This is an archive of the discontinued LLVM Phabricator instance.

Differential D156189

[-Wunsafe-buffer-usage] Refactor to let local variable fix-its and parameter fix-its share common code
ClosedPublic

Authored by ziqingluo-90 on Jul 24 2023, 5:21 PM.

Details

Reviewers
NoQ
jkorous
t-rasmud
malavikasamak
Commits
rG3a67b912386e: [-Wunsafe-buffer-usage] Refactor to let local variable fix-its and parameter…
Summary

Refactor the code for local variable fix-its so that it reuses the code for parameter fix-its, which is in general better. For example, cv-qualifiers are supported.

Diff Detail

Event Timeline

ziqingluo-90 created this revision.Jul 24 2023, 5:21 PM
Herald added a project: Restricted Project. · View Herald TranscriptJul 24 2023, 5:21 PM
ziqingluo-90 requested review of this revision.Jul 24 2023, 5:21 PM
Herald added a project: Restricted Project. · View Herald TranscriptJul 24 2023, 5:21 PM
Herald added a subscriber: cfe-commits. · View Herald Transcript
ziqingluo-90 added a parent revision: D156188: [-Wunsafe-buffer-usage] Refactor and improve for parameter fix-its.Jul 24 2023, 5:21 PM
ziqingluo-90 added inline comments.Jul 24 2023, 5:32 PM
clang/test/SemaCXX/warn-unsafe-buffer-usage-fixits-local-var-span.cpp
242

We no longer generate fix-its for a variable declaration where the type specifier is just auto. This is to avoid that fix-its may become incorrect when the adopting codebase changes. For example,

int x;
auto p = &x;

If we fix the declaration of p to std::span<int> p{&x, 1}, and later int x is changed to long x, the program becomes incorrect and the programmer may not know that the type of p should simply follow the type of x.

ziqingluo-90 added a child revision: D156192: [-Wunsafe-buffer-usage] Stop generating incorrect fix-its for variable declarations with unsupported specifiers.Jul 24 2023, 6:15 PM
Harbormaster completed remote builds in B247834: Diff 543750.Jul 25 2023, 1:05 AM
t-rasmud added inline comments.Jul 25 2023, 1:09 PM
clang/lib/Analysis/UnsafeBufferUsage.cpp
1860

When will this condition be satisfied? I just want to understand if there are code examples where there is no identifier text or is it that getVarDeclIdentifierText fails.

ziqingluo-90 updated this revision to Diff 544111.Jul 25 2023, 3:04 PM
ziqingluo-90 added inline comments.Jul 25 2023, 3:11 PM
clang/lib/Analysis/UnsafeBufferUsage.cpp
1860

!IdentText if getVarDeclIdentifierText fails.

getVarDeclIdentifierText assumes that the identifier text is a single token. It starts with the begin location of the identifier and tries to obtain the end location via Lexer::getLocForEndOfToken.
So it could fail if 1) the identifier text is not a single token or 2) any unexpected failure happens in obtaining valid source locations.

Case 2) could be rare I think since I don't know when it could happen. We just need to assume that it is NOT always successful in manipulating source locations.

For case 1), I originally thought that if the identifier is expanded from a macro with parameters, e.g.,

#define MACRO(x)  name
int * MACRO(x);

, MACRO(x) is not a single token. But it seems I was wrong---it is one token to the Lexer. See my test at warn-unsafe-buffer-usage-fixits-local-var-span.cpp:186--206.

In conclusion, getVarDeclIdentifierText could fail but it should be rare.

ziqingluo-90 marked an inline comment as done.Jul 25 2023, 3:11 PM
Harbormaster completed remote builds in B248091: Diff 544111.Jul 25 2023, 11:39 PM
ziqingluo-90 mentioned this in D153059: [-Wunsafe-buffer-usage] Group parameter fix-its.Jul 31 2023, 5:25 PM
t-rasmud accepted this revision.Aug 10 2023, 11:32 AM
This revision is now accepted and ready to land.Aug 10 2023, 11:32 AM
NoQ accepted this revision.Aug 17 2023, 4:08 PM

LGTM! I have minor suggestions for comments.

clang/lib/Analysis/UnsafeBufferUsage.cpp
1829–1833
1861

Should we start adding debug notes to all these early-returns? Or are they already covered by a catch-all debug note down the line?

clang/test/SemaCXX/warn-unsafe-buffer-usage-fixits-local-var-span.cpp
20–23
42–45
This revision was landed with ongoing or failed builds.Aug 21 2023, 2:50 PM
Closed by commit rG3a67b912386e: [-Wunsafe-buffer-usage] Refactor to let local variable fix-its and parameter… (authored by ziqingluo-90). · Explain Why
This revision was automatically updated to reflect the committed changes.
ziqingluo-90 marked 4 inline comments as done.
ziqingluo-90 added a commit: rG3a67b912386e: [-Wunsafe-buffer-usage] Refactor to let local variable fix-its and parameter….
ziqingluo-90 added a comment.Aug 21 2023, 2:51 PM

Addressed comments and have landed this patch.

