[clang] [clang][analyzer] StdLibraryFunctionsChecker getcwd fix (PR #175794)

Balázs Kéri via cfe-commits cfe-commits at lists.llvm.org
Tue Jan 13 08:45:49 PST 2026 

https://github.com/balazske created https://github.com/llvm/llvm-project/pull/175794

`StdLibraryFunctionsChecker` contained the following condition for `getcwd`:
```
           .Case({NotNull(0),
                  ArgumentCondition(1, WithinRange, Range(1, SizeMax)),
                  ReturnValueCondition(BO_EQ, ArgNo(0))},
                 ErrnoMustNotBeChecked, GenericSuccessMsg)
```
In this case argument 1 should be not zero and return value is set to be equal to argument 1. This would mean that return value is implicitly not zero. But for unknown reason (probably analyzer inaccuracy) it can occur that the return value is still assumable to be zero after this condition was applied. This results in false positive if `ErrnoChecker` is enabled because when the return value is 0 value of `errno` should be allowed to be read but in this case it is not.
The bug is fixed by adding an extra (theoretically redundant) condition for the return value to be non-zero.

>From 393a073fec7df8351d6801e381b7fbec8fc218fe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bal=C3=A1zs=20K=C3=A9ri?= <balazs.keri at ericsson.com>
Date: Tue, 13 Jan 2026 16:46:03 +0100
Subject: [PATCH] [clang][analyzer] StdLibraryFunctionsChecker getcwd fix

---
 ...td-c-library-functions-char-uchar-conv.cpp | 28 +++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 clang/test/Analysis/std-c-library-functions-char-uchar-conv.cpp

diff --git a/clang/test/Analysis/std-c-library-functions-char-uchar-conv.cpp b/clang/test/Analysis/std-c-library-functions-char-uchar-conv.cpp
new file mode 100644
index 0000000000000..dcb233e072af4
--- /dev/null
+++ b/clang/test/Analysis/std-c-library-functions-char-uchar-conv.cpp
@@ -0,0 +1,28 @@
+// RUN: %clang_analyze_cc1 \
+// RUN:   -analyzer-checker=core,unix.StdCLibraryFunctions,unix.Errno \
+// RUN:   -analyzer-config unix.StdCLibraryFunctions:ModelPOSIX=true \
+// RUN:   -verify %s
+//
+// expected-no-diagnostics
+
+#include "Inputs/system-header-simulator-cxx.h"
+#include "Inputs/errno_var.h"
+
+char *getcwd(char *buf, size_t size);
+
+int main(int argc, char *argv[]) {
+  std::vector<char> charbuf;
+  if (!getcwd(charbuf.data(), charbuf.size() - 1)) {
+    if (errno == 2) {
+      return 1;
+    }
+  }
+
+  std::vector<unsigned char> ucharbuf;
+  if (!getcwd((char*)ucharbuf.data(), ucharbuf.size() - 1)) {
+    if (errno == 2) { // no (false) warning from unix.Errno on this line
+      return 1;
+    }
+  }
+  return 0;
+}

More information about the cfe-commits mailing list