https://github.com/hokein updated
https://github.com/llvm/llvm-project/pull/114044
>From ac8f934144cfa657ae7ba0c8797fe058aa0a9c53 Mon Sep 17 00:00:00 2001
From: Haojian Wu <hokein...@gmail.com>
Date: Fri, 1 Nov 2024 16:51:03 +0100
Subject: [PATCH 1/5] [clang] Fix the post-filtering heuristics for GSLPointer
case.
---
clang/docs/ReleaseNotes.rst | 2 +
clang/lib/Sema/CheckExprLifetime.cpp | 113 ++++++++++++++----
.../Sema/warn-lifetime-analysis-nocfg.cpp | 48 +++++++-
3 files changed, 139 insertions(+), 24 deletions(-)
diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst
index ba582160cf9920..67a30eaaffa9a3 100644
--- a/clang/docs/ReleaseNotes.rst
+++ b/clang/docs/ReleaseNotes.rst
@@ -533,6 +533,8 @@ Improvements to Clang's diagnostics
- Clang now diagnoses ``[[deprecated]]`` attribute usage on local variables
(#GH90073).
+- Fix false positives when `[[gsl::Owner/Pointer]]` and
`[[clang::lifetimebound]]` are used together.
+
- Improved diagnostic message for ``__builtin_bit_cast`` size mismatch
(#GH115870).
Improvements to Clang's time-trace
diff --git a/clang/lib/Sema/CheckExprLifetime.cpp
b/clang/lib/Sema/CheckExprLifetime.cpp
index a1a402b4a2b530..d1e8cc9f9b075c 100644
--- a/clang/lib/Sema/CheckExprLifetime.cpp
+++ b/clang/lib/Sema/CheckExprLifetime.cpp
@@ -1093,6 +1093,87 @@ static bool pathOnlyHandlesGslPointer(const
IndirectLocalPath &Path) {
}
return false;
}
+// Result of analyzing the Path for GSLPointer.
+enum AnalysisResult {
+ // Path does not correspond to a GSLPointer.
+ NotGSLPointer,
+
+ // A relevant case was identified.
+ Report,
+ // Stop the entire traversal.
+ Abandon,
+ // Skip this step and continue traversing inner AST nodes.
+ Skip,
+};
+// Analyze cases where a GSLPointer is initialized or assigned from a
+// temporary owner object.
+static AnalysisResult analyzePathForGSLPointer(const IndirectLocalPath &Path,
+ Local L) {
+ if (!pathOnlyHandlesGslPointer(Path))
+ return NotGSLPointer;
+
+ // At this point, Path represents a series of operations involving a
+ // GSLPointer, either in the process of initialization or assignment.
+
+ // Note: A LifetimeBoundCall can appear interleaved in this sequence.
+ // For example:
+ // const std::string& Ref(const std::string& a [[clang::lifetimebound]]);
+ // string_view abc = Ref(std::string());
+ // The "Path" is [GSLPointerInit, LifetimeboundCall], where "L" is the
+ // temporary "std::string()" object. We need to check if the function with
the
+ // lifetimebound attribute returns a "owner" type.
+ if (Path.back().Kind == IndirectLocalPathEntry::LifetimeBoundCall) {
+ // The lifetimebound applies to the implicit object parameter of a method.
+ if (const auto *Method = llvm::dyn_cast<CXXMethodDecl>(Path.back().D)) {
+ if (Method->getReturnType()->isReferenceType() &&
+ isRecordWithAttr<OwnerAttr>(
+ Method->getReturnType()->getPointeeType()))
+ return Report;
+ return Abandon;
+ }
+ // The lifetimebound applies to a function parameter.
+ const auto *PD = llvm::dyn_cast<ParmVarDecl>(Path.back().D);
+ if (const auto *FD = llvm::dyn_cast<FunctionDecl>(PD->getDeclContext())) {
+ if (isa<CXXConstructorDecl>(FD)) {
+ // Constructor case: the parameter is annotated with lifetimebound
+ // e.g., GSLPointer(const S& s [[clang::lifetimebound]])
+ // We still respect this case even the type S is not an owner.
