From 9cd08c86d9306189919fa9175538b06f9d223cfb Mon Sep 17 00:00:00 2001 From: Sungkeun Cho Date: Thu, 31 Oct 2024 08:50:45 -0700 Subject: [PATCH] [co_return] Translate co_return as return in the frontend Summary: This diff translate the co_return as the normal return in the frontend, so that it can have an edge to the exit node. Reviewed By: jvillard Differential Revision: D65275166 fbshipit-source-id: 785b1a2493fafd27894bea56479bcc185a570a15 --- infer/src/clang/cTrans.ml | 16 +++++++++++++--- infer/tests/codetoanalyze/cpp/pulse-20/coro.cpp | 2 +- .../tests/codetoanalyze/cpp/pulse-20/issues.exp | 1 - 3 files changed, 14 insertions(+), 5 deletions(-) diff --git a/infer/src/clang/cTrans.ml b/infer/src/clang/cTrans.ml index 20ba7f74541..02f6e06ff7b 100644 --- a/infer/src/clang/cTrans.ml +++ b/infer/src/clang/cTrans.ml @@ -4776,9 +4776,19 @@ module CTrans_funct (F : CModule_type.CFrontend) : CModule_type.CTranslation = s and coreturnStmt_trans trans_state stmt_info operand_opt promise_call_opt = - let args = Option.to_list operand_opt @ Option.to_list promise_call_opt in - call_function_with_args Procdesc.Node.ReturnStmt BuiltinDecl.__builtin_cxx_co_return trans_state - stmt_info StdTyp.void args + let sil_loc = + CLocation.location_of_stmt_info trans_state.context.translation_unit_context.source_file + stmt_info + in + PriorityNode.force_sequential sil_loc ReturnStmt trans_state stmt_info + ~mk_first_opt:(fun trans_state stmt_info -> + let args = Option.to_list operand_opt @ Option.to_list promise_call_opt in + Some + (call_function_with_args Procdesc.Node.ReturnStmt BuiltinDecl.__builtin_cxx_co_return + trans_state stmt_info StdTyp.void args ) ) + ~mk_second:(fun trans_state stmt_info -> + returnStmt_trans trans_state stmt_info [Clang_ast_t.ReturnStmt (stmt_info, [])] ) + ~mk_return:(fun ~fst ~snd:_ -> fst.return) and coroutineSuspendExpr_trans trans_state stmt_info expr_info cse_operand = diff --git a/infer/tests/codetoanalyze/cpp/pulse-20/coro.cpp b/infer/tests/codetoanalyze/cpp/pulse-20/coro.cpp index 3f0558fa2a5..a4095b147b9 100644 --- a/infer/tests/codetoanalyze/cpp/pulse-20/coro.cpp +++ b/infer/tests/codetoanalyze/cpp/pulse-20/coro.cpp @@ -87,7 +87,7 @@ Task makeRequestToSink_bad() { co_return co_await co_get_something(request); } -Task optional_co_return_ok_FP() { +Task optional_co_return_ok() { std::optional optional_field = std::nullopt; if (!optional_field.has_value()) { co_return "abc"; diff --git a/infer/tests/codetoanalyze/cpp/pulse-20/issues.exp b/infer/tests/codetoanalyze/cpp/pulse-20/issues.exp index 459f32f6081..47800f45abf 100644 --- a/infer/tests/codetoanalyze/cpp/pulse-20/issues.exp +++ b/infer/tests/codetoanalyze/cpp/pulse-20/issues.exp @@ -1,5 +1,4 @@ codetoanalyze/cpp/pulse-20/coro.cpp, coro::do_coroutine_stuff_then_npe_bad, 5, NULLPTR_DEREFERENCE, no_bucket, ERROR, [is assigned to the null pointer,assigned,invalid access occurs here] codetoanalyze/cpp/pulse-20/coro.cpp, coro::FP_do_coroutine_stuff_then_npe_unless_semantics_accurate_bad, 6, NULLPTR_DEREFERENCE, no_bucket, ERROR, [is assigned to the null pointer,assigned,invalid access occurs here] codetoanalyze/cpp/pulse-20/coro.cpp, coro::makeRequestToSink_bad, 2, TAINT_ERROR, no_bucket, ERROR, [source of the taint here: value returned from `coro::makeRequest` with kind `SimpleSource`,in call to function `__builtin_cxx_co_await` with no summary,when calling `coro::co_get_something` here,flows to this sink: value passed as argument `#0` to `coro::requestSink` with kind `SimpleSink`], source: coro::makeRequest, sink: coro::requestSink, tainted expression: request -codetoanalyze/cpp/pulse-20/coro.cpp, coro::optional_co_return_ok_FP, 5, OPTIONAL_EMPTY_ACCESS, no_bucket, ERROR, [in call to `std::optional::optional(=nullopt)` (modelled),is assigned an empty value,invalid access occurs here] codetoanalyze/cpp/pulse-20/std_exchange.cpp, std_exchange_semantics_bad, 6, NULLPTR_DEREFERENCE, no_bucket, ERROR, [is assigned to the null pointer,assigned,invalid access occurs here]