[clang] [clang] Don't consider the lifetimeboundCall when analyzing the gsl pointer construction. (PR #114044)

Tue, 29 Oct 2024 09:56:38 -0700 

================
@@ -1094,6 +1094,24 @@ static bool pathOnlyHandlesGslPointer(IndirectLocalPath 
&Path) {
   return false;
 }
 
+static bool
+isLifetimeboundInterleaveInGSL(llvm::ArrayRef<IndirectLocalPathEntry> PathRef) 
{
----------------
hokein wrote:


> I am just wondering if this is the right approach to filter this problem out.
> 
> I think in the problematic code example `[[clang::lifetimebound]]` describes 
> the lifetime of the returned reference, not the lifetime of the 
> `gsl::pointer` annotated type. So, I think the mismatch is trying to apply 
> the lifetimebound logic to the `gsl::pointer` in this particular example.

>From an implementation perspective, we use the `lifetimebound` attribute to 
>decide whether to continue traversing inner AST nodes (the return type doesn’t 
>matter; it only affects the emitted diagnostic message). This process of each 
>step is stateless -- it does not account for whether the existing path has 
>been initialized for GSL.

Back to the problematic case,

```
class [[gsl::Pointer]] FooPointer {};

template<typename T>
class [[gsl::Owner]] Container {
public:
  const T& get() const [[clang::lifetimebound]];
};

FooPointer abc2() {
  Container<FooPointer> foo;
  return foo.get(); // Clang emits a return-stack-address warning on `foo`.
}
```
When we report the local `foo` entity in the TemporaryVisitor callback:

- The Path is [GslPointerInit, Lifetimebound]
- foo is of type `Container<FooPointer>`

The code incorrectly interprets that the `FooPointer` is constructed from 
`foo`, which is causing the issue here. I think it is essentially a bug in the 
code that analyzes the gsl::pointer from gsl::owner construction case 
(addressing this in the existing gsl::pointer filtering logic seems like a 
natural approach, though it introduces new false negatives).

> I think my point is, probably not all interleavings are bad, but here the 
> `gsl::pointer` and the `lifetimebound` apply to different levels of 
> indirection and I am wondering it that needs to be part of our filtering.

I completely agree that not all interleavings are bad, and there are some 
useful examples of where they work well. Better ideas are welcome.

https://github.com/llvm/llvm-project/pull/114044
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

Reply via email to