From 333481b90b78713bce2eeed2f76a5c7e7c956812 Mon Sep 17 00:00:00 2001 From: Anna Zaks Date: Thu, 28 Mar 2013 23:15:29 +0000 Subject: [analyzer] Add support for escape of const pointers and use it to allow “newed” pointers to escape MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add a new callback that notifies checkers when a const pointer escapes. Currently, this only works for const pointers passed as a top level parameter into a function. We need to differentiate the const pointers escape from regular escape since the content pointed by const pointer will not change; if it’s a file handle, a file cannot be closed; but delete is allowed on const pointers. This should suppress several false positives reported by the NewDelete checker on llvm codebase. llvm-svn: 178310 --- clang/lib/StaticAnalyzer/Core/RegionStore.cpp | 29 +++++++++++++++++++-------- 1 file changed, 21 insertions(+), 8 deletions(-) (limited to 'clang/lib/StaticAnalyzer/Core/RegionStore.cpp') diff --git a/clang/lib/StaticAnalyzer/Core/RegionStore.cpp b/clang/lib/StaticAnalyzer/Core/RegionStore.cpp index b866a58d04e..08110dd3b93 100644 --- a/clang/lib/StaticAnalyzer/Core/RegionStore.cpp +++ b/clang/lib/StaticAnalyzer/Core/RegionStore.cpp @@ -371,6 +371,7 @@ public: InvalidatedSymbols &IS, const CallEvent *Call, ArrayRef ConstRegions, + InvalidatedSymbols &ConstIS, InvalidatedRegions *Invalidated); bool scanReachableSymbols(Store S, const MemRegion *R, @@ -882,6 +883,7 @@ class invalidateRegionsWorker : public ClusterAnalysis unsigned Count; const LocationContext *LCtx; InvalidatedSymbols &IS; + InvalidatedSymbols &ConstIS; StoreManager::InvalidatedRegions *Regions; public: invalidateRegionsWorker(RegionStoreManager &rm, @@ -890,13 +892,16 @@ public: const Expr *ex, unsigned count, const LocationContext *lctx, InvalidatedSymbols &is, + InvalidatedSymbols &inConstIS, StoreManager::InvalidatedRegions *r, bool includeGlobals) : ClusterAnalysis(rm, stateMgr, b, includeGlobals), - Ex(ex), Count(count), LCtx(lctx), IS(is), Regions(r) {} + Ex(ex), Count(count), LCtx(lctx), IS(is), ConstIS(inConstIS), Regions(r){} + /// \param IsConst Specifies if the region we are invalidating is constant. + /// If it is, we invalidate all subregions, but not the base region itself. void VisitCluster(const MemRegion *baseR, const ClusterBindings *C, - bool Flag); + bool IsConst); void VisitBinding(SVal V); }; } @@ -964,12 +969,19 @@ void invalidateRegionsWorker::VisitCluster(const MemRegion *baseR, return; } - if (IsConst) - return; - - // Symbolic region? Mark that symbol touched by the invalidation. + // Symbolic region? + SymbolRef RegionSym = 0; if (const SymbolicRegion *SR = dyn_cast(baseR)) - IS.insert(SR->getSymbol()); + RegionSym = SR->getSymbol(); + + if (IsConst) { + // Mark that symbol touched by the invalidation. + ConstIS.insert(RegionSym); + return; + } + + // Mark that symbol touched by the invalidation. + IS.insert(RegionSym); // Otherwise, we have a normal data region. Record that we touched the region. if (Regions) @@ -1058,9 +1070,10 @@ RegionStoreManager::invalidateRegions(Store store, InvalidatedSymbols &IS, const CallEvent *Call, ArrayRef ConstRegions, + InvalidatedSymbols &ConstIS, InvalidatedRegions *Invalidated) { RegionBindingsRef B = RegionStoreManager::getRegionBindings(store); - invalidateRegionsWorker W(*this, StateMgr, B, Ex, Count, LCtx, IS, + invalidateRegionsWorker W(*this, StateMgr, B, Ex, Count, LCtx, IS, ConstIS, Invalidated, false); // Scan the bindings and generate the clusters. -- cgit v1.2.3