diff options
| author | Ismail Pazarbasi <ismail.pazarbasi@gmail.com> | 2015-09-22 19:33:15 +0000 |
|---|---|---|
| committer | Ismail Pazarbasi <ismail.pazarbasi@gmail.com> | 2015-09-22 19:33:15 +0000 |
| commit | d60db64e7dd4b430d74d883dfa8cb84c22c336c0 (patch) | |
| tree | cc31d47025ed6cf6beab9114796bb44c204b759d | |
| parent | 66aa3a7f9e250d623bf89e11c32b56c47f025676 (diff) | |
| download | bcm5719-llvm-d60db64e7dd4b430d74d883dfa8cb84c22c336c0.tar.gz bcm5719-llvm-d60db64e7dd4b430d74d883dfa8cb84c22c336c0.zip | |
Analyzer: Teach analyzer how to handle TypeTraitExpr
Summary:
`TypeTraitExpr`s are not supported by the ExprEngine today. Analyzer
creates a sink, and aborts the block. Therefore, certain bugs that
involve type traits intrinsics cannot be detected (see PR24710).
This patch creates boolean `SVal`s for `TypeTraitExpr`s, which are
evaluated by the compiler.
Test within the patch is a summary of PR24710.
Reviewers: zaks.anna, dcoughlin, krememek
Subscribers: cfe-commits
Differential Revision: http://reviews.llvm.org/D12482
llvm-svn: 248314
| -rw-r--r-- | clang/lib/StaticAnalyzer/Core/Environment.cpp | 1 | ||||
| -rw-r--r-- | clang/lib/StaticAnalyzer/Core/ExprEngine.cpp | 4 | ||||
| -rw-r--r-- | clang/lib/StaticAnalyzer/Core/SValBuilder.cpp | 5 | ||||
| -rw-r--r-- | clang/test/Analysis/dtor.cpp | 37 |
4 files changed, 44 insertions, 3 deletions
diff --git a/clang/lib/StaticAnalyzer/Core/Environment.cpp b/clang/lib/StaticAnalyzer/Core/Environment.cpp index 508f5d31196..d55858db576 100644 --- a/clang/lib/StaticAnalyzer/Core/Environment.cpp +++ b/clang/lib/StaticAnalyzer/Core/Environment.cpp @@ -90,6 +90,7 @@ SVal Environment::getSVal(const EnvironmentEntry &Entry, case Stmt::CXXNullPtrLiteralExprClass: case Stmt::ObjCStringLiteralClass: case Stmt::StringLiteralClass: + case Stmt::TypeTraitExprClass: // Known constants; defer to SValBuilder. return svalBuilder.getConstantVal(cast<Expr>(S)).getValue(); diff --git a/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp b/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp index 00d9c7a9616..0865189193d 100644 --- a/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp +++ b/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp @@ -756,7 +756,6 @@ void ExprEngine::Visit(const Stmt *S, ExplodedNode *Pred, case Stmt::MSPropertyRefExprClass: case Stmt::CXXUnresolvedConstructExprClass: case Stmt::DependentScopeDeclRefExprClass: - case Stmt::TypeTraitExprClass: case Stmt::ArrayTypeTraitExprClass: case Stmt::ExpressionTraitExprClass: case Stmt::UnresolvedLookupExprClass: @@ -902,7 +901,8 @@ void ExprEngine::Visit(const Stmt *S, ExplodedNode *Pred, case Stmt::CXXPseudoDestructorExprClass: case Stmt::SubstNonTypeTemplateParmExprClass: case Stmt::CXXNullPtrLiteralExprClass: - case Stmt::OMPArraySectionExprClass: { + case Stmt::OMPArraySectionExprClass: + case Stmt::TypeTraitExprClass: { Bldr.takeNodes(Pred); ExplodedNodeSet preVisit; getCheckerManager().runCheckersForPreStmt(preVisit, Pred, S, *this); diff --git a/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp b/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp index d853286d7fa..4f8ccd0329d 100644 --- a/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp +++ b/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp @@ -259,6 +259,11 @@ Optional<SVal> SValBuilder::getConstantVal(const Expr *E) { case Stmt::CXXBoolLiteralExprClass: return makeBoolVal(cast<CXXBoolLiteralExpr>(E)); + case Stmt::TypeTraitExprClass: { + const TypeTraitExpr *TE = cast<TypeTraitExpr>(E); + return makeTruthVal(TE->getValue(), TE->getType()); + } + case Stmt::IntegerLiteralClass: return makeIntVal(cast<IntegerLiteral>(E)); diff --git a/clang/test/Analysis/dtor.cpp b/clang/test/Analysis/dtor.cpp index bb1e6254fb7..c67722283ff 100644 --- a/clang/test/Analysis/dtor.cpp +++ b/clang/test/Analysis/dtor.cpp @@ -1,4 +1,4 @@ -// RUN: %clang_cc1 -analyze -analyzer-checker=core,unix.Malloc,debug.ExprInspection -analyzer-config c++-inlining=destructors,cfg-temporary-dtors=true -Wno-null-dereference -Wno-inaccessible-base -verify %s +// RUN: %clang_cc1 -analyze -analyzer-checker=core,unix.Malloc,debug.ExprInspection,cplusplus -analyzer-config c++-inlining=destructors,cfg-temporary-dtors=true -Wno-null-dereference -Wno-inaccessible-base -verify %s void clang_analyzer_eval(bool); void clang_analyzer_checkInlined(bool); @@ -505,3 +505,38 @@ namespace Incomplete { class Foo; // expected-note{{forward declaration}} void f(Foo *foo) { delete foo; } // expected-warning{{deleting pointer to incomplete type}} } + +namespace TypeTraitExpr { +template <bool IsSimple, typename T> +struct copier { + static void do_copy(T *dest, const T *src, unsigned count); +}; +template <typename T, typename U> +void do_copy(T *dest, const U *src, unsigned count) { + const bool IsSimple = __is_trivial(T) && __is_same(T, U); + copier<IsSimple, T>::do_copy(dest, src, count); +} +struct NonTrivial { + int *p; + NonTrivial() : p(new int[1]) { p[0] = 0; } + NonTrivial(const NonTrivial &other) { + p = new int[1]; + do_copy(p, other.p, 1); + } + NonTrivial &operator=(const NonTrivial &other) { + p = other.p; + return *this; + } + ~NonTrivial() { + delete[] p; // expected-warning {{free released memory}} + } +}; + +void f() { + NonTrivial nt1; + NonTrivial nt2(nt1); + nt1 = nt2; + clang_analyzer_eval(__is_trivial(NonTrivial)); // expected-warning{{FALSE}} + clang_analyzer_eval(__alignof(NonTrivial) > 0); // expected-warning{{TRUE}} +} +} |
