[clang] [clang][analyzer] Handle CXXParenInitListExpr alongside InitListExpr (PR #136041)
Fangyi Zhou via cfe-commits
cfe-commits at lists.llvm.org
Thu Apr 17 15:01:17 PDT 2025
https://github.com/fangyi-zhou updated https://github.com/llvm/llvm-project/pull/136041
>From 6379f403e0967b820f9385581f9d23dd18297831 Mon Sep 17 00:00:00 2001
From: Fangyi Zhou <me at fangyi.io>
Date: Wed, 16 Apr 2025 23:52:39 +0100
Subject: [PATCH] [clang][analyzer] Handle CXXParenInitListExpr alongside
InitListExpr
As reported in #135665, C++20 parenthesis initializer list expressions
are not handled correctly and were causing crashes. This commit attempts
to fix the issue by handing parenthesis initializer lists along side
existing initializer lists.
---
clang/docs/ReleaseNotes.rst | 22 ++++---------------
.../Checkers/DynamicTypePropagation.cpp | 6 ++---
.../lib/StaticAnalyzer/Core/ExprEngineCXX.cpp | 10 +++++----
clang/test/Analysis/PR135665.cpp | 19 ++++++++++++++++
4 files changed, 32 insertions(+), 25 deletions(-)
create mode 100644 clang/test/Analysis/PR135665.cpp
diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst
index c75d83a6d1a7a..88259fbb8278d 100644
--- a/clang/docs/ReleaseNotes.rst
+++ b/clang/docs/ReleaseNotes.rst
@@ -219,12 +219,6 @@ Modified Compiler Flags
- `-Wpadded` option implemented for the `x86_64-windows-msvc` target. Fixes #61702
-- The ``-mexecute-only`` and ``-mpure-code`` flags are now accepted for AArch64 targets. (#GH125688)
-
-- The ``-Og`` optimization flag now sets ``-fextend-variable-liveness``,
- reducing performance slightly while reducing the number of optimized-out
- variables.
-
Removed Compiler Flags
-------------------------
@@ -432,9 +426,6 @@ Bug Fixes in This Version
using C++23 "deducing this" did not have a diagnostic location (#GH135522)
- Fixed a crash when a ``friend`` function is redefined as deleted. (#GH135506)
-- Fixed a crash when ``#embed`` appears as a part of a failed constant
- evaluation. The crashes were happening during diagnostics emission due to
- unimplemented statement printer. (#GH132641)
Bug Fixes to Compiler Builtins
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
@@ -477,11 +468,9 @@ Bug Fixes to C++ Support
by template argument deduction.
- Clang is now better at instantiating the function definition after its use inside
of a constexpr lambda. (#GH125747)
-- Fixed a local class member function instantiation bug inside dependent lambdas. (#GH59734), (#GH132208)
- Clang no longer crashes when trying to unify the types of arrays with
certain differences in qualifiers (this could happen during template argument
deduction or when building a ternary operator). (#GH97005)
-- Fixed type alias CTAD issues involving default template arguments. (#GH134471)
- The initialization kind of elements of structured bindings
direct-list-initialized from an array is corrected to direct-initialization.
- Clang no longer crashes when a coroutine is declared ``[[noreturn]]``. (#GH127327)
@@ -497,10 +486,6 @@ Bug Fixes to C++ Support
- Fixes matching of nested template template parameters. (#GH130362)
- Correctly diagnoses template template paramters which have a pack parameter
not in the last position.
-- Disallow overloading on struct vs class on dependent types, which is IFNDR, as
- this makes the problem diagnosable.
-- Improved preservation of the presence or abscence of typename specifier when
- printing types in diagnostics.
- Clang now correctly parses ``if constexpr`` expressions in immediate function context. (#GH123524)
- Fixed an assertion failure affecting code that uses C++23 "deducing this". (#GH130272)
- Clang now properly instantiates destructors for initialized members within non-delegating constructors. (#GH93251)
@@ -575,9 +560,6 @@ Arm and AArch64 Support
- Support for __ptrauth type qualifier has been added.
