<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Tue, Jul 8, 2014 at 4:49 PM, Benjamin Kramer <span dir="ltr"><<a href="mailto:benny.kra@gmail.com" target="_blank">benny.kra@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="">On Tue, Jul 8, 2014 at 5:33 PM, Alexander Kornienko <<a href="mailto:alexfh@google.com">alexfh@google.com</a>> wrote:<br>
> Thanks for writing the check! It would be better though, if you sent the<br>
> code for pre-commit review, especially as you are adding a new check.<br>
<br>
</div>I'll keep this in mind for later commits, thanks. This one is really<br>
trivial though and only applies to LLVM.<br></blockquote><div><br></div><div>I don't insist, but I'd appreciate if you sent clang-tidy patches for pre-commit review.</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class=""><br>
> Did you run the check over the whole LLVM/Clang source code? Could you share<br>
> the results? (Number of warnings and false-positive rate in a sample of a<br>
> few tens of instances.)<br>
<br>
</div>3 cases in LLVM, 2 of them real bugs. 4 in Clang, all harmless. Even<br>
though some of them are technically false positives I consider them<br>
all to be bad style. Twine is designed to be used in parameter lists<br>
*only*, let's keep it that way.<br>
<div><div class="h5"><br>
> On Tue, Jul 8, 2014 at 3:32 PM, Benjamin Kramer <<a href="mailto:benny.kra@googlemail.com">benny.kra@googlemail.com</a>><br>
> wrote:<br>
>><br>
>> Author: d0k<br>
>> Date: Tue Jul 8 09:32:17 2014<br>
>> New Revision: 212535<br>
>><br>
>> URL: <a href="http://llvm.org/viewvc/llvm-project?rev=212535&view=rev" target="_blank">http://llvm.org/viewvc/llvm-project?rev=212535&view=rev</a><br>
>> Log:<br>
>> [clang-tidy] Add a little checker for Twine locals in LLVM.<br>
>><br>
>> Those often cause use after free bugs and should be generally avoided.<br>
>> Technically it is safe to have a Twine with >=2 components in a variable<br>
>> but I don't think it is a good pattern to follow. The almost trivial<br>
>> checker<br>
>> comes with elaborated fix-it hints that turn the Twine into a std::string<br>
>> if necessary and otherwise fall back to the original type if the Twine<br>
>> is created from a single value.<br>
>><br>
>> Added:<br>
>> clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.cpp<br>
>> clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.h<br>
>> clang-tools-extra/trunk/test/clang-tidy/llvm-twine-local.cpp<br>
>> Modified:<br>
>> clang-tools-extra/trunk/clang-tidy/llvm/CMakeLists.txt<br>
>> clang-tools-extra/trunk/clang-tidy/llvm/LLVMTidyModule.cpp<br>
>><br>
>> Modified: clang-tools-extra/trunk/clang-tidy/llvm/CMakeLists.txt<br>
>> URL:<br>
>> <a href="http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clang-tidy/llvm/CMakeLists.txt?rev=212535&r1=212534&r2=212535&view=diff" target="_blank">http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clang-tidy/llvm/CMakeLists.txt?rev=212535&r1=212534&r2=212535&view=diff</a><br>
>><br>
>> ==============================================================================<br>
>> --- clang-tools-extra/trunk/clang-tidy/llvm/CMakeLists.txt (original)<br>
>> +++ clang-tools-extra/trunk/clang-tidy/llvm/CMakeLists.txt Tue Jul 8<br>
>> 09:32:17 2014<br>
>> @@ -4,6 +4,7 @@ add_clang_library(clangTidyLLVMModule<br>
>> IncludeOrderCheck.cpp<br>
>> LLVMTidyModule.cpp<br>
>> NamespaceCommentCheck.cpp<br>
>> + TwineLocalCheck.cpp<br>
>><br>
>> LINK_LIBS<br>
