[clang] Fix an implicit cast to a base ref counted class generates a false positive. (PR #80934)
Ryosuke Niwa via cfe-commits
cfe-commits at lists.llvm.org
Tue Feb 6 20:16:37 PST 2024
https://github.com/rniwa created https://github.com/llvm/llvm-project/pull/80934
The bug was caused by isRefCountable erroneously returning false for a class with both ref() and deref() functions defined because we were not resetting the base paths results between looking for "ref()" and "deref()"
>From 377f096eda881b9a7c9b4d413081f11a3c4af62e Mon Sep 17 00:00:00 2001
From: Ryosuke Niwa <rniwa at webkit.org>
Date: Tue, 6 Feb 2024 20:10:33 -0800
Subject: [PATCH] Fix an implicit cast to a base ref counted class generates a
false positive.
The bug was caused by isRefCountable erroneously returning false for a class
with both ref() and deref() functions defined because we were not resetting
the base paths results between looking for "ref()" and "deref()"
---
.../Checkers/WebKit/PtrTypesSemantics.cpp | 1 +
...to-base-class-with-deref-in-superclass.cpp | 51 +++++++++++++++++++
2 files changed, 52 insertions(+)
create mode 100644 clang/test/Analysis/Checkers/WebKit/implicit-cast-to-base-class-with-deref-in-superclass.cpp
diff --git a/clang/lib/StaticAnalyzer/Checkers/WebKit/PtrTypesSemantics.cpp b/clang/lib/StaticAnalyzer/Checkers/WebKit/PtrTypesSemantics.cpp
index d2b66341058000..0fd8afedc0b0f5 100644
--- a/clang/lib/StaticAnalyzer/Checkers/WebKit/PtrTypesSemantics.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/WebKit/PtrTypesSemantics.cpp
@@ -84,6 +84,7 @@ std::optional<bool> isRefCountable(const CXXRecordDecl* R)
if (AnyInconclusiveBase)
return std::nullopt;
+ Paths.clear();
const auto hasPublicDerefInBase =
[&AnyInconclusiveBase](const CXXBaseSpecifier *Base, CXXBasePath &) {
auto hasDerefInBase = clang::hasPublicMethodInBase(Base, "deref");
diff --git a/clang/test/Analysis/Checkers/WebKit/implicit-cast-to-base-class-with-deref-in-superclass.cpp b/clang/test/Analysis/Checkers/WebKit/implicit-cast-to-base-class-with-deref-in-superclass.cpp
new file mode 100644
index 00000000000000..49826c98a4610d
--- /dev/null
+++ b/clang/test/Analysis/Checkers/WebKit/implicit-cast-to-base-class-with-deref-in-superclass.cpp
@@ -0,0 +1,51 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=alpha.webkit.UncountedCallArgsChecker -verify %s
+// expected-no-diagnostics
+
+template<typename T>
+class Ref {
+public:
+ ~Ref()
+ {
+ if (auto* ptr = m_ptr)
+ ptr->deref();
+ m_ptr = nullptr;
+ }
+
+ Ref(T& object)
+ : m_ptr(&object)
+ {
+ object.ref();
+ }
+
+ operator T&() const { return *m_ptr; }
+ bool operator!() const { return !*m_ptr; }
+
+private:
+ T* m_ptr;
+};
+
+class Base {
+public:
+ virtual ~Base();
+ void ref() const;
+ void deref() const;
+};
+
+class Event : public Base {
+protected:
+ explicit Event();
+};
+
+class SubEvent : public Event {
+public:
+ static Ref<SubEvent> create();
+private:
+ SubEvent() = default;
+};
+
+void someFunction(Base&);
+
+static void test()
+{
+ someFunction(SubEvent::create());
+}
More information about the cfe-commits
mailing list