[Analyzer] Split container modeling from iterator modeling (9a08a3fa) · Commits · llvm-doe / llvm-project

clang/include/clang/StaticAnalyzer/Checkers/Checkers.td

+12 −1

Original line number	Diff line number	Diff line
		@@ -602,6 +602,11 @@ def VirtualCallChecker : Checker<"VirtualCall">,

		let ParentPackage = CplusplusAlpha in {

		def ContainerModeling : Checker<"ContainerModeling">,
		HelpText<"Models C++ containers">,
		Documentation<NotDocumented>,
		Hidden;

		def DeleteWithNonVirtualDtorChecker : Checker<"DeleteWithNonVirtualDtor">,
		HelpText<"Reports destructions of polymorphic objects with a non-virtual "
		"destructor in their base class">,
		@@ -613,6 +618,7 @@ def EnumCastOutOfRangeChecker : Checker<"EnumCastOutOfRange">,

		def IteratorModeling : Checker<"IteratorModeling">,
		HelpText<"Models iterators of C++ containers">,
		Dependencies<[ContainerModeling]>,
		Documentation<NotDocumented>,
		Hidden;

		@@ -1373,9 +1379,14 @@ def ReportStmts : Checker<"ReportStmts">,
		HelpText<"Emits a warning for every statement.">,
		Documentation<NotDocumented>;

		def DebugContainerModeling : Checker<"DebugContainerModeling">,
		HelpText<"Check the analyzer's understanding of C++ containers">,
		Dependencies<[ContainerModeling]>,
		Documentation<NotDocumented>;

		def DebugIteratorModeling : Checker<"DebugIteratorModeling">,
		HelpText<"Check the analyzer's understanding of C++ iterators">,
		Dependencies<[IteratorModeling]>,
		Dependencies<[DebugContainerModeling, IteratorModeling]>,
		Documentation<NotDocumented>;

		} // end "debug"

clang/lib/StaticAnalyzer/Checkers/CMakeLists.txt

+2 −0

Original line number	Diff line number	Diff line
		@@ -25,10 +25,12 @@ add_clang_library(clangStaticAnalyzerCheckers
		CheckerDocumentation.cpp
		ChrootChecker.cpp
		CloneChecker.cpp
		ContainerModeling.cpp
		ConversionChecker.cpp
		CXXSelfAssignmentChecker.cpp
		DeadStoresChecker.cpp
		DebugCheckers.cpp
		DebugContainerModeling.cpp
		DebugIteratorModeling.cpp
		DeleteWithNonVirtualDtorChecker.cpp
		DereferenceChecker.cpp

clang/lib/StaticAnalyzer/Checkers/ContainerModeling.cpp

0 → 100644

+1040 −0

File added.

Preview size limit exceeded, changes collapsed.

clang/lib/StaticAnalyzer/Checkers/DebugContainerModeling.cpp

0 → 100644

+138 −0

Original line number	Diff line number	Diff line
		//==-- DebugContainerModeling.cpp ---------------------------------- C++ ---//
		//
		// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
		// See https://llvm.org/LICENSE.txt for license information.
		// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
		//
		//===----------------------------------------------------------------------===//
		//
		// Defines a checker for debugging iterator modeling.
		//
		//===----------------------------------------------------------------------===//

		#include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h"
		#include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
		#include "clang/StaticAnalyzer/Core/Checker.h"
		#include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h"
		#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"

		#include "Iterator.h"

		using namespace clang;
		using namespace ento;
		using namespace iterator;

		namespace {

		class DebugContainerModeling
		: public Checker<eval::Call> {

		std::unique_ptr<BugType> DebugMsgBugType;

		template <typename Getter>
		void analyzerContainerDataField(const CallExpr *CE, CheckerContext &C,
		Getter get) const;
		void analyzerContainerBegin(const CallExpr *CE, CheckerContext &C) const;
		void analyzerContainerEnd(const CallExpr *CE, CheckerContext &C) const;
		ExplodedNode *reportDebugMsg(llvm::StringRef Msg, CheckerContext &C) const;

		typedef void (DebugContainerModeling::FnCheck)(const CallExpr ,
		CheckerContext &) const;

		CallDescriptionMap<FnCheck> Callbacks = {
		{{0, "clang_analyzer_container_begin", 1},
		&DebugContainerModeling::analyzerContainerBegin},
		{{0, "clang_analyzer_container_end", 1},
		&DebugContainerModeling::analyzerContainerEnd},
		};

		public:
		DebugContainerModeling();

		bool evalCall(const CallEvent &Call, CheckerContext &C) const;
		};

		} //namespace

		DebugContainerModeling::DebugContainerModeling() {
		DebugMsgBugType.reset(
		new BugType(this, "Checking analyzer assumptions", "debug",
		/SuppressOnSink=/true));
		}

		bool DebugContainerModeling::evalCall(const CallEvent &Call,
		CheckerContext &C) const {
		const auto *CE = dyn_cast_or_null<CallExpr>(Call.getOriginExpr());
		if (!CE)
		return false;

		const FnCheck *Handler = Callbacks.lookup(Call);
		if (!Handler)
		return false;