Revision Contents

Diff 552142

clang/lib/Analysis/UnsafeBufferUsage.cpp

Show First 20 LinesShow All 1,710 Lines▼ Show 20 Lines
// initializer shall be used to initialize a variable of type `std::span<T>`. // initializer shall be used to initialize a variable of type `std::span<T>`.
// //
// FIXME: Support multi-level pointers // FIXME: Support multi-level pointers
// //
// Parameters: // Parameters:
// `Init` a pointer to the initializer expression // `Init` a pointer to the initializer expression
// `Ctx` a reference to the ASTContext // `Ctx` a reference to the ASTContext
static FixItList static FixItList
populateInitializerFixItWithSpan(const Expr *Init, ASTContext &Ctx, FixVarInitializerWithSpan(const Expr *Init, ASTContext &Ctx,
const StringRef UserFillPlaceHolder) { const StringRef UserFillPlaceHolder) {
const SourceManager &SM = Ctx.getSourceManager(); const SourceManager &SM = Ctx.getSourceManager();
const LangOptions &LangOpts = Ctx.getLangOpts(); const LangOptions &LangOpts = Ctx.getLangOpts();
// If `Init` has a constant value that is (or equivalent to) a // If `Init` has a constant value that is (or equivalent to) a
// NULL pointer, we use the default constructor to initialize the span // NULL pointer, we use the default constructor to initialize the span
// object, i.e., a `std:span` variable declaration with no initializer. // object, i.e., a `std:span` variable declaration with no initializer.
// So the fix-it is just to remove the initializer. // So the fix-it is just to remove the initializer.
▲ Show 20 LinesShow All 93 Lines▼ Show 20 Linesstatic std::optional<std::string> createSpanTypeForVarDecl(const VarDecl *VD,
if (PteTyQualifiers) { if (PteTyQualifiers) {
SpanTyText.append(" "); SpanTyText.append(" ");
SpanTyText.append(PteTyQualifiers->getAsString()); SpanTyText.append(PteTyQualifiers->getAsString());
} }
SpanTyText.append(">"); SpanTyText.append(">");
return SpanTyText; return SpanTyText;
} }
// For a `VarDecl` of the form `T * var (= Init)?`, this // For a `VarDecl` of the form `T * var (= Init)?`, this
// function generates a fix-it for the declaration, which re-declares `var` to // function generates fix-its that
// be of `span<T>` type and transforms the initializer, if present, to a span // 1) replace `T * var` with `std::span<T> var`; and
// constructor---`span<T> var {Init, Extent}`, where `Extent` may need the user // 2) change `Init` accordingly to a span constructor, if it exists.
// to fill in.
// //
NoQUnsubmitted
Done
ReplyInline Actions
return SpanTyText;
}
// For a `VarDecl` of the form `T * var (= Init)?`, this
// function generates fix-its that
- // 1) replaces `T * var` with `std::span<T> var`; and
- // 2) changes `Init` accordingly to a span constructor, if it exists.
+ // 1) replace `T * var` with `std::span<T> var`; and
+ // 2) change `Init` accordingly to a span constructor, if it exists.
//
// FIXME: support Multi-level pointers
NoQ:
// FIXME: support Multi-level pointers // FIXME: support Multi-level pointers
// //
// Parameters: // Parameters:
// `D` a pointer the variable declaration node // `D` a pointer the variable declaration node
// `Ctx` a reference to the ASTContext // `Ctx` a reference to the ASTContext
// `UserFillPlaceHolder` the user-input placeholder text
// Returns: // Returns:
// the generated fix-it // the non-empty fix-it list, if fix-its are successfuly generated; empty
static FixItList fixVarDeclWithSpan(const VarDecl *D, ASTContext &Ctx, // list otherwise.
static FixItList fixLocalVarDeclWithSpan(const VarDecl *D, ASTContext &Ctx,
const StringRef UserFillPlaceHolder, const StringRef UserFillPlaceHolder,
UnsafeBufferUsageHandler &Handler) { UnsafeBufferUsageHandler &Handler) {
(void)Handler; // Suppress unused variable warning in release builds.
const QualType &SpanEltT = D->getType()->getPointeeType();
assert(!SpanEltT.isNull() && "Trying to fix a non-pointer type variable!");
FixItList FixIts{}; FixItList FixIts{};
std::optional<SourceLocation> std::optional<std::string> SpanTyText = createSpanTypeForVarDecl(D, Ctx);
ReplacementLastLoc; // the inclusive end location of the replacement
const SourceManager &SM = Ctx.getSourceManager();
if (const Expr *Init = D->getInit()) {
FixItList InitFixIts =
populateInitializerFixItWithSpan(Init, Ctx, UserFillPlaceHolder);
if (InitFixIts.empty()) { if (!SpanTyText) {
DEBUG_NOTE_DECL_FAIL(D, " : empty initializer"); DEBUG_NOTE_DECL_FAIL(D, " : failed to generate 'std::span' type");
return {}; return {};
} }
// The loc right before the initializer: // Will hold the text for `std::span<T> Ident`:
ReplacementLastLoc = Init->getBeginLoc().getLocWithOffset(-1); std::stringstream SS;
FixIts.insert(FixIts.end(), std::make_move_iterator(InitFixIts.begin()),
std::make_move_iterator(InitFixIts.end()));
} else
ReplacementLastLoc = getEndCharLoc(D, SM, Ctx.getLangOpts());
// Producing fix-it for variable declaration---make `D` to be of span type:
SmallString<32> Replacement;
raw_svector_ostream OS(Replacement);
OS << "std::span<" << SpanEltT.getAsString() << "> " << D->getName(); SS << *SpanTyText;
// Append qualifiers to the type of `D`, if any:
if (D->getType().hasQualifiers())
SS << " " << D->getType().getQualifiers().getAsString();
t-rasmudUnsubmitted
Done
ReplyInline Actions

When will this condition be satisfied? I just want to understand if there are code examples where there is no identifier text or is it that getVarDeclIdentifierText fails.

t-rasmud: When will this condition be satisfied? I just want to understand if there are code examples…
ziqingluo-90AuthorUnsubmitted
Done
ReplyInline Actions

!IdentText if getVarDeclIdentifierText fails.

getVarDeclIdentifierText assumes that the identifier text is a single token. It starts with the begin location of the identifier and tries to obtain the end location via Lexer::getLocForEndOfToken.
So it could fail if 1) the identifier text is not a single token or 2) any unexpected failure happens in obtaining valid source locations.

