[all-commits] [llvm/llvm-project] 33b910: [clang] Fix the post-filtering heuristic for GSLPo...

Haojian Wu via All-commits all-commits at lists.llvm.org
Thu Dec 12 11:58:01 PST 2024 

  Branch: refs/heads/main
  Home:   https://github.com/llvm/llvm-project
  Commit: 33b910cde3b305a49c98c6de88dbc22ced9dea61
      https://github.com/llvm/llvm-project/commit/33b910cde3b305a49c98c6de88dbc22ced9dea61
  Author: Haojian Wu <hokein.wu at gmail.com>
  Date:   2024-12-12 (Thu, 12 Dec 2024)

  Changed paths:
    M clang/docs/ReleaseNotes.rst
    M clang/lib/Sema/CheckExprLifetime.cpp
    M clang/test/Sema/Inputs/lifetime-analysis.h
    M clang/test/Sema/warn-lifetime-analysis-nocfg.cpp

  Log Message:
  -----------
  [clang] Fix the post-filtering heuristic for GSLPointer. (#114044)

The lifetime analyzer processes GSL pointers:

- when encountering a constructor for a `gsl::pointer`, the analyzer
continues traversing the constructor argument, regardless of whether the
parameter has a `lifetimebound` annotation. This aims to catch cases
where a GSL pointer is constructed from a GSL owner, either directly
(e.g., `FooPointer(FooOwner)`) or through a chain of GSL pointers (e.g.,
`FooPointer(FooPointer(FooOwner))`);
- When a temporary object is reported in the callback, the analyzer has
heuristics to exclude non-owner types, aiming to avoid false positives
(like `FooPointer(FooPointer())`).

In the problematic case (discovered in
https://github.com/llvm/llvm-project/pull/112751#issuecomment-2441055471)
of `return foo.get();`:

- When the analyzer reports the local object `foo`, the `Path` is
`[GslPointerInit, Lifetimebound]`.
- The `Path` goes through
[`pathOnlyHandlesGslPointer`](https://github.com/llvm/llvm-project/blob/main/clang/lib/Sema/CheckExprLifetime.cpp#L1136)
and isn’t filtered out by the [[heuristics]](because `foo` is an owner
type), the analyzer treats it as the `FooPointer(FooOwner())` scenario,
thus triggering a diagnostic.

Filtering out base on the object 'foo' is wrong, because the GSLPointer
is constructed from the return result of the `foo.get()`. The patch
fixes this by teaching the heuristic to use the return result (only
`const GSLOwner&` is considered) of the lifetimebound annotated
function.



To unsubscribe from these emails, change your notification settings at https://github.com/llvm/llvm-project/settings/notifications

More information about the All-commits mailing list