[cfe-commits] r126522 - in /cfe/trunk/lib/StaticAnalyzer/Checkers: CMakeLists.txt Checkers.td StackAddrEscapeChecker.cpp StackAddrLeakChecker.cpp
Ted Kremenek
kremenek at apple.com
Fri Feb 25 14:00:43 PST 2011
Author: kremenek
Date: Fri Feb 25 16:00:43 2011
New Revision: 126522
URL: http://llvm.org/viewvc/llvm-project?rev=126522&view=rev
Log:
Tidy up help text in Checkers.td, and rename StackAddrLeakChecker to StackAddrEscapeChecker.
Added:
cfe/trunk/lib/StaticAnalyzer/Checkers/StackAddrEscapeChecker.cpp
- copied, changed from r126521, cfe/trunk/lib/StaticAnalyzer/Checkers/StackAddrLeakChecker.cpp
Removed:
cfe/trunk/lib/StaticAnalyzer/Checkers/StackAddrLeakChecker.cpp
Modified:
cfe/trunk/lib/StaticAnalyzer/Checkers/CMakeLists.txt
cfe/trunk/lib/StaticAnalyzer/Checkers/Checkers.td
Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/CMakeLists.txt
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/CMakeLists.txt?rev=126522&r1=126521&r2=126522&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Checkers/CMakeLists.txt (original)
+++ cfe/trunk/lib/StaticAnalyzer/Checkers/CMakeLists.txt Fri Feb 25 16:00:43 2011
@@ -27,8 +27,8 @@
DebugCheckers.cpp
DereferenceChecker.cpp
DivZeroChecker.cpp
- ExprEngine.cpp
ExperimentalChecks.cpp
+ ExprEngine.cpp
FixedAddressChecker.cpp
IdempotentOperationChecker.cpp
LLVMConventionsChecker.cpp
@@ -46,7 +46,7 @@
PthreadLockChecker.cpp
ReturnPointerRangeChecker.cpp
ReturnUndefChecker.cpp
- StackAddrLeakChecker.cpp
+ StackAddrEscapeChecker.cpp
StreamChecker.cpp
UndefBranchChecker.cpp
UndefCapturedBlockVarChecker.cpp
Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/Checkers.td
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/Checkers.td?rev=126522&r1=126521&r2=126522&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Checkers/Checkers.td (original)
+++ cfe/trunk/lib/StaticAnalyzer/Checkers/Checkers.td Fri Feb 25 16:00:43 2011
@@ -59,8 +59,8 @@
HelpText<"Check for sending 'retain', 'release', or 'autorelease' directly to a Class">,
DescFile<"BasicObjCFoundationChecks.cpp">;
-def NSAutoreleasePoolChecker : Checker<"NSAutoreleasePool">,
- HelpText<"Warn for subpar uses of NSAutoreleasePool">,
+def NSAutoreleasePoolChecker : Checker<"NSAutoReleasePool">,
+ HelpText<"Warn for subpar uses of NSAutoReleasePool">,
DescFile<"NSAutoreleasePoolChecker.cpp">;
def ObjCMethSigsChecker : Checker<"MethodSigs">,
@@ -71,16 +71,16 @@
HelpText<"Warn about private ivars that are never used">,
DescFile<"ObjCUnusedIVarsChecker.cpp">;
-}
+} // end "cocoa"
-def StackAddrLeakChecker : Checker<"StackAddrLeak">,
+def StackAddrEscapeChecker : Checker<"StackAddrEscape">,
InPackage<Core>,
- HelpText<"Check that addresses to stack memory are not leaked outside the function">,
- DescFile<"StackAddrLeakChecker.cpp">;
+ HelpText<"Check that addresses to stack memory do not escape the function">,
+ DescFile<"StackAddrEscapeChecker.cpp">;
def DeadStoresChecker : Checker<"DeadStores">,
InPackage<Core>,
- HelpText<"Check for stores to dead variables">,
+ HelpText<"Check for values stored to a variables that are never read afterwards">,
DescFile<"DeadStoresChecker.cpp">;
def UnixAPIChecker : Checker<"API">,
@@ -90,12 +90,12 @@
def MacOSXAPIChecker : Checker<"API">,
InPackage<MacOSX>,
- HelpText<"Check calls to various MacOSXAPIChecker">,
