From: Jordan Rose <jordan_rose@apple.com>
Date: Mon, 22 Apr 2013 21:36:44 +0000 (+0000)
Subject: [analyzer] Type information from C++ new expressions is perfect.
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=fbc4444eb2675934b44f3720ef9a5f368ecbeb0a;p=clang

[analyzer] Type information from C++ new expressions is perfect.

This improves our handling of dynamic_cast and devirtualization for
objects allocated by 'new'.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@180051 91177308-0d34-0410-b5e6-96231b3b80d8
---

diff --git a/lib/StaticAnalyzer/Checkers/DynamicTypePropagation.cpp b/lib/StaticAnalyzer/Checkers/DynamicTypePropagation.cpp
index 9f176a4b5b..759aa6605e 100644
--- a/lib/StaticAnalyzer/Checkers/DynamicTypePropagation.cpp
+++ b/lib/StaticAnalyzer/Checkers/DynamicTypePropagation.cpp
@@ -27,7 +27,8 @@ namespace {
 class DynamicTypePropagation:
     public Checker< check::PreCall,
                     check::PostCall,
-                    check::PostStmt<ImplicitCastExpr> > {
+                    check::PostStmt<ImplicitCastExpr>,
+                    check::PostStmt<CXXNewExpr> > {
   const ObjCObjectType *getObjectTypeForAllocAndNew(const ObjCMessageExpr *MsgE,
                                                     CheckerContext &C) const;
 
@@ -38,6 +39,7 @@ public:
   void checkPreCall(const CallEvent &Call, CheckerContext &C) const;
   void checkPostCall(const CallEvent &Call, CheckerContext &C) const;
   void checkPostStmt(const ImplicitCastExpr *CastE, CheckerContext &C) const;
+  void checkPostStmt(const CXXNewExpr *NewE, CheckerContext &C) const;
 };
 }
 
@@ -190,6 +192,20 @@ void DynamicTypePropagation::checkPostStmt(const ImplicitCastExpr *CastE,
   return;
 }
 
+void DynamicTypePropagation::checkPostStmt(const CXXNewExpr *NewE,
+                                           CheckerContext &C) const {
+  if (NewE->isArray())
+    return;
+
+  // We only track dynamic type info for regions.
+  const MemRegion *MR = C.getSVal(NewE).getAsRegion();
+  if (!MR)
+    return;
+  
+  C.addTransition(C.getState()->setDynamicTypeInfo(MR, NewE->getType(),
+                                                   /*CanBeSubclass=*/false));
+}
+
 const ObjCObjectType *
 DynamicTypePropagation::getObjectTypeForAllocAndNew(const ObjCMessageExpr *MsgE,
                                                     CheckerContext &C) const {
diff --git a/test/Analysis/inline.cpp b/test/Analysis/inline.cpp
index a16fa00d12..62bce28472 100644
--- a/test/Analysis/inline.cpp
+++ b/test/Analysis/inline.cpp
@@ -351,9 +351,7 @@ namespace VirtualWithSisterCasts {
 
   void testCastViaNew(B *b) {
     Grandchild *g = new (b) Grandchild();
-    // FIXME: We actually now have perfect type info because of 'new'.
-    // This should be TRUE.
-    clang_analyzer_eval(g->foo() == 42); // expected-warning{{UNKNOWN}}
+    clang_analyzer_eval(g->foo() == 42); // expected-warning{{TRUE}}
 
     g->x = 42;
     clang_analyzer_eval(g->x == 42); // expected-warning{{TRUE}}
diff --git a/test/Analysis/inlining/dyn-dispatch-bifurcate.cpp b/test/Analysis/inlining/dyn-dispatch-bifurcate.cpp
index 890e5640ce..d219446fc9 100644
--- a/test/Analysis/inlining/dyn-dispatch-bifurcate.cpp
+++ b/test/Analysis/inlining/dyn-dispatch-bifurcate.cpp
@@ -16,6 +16,11 @@ void testKnown() {
   clang_analyzer_eval(a.get() == 0); // expected-warning{{TRUE}}
 }
 
+void testNew() {
+  A *a = new A();
+  clang_analyzer_eval(a->get() == 0); // expected-warning{{TRUE}}
+}
+
 
 namespace ReinterpretDisruptsDynamicTypeInfo {
   class Parent {};