From: Artem Dergachev Date: Thu, 18 Jan 2018 00:44:41 +0000 (+0000) Subject: [analyzer] Suppress "this" pointer escape during construction. X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=0e15f138675cc570c7dc1853d3eeae0b38844bdc;p=clang [analyzer] Suppress "this" pointer escape during construction. Pointer escape event notifies checkers that a pointer can no longer be reliably tracked by the analyzer. For example, if a pointer is passed into a function that has no body available, or written into a global, MallocChecker would no longer report memory leaks for such pointer. In case of operator new() under -analyzer-config c++-allocator-inlining=true, MallocChecker would start tracking the pointer allocated by operator new() only to immediately meet a pointer escape event notifying the checker that the pointer has escaped into a constructor (assuming that the body of the constructor is not available) and immediately stop tracking it. Even though it is theoretically possible for such constructor to put "this" into a global container that would later be freed, we prefer to preserve the old behavior of MallocChecker, i.e. a memory leak warning, in order to be able to find any memory leaks in C++ at all. In fact, c++-allocator-inlining *reduces* the amount of false positives coming from this-pointers escaping in constructors, because it'd be able to inline constructors in some cases. With other checkers working similarly, we simply suppress the escape event for this-value of the constructor, regardless of analyzer options. Differential Revision: https://reviews.llvm.org/D41797 rdar://problem/12180598 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@322795 91177308-0d34-0410-b5e6-96231b3b80d8 --- diff --git a/lib/StaticAnalyzer/Core/CallEvent.cpp b/lib/StaticAnalyzer/Core/CallEvent.cpp index 776369be9d..76b9630c3b 100644 --- a/lib/StaticAnalyzer/Core/CallEvent.cpp +++ b/lib/StaticAnalyzer/Core/CallEvent.cpp @@ -672,8 +672,13 @@ SVal CXXConstructorCall::getCXXThisVal() const { void CXXConstructorCall::getExtraInvalidatedValues(ValueList &Values, RegionAndSymbolInvalidationTraits *ETraits) const { - if (Data) - Values.push_back(loc::MemRegionVal(static_cast(Data))); + if (Data) { + loc::MemRegionVal MV(static_cast(Data)); + if (SymbolRef Sym = MV.getAsSymbol(true)) + ETraits->setTrait(Sym, + RegionAndSymbolInvalidationTraits::TK_SuppressEscape); + Values.push_back(MV); + } } void CXXConstructorCall::getInitialStackFrameContents( diff --git a/test/Analysis/NewDeleteLeaks-PR19102.cpp b/test/Analysis/NewDeleteLeaks-PR19102.cpp index 502db6122f..625b2d4b7a 100644 --- a/test/Analysis/NewDeleteLeaks-PR19102.cpp +++ b/test/Analysis/NewDeleteLeaks-PR19102.cpp @@ -1,4 +1,5 @@ // RUN: %clang_analyze_cc1 -analyzer-checker=core,cplusplus.NewDeleteLeaks -verify %s +// RUN: %clang_analyze_cc1 -analyzer-checker=core,cplusplus.NewDeleteLeaks -analyzer-config c++-allocator-inlining=true -verify %s class A0 {};