-- For AArch64, added support for generating executable-only code sections by using the
- ``-mexecute-only`` or ``-mpure-code`` compiler flags. (#GH125688)
-
Android Support
^^^^^^^^^^^^^^^
@@ -667,6 +649,10 @@ Code Completion
Static Analyzer
---------------
+- Fixed a crash when C++20 parenthesized initializer lists are used. This issue
+ was causing a crash in clang-tidy. (#GH136041)
+
+- Fixed a crash when C++20 parenthesized initializer lists are used. (#GH136041)
New features
^^^^^^^^^^^^
diff --git a/clang/lib/StaticAnalyzer/Checkers/DynamicTypePropagation.cpp b/clang/lib/StaticAnalyzer/Checkers/DynamicTypePropagation.cpp
index a0bf776b11f53..e58329817d7cd 100644
--- a/clang/lib/StaticAnalyzer/Checkers/DynamicTypePropagation.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/DynamicTypePropagation.cpp
@@ -379,9 +379,9 @@ void DynamicTypePropagation::checkPostCall(const CallEvent &Call,
// aggregates, and in such case no top-frame constructor will be called.
// Figure out if we need to do anything in this case.
// FIXME: Instead of relying on the ParentMap, we should have the
- // trigger-statement (InitListExpr in this case) available in this
- // callback, ideally as part of CallEvent.
- if (isa_and_nonnull<InitListExpr>(
+ // trigger-statement (InitListExpr or CXXParenListInitExpr in this case)
+ // available in this callback, ideally as part of CallEvent.
+ if (isa_and_nonnull<InitListExpr, CXXParenListInitExpr>(
LCtx->getParentMap().getParent(Ctor->getOriginExpr())))
return;
diff --git a/clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp b/clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp
index 7e878f922a939..92ce3fa2225c8 100644
--- a/clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp
+++ b/clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp
@@ -644,9 +644,10 @@ void ExprEngine::handleConstructor(const Expr *E,
// FIXME: For now this code essentially bails out. We need to find the
// correct target region and set it.
// FIXME: Instead of relying on the ParentMap, we should have the
- // trigger-statement (InitListExpr in this case) passed down from CFG or
- // otherwise always available during construction.
- if (isa_and_nonnull<InitListExpr>(LCtx->getParentMap().getParent(E))) {
+ // trigger-statement (InitListExpr or CXXParenListInitExpr in this case)
+ // passed down from CFG or otherwise always available during construction.
+ if (isa_and_nonnull<InitListExpr, CXXParenListInitExpr>(
+ LCtx->getParentMap().getParent(E))) {
MemRegionManager &MRMgr = getSValBuilder().getRegionManager();
Target = loc::MemRegionVal(MRMgr.getCXXTempObjectRegion(E, LCtx));
CallOpts.IsCtorOrDtorWithImproperlyModeledTargetRegion = true;
@@ -1017,7 +1018,8 @@ void ExprEngine::VisitCXXNewExpr(const CXXNewExpr *CNE, ExplodedNode *Pred,
// values are properly placed inside the required region, however if an
// initializer list is used, this doesn't happen automatically.
auto *Init = CNE->getInitializer();
- bool isInitList = isa_and_nonnull<InitListExpr>(Init);
+ bool isInitList =
+ isa_and_nonnull<InitListExpr, CXXParenListInitExpr>(Init);
QualType ObjTy =
isInitList ? Init->getType() : CNE->getType()->getPointeeType();
diff --git a/clang/test/Analysis/PR135665.cpp b/clang/test/Analysis/PR135665.cpp
new file mode 100644
index 0000000000000..124b8c9b97b04
--- /dev/null
+++ b/clang/test/Analysis/PR135665.cpp
@@ -0,0 +1,19 @@
+// RUN: %clang_analyze_cc1 -std=c++20 -analyzer-checker=core -verify %s
+
+// expected-no-diagnostics
+
+template<typename... F>
+struct overload : public F...
+{
+ using F::operator()...;
+};
+
+template<typename... F>
+overload(F&&...) -> overload<F...>;
+
+int main()
+{
+ const auto l = overload([](const int* i) {});
+
+ return 0;
+}
More information about the cfe-commits
mailing list