[cfe-commits] r160328 - in /cfe/trunk: lib/StaticAnalyzer/Core/ExprEngineC.cpp lib/StaticAnalyzer/Core/ExprEngineCXX.cpp test/Analysis/new.cpp

Jordan Rose jordan_rose at apple.com
Mon Jul 16 16:38:09 PDT 2012 

Author: jrose
Date: Mon Jul 16 18:38:09 2012
New Revision: 160328

URL: http://llvm.org/viewvc/llvm-project?rev=160328&view=rev
Log:
[analyzer] Handle new-expressions with initializers for scalars.

<rdar://problem/11818967>

Modified:
    cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineC.cpp
    cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp
    cfe/trunk/test/Analysis/new.cpp

Modified: cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineC.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineC.cpp?rev=160328&r1=160327&r2=160328&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineC.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineC.cpp Mon Jul 16 18:38:09 2012
@@ -571,18 +571,17 @@
                                    svalBuilder.makeCompoundVal(T, vals)));
     return;
   }
-  
-  if (Loc::isLocType(T) || T->isIntegerType()) {
-    assert(IE->getNumInits() == 1);
-    const Expr *initEx = IE->getInit(0);
-    B.generateNode(IE, Pred, state->BindExpr(IE, LCtx,
-                                             state->getSVal(initEx, LCtx)));
-    return;
-  }
 
-  assert(IE->getNumInits() == 1);
-  B.generateNode(IE, Pred, state->BindExpr(IE, LCtx, UnknownVal()));
-  return;
+  // Handle scalars: int{5} and int{}.
+  assert(NumInitElements <= 1);
+
+  SVal V;
+  if (NumInitElements == 0)
+    V = getSValBuilder().makeZeroVal(T);
+  else
+    V = state->getSVal(IE->getInit(0), LCtx);
+
+  B.generateNode(IE, Pred, state->BindExpr(IE, LCtx, V));
 }
 
 void ExprEngine::VisitGuardedExpr(const Expr *Ex,

Modified: cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp?rev=160328&r1=160327&r2=160328&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp Mon Jul 16 18:38:09 2012
@@ -136,6 +136,19 @@
     State = State->BindExpr(CNE, LCtx, symVal);
   }
 
+  // If the type is not a record, we won't have a CXXConstructExpr as an
+  // initializer. Copy the value over.
+  if (const Expr *Init = CNE->getInitializer()) {
+    if (!isa<CXXConstructExpr>(Init)) {
+      QualType ObjTy = CNE->getType()->getAs<PointerType>()->getPointeeType();
+      (void)ObjTy;
+      assert(!ObjTy->isRecordType());
+      SVal Location = State->getSVal(CNE, LCtx);
+      if (isa<Loc>(Location))
+        State = State->bindLoc(cast<Loc>(Location), State->getSVal(Init, LCtx));
+    }
+  }
+
   Bldr.generateNode(CNE, Pred, State);
 }
 

Modified: cfe/trunk/test/Analysis/new.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/new.cpp?rev=160328&r1=160327&r2=160328&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/new.cpp (original)
+++ cfe/trunk/test/Analysis/new.cpp Mon Jul 16 18:38:09 2012
@@ -1,8 +1,8 @@
-// RUN: %clang_cc1 -analyze -analyzer-checker=core,unix.Malloc,debug.ExprInspection -analyzer-store region -verify %s
+// RUN: %clang_cc1 -analyze -analyzer-checker=core,unix.Malloc,debug.ExprInspection -analyzer-store region -std=c++11 -verify %s
 
 void clang_analyzer_eval(bool);
 
-typedef typeof(sizeof(int)) size_t;
+typedef __typeof__(sizeof(int)) size_t;
 extern "C" void *malloc(size_t);
 
 int someGlobal;
@@ -59,23 +59,42 @@
   return y;
 }
 
+void testScalarInitialization() {
+  int *n = new int(3);
+  clang_analyzer_eval(*n == 3); // expected-warning{{TRUE}}
+
+  new (n) int();
+  clang_analyzer_eval(*n == 0); // expected-warning{{TRUE}}
+
+  new (n) int{3};
+  clang_analyzer_eval(*n == 3); // expected-warning{{TRUE}}
+
+  new (n) int{};
+  clang_analyzer_eval(*n == 0); // expected-warning{{TRUE}}
+}
+
 
 //--------------------------------
 // Incorrectly-modelled behavior
 //--------------------------------
 
-void testZeroInitialization() {
+int testNoInitialization() {
   int *n = new int;
 
   // Should warn that *n is uninitialized.
   if (*n) { // no-warning
+    return 0;
   }
+  return 1;
 }
 
-void testValueInitialization() {
-  int *n = new int(3);
+int testNoInitializationPlacement() {
+  int n;
+  new (&n) int;
 
-  // Should be TRUE (and have no uninitialized variable warning)
-  clang_analyzer_eval(*n == 3); // expected-warning{{UNKNOWN}}
+  // Should warn that n is uninitialized.
+  if (n) { // no-warning
+    return 0;
+  }
+  return 1;
 }
-

More information about the cfe-commits mailing list