From 3957fd5858e258c340d03a71eb617929a8262b9f Mon Sep 17 00:00:00 2001 From: Jordan Rose Date: Sat, 20 Oct 2012 02:32:51 +0000 Subject: [PATCH] [analyzer] Assume 'new' never returns NULL if it could throw an exception. This is actually required by the C++ standard in [basic.stc.dynamic.allocation]p3: If an allocation function declared with a non-throwing exception-specification fails to allocate storage, it shall return a null pointer. Any other allocation function that fails to allocate storage shall indicate failure only by throwing an exception of a type that would match a handler of type std::bad_alloc. We don't bother checking for the specific exception type, but just go off the operator new prototype. This should help with a certain class of lazy initalization false positives. llvm-svn: 166363 --- clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp | 13 ++++- clang/test/Analysis/new-with-exceptions.cpp | 71 +++++++++++++++++++++++++ 2 files changed, 83 insertions(+), 1 deletion(-) create mode 100644 clang/test/Analysis/new-with-exceptions.cpp diff --git a/clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp b/clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp index 60c73c6..b3baa79 100644 --- a/clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp +++ b/clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp @@ -229,6 +229,18 @@ void ExprEngine::VisitCXXNewExpr(const CXXNewExpr *CNE, ExplodedNode *Pred, // we should be using the usual pre-/(default-)eval-/post-call checks here. State = Call->invalidateRegions(blockCount); + // If we're compiling with exceptions enabled, and this allocation function + // is not declared as non-throwing, failures /must/ be signalled by + // exceptions, and thus the return value will never be NULL. + // C++11 [basic.stc.dynamic.allocation]p3. + FunctionDecl *FD = CNE->getOperatorNew(); + if (FD && getContext().getLangOpts().CXXExceptions) { + QualType Ty = FD->getType(); + if (const FunctionProtoType *ProtoType = Ty->getAs()) + if (!ProtoType->isNothrow(getContext())) + State = State->assume(symVal, true); + } + if (CNE->isArray()) { // FIXME: allocating an array requires simulating the constructors. // For now, just return a symbolicated region. @@ -246,7 +258,6 @@ void ExprEngine::VisitCXXNewExpr(const CXXNewExpr *CNE, ExplodedNode *Pred, // CXXNewExpr, we need to make sure that the constructed object is not // immediately invalidated here. (The placement call should happen before // the constructor call anyway.) - FunctionDecl *FD = CNE->getOperatorNew(); if (FD && FD->isReservedGlobalPlacementOperator()) { // Non-array placement new should always return the placement location. SVal PlacementLoc = State->getSVal(CNE->getPlacementArg(0), LCtx); diff --git a/clang/test/Analysis/new-with-exceptions.cpp b/clang/test/Analysis/new-with-exceptions.cpp new file mode 100644 index 0000000..d909f1f --- /dev/null +++ b/clang/test/Analysis/new-with-exceptions.cpp @@ -0,0 +1,71 @@ +// RUN: %clang_cc1 -analyze -analyzer-checker=core,debug.ExprInspection -analyzer-store region -std=c++11 -fexceptions -fcxx-exceptions -verify -DEXCEPTIONS %s +// RUN: %clang_cc1 -analyze -analyzer-checker=core,debug.ExprInspection -analyzer-store region -std=c++11 -verify %s + +void clang_analyzer_eval(bool); + +typedef __typeof__(sizeof(int)) size_t; +extern "C" void *malloc(size_t); + +// This is the standard placement new. +inline void* operator new(size_t, void* __p) throw() +{ + return __p; +} + +struct NoThrow { + void *operator new(size_t) throw(); +}; + +struct NoExcept { + void *operator new(size_t) noexcept; +}; + +struct DefaultThrow { + void *operator new(size_t); +}; + +struct ExplicitThrow { + void *operator new(size_t) throw(int); +}; + +void testNew() { + clang_analyzer_eval(new NoThrow); // expected-warning{{UNKNOWN}} + clang_analyzer_eval(new NoExcept); // expected-warning{{UNKNOWN}} + + clang_analyzer_eval(new DefaultThrow); + clang_analyzer_eval(new ExplicitThrow); +#ifdef EXCEPTIONS + // expected-warning@-3 {{TRUE}} + // expected-warning@-3 {{TRUE}} +#else + // expected-warning@-6 {{UNKNOWN}} + // expected-warning@-6 {{UNKNOWN}} +#endif +} + +void testNewArray() { + clang_analyzer_eval(new NoThrow[2]); + clang_analyzer_eval(new NoExcept[2]); + clang_analyzer_eval(new DefaultThrow[2]); + clang_analyzer_eval(new ExplicitThrow[2]); +#ifdef EXCEPTIONS + // expected-warning@-5 {{TRUE}} + // expected-warning@-5 {{TRUE}} + // expected-warning@-5 {{TRUE}} + // expected-warning@-5 {{TRUE}} +#else + // expected-warning@-10 {{UNKNOWN}} + // expected-warning@-10 {{UNKNOWN}} + // expected-warning@-10 {{UNKNOWN}} + // expected-warning@-10 {{UNKNOWN}} +#endif +} + +extern void *operator new[](size_t, int) noexcept; + +void testNewArrayNoThrow() { + clang_analyzer_eval(new (1) NoThrow[2]); // expected-warning{{UNKNOWN}} + clang_analyzer_eval(new (1) NoExcept[2]); // expected-warning{{UNKNOWN}} + clang_analyzer_eval(new (1) DefaultThrow[2]); // expected-warning{{UNKNOWN}} + clang_analyzer_eval(new (1) ExplicitThrow[2]); // expected-warning{{UNKNOWN}} +} -- 2.7.4