Case 2) could be rare I think since I don't know when it could happen. We just need to assume that it is NOT always successful in manipulating source locations.

For case 1), I originally thought that if the identifier is expanded from a macro with parameters, e.g.,

#define MACRO(x)  name
int * MACRO(x);

, MACRO(x) is not a single token. But it seems I was wrong---it is one token to the Lexer. See my test at warn-unsafe-buffer-usage-fixits-local-var-span.cpp:186--206.

In conclusion, getVarDeclIdentifierText could fail but it should be rare.

ziqingluo-90: `!IdentText` if `getVarDeclIdentifierText` fails. `getVarDeclIdentifierText` assumes that…
NoQUnsubmitted
Done
ReplyInline Actions

Should we start adding debug notes to all these early-returns? Or are they already covered by a catch-all debug note down the line?

NoQ: Should we start adding debug notes to all these early-returns? Or are they already covered by a…
// The end of the range of the original source that will be replaced
// by `std::span<T> ident`:
SourceLocation EndLocForReplacement = D->getEndLoc();
std::optional<StringRef> IdentText =
getVarDeclIdentifierText(D, Ctx.getSourceManager(), Ctx.getLangOpts());
if (!ReplacementLastLoc) { if (!IdentText) {
DEBUG_NOTE_DECL_FAIL(D, " : failed to get end char loc (macro)"); DEBUG_NOTE_DECL_FAIL(D, " : failed to locate the identifier");
return {};
}
// Fix the initializer if it exists:
if (const Expr *Init = D->getInit()) {
FixItList InitFixIts =
FixVarInitializerWithSpan(Init, Ctx, UserFillPlaceHolder);
if (InitFixIts.empty())
return {};
FixIts.insert(FixIts.end(), std::make_move_iterator(InitFixIts.begin()),
std::make_move_iterator(InitFixIts.end()));
// If the declaration has the form `T *ident = init`, we want to replace
// `T *ident = ` with `std::span<T> ident`:
EndLocForReplacement = Init->getBeginLoc().getLocWithOffset(-1);
}
SS << " " << IdentText->str();
if (!EndLocForReplacement.isValid()) {
DEBUG_NOTE_DECL_FAIL(D, " : failed to locate the end of the declaration");
return {}; return {};
} }
FixIts.push_back(FixItHint::CreateReplacement( FixIts.push_back(FixItHint::CreateReplacement(
SourceRange{D->getBeginLoc(), *ReplacementLastLoc}, OS.str())); SourceRange(D->getBeginLoc(), EndLocForReplacement), SS.str()));
return FixIts; return FixIts;
} }
static bool hasConflictingOverload(const FunctionDecl *FD) { static bool hasConflictingOverload(const FunctionDecl *FD) {
return !FD->getDeclContext()->lookup(FD->getDeclName()).isSingleResult(); return !FD->getDeclContext()->lookup(FD->getDeclName()).isSingleResult();
} }
// For a `FunDecl`, one of whose `ParmVarDecl`s is being changed to have a new // For a `FunDecl`, one of whose `ParmVarDecl`s is being changed to have a new
▲ Show 20 LinesShow All 243 Lines▼ Show 20 Lines if (!DS->isSingleDecl()) {
return {}; return {};
} }
// Currently DS is an unused variable but we'll need it when // Currently DS is an unused variable but we'll need it when
// non-single decls are implemented, where the pointee type name // non-single decls are implemented, where the pointee type name
// and the '*' are spread around the place. // and the '*' are spread around the place.
(void)DS; (void)DS;
// FIXME: handle cases where DS has multiple declarations // FIXME: handle cases where DS has multiple declarations
return fixVarDeclWithSpan(VD, Ctx, getUserFillPlaceHolder(), return fixLocalVarDeclWithSpan(VD, Ctx, getUserFillPlaceHolder(), Handler);
Handler);
} }
// TODO: we should be consistent to use `std::nullopt` to represent no-fix due // TODO: we should be consistent to use `std::nullopt` to represent no-fix due
// to any unexpected problem. // to any unexpected problem.
static FixItList static FixItList
fixVariable(const VarDecl *VD, Strategy::Kind K, fixVariable(const VarDecl *VD, Strategy::Kind K,
/* The function decl under analysis */ const Decl *D, /* The function decl under analysis */ const Decl *D,
const DeclUseTracker &Tracker, ASTContext &Ctx, const DeclUseTracker &Tracker, ASTContext &Ctx,
▲ Show 20 LinesShow All 462 LinesShow Last 20 Lines

