[clang] ef67f63 - Fix analyzer crash on 'StructuralValue' (#79764)
via cfe-commits
cfe-commits at lists.llvm.org
Tue Jan 30 04:03:59 PST 2024
Author: Andrey Ali Khan Bolshakov
Date: 2024-01-30T13:03:55+01:00
New Revision: ef67f63fa5f950f4056b5783e92e137342805d74
URL: https://github.com/llvm/llvm-project/commit/ef67f63fa5f950f4056b5783e92e137342805d74
DIFF: https://github.com/llvm/llvm-project/commit/ef67f63fa5f950f4056b5783e92e137342805d74.diff
LOG: Fix analyzer crash on 'StructuralValue' (#79764)
`OpaqueValueExpr` doesn't necessarily contain a source expression.
Particularly, after #78041, it is used to carry the type and the value
kind of a non-type template argument of floating-point type or referring
to a subobject (those are so called `StructuralValue` arguments).
This fixes #79575.
Added:
Modified:
clang/lib/Sema/SemaDecl.cpp
clang/lib/StaticAnalyzer/Core/Environment.cpp
clang/test/Analysis/templates.cpp
clang/test/SemaTemplate/temp_arg_nontype_cxx20.cpp
Removed:
################################################################################
diff --git a/clang/lib/Sema/SemaDecl.cpp b/clang/lib/Sema/SemaDecl.cpp
index e725e187fc9ea..9bf1e9dd08433 100644
--- a/clang/lib/Sema/SemaDecl.cpp
+++ b/clang/lib/Sema/SemaDecl.cpp
@@ -12753,7 +12753,8 @@ namespace {
}
if (OpaqueValueExpr *OVE = dyn_cast<OpaqueValueExpr>(E)) {
- HandleValue(OVE->getSourceExpr());
+ if (Expr *SE = OVE->getSourceExpr())
+ HandleValue(SE);
return;
}
diff --git a/clang/lib/StaticAnalyzer/Core/Environment.cpp b/clang/lib/StaticAnalyzer/Core/Environment.cpp
index 4f989ed59bee3..427f51109853b 100644
--- a/clang/lib/StaticAnalyzer/Core/Environment.cpp
+++ b/clang/lib/StaticAnalyzer/Core/Environment.cpp
@@ -40,8 +40,11 @@ static const Expr *ignoreTransparentExprs(const Expr *E) {
switch (E->getStmtClass()) {
case Stmt::OpaqueValueExprClass:
- E = cast<OpaqueValueExpr>(E)->getSourceExpr();
- break;
+ if (const Expr *SE = cast<OpaqueValueExpr>(E)->getSourceExpr()) {
+ E = SE;
+ break;
+ }
+ return E;
case Stmt::ExprWithCleanupsClass:
E = cast<ExprWithCleanups>(E)->getSubExpr();
break;
@@ -98,7 +101,6 @@ SVal Environment::getSVal(const EnvironmentEntry &Entry,
case Stmt::CXXBindTemporaryExprClass:
case Stmt::ExprWithCleanupsClass:
case Stmt::GenericSelectionExprClass:
- case Stmt::OpaqueValueExprClass:
case Stmt::ConstantExprClass:
case Stmt::ParenExprClass:
case Stmt::SubstNonTypeTemplateParmExprClass:
diff --git a/clang/test/Analysis/templates.cpp b/clang/test/Analysis/templates.cpp
index 061c19fe7e044..6da1821b70f26 100644
--- a/clang/test/Analysis/templates.cpp
+++ b/clang/test/Analysis/templates.cpp
@@ -68,3 +68,16 @@ namespace rdar13954714 {
// force instantiation
template void blockWithStatic<true>();
}
+
+namespace structural_value_crash {
+ constexpr char abc[] = "abc";
+
+ template <const char* in>
+ void use_template_param() {
+ const char *p = in;
+ }
+
+ void force_instantiate() {
+ use_template_param<abc>();
+ }
+}
diff --git a/clang/test/SemaTemplate/temp_arg_nontype_cxx20.cpp b/clang/test/SemaTemplate/temp_arg_nontype_cxx20.cpp
index 834174cdf6a32..ad73daa8e214c 100644
--- a/clang/test/SemaTemplate/temp_arg_nontype_cxx20.cpp
+++ b/clang/test/SemaTemplate/temp_arg_nontype_cxx20.cpp
@@ -354,3 +354,20 @@ namespace ReportedRegression1 {
return dummy.exit_code();
}
}
+
+namespace ReportedRegression2 {
+ const char str[] = "dummy";
+
+ struct S {
+ S operator+(const char*) const;
+ };
+
+ template <const char* in>
+ void fn() {
+ auto s = S{} + in;
+ }
+
+ void use() {
+ fn<str>();
+ }
+}
More information about the cfe-commits
mailing list