[analyzer] Add another exception for Qt in MallocChecker

Treat pointers passed to QObject::connectImpl() as escaping.

rdar://problem/29550440

Differential Revision: https://reviews.llvm.org/D27717

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@289939 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/lib/StaticAnalyzer/Checkers/MallocChecker.cpp b/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
index a00fd1d421eb9285f3f02b31ac05f9f0f6d0c254..07c607212d7f47bd5b18caece810a667c04f8db4 100644 (file)
--- a/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
+++ b/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
@@ -2579,6 +2579,11 @@ bool MallocChecker::mayFreeAnyEscapedMemoryOrIsModeledExplicitly(
     return true;
   }
 
+  if (FName == "connectImpl" &&
+      FD->getQualifiedNameAsString() == "QObject::connectImpl") {
+    return true;
+  }
+
   // Handle cases where we know a buffer's /address/ can escape.
   // Note that the above checks handle some special cases where we know that
   // even though the address escapes, it's still our responsibility to free the

diff --git a/test/Analysis/Inputs/qt-simulator.h b/test/Analysis/Inputs/qt-simulator.h
index d1d6c0356b748816ba7a53710f2737a329fe2d0e..a3c7387d2003a5071d4d6111dacc78a7bc9886e6 100644 (file)
--- a/test/Analysis/Inputs/qt-simulator.h
+++ b/test/Analysis/Inputs/qt-simulator.h
@@ -1,6 +1,23 @@
 #pragma clang system_header
 
+namespace QtPrivate {
+struct QSlotObjectBase {};
+}
+
+namespace Qt {
+enum ConnectionType {};
+}
+
+struct QMetaObject {
+  struct Connection {};
+};
+
 struct QObject {
+  static QMetaObject::Connection connectImpl(const QObject *, void **,
+                                             const QObject *, void **,
+                                             QtPrivate::QSlotObjectBase *,
+                                             Qt::ConnectionType,
+                                             const int *, const QMetaObject *);
 };
 
 struct QEvent {

diff --git a/test/Analysis/qt_malloc.cpp b/test/Analysis/qt_malloc.cpp
index d29835f73faae6f68b1dccb7a99131ab6754e6e4..200556ea306dfbb869d6883fb01c49cbb3556573 100644 (file)
--- a/test/Analysis/qt_malloc.cpp
+++ b/test/Analysis/qt_malloc.cpp
@@ -1,4 +1,4 @@
-// RUN: %clang_cc1 -analyze -analyzer-checker=core,alpha.deadcode.UnreachableCode,alpha.core.CastSize,unix.Malloc,cplusplus -analyzer-store=region -verify %s
+// RUN: %clang_cc1 -std=c++11 -analyze -analyzer-checker=core,alpha.deadcode.UnreachableCode,alpha.core.CastSize,unix.Malloc,cplusplus -analyzer-store=region -verify %s
 // expected-no-diagnostics
 #include "Inputs/qt-simulator.h"
 
@@ -13,3 +13,9 @@ void send(QObject *obj)
   QEvent *e4 = new QEvent(QEvent::None);
   QApplication::postEvent(obj, e4);
 }
+
+void connect(QObject *obj) {
+  obj->connectImpl(nullptr, nullptr, nullptr, nullptr,
+                   new QtPrivate::QSlotObjectBase(), (Qt::ConnectionType)0,
+                   nullptr, nullptr);
+}