[clang] Fix an implicit cast to a base ref counted class generates a false positive. (PR #80934)

Ryosuke Niwa via cfe-commits Tue, 06 Feb 2024 20:16:42 -0800

https://github.com/rniwa created https://github.com/llvm/llvm-project/pull/80934


The bug was caused by isRefCountable erroneously returning false for a class 
with both ref() and deref() functions defined because we were not resetting the 
base paths results between looking for "ref()" and "deref()"

>From 377f096eda881b9a7c9b4d413081f11a3c4af62e Mon Sep 17 00:00:00 2001
From: Ryosuke Niwa <rn...@webkit.org>
Date: Tue, 6 Feb 2024 20:10:33 -0800
Subject: [PATCH] Fix an implicit cast to a base ref counted class generates a
 false positive.

The bug was caused by isRefCountable erroneously returning false for a class
with both ref() and deref() functions defined because we were not resetting
the base paths results between looking for "ref()" and "deref()"
---
 .../Checkers/WebKit/PtrTypesSemantics.cpp     |  1 +
 ...to-base-class-with-deref-in-superclass.cpp | 51 +++++++++++++++++++
 2 files changed, 52 insertions(+)
 create mode 100644 
clang/test/Analysis/Checkers/WebKit/implicit-cast-to-base-class-with-deref-in-superclass.cpp

diff --git a/clang/lib/StaticAnalyzer/Checkers/WebKit/PtrTypesSemantics.cpp 
b/clang/lib/StaticAnalyzer/Checkers/WebKit/PtrTypesSemantics.cpp
index d2b66341058000..0fd8afedc0b0f5 100644
--- a/clang/lib/StaticAnalyzer/Checkers/WebKit/PtrTypesSemantics.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/WebKit/PtrTypesSemantics.cpp
@@ -84,6 +84,7 @@ std::optional<bool> isRefCountable(const CXXRecordDecl* R)
   if (AnyInconclusiveBase)
     return std::nullopt;
 
+  Paths.clear();
   const auto hasPublicDerefInBase =
       [&AnyInconclusiveBase](const CXXBaseSpecifier *Base, CXXBasePath &) {
         auto hasDerefInBase = clang::hasPublicMethodInBase(Base, "deref");
diff --git 
a/clang/test/Analysis/Checkers/WebKit/implicit-cast-to-base-class-with-deref-in-superclass.cpp
 
b/clang/test/Analysis/Checkers/WebKit/implicit-cast-to-base-class-with-deref-in-superclass.cpp
new file mode 100644
index 00000000000000..49826c98a4610d
--- /dev/null
+++ 
b/clang/test/Analysis/Checkers/WebKit/implicit-cast-to-base-class-with-deref-in-superclass.cpp
@@ -0,0 +1,51 @@
+// RUN: %clang_analyze_cc1 
-analyzer-checker=alpha.webkit.UncountedCallArgsChecker -verify %s
+// expected-no-diagnostics
+
+template<typename T>
+class Ref {
+public:
+    ~Ref()
+    {
+        if (auto* ptr = m_ptr)
+            ptr->deref();
+        m_ptr = nullptr;
+    }
+
+    Ref(T& object)
+        : m_ptr(&object)
+    {
+        object.ref();
+    }
+
+    operator T&() const { return *m_ptr; }
+    bool operator!() const { return !*m_ptr; }
+
+private:
+    T* m_ptr;
+};
+
+class Base {
+public:
+    virtual ~Base();
+    void ref() const;
+    void deref() const;
+};
+
+class Event : public Base {
+protected:
+    explicit Event();
+};
+
+class SubEvent : public Event {
+public:
+    static Ref<SubEvent> create();
+private:
+    SubEvent() = default;
+};
+
+void someFunction(Base&);
+
+static void test()
+{
+    someFunction(SubEvent::create());
+}

_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[clang] Fix an implicit cast to a base ref counted class generates a false positive. (PR #80934)

Reply via email to