
<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">Thanks for writing the check! It would be better though, if you sent the code for pre-commit review, especially as you are adding a new check.</div><div class="gmail_quote">


<br></div><div class="gmail_quote">Did you run the check over the whole LLVM/Clang source code? Could you share the results? (Number of warnings and false-positive rate in a sample of a few tens of instances.)</div><div class="gmail_quote">


<br></div><div class="gmail_quote">On Tue, Jul 8, 2014 at 3:32 PM, Benjamin Kramer <span dir="ltr"><<a href="mailto:benny.kra@googlemail.com" target="_blank">benny.kra@googlemail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">


Author: d0k<br>

Date: Tue Jul  8 09:32:17 2014<br>

New Revision: 212535<br>

<br>

URL: <a href="http://llvm.org/viewvc/llvm-project?rev=212535&view=rev" target="_blank">http://llvm.org/viewvc/llvm-project?rev=212535&view=rev</a><br>

Log:<br>

[clang-tidy] Add a little checker for Twine locals in LLVM.<br>

<br>

Those often cause use after free bugs and should be generally avoided.<br>

Technically it is safe to have a Twine with >=2 components in a variable<br>

but I don't think it is a good pattern to follow. The almost trivial checker<br>

comes with elaborated fix-it hints that turn the Twine into a std::string<br>

if necessary and otherwise fall back to the original type if the Twine<br>

is created from a single value.<br>

<br>

Added:<br>

    clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.cpp<br>

    clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.h<br>

    clang-tools-extra/trunk/test/clang-tidy/llvm-twine-local.cpp<br>

Modified:<br>

    clang-tools-extra/trunk/clang-tidy/llvm/CMakeLists.txt<br>

    clang-tools-extra/trunk/clang-tidy/llvm/LLVMTidyModule.cpp<br>

<br>

Modified: clang-tools-extra/trunk/clang-tidy/llvm/CMakeLists.txt<br>

URL: <a href="http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clang-tidy/llvm/CMakeLists.txt?rev=212535&r1=212534&r2=212535&view=diff" target="_blank">http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clang-tidy/llvm/CMakeLists.txt?rev=212535&r1=212534&r2=212535&view=diff</a><br>


==============================================================================<br>

--- clang-tools-extra/trunk/clang-tidy/llvm/CMakeLists.txt (original)<br>

+++ clang-tools-extra/trunk/clang-tidy/llvm/CMakeLists.txt Tue Jul  8 09:32:17 2014<br>

@@ -4,6 +4,7 @@ add_clang_library(clangTidyLLVMModule<br>

   IncludeOrderCheck.cpp<br>

   LLVMTidyModule.cpp<br>

   NamespaceCommentCheck.cpp<br>

+  TwineLocalCheck.cpp<br>

<br>

   LINK_LIBS<br>

   clangAST<br>

<br>

Modified: clang-tools-extra/trunk/clang-tidy/llvm/LLVMTidyModule.cpp<br>

URL: <a href="http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clang-tidy/llvm/LLVMTidyModule.cpp?rev=212535&r1=212534&r2=212535&view=diff" target="_blank">http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clang-tidy/llvm/LLVMTidyModule.cpp?rev=212535&r1=212534&r2=212535&view=diff</a><br>


==============================================================================<br>

--- clang-tools-extra/trunk/clang-tidy/llvm/LLVMTidyModule.cpp (original)<br>

+++ clang-tools-extra/trunk/clang-tidy/llvm/LLVMTidyModule.cpp Tue Jul  8 09:32:17 2014<br>

@@ -12,6 +12,7 @@<br>

 #include "../ClangTidyModuleRegistry.h"<br>

 #include "IncludeOrderCheck.h"<br>

 #include "NamespaceCommentCheck.h"<br>

+#include "TwineLocalCheck.h"<br>

<br>

 namespace clang {<br>

 namespace tidy {<br>

@@ -24,6 +25,9 @@ public:<br>

     CheckFactories.addCheckFactory(<br>

         "llvm-namespace-comment",<br>

         new ClangTidyCheckFactory<NamespaceCommentCheck>());<br>

+    CheckFactories.addCheckFactory(<br>

+        "llvm-twine-local",<br>

+        new ClangTidyCheckFactory<TwineLocalCheck>());<br>

   }<br>

 };<br>

<br>

<br>

Added: clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.cpp<br>

URL: <a href="http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.cpp?rev=212535&view=auto" target="_blank">http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.cpp?rev=212535&view=auto</a><br>


