granicus.if.org Git - clang/commit

author	Artem Dergachev <artem.dergachev@gmail.com>
	Wed, 17 Jan 2018 22:51:19 +0000 (22:51 +0000)
committer	Artem Dergachev <artem.dergachev@gmail.com>
	Wed, 17 Jan 2018 22:51:19 +0000 (22:51 +0000)
commit	9178f1690a6c8714c8fed0544c1d34ac7e216724
tree	a5f73d33942436dc5293f40e392f5c378e2c7e81	tree \| snapshot
parent	6d36e99d4e1086cff7042c898c17fc9d40ca948a	commit \| diff

[analyzer] operator new: Model the cast of returned pointer into object type.

According to [basic.stc.dynamic.allocation], the return type of any C++
overloaded operator new() is "void *". However, type of the new-expression
"new T()" and the type of "this" during construction of "T" are both "T *".

Hence an implicit cast, which is not present in the AST, needs to be performed
before the construction. This patch adds such cast in the case when the
allocator was indeed inlined. For now, in the case where the allocator was *not*
inlined we still use the same symbolic value (which is a pure SymbolicRegion of
type "T *") because it is consistent with how we represent the casts and causes
less surprise in the checkers after switching to the new behavior.

The better approach would be to represent that value as a cast over a
SymbolicRegion of type "void *", however we have technical difficulties
conjuring such region without any actual expression of type "void *" present in
the AST.

Differential Revision: https://reviews.llvm.org/D41250
rdar://problem/12180598

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@322777 91177308-0d34-0410-b5e6-96231b3b80d8

lib/StaticAnalyzer/Core/ExprEngineCXX.cpp		diff \| blob \| history
lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp		diff \| blob \| history
test/Analysis/new-ctor-conservative.cpp		diff \| blob \| history
test/Analysis/new-ctor-inlined.cpp		diff \| blob \| history