From be3f4bd36bc95163088b63063e157e54c99a5b53 Mon Sep 17 00:00:00 2001 From: George Karpenkov Date: Fri, 30 Nov 2018 20:43:42 +0000 Subject: [PATCH] Revert "Reverting r347949-r347951 because they broke the test bots." This reverts commit 5bad6129c012fbf186eb055be49344e790448ecc. Hopefully fixing the issue which was breaking the bots. llvm-svn: 348030 --- .../StaticAnalyzer/Core/RetainSummaryManager.h | 2 ++ .../StaticAnalyzer/Core/RetainSummaryManager.cpp | 28 +++++++++++------- clang/test/Analysis/osobject-retain-release.cpp | 34 ++++++++++++++++++++++ 3 files changed, 53 insertions(+), 11 deletions(-) diff --git a/clang/include/clang/StaticAnalyzer/Core/RetainSummaryManager.h b/clang/include/clang/StaticAnalyzer/Core/RetainSummaryManager.h index 9b71011..dfcbd0c 100644 --- a/clang/include/clang/StaticAnalyzer/Core/RetainSummaryManager.h +++ b/clang/include/clang/StaticAnalyzer/Core/RetainSummaryManager.h @@ -530,6 +530,8 @@ class RetainSummaryManager { /// Decrement the reference count on OS object. const RetainSummary *getOSSummaryReleaseRule(const FunctionDecl *FD); + /// Free the OS object. + const RetainSummary *getOSSummaryFreeRule(const FunctionDecl *FD); enum UnaryFuncKind { cfretain, cfrelease, cfautorelease, cfmakecollectable }; diff --git a/clang/lib/StaticAnalyzer/Core/RetainSummaryManager.cpp b/clang/lib/StaticAnalyzer/Core/RetainSummaryManager.cpp index fc4544f..b42e0c1 100644 --- a/clang/lib/StaticAnalyzer/Core/RetainSummaryManager.cpp +++ b/clang/lib/StaticAnalyzer/Core/RetainSummaryManager.cpp @@ -124,10 +124,8 @@ RetainSummaryManager::generateSummary(const FunctionDecl *FD, } const IdentifierInfo *II = FD->getIdentifier(); - if (!II) - return getDefaultSummary(); - StringRef FName = II->getName(); + StringRef FName = II ? II->getName() : ""; // Strip away preceding '_'. Doing this here will effect all the checks // down below. @@ -304,6 +302,12 @@ RetainSummaryManager::generateSummary(const FunctionDecl *FD, if (FName == "retain") return getOSSummaryRetainRule(FD); + + if (FName == "free") + return getOSSummaryFreeRule(FD); + + if (MD->getOverloadedOperator() == OO_New) + return getOSSummaryCreateRule(MD); } } @@ -480,20 +484,14 @@ RetainSummaryManager::getSummary(const CallEvent &Call, const RetainSummary *Summ; switch (Call.getKind()) { case CE_Function: - Summ = getFunctionSummary(cast(Call).getDecl()); - break; case CE_CXXMember: - Summ = getFunctionSummary(cast(Call).getDecl()); - break; case CE_CXXMemberOperator: - Summ = getFunctionSummary(cast(Call).getDecl()); - break; case CE_CXXConstructor: - Summ = getFunctionSummary(cast(Call).getDecl()); + case CE_CXXAllocator: + Summ = getFunctionSummary(cast_or_null(Call.getDecl())); break; case CE_Block: case CE_CXXDestructor: - case CE_CXXAllocator: // FIXME: These calls are currently unsupported. return getPersistentStopSummary(); case CE_ObjCMessage: { @@ -619,6 +617,14 @@ RetainSummaryManager::getOSSummaryReleaseRule(const FunctionDecl *FD) { } const RetainSummary * +RetainSummaryManager::getOSSummaryFreeRule(const FunctionDecl *FD) { + return getPersistentSummary(RetEffect::MakeNoRet(), + /*ReceiverEff=*/DoNothing, + /*DefaultEff=*/DoNothing, + /*ThisEff=*/Dealloc); +} + +const RetainSummary * RetainSummaryManager::getOSSummaryCreateRule(const FunctionDecl *FD) { return getPersistentSummary(RetEffect::MakeOwned(RetEffect::OS)); } diff --git a/clang/test/Analysis/osobject-retain-release.cpp b/clang/test/Analysis/osobject-retain-release.cpp index ca5dfbf..1b54008 100644 --- a/clang/test/Analysis/osobject-retain-release.cpp +++ b/clang/test/Analysis/osobject-retain-release.cpp @@ -11,9 +11,12 @@ struct OSMetaClass; #define OSDynamicCast(type, inst) \ ((type *) OSMetaClassBase::safeMetaCast((inst), OSTypeID(type))) +using size_t = decltype(sizeof(int)); + struct OSObject { virtual void retain(); virtual void release() {}; + virtual void free(); virtual ~OSObject(){} unsigned int foo() { return 42; } @@ -23,6 +26,9 @@ struct OSObject { static OSObject *getObject(); static OSObject *GetObject(); + + static void * operator new(size_t size); + static const OSMetaClass * const metaClass; }; @@ -62,6 +68,34 @@ struct OSMetaClassBase { static OSObject *safeMetaCast(const OSObject *inst, const OSMetaClass *meta); }; +void check_free_no_error() { + OSArray *arr = OSArray::withCapacity(10); + arr->retain(); + arr->retain(); + arr->retain(); + arr->free(); +} + +void check_free_use_after_free() { + OSArray *arr = OSArray::withCapacity(10); // expected-note{{Call to method 'OSArray::withCapacity' returns an OSObject of type OSArray with a +1 retain count}} + arr->retain(); // expected-note{{Reference count incremented. The object now has a +2 retain count}} + arr->free(); // expected-note{{Object released}} + arr->retain(); // expected-warning{{Reference-counted object is used after it is released}} + // expected-note@-1{{Reference-counted object is used after it is released}} +} + +unsigned int check_leak_explicit_new() { + OSArray *arr = new OSArray; // expected-note{{Operator new returns an OSObject of type OSArray with a +1 retain count}} + return arr->getCount(); // expected-note{{Object leaked: allocated object of type OSArray is not referenced later in this execution path and has a retain count of +1}} + // expected-warning@-1{{Potential leak of an object of type OSArray}} +} + +unsigned int check_leak_factory() { + OSArray *arr = OSArray::withCapacity(10); // expected-note{{Call to method 'OSArray::withCapacity' returns an OSObject of type OSArray with a +1 retain count}} + return arr->getCount(); // expected-note{{Object leaked: object allocated and stored into 'arr' is not referenced later in this execution path and has a retain count of +1}} + // expected-warning@-1{{Potential leak of an object stored into 'arr'}} +} + void check_get_object() { OSObject::getObject(); } -- 2.7.4