==============================================================================<br>

--- clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.cpp (added)<br>

+++ clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.cpp Tue Jul  8 09:32:17 2014<br>

@@ -0,0 +1,64 @@<br>

+//===--- TwineLocalCheck.cpp - clang-tidy ---------------------------------===//<br>

+//<br>

+//                     The LLVM Compiler Infrastructure<br>

+//<br>

+// This file is distributed under the University of Illinois Open Source<br>

+// License. See LICENSE.TXT for details.<br>

+//<br>

+//===----------------------------------------------------------------------===//<br>

+<br>

+#include "TwineLocalCheck.h"<br>

+#include "clang/AST/ASTContext.h"<br>

+#include "clang/ASTMatchers/ASTMatchers.h"<br>

+#include "clang/Lex/Lexer.h"<br>

+#include "llvm/Support/raw_ostream.h"<br></blockquote><div><br></div><div>Is this header needed?</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">


+<br>

+using namespace clang::ast_matchers;<br>

+<br>

+namespace clang {<br>

+namespace tidy {<br>

+<br>

+TwineLocalCheck::TwineLocalCheck() {}<br>

+<br>

+void TwineLocalCheck::registerMatchers(MatchFinder *Finder) {<br>

+  auto TwineType =<br>

+      qualType(hasDeclaration(recordDecl(hasName("::llvm::Twine"))));<br>

+  Finder->addMatcher(varDecl(hasType(TwineType)).bind("variable"), this);<br>

+}<br>

+<br>

+void TwineLocalCheck::check(const MatchFinder::MatchResult &Result) {<br>

+  const VarDecl *VD = Result.Nodes.getNodeAs<VarDecl>("variable");<br>

+  auto Diag = diag(VD->getLocation(),<br>

+                   "twine variables are prone to use after free bugs");<br></blockquote><div><br></div><div>I'm not a native speaker, but "use-after-free" looks more correct to me.</div><div> </div>


<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">

+<br>

+  // If this VarDecl has an initializer try to fix it.<br>

+  if (VD->hasInit()) {<br>

+    // Peel away implicit constructors and casts so we can see the actual type<br>

+    // of the initializer.<br>

+    const Expr *C = VD->getInit();<br>

+    while (isa<CXXConstructExpr>(C))<br>

+      C = cast<CXXConstructExpr>(C)->getArg(0)->IgnoreParenImpCasts();<br></blockquote><div><br></div><div>Maybe</div><div>  while (auto Ctor = dyn_cast<CXXConstructExpr>(C))</div><div>    C = Ctor->getArg(0)->IgnoreParenImpCasts();</div>


<div>?</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">

+<br>

+    SourceRange TypeRange =<br>

+        VD->getTypeSourceInfo()->getTypeLoc().getSourceRange();<br>

+<br>

+    // A real Twine, turn it into a std::string.<br>

+    if (VD->getType()->getCanonicalTypeUnqualified() ==<br>

+        C->getType()->getCanonicalTypeUnqualified()) {<br>

+      SourceLocation EndLoc = Lexer::getLocForEndOfToken(<br>

+          VD->getInit()->getLocEnd(), 0, *Result.SourceManager,<br>

+          Result.Context->getLangOpts());<br>

+      Diag << FixItHint::CreateReplacement(TypeRange, "std::string")<br>

+           << FixItHint::CreateInsertion(VD->getInit()->getLocStart(), "(")<br>

+           << FixItHint::CreateInsertion(EndLoc, ").str()");<br>

+    } else {<br>

+      // Just an implicit conversion. Insert the real type.<br>

+      Diag << FixItHint::CreateReplacement(<br>

+          TypeRange,<br>

+          C->getType().getAsString(Result.Context->getPrintingPolicy()));<br>

+    }<br>

+  }<br>

+}<br>

+<br>

+} // namespace tidy<br>

+} // namespace clang<br>

<br>

Added: clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.h<br>

URL: <a href="http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.h?rev=212535&view=auto" target="_blank">http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.h?rev=212535&view=auto</a><br>


==============================================================================<br>

--- clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.h (added)<br>

+++ clang-tools-extra/trunk/clang-tidy/llvm/TwineLocalCheck.h Tue Jul  8 09:32:17 2014<br>

@@ -0,0 +1,31 @@<br>

+//===--- TwineLocalCheck.h - clang-tidy -------------------------*- C++ -*-===//<br>