clang/test/SemaCXX/warn-unsafe-buffer-usage-fixits-local-var-span.cpp

// RUN: %clang_cc1 -std=c++20 -Wunsafe-buffer-usage \ // RUN: %clang_cc1 -std=c++20 -Wunsafe-buffer-usage \
// RUN: -fsafe-buffer-usage-suggestions \ // RUN: -fsafe-buffer-usage-suggestions \
// RUN: -fdiagnostics-parseable-fixits %s 2>&1 | FileCheck %s // RUN: -fdiagnostics-parseable-fixits %s 2>&1 | FileCheck %s
typedef int * Int_ptr_t; typedef int * Int_ptr_t;
typedef int Int_t; typedef int Int_t;
#define DEFINE_PTR(X) int* ptr = (X);
void local_array_subscript_simple() { void local_array_subscript_simple() {
int tmp; int tmp;
int *p = new int[10]; int *p = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p" // CHECK: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{" // CHECK: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}" // CHECK: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}"
const int *q = new int[10]; const int *q = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:17}:"std::span<const int> q" // CHECK: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:17}:"std::span<int const> q"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:18-[[@LINE-2]]:18}:"{" // CHECK: fix-it:"{{.*}}":{[[@LINE-2]]:18-[[@LINE-2]]:18}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:29-[[@LINE-3]]:29}:", 10}" // CHECK: fix-it:"{{.*}}":{[[@LINE-3]]:29-[[@LINE-3]]:29}:", 10}"
tmp = p[5]; tmp = p[5];
tmp = q[5]; tmp = q[5];
// We do not fix the following declaration. Because if the
// definition of `Int_ptr_t` gets changed, the fixed code becomes
// incorrect and may NOT be noticed.
// FIXME: Fix with std::span<std::remove_pointer_t<Int_ptr_t>>?
NoQUnsubmitted
Done
ReplyInline Actions
tmp = q[5];
// We do not fix the following declaration. Because if the
// definition of `Int_ptr_t` gets changed, the fixed code becomes
// incorrect and may NOT be noticed.
+ // FIXME: Fix with std::span<std::remove_pointer_t<Int_ptr_t>>?
Int_ptr_t x = new int[10];
// CHECK-NOT: fix-it:"{{.*}}":{[[@LINE-1]]
NoQ:
Int_ptr_t x = new int[10]; Int_ptr_t x = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:16}:"std::span<int> x" // CHECK-NOT: fix-it:"{{.*}}":{[[@LINE-1]]
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:17-[[@LINE-2]]:17}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:28-[[@LINE-3]]:28}:", 10}"
Int_ptr_t y = new int;
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:16}:"std::span<int> y"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:17-[[@LINE-2]]:17}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:24-[[@LINE-3]]:24}:", 1}"
Int_t * z = new int[10]; Int_t * z = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:14}:"std::span<Int_t> z" // CHECK: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:14}:"std::span<Int_t> z"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:15-[[@LINE-2]]:15}:"{" // CHECK: fix-it:"{{.*}}":{[[@LINE-2]]:15-[[@LINE-2]]:15}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:26-[[@LINE-3]]:26}:", 10}" // CHECK: fix-it:"{{.*}}":{[[@LINE-3]]:26-[[@LINE-3]]:26}:", 10}"
Int_t * w = new Int_t[10]; Int_t * w = new Int_t[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:14}:"std::span<Int_t> w" // CHECK: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:14}:"std::span<Int_t> w"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:15-[[@LINE-2]]:15}:"{" // CHECK: fix-it:"{{.*}}":{[[@LINE-2]]:15-[[@LINE-2]]:15}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:28-[[@LINE-3]]:28}:", 10}" // CHECK: fix-it:"{{.*}}":{[[@LINE-3]]:28-[[@LINE-3]]:28}:", 10}"
tmp = x[5]; tmp = x[5];
tmp = y[5]; // y[5] will crash after being span
tmp = z[5]; tmp = z[5];
tmp = w[5]; tmp = w[5];
} }
void local_array_subscript_auto() { void local_array_subscript_auto() {
int tmp; int tmp;
// We do not fix the following declaration because
// that'd cause us to hardcode the element type.
// FIXME: Can we use the C++17 class template argument deduction
// to avoid spelling out the element type?
NoQUnsubmitted
Done
ReplyInline Actions
int tmp;
- // We do not fix the following declaration. Because if the
- // definition of `Int_ptr_t` gets changed, the fixed code becomes
- // incorrect and may NOT be noticed.
+ // We do not fix the following declaration because
+ // that'd cause us to hardcode the element type.
+ // FIXME: Can we use the C++17 class template argument deduction
+ // to avoid spelling out the element type?
auto p = new int[10];
// CHECK-NOT: fix-it:"{{.*}}":{[[@LINE-1]]
NoQ:
auto p = new int[10]; auto p = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p" // CHECK-NOT: fix-it:"{{.*}}":{[[@LINE-1]]
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}"
tmp = p[5]; tmp = p[5];
} }
void local_variable_qualifiers_specifiers() {
int a[10];
const int * p = a;
// CHECK: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:18}:"std::span<int const> p"
// CHECK: fix-it:"{{.*}}":{[[@LINE-2]]:19-[[@LINE-2]]:19}:"{"
// CHECK: fix-it:"{{.*}}":{[[@LINE-3]]:20-[[@LINE-3]]:20}:", 10}"
const int * const q = a;
// CHECK: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:24}:"std::span<int const> const q"
// CHECK: fix-it:"{{.*}}":{[[@LINE-2]]:25-[[@LINE-2]]:25}:"{"
