[clang] fba6c88 - [analyzer] Fix wrong `builtin_*_overflow` return type (#111253)
via cfe-commits
cfe-commits at lists.llvm.org
Sat Oct 5 08:21:35 PDT 2024
Author: Pavel Skripkin
Date: 2024-10-05T17:21:31+02:00
New Revision: fba6c887c110a501b311f6b01721eaf3a5dd994e
URL: https://github.com/llvm/llvm-project/commit/fba6c887c110a501b311f6b01721eaf3a5dd994e
DIFF: https://github.com/llvm/llvm-project/commit/fba6c887c110a501b311f6b01721eaf3a5dd994e.diff
LOG: [analyzer] Fix wrong `builtin_*_overflow` return type (#111253)
`builtin_*_overflow` functions return `_Bool` according to [1].
`BuiltinFunctionChecker` was using `makeTruthVal` w/o specifying
explicit type, which creates an `int` value, since it's the type of any
compassion according to C standard.
Fix it by directly passing `BoolTy` to `makeTruthVal`
Closes: #111147
[1]
https://clang.llvm.org/docs/LanguageExtensions.html#checked-arithmetic-builtins
Added:
Modified:
clang/lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp
clang/test/Analysis/builtin_overflow.c
Removed:
################################################################################
diff --git a/clang/lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp
index 69d8e968283b37..4ab0c4c9ae7b70 100644
--- a/clang/lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp
@@ -183,6 +183,7 @@ void BuiltinFunctionChecker::handleOverflowBuiltin(const CallEvent &Call,
ProgramStateRef State = C.getState();
SValBuilder &SVB = C.getSValBuilder();
const Expr *CE = Call.getOriginExpr();
+ auto BoolTy = C.getASTContext().BoolTy;
SVal Arg1 = Call.getArgSVal(0);
SVal Arg2 = Call.getArgSVal(1);
@@ -193,8 +194,8 @@ void BuiltinFunctionChecker::handleOverflowBuiltin(const CallEvent &Call,
auto [Overflow, NotOverflow] = checkOverflow(C, RetValMax, ResultType);
if (NotOverflow) {
- ProgramStateRef StateNoOverflow =
- State->BindExpr(CE, C.getLocationContext(), SVB.makeTruthVal(false));
+ ProgramStateRef StateNoOverflow = State->BindExpr(
+ CE, C.getLocationContext(), SVB.makeTruthVal(false, BoolTy));
if (auto L = Call.getArgSVal(2).getAs<Loc>()) {
StateNoOverflow =
@@ -212,9 +213,9 @@ void BuiltinFunctionChecker::handleOverflowBuiltin(const CallEvent &Call,
}
if (Overflow) {
- C.addTransition(
- State->BindExpr(CE, C.getLocationContext(), SVB.makeTruthVal(true)),
- createBuiltinOverflowNoteTag(C));
+ C.addTransition(State->BindExpr(CE, C.getLocationContext(),
+ SVB.makeTruthVal(true, BoolTy)),
+ createBuiltinOverflowNoteTag(C));
}
}
diff --git a/clang/test/Analysis/builtin_overflow.c b/clang/test/Analysis/builtin_overflow.c
index 5c61795661d095..9d98ce7a1af45c 100644
--- a/clang/test/Analysis/builtin_overflow.c
+++ b/clang/test/Analysis/builtin_overflow.c
@@ -1,5 +1,5 @@
// RUN: %clang_analyze_cc1 -triple x86_64-unknown-unknown -verify %s \
-// RUN: -analyzer-checker=core,debug.ExprInspection
+// RUN: -analyzer-checker=core,debug.ExprInspection,alpha.core.BoolAssignment
#define __UINT_MAX__ (__INT_MAX__ * 2U + 1U)
#define __INT_MIN__ (-__INT_MAX__ - 1)
@@ -155,3 +155,12 @@ void test_uadd_overflow_contraints(unsigned a, unsigned b)
return;
}
}
+
+void test_bool_assign(void)
+{
+ int res;
+
+ // Reproduce issue from GH#111147. __builtin_*_overflow funcions
+ // should return _Bool, but not int.
+ _Bool ret = __builtin_mul_overflow(10, 20, &res); // no crash
+}
More information about the cfe-commits
mailing list