[clang] Fix analyzer crash on 'StructuralValue' (PR #79764)
Andrey Ali Khan Bolshakov via cfe-commits
cfe-commits at lists.llvm.org
Mon Jan 29 07:50:00 PST 2024
https://github.com/bolshakov-a updated https://github.com/llvm/llvm-project/pull/79764
>From b3debeb88fdc3d50f257be56f3e60ae7bf83cc07 Mon Sep 17 00:00:00 2001
From: Bolshakov <bolsh.andrey at yandex.ru>
Date: Sun, 28 Jan 2024 21:12:10 +0300
Subject: [PATCH] Fix crashes on 'StructuralValue'
`OpaqueValueExpr` doesn't necessarily contain a source expression.
Particularly, after #78041, it is used to carry the type and the value
kind of a non-type template argument of floating-point type or referring
to a subobject (those are so called `StructuralValue` arguments).
This fixes #79575.
---
clang/lib/Sema/SemaDecl.cpp | 3 ++-
clang/lib/StaticAnalyzer/Core/Environment.cpp | 8 +++++---
clang/test/Analysis/templates.cpp | 13 +++++++++++++
.../SemaTemplate/temp_arg_nontype_cxx20.cpp | 17 +++++++++++++++++
4 files changed, 37 insertions(+), 4 deletions(-)
diff --git a/clang/lib/Sema/SemaDecl.cpp b/clang/lib/Sema/SemaDecl.cpp
index e725e187fc9ea0..9bf1e9dd084331 100644
--- a/clang/lib/Sema/SemaDecl.cpp
+++ b/clang/lib/Sema/SemaDecl.cpp
@@ -12753,7 +12753,8 @@ namespace {
}
if (OpaqueValueExpr *OVE = dyn_cast<OpaqueValueExpr>(E)) {
- HandleValue(OVE->getSourceExpr());
+ if (Expr *SE = OVE->getSourceExpr())
+ HandleValue(SE);
return;
}
diff --git a/clang/lib/StaticAnalyzer/Core/Environment.cpp b/clang/lib/StaticAnalyzer/Core/Environment.cpp
index 4f989ed59bee38..427f51109853bd 100644
--- a/clang/lib/StaticAnalyzer/Core/Environment.cpp
+++ b/clang/lib/StaticAnalyzer/Core/Environment.cpp
@@ -40,8 +40,11 @@ static const Expr *ignoreTransparentExprs(const Expr *E) {
switch (E->getStmtClass()) {
case Stmt::OpaqueValueExprClass:
- E = cast<OpaqueValueExpr>(E)->getSourceExpr();
- break;
+ if (const Expr *SE = cast<OpaqueValueExpr>(E)->getSourceExpr()) {
+ E = SE;
+ break;
+ }
+ return E;
case Stmt::ExprWithCleanupsClass:
E = cast<ExprWithCleanups>(E)->getSubExpr();
break;
@@ -98,7 +101,6 @@ SVal Environment::getSVal(const EnvironmentEntry &Entry,
case Stmt::CXXBindTemporaryExprClass:
case Stmt::ExprWithCleanupsClass:
case Stmt::GenericSelectionExprClass:
- case Stmt::OpaqueValueExprClass:
case Stmt::ConstantExprClass:
case Stmt::ParenExprClass:
case Stmt::SubstNonTypeTemplateParmExprClass:
diff --git a/clang/test/Analysis/templates.cpp b/clang/test/Analysis/templates.cpp
index 061c19fe7e0445..6da1821b70f26f 100644
--- a/clang/test/Analysis/templates.cpp
+++ b/clang/test/Analysis/templates.cpp
@@ -68,3 +68,16 @@ namespace rdar13954714 {
// force instantiation
template void blockWithStatic<true>();
}
+
+namespace structural_value_crash {
+ constexpr char abc[] = "abc";
+
+ template <const char* in>
+ void use_template_param() {
+ const char *p = in;
+ }
+
+ void force_instantiate() {
+ use_template_param<abc>();
+ }
+}
diff --git a/clang/test/SemaTemplate/temp_arg_nontype_cxx20.cpp b/clang/test/SemaTemplate/temp_arg_nontype_cxx20.cpp
index 834174cdf6a32d..ad73daa8e214c3 100644
--- a/clang/test/SemaTemplate/temp_arg_nontype_cxx20.cpp
+++ b/clang/test/SemaTemplate/temp_arg_nontype_cxx20.cpp
@@ -354,3 +354,20 @@ namespace ReportedRegression1 {
return dummy.exit_code();
}
}
+
+namespace ReportedRegression2 {
+ const char str[] = "dummy";
+
+ struct S {
+ S operator+(const char*) const;
+ };
+
+ template <const char* in>
+ void fn() {
+ auto s = S{} + in;
+ }
+
+ void use() {
+ fn<str>();
+ }
+}
More information about the cfe-commits
mailing list