// CHECK: fix-it:"{{.*}}":{[[@LINE-3]]:26-[[@LINE-3]]:26}:", 10}"
int tmp;
tmp = p[5];
tmp = q[5];
}
void local_array_subscript_variable_extent() { void local_array_subscript_variable_extent() {
int n = 10; int n = 10;
int tmp; int tmp;
int *p = new int[n]; int *p = new int[n];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:22-[[@LINE-3]]:22}:", n}" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:22-[[@LINE-3]]:22}:", n}"
// If the extent expression does not have a constant value, we cannot fill the extent for users... // If the extent expression does not have a constant value, we cannot fill the extent for users...
Show All 35 Linesvoid local_ptr_addrof_init() {
var = q[5]; var = q[5];
} }
void decl_without_init() { void decl_without_init() {
int tmp; int tmp;
int * p; int * p;
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:10}:"std::span<int> p" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:10}:"std::span<int> p"
// CHECK-NOT: fix-it:"{{.*}}":{[[@LINE-2]]:{{^3}} // CHECK-NOT: fix-it:"{{.*}}":{[[@LINE-2]]:{{^3}}
Int_ptr_t q; Int_t * q;
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:14}:"std::span<int> q" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:12}:"std::span<Int_t> q"
// CHECK-NOT: fix-it:"{{.*}}":{[[@LINE-2]]:{{^3}} // CHECK-NOT: fix-it:"{{.*}}":{[[@LINE-2]]:{{^3}}
tmp = p[5]; tmp = p[5];
tmp = q[5]; tmp = q[5];
} }
// Explicit casts are required in the following cases. No way to // Explicit casts are required in the following cases. No way to
// figure out span extent for them automatically. // figure out span extent for them automatically.
void explict_cast() { void explict_cast() {
▲ Show 20 LinesShow All 48 Lines▼ Show 20 Lines#define NULL 0
tmp = g[5]; tmp = g[5];
tmp = f[5]; tmp = f[5];
#undef NULL #undef NULL
} }
void unsupported_multi_decl(int * x) { void unsupported_multi_decl(int * x) {
int * p = x, * q = new int[10]; int * p = x, * q = new int[10];
// CHECK-NOT: fix-it:"{{.*}}":[[@LINE-1]] // CHECK-NOT: fix-it:"{{.*}}":{[[@LINE-1]]
*p = q[5]; *p = q[5];
} }
void macroVariableIdentifier() {
#define MY_NAME p
#define MY_NAME_ARG(x) q
// Although fix-its include macros, the macros do not overlap with
// the bounds of the source range of these fix-its. So these fix-its
// are valid.
int * MY_NAME = new int[10];
// CHECK: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:18}:"std::span<int> MY_NAME"
// CHECK: fix-it:"{{.*}}":{[[@LINE-2]]:19-[[@LINE-2]]:19}:"{"
// CHECK: fix-it:"{{.*}}":{[[@LINE-3]]:30-[[@LINE-3]]:30}:", 10}"
int * MY_NAME_ARG( 'x' ) = new int[10];
// CHECK: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:29}:"std::span<int> MY_NAME_ARG( 'x' )"
// CHECK: fix-it:"{{.*}}":{[[@LINE-2]]:30-[[@LINE-2]]:30}:"{"
// CHECK: fix-it:"{{.*}}":{[[@LINE-3]]:41-[[@LINE-3]]:41}:", 10}"
p[5] = 5;
q[5] = 5;
#undef MY_NAME
#undef MY_NAME_ARG
}
void unsupported_fixit_overlapping_macro(int * x) { void unsupported_fixit_overlapping_macro(int * x) {
int tmp; int tmp;
// In the case below, a tentative fix-it replaces `MY_INT * p =` with `std::span<MY_INT> p `. // In the case below, a tentative fix-it replaces `MY_INT * p =` with `std::span<MY_INT> p `.
// It overlaps with the use of the macro `MY_INT`. The fix-it is // The bounds of the source range of the fix-it overlap with the use of the macro
// discarded then. // `MY_INT`. The fix-it is discarded then.
// FIXME: we do not have to discard a fix-it if its begin location
// overlaps with the begin location of a macro. Similar for end
// locations.
#define MY_INT int #define MY_INT int
MY_INT * p = new int[10]; MY_INT * p = new int[10];
// CHECK-NOT: fix-it:"{{.*}}":{[[@LINE-1]] // CHECK-NOT: fix-it:"{{.*}}":{[[@LINE-1]]
tmp = p[5]; tmp = p[5];
#define MY_VAR(name) int * name #define MY_VAR(name) int * name
MY_VAR(q) = new int[10]; MY_VAR(q) = new int[10];
// CHECK-NOT: fix-it:"{{.*}}":{[[@LINE-1]] // CHECK-NOT: fix-it:"{{.*}}":{[[@LINE-1]]
Show All 34 Linesvoid unsupported_subscript_negative(int i, unsigned j, unsigned long k) {
// CHECK: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:12}:"std::span<int> r" // CHECK: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:12}:"std::span<int> r"
// CHECK: fix-it:"{{.*}}":{[[@LINE-2]]:13-[[@LINE-2]]:13}:"{" // CHECK: fix-it:"{{.*}}":{[[@LINE-2]]:13-[[@LINE-2]]:13}:"{"
// CHECK: fix-it:"{{.*}}":{[[@LINE-3]]:24-[[@LINE-3]]:24}:", 10}" // CHECK: fix-it:"{{.*}}":{[[@LINE-3]]:24-[[@LINE-3]]:24}:", 10}"
tmp = r[j] + r[k]; // both `j` and `k` are unsigned so they must be non-negative tmp = r[j] + r[k]; // both `j` and `k` are unsigned so they must be non-negative
tmp = r[(unsigned int)-1]; // a cast-to-unsigned-expression is also non-negative tmp = r[(unsigned int)-1]; // a cast-to-unsigned-expression is also non-negative
} }
#define DEFINE_PTR(X) int* ptr = (X);
void all_vars_in_macro() { void all_vars_in_macro() {
int* local; int* local;
DEFINE_PTR(local) DEFINE_PTR(local)
ptr[1] = 0; ptr[1] = 0;
} }
void few_vars_in_macro() { void few_vars_in_macro() {
int* local; int* local;
DEFINE_PTR(local) DEFINE_PTR(local)
ptr[1] = 0; ptr[1] = 0;
int tmp; int tmp;
ptr[2] = 30; ptr[2] = 30;
auto p = new int[10]; int * p = new int[10];
ziqingluo-90AuthorUnsubmitted
Done
ReplyInline Actions