+ return Report;
+ }
+ // For regular functions, check if the return type has an Owner
attribute.
+ // e.g., const GSLOwner& func(const Foo& foo [[clang::lifetimebound]])
+ if (FD->getReturnType()->isReferenceType() &&
+ isRecordWithAttr<OwnerAttr>(FD->getReturnType()->getPointeeType()))
+ return Report;
+ }
+ return Abandon;
+ }
+
+ if (isa<DeclRefExpr>(L)) {
+ // We do not want to follow the references when returning a pointer
+ // originating from a local owner to avoid the following false positive:
+ // int &p = *localUniquePtr;
+ // someContainer.add(std::move(localUniquePtr));
+ // return p;
+ if (!pathContainsInit(Path) && isRecordWithAttr<OwnerAttr>(L->getType()))
+ return Report;
+ return Abandon;
+ }
+
+ // The GSLPointer is from a temporary object.
+ auto *MTE = dyn_cast<MaterializeTemporaryExpr>(L);
+
+ bool IsGslPtrValueFromGslTempOwner =
+ MTE && !MTE->getExtendingDecl() &&
+ isRecordWithAttr<OwnerAttr>(MTE->getType());
+ // Skipping a chain of initializing gsl::Pointer annotated objects.
+ // We are looking only for the final source to find out if it was
+ // a local or temporary owner or the address of a local
+ // variable/param.
+ if (!IsGslPtrValueFromGslTempOwner)
+ return Skip;
+ return Report;
+}
static bool isAssignmentOperatorLifetimeBound(CXXMethodDecl *CMD) {
if (!CMD)
@@ -1131,27 +1212,17 @@ static void checkExprLifetimeImpl(Sema &SemaRef,
auto *MTE = dyn_cast<MaterializeTemporaryExpr>(L);
- bool IsGslPtrValueFromGslTempOwner = false;
- if (pathOnlyHandlesGslPointer(Path)) {
- if (isa<DeclRefExpr>(L)) {
- // We do not want to follow the references when returning a pointer
- // originating from a local owner to avoid the following false
positive:
- // int &p = *localUniquePtr;
- // someContainer.add(std::move(localUniquePtr));
- // return p;
- if (pathContainsInit(Path) ||
- !isRecordWithAttr<OwnerAttr>(L->getType()))
- return false;
- } else {
- IsGslPtrValueFromGslTempOwner =
- MTE && !MTE->getExtendingDecl() &&
- isRecordWithAttr<OwnerAttr>(MTE->getType());
- // Skipping a chain of initializing gsl::Pointer annotated objects.
- // We are looking only for the final source to find out if it was
- // a local or temporary owner or the address of a local variable/param.
- if (!IsGslPtrValueFromGslTempOwner)
- return true;
- }
+ bool IsGslPtrValueFromGslTempOwner = true;
+ switch (analyzePathForGSLPointer(Path, L)) {
+ case Abandon:
+ return false;
+ case Skip:
+ return true;
+ case NotGSLPointer:
+ IsGslPtrValueFromGslTempOwner = false;
+ LLVM_FALLTHROUGH;
+ case Report:
+ break;
}
switch (LK) {
diff --git a/clang/test/Sema/warn-lifetime-analysis-nocfg.cpp
b/clang/test/Sema/warn-lifetime-analysis-nocfg.cpp
index 6a2af01ea5116c..3b237e99dd3b33 100644
--- a/clang/test/Sema/warn-lifetime-analysis-nocfg.cpp
+++ b/clang/test/Sema/warn-lifetime-analysis-nocfg.cpp
@@ -727,8 +727,9 @@ struct [[gsl::Pointer]] Span {
// Pointer from Owner<Pointer>
std::string_view test5() {
- std::string_view a = StatusOr<std::string_view>().valueLB(); //
expected-warning {{object backing the pointer will be dest}}
- return StatusOr<std::string_view>().valueLB(); // expected-warning
{{returning address of local temporary}}
+ // The Owner<Pointer> doesn't own the object which its inner pointer points
to.
