[cfe-commits] r46847 - in /cfe/trunk: Analysis/GRConstants.cpp Driver/ASTConsumers.cpp Driver/ASTConsumers.h Driver/clang.cpp include/clang/Analysis/Analyses/GRConstants.h include/clang/Basic/DiagnosticKinds.def

Ted Kremenek kremenek at apple.com
Wed Feb 6 22:33:20 PST 2008 

Author: kremenek
Date: Thu Feb  7 00:33:19 2008
New Revision: 46847

URL: http://llvm.org/viewvc/llvm-project?rev=46847&view=rev
Log:
Added proof-of-concept NULL pointer diagnostics to GRConstants.
Modified the driver to pass the Diagnostic object to GRConstants.

Modified:
    cfe/trunk/Analysis/GRConstants.cpp
    cfe/trunk/Driver/ASTConsumers.cpp
    cfe/trunk/Driver/ASTConsumers.h
    cfe/trunk/Driver/clang.cpp
    cfe/trunk/include/clang/Analysis/Analyses/GRConstants.h
    cfe/trunk/include/clang/Basic/DiagnosticKinds.def

Modified: cfe/trunk/Analysis/GRConstants.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/Analysis/GRConstants.cpp?rev=46847&r1=46846&r2=46847&view=diff

==============================================================================
--- cfe/trunk/Analysis/GRConstants.cpp (original)
+++ cfe/trunk/Analysis/GRConstants.cpp Thu Feb  7 00:33:19 2008
@@ -22,6 +22,7 @@
 #include "clang/AST/Expr.h"
 #include "clang/AST/ASTContext.h"
 #include "clang/Analysis/Analyses/LiveVariables.h"
+#include "clang/Basic/Diagnostic.h"
 
 #include "llvm/Support/Casting.h"
 #include "llvm/Support/DataTypes.h"
@@ -133,8 +134,6 @@
   
   bool StateCleaned;
   
-  ASTContext& getContext() const { return G.getContext(); }
-  
 public:
   GRConstants(GraphTy& g) : G(g), Liveness(G.getCFG(), G.getFunctionDecl()),
       Builder(NULL),
@@ -148,6 +147,9 @@
     Liveness.runOnAllBlocks(G.getCFG(), NULL, true);
   }
   
+  /// getContext - Return the ASTContext associated with this analysis.
+  ASTContext& getContext() const { return G.getContext(); }
+  
   /// getCFG - Returns the CFG associated with this analysis.
   CFG& getCFG() { return G.getCFG(); }
   
@@ -178,6 +180,9 @@
     return N->isSink() && ExplicitNullDeref.count(const_cast<NodeTy*>(N)) != 0;
   }
   
+  typedef NullDerefTy::iterator null_iterator;
+  null_iterator null_begin() { return ExplicitNullDeref.begin(); }
+  null_iterator null_end() { return ExplicitNullDeref.end(); }
 
   /// ProcessStmt - Called by GREngine. Used to generate new successor
   ///  nodes by processing the 'effects' of a block-level statement.
@@ -1321,11 +1326,28 @@
 #endif
 
 namespace clang {
-void RunGRConstants(CFG& cfg, FunctionDecl& FD, ASTContext& Ctx) {
+void RunGRConstants(CFG& cfg, FunctionDecl& FD, ASTContext& Ctx,
+                    Diagnostic& Diag) {
+  
   GREngine<GRConstants> Engine(cfg, FD, Ctx);
-  Engine.ExecuteWorkList();  
+  Engine.ExecuteWorkList();
+  
+  // Look for explicit-Null dereferences and warn about them.
+  GRConstants* CheckerState = &Engine.getCheckerState();
+  
+  for (GRConstants::null_iterator I=CheckerState->null_begin(),
+                                  E=CheckerState->null_end(); I!=E; ++I) {
+    
+    const PostStmt& L = cast<PostStmt>((*I)->getLocation());
+    Expr* E = cast<Expr>(L.getStmt());
+    
+    Diag.Report(FullSourceLoc(E->getExprLoc(), Ctx.getSourceManager()),
+                diag::chkr_null_deref_after_check);
+  }
+  
+  
 #ifndef NDEBUG
-  GraphPrintCheckerState = &Engine.getCheckerState();
+  GraphPrintCheckerState = CheckerState;
   llvm::ViewGraph(*Engine.getGraph().roots_begin(),"GRConstants");
   GraphPrintCheckerState = NULL;
 #endif  

Modified: cfe/trunk/Driver/ASTConsumers.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/Driver/ASTConsumers.cpp?rev=46847&r1=46846&r2=46847&view=diff

