[clang] 98d5509 - Fix assertion failure "PathDiagnosticSpotPiece's must have a valid location." in ReturnPtrRange checker on builtin functions

Balazs Benics via cfe-commits cfe-commits at lists.llvm.org
Thu Jan 26 08:36:29 PST 2023 

Author: Arseniy Zaostrovnykh
Date: 2023-01-26T17:26:05+01:00
New Revision: 98d55095d85129c2776a9d7a227c5f88e3ce2e01

URL: https://github.com/llvm/llvm-project/commit/98d55095d85129c2776a9d7a227c5f88e3ce2e01
DIFF: https://github.com/llvm/llvm-project/commit/98d55095d85129c2776a9d7a227c5f88e3ce2e01.diff

LOG: Fix assertion failure "PathDiagnosticSpotPiece's must have a valid location." in ReturnPtrRange checker on builtin functions

Builtin functions (such as `std::move`, `std::forward`, `std::as_const`)
have a body generated during the analysis not related to any source file
so their statements have no valid source locations.
`ReturnPtrRange` checker should not report issues for these builtin
functions because they only forward its parameter and do not create any
new pointers.

Fixes #55347

Patch by Arseniy Zaostrovnykh.

Reviewed By: NoQ

Differential Revision: https://reviews.llvm.org/D138713

Added: 
    

Modified: 
    clang/lib/StaticAnalyzer/Checkers/ReturnPointerRangeChecker.cpp
    clang/test/Analysis/return-ptr-range.cpp

Removed: 
    


################################################################################
diff  --git a/clang/lib/StaticAnalyzer/Checkers/ReturnPointerRangeChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/ReturnPointerRangeChecker.cpp
index b35ab1fe23ce3..b85d0adb8eafb 100644
--- a/clang/lib/StaticAnalyzer/Checkers/ReturnPointerRangeChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/ReturnPointerRangeChecker.cpp
@@ -41,6 +41,10 @@ void ReturnPointerRangeChecker::checkPreStmt(const ReturnStmt *RS,
   if (!RetE)
     return;
 
+  // Skip "body farmed" functions.
+  if (RetE->getSourceRange().isInvalid())
+    return;
+
   SVal V = C.getSVal(RetE);
   const MemRegion *R = V.getAsRegion();
 

diff  --git a/clang/test/Analysis/return-ptr-range.cpp b/clang/test/Analysis/return-ptr-range.cpp
index 34c953ee213b7..507720a47ea7d 100644
--- a/clang/test/Analysis/return-ptr-range.cpp
+++ b/clang/test/Analysis/return-ptr-range.cpp
@@ -115,3 +115,14 @@ Data *test_struct_array() {
 
 }
 
+namespace std {
+// A builtin function with the body generated on the fly.
+template <typename T> T&& move(T &&) noexcept;
+} // namespace std
+
+char buf[2];
+
+void top() {
+  // see https://github.com/llvm/llvm-project/issues/55347
+  (void)std::move(*(buf + 3)); // no-crash
+}

More information about the cfe-commits mailing list