+//<br>

+//                     The LLVM Compiler Infrastructure<br>

+//<br>

+// This file is distributed under the University of Illinois Open Source<br>

+// License. See LICENSE.TXT for details.<br>

+//<br>

+//===----------------------------------------------------------------------===//<br>

+<br>

+#ifndef LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_LLVM_TWINE_LOCAL_CHECK_H<br>

+#define LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_LLVM_TWINE_LOCAL_CHECK_H<br>

+<br>

+#include "../ClangTidy.h"<br>

+#include "llvm/Support/Regex.h"<br></blockquote><div><br></div><div>Do you need this include?</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">


+<br>

+namespace clang {<br>

+namespace tidy {<br>

+<br>

+/// \brief Looks for local Twine variables which are prone to use after frees<br>

+/// and should be generally avoided.<br>

+class TwineLocalCheck : public ClangTidyCheck {<br>

+public:<br>

+  TwineLocalCheck();<br>

+  void registerMatchers(ast_matchers::MatchFinder *Finder) override;<br>

+  void check(const ast_matchers::MatchFinder::MatchResult &Result) override;<br>

+};<br>

+<br>

+} // namespace tidy<br>

+} // namespace clang<br>

+<br>

+#endif // LLVM_CLANG_TOOLS_EXTRA_CLANG_TIDY_LLVM_TWINE_LOCAL_CHECK_H<br>

<br>

Added: clang-tools-extra/trunk/test/clang-tidy/llvm-twine-local.cpp<br>

URL: <a href="http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/test/clang-tidy/llvm-twine-local.cpp?rev=212535&view=auto" target="_blank">http://llvm.org/viewvc/llvm-project/clang-tools-extra/trunk/test/clang-tidy/llvm-twine-local.cpp?rev=212535&view=auto</a><br>


==============================================================================<br>

--- clang-tools-extra/trunk/test/clang-tidy/llvm-twine-local.cpp (added)<br>

+++ clang-tools-extra/trunk/test/clang-tidy/llvm-twine-local.cpp Tue Jul  8 09:32:17 2014<br>

@@ -0,0 +1,35 @@<br>

+// RUN: grep -Ev "// *[A-Z-]+:" %s > %t.cpp<br>

+// RUN: clang-tidy %t.cpp -checks='-*,llvm-twine-local' -fix -- > %t.msg 2>&1<br>

+// RUN: FileCheck -input-file=%t.cpp %s </blockquote><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">

+// RUN: FileCheck -input-file=%t.msg -check-prefix=CHECK-MESSAGES %s<br></blockquote><div><br></div><div>It's a nice idea to test both messages and fixes simultaneously. Maybe you can update check_clang_tidy_fix.sh and tests that use it?</div>


<div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">

+<br>

+namespace llvm {<br>

+class Twine {<br>

+public:<br>

+  Twine(const char *);<br>

+  Twine(int);<br>

+  Twine &operator+(const Twine &);<br>

+};<br>

+}<br>

+<br>

+using namespace llvm;<br>

+<br>

+void foo(const Twine &x);<br>

+<br>

+static Twine Moo = Twine("bark") + "bah";<br>

+// CHECK-MASSAGES: twine variables are prone to use after free bugs<br>

+// CHECK-MESSAGES: note: FIX-IT applied suggested code changes<br>

+// CHECK: static std::string Moo = (Twine("bark") + "bah").str();<br>

+<br>

+int main() {<br>

+  const Twine t = Twine("a") + "b" + Twine(42);<br>

+// CHECK-MASSAGES: twine variables are prone to use after free bugs<br>

+// CHECK-MESSAGES: note: FIX-IT applied suggested code changes<br>

+// CHECK: std::string t = (Twine("a") + "b" + Twine(42)).str();<br>

+  foo(Twine("a") + "b");<br>

+<br>

+  Twine Prefix = false ? "__INT_FAST" : "__UINT_FAST";<br>

+// CHECK-MASSAGES: twine variables are prone to use after free bugs<br>

+// CHECK-MESSAGES: note: FIX-IT applied suggested code changes<br>

+// CHECK: const char * Prefix = false ? "__INT_FAST" : "__UINT_FAST";<br>

+}<br>

<br>

<br>

_______________________________________________<br>

cfe-commits mailing list<br>

<a href="mailto:cfe-commits@cs.uiuc.edu" target="_blank">cfe-commits@cs.uiuc.edu</a><br>

<a href="http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits" target="_blank">http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits</a><br>

</blockquote></div><br>

</div></div>