Index: clang/include/clang/StaticAnalyzer/Core/PathSensitive/ProgramStateTrait.h =================================================================== --- clang/include/clang/StaticAnalyzer/Core/PathSensitive/ProgramStateTrait.h +++ clang/include/clang/StaticAnalyzer/Core/PathSensitive/ProgramStateTrait.h @@ -21,29 +21,33 @@ #include "llvm/ADT/ImmutableSet.h" #include "llvm/Support/Allocator.h" #include +#include namespace clang { namespace ento { - template struct ProgramStatePartialTrait; - - /// Declares a program state trait for type \p Type called \p Name, and - /// introduce a type named \c NameTy. - /// The macro should not be used inside namespaces. - #define REGISTER_TRAIT_WITH_PROGRAMSTATE(Name, Type) \ - namespace { \ - class Name {}; \ - using Name ## Ty = Type; \ - } \ - namespace clang { \ - namespace ento { \ - template <> \ - struct ProgramStateTrait \ - : public ProgramStatePartialTrait { \ - static void *GDMIndex() { static int Index; return &Index; } \ - }; \ - } \ - } +template +struct ProgramStatePartialTrait; + +/// Declares a program state trait for type \p Type called \p Name, and +/// introduce a type named \c NameTy. +/// The macro should not be used inside namespaces. +#define REGISTER_TRAIT_WITH_PROGRAMSTATE(Name, Type) \ + namespace { \ + class Name {}; \ + using Name##Ty = Type; \ + } \ + namespace clang { \ + namespace ento { \ + template <> \ + struct ProgramStateTrait : public ProgramStatePartialTrait { \ + static void *GDMIndex() { \ + static int Index; \ + return &Index; \ + } \ + }; \ + } \ + } /// Declares a factory for objects of type \p Type in the program state /// manager. The type must provide a ::Factory sub-class. Commonly used for @@ -267,60 +271,28 @@ } }; - // Partial specialization for bool. - template <> struct ProgramStatePartialTrait { - using data_type = bool; - - static data_type MakeData(void *const *p) { - return p ? (data_type) (uintptr_t) *p - : data_type(); - } - - static void *MakeVoidPtr(data_type d) { - return (void *) (uintptr_t) d; - } + template struct DefaultProgramStatePartialTraitImpl { + using data_type = T; + static T MakeData(void *const *P) { return P ? (T)(uintptr_t)*P : T{}; } + static void *MakeVoidPtr(T D) { return (void *)(uintptr_t)D; } }; - // Partial specialization for unsigned. - template <> struct ProgramStatePartialTrait { - using data_type = unsigned; - - static data_type MakeData(void *const *p) { - return p ? (data_type) (uintptr_t) *p - : data_type(); - } - - static void *MakeVoidPtr(data_type d) { - return (void *) (uintptr_t) d; - } - }; - - // Partial specialization for void*. - template <> struct ProgramStatePartialTrait { - using data_type = void *; - - static data_type MakeData(void *const *p) { - return p ? *p - : data_type(); - } - - static void *MakeVoidPtr(data_type d) { - return d; - } - }; - - // Partial specialization for const void *. - template <> struct ProgramStatePartialTrait { - using data_type = const void *; + // Partial specialization for integral types. + template + struct ProgramStatePartialTrait< + T, std::enable_if_t::value, void>> + : DefaultProgramStatePartialTraitImpl {}; - static data_type MakeData(void *const *p) { - return p ? *p : data_type(); - } + // Partial specialization for enums. + template + struct ProgramStatePartialTrait< + T, std::enable_if_t::value, void>> + : DefaultProgramStatePartialTraitImpl {}; - static void *MakeVoidPtr(data_type d) { - return const_cast(d); - } - }; + // Partial specialization for non-const and const pointers. + template + struct ProgramStatePartialTrait + : DefaultProgramStatePartialTraitImpl {}; } // namespace ento } // namespace clang Index: clang/lib/StaticAnalyzer/Checkers/cert/InvalidPtrChecker.cpp =================================================================== --- clang/lib/StaticAnalyzer/Checkers/cert/InvalidPtrChecker.cpp +++ clang/lib/StaticAnalyzer/Checkers/cert/InvalidPtrChecker.cpp @@ -82,9 +82,7 @@ REGISTER_SET_WITH_PROGRAMSTATE(InvalidMemoryRegions, const MemRegion *) // Stores the region of the environment pointer of 'main' (if present). -// Note: This pointer has type 'const MemRegion *', however the trait is only -// specialized to 'const void*' and 'void*' -REGISTER_TRAIT_WITH_PROGRAMSTATE(EnvPtrRegion, const void *) +REGISTER_TRAIT_WITH_PROGRAMSTATE(EnvPtrRegion, const MemRegion *) // Stores key-value pairs, where key is function declaration and value is // pointer to memory region returned by previous call of this function @@ -95,11 +93,9 @@ CheckerContext &C) const { StringRef FunctionName = Call.getCalleeIdentifier()->getName(); ProgramStateRef State = C.getState(); - const auto *Reg = State->get(); - if (!Reg) + const MemRegion *SymbolicEnvPtrRegion = State->get(); + if (!SymbolicEnvPtrRegion) return; - const auto *SymbolicEnvPtrRegion = - reinterpret_cast(const_cast(Reg)); State = State->add(SymbolicEnvPtrRegion); @@ -245,9 +241,7 @@ // Save the memory region pointed by the environment pointer parameter of // 'main'. - State = State->set( - reinterpret_cast(const_cast(EnvpReg))); - C.addTransition(State); + C.addTransition(State->set(EnvpReg)); } // Check if invalidated region is being dereferenced.