[clang] [clang][analyzer] Fix a crash in alpha.unix.BlockInCriticalSection (PR #90030)

Balazs Benics via cfe-commits cfe-commits at lists.llvm.org
Wed May 15 06:41:33 PDT 2024 

Endre =?utf-8?q?Fülöp?= <endre.fulop at sigmatechnology.com>,Balazs
 Benics <benicsbalazs at gmail.com>
Message-ID:
In-Reply-To: <llvm.org/llvm/llvm-project/pull/90030 at github.com>


https://github.com/steakhal updated https://github.com/llvm/llvm-project/pull/90030

>From af05be993f4789705cde374dbf7efefd9a18f1c4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Endre=20F=C3=BCl=C3=B6p?= <endre.fulop at sigmatechnology.com>
Date: Tue, 9 Apr 2024 10:44:43 +0200
Subject: [PATCH 1/3] [clang][analyzer] Fix alpha.unix.BlockInCriticalSection

When analyzing C code with function pointers the checker crashes because
of how the implementation extracts IdentifierInfo. Without the fix, this
test crashes.

Add crashing test
---
 .../Checkers/BlockInCriticalSectionChecker.cpp            | 8 +++++---
 clang/test/Analysis/block-in-critical-section.c           | 6 ++++++
 2 files changed, 11 insertions(+), 3 deletions(-)
 create mode 100644 clang/test/Analysis/block-in-critical-section.c

diff --git a/clang/lib/StaticAnalyzer/Checkers/BlockInCriticalSectionChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/BlockInCriticalSectionChecker.cpp
index e138debd1361c..d381a30f7e24c 100644
--- a/clang/lib/StaticAnalyzer/Checkers/BlockInCriticalSectionChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/BlockInCriticalSectionChecker.cpp
@@ -14,6 +14,7 @@
 //
 //===----------------------------------------------------------------------===//
 
+#include "clang/Analysis/AnalysisDeclContext.h"
 #include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h"
 #include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
 #include "clang/StaticAnalyzer/Core/Checker.h"
@@ -103,9 +104,10 @@ class RAIIMutexDescriptor {
       // this function is called instead of early returning it. To avoid this, a
       // bool variable (IdentifierInfoInitialized) is used and the function will
       // be run only once.
-      Guard = &Call.getCalleeAnalysisDeclContext()->getASTContext().Idents.get(
-          GuardName);
-      IdentifierInfoInitialized = true;
+      if (AnalysisDeclContext *CalleCtx = Call.getCalleeAnalysisDeclContext()) {
+        Guard = &CalleCtx->getASTContext().Idents.get(GuardName);
+        IdentifierInfoInitialized = true;
+      }
     }
   }
 
diff --git a/clang/test/Analysis/block-in-critical-section.c b/clang/test/Analysis/block-in-critical-section.c
new file mode 100644
index 0000000000000..1e174af541b18
--- /dev/null
+++ b/clang/test/Analysis/block-in-critical-section.c
@@ -0,0 +1,6 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=core,alpha.unix.BlockInCriticalSection -verify %s
+// expected-no-diagnostics
+
+// This should not crash
+int (*a)(void);
+void b(void) { a(); }

>From a18c0900f438730c3bf25ac44ceac156fd416a12 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Endre=20F=C3=BCl=C3=B6p?= <endre.fulop at sigmatechnology.com>
Date: Wed, 15 May 2024 12:08:33 +0200
Subject: [PATCH 2/3] Get ASTContext through StateManager

---
 .../Checkers/BlockInCriticalSectionChecker.cpp              | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/clang/lib/StaticAnalyzer/Checkers/BlockInCriticalSectionChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/BlockInCriticalSectionChecker.cpp
index d381a30f7e24c..c57ca262d2484 100644
--- a/clang/lib/StaticAnalyzer/Checkers/BlockInCriticalSectionChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/BlockInCriticalSectionChecker.cpp
@@ -104,10 +104,8 @@ class RAIIMutexDescriptor {
       // this function is called instead of early returning it. To avoid this, a
       // bool variable (IdentifierInfoInitialized) is used and the function will
       // be run only once.
-      if (AnalysisDeclContext *CalleCtx = Call.getCalleeAnalysisDeclContext()) {
-        Guard = &CalleCtx->getASTContext().Idents.get(GuardName);
-        IdentifierInfoInitialized = true;
-      }
+      const auto &ASTCtx = Call.getState()->getStateManager().getContext();
+      Guard = &ASTCtx.Idents.get(GuardName);
     }
   }
 

>From c6c96953c22366edd7cc6e9cb0afea7c5374d19f Mon Sep 17 00:00:00 2001
From: Balazs Benics <benicsbalazs at gmail.com>
Date: Wed, 15 May 2024 15:41:25 +0200
Subject: [PATCH 3/3] Remove unused include

---
 .../StaticAnalyzer/Checkers/BlockInCriticalSectionChecker.cpp    | 1 -
 1 file changed, 1 deletion(-)

diff --git a/clang/lib/StaticAnalyzer/Checkers/BlockInCriticalSectionChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/BlockInCriticalSectionChecker.cpp
index c57ca262d2484..92347f8fafc00 100644
--- a/clang/lib/StaticAnalyzer/Checkers/BlockInCriticalSectionChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/BlockInCriticalSectionChecker.cpp
@@ -14,7 +14,6 @@
 //
 //===----------------------------------------------------------------------===//
 
-#include "clang/Analysis/AnalysisDeclContext.h"
 #include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h"
 #include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
 #include "clang/StaticAnalyzer/Core/Checker.h"

More information about the cfe-commits mailing list