[clang] [clang][analyzer] Fix InvalidatedIterator crash caused by overload operator member function with explicit this (PR #132581)

Mon, 24 Mar 2025 06:56:27 -0700 

https://github.com/flovent updated 
https://github.com/llvm/llvm-project/pull/132581

>From 67ebfb00f7104e63b4a1464f6b015ba8bdea4cc6 Mon Sep 17 00:00:00 2001
From: flovent <flb...@protonmail.com>
Date: Sun, 23 Mar 2025 11:02:53 +0800
Subject: [PATCH 1/2] [clang][analyzer] Fix crash caused by overload operator
 member function with explicit this

---
 .../Checkers/ContainerModeling.cpp            |  7 +++++--
 clang/test/Analysis/issue-116372.cpp          | 21 +++++++++++++++++++
 2 files changed, 26 insertions(+), 2 deletions(-)
 create mode 100644 clang/test/Analysis/issue-116372.cpp

diff --git a/clang/lib/StaticAnalyzer/Checkers/ContainerModeling.cpp 
b/clang/lib/StaticAnalyzer/Checkers/ContainerModeling.cpp
index 55ed809bfed6c..d850344db6591 100644
--- a/clang/lib/StaticAnalyzer/Checkers/ContainerModeling.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/ContainerModeling.cpp
@@ -157,8 +157,11 @@ void ContainerModeling::checkPostCall(const CallEvent 
&Call,
   if (Func->isOverloadedOperator()) {
     const auto Op = Func->getOverloadedOperator();
     if (Op == OO_Equal) {
-      // Overloaded 'operator=' must be a non-static member function.
-      const auto *InstCall = cast<CXXInstanceCall>(&Call);
+      // Only handle the assignment operator with implicit this
+      const auto *InstCall = dyn_cast<CXXInstanceCall>(&Call);
+      if (!InstCall)
+        return;
+
       if (cast<CXXMethodDecl>(Func)->isMoveAssignmentOperator()) {
         handleAssignment(C, InstCall->getCXXThisVal(), Call.getOriginExpr(),
                      Call.getArgSVal(0));
diff --git a/clang/test/Analysis/issue-116372.cpp 
b/clang/test/Analysis/issue-116372.cpp
new file mode 100644
index 0000000000000..0843cd614d87c
--- /dev/null
+++ b/clang/test/Analysis/issue-116372.cpp
@@ -0,0 +1,21 @@
+// RUN: %clang_analyze_cc1 -std=c++23 %s -verify 
-analyzer-checker=alpha.cplusplus.InvalidatedIterator -analyzer-config 
aggressive-binary-operation-simplification=true
+
+// expected-no-diagnostics
+
+class ExplicitThis {
+  int f = 0;
+public:
+  ExplicitThis();
+  ExplicitThis(ExplicitThis& other);
+
+  ExplicitThis& operator=(this ExplicitThis& self, ExplicitThis const& other) 
{ // no crash
+    self.f = other.f;
+    return self;
+  }
+
+  ~ExplicitThis();
+};
+
+void func(ExplicitThis& obj1) {
+    obj1 = obj1;
+}

>From a418a8a823117be49630b96b13705c820cbb4dda Mon Sep 17 00:00:00 2001
From: flovent <flb...@protonmail.com>
Date: Mon, 24 Mar 2025 20:35:44 +0800
Subject: [PATCH 2/2] move releated test to InvalidatedIteratorChecker's
 original testfile

---
 clang/test/Analysis/invalidated-iterator.cpp | 25 +++++++++++++++++++-
 clang/test/Analysis/issue-116372.cpp         | 21 ----------------
 2 files changed, 24 insertions(+), 22 deletions(-)
 delete mode 100644 clang/test/Analysis/issue-116372.cpp

diff --git a/clang/test/Analysis/invalidated-iterator.cpp 
b/clang/test/Analysis/invalidated-iterator.cpp
index c940dbf7276d3..66ba011fd78b9 100644
--- a/clang/test/Analysis/invalidated-iterator.cpp
+++ b/clang/test/Analysis/invalidated-iterator.cpp
@@ -1,5 +1,6 @@
 // RUN: %clang_analyze_cc1 -std=c++11 
-analyzer-checker=core,cplusplus,alpha.cplusplus.InvalidatedIterator 
-analyzer-config aggressive-binary-operation-simplification=true 
-analyzer-config c++-container-inlining=false %s -verify
 // RUN: %clang_analyze_cc1 -std=c++11 
-analyzer-checker=core,cplusplus,alpha.cplusplus.InvalidatedIterator 
-analyzer-config aggressive-binary-operation-simplification=true 
-analyzer-config c++-container-inlining=true -DINLINE=1 %s -verify
+// RUN: %clang_analyze_cc1 -std=c++23 
-analyzer-checker=core,cplusplus,alpha.cplusplus.InvalidatedIterator 
-analyzer-config aggressive-binary-operation-simplification=true 
-analyzer-config c++-container-inlining=true -DINLINE=1 %s -verify
 
 #include "Inputs/system-header-simulator-cxx.h"
 
@@ -204,4 +205,26 @@ void 
invalidated_subscript_end_ptr_iterator(cont_with_ptr_iterator<int> &C) {
   auto i = C.begin();
   C.erase(i);
   (void) i[1]; // expected-warning{{Invalidated iterator accessed}}
-}
\ No newline at end of file
+}
+
+#if __cplusplus >= 202302L
+namespace GH116372 {
+  class ExplicitThis {
+    int f = 0;
+  public:
+    ExplicitThis();
+    ExplicitThis(ExplicitThis& other);
+  
+    ExplicitThis& operator=(this ExplicitThis& self, ExplicitThis const& 
other) { // no crash
+      self.f = other.f;
+      return self;
+    }
+  
+    ~ExplicitThis();
+  };
+  
+  void func(ExplicitThis& obj1) {
+      obj1 = obj1;
+  }
+}
+#endif
\ No newline at end of file
diff --git a/clang/test/Analysis/issue-116372.cpp 
b/clang/test/Analysis/issue-116372.cpp
deleted file mode 100644
index 0843cd614d87c..0000000000000
--- a/clang/test/Analysis/issue-116372.cpp
+++ /dev/null
@@ -1,21 +0,0 @@
-// RUN: %clang_analyze_cc1 -std=c++23 %s -verify 
-analyzer-checker=alpha.cplusplus.InvalidatedIterator -analyzer-config 
aggressive-binary-operation-simplification=true
-
-// expected-no-diagnostics
-
-class ExplicitThis {
-  int f = 0;
-public:
-  ExplicitThis();
-  ExplicitThis(ExplicitThis& other);
-
-  ExplicitThis& operator=(this ExplicitThis& self, ExplicitThis const& other) 
{ // no crash
-    self.f = other.f;
-    return self;
-  }
-
-  ~ExplicitThis();
-};
-
-void func(ExplicitThis& obj1) {
-    obj1 = obj1;
-}

_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

Reply via email to