+ std::string_view a = StatusOr<std::string_view>().valueLB(); // OK
+ return StatusOr<std::string_view>().valueLB(); // OK
// No dangling diagnostics on non-lifetimebound methods.
std::string_view b = StatusOr<std::string_view>().valueNoLB();
@@ -775,7 +776,7 @@ Span<std::string> test10(StatusOr<std::vector<std::string>>
aa) {
// Pointer<Owner>> from Owner<Pointer<Owner>>
Span<std::string> test11(StatusOr<Span<std::string>> aa) {
- return aa.valueLB(); // expected-warning {{address of stack memory}}
+ return aa.valueLB(); // OK
return aa.valueNoLB(); // OK.
}
@@ -793,3 +794,44 @@ void test13() {
}
} // namespace GH100526
+
+namespace LifetimeboundInterleave {
+
+const std::string& Ref(const std::string& abc [[clang::lifetimebound]]);
+std::string_view test1() {
+ std::string_view t1 = Ref(std::string()); // expected-warning {{object
backing}}
+ t1 = Ref(std::string()); // expected-warning {{object backing}}
+ return Ref(std::string()); // expected-warning {{returning address}}
+}
+
+template <typename T>
+struct Foo {
+ const T& get() const [[clang::lifetimebound]];
+ const T& getNoLB() const;
+};
+std::string_view test2(Foo<std::string> r1, Foo<std::string_view> r2) {
+ std::string_view t1 = Foo<std::string>().get(); // expected-warning {{object
backing}}
+ t1 = Foo<std::string>().get(); // expected-warning {{object backing}}
+ return r1.get(); // expected-warning {{address of stack}}
+
+ std::string_view t2 = Foo<std::string_view>().get();
+ t2 = Foo<std::string_view>().get();
+ return r2.get();
+
+ // no warning on no-LB-annotated method.
+ std::string_view t3 = Foo<std::string>().getNoLB();
+ t3 = Foo<std::string>().getNoLB();
+ return r1.getNoLB();
+}
+
+struct Bar {};
+struct [[gsl::Pointer]] Pointer {
+ Pointer(const Bar & bar [[clang::lifetimebound]]);
+};
+Pointer test3(Bar bar) {
+ Pointer p = Pointer(Bar()); // expected-warning {{temporary}}
+ p = Pointer(Bar()); // expected-warning {{object backing}}
+ return bar; // expected-warning {{address of stack}}
+}
+
+} // namespace LifetimeboundInterleave
>From f63e5f9ea89991f599723981cc5eebc3fe33c3ef Mon Sep 17 00:00:00 2001
From: Haojian Wu <hokein...@gmail.com>
Date: Mon, 4 Nov 2024 16:36:48 +0100
Subject: [PATCH 2/5] Address review comments
---
clang/lib/Sema/CheckExprLifetime.cpp | 39 ++++++++++++----------------
1 file changed, 17 insertions(+), 22 deletions(-)
diff --git a/clang/lib/Sema/CheckExprLifetime.cpp
b/clang/lib/Sema/CheckExprLifetime.cpp
index d1e8cc9f9b075c..9bc21f569d57d2 100644
--- a/clang/lib/Sema/CheckExprLifetime.cpp
+++ b/clang/lib/Sema/CheckExprLifetime.cpp
@@ -1124,28 +1124,23 @@ static AnalysisResult analyzePathForGSLPointer(const
IndirectLocalPath &Path,
// lifetimebound attribute returns a "owner" type.
if (Path.back().Kind == IndirectLocalPathEntry::LifetimeBoundCall) {
// The lifetimebound applies to the implicit object parameter of a method.
- if (const auto *Method = llvm::dyn_cast<CXXMethodDecl>(Path.back().D)) {
- if (Method->getReturnType()->isReferenceType() &&
- isRecordWithAttr<OwnerAttr>(
- Method->getReturnType()->getPointeeType()))
- return Report;
- return Abandon;
- }
+ const FunctionDecl* FD =
llvm::dyn_cast_or_null<FunctionDecl>(Path.back().D);
// The lifetimebound applies to a function parameter.
