Skip to content

[analyzer] CDM::CXXMethod mode CallDescription matching causes serious regressions and FNs #99628

@steakhal

Description

@steakhal

Turns out the recent (#90974) CallDescription matching improvements can cause regressions when using standard library implementations where method we want to match comes from an implementation specific base class, such as in this example:
https://compiler-explorer.com/z/ErMbhxfPv

unsigned int sleep(unsigned int seconds);
namespace std {
class __mutex_base {
public:
  void lock();
};
class mutex : public __mutex_base{
public:
  void unlock();
  bool try_lock();
};
}

void top() {
  std::mutex m;
  m.lock();
  sleep(3); // caught by clang-18, FN for clang-19
  m.unlock();
}

In this case, the BlockInCriticalSectionChecker wants to match the std::mutex::lock and std::mutex::unlock member functions using the CDM::CXXMethod matching mode. However, one could only match the lock by std::__mutex_base::lock, causing a mismatch.

This issue is more generic and not entirely specific to this checker. I expect similar bugs to happen for any other checker using CDM::CXXMethod.

If we don't do about this, we are going to have a serious regression in the clang-19 release.

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions