[clang] c184072 - [analyzer] Fix StringChecker for Unknown params
Balazs Benics via cfe-commits
cfe-commits at lists.llvm.org
Tue Oct 26 09:15:17 PDT 2021
Author: Balazs Benics
Date: 2021-10-26T18:15:00+02:00
New Revision: c18407217e91abea73555e07956d7132dd093bd2
URL: https://github.com/llvm/llvm-project/commit/c18407217e91abea73555e07956d7132dd093bd2
DIFF: https://github.com/llvm/llvm-project/commit/c18407217e91abea73555e07956d7132dd093bd2.diff
LOG: [analyzer] Fix StringChecker for Unknown params
It seems like protobuf crashed the `std::string` checker.
Somehow it acquired `UnknownVal` as the sole `std::string` constructor
parameter, causing a crash in the `castAs<Loc>()`.
This patch addresses this.
Reviewed By: martong
Differential Revision: https://reviews.llvm.org/D112551
Added:
Modified:
clang/lib/StaticAnalyzer/Checkers/StringChecker.cpp
clang/test/Analysis/std-string.cpp
Removed:
################################################################################
diff --git a/clang/lib/StaticAnalyzer/Checkers/StringChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/StringChecker.cpp
index 56b9cdb95c384..9c9680b96a46c 100644
--- a/clang/lib/StaticAnalyzer/Checkers/StringChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/StringChecker.cpp
@@ -67,15 +67,18 @@ void StringChecker::checkPreCall(const CallEvent &Call,
CheckerContext &C) const {
if (!isCharToStringCtor(Call, C.getASTContext()))
return;
- const Loc Param = Call.getArgSVal(0).castAs<Loc>();
+ const auto Param = Call.getArgSVal(0).getAs<Loc>();
+ if (!Param.hasValue())
+ return;
// We managed to constrain the parameter to non-null.
ProgramStateRef NotNull, Null;
- std::tie(NotNull, Null) = C.getState()->assume(Param);
+ std::tie(NotNull, Null) = C.getState()->assume(*Param);
if (NotNull) {
const auto Callback = [Param](PathSensitiveBugReport &BR) -> std::string {
- return BR.isInteresting(Param) ? "Assuming the pointer is not null." : "";
+ return BR.isInteresting(*Param) ? "Assuming the pointer is not null."
+ : "";
};
// Emit note only if this operation constrained the pointer to be null.
diff --git a/clang/test/Analysis/std-string.cpp b/clang/test/Analysis/std-string.cpp
index 4755018b9546a..ee6dc02f066fe 100644
--- a/clang/test/Analysis/std-string.cpp
+++ b/clang/test/Analysis/std-string.cpp
@@ -8,6 +8,7 @@
void clang_analyzer_eval(bool);
void clang_analyzer_warnIfReached();
+template <typename T> void clang_analyzer_dump(T);
void free(void *ptr);
@@ -43,6 +44,12 @@ void null_constant_parameter() {
// expected-note at -2 {{The parameter must not be null}}
}
+void unknown_ctor_param(const char *p) {
+ // Pass 'UnknownVal' to the std::string constructor.
+ clang_analyzer_dump((char *)(p == 0)); // expected-warning {{Unknown}} expected-note {{Unknown}}
+ std::string x((char *)(p == 0)); // no-crash, no-warning
+}
+
void ctor_notetag_on_constraining_symbol(const char *p) {
clang_analyzer_eval(p == 0); // expected-warning {{UNKNOWN}} expected-note {{UNKNOWN}}
std::string x(p); // expected-note {{Assuming the pointer is not null}}
More information about the cfe-commits
mailing list