[clang] [analyzer] MallocChecker: Recognize std::atomics in smart pointer suppression. (PR #90918)
Artem Dergachev via cfe-commits
cfe-commits at lists.llvm.org
Mon May 6 18:22:15 PDT 2024
================
@@ -3479,13 +3479,24 @@ PathDiagnosticPieceRef MallocBugVisitor::VisitNode(const ExplodedNode *N,
// original reference count is positive, we should not report use-after-frees
// on objects deleted in such destructors. This can probably be improved
// through better shared pointer modeling.
- if (ReleaseDestructorLC) {
+ if (ReleaseDestructorLC && (ReleaseDestructorLC == CurrentLC ||
+ ReleaseDestructorLC->isParentOf(CurrentLC))) {
if (const auto *AE = dyn_cast<AtomicExpr>(S)) {
+ // Check for manual use of atomic builtins.
AtomicExpr::AtomicOp Op = AE->getOp();
if (Op == AtomicExpr::AO__c11_atomic_fetch_add ||
Op == AtomicExpr::AO__c11_atomic_fetch_sub) {
- if (ReleaseDestructorLC == CurrentLC ||
- ReleaseDestructorLC->isParentOf(CurrentLC)) {
+ BR.markInvalid(getTag(), S);
+ }
+ } else if (const auto *CE = dyn_cast<CallExpr>(S)) {
+ // Check for `std::atomic` and such. This covers both regular method calls
+ // and operator calls.
+ if (const auto *MD =
+ dyn_cast_or_null<CXXMethodDecl>(CE->getDirectCallee())) {
+ const CXXRecordDecl *RD = MD->getParent();
+ // A bit wobbly with ".contains()" because it may be like
+ // "__atomic_base" or something.
+ if (StringRef(RD->getNameAsString()).contains("atomic")) {
----------------
haoNoQ wrote:
> Do we need to do the heavy weight `getNameAsString` here? Could we get the identifier instead?
Dunno do we still care about this? This isn't a hot path, and it's so annoying and error-prone to check the crash pre-condition first. If it's fast enough for ASTMatchers it's probably fast enough for us.
I feel like, since nobody provided a safer method, and since the documentation appears to be very stale (`getNameAsString` is described as deprecated but it's already clear that it's not going anywhere), this doesn't appear to be a real problem to anybody.
Though, I'm very open to changing my mind about this :)
https://github.com/llvm/llvm-project/pull/90918
More information about the cfe-commits
mailing list