[all-commits] [llvm/llvm-project] fe0299: [FlowSensitive] [StatusOr] [2/N] Add minimal model...

Florian Mayer via All-commits all-commits at lists.llvm.org
Fri Oct 17 16:53:06 PDT 2025 

  Branch: refs/heads/main
  Home:   https://github.com/llvm/llvm-project
  Commit: fe029934eb0782f011c839f0c6641bfa56ef3d1b
      https://github.com/llvm/llvm-project/commit/fe029934eb0782f011c839f0c6641bfa56ef3d1b
  Author: Florian Mayer <fmayer at google.com>
  Date:   2025-10-17 (Fri, 17 Oct 2025)

  Changed paths:
    A clang/include/clang/Analysis/FlowSensitive/Models/UncheckedStatusOrAccessModel.h
    M clang/lib/Analysis/FlowSensitive/Models/CMakeLists.txt
    A clang/lib/Analysis/FlowSensitive/Models/UncheckedStatusOrAccessModel.cpp
    M clang/unittests/Analysis/FlowSensitive/CMakeLists.txt
    A clang/unittests/Analysis/FlowSensitive/UncheckedStatusOrAccessModelTest.cpp
    A clang/unittests/Analysis/FlowSensitive/UncheckedStatusOrAccessModelTestFixture.cpp
    A clang/unittests/Analysis/FlowSensitive/UncheckedStatusOrAccessModelTestFixture.h
    M llvm/utils/gn/secondary/clang/lib/Analysis/FlowSensitive/Models/BUILD.gn
    M llvm/utils/gn/secondary/clang/unittests/Analysis/FlowSensitive/BUILD.gn

  Log Message:
  -----------
  [FlowSensitive] [StatusOr] [2/N] Add minimal model (#162932)

This model implements a dataflow analysis for reporting instances of
unchecked use of absl::StatusOr values. It makes sure that every use
the value of a StatusOr object is dominated by a check that the
StatusOr object is ok.

This is an example of code that will be flagged by the analysis:

```cpp
int f(absl::StatusOr<int> SOR) {
  return SOR.value();
}
```

This is an example of code that will not be flagged by the analysis:

```cpp
int f(absl::StatusOr<int> SOR) {
  if (SOR.ok())
    return SOR.value();
  return 0;
}
```

This model has successfully been used by Google for some time now.

This is the initial commit that adds the simplest possible model, that
only models calls to `ok()` and checks for unsafe accesses. I will add
more fidelity to the model in follow up changes.

The test setup is notable in that it has an extra indirection. This is
because we have an internal model that extends the model we intend to
upstream, in order to model special constructs only found in our code
base. The parametrized test allows us (and anyone who chooses to do
this) to make sure our extensions do not break the base functionality.

RFC:
https://discourse.llvm.org/t/rfc-abseil-unchecked-statusor-use-check/87998



To unsubscribe from these emails, change your notification settings at https://github.com/llvm/llvm-project/settings/notifications

More information about the All-commits mailing list