projects / platform / upstream / llvm.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d4f4b2f)
Fix assertion failure "PathDiagnosticSpotPiece's must have a valid location." in...
authorArseniy Zaostrovnykh <arseniy.zaostrovnykh@sonarsource.com>
Thu, 26 Jan 2023 16:19:04 +0000 (17:19 +0100)
committerBalazs Benics <benicsbalazs@gmail.com>
Thu, 26 Jan 2023 16:26:05 +0000 (17:26 +0100)
Builtin functions (such as `std::move`, `std::forward`, `std::as_const`)
have a body generated during the analysis not related to any source file
so their statements have no valid source locations.
`ReturnPtrRange` checker should not report issues for these builtin
functions because they only forward its parameter and do not create any
new pointers.

Fixes #55347

Patch by Arseniy Zaostrovnykh.

Reviewed By: NoQ

Differential Revision: https://reviews.llvm.org/D138713

clang/lib/StaticAnalyzer/Checkers/ReturnPointerRangeChecker.cpp patch | blob | history
clang/test/Analysis/return-ptr-range.cpp patch | blob | history

diff --git a/clang/lib/StaticAnalyzer/Checkers/ReturnPointerRangeChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/ReturnPointerRangeChecker.cpp
index b35ab1fe23ce34aa28ee0e84a171b2c2bf86a6ae..b85d0adb8eafb10a7dcee11d16792790dc24ebcd 100644 (file)
--- a/clang/lib/StaticAnalyzer/Checkers/ReturnPointerRangeChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/ReturnPointerRangeChecker.cpp
@@ -41,6 +41,10 @@ void ReturnPointerRangeChecker::checkPreStmt(const ReturnStmt *RS,
   if (!RetE)
     return;
 
+  // Skip "body farmed" functions.
+  if (RetE->getSourceRange().isInvalid())
+    return;
+
   SVal V = C.getSVal(RetE);
   const MemRegion *R = V.getAsRegion();
 
diff --git a/clang/test/Analysis/return-ptr-range.cpp b/clang/test/Analysis/return-ptr-range.cpp
index 34c953ee213b7ff6e729d34dfb1e14021d5661c9..507720a47ea7d5353bcad2bf2e188f47a51bc2b6 100644 (file)
--- a/clang/test/Analysis/return-ptr-range.cpp
+++ b/clang/test/Analysis/return-ptr-range.cpp
@@ -115,3 +115,14 @@ Data *test_struct_array() {
 
 }
 
+namespace std {
+// A builtin function with the body generated on the fly.
+template <typename T> T&& move(T &&) noexcept;
+} // namespace std
+
+char buf[2];
+
+void top() {
+  // see https://github.com/llvm/llvm-project/issues/55347
+  (void)std::move(*(buf + 3)); // no-crash
+}
Domain: System / Toolchain;