Analyzer: add support for CXXNewExpr.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@101771 91177308-0d34-0410-b5e6-96231b3b80d8
diff --git a/lib/Checker/GRExprEngine.cpp b/lib/Checker/GRExprEngine.cpp
index 405c931..b6b4caa 100644
--- a/lib/Checker/GRExprEngine.cpp
+++ b/lib/Checker/GRExprEngine.cpp
@@ -593,7 +593,6 @@
case Stmt::CXXDependentScopeMemberExprClass:
case Stmt::CXXExprWithTemporariesClass:
case Stmt::CXXNamedCastExprClass:
- case Stmt::CXXNewExprClass:
case Stmt::CXXNullPtrLiteralExprClass:
case Stmt::CXXPseudoDestructorExprClass:
case Stmt::CXXTemporaryObjectExprClass:
@@ -719,6 +718,12 @@
break;
}
+ case Stmt::CXXNewExprClass: {
+ CXXNewExpr *NE = cast<CXXNewExpr>(S);
+ VisitCXXNewExpr(NE, Pred, Dst);
+ break;
+ }
+
// FIXME: ChooseExpr is really a constant. We need to fix
// the CFG do not model them as explicit control-flow.
@@ -3365,6 +3370,33 @@
}
}
+void GRExprEngine::VisitCXXNewExpr(CXXNewExpr *CNE, ExplodedNode *Pred,
+ ExplodedNodeSet &Dst) {
+ if (CNE->isArray()) {
+ // FIXME: allocating an array has not been handled.
+ return;
+ }
+
+ unsigned Count = Builder->getCurrentBlockCount();
+ DefinedOrUnknownSVal SymVal = getValueManager().getConjuredSymbolVal(NULL,CNE,
+ CNE->getType(), Count);
+ const MemRegion *NewReg = cast<loc::MemRegionVal>(SymVal).getRegion();
+
+ QualType ObjTy = CNE->getType()->getAs<PointerType>()->getPointeeType();
+
+ const ElementRegion *EleReg =
+ getStoreManager().GetElementZeroRegion(NewReg, ObjTy);
+
+ const GRState *state = Pred->getState();
+
+ Store store = state->getStore();
+ StoreManager::InvalidatedSymbols IS;
+ store = getStoreManager().InvalidateRegion(store, EleReg, CNE, Count, &IS);
+ state = state->makeWithStore(store);
+ state = state->BindExpr(CNE, loc::MemRegionVal(EleReg));
+ MakeNode(Dst, CNE, Pred, state);
+}
+
const CXXThisRegion *GRExprEngine::getCXXThisRegion(const CXXMethodDecl *D,
const StackFrameContext *SFC) {
Type *T = D->getParent()->getTypeForDecl();
diff --git a/lib/Checker/RegionStore.cpp b/lib/Checker/RegionStore.cpp
index 5e71bb0..73158f2 100644
--- a/lib/Checker/RegionStore.cpp
+++ b/lib/Checker/RegionStore.cpp
@@ -346,8 +346,6 @@
Store CopyLazyBindings(nonloc::LazyCompoundVal V, Store store,
const TypedRegion *R);
- const ElementRegion *GetElementZeroRegion(const MemRegion *R, QualType T);
-
//===------------------------------------------------------------------===//
// State pruning.
//===------------------------------------------------------------------===//
@@ -995,14 +993,6 @@
return true;
}
-const ElementRegion *
-RegionStoreManager::GetElementZeroRegion(const MemRegion *R, QualType T) {
- ASTContext &Ctx = getContext();
- SVal idx = ValMgr.makeZeroArrayIndex();
- assert(!T.isNull());
- return MRMgr.getElementRegion(T, idx, R, Ctx);
-}
-
SVal RegionStoreManager::Retrieve(Store store, Loc L, QualType T) {
assert(!isa<UnknownVal>(L) && "location unknown");
assert(!isa<UndefinedVal>(L) && "location undefined");
diff --git a/lib/Checker/Store.cpp b/lib/Checker/Store.cpp
index 80b6586..c12065b 100644
--- a/lib/Checker/Store.cpp
+++ b/lib/Checker/Store.cpp
@@ -38,6 +38,13 @@
return true;
}
+const ElementRegion *StoreManager::GetElementZeroRegion(const MemRegion *R,
+ QualType T) {
+ SVal idx = ValMgr.makeZeroArrayIndex();
+ assert(!T.isNull());
+ return MRMgr.getElementRegion(T, idx, R, Ctx);
+}
+
const MemRegion *StoreManager::CastRegion(const MemRegion *R, QualType CastToTy) {
ASTContext& Ctx = StateMgr.getContext();