diff options
| author | martinboehme <mboehme@google.com> | 2024-05-06 14:21:15 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-05-06 14:21:15 +0200 |
| commit | 4d839d8f18e41bd97e1c5e82d53ad5687c07e586 (patch) | |
| tree | 658579a0f30c5413310e321c53dbc1c5f4764aa2 | |
| parent | 5f73d29cb74abf5b4eca113386b18110a53b1b6a (diff) | |
| download | llvm-4d839d8f18e41bd97e1c5e82d53ad5687c07e586.zip llvm-4d839d8f18e41bd97e1c5e82d53ad5687c07e586.tar.gz llvm-4d839d8f18e41bd97e1c5e82d53ad5687c07e586.tar.bz2 | |
[clang][dataflow] Don't propagate result objects in unevaluated contexts (reland #90438) (#91172)
This relands #90348 with a fix for a [buildbot
failure](https://lab.llvm.org/buildbot/#/builders/216/builds/38446)
caused by the test being run with `-fno-rtti`.
| -rw-r--r-- | clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp | 11 | ||||
| -rw-r--r-- | clang/unittests/Analysis/FlowSensitive/TransferTest.cpp | 54 |
2 files changed, 65 insertions, 0 deletions
diff --git a/clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp b/clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp index d79e734..cb6c8b2 100644 --- a/clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp +++ b/clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp @@ -350,6 +350,17 @@ public: return RecursiveASTVisitor<ResultObjectVisitor>::TraverseDecl(D); } + // Don't traverse expressions in unevaluated contexts, as we don't model + // fields that are only used in these. + // Note: The operand of the `noexcept` operator is an unevaluated operand, but + // nevertheless it appears in the Clang CFG, so we don't exclude it here. + bool TraverseDecltypeTypeLoc(DecltypeTypeLoc) { return true; } + bool TraverseTypeOfExprTypeLoc(TypeOfExprTypeLoc) { return true; } + bool TraverseCXXTypeidExpr(CXXTypeidExpr *) { return true; } + bool TraverseUnaryExprOrTypeTraitExpr(UnaryExprOrTypeTraitExpr *) { + return true; + } + bool TraverseBindingDecl(BindingDecl *BD) { // `RecursiveASTVisitor` doesn't traverse holding variables for // `BindingDecl`s by itself, so we need to tell it to. diff --git a/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp b/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp index 0b441fa..6743e77 100644 --- a/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp +++ b/clang/unittests/Analysis/FlowSensitive/TransferTest.cpp @@ -3400,6 +3400,60 @@ TEST(TransferTest, ResultObjectLocationDontVisitNestedRecordDecl) { ASTContext &ASTCtx) {}); } +TEST(TransferTest, ResultObjectLocationDontVisitUnevaluatedContexts) { + // This is a crash repro. + // We used to crash because when propagating result objects, we would visit + // unevaluated contexts, but we don't model fields used only in these. + + auto testFunction = [](llvm::StringRef Code, llvm::StringRef TargetFun) { + runDataflow( + Code, + [](const llvm::StringMap<DataflowAnalysisState<NoopLattice>> &Results, + ASTContext &ASTCtx) {}, + LangStandard::lang_gnucxx17, + /* ApplyBuiltinTransfer= */ true, TargetFun); + }; + + std::string Code = R"cc( + // Definitions needed for `typeid`. + namespace std { + class type_info {}; + class bad_typeid {}; + } // namespace std + + struct S1 {}; + struct S2 { S1 s1; }; + + // We test each type of unevaluated context from a different target + // function. Some types of unevaluated contexts may actually cause the + // field `s1` to be modeled, and we don't want this to "pollute" the tests + // for the other unevaluated contexts. + void decltypeTarget() { + decltype(S2{}) Dummy; + } + void typeofTarget() { + typeof(S2{}) Dummy; + } + void typeidTarget() { +#if __has_feature(cxx_rtti) + typeid(S2{}); +#endif + } + void sizeofTarget() { + sizeof(S2{}); + } + void noexceptTarget() { + noexcept(S2{}); + } + )cc"; + + testFunction(Code, "decltypeTarget"); + testFunction(Code, "typeofTarget"); + testFunction(Code, "typeidTarget"); + testFunction(Code, "sizeofTarget"); + testFunction(Code, "noexceptTarget"); +} + TEST(TransferTest, StaticCast) { std::string Code = R"( void target(int Foo) { |