diff options
| author | Florian Mayer <fmayer@google.com> | 2025-10-17 16:52:44 -0700 | 
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-10-17 16:52:44 -0700 | 
| commit | fe029934eb0782f011c839f0c6641bfa56ef3d1b (patch) | |
| tree | 5582cf275f5b95eef95e8654c01492d6dcfee98f /clang/lib/Frontend/CompilerInstance.cpp | |
| parent | 1508a8ec8d62ab1e9bdc8b7e0dbaaec9075b631f (diff) | |
| download | llvm-fe029934eb0782f011c839f0c6641bfa56ef3d1b.zip llvm-fe029934eb0782f011c839f0c6641bfa56ef3d1b.tar.gz llvm-fe029934eb0782f011c839f0c6641bfa56ef3d1b.tar.bz2 | |
[FlowSensitive] [StatusOr] [2/N] Add minimal model (#162932)
This model implements a dataflow analysis for reporting instances of
unchecked use of absl::StatusOr values. It makes sure that every use
the value of a StatusOr object is dominated by a check that the
StatusOr object is ok.
This is an example of code that will be flagged by the analysis:
```cpp
int f(absl::StatusOr<int> SOR) {
  return SOR.value();
}
```
This is an example of code that will not be flagged by the analysis:
```cpp
int f(absl::StatusOr<int> SOR) {
  if (SOR.ok())
    return SOR.value();
  return 0;
}
```
This model has successfully been used by Google for some time now.
This is the initial commit that adds the simplest possible model, that
only models calls to `ok()` and checks for unsafe accesses. I will add
more fidelity to the model in follow up changes.
The test setup is notable in that it has an extra indirection. This is
because we have an internal model that extends the model we intend to
upstream, in order to model special constructs only found in our code
base. The parametrized test allows us (and anyone who chooses to do
this) to make sure our extensions do not break the base functionality.
RFC:
https://discourse.llvm.org/t/rfc-abseil-unchecked-statusor-use-check/87998
Diffstat (limited to 'clang/lib/Frontend/CompilerInstance.cpp')
0 files changed, 0 insertions, 0 deletions