We no longer generate fix-its for a variable declaration where the type specifier is just auto. This is to avoid that fix-its may become incorrect when the adopting codebase changes. For example,

int x;
auto p = &x;

If we fix the declaration of p to std::span<int> p{&x, 1}, and later int x is changed to long x, the program becomes incorrect and the programmer may not know that the type of p should simply follow the type of x.

ziqingluo-90: We no longer generate fix-its for a variable declaration where the type specifier is just…
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:12}:"std::span<int> p"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:13-[[@LINE-2]]:13}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:24-[[@LINE-3]]:24}:", 10}"
tmp = p[5]; tmp = p[5];
int val = *p; int val = *p;
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:13-[[@LINE-1]]:14}:"" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:13-[[@LINE-1]]:14}:""
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:15-[[@LINE-2]]:15}:"[0]" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:15-[[@LINE-2]]:15}:"[0]"
val = *p + 30; val = *p + 30;
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:9-[[@LINE-1]]:10}:"" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:9-[[@LINE-1]]:10}:""
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:11-[[@LINE-2]]:11}:"[0]" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:11-[[@LINE-2]]:11}:"[0]"
} }

clang/test/SemaCXX/warn-unsafe-buffer-usage-fixits-pointer-access.cpp

// RUN: %clang_cc1 -std=c++20 -Wunsafe-buffer-usage \ // RUN: %clang_cc1 -std=c++20 -Wunsafe-buffer-usage \
// RUN: -fsafe-buffer-usage-suggestions \ // RUN: -fsafe-buffer-usage-suggestions \
// RUN: -fdiagnostics-parseable-fixits %s 2>&1 | FileCheck %s // RUN: -fdiagnostics-parseable-fixits %s 2>&1 | FileCheck %s
void foo(int* v) { void foo(int* v) {
} }
void m1(int* v1, int* v2, int) { void m1(int* v1, int* v2, int) {
} }
void condition_check_nullptr() { void condition_check_nullptr() {
auto p = new int[10]; int* p = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}"
int tmp = p[5]; int tmp = p[5];
if(p != nullptr) {} if(p != nullptr) {}
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:7-[[@LINE-1]]:7}:".data()" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:7-[[@LINE-1]]:7}:".data()"
} }
void condition_check() { void condition_check() {
auto p = new int[10]; int* p = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}"
auto q = new int[10]; auto q = new int[10];
int tmp = p[5]; int tmp = p[5];
if(p == q) {} if(p == q) {}
Show All 15 Linesvoid condition_check() {
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:7-[[@LINE-1]]:7}:".data()" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:7-[[@LINE-1]]:7}:".data()"
if( p == q && p != nullptr) {} if( p == q && p != nullptr) {}
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:8-[[@LINE-1]]:8}:".data()" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:8-[[@LINE-1]]:8}:".data()"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:18-[[@LINE-2]]:18}:".data()" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:18-[[@LINE-2]]:18}:".data()"
} }
void condition_check_two_usafe_buffers() { void condition_check_two_usafe_buffers() {
auto p = new int[10]; int* p = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}"
auto q = new int[10]; int* q = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> q" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> q"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}"
int tmp = p[5]; int tmp = p[5];
tmp = q[5]; tmp = q[5];
if(p == q) {} if(p == q) {}
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:7-[[@LINE-1]]:7}:".data()" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:7-[[@LINE-1]]:7}:".data()"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:".data()" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:".data()"
} }
void unsafe_method_invocation_single_param() { void unsafe_method_invocation_single_param() {
auto p = new int[10]; int* p = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}"
int tmp = p[5]; int tmp = p[5];
foo(p); foo(p);
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:8-[[@LINE-1]]:8}:".data()" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:8-[[@LINE-1]]:8}:".data()"
} }
void safe_method_invocation_single_param() { void safe_method_invocation_single_param() {
auto p = new int[10]; int* p = new int[10];
foo(p); foo(p);
} }
void unsafe_method_invocation_double_param() { void unsafe_method_invocation_double_param() {
auto p = new int[10]; int* p = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}"
int tmp = p[5]; int tmp = p[5];
m1(p, p, 10); m1(p, p, 10);
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:7-[[@LINE-1]]:7}:".data()" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:7-[[@LINE-1]]:7}:".data()"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:10-[[@LINE-2]]:10}:".data()" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:10-[[@LINE-2]]:10}:".data()"
auto q = new int[10]; auto q = new int[10];
m1(p, q, 4); m1(p, q, 4);
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:7-[[@LINE-1]]:7}:".data()" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:7-[[@LINE-1]]:7}:".data()"
m1(q, p, 9); m1(q, p, 9);
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:10-[[@LINE-1]]:10}:".data()" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:10-[[@LINE-1]]:10}:".data()"
m1(q, q, 8); m1(q, q, 8);
} }
void unsafe_access_in_lamda() { void unsafe_access_in_lamda() {
auto p = new int[10]; int* p = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}"
auto my_lambda = [&](){ auto my_lambda = [&](){
p[5] = 10; p[5] = 10;
}; };
foo(p); foo(p);
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:8-[[@LINE-1]]:8}:".data()" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:8-[[@LINE-1]]:8}:".data()"
} }
void fixits_in_lamda() { void fixits_in_lamda() {
auto p = new int[10]; int* p = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}"
auto my_lambda = [&](){ auto my_lambda = [&](){
foo(p); foo(p);
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:10-[[@LINE-1]]:10}:".data()" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:10-[[@LINE-1]]:10}:".data()"
}; };
▲ Show 20 LinesShow All 43 LinesShow Last 20 Lines

