[PATCH] D79843: [analyzer] Fix crash for non-pointers annotated as nonnull

Valeriy Savchenko via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Wed May 13 03:11:41 PDT 2020 

vsavchenko created this revision.
vsavchenko added reviewers: NoQ, dcoughlin.
Herald added subscribers: cfe-commits, ASDenysPetrov, martong, Charusso, dkrupp, donat.nagy, Szelethus, mikhail.ramalho, a.sidorin, szepet, baloghadamsoftware, xazax.hun.
Herald added a project: clang.

Nonnull attribute can be applied to non-pointers.  This caused assertion
failures in NonNullParamChecker when we tried to *assume* such parameters
to be non-zero.

rdar://problem/63150074


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D79843

Files:
  clang/lib/StaticAnalyzer/Checkers/NonNullParamChecker.cpp
  clang/test/Analysis/UserNullabilityAnnotations.m


Index: clang/test/Analysis/UserNullabilityAnnotations.m
===================================================================
--- clang/test/Analysis/UserNullabilityAnnotations.m
+++ clang/test/Analysis/UserNullabilityAnnotations.m
@@ -1,4 +1,5 @@
 // RUN: %clang_analyze_cc1 -verify -Wno-objc-root-class %s \
+// RUN:   -Wno-tautological-pointer-compare \
 // RUN:   -analyzer-checker=core \
 // RUN:   -analyzer-checker=nullability \
 // RUN:   -analyzer-checker=debug.ExprInspection
@@ -34,3 +35,15 @@
   clang_analyzer_eval(Grandson->Value != 0);     // expected-warning{{TRUE}}
   clang_analyzer_eval(foo()->Child->Value != 0); // expected-warning{{TRUE}}
 }
+
+// Check that we correctly process situations when non-pointer parameters
+// get nonnul attributes.
+// Original problem: rdar://problem/63150074
+typedef struct {
+  long a;
+} B;
+__attribute__((nonnull)) void c(B x, int *y);
+
+void c(B x, int *y) {
+  clang_analyzer_eval(y != 0); // expected-warning{{TRUE}}
+}
Index: clang/lib/StaticAnalyzer/Checkers/NonNullParamChecker.cpp
===================================================================
--- clang/lib/StaticAnalyzer/Checkers/NonNullParamChecker.cpp
+++ clang/lib/StaticAnalyzer/Checkers/NonNullParamChecker.cpp
@@ -254,12 +254,18 @@
     if (!ParameterNonNullMarks.test(Parameter->getFunctionScopeIndex()))
       continue;
 
+    // 2. Check that parameter is a pointer.
+    //    Nonnull attribute can be applied to non-pointers (by default
+    //    __attribute__(nonnull) implies "all parameters").
+    if (!Parameter->getType()->isPointerType())
+      continue;
+
     Loc ParameterLoc = State->getLValue(Parameter, LocContext);
     // We never consider top-level function parameters undefined.
     auto StoredVal =
         State->getSVal(ParameterLoc).castAs<DefinedOrUnknownSVal>();
 
-    // 2. Assume that it is indeed non-null
+    // 3. Assume that it is indeed non-null
     if (ProgramStateRef NewState = State->assume(StoredVal, true)) {
       State = NewState;
     }


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D79843.263656.patch
Type: text/x-patch
Size: 2019 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20200513/6852cca0/attachment-0001.bin>

More information about the cfe-commits mailing list