+ HelpText<"Check for proper uses of various Mac OS X APIs">,
DescFile<"MacOSXAPIChecker.cpp">;
def CFNumberCreateChecker : Checker<"CFNumber">,
InPackage<MacOSX>,
- HelpText<"Check for CFNumberCreate">,
+ HelpText<"Check for proper uses of CFNumberCreate">,
DescFile<"BasicObjCFoundationChecks.cpp">;
def CFRetainReleaseChecker : Checker<"CFRetainRelease">,
Copied: cfe/trunk/lib/StaticAnalyzer/Checkers/StackAddrEscapeChecker.cpp (from r126521, cfe/trunk/lib/StaticAnalyzer/Checkers/StackAddrLeakChecker.cpp)
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/StackAddrEscapeChecker.cpp?p2=cfe/trunk/lib/StaticAnalyzer/Checkers/StackAddrEscapeChecker.cpp&p1=cfe/trunk/lib/StaticAnalyzer/Checkers/StackAddrLeakChecker.cpp&r1=126521&r2=126522&rev=126522&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Checkers/StackAddrLeakChecker.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Checkers/StackAddrEscapeChecker.cpp Fri Feb 25 16:00:43 2011
@@ -1,4 +1,4 @@
-//=== StackAddrLeakChecker.cpp ------------------------------------*- C++ -*--//
+//=== StackAddrEscapeChecker.cpp ----------------------------------*- C++ -*--//
//
// The LLVM Compiler Infrastructure
//
@@ -24,7 +24,7 @@
using namespace ento;
namespace {
-class StackAddrLeakChecker : public CheckerV2< check::PreStmt<ReturnStmt>,
+class StackAddrEscapeChecker : public CheckerV2< check::PreStmt<ReturnStmt>,
check::EndPath > {
mutable llvm::OwningPtr<BuiltinBug> BT_stackleak;
mutable llvm::OwningPtr<BuiltinBug> BT_returnstack;
@@ -40,7 +40,7 @@
};
}
-SourceRange StackAddrLeakChecker::GenName(llvm::raw_ostream &os,
+SourceRange StackAddrEscapeChecker::GenName(llvm::raw_ostream &os,
const MemRegion *R,
SourceManager &SM) {
// Get the base region, stripping away fields and elements.
@@ -83,7 +83,7 @@
return range;
}
-void StackAddrLeakChecker::EmitStackError(CheckerContext &C, const MemRegion *R,
+void StackAddrEscapeChecker::EmitStackError(CheckerContext &C, const MemRegion *R,
const Expr *RetE) const {
ExplodedNode *N = C.generateSink();
@@ -107,7 +107,7 @@
C.EmitReport(report);
}
-void StackAddrLeakChecker::checkPreStmt(const ReturnStmt *RS,
+void StackAddrEscapeChecker::checkPreStmt(const ReturnStmt *RS,
CheckerContext &C) const {
const Expr *RetE = RS->getRetValue();
@@ -126,7 +126,7 @@
}
}
-void StackAddrLeakChecker::checkEndPath(EndOfFunctionNodeBuilder &B,
+void StackAddrEscapeChecker::checkEndPath(EndOfFunctionNodeBuilder &B,
ExprEngine &Eng) const {
const GRState *state = B.getState();
@@ -200,6 +200,6 @@
}
}
-void ento::registerStackAddrLeakChecker(CheckerManager &mgr) {
- mgr.registerChecker<StackAddrLeakChecker>();
+void ento::registerStackAddrEscapeChecker(CheckerManager &mgr) {
+ mgr.registerChecker<StackAddrEscapeChecker>();
}
Removed: cfe/trunk/lib/StaticAnalyzer/Checkers/StackAddrLeakChecker.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/StackAddrLeakChecker.cpp?rev=126521&view=auto
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Checkers/StackAddrLeakChecker.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Checkers/StackAddrLeakChecker.cpp (removed)
@@ -1,205 +0,0 @@
-//=== StackAddrLeakChecker.cpp ------------------------------------*- C++ -*--//
-//
-// The LLVM Compiler Infrastructure
-//
-// This file is distributed under the University of Illinois Open Source
-// License. See LICENSE.TXT for details.
