[analyzer] Do not destruct fields of unions #122330
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
llvmbot
added
clang
|
@llvm/pr-subscribers-clang-static-analyzer-1 @llvm/pr-subscribers-clang-analysis Author: Jameson Nash (vtjnash) ChangesThe C++ standard prohibits this implicit destructor call, leading to incorrect reports from clang-analyzer. This causes projects that use std::option (including llvm) to fail the cplusplus.NewDelete test incorrectly when run through the analyzer. Fixes #119415 Full diff: https://github.com/llvm/llvm-project/pull/122330.diff 3 Files Affected:
diff --git a/clang/lib/Analysis/CFG.cpp b/clang/lib/Analysis/CFG.cpp
index 304bbb2b422c61..3e144395cffc6f 100644
--- a/clang/lib/Analysis/CFG.cpp
+++ b/clang/lib/Analysis/CFG.cpp
@@ -2041,6 +2041,8 @@ void CFGBuilder::addImplicitDtorsForDestructor(const CXXDestructorDecl *DD) {
}
// First destroy member objects.
+ if (RD->isUnion())
+ return;
for (auto *FI : RD->fields()) {
// Check for constant size array. Set type to array element type.
QualType QT = FI->getType();
diff --git a/clang/test/Analysis/NewDelete-checker-test.cpp b/clang/test/Analysis/NewDelete-checker-test.cpp
index 21b4cf817b5df6..806edd47840fc1 100644
--- a/clang/test/Analysis/NewDelete-checker-test.cpp
+++ b/clang/test/Analysis/NewDelete-checker-test.cpp
@@ -441,3 +441,31 @@ void testLeakBecauseNTTPIsNotDeallocation() {
void* p = ::operator new(10);
deallocate_via_nttp<not_free>(p);
} // leak-warning{{Potential leak of memory pointed to by 'p'}}
+
+namespace optional_union {
+ template <typename T>
+ class unique_ptr {
+ T *q;
+ public:
+ unique_ptr() : q(new T) {}
+ ~unique_ptr() {
+ delete q;
+ }
+ };
+
+ union custom_union_t {
+ unique_ptr<int> present;
+ char notpresent;
+ custom_union_t() : present(unique_ptr<int>()) {}
+ ~custom_union_t() {};
+ };
+
+ void testUnionCorrect() {
+ custom_union_t a;
+ a.present.~unique_ptr<int>();
+ }
+
+ void testUnionLeak() {
+ custom_union_t a;
+ } // leak-warning{{Potential leak of memory pointed to by 'a.present.q'}}
+}
diff --git a/clang/test/Analysis/dtor-array.cpp b/clang/test/Analysis/dtor-array.cpp
index 84a34af9225169..1bbe55c09ee7e2 100644
--- a/clang/test/Analysis/dtor-array.cpp
+++ b/clang/test/Analysis/dtor-array.cpp
@@ -377,3 +377,27 @@ void directUnknownSymbol() {
}
}
+
+void testUnionDtor() {
+ static int unionDtorCalled;
+ InlineDtor::cnt = 0;
+ InlineDtor::dtorCalled = 0;
+ unionDtorCalled = 0;
+ {
+ union UnionDtor {
+ InlineDtor kind1;
+ char kind2;
+ ~UnionDtor() { unionDtorCalled++; }
+ };
+ UnionDtor u1{.kind1{}};
+ UnionDtor u2{.kind2{}};
+ auto u3 = new UnionDtor{.kind1{}};
+ auto u4 = new UnionDtor{.kind2{}};
+ delete u3;
+ delete u4;
+ }
+
+ clang_analyzer_eval(unionDtorCalled == 4); // expected-warning {{TRUE}}
+ clang_analyzer_eval(InlineDtor::dtorCalled != 4); // expected-warning {{TRUE}}
+ clang_analyzer_eval(InlineDtor::dtorCalled == 0); // expected-warning {{TRUE}}
+}
|
|
This roughly corresponds to 921bd20 in Sema, I think (@zygoloid). Maybe @tkremenek or @yronglin has done something in this part of the code recently too as reviewers and to merge this? |
|
Bump. |
steakhal
changed the title
steakhal
changed the title
Xazax-hun
approved these changes
Feb 4, 2025
| a.present.~unique_ptr<int>(); | ||
| } | ||
|
|
||
| void testUnionLeak() { |
There was a problem hiding this comment.
Could we also have a test where the custom union does not have a dtor declared for completeness? Or is that already covered somewhere?
There was a problem hiding this comment.
If I don't declare a dtor, it seems to be a C++ syntax error, so I cannot test that, but I will try to fix the other nits
clang/test/Analysis/dtor-array.cpp
Outdated
| @@ -377,3 +377,26 @@ void directUnknownSymbol() { | |||
| } | |||
|
|
|||
| } | |||
|
|
|||
| void testUnionDtor() { | |||
There was a problem hiding this comment.
I think this is a wonderful test but I would not expect to find it in dtor-array as this has nothing to do with arrays. Would it be possible to move it to a new file? Also to add a same test with a union that does not declare a dtor?
The C++ standard prohibits this implicit destructor call, leading to incorrect reports from clang-analyzer. This causes projects that use std::option (including llvm) to fail the cplusplus.NewDelete test incorrectly when run through the analyzer. Fixes llvm#119415
giordano
pushed a commit
to JuliaLang/llvm-project
that referenced
this pull request
Feb 7, 2025
The C++ standard prohibits this implicit destructor call, leading to incorrect reports from clang-analyzer. This causes projects that use std::option (including llvm) to fail the cplusplus.NewDelete test incorrectly when run through the analyzer. Fixes llvm#119415 (cherry picked from commit 9b8297b)
giordano
pushed a commit
to JuliaLang/llvm-project
that referenced
this pull request
Feb 9, 2025
The C++ standard prohibits this implicit destructor call, leading to incorrect reports from clang-analyzer. This causes projects that use std::option (including llvm) to fail the cplusplus.NewDelete test incorrectly when run through the analyzer. Fixes llvm#119415 (cherry picked from commit 9b8297b)
Icohedron
pushed a commit
to Icohedron/llvm-project
that referenced
this pull request
Feb 11, 2025
The C++ standard prohibits this implicit destructor call, leading to incorrect reports from clang-analyzer. This causes projects that use std::option (including llvm) to fail the cplusplus.NewDelete test incorrectly when run through the analyzer. Fixes llvm#119415
Zentrik
pushed a commit
to JuliaLang/llvm-project
that referenced
this pull request
Mar 6, 2025
The C++ standard prohibits this implicit destructor call, leading to incorrect reports from clang-analyzer. This causes projects that use std::option (including llvm) to fail the cplusplus.NewDelete test incorrectly when run through the analyzer. Fixes llvm#119415 (cherry picked from commit 9b8297b) (cherry picked from commit 199140a)
Zentrik
pushed a commit
to JuliaLang/llvm-project
that referenced
this pull request
Apr 14, 2025
The C++ standard prohibits this implicit destructor call, leading to incorrect reports from clang-analyzer. This causes projects that use std::option (including llvm) to fail the cplusplus.NewDelete test incorrectly when run through the analyzer. Fixes llvm#119415 (cherry picked from commit 9b8297b) (cherry picked from commit 199140a)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The C++ standard prohibits this implicit destructor call, leading to incorrect reports from clang-analyzer. This causes projects that use std::option (including llvm) to fail the cplusplus.NewDelete test incorrectly when run through the analyzer.
Fixes #119415