		(this->**Handler)(CE, C);
		return true;
		}

		template <typename Getter>
		void DebugContainerModeling::analyzerContainerDataField(const CallExpr *CE,
		CheckerContext &C,
		Getter get) const {
		if (CE->getNumArgs() == 0) {
		reportDebugMsg("Missing container argument", C);
		return;
		}

		auto State = C.getState();
		const MemRegion *Cont = C.getSVal(CE->getArg(0)).getAsRegion();
		if (Cont) {
		const auto *Data = getContainerData(State, Cont);
		if (Data) {
		SymbolRef Field = get(Data);
		if (Field) {
		State = State->BindExpr(CE, C.getLocationContext(),
		nonloc::SymbolVal(Field));
		C.addTransition(State);
		return;
		}
		}
		}

		auto &BVF = C.getSValBuilder().getBasicValueFactory();
		State = State->BindExpr(CE, C.getLocationContext(),
		nonloc::ConcreteInt(BVF.getValue(llvm::APSInt::get(0))));
		}

		void DebugContainerModeling::analyzerContainerBegin(const CallExpr *CE,
		CheckerContext &C) const {
		analyzerContainerDataField(CE, C, [](const ContainerData *D) {
		return D->getBegin();
		});
		}

		void DebugContainerModeling::analyzerContainerEnd(const CallExpr *CE,
		CheckerContext &C) const {
		analyzerContainerDataField(CE, C, [](const ContainerData *D) {
		return D->getEnd();
		});
		}

		ExplodedNode *DebugContainerModeling::reportDebugMsg(llvm::StringRef Msg,
		CheckerContext &C) const {
		ExplodedNode *N = C.generateNonFatalErrorNode();
		if (!N)
		return nullptr;

		auto &BR = C.getBugReporter();
		BR.emitReport(std::make_unique<PathSensitiveBugReport>(*DebugMsgBugType,
		Msg, N));
		return N;
		}

		void ento::registerDebugContainerModeling(CheckerManager &mgr) {
		mgr.registerChecker<DebugContainerModeling>();
		}

		bool ento::shouldRegisterDebugContainerModeling(const LangOptions &LO) {
		return true;
		}

clang/lib/StaticAnalyzer/Checkers/DebugIteratorModeling.cpp

+0 −52

Original line number	Diff line number	Diff line
		@@ -29,11 +29,6 @@ class DebugIteratorModeling

		std::unique_ptr<BugType> DebugMsgBugType;

		template <typename Getter>
		void analyzerContainerDataField(const CallExpr *CE, CheckerContext &C,
		Getter get) const;
		void analyzerContainerBegin(const CallExpr *CE, CheckerContext &C) const;
		void analyzerContainerEnd(const CallExpr *CE, CheckerContext &C) const;
		template <typename Getter>
		void analyzerIteratorDataField(const CallExpr *CE, CheckerContext &C,
		Getter get, SVal Default) const;
		@@ -46,10 +41,6 @@ class DebugIteratorModeling
		CheckerContext &) const;

		CallDescriptionMap<FnCheck> Callbacks = {
		{{0, "clang_analyzer_container_begin", 1},
		&DebugIteratorModeling::analyzerContainerBegin},
		{{0, "clang_analyzer_container_end", 1},
		&DebugIteratorModeling::analyzerContainerEnd},
		{{0, "clang_analyzer_iterator_position", 1},
		&DebugIteratorModeling::analyzerIteratorPosition},
		{{0, "clang_analyzer_iterator_container", 1},
		@@ -86,49 +77,6 @@ bool DebugIteratorModeling::evalCall(const CallEvent &Call,
		return true;
		}

		template <typename Getter>
		void DebugIteratorModeling::analyzerContainerDataField(const CallExpr *CE,
		CheckerContext &C,
		Getter get) const {
		if (CE->getNumArgs() == 0) {
		reportDebugMsg("Missing container argument", C);
		return;
		}

		auto State = C.getState();
		const MemRegion *Cont = C.getSVal(CE->getArg(0)).getAsRegion();
		if (Cont) {
		const auto *Data = getContainerData(State, Cont);
		if (Data) {
		SymbolRef Field = get(Data);
		if (Field) {
		State = State->BindExpr(CE, C.getLocationContext(),
		nonloc::SymbolVal(Field));
		C.addTransition(State);
		return;
		}
		}
		}

		auto &BVF = C.getSValBuilder().getBasicValueFactory();
		State = State->BindExpr(CE, C.getLocationContext(),
		nonloc::ConcreteInt(BVF.getValue(llvm::APSInt::get(0))));
		}

		void DebugIteratorModeling::analyzerContainerBegin(const CallExpr *CE,
		CheckerContext &C) const {
		analyzerContainerDataField(CE, C, [](const ContainerData *D) {
		return D->getBegin();
		});
		}

		void DebugIteratorModeling::analyzerContainerEnd(const CallExpr *CE,
		CheckerContext &C) const {
		analyzerContainerDataField(CE, C, [](const ContainerData *D) {
		return D->getEnd();
		});
		}

		template <typename Getter>
		void DebugIteratorModeling::analyzerIteratorDataField(const CallExpr *CE,
		CheckerContext &C,