[cfe-commits] r128611 - in /cfe/trunk: lib/StaticAnalyzer/Core/CXXExprEngine.cpp test/Analysis/misc-ps-region-store.cpp

[Ted Kremenek]

Author: kremenek
Date: Wed Mar 30 23:04:48 2011
New Revision: 128611

URL: http://llvm.org/viewvc/llvm-project?rev=128611&view=rev
Log:
Teach static analyzer about the basics of handling new[].  We still don't simulate constructors, but at least the analyzer doesn't think the return value is uninitialized.

Modified:
    cfe/trunk/lib/StaticAnalyzer/Core/CXXExprEngine.cpp
    cfe/trunk/test/Analysis/misc-ps-region-store.cpp

Modified: cfe/trunk/lib/StaticAnalyzer/Core/CXXExprEngine.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/CXXExprEngine.cpp?rev=128611&r1=128610&r2=128611&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Core/CXXExprEngine.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Core/CXXExprEngine.cpp Wed Mar 30 23:04:48 2011
@@ -199,20 +199,23 @@
 
 void ExprEngine::VisitCXXNewExpr(const CXXNewExpr *CNE, ExplodedNode *Pred,
                                    ExplodedNodeSet &Dst) {
-  if (CNE->isArray()) {
-    // FIXME: allocating an array has not been handled.
-    return;
-  }
-
+  
   unsigned Count = Builder->getCurrentBlockCount();
   DefinedOrUnknownSVal symVal =
     svalBuilder.getConjuredSymbolVal(NULL, CNE, CNE->getType(), Count);
-  const MemRegion *NewReg = cast<loc::MemRegionVal>(symVal).getRegion();
-
+  const MemRegion *NewReg = cast<loc::MemRegionVal>(symVal).getRegion();  
   QualType ObjTy = CNE->getType()->getAs<PointerType>()->getPointeeType();
-
   const ElementRegion *EleReg = 
-                         getStoreManager().GetElementZeroRegion(NewReg, ObjTy);
+    getStoreManager().GetElementZeroRegion(NewReg, ObjTy);
+
+  if (CNE->isArray()) {
+    // FIXME: allocating an array requires simulating the constructors.
+    // For now, just return a symbolicated region.
+    const GRState *state = GetState(Pred);
+    state = state->BindExpr(CNE, loc::MemRegionVal(EleReg));
+    MakeNode(Dst, CNE, Pred, state);
+    return;
+  }
 
   // Evaluate constructor arguments.
   const FunctionProtoType *FnType = NULL;

Modified: cfe/trunk/test/Analysis/misc-ps-region-store.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/misc-ps-region-store.cpp?rev=128611&r1=128610&r2=128611&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/misc-ps-region-store.cpp (original)
+++ cfe/trunk/test/Analysis/misc-ps-region-store.cpp Wed Mar 30 23:04:48 2011
@@ -255,4 +255,12 @@
   return false;
 }
 
+// Test handling of new[].
+void rdar9212512() {
+  int *x = new int[10];
+  for (unsigned i = 0 ; i < 2 ; ++i) {
+    // This previously triggered an uninitialized values warning.
+    x[i] = 1;  // no-warning
+  }
+}