[cfe-commits] r46847 - in /cfe/trunk: Analysis/GRConstants.cpp Driver/ASTConsumers.cpp Driver/ASTConsumers.h Driver/clang.cpp include/clang/Analysis/Analyses/GRConstants.h include/clang/Basic/DiagnosticKinds.def
Ted Kremenek
kremenek at apple.com
Wed Feb 6 22:33:20 PST 2008
Author: kremenek
Date: Thu Feb 7 00:33:19 2008
New Revision: 46847
URL: http://llvm.org/viewvc/llvm-project?rev=46847&view=rev
Log:
Added proof-of-concept NULL pointer diagnostics to GRConstants.
Modified the driver to pass the Diagnostic object to GRConstants.
Modified:
cfe/trunk/Analysis/GRConstants.cpp
cfe/trunk/Driver/ASTConsumers.cpp
cfe/trunk/Driver/ASTConsumers.h
cfe/trunk/Driver/clang.cpp
cfe/trunk/include/clang/Analysis/Analyses/GRConstants.h
cfe/trunk/include/clang/Basic/DiagnosticKinds.def
Modified: cfe/trunk/Analysis/GRConstants.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/Analysis/GRConstants.cpp?rev=46847&r1=46846&r2=46847&view=diff
==============================================================================
--- cfe/trunk/Analysis/GRConstants.cpp (original)
+++ cfe/trunk/Analysis/GRConstants.cpp Thu Feb 7 00:33:19 2008
@@ -22,6 +22,7 @@
#include "clang/AST/Expr.h"
#include "clang/AST/ASTContext.h"
#include "clang/Analysis/Analyses/LiveVariables.h"
+#include "clang/Basic/Diagnostic.h"
#include "llvm/Support/Casting.h"
#include "llvm/Support/DataTypes.h"
@@ -133,8 +134,6 @@
bool StateCleaned;
- ASTContext& getContext() const { return G.getContext(); }
-
public:
GRConstants(GraphTy& g) : G(g), Liveness(G.getCFG(), G.getFunctionDecl()),
Builder(NULL),
@@ -148,6 +147,9 @@
Liveness.runOnAllBlocks(G.getCFG(), NULL, true);
}
+ /// getContext - Return the ASTContext associated with this analysis.
+ ASTContext& getContext() const { return G.getContext(); }
+
/// getCFG - Returns the CFG associated with this analysis.
CFG& getCFG() { return G.getCFG(); }
@@ -178,6 +180,9 @@
return N->isSink() && ExplicitNullDeref.count(const_cast<NodeTy*>(N)) != 0;
}
+ typedef NullDerefTy::iterator null_iterator;
+ null_iterator null_begin() { return ExplicitNullDeref.begin(); }
+ null_iterator null_end() { return ExplicitNullDeref.end(); }
/// ProcessStmt - Called by GREngine. Used to generate new successor
/// nodes by processing the 'effects' of a block-level statement.
@@ -1321,11 +1326,28 @@
#endif
namespace clang {
-void RunGRConstants(CFG& cfg, FunctionDecl& FD, ASTContext& Ctx) {
+void RunGRConstants(CFG& cfg, FunctionDecl& FD, ASTContext& Ctx,
+ Diagnostic& Diag) {
+
GREngine<GRConstants> Engine(cfg, FD, Ctx);
- Engine.ExecuteWorkList();
+ Engine.ExecuteWorkList();
+
+ // Look for explicit-Null dereferences and warn about them.
