[PATCH] D61958: [analyzer] RetainCount: Fix a crash when os_returns_retained_on_zero (_nonzero) is applied to functions that return weird stuff.
Artem Dergachev via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Wed May 15 11:22:27 PDT 2019
NoQ created this revision.
NoQ added a reviewer: dcoughlin.
Herald added subscribers: cfe-commits, Charusso, dkrupp, donat.nagy, Szelethus, mikhail.ramalho, a.sidorin, szepet, baloghadamsoftware, xazax.hun.
Herald added a project: clang.
The checker crashes when it tries to assume a structure to be null or non-null so that to evaluate the effect of the annotation.
Repository:
rC Clang
https://reviews.llvm.org/D61958
Files:
clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountChecker.cpp
clang/test/Analysis/osobject-retain-release.cpp
Index: clang/test/Analysis/osobject-retain-release.cpp
===================================================================
--- clang/test/Analysis/osobject-retain-release.cpp
+++ clang/test/Analysis/osobject-retain-release.cpp
@@ -702,3 +702,16 @@
// returning from it at +0.
return table; // no-warning
}
+
+namespace weird_result {
+struct WeirdResult {
+ int x, y, z;
+};
+
+WeirdResult outParamWithWeirdResult(OS_RETURNS_RETAINED_ON_ZERO OSObject **obj);
+
+WeirdResult testOutParamWithWeirdResult() {
+ OSObject *obj;
+ return outParamWithWeirdResult(&obj); // no-warning
+}
+} // namespace weird_result
Index: clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountChecker.cpp
===================================================================
--- clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountChecker.cpp
+++ clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountChecker.cpp
@@ -537,6 +537,11 @@
ProgramStateRef AssumeZeroReturn = State;
if (SplitNecessary) {
+ if (!CE.getResultType()->isScalarType()) {
+ // Structures cannot be assumed. This probably deserves
+ // a compiler warning for invalid annotations.
+ return {State};
+ }
if (auto DL = L.getAs<DefinedOrUnknownSVal>()) {
AssumeNonZeroReturn = AssumeNonZeroReturn->assume(*DL, true);
AssumeZeroReturn = AssumeZeroReturn->assume(*DL, false);
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D61958.199647.patch
Type: text/x-patch
Size: 1405 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20190515/58dac334/attachment-0001.bin>
More information about the cfe-commits
mailing list