[clang] 3c48263 - [analyzer] Remove pattern matching of lambda capture initializers
via cfe-commits
cfe-commits at lists.llvm.org
Mon Aug 22 04:01:00 PDT 2022
Author: isuckatcs
Date: 2022-08-22T13:00:31+02:00
New Revision: 3c482632e64c1a3e4967db325562f2e353513abc
URL: https://github.com/llvm/llvm-project/commit/3c482632e64c1a3e4967db325562f2e353513abc
DIFF: https://github.com/llvm/llvm-project/commit/3c482632e64c1a3e4967db325562f2e353513abc.diff
LOG: [analyzer] Remove pattern matching of lambda capture initializers
Prior to this patch we handled lambda captures based on their
initializer expression, which resulted in pattern matching. With
C++17 copy elision the initializer expression can be anything,
and this approach proved to be fragile and a source of crashes.
This patch removes pattern matching and only checks whether the
object is under construction or not.
Differential Revision: https://reviews.llvm.org/D131944
Added:
Modified:
clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp
clang/test/Analysis/lambdas.cpp
Removed:
################################################################################
diff --git a/clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp b/clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp
index d1b7ef7806ba7..c3f7719537789 100644
--- a/clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp
+++ b/clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp
@@ -1147,23 +1147,12 @@ void ExprEngine::VisitLambdaExpr(const LambdaExpr *LE, ExplodedNode *Pred,
assert(InitExpr && "Capture missing initialization expression");
- if (const auto AILE = dyn_cast<ArrayInitLoopExpr>(InitExpr)) {
- // If the AILE initializes a POD array, we need to keep it as the
- // InitExpr.
- if (dyn_cast<CXXConstructExpr>(AILE->getSubExpr()))
- InitExpr = AILE->getSubExpr();
- }
-
- // With C++17 copy elision this can happen.
- if (const auto *FC = dyn_cast<CXXFunctionalCastExpr>(InitExpr))
- InitExpr = FC->getSubExpr();
-
- assert(InitExpr &&
- "Extracted capture initialization expression is missing");
-
- if (dyn_cast<CXXConstructExpr>(InitExpr)) {
- InitVal = *getObjectUnderConstruction(State, {LE, Idx}, LocCtxt);
- InitVal = State->getSVal(InitVal.getAsRegion());
+ // With C++17 copy elision the InitExpr can be anything, so instead of
+ // pattern matching all cases, we simple check if the current field is
+ // under construction or not, regardless what it's InitExpr is.
+ if (const auto OUC =
+ getObjectUnderConstruction(State, {LE, Idx}, LocCtxt)) {
+ InitVal = State->getSVal(OUC->getAsRegion());
State = finishObjectConstruction(State, {LE, Idx}, LocCtxt);
} else
diff --git a/clang/test/Analysis/lambdas.cpp b/clang/test/Analysis/lambdas.cpp
index 7a6d35e0d6b21..b1d9784dcc0bf 100644
--- a/clang/test/Analysis/lambdas.cpp
+++ b/clang/test/Analysis/lambdas.cpp
@@ -3,6 +3,8 @@
// RUN: %clang_analyze_cc1 -std=c++11 -analyzer-checker=core,debug.DumpCFG -analyzer-config inline-lambdas=true %s > %t 2>&1
// RUN: FileCheck --input-file=%t %s
+#include "Inputs/system-header-simulator-cxx.h"
+
void clang_analyzer_warnIfReached();
void clang_analyzer_eval(int);
@@ -217,6 +219,13 @@ void testCopyElidedObjectCaptured(int x) {
}();
}
+static auto MakeUniquePtr() { return std::make_unique<std::vector<int>>(); }
+
+void testCopyElidedUniquePtr() {
+ [uniquePtr = MakeUniquePtr()] {}();
+ clang_analyzer_warnIfReached(); // expected-warning{{TRUE}}
+}
+
#endif
// Test inline defensive checks
More information about the cfe-commits
mailing list