[clang] [clang][analyzer] StdLibraryFunctionsChecker getcwd fix (PR #175794)

Tue, 13 Jan 2026 08:46:38 -0800 

llvmbot wrote:


<!--LLVM PR SUMMARY COMMENT-->
@llvm/pr-subscribers-clang-static-analyzer-1

@llvm/pr-subscribers-clang

Author: Balázs Kéri (balazske)

<details>
<summary>Changes</summary>

`StdLibraryFunctionsChecker` contained the following condition for `getcwd`:
```
           .Case({NotNull(0),
                  ArgumentCondition(1, WithinRange, Range(1, SizeMax)),
                  ReturnValueCondition(BO_EQ, ArgNo(0))},
                 ErrnoMustNotBeChecked, GenericSuccessMsg)
```
In this case argument 1 should be not zero and return value is set to be equal 
to argument 1. This would mean that return value is implicitly not zero. But 
for unknown reason (probably analyzer inaccuracy) it can occur that the return 
value is still assumable to be zero after this condition was applied. This 
results in false positive if `ErrnoChecker` is enabled because when the return 
value is 0 value of `errno` should be allowed to be read but in this case it is 
not.
The bug is fixed by adding an extra (theoretically redundant) condition for the 
return value to be non-zero.

---
Full diff: https://github.com/llvm/llvm-project/pull/175794.diff


1 Files Affected:

- (added) clang/test/Analysis/std-c-library-functions-char-uchar-conv.cpp (+28) 


``````````diff
diff --git a/clang/test/Analysis/std-c-library-functions-char-uchar-conv.cpp 
b/clang/test/Analysis/std-c-library-functions-char-uchar-conv.cpp
new file mode 100644
index 0000000000000..dcb233e072af4
--- /dev/null
+++ b/clang/test/Analysis/std-c-library-functions-char-uchar-conv.cpp
@@ -0,0 +1,28 @@
+// RUN: %clang_analyze_cc1 \
+// RUN:   -analyzer-checker=core,unix.StdCLibraryFunctions,unix.Errno \
+// RUN:   -analyzer-config unix.StdCLibraryFunctions:ModelPOSIX=true \
+// RUN:   -verify %s
+//
+// expected-no-diagnostics
+
+#include "Inputs/system-header-simulator-cxx.h"
+#include "Inputs/errno_var.h"
+
+char *getcwd(char *buf, size_t size);
+
+int main(int argc, char *argv[]) {
+  std::vector<char> charbuf;
+  if (!getcwd(charbuf.data(), charbuf.size() - 1)) {
+    if (errno == 2) {
+      return 1;
+    }
+  }
+
+  std::vector<unsigned char> ucharbuf;
+  if (!getcwd((char*)ucharbuf.data(), ucharbuf.size() - 1)) {
+    if (errno == 2) { // no (false) warning from unix.Errno on this line
+      return 1;
+    }
+  }
+  return 0;
+}

``````````

</details>


https://github.com/llvm/llvm-project/pull/175794
_______________________________________________
cfe-commits mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

Reply via email to