- const auto *PD = llvm::dyn_cast<ParmVarDecl>(Path.back().D);
- if (const auto *FD = llvm::dyn_cast<FunctionDecl>(PD->getDeclContext())) {
- if (isa<CXXConstructorDecl>(FD)) {
- // Constructor case: the parameter is annotated with lifetimebound
- // e.g., GSLPointer(const S& s [[clang::lifetimebound]])
- // We still respect this case even the type S is not an owner.
- return Report;
- }
- // For regular functions, check if the return type has an Owner
attribute.
- // e.g., const GSLOwner& func(const Foo& foo [[clang::lifetimebound]])
- if (FD->getReturnType()->isReferenceType() &&
- isRecordWithAttr<OwnerAttr>(FD->getReturnType()->getPointeeType()))
- return Report;
+ if (const auto *PD = llvm::dyn_cast<ParmVarDecl>(Path.back().D))
+ FD = llvm::dyn_cast<FunctionDecl>(PD->getDeclContext());
+
+ if (isa_and_present<CXXConstructorDecl>(FD)) {
+ // Constructor case: the parameter is annotated with lifetimebound
+ // e.g., GSLPointer(const S& s [[clang::lifetimebound]])
+ // We still respect this case even the type S is not an owner.
+ return Report;
}
+ // Check if the return type has an Owner attribute.
+ // e.g., const GSLOwner& func(const Foo& foo [[clang::lifetimebound]])
+ if (FD && FD->getReturnType()->isReferenceType() &&
+ isRecordWithAttr<OwnerAttr>(FD->getReturnType()->getPointeeType()))
+ return Report;
+
return Abandon;
}
@@ -1215,9 +1210,9 @@ static void checkExprLifetimeImpl(Sema &SemaRef,
bool IsGslPtrValueFromGslTempOwner = true;
switch (analyzePathForGSLPointer(Path, L)) {
case Abandon:
- return false;
+ return false;
case Skip:
- return true;
+ return true;
case NotGSLPointer:
IsGslPtrValueFromGslTempOwner = false;
LLVM_FALLTHROUGH;
>From 13b27f7998072c14e1777fc213559a9fa88ddbfc Mon Sep 17 00:00:00 2001
From: Haojian Wu <hokein...@gmail.com>
Date: Tue, 5 Nov 2024 13:10:39 +0100
Subject: [PATCH 3/5] clang-format
---
clang/lib/Sema/CheckExprLifetime.cpp | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/clang/lib/Sema/CheckExprLifetime.cpp
b/clang/lib/Sema/CheckExprLifetime.cpp
index 9bc21f569d57d2..6e7a252269683c 100644
--- a/clang/lib/Sema/CheckExprLifetime.cpp
+++ b/clang/lib/Sema/CheckExprLifetime.cpp
@@ -1124,7 +1124,8 @@ static AnalysisResult analyzePathForGSLPointer(const
IndirectLocalPath &Path,
// lifetimebound attribute returns a "owner" type.
if (Path.back().Kind == IndirectLocalPathEntry::LifetimeBoundCall) {
// The lifetimebound applies to the implicit object parameter of a method.
- const FunctionDecl* FD =
llvm::dyn_cast_or_null<FunctionDecl>(Path.back().D);
+ const FunctionDecl *FD =
+ llvm::dyn_cast_or_null<FunctionDecl>(Path.back().D);
// The lifetimebound applies to a function parameter.
if (const auto *PD = llvm::dyn_cast<ParmVarDecl>(Path.back().D))
FD = llvm::dyn_cast<FunctionDecl>(PD->getDeclContext());
@@ -1138,7 +1139,7 @@ static AnalysisResult analyzePathForGSLPointer(const
IndirectLocalPath &Path,
// Check if the return type has an Owner attribute.
