[cfe-dev] Potentially expensive analysis for missing `[]` in delete expression

[Ismail Pazarbasi]

On Fri, Jul 18, 2014 at 12:43 AM, Ismail Pazarbasi
<ismail.pazarbasi at gmail.com> wrote:
> On Tue, Jul 8, 2014 at 11:34 PM, Jordan Rose <jordan_rose at apple.com> wrote:
>> The static analyzer does have this check:
>>
>> <stdin>:3:5: warning: Memory allocated by 'new[]' should be deallocated by
>>       'delete[]', not 'delete'
>>     delete a;
>>     ^~~~~~~~
>>
>> ...but only if it can see both the allocation and deallocation sites in the
>> same path.
>>
>> Jordan
>>
>
> Jordan,
>
> I am trying to make my patch submission-ready. If I try to diagnose
> this case in frontend and issue a warning on the problematic line,
> analyzer doesn't issue anything, as far as I can see. I ran tests, and
> it failed in test/Analysis/MismatchedDeallocator-path-notes.cpp:
> % clang -cc1 -analyze
> -analyzer-checker=core,unix.MismatchedDeallocator
> -analyzer-output=text MismatchedDeallocator-path-notes.cpp
> MismatchedDeallocator-path-notes.cpp:10:3: warning: 'delete' applied
> to a pointer that was allocated with 'new[]' treated as 'delete[]'
>   delete p; // expected-warning {{Memory allocated by 'new[]' should
> be deallocated by 'delete[]', not 'delete'}}
>   ^      ~
>         []
> MismatchedDeallocator-path-notes.cpp:7:12: note: allocated with 'new[]' here
>   int *p = new int[1];  // expected-note {{allocated with 'new[]' here}}
>            ^
> 1 warning generated.
>
> With my patch, frontend issues a new warning at line 10, and this
> prevents analyzer to issue its own. Presumably, this is a known
> behavior of the analyzer. What can I do in this case? Does disabling
> my warning in analyzer tests make sense?
>
> Ismail
The reason analyzer doesn't issue its warning is because my patch
causes delete expression to be treated as 'delete[]'.