[clang] 985e399 - [analyzer] Fix assertion on casting SVal to NonLoc inside the IteratorRange checker
Balazs Benics via cfe-commits
cfe-commits at lists.llvm.org
Mon Aug 28 03:03:08 PDT 2023
Author: Balazs Benics
Date: 2023-08-28T12:02:48+02:00
New Revision: 985e399647d591d6130ba6fe08c5b5f6cb87d9f6
URL: https://github.com/llvm/llvm-project/commit/985e399647d591d6130ba6fe08c5b5f6cb87d9f6
DIFF: https://github.com/llvm/llvm-project/commit/985e399647d591d6130ba6fe08c5b5f6cb87d9f6.diff
LOG: [analyzer] Fix assertion on casting SVal to NonLoc inside the IteratorRange checker
The checker assumed that it could safely cast an SVal to Nonloc.
This surfaced because, with std::ranges, we can unintentionally match
on other APIs as well, thus increasing the likelihood of violating
checker assumptions about the context it's invoked.
https://godbolt.org/z/13vEb3K76
See the discourse post on CallDescriptions and std::ranges here.
https://discourse.llvm.org/t/calldescriptions-should-not-skip-the-ranges-part-in-std-names-when-matching/73076
Fixes https://github.com/llvm/llvm-project/issues/65009
Differential Revision: https://reviews.llvm.org/D158968
Added:
Modified:
clang/lib/StaticAnalyzer/Checkers/IteratorRangeChecker.cpp
clang/test/Analysis/iterator-range.cpp
Removed:
################################################################################
diff --git a/clang/lib/StaticAnalyzer/Checkers/IteratorRangeChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/IteratorRangeChecker.cpp
index c682449921acc6..7740c3d4da1ec2 100644
--- a/clang/lib/StaticAnalyzer/Checkers/IteratorRangeChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/IteratorRangeChecker.cpp
@@ -228,7 +228,7 @@ void IteratorRangeChecker::verifyRandomIncrOrDecr(CheckerContext &C,
Value = State->getRawSVal(*ValAsLoc);
}
- if (Value.isUnknownOrUndef())
+ if (Value.isUnknownOrUndef() || !isa<NonLoc>(Value))
return;
// Incremention or decremention by 0 is never a bug.
diff --git a/clang/test/Analysis/iterator-range.cpp b/clang/test/Analysis/iterator-range.cpp
index 849a1e9814ae39..ba5d0144775e92 100644
--- a/clang/test/Analysis/iterator-range.cpp
+++ b/clang/test/Analysis/iterator-range.cpp
@@ -946,3 +946,14 @@ int uninit_var(int n) {
// expected-warning at -1 {{The right operand of '-' is a garbage value}}
// expected-note at -2 {{The right operand of '-' is a garbage value}}
}
+
+namespace std {
+namespace ranges {
+ template <class InOutIter, class Sentinel>
+ InOutIter next(InOutIter, Sentinel);
+} // namespace ranges
+} // namespace std
+
+void gh65009__no_crash_on_ranges_next(int **begin, int **end) {
+ (void)std::ranges::next(begin, end); // no-crash
+}
More information about the cfe-commits
mailing list