[PATCH] D146538: [analyzer] Fix crashing getSValFromInitListExpr for nested initlists

Balázs Benics via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Tue Mar 21 09:13:32 PDT 2023 

steakhal created this revision.
steakhal added reviewers: xazax.hun, NoQ.
Herald added subscribers: manas, ASDenysPetrov, martong, dkrupp, donat.nagy, Szelethus, mikhail.ramalho, a.sidorin, rnkovacs, szepet, baloghadamsoftware.
Herald added a reviewer: Szelethus.
Herald added a project: All.
steakhal requested review of this revision.
Herald added a project: clang.
Herald added a subscriber: cfe-commits.

In the following example, we will end up hitting the `llvm_unreachable()`:
https://godbolt.org/z/5sccc95Ec

  enum class E {};
  const E glob[] = {{}};
  void initlistWithinInitlist() {
    clang_analyzer_dump(glob[0]); // crashes at loading from `glob[0]`
  }

We should just return `std::nullopt` instead for these cases. It's better than crashing.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D146538

Files:
  clang/lib/StaticAnalyzer/Core/RegionStore.cpp
  clang/test/Analysis/initialization.cpp


Index: clang/test/Analysis/initialization.cpp
===================================================================
--- clang/test/Analysis/initialization.cpp
+++ clang/test/Analysis/initialization.cpp
@@ -249,3 +249,10 @@
   clang_analyzer_eval(glob_arr9[1][2] == 7); // expected-warning{{TRUE}}
   clang_analyzer_eval(glob_arr9[1][3] == 0); // expected-warning{{TRUE}}
 }
+
+enum class E {};
+const E glob[] = {{}};
+void initlistWithinInitlist() {
+  // no-crash
+  clang_analyzer_dump(glob[0]); // expected-warning-re {{reg_${{[0-9]+}}<enum E Element{glob,0 S64b,enum E}>}}
+}
Index: clang/lib/StaticAnalyzer/Core/RegionStore.cpp
===================================================================
--- clang/lib/StaticAnalyzer/Core/RegionStore.cpp
+++ clang/lib/StaticAnalyzer/Core/RegionStore.cpp
@@ -1849,8 +1849,12 @@
     // Go to the nested initializer list.
     ILE = IL;
   }
-  llvm_unreachable(
-      "Unhandled InitListExpr sub-expressions or invalid offsets.");
+
+  assert(ILE);
+
+  // FIXME: Unhandeled InitListExpr sub-expression, possibly constructing an
+  //        enum?
+  return std::nullopt;
 }
 
 /// Returns an SVal, if possible, for the specified position in a string


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D146538.507011.patch
Type: text/x-patch
Size: 1197 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20230321/c227bc0a/attachment.bin>

More information about the cfe-commits mailing list