clang/test/SemaCXX/warn-unsafe-buffer-usage-fixits-pointer-deref.cpp

// RUN: %clang_cc1 -std=c++20 -Wunsafe-buffer-usage \ // RUN: %clang_cc1 -std=c++20 -Wunsafe-buffer-usage \
// RUN: -fsafe-buffer-usage-suggestions \ // RUN: -fsafe-buffer-usage-suggestions \
// RUN: -fdiagnostics-parseable-fixits %s 2>&1 | FileCheck %s // RUN: -fdiagnostics-parseable-fixits %s 2>&1 | FileCheck %s
void basic_dereference() { void basic_dereference() {
int tmp; int tmp;
auto p = new int[10]; int* p = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}"
tmp = p[5]; tmp = p[5];
int val = *p; int val = *p;
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:13-[[@LINE-1]]:14}:"" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:13-[[@LINE-1]]:14}:""
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:15-[[@LINE-2]]:15}:"[0]" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:15-[[@LINE-2]]:15}:"[0]"
} }
int return_method() { int return_method() {
auto p = new int[10]; int* p = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}"
int tmp = p[5]; int tmp = p[5];
return *p; return *p;
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:10-[[@LINE-1]]:11}:"" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:10-[[@LINE-1]]:11}:""
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"[0]" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"[0]"
} }
void foo(int v) { void foo(int v) {
} }
void method_invocation() { void method_invocation() {
auto p = new int[10]; int* p = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}"
int tmp = p[5]; int tmp = p[5];
foo(*p); foo(*p);
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:7-[[@LINE-1]]:8}:"" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:7-[[@LINE-1]]:8}:""
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:9-[[@LINE-2]]:9}:"[0]" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:9-[[@LINE-2]]:9}:"[0]"
} }
void binary_operation() { void binary_operation() {
auto p = new int[10]; int* p = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}"
int tmp = p[5]; int tmp = p[5];
int k = *p + 20; int k = *p + 20;
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:11-[[@LINE-1]]:12}:"" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:11-[[@LINE-1]]:12}:""
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:13-[[@LINE-2]]:13}:"[0]" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:13-[[@LINE-2]]:13}:"[0]"
} }

clang/test/SemaCXX/warn-unsafe-buffer-usage-fixits-unevaluated-context.cpp

Show All 9 Lines
} }
using size_t = __typeof(sizeof(int)); using size_t = __typeof(sizeof(int));
void *malloc(size_t); void *malloc(size_t);
void foo(...); void foo(...);
int bar(int *ptr); int bar(int *ptr);
void uneval_context_fix_pointer_dereference() { void uneval_context_fix_pointer_dereference() {
auto p = new int[10]; int* p = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}"
int tmp = p[5]; int tmp = p[5];
typeid(foo(*p)); typeid(foo(*p));
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:14-[[@LINE-1]]:15}:"" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:14-[[@LINE-1]]:15}:""
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:16-[[@LINE-2]]:16}:"[0]" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:16-[[@LINE-2]]:16}:"[0]"
_Generic(*p, int: 2, float: 3); _Generic(*p, int: 2, float: 3);
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:12-[[@LINE-1]]:13}:"" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:12-[[@LINE-1]]:13}:""
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:14-[[@LINE-2]]:14}:"[0]" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:14-[[@LINE-2]]:14}:"[0]"
} }
void uneval_context_fix_pointer_array_access() { void uneval_context_fix_pointer_array_access() {
auto p = new int[10]; int* p = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}"
int tmp = p[5]; int tmp = p[5];
typeid(foo(p[5])); typeid(foo(p[5]));
_Generic(p[2], int: 2, float: 3); _Generic(p[2], int: 2, float: 3);
} }
void uneval_context_fix_pointer_reference() { void uneval_context_fix_pointer_reference() {
auto p = new int[10]; int* p = new int[10];
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:3-[[@LINE-1]]:11}:"std::span<int> p"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-2]]:12-[[@LINE-2]]:12}:"{"
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-3]]:23-[[@LINE-3]]:23}:", 10}"
int tmp = p[5]; int tmp = p[5];
typeid(bar(p)); typeid(bar(p));
// CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:15-[[@LINE-1]]:15}:".data()" // CHECK-DAG: fix-it:"{{.*}}":{[[@LINE-1]]:15-[[@LINE-1]]:15}:".data()"
} }
// The FixableGagdtes are not working in the following scenarios: // The FixableGagdtes are not working in the following scenarios:
// 1. sizeof(DRE) // 1. sizeof(DRE)
// 2. typeid(DRE) // 2. typeid(DRE)
// 3. __typeof(DRE) // 3. __typeof(DRE)
// 4. _Generic(expr, type_1: DRE, type_2:) // 4. _Generic(expr, type_1: DRE, type_2:)
// 5. decltype(DRE) var = y; // 5. decltype(DRE) var = y;
// 6. noexcept(DRE); // 6. noexcept(DRE);
// This is becauste the UPC and ULC context matchers do not handle these contexts // This is becauste the UPC and ULC context matchers do not handle these contexts
// and almost all FixableGagdets currently depend on these matchers. // and almost all FixableGagdets currently depend on these matchers.
// FIXME: Emit fixits for each of the below use. // FIXME: Emit fixits for each of the below use.
void uneval_context_fix_pointer_dereference_not_handled() { void uneval_context_fix_pointer_dereference_not_handled() {
auto p = new int[10]; int* p = new int[10];
int tmp = p[5]; int tmp = p[5];
foo(sizeof(*p), sizeof(decltype(*p))); foo(sizeof(*p), sizeof(decltype(*p)));
__typeof(*p) x; __typeof(*p) x;
int *q = (int *)malloc(sizeof(*p)); int *q = (int *)malloc(sizeof(*p));
int y = sizeof(*p); int y = sizeof(*p);
__is_pod(__typeof(*p)); __is_pod(__typeof(*p));
__is_trivially_constructible(__typeof(*p), decltype(*p)); __is_trivially_constructible(__typeof(*p), decltype(*p));
_Generic(*p, int: 2, float: 3); _Generic(*p, int: 2, float: 3);
_Generic(1, int: *p, float: 3); _Generic(1, int: *p, float: 3);
_Generic(1, int: 2, float: *p); _Generic(1, int: 2, float: *p);
decltype(*p) var = y; decltype(*p) var = y;
noexcept(*p); noexcept(*p);
typeid(*p); typeid(*p);
} }