>> clangAST<br>
>><br>
>> Modified: clang-tools-extra/trunk/clang-tidy/llvm/LLVMTidyModule.cpp<br>
>> URL:<br>
>> <a href="http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clang-tidy/llvm/LLVMTidyModule.cpp?rev=212535&r1=212534&r2=212535&view=diff" target="_blank">http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clang-tidy/llvm/LLVMTidyModule.cpp?rev=212535&r1=212534&r2=212535&view=diff</a><br>
>><br>
>> ==============================================================================<br>
>> --- clang-tools-extra/trunk/clang-tidy/llvm/LLVMTidyModule.cpp (original)<br>
>> +++ clang-tools-extra/trunk/clang-tidy/llvm/LLVMTidyModule.cpp Tue Jul 8<br>
>> 09:32:17 2014<br>
>> @@ -12,6 +12,7 @@<br>
>> #include "../ClangTidyModuleRegistry.h"<br>
>> #include "IncludeOrderCheck.h"<br>
>> #include "NamespaceCommentCheck.h"<br>
>> +#include "TwineLocalCheck.h"<br>
>><br>
>> namespace clang {<br>
>> namespace tidy {<br>
>> @@ -24,6 +25,9 @@ public:<br>
>> CheckFactories.addCheckFactory(<br>
>> "llvm-namespace-comment",<br>
>> new ClangTidyCheckFactory<NamespaceCommentCheck>());<br>
>> + CheckFactories.addCheckFactory(<br>
>> + "llvm-twine-local",<br>
>> + new ClangTidyCheckFactory<TwineLocalCheck>());<br>
>> }<br>
>> };<br>
>><br>
>><br>
>> Added: clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.cpp<br>
>> URL:<br>
>> <a href="http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.cpp?rev=212535&view=auto" target="_blank">http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.cpp?rev=212535&view=auto</a><br>
>><br>
>> ==============================================================================<br>
>> --- clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.cpp (added)<br>
>> +++ clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.cpp Tue Jul 8<br>
>> 09:32:17 2014<br>
>> @@ -0,0 +1,64 @@<br>
>> +//===--- TwineLocalCheck.cpp - clang-tidy<br>
>> ---------------------------------===//<br>
>> +//<br>
>> +// The LLVM Compiler Infrastructure<br>
>> +//<br>
>> +// This file is distributed under the University of Illinois Open Source<br>
>> +// License. See LICENSE.TXT for details.<br>
>> +//<br>
>><br>
>> +//===----------------------------------------------------------------------===//<br>
>> +<br>
>> +#include "TwineLocalCheck.h"<br>
>> +#include "clang/AST/ASTContext.h"<br>
>> +#include "clang/ASTMatchers/ASTMatchers.h"<br>
>> +#include "clang/Lex/Lexer.h"<br>
>> +#include "llvm/Support/raw_ostream.h"<br>
><br>
><br>
> Is this header needed?<br>
<br>
</div></div>Nope.<br>
<div class=""><br>
><br>
>><br>
>> +<br>
>> +using namespace clang::ast_matchers;<br>
>> +<br>
>> +namespace clang {<br>
>> +namespace tidy {<br>
>> +<br>
>> +TwineLocalCheck::TwineLocalCheck() {}<br>
>> +<br>
>> +void TwineLocalCheck::registerMatchers(MatchFinder *Finder) {<br>
>> + auto TwineType =<br>
>> + qualType(hasDeclaration(recordDecl(hasName("::llvm::Twine"))));<br>
>> + Finder->addMatcher(varDecl(hasType(TwineType)).bind("variable"), this);<br>
>> +}<br>
>> +<br>
>> +void TwineLocalCheck::check(const MatchFinder::MatchResult &Result) {<br>
>> + const VarDecl *VD = Result.Nodes.getNodeAs<VarDecl>("variable");<br>
>> + auto Diag = diag(VD->getLocation(),<br>
>> + "twine variables are prone to use after free bugs");<br>
><br>
><br>
> I'm not a native speaker, but "use-after-free" looks more correct to me.<br>
<br>
</div>OK. I found the wording a bit difficult here because we're not dealing<br>
