r322795 - [analyzer] Suppress "this" pointer escape during construction.
Artem Dergachev via cfe-commits
cfe-commits at lists.llvm.org
Wed Jan 17 16:44:41 PST 2018
Author: dergachev
Date: Wed Jan 17 16:44:41 2018
New Revision: 322795
URL: http://llvm.org/viewvc/llvm-project?rev=322795&view=rev
Log:
[analyzer] Suppress "this" pointer escape during construction.
Pointer escape event notifies checkers that a pointer can no longer be reliably
tracked by the analyzer. For example, if a pointer is passed into a function
that has no body available, or written into a global, MallocChecker would
no longer report memory leaks for such pointer.
In case of operator new() under -analyzer-config c++-allocator-inlining=true,
MallocChecker would start tracking the pointer allocated by operator new()
only to immediately meet a pointer escape event notifying the checker that the
pointer has escaped into a constructor (assuming that the body of the
constructor is not available) and immediately stop tracking it. Even though
it is theoretically possible for such constructor to put "this" into
a global container that would later be freed, we prefer to preserve the old
behavior of MallocChecker, i.e. a memory leak warning, in order to
be able to find any memory leaks in C++ at all. In fact, c++-allocator-inlining
*reduces* the amount of false positives coming from this-pointers escaping in
constructors, because it'd be able to inline constructors in some cases.
With other checkers working similarly, we simply suppress the escape event for
this-value of the constructor, regardless of analyzer options.
Differential Revision: https://reviews.llvm.org/D41797
rdar://problem/12180598
Modified:
cfe/trunk/lib/StaticAnalyzer/Core/CallEvent.cpp
cfe/trunk/test/Analysis/NewDeleteLeaks-PR19102.cpp
Modified: cfe/trunk/lib/StaticAnalyzer/Core/CallEvent.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/CallEvent.cpp?rev=322795&r1=322794&r2=322795&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Core/CallEvent.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Core/CallEvent.cpp Wed Jan 17 16:44:41 2018
@@ -672,8 +672,13 @@ SVal CXXConstructorCall::getCXXThisVal()
void CXXConstructorCall::getExtraInvalidatedValues(ValueList &Values,
RegionAndSymbolInvalidationTraits *ETraits) const {
- if (Data)
- Values.push_back(loc::MemRegionVal(static_cast<const MemRegion *>(Data)));
+ if (Data) {
+ loc::MemRegionVal MV(static_cast<const MemRegion *>(Data));
+ if (SymbolRef Sym = MV.getAsSymbol(true))
+ ETraits->setTrait(Sym,
+ RegionAndSymbolInvalidationTraits::TK_SuppressEscape);
+ Values.push_back(MV);
+ }
}
void CXXConstructorCall::getInitialStackFrameContents(
Modified: cfe/trunk/test/Analysis/NewDeleteLeaks-PR19102.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/NewDeleteLeaks-PR19102.cpp?rev=322795&r1=322794&r2=322795&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/NewDeleteLeaks-PR19102.cpp (original)
+++ cfe/trunk/test/Analysis/NewDeleteLeaks-PR19102.cpp Wed Jan 17 16:44:41 2018
@@ -1,4 +1,5 @@
// RUN: %clang_analyze_cc1 -analyzer-checker=core,cplusplus.NewDeleteLeaks -verify %s
+// RUN: %clang_analyze_cc1 -analyzer-checker=core,cplusplus.NewDeleteLeaks -analyzer-config c++-allocator-inlining=true -verify %s
class A0 {};
More information about the cfe-commits
mailing list