c++-allocator-inlining=true -verify %s
 
 class A0 {};
 
Index: lib/StaticAnalyzer/Core/CallEvent.cpp
===================================================================
--- lib/StaticAnalyzer/Core/CallEvent.cpp
+++ lib/StaticAnalyzer/Core/CallEvent.cpp
@@ -672,8 +672,13 @@
 
 void CXXConstructorCall::getExtraInvalidatedValues(ValueList &Values,
                            RegionAndSymbolInvalidationTraits *ETraits) const {
-  if (Data)
-    Values.push_back(loc::MemRegionVal(static_cast<const MemRegion *>(Data)));
+  if (Data) {
+    loc::MemRegionVal MV(static_cast<const MemRegion *>(Data));
+    if (SymbolRef Sym = MV.getAsSymbol(true))
+      ETraits->setTrait(Sym,
+                        RegionAndSymbolInvalidationTraits::TK_SuppressEscape);
+    Values.push_back(MV);
+  }
 }
 
 void CXXConstructorCall::getInitialStackFrameContents(


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D41797.128830.patch
Type: text/x-patch
Size: 1253 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20180106/83032eea/attachment.bin>

More information about the cfe-commits mailing list