diff --git a/clang/lib/Analysis/FlowSensitive/TypeErasedDataflowAnalysis.cpp b/clang/lib/Analysis/FlowSensitive/TypeErasedDataflowAnalysis.cpp --- a/clang/lib/Analysis/FlowSensitive/TypeErasedDataflowAnalysis.cpp +++ b/clang/lib/Analysis/FlowSensitive/TypeErasedDataflowAnalysis.cpp @@ -17,6 +17,7 @@ #include #include "clang/AST/DeclCXX.h" +#include "clang/AST/IgnoreExpr.h" #include "clang/AST/OperationKinds.h" #include "clang/AST/StmtVisitor.h" #include "clang/Analysis/Analyses/PostOrderCFGView.h" @@ -68,6 +69,28 @@ return BlockPos - Pred.succ_begin(); } +/// Skips past any parentheses and implicit casts for `E`, except if they would +/// perform a type conversion to bool. +/// +/// FIXME: Its hard to tell if this is a principled solution or workaround to an +/// issue. Re-evaluate the necessity for this function after we model pointers +/// and integers in the framework. +static const Expr *ignoreParenImpCastsExceptToBool(const Expr *E) { + const Expr *LastE = nullptr; + while (E != LastE) { + LastE = E; + E = IgnoreParensSingleStep(const_cast(E)); + + bool WasBool = E->getType()->isBooleanType(); + auto *Unwrapped = IgnoreImplicitCastsExtraSingleStep(const_cast(E)); + if (WasBool && !Unwrapped->getType()->isBooleanType()) + return E; + + E = Unwrapped; + } + return E; +} + /// Extends the flow condition of an environment based on a terminator /// statement. class TerminatorVisitor : public ConstStmtVisitor { @@ -77,26 +100,26 @@ : StmtToEnv(StmtToEnv), Env(Env), BlockSuccIdx(BlockSuccIdx) {} void VisitIfStmt(const IfStmt *S) { - auto *Cond = S->getCond()->IgnoreParenImpCasts(); + auto *Cond = ignoreParenImpCastsExceptToBool(S->getCond()); assert(Cond != nullptr); extendFlowCondition(*Cond); } void VisitWhileStmt(const WhileStmt *S) { - auto *Cond = S->getCond()->IgnoreParenImpCasts(); + auto *Cond = ignoreParenImpCastsExceptToBool(S->getCond()); assert(Cond != nullptr); extendFlowCondition(*Cond); } void VisitBinaryOperator(const BinaryOperator *S) { assert(S->getOpcode() == BO_LAnd || S->getOpcode() == BO_LOr); - auto *LHS = S->getLHS()->IgnoreParenImpCasts(); + auto *LHS = ignoreParenImpCastsExceptToBool(S->getLHS()); assert(LHS != nullptr); extendFlowCondition(*LHS); } void VisitConditionalOperator(const ConditionalOperator *S) { - auto *Cond = S->getCond()->IgnoreParenImpCasts(); + auto *Cond = ignoreParenImpCastsExceptToBool(S->getCond()); assert(Cond != nullptr); extendFlowCondition(*Cond); } diff --git a/clang/unittests/Analysis/FlowSensitive/TypeErasedDataflowAnalysisTest.cpp b/clang/unittests/Analysis/FlowSensitive/TypeErasedDataflowAnalysisTest.cpp --- a/clang/unittests/Analysis/FlowSensitive/TypeErasedDataflowAnalysisTest.cpp +++ b/clang/unittests/Analysis/FlowSensitive/TypeErasedDataflowAnalysisTest.cpp @@ -1152,4 +1152,39 @@ }); } +// FIXME: Remove this test once it provides no additional test coverage. +TEST_F(FlowConditionTest, DoesNotAssertForImplicitCastToBool) { + std::string Code = R"( + void target(int *Ptr) { + bool Foo = false; + if (Ptr) { + Foo = true; + /*[[p1]]*/ + } + + (void)0; + /*[[p2]]*/ + } + )"; + runDataflow( + Code, [](llvm::ArrayRef< + std::pair>> + Results, + ASTContext &ASTCtx) { + ASSERT_THAT(Results, ElementsAre(Pair("p2", _), Pair("p1", _))); + const ValueDecl *FooDecl = findValueDecl(ASTCtx, "Foo"); + ASSERT_THAT(FooDecl, NotNull()); + + const Environment &Env1 = Results[1].second.Env; + auto &FooVal1 = + *cast(Env1.getValue(*FooDecl, SkipPast::Reference)); + EXPECT_TRUE(Env1.flowConditionImplies(FooVal1)); + + const Environment &Env2 = Results[0].second.Env; + auto &FooVal2 = + *cast(Env2.getValue(*FooDecl, SkipPast::Reference)); + EXPECT_FALSE(Env2.flowConditionImplies(FooVal2)); + }); +} + } // namespace