clang/test/SemaCXX/warn-unsafe-buffer-usage.cpp

Show First 20 LinesShow All 74 Lines▼ Show 20 Lines// expected-warning@-2{{'pp' is an unsafe pointer used for buffer access}}
foo(p[0], pp[0][0], 0[0[pp]], 0[pp][0], foo(p[0], pp[0][0], 0[0[pp]], 0[pp][0],
((int*)voidPtrCall())[0], ((int*)voidPtrCall())[0],
0[(int*)voidPtrCall()], 0[(int*)voidPtrCall()],
charPtrCall()[0], charPtrCall()[0],
0[charPtrCall()] 0[charPtrCall()]
); );
} }
void testArraySubscriptsWithAuto(int *p, int **pp) { void testArraySubscriptsWithAuto() {
int a[10]; int a[10];
auto ap1 = a; // expected-warning{{'ap1' is an unsafe pointer used for buffer access}} \ // We do not fix a declaration if the type is `auto`. Because the actual type may change later.
expected-note{{change type of 'ap1' to 'std::span' to preserve bounds information}} auto ap1 = a; // expected-warning{{'ap1' is an unsafe pointer used for buffer access}}
foo(ap1[1]); // expected-note{{used in buffer access here}} foo(ap1[1]); // expected-note{{used in buffer access here}}
auto ap2 = p; // expected-warning{{'ap2' is an unsafe pointer used for buffer access}} \ // In case the type is `auto *`, we know it must be a pointer. We can fix it.
auto * ap2 = a; // expected-warning{{'ap2' is an unsafe pointer used for buffer access}} \
expected-note{{change type of 'ap2' to 'std::span' to preserve bounds information}} expected-note{{change type of 'ap2' to 'std::span' to preserve bounds information}}
foo(ap2[1]); // expected-note{{used in buffer access here}} foo(ap2[1]); // expected-note{{used in buffer access here}}
auto ap3 = pp; // expected-warning{{'ap3' is an unsafe pointer used for buffer access}} \
expected-note{{change type of 'ap3' to 'std::span' to preserve bounds information}}
foo(ap3[1][1]); // expected-note{{used in buffer access here}}
// expected-warning@-1{{unsafe buffer access}}
auto ap4 = *pp; // expected-warning{{'ap4' is an unsafe pointer used for buffer access}} \
expected-note{{change type of 'ap4' to 'std::span' to preserve bounds information}}
foo(ap4[1]); // expected-note{{used in buffer access here}}
} }
void testUnevaluatedContext(int * p) {// no-warning void testUnevaluatedContext(int * p) {// no-warning
foo(sizeof(p[1]), // no-warning foo(sizeof(p[1]), // no-warning
sizeof(decltype(p[1]))); // no-warning sizeof(decltype(p[1]))); // no-warning
} }
// expected-note@+1{{change type of 'a' to 'std::span' to preserve bounds information}} // expected-note@+1{{change type of 'a' to 'std::span' to preserve bounds information}}
▲ Show 20 LinesShow All 277 Lines▼ Show 20 Lines
void testArrayPtrArithmetic(int x[]) { // expected-warning{{'x' is an unsafe pointer used for buffer access}} void testArrayPtrArithmetic(int x[]) { // expected-warning{{'x' is an unsafe pointer used for buffer access}}
foo (x + 3); // expected-note{{used in pointer arithmetic here}} foo (x + 3); // expected-note{{used in pointer arithmetic here}}
int y[3] = {0, 1, 2}; // expected-warning{{'y' is an unsafe buffer that does not perform bounds checks}} int y[3] = {0, 1, 2}; // expected-warning{{'y' is an unsafe buffer that does not perform bounds checks}}
foo(y + 4); // expected-note{{used in pointer arithmetic here}} foo(y + 4); // expected-note{{used in pointer arithmetic here}}
} }
void testMultiLineDeclStmt(int * p) { void testMultiLineDeclStmt(int * p) {
auto int
*
ap1 = p; // expected-warning{{'ap1' is an unsafe pointer used for buffer access}} \ ap1 = p; // expected-warning{{'ap1' is an unsafe pointer used for buffer access}} \
expected-note{{change type of 'ap1' to 'std::span' to preserve bounds information}} expected-note{{change type of 'ap1' to 'std::span' to preserve bounds information}}
foo(ap1[1]); // expected-note{{used in buffer access here}} foo(ap1[1]); // expected-note{{used in buffer access here}}
} }
#endif #endif