diff options
| author | martinboehme <mboehme@google.com> | 2024-05-02 08:35:13 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-05-02 08:35:13 +0200 |
| commit | 597a3150e932a9423c65b5ea4b53dd431aff5865 (patch) | |
| tree | e44b25c6976812eee9401ad48e9b10d702b6f409 /clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp | |
| parent | e3f42b02a4129947ca2dd820bfb63ffed83027b7 (diff) | |
| download | llvm-597a3150e932a9423c65b5ea4b53dd431aff5865.zip llvm-597a3150e932a9423c65b5ea4b53dd431aff5865.tar.gz llvm-597a3150e932a9423c65b5ea4b53dd431aff5865.tar.bz2 | |
[clang][dataflow] Don't propagate result objects in unevaluated contexts (#90438)
Trying to do so can cause crashes -- see newly added test and the
comments in
the fix.
We're starting to see a repeating pattern here: We're getting crashes
because
`ResultObjectVisitor` and `getReferencedDecls()` don't agree on which
parts of
the AST to visit and, hence, which fields should be modeled.
I think we should ensure consistency between these two parts of the code
by
using a `RecursiveASTVisitor` in `getReferencedDecls()`[^1]; the
`Traverse...()` functions that control which parts of the AST we visit
would go
in a common base class that would be used for both `ResultObjectVisitor`
and
`getReferencedDecls()`.
I'd like to focus this PR, however, on a targeted fix for the current
crash and
postpone the refactoring to a later PR (which will be easier to revert
if there
are unintended side-effects).
[^1]: As an added bonus, this would make the code better structured and
more
efficient than the current sequence of `if (dyn_cast<T>(...))`
statements).
Diffstat (limited to 'clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp')
| -rw-r--r-- | clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp b/clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp index d79e734..cb6c8b2 100644 --- a/clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp +++ b/clang/lib/Analysis/FlowSensitive/DataflowEnvironment.cpp @@ -350,6 +350,17 @@ public: return RecursiveASTVisitor<ResultObjectVisitor>::TraverseDecl(D); } + // Don't traverse expressions in unevaluated contexts, as we don't model + // fields that are only used in these. + // Note: The operand of the `noexcept` operator is an unevaluated operand, but + // nevertheless it appears in the Clang CFG, so we don't exclude it here. + bool TraverseDecltypeTypeLoc(DecltypeTypeLoc) { return true; } + bool TraverseTypeOfExprTypeLoc(TypeOfExprTypeLoc) { return true; } + bool TraverseCXXTypeidExpr(CXXTypeidExpr *) { return true; } + bool TraverseUnaryExprOrTypeTraitExpr(UnaryExprOrTypeTraitExpr *) { + return true; + } + bool TraverseBindingDecl(BindingDecl *BD) { // `RecursiveASTVisitor` doesn't traverse holding variables for // `BindingDecl`s by itself, so we need to tell it to. |