with a classic use after free but with a use after a stack temporary<br>
has been destroyed.<br>
<div class=""><br>
>><br>
>> +<br>
>> + // If this VarDecl has an initializer try to fix it.<br>
>> + if (VD->hasInit()) {<br>
>> + // Peel away implicit constructors and casts so we can see the actual<br>
>> type<br>
>> + // of the initializer.<br>
>> + const Expr *C = VD->getInit();<br>
>> + while (isa<CXXConstructExpr>(C))<br>
>> + C = cast<CXXConstructExpr>(C)->getArg(0)->IgnoreParenImpCasts();<br>
><br>
><br>
> Maybe<br>
> while (auto Ctor = dyn_cast<CXXConstructExpr>(C))<br>
> C = Ctor->getArg(0)->IgnoreParenImpCasts();<br>
> ?<br>
<br>
</div>That's indeed nicer.<br></blockquote><div><br></div><div>Feel free to change this if you agree ;)</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div><div class="h5">><br>
>> +<br>
>> + SourceRange TypeRange =<br>
>> + VD->getTypeSourceInfo()->getTypeLoc().getSourceRange();<br>
>> +<br>
>> + // A real Twine, turn it into a std::string.<br>
>> + if (VD->getType()->getCanonicalTypeUnqualified() ==<br>
>> + C->getType()->getCanonicalTypeUnqualified()) {<br>
>> + SourceLocation EndLoc = Lexer::getLocForEndOfToken(<br>
>> + VD->getInit()->getLocEnd(), 0, *Result.SourceManager,<br>
>> + Result.Context->getLangOpts());<br>
>> + Diag << FixItHint::CreateReplacement(TypeRange, "std::string")<br>
>> + << FixItHint::CreateInsertion(VD->getInit()->getLocStart(),<br>
>> "(")<br>
>> + << FixItHint::CreateInsertion(EndLoc, ").str()");<br>
>> + } else {<br>
>> + // Just an implicit conversion. Insert the real type.<br>
>> + Diag << FixItHint::CreateReplacement(<br>
>> + TypeRange,<br>
>> + C->getType().getAsString(Result.Context->getPrintingPolicy()));<br>
>> + }<br>
>> + }<br>
>> +}<br>
>> +<br>
>> +} // namespace tidy<br>
>> +} // namespace clang<br>
>><br>
>> Added: clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.h<br>
>> URL:<br>
>> <a href="http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.h?rev=212535&view=auto" target="_blank">http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.h?rev=212535&view=auto</a><br>
>><br>
>> ==============================================================================<br>
>> --- clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.h (added)<br>
>> +++ clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.h Tue Jul 8<br>
>> 09:32:17 2014<br>
>> @@ -0,0 +1,31 @@<br>
>> +//===--- TwineLocalCheck.h - clang-tidy -------------------------*- C++<br>
>> -*-===//<br>
>> +//<br>
>> +// The LLVM Compiler Infrastructure<br>
>> +//<br>
>> +// This file is distributed under the University of Illinois Open Source<br>
>> +// License. See LICENSE.TXT for details.<br>
>> +//<br>
>><br>
>> +//===----------------------------------------------------------------------===//<br>
>> +<br>
>> +#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_LLVM_TWINE_LOCAL_CHECK_H<br>
>> +#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_LLVM_TWINE_LOCAL_CHECK_H<br>
>> +<br>
>> +#include "../ClangTidy.h"<br>
>> +#include "llvm/Support/Regex.h"<br>
><br>
><br>
> Do you need this include?<br>
<br>
</div></div>Nope.<br>
<div><div class="h5">><br>
>><br>
>> +<br>
>> +namespace clang {<br>
>> +namespace tidy {<br>
>> +<br>
>> +/// \brief Looks for local Twine variables which are prone to use after<br>
>> frees<br>
>> +/// and should be generally avoided.<br>
>> +class TwineLocalCheck : public ClangTidyCheck {<br>
>> +public:<br>