// e.g., const GSLOwner& func(const Foo& foo [[clang::lifetimebound]])
if (FD && FD->getReturnType()->isReferenceType() &&
- isRecordWithAttr<OwnerAttr>(FD->getReturnType()->getPointeeType()))
+ isRecordWithAttr<OwnerAttr>(FD->getReturnType()->getPointeeType()))
return Report;
return Abandon;
>From 21eec0323f42227f94175bef832c8b8c4b1affb8 Mon Sep 17 00:00:00 2001
From: Haojian Wu <hokein...@gmail.com>
Date: Tue, 5 Nov 2024 17:18:32 +0100
Subject: [PATCH 4/5] Add more tests, and a minor fix for a function returning
gsl pointer.
---
clang/lib/Sema/CheckExprLifetime.cpp | 15 +++++++++------
.../test/Sema/warn-lifetime-analysis-nocfg.cpp | 18 ++++++++++++++++++
2 files changed, 27 insertions(+), 6 deletions(-)
diff --git a/clang/lib/Sema/CheckExprLifetime.cpp
b/clang/lib/Sema/CheckExprLifetime.cpp
index 6e7a252269683c..b280534940095f 100644
--- a/clang/lib/Sema/CheckExprLifetime.cpp
+++ b/clang/lib/Sema/CheckExprLifetime.cpp
@@ -1120,8 +1120,8 @@ static AnalysisResult analyzePathForGSLPointer(const
IndirectLocalPath &Path,
// const std::string& Ref(const std::string& a [[clang::lifetimebound]]);
// string_view abc = Ref(std::string());
// The "Path" is [GSLPointerInit, LifetimeboundCall], where "L" is the
- // temporary "std::string()" object. We need to check if the function with
the
- // lifetimebound attribute returns a "owner" type.
+ // temporary "std::string()" object. We need to check the return type of the
+ // function with the lifetimebound attribute.
if (Path.back().Kind == IndirectLocalPathEntry::LifetimeBoundCall) {
// The lifetimebound applies to the implicit object parameter of a method.
const FunctionDecl *FD =
@@ -1136,10 +1136,13 @@ static AnalysisResult analyzePathForGSLPointer(const
IndirectLocalPath &Path,
// We still respect this case even the type S is not an owner.
return Report;
}
- // Check if the return type has an Owner attribute.
- // e.g., const GSLOwner& func(const Foo& foo [[clang::lifetimebound]])
- if (FD && FD->getReturnType()->isReferenceType() &&
- isRecordWithAttr<OwnerAttr>(FD->getReturnType()->getPointeeType()))
+ // Check the return type, e.g.
+ // const GSLOwner& func(const Foo& foo [[clang::lifetimebound]])
+ // GSLPointer func(const Foo& foo [[clang::lifetimebound]])
+ if (FD &&
+ ((FD->getReturnType()->isReferenceType() &&
+ isRecordWithAttr<OwnerAttr>(FD->getReturnType()->getPointeeType()))
||
+ isRecordWithAttr<PointerAttr>(FD->getReturnType())))
return Report;
return Abandon;
diff --git a/clang/test/Sema/warn-lifetime-analysis-nocfg.cpp
b/clang/test/Sema/warn-lifetime-analysis-nocfg.cpp
index 3b237e99dd3b33..09267f623dcd73 100644
--- a/clang/test/Sema/warn-lifetime-analysis-nocfg.cpp
+++ b/clang/test/Sema/warn-lifetime-analysis-nocfg.cpp
@@ -798,10 +798,28 @@ void test13() {
namespace LifetimeboundInterleave {
const std::string& Ref(const std::string& abc [[clang::lifetimebound]]);
+
+std::string_view TakeSv(std::string_view abc [[clang::lifetimebound]]);
+std::string_view TakeStrRef(const std::string& abc [[clang::lifetimebound]]);
+std::string_view TakeStr(std::string abc [[clang::lifetimebound]]);
+
std::string_view test1() {
std::string_view t1 = Ref(std::string()); // expected-warning {{object
backing}}
t1 = Ref(std::string()); // expected-warning {{object backing}}
return Ref(std::string()); // expected-warning {{returning address}}
+
+ std::string_view t2 = TakeSv(std::string()); // expected-warning {{object
backing}}
+ t2 = TakeSv(std::string()); // expected-warning {{object backing}}
+ return TakeSv(std::string()); // expected-warning {{returning address}}
+
+ std::string_view t3 = TakeStrRef(std::string()); // expected-warning
{{temporary}}
+ t3 = TakeStrRef(std::string()); // expected-warning {{object backing}}
+ return TakeStrRef(std::string()); // expected-warning {{returning address}}
+
+
+ std::string_view t4 = TakeStr(std::string());
+ t4 = TakeStr(std::string());
+ return TakeStr(std::string());
}
template <typename T>
>From 85e08706d4b9cfd6d419e486cdf1034c1dc1a45d Mon Sep 17 00:00:00 2001
From: Haojian Wu <hokein...@gmail.com>
Date: Tue, 19 Nov 2024 11:37:52 +0100
Subject: [PATCH 5/5] Fix a newly-found false positive.
