[cfe-commits] r159160 - in /cfe/trunk: include/clang/StaticAnalyzer/Core/PathSensitive/ObjCMessage.h lib/StaticAnalyzer/Checkers/MallocChecker.cpp test/Analysis/new.cpp
Jordan Rose
jordan_rose at apple.com
Mon Jun 25 13:48:28 PDT 2012
Author: jrose
Date: Mon Jun 25 15:48:28 2012
New Revision: 159160
URL: http://llvm.org/viewvc/llvm-project?rev=159160&view=rev
Log:
[analyzer] Be careful about implicitly-declared operator new/delete. (PR13090)
The implicit global allocation functions do not have valid source locations,
but we still want to treat them as being "system header" functions for the
purposes of how they affect program state.
Modified:
cfe/trunk/include/clang/StaticAnalyzer/Core/PathSensitive/ObjCMessage.h
cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
cfe/trunk/test/Analysis/new.cpp
Modified: cfe/trunk/include/clang/StaticAnalyzer/Core/PathSensitive/ObjCMessage.h
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/StaticAnalyzer/Core/PathSensitive/ObjCMessage.h?rev=159160&r1=159159&r2=159160&view=diff
==============================================================================
--- cfe/trunk/include/clang/StaticAnalyzer/Core/PathSensitive/ObjCMessage.h (original)
+++ cfe/trunk/include/clang/StaticAnalyzer/Core/PathSensitive/ObjCMessage.h Mon Jun 25 15:48:28 2012
@@ -199,10 +199,16 @@
/// Check if the callee is declared in the system header.
bool isInSystemHeader() const {
- if (const Decl *FD = getDecl()) {
+ if (const Decl *D = getDecl()) {
const SourceManager &SM =
State->getStateManager().getContext().getSourceManager();
- return SM.isInSystemHeader(FD->getLocation());
+ SourceLocation Loc = D->getLocation();
+ // Be careful: the implicit declarations of operator new/delete have
+ // invalid source locations but should still count as system files.
+ if (Loc.isValid())
+ return SM.isInSystemHeader(D->getLocation());
+ else if (const FunctionDecl *FD = dyn_cast<FunctionDecl>(D))
+ return FD->isOverloadedOperator() && FD->isImplicit() && FD->isGlobal();
}
return false;
}
Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp?rev=159160&r1=159159&r2=159160&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp Mon Jun 25 15:48:28 2012
@@ -1338,8 +1338,7 @@
}
// If it's not a system call, assume it frees memory.
- SourceManager &SM = ASTC.getSourceManager();
- if (!SM.isInSystemHeader(D->getLocation()))
+ if (!Call->isInSystemHeader())
return false;
// Process C/ObjC functions.
Modified: cfe/trunk/test/Analysis/new.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/new.cpp?rev=159160&r1=159159&r2=159160&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/new.cpp (original)
+++ cfe/trunk/test/Analysis/new.cpp Mon Jun 25 15:48:28 2012
@@ -5,6 +5,21 @@
typedef typeof(sizeof(int)) size_t;
extern "C" void *malloc(size_t);
+int someGlobal;
+void testImplicitlyDeclaredGlobalNew() {
+ if (someGlobal != 0)
+ return;
+
+ // This used to crash because the global operator new is being implicitly
+ // declared and it does not have a valid source location. (PR13090)
+ void *x = ::operator new(0);
+ ::operator delete(x);
+
+ // Check that the new/delete did not invalidate someGlobal;
+ clang_analyzer_eval(someGlobal == 0); // expected-warning{{TRUE}}
+}
+
+
// This is the standard placement new.
inline void* operator new(size_t, void* __p) throw()
{
More information about the cfe-commits
mailing list