[clang] [static analyzer] Fix crash on parenthesized expression in assume attribute (PR #151682)

Iris Shi via cfe-commits cfe-commits at lists.llvm.org
Fri Aug 1 04:03:09 PDT 2025 

https://github.com/el-ev updated https://github.com/llvm/llvm-project/pull/151682

>From fa6335d597488afecfc8532ad3336a821b2bf19e Mon Sep 17 00:00:00 2001
From: Iris Shi <0.0 at owo.li>
Date: Fri, 1 Aug 2025 18:08:48 +0800
Subject: [PATCH 1/3] [static analyzer] Fix crash on parenthesized expression
 in assume attribute

---
 clang/docs/ReleaseNotes.rst                     |  2 ++
 clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp |  2 +-
 clang/test/Analysis/issue-151529.cpp            | 15 +++++++++++++++
 3 files changed, 18 insertions(+), 1 deletion(-)
 create mode 100644 clang/test/Analysis/issue-151529.cpp

diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst
index 4a2edae7509de..2dfbea312b894 100644
--- a/clang/docs/ReleaseNotes.rst
+++ b/clang/docs/ReleaseNotes.rst
@@ -148,6 +148,8 @@ Bug Fixes to Attribute Support
 
 - ``[[nodiscard]]`` is now respected on Objective-C and Objective-C++ methods.
   (#GH141504)
+- Fixed a crash in the static analyzer that when the expression in an 
+  ``[[assume(expr)]]`` attribute was enclosed in parentheses.  (#GH151529)
 
 Bug Fixes to C++ Support
 ^^^^^^^^^^^^^^^^^^^^^^^^
diff --git a/clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp b/clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp
index 85353848aa124..fe70558dfc45c 100644
--- a/clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp
+++ b/clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp
@@ -1227,7 +1227,7 @@ void ExprEngine::VisitAttributedStmt(const AttributedStmt *A,
 
   for (const auto *Attr : getSpecificAttrs<CXXAssumeAttr>(A->getAttrs())) {
     for (ExplodedNode *N : CheckerPreStmt) {
-      Visit(Attr->getAssumption(), N, EvalSet);
+      Visit(Attr->getAssumption()->IgnoreParens(), N, EvalSet);
     }
   }
 
diff --git a/clang/test/Analysis/issue-151529.cpp b/clang/test/Analysis/issue-151529.cpp
new file mode 100644
index 0000000000000..b4b758016e0d7
--- /dev/null
+++ b/clang/test/Analysis/issue-151529.cpp
@@ -0,0 +1,15 @@
+// RUN: %clang_analyze_cc1 -std=c++23 -analyzer-checker=cplusplus -verify %s
+// expected-no-diagnostics
+
+template <int ...args>
+bool issue151529()
+{
+  [[assume (((args >= 0) && ...))]];
+  return ((args >= 0) && ...);
+}
+
+int main() {
+    issue151529();
+    [[assume((true))]]; // crash
+    return 0;
+}

>From 05984ff16c509f333529acdea6cd81f68c6e0415 Mon Sep 17 00:00:00 2001
From: Iris Shi <0.0 at owo.li>
Date: Fri, 1 Aug 2025 18:53:38 +0800
Subject: [PATCH 2/3] apply suggestions

---
 clang/docs/ReleaseNotes.rst            |  4 ++--
 clang/test/Analysis/builtin_assume.cpp | 11 +++++++++++
 clang/test/Analysis/issue-151529.cpp   | 15 ---------------
 3 files changed, 13 insertions(+), 17 deletions(-)
 delete mode 100644 clang/test/Analysis/issue-151529.cpp

diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst
index 2dfbea312b894..20cadbfd00d42 100644
--- a/clang/docs/ReleaseNotes.rst
+++ b/clang/docs/ReleaseNotes.rst
@@ -148,8 +148,6 @@ Bug Fixes to Attribute Support
 
 - ``[[nodiscard]]`` is now respected on Objective-C and Objective-C++ methods.
   (#GH141504)
-- Fixed a crash in the static analyzer that when the expression in an 
-  ``[[assume(expr)]]`` attribute was enclosed in parentheses.  (#GH151529)
 
 Bug Fixes to C++ Support
 ^^^^^^^^^^^^^^^^^^^^^^^^
@@ -249,6 +247,8 @@ New features
 
 Crash and bug fixes
 ^^^^^^^^^^^^^^^^^^^
+- Fixed a crash in the static analyzer that when the expression in an 
+  ``[[assume(expr)]]`` attribute was enclosed in parentheses.  (#GH151529)
 
 Improvements
 ^^^^^^^^^^^^
diff --git a/clang/test/Analysis/builtin_assume.cpp b/clang/test/Analysis/builtin_assume.cpp
index 7158306be2b82..96a3ee6950b6d 100644
--- a/clang/test/Analysis/builtin_assume.cpp
+++ b/clang/test/Analysis/builtin_assume.cpp
@@ -62,3 +62,14 @@ int using_builtin_assume_has_no_sideeffects(int y) {
 
   return y;
 }
+
+template <int ...args>
+bool issue151529() {
+  [[assume((true))]]; // no-crash
+  [[assume(((args >= 0) && ...))]]; // no-crash
+  return ((args >= 0) && ...);
+}
+
+void instantiate_issue151529() {
+  issue151529<0>();
+}
diff --git a/clang/test/Analysis/issue-151529.cpp b/clang/test/Analysis/issue-151529.cpp
deleted file mode 100644
index b4b758016e0d7..0000000000000
--- a/clang/test/Analysis/issue-151529.cpp
+++ /dev/null
@@ -1,15 +0,0 @@
-// RUN: %clang_analyze_cc1 -std=c++23 -analyzer-checker=cplusplus -verify %s
-// expected-no-diagnostics
-
-template <int ...args>
-bool issue151529()
-{
-  [[assume (((args >= 0) && ...))]];
-  return ((args >= 0) && ...);
-}
-
-int main() {
-    issue151529();
-    [[assume((true))]]; // crash
-    return 0;
-}

>From 0b05b874806cf475d265c53ac6295ed8d90a9ce7 Mon Sep 17 00:00:00 2001
From: Iris Shi <0.0 at owo.li>
Date: Fri, 1 Aug 2025 19:02:56 +0800
Subject: [PATCH 3/3] fix warning

---
 clang/test/Analysis/builtin_assume.cpp | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/clang/test/Analysis/builtin_assume.cpp b/clang/test/Analysis/builtin_assume.cpp
index 96a3ee6950b6d..29a96c09d53ea 100644
--- a/clang/test/Analysis/builtin_assume.cpp
+++ b/clang/test/Analysis/builtin_assume.cpp
@@ -65,9 +65,11 @@ int using_builtin_assume_has_no_sideeffects(int y) {
 
 template <int ...args>
 bool issue151529() {
-  [[assume((true))]]; // no-crash
-  [[assume(((args >= 0) && ...))]]; // no-crash
-  return ((args >= 0) && ...);
+  // no-crash
+  [[assume((true))]]; 
+  // no-crash
+  [[assume(((args >= 0) && ...))]];  // expected-warning {{pack fold expression is a C++17 extension}}
+  return ((args >= 0) && ...); // expected-warning {{pack fold expression is a C++17 extension}}
 }
 
 void instantiate_issue151529() {

More information about the cfe-commits mailing list