[C++ BoundsSafety] Fix false positives when pointer argument is a function call #11046
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR attempts to fix false positives in such an example:
The analysis needs to compare the size of
f(len)
, which is specified by__counted_by(n)
, with the expected count of the first argument ofcb
, which is specified by__counted_by(count)
. The comparison interprets the two comparands at two "call contexts" respectively: the countn
needs to be interpreted at the callf(len)
with a mapping{n -> len}
and the countcount
needs to be interpreted at the callcb(f(len), len)
with a mapping{p -> f(len), count -> len}
.The existing compare algorithm is extended from assuming only one comparand needs a substitution map to assuming both comparands need substitution maps.
rdar://155952016