==============================================================================
--- cfe/trunk/Driver/ASTConsumers.cpp (original)
+++ cfe/trunk/Driver/ASTConsumers.cpp Thu Feb  7 00:33:19 2008
@@ -572,20 +572,22 @@
 
 namespace {
   class GRConstantsVisitor : public CFGVisitor {
+    Diagnostic &Diags;
     ASTContext* Ctx;
   public:
+    GRConstantsVisitor(Diagnostic &diags) : Diags(diags) {}
     
     virtual void Initialize(ASTContext &Context) { Ctx = &Context; }    
     virtual void VisitCFG(CFG& C, FunctionDecl&);
   };
 } // end anonymous namespace
 
-ASTConsumer* clang::CreateGRConstants() {
-  return new GRConstantsVisitor();
+ASTConsumer* clang::CreateGRConstants(Diagnostic &Diags) {
+  return new GRConstantsVisitor(Diags);
 }
 
 void GRConstantsVisitor::VisitCFG(CFG& C, FunctionDecl& FD) {
-  RunGRConstants(C, FD, *Ctx);
+  RunGRConstants(C, FD, *Ctx, Diags);
 }
 
 //===----------------------------------------------------------------------===//

Modified: cfe/trunk/Driver/ASTConsumers.h
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/Driver/ASTConsumers.h?rev=46847&r1=46846&r2=46847&view=diff

==============================================================================
--- cfe/trunk/Driver/ASTConsumers.h (original)
+++ cfe/trunk/Driver/ASTConsumers.h Thu Feb  7 00:33:19 2008
@@ -41,7 +41,7 @@
 
 ASTConsumer *CreateUnitValsChecker(Diagnostic &Diags);
   
-ASTConsumer *CreateGRConstants();
+ASTConsumer *CreateGRConstants(Diagnostic &Diags);
 
 ASTConsumer *CreateCodeRewriterTest(const std::string& InFile,
                                     Diagnostic &Diags);

Modified: cfe/trunk/Driver/clang.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/Driver/clang.cpp?rev=46847&r1=46846&r2=46847&view=diff

==============================================================================
--- cfe/trunk/Driver/clang.cpp (original)
+++ cfe/trunk/Driver/clang.cpp Thu Feb  7 00:33:19 2008
@@ -969,7 +969,7 @@
       return CreateUnitValsChecker(Diag);
       
     case AnalysisGRConstants:
-      return CreateGRConstants();
+      return CreateGRConstants(Diag);
       
     case TestSerialization:
       return CreateSerializationTest(Diag, FileMgr, LangOpts);

Modified: cfe/trunk/include/clang/Analysis/Analyses/GRConstants.h
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/Analysis/Analyses/GRConstants.h?rev=46847&r1=46846&r2=46847&view=diff

==============================================================================
--- cfe/trunk/include/clang/Analysis/Analyses/GRConstants.h (original)
+++ cfe/trunk/include/clang/Analysis/Analyses/GRConstants.h Thu Feb  7 00:33:19 2008
@@ -18,12 +18,14 @@
 #define LLVM_CLANG_GRCONSTANTS
 
 namespace clang {
+  class Diagnostic;
   
   /// RunGRConstants - This is a simple driver to run the GRConstants analysis
   ///  on a provided CFG.  This interface will eventually be replaced with
   ///  something more elaborate as the requirements on the interface become
   ///  clearer.
-  void RunGRConstants(CFG& cfg, FunctionDecl& FD, ASTContext& Ctx);
+  void RunGRConstants(CFG& cfg, FunctionDecl& FD, ASTContext& Ctx,
+                      Diagnostic& Diag);
   
 } // end clang namespace
 

Modified: cfe/trunk/include/clang/Basic/DiagnosticKinds.def
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/Basic/DiagnosticKinds.def?rev=46847&r1=46846&r2=46847&view=diff

==============================================================================
--- cfe/trunk/include/clang/Basic/DiagnosticKinds.def (original)
+++ cfe/trunk/include/clang/Basic/DiagnosticKinds.def Thu Feb  7 00:33:19 2008
@@ -954,5 +954,11 @@
 DIAG(ext_return_has_expr, EXTENSION,
      "void function '%0' should not return a value")
 
+//===----------------------------------------------------------------------===//
+// Static Analysis Warnings (Bug-Finding)
+//===----------------------------------------------------------------------===//
+
+DIAG(chkr_null_deref_after_check, ERROR,
+    "NULL pointer is dereferenced after it is checked for NULL.")
 
 #undef DIAG

More information about the cfe-commits mailing list