>> + TwineLocalCheck();<br>
>> + void registerMatchers(ast_matchers::MatchFinder *Finder) override;<br>
>> + void check(const ast_matchers::MatchFinder::MatchResult &Result)<br>
>> override;<br>
>> +};<br>
>> +<br>
>> +} // namespace tidy<br>
>> +} // namespace clang<br>
>> +<br>
>> +#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_LLVM_TWINE_LOCAL_CHECK_H<br>
>><br>
>> Added: clang-tools-extra/trunk/test/clang-tidy/llvm-twine-local.cpp<br>
>> URL:<br>
>> <a href="http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/test/clang-tidy/llvm-twine-local.cpp?rev=212535&view=auto" target="_blank">http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/test/clang-tidy/llvm-twine-local.cpp?rev=212535&view=auto</a><br>
>><br>
>> ==============================================================================<br>
>> --- clang-tools-extra/trunk/test/clang-tidy/llvm-twine-local.cpp (added)<br>
>> +++ clang-tools-extra/trunk/test/clang-tidy/llvm-twine-local.cpp Tue Jul<br>
>> 8 09:32:17 2014<br>
>> @@ -0,0 +1,35 @@<br>
>> +// RUN: grep -Ev "// *[A-Z-]+:" %s > %t.cpp<br>
>> +// RUN: clang-tidy %t.cpp -checks='-*,llvm-twine-local' -fix -- > %t.msg<br>
>> 2>&1<br>
>> +// RUN: FileCheck -input-file=%t.cpp %s<br>
>><br>
>> +// RUN: FileCheck -input-file=%t.msg -check-prefix=CHECK-MESSAGES %s<br>
><br>
><br>
> It's a nice idea to test both messages and fixes simultaneously. Maybe you<br>
> can update check_clang_tidy_fix.sh and tests that use it?<br>
<br>
</div></div>For now I went with the easy route and just augmented<br>
check_clang_tidy_fix.sh to check messages if there are CHECK-MESSAGES<br>
check lines in the input.<br></blockquote><div><br></div><div>That's fine. Thanks!</div><div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
Thanks for the review, fixes submitted in r212540!<br>
- Ben<br>
<div class="HOEnZb"><div class="h5"><br>
><br>
>><br>
>> +<br>
>> +namespace llvm {<br>
>> +class Twine {<br>
>> +public:<br>
>> + Twine(const char *);<br>
>> + Twine(int);<br>
>> + Twine &operator+(const Twine &);<br>
>> +};<br>
>> +}<br>
>> +<br>
>> +using namespace llvm;<br>
>> +<br>
>> +void foo(const Twine &x);<br>
>> +<br>
>> +static Twine Moo = Twine("bark") + "bah";<br>
>> +// CHECK-MASSAGES: twine variables are prone to use after free bugs<br>
>> +// CHECK-MESSAGES: note: FIX-IT applied suggested code changes<br>
>> +// CHECK: static std::string Moo = (Twine("bark") + "bah").str();<br>
>> +<br>
>> +int main() {<br>
>> + const Twine t = Twine("a") + "b" + Twine(42);<br>
>> +// CHECK-MASSAGES: twine variables are prone to use after free bugs<br>
>> +// CHECK-MESSAGES: note: FIX-IT applied suggested code changes<br>
>> +// CHECK: std::string t = (Twine("a") + "b" + Twine(42)).str();<br>
>> + foo(Twine("a") + "b");<br>
>> +<br>
>> + Twine Prefix = false ? "__INT_FAST" : "__UINT_FAST";<br>
>> +// CHECK-MASSAGES: twine variables are prone to use after free bugs<br>
>> +// CHECK-MESSAGES: note: FIX-IT applied suggested code changes<br>
>> +// CHECK: const char * Prefix = false ? "__INT_FAST" : "__UINT_FAST";<br>
>> +}<br>
>><br>
>><br>
>> _______________________________________________<br>
>> cfe-commits mailing list<br>
>> <a href="mailto:cfe-commits@cs.uiuc.edu">cfe-commits@cs.uiuc.edu</a><br>
>> <a href="http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits" target="_blank">http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits</a><br>
><br>
></div></div></blockquote></div>
</div></div>