[libcxx-commits] [clang] [compiler-rt] [libcxx] [clang] Add unistd fortify checks and analyzer size constraints (PR #196499)

Denys Fedoryshchenko via libcxx-commits libcxx-commits at lists.llvm.org
Tue May 12 06:19:25 PDT 2026 

================
@@ -1165,7 +1165,112 @@ void Sema::checkFortifiedBuiltinMemoryFunction(FunctionDecl *FD,
 
   unsigned BuiltinID = UseDecl->getBuiltinID(/*ConsiderWrappers=*/true);
 
-  if (!BuiltinID)
+  // Some libc I/O functions are intentionally not Clang builtins:
+  //   * "read", "write", "readlink", "readlinkat", and "getcwd" are common
+  //     identifiers (or names that appear in asm-label wrappers); declaring
+  //     them as builtins triggers -Wincompatible-library-redeclaration on
+  //     harmless local declarations (an error under -Werror).
+  //   * pread/pwrite prototypes use off_t, whose width is platform- and
+  //     macro-dependent (notably _FILE_OFFSET_BITS); a fixed builtin signature
+  //     would clash with the system header on some targets.
+  // Recognize them by name, but only after checking the full POSIX prototype
+  // so that an unrelated function happening to share the name is not
+  // diagnosed as if it were the libc function.
+  enum class LibCDispatch {
+    None,
+    Read,
+    Write,
+    PRead,
+    PWrite,
+    ReadLink,
+    ReadLinkAt,
+    GetCWD,
+  };
+  LibCDispatch LibC = LibCDispatch::None;
+  StringRef LibCName;
+  if (!BuiltinID && FD->isExternC() && FD->getIdentifier() &&
----------------
nuclearcat wrote:

yeah good point on the integer thing, sameUnqualifiedType || both-integer is plenty given the name match already pins us to POSIX intent. dropping the SSizeT/OffT/Off64T predicates, much cleaner.

re mismatched decls: was initially defensive, but i went looking and it's actually not hypothetical. newlib-style syscall stubs do extern "C" int read(int, void*, size_t) all over the place in several projects.
I added test_pread64_newlib_buffer / test_pwrite64_newlib_buffer to warn-fortify-source-prototype-gate.c, just in case.

Checking the code now, will push in an hour - thanks a lot for the very helpful review!

https://github.com/llvm/llvm-project/pull/196499

More information about the libcxx-commits mailing list