+ GRConstants* CheckerState = &Engine.getCheckerState();
+
+ for (GRConstants::null_iterator I=CheckerState->null_begin(),
+ E=CheckerState->null_end(); I!=E; ++I) {
+
+ const PostStmt& L = cast<PostStmt>((*I)->getLocation());
+ Expr* E = cast<Expr>(L.getStmt());
+
+ Diag.Report(FullSourceLoc(E->getExprLoc(), Ctx.getSourceManager()),
+ diag::chkr_null_deref_after_check);
+ }
+
+
#ifndef NDEBUG
- GraphPrintCheckerState = &Engine.getCheckerState();
+ GraphPrintCheckerState = CheckerState;
llvm::ViewGraph(*Engine.getGraph().roots_begin(),"GRConstants");
GraphPrintCheckerState = NULL;
#endif
Modified: cfe/trunk/Driver/ASTConsumers.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/Driver/ASTConsumers.cpp?rev=46847&r1=46846&r2=46847&view=diff
==============================================================================
--- cfe/trunk/Driver/ASTConsumers.cpp (original)
+++ cfe/trunk/Driver/ASTConsumers.cpp Thu Feb 7 00:33:19 2008
@@ -572,20 +572,22 @@
namespace {
class GRConstantsVisitor : public CFGVisitor {
+ Diagnostic &Diags;
ASTContext* Ctx;
public:
+ GRConstantsVisitor(Diagnostic &diags) : Diags(diags) {}
virtual void Initialize(ASTContext &Context) { Ctx = &Context; }
virtual void VisitCFG(CFG& C, FunctionDecl&);
};
} // end anonymous namespace
-ASTConsumer* clang::CreateGRConstants() {
- return new GRConstantsVisitor();
+ASTConsumer* clang::CreateGRConstants(Diagnostic &Diags) {
+ return new GRConstantsVisitor(Diags);
}
void GRConstantsVisitor::VisitCFG(CFG& C, FunctionDecl& FD) {
- RunGRConstants(C, FD, *Ctx);
+ RunGRConstants(C, FD, *Ctx, Diags);
}
//===----------------------------------------------------------------------===//
Modified: cfe/trunk/Driver/ASTConsumers.h
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/Driver/ASTConsumers.h?rev=46847&r1=46846&r2=46847&view=diff
==============================================================================
--- cfe/trunk/Driver/ASTConsumers.h (original)
+++ cfe/trunk/Driver/ASTConsumers.h Thu Feb 7 00:33:19 2008
@@ -41,7 +41,7 @@
ASTConsumer *CreateUnitValsChecker(Diagnostic &Diags);
-ASTConsumer *CreateGRConstants();
+ASTConsumer *CreateGRConstants(Diagnostic &Diags);
ASTConsumer *CreateCodeRewriterTest(const std::string& InFile,
Diagnostic &Diags);
Modified: cfe/trunk/Driver/clang.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/Driver/clang.cpp?rev=46847&r1=46846&r2=46847&view=diff
==============================================================================
--- cfe/trunk/Driver/clang.cpp (original)
+++ cfe/trunk/Driver/clang.cpp Thu Feb 7 00:33:19 2008
@@ -969,7 +969,7 @@
return CreateUnitValsChecker(Diag);
case AnalysisGRConstants:
- return CreateGRConstants();
+ return CreateGRConstants(Diag);
case TestSerialization:
return CreateSerializationTest(Diag, FileMgr, LangOpts);
Modified: cfe/trunk/include/clang/Analysis/Analyses/GRConstants.h
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/Analysis/Analyses/GRConstants.h?rev=46847&r1=46846&r2=46847&view=diff
==============================================================================
--- cfe/trunk/include/clang/Analysis/Analyses/GRConstants.h (original)
+++ cfe/trunk/include/clang/Analysis/Analyses/GRConstants.h Thu Feb 7 00:33:19 2008
@@ -18,12 +18,14 @@
#define LLVM_CLANG_GRCONSTANTS
namespace clang {
+ class Diagnostic;
/// RunGRConstants - This is a simple driver to run the GRConstants analysis
/// on a provided CFG. This interface will eventually be replaced with
/// something more elaborate as the requirements on the interface become
/// clearer.
- void RunGRConstants(CFG& cfg, FunctionDecl& FD, ASTContext& Ctx);
+ void RunGRConstants(CFG& cfg, FunctionDecl& FD, ASTContext& Ctx,
+ Diagnostic& Diag);
} // end clang namespace
Modified: cfe/trunk/include/clang/Basic/DiagnosticKinds.def
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/Basic/DiagnosticKinds.def?rev=46847&r1=46846&r2=46847&view=diff
==============================================================================
--- cfe/trunk/include/clang/Basic/DiagnosticKinds.def (original)
+++ cfe/trunk/include/clang/Basic/DiagnosticKinds.def Thu Feb 7 00:33:19 2008
@@ -954,5 +954,11 @@
DIAG(ext_return_has_expr, EXTENSION,
"void function '%0' should not return a value")
+//===----------------------------------------------------------------------===//
+// Static Analysis Warnings (Bug-Finding)
+//===----------------------------------------------------------------------===//
+
+DIAG(chkr_null_deref_after_check, ERROR,
+ "NULL pointer is dereferenced after it is checked for NULL.")
#undef DIAG
More information about the cfe-commits
mailing list