arseniy-sonar created this revision.
arseniy-sonar added reviewers: xazax.hun, martong, NoQ, Szelethus, steakhal.
arseniy-sonar added a project: clang.
Herald added a subscriber: rnkovacs.
Herald added a project: All.
arseniy-sonar requested review of this revision.
Herald added a subscriber: cfe-commits.
This fixes https://github.com/llvm/llvm-project/issues/55347
Builtin functions (such ast `std::move`, `std::forward`, `std::as_const`) have
a body generated during the analysis not related to any source file so their
statements have no valid source locations.
ReturnPtrRange checker should not report issues for these builtin functions
because they only forward its parameter and do not create any new pointers.
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D138713
Files:
clang/lib/StaticAnalyzer/Checkers/ReturnPointerRangeChecker.cpp
clang/test/Analysis/return-ptr-range.cpp
Index: clang/test/Analysis/return-ptr-range.cpp
===================================================================
--- clang/test/Analysis/return-ptr-range.cpp
+++ clang/test/Analysis/return-ptr-range.cpp
@@ -115,3 +115,14 @@
}
+namespace std {
+// A builtin function with the body generated on the fly.
+template <typename T> T&& move(T &&) noexcept;
+} // namespace std
+
+char buf[2];
+
+void top() {
+ // see https://github.com/llvm/llvm-project/issues/55347
+ (void)std::move(*(buf + 3)); // no-crash
+}
Index: clang/lib/StaticAnalyzer/Checkers/ReturnPointerRangeChecker.cpp
===================================================================
--- clang/lib/StaticAnalyzer/Checkers/ReturnPointerRangeChecker.cpp
+++ clang/lib/StaticAnalyzer/Checkers/ReturnPointerRangeChecker.cpp
@@ -41,6 +41,13 @@
if (!RetE)
return;
+ // Skip calls to built-in functions because such functions might feature
+ // a return statement with no valid source location.
+ if (const CallExpr *CE =
+ dyn_cast_or_null<CallExpr>(C.getStackFrame()->getCallSite());
+ CE && CE->getBuiltinCallee() != 0)
+ return;
+
SVal V = C.getSVal(RetE);
const MemRegion *R = V.getAsRegion();
Index: clang/test/Analysis/return-ptr-range.cpp
===================================================================
--- clang/test/Analysis/return-ptr-range.cpp
+++ clang/test/Analysis/return-ptr-range.cpp
@@ -115,3 +115,14 @@
}
+namespace std {
+// A builtin function with the body generated on the fly.
+template <typename T> T&& move(T &&) noexcept;
+} // namespace std
+
+char buf[2];
+
+void top() {
+ // see https://github.com/llvm/llvm-project/issues/55347
+ (void)std::move(*(buf + 3)); // no-crash
+}
Index: clang/lib/StaticAnalyzer/Checkers/ReturnPointerRangeChecker.cpp
===================================================================
--- clang/lib/StaticAnalyzer/Checkers/ReturnPointerRangeChecker.cpp
+++ clang/lib/StaticAnalyzer/Checkers/ReturnPointerRangeChecker.cpp
@@ -41,6 +41,13 @@
if (!RetE)
return;
+ // Skip calls to built-in functions because such functions might feature
+ // a return statement with no valid source location.
+ if (const CallExpr *CE =
+ dyn_cast_or_null<CallExpr>(C.getStackFrame()->getCallSite());
+ CE && CE->getBuiltinCallee() != 0)
+ return;
+
SVal V = C.getSVal(RetE);
const MemRegion *R = V.getAsRegion();
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