---
clang/lib/Sema/CheckExprLifetime.cpp | 2 ++
.../Sema/warn-lifetime-analysis-nocfg.cpp | 30 +++++++++++++++++++
2 files changed, 32 insertions(+)
diff --git a/clang/lib/Sema/CheckExprLifetime.cpp
b/clang/lib/Sema/CheckExprLifetime.cpp
index b280534940095f..82048d96c98b23 100644
--- a/clang/lib/Sema/CheckExprLifetime.cpp
+++ b/clang/lib/Sema/CheckExprLifetime.cpp
@@ -340,6 +340,8 @@ static bool shouldTrackImplicitObjectArg(const
CXXMethodDecl *Callee) {
if (Callee->getReturnType()->isReferenceType()) {
if (!Callee->getIdentifier()) {
auto OO = Callee->getOverloadedOperator();
+ if (!Callee->getParent()->hasAttr<OwnerAttr>())
+ return false;
return OO == OverloadedOperatorKind::OO_Subscript ||
OO == OverloadedOperatorKind::OO_Star;
}
diff --git a/clang/test/Sema/warn-lifetime-analysis-nocfg.cpp
b/clang/test/Sema/warn-lifetime-analysis-nocfg.cpp
index 09267f623dcd73..c71a3da7ec7f99 100644
--- a/clang/test/Sema/warn-lifetime-analysis-nocfg.cpp
+++ b/clang/test/Sema/warn-lifetime-analysis-nocfg.cpp
@@ -252,6 +252,12 @@ struct reference_wrapper {
template<typename T>
reference_wrapper<T> ref(T& t) noexcept;
+
+template <typename T>
+struct [[gsl::Pointer]] iterator {
+ T& operator*() const;
+};
+
}
struct Unannotated {
@@ -852,4 +858,28 @@ Pointer test3(Bar bar) {
return bar; // expected-warning {{address of stack}}
}
+template<typename T>
+struct MySpan {
+ MySpan(const std::vector<T>& v);
+ using iterator = std::iterator<T>;
+ iterator begin() const [[clang::lifetimebound]];
+};
+template <typename T>
+typename MySpan<T>::iterator ReturnFirstIt(const MySpan<T>& v
[[clang::lifetimebound]]);
+
+void test4() {
+ std::vector<int> v{1};
+ // MySpan<T> doesn't own any underlying T objects, the pointee object of
+ // the MySpan iterator is still alive when the whole span is destroyed, thus
+ // no diagnostic.
+ const int& t1 = *MySpan<int>(v).begin();
+ const int& t2 = *ReturnFirstIt(MySpan<int>(v));
+ // Ideally, we would diagnose the following case, but due to implementation
+ // constraints, we do not.
+ const int& t4 = *MySpan<int>(std::vector<int>{}).begin();
+
+ auto it1 = MySpan<int>(v).begin(); // expected-warning {{temporary whose
address is use}}
+ auto it2 = ReturnFirstIt(MySpan<int>(v)); // expected-warning {{temporary
whose address is used}}
+}
+
} // namespace LifetimeboundInterleave
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