-//
-//===----------------------------------------------------------------------===//
-//
-// This file defines stack address leak checker, which checks if an invalid
-// stack address is stored into a global or heap location. See CERT DCL30-C.
-//
-//===----------------------------------------------------------------------===//
-
-#include "ClangSACheckers.h"
-#include "clang/StaticAnalyzer/Core/CheckerV2.h"
-#include "clang/StaticAnalyzer/Core/CheckerManager.h"
-#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
-#include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
-#include "clang/StaticAnalyzer/Core/PathSensitive/GRState.h"
-#include "clang/Basic/SourceManager.h"
-#include "llvm/ADT/SmallString.h"
-using namespace clang;
-using namespace ento;
-
-namespace {
-class StackAddrLeakChecker : public CheckerV2< check::PreStmt<ReturnStmt>,
- check::EndPath > {
- mutable llvm::OwningPtr<BuiltinBug> BT_stackleak;
- mutable llvm::OwningPtr<BuiltinBug> BT_returnstack;
-
-public:
- void checkPreStmt(const ReturnStmt *RS, CheckerContext &C) const;
- void checkEndPath(EndOfFunctionNodeBuilder &B, ExprEngine &Eng) const;
-private:
- void EmitStackError(CheckerContext &C, const MemRegion *R,
- const Expr *RetE) const;
- static SourceRange GenName(llvm::raw_ostream &os, const MemRegion *R,
- SourceManager &SM);
-};
-}
-
-SourceRange StackAddrLeakChecker::GenName(llvm::raw_ostream &os,
- const MemRegion *R,
- SourceManager &SM) {
- // Get the base region, stripping away fields and elements.
- R = R->getBaseRegion();
- SourceRange range;
- os << "Address of ";
-
- // Check if the region is a compound literal.
- if (const CompoundLiteralRegion* CR = dyn_cast<CompoundLiteralRegion>(R)) {
- const CompoundLiteralExpr* CL = CR->getLiteralExpr();
- os << "stack memory associated with a compound literal "
- "declared on line "
- << SM.getInstantiationLineNumber(CL->getLocStart())
- << " returned to caller";
- range = CL->getSourceRange();
- }
- else if (const AllocaRegion* AR = dyn_cast<AllocaRegion>(R)) {
- const Expr* ARE = AR->getExpr();
- SourceLocation L = ARE->getLocStart();
- range = ARE->getSourceRange();
- os << "stack memory allocated by call to alloca() on line "
- << SM.getInstantiationLineNumber(L);
- }
- else if (const BlockDataRegion *BR = dyn_cast<BlockDataRegion>(R)) {
- const BlockDecl *BD = BR->getCodeRegion()->getDecl();
- SourceLocation L = BD->getLocStart();
- range = BD->getSourceRange();
- os << "stack-allocated block declared on line "
- << SM.getInstantiationLineNumber(L);
- }
- else if (const VarRegion *VR = dyn_cast<VarRegion>(R)) {
- os << "stack memory associated with local variable '"
- << VR->getString() << '\'';
- range = VR->getDecl()->getSourceRange();
- }
- else {
- assert(false && "Invalid region in ReturnStackAddressChecker.");
- }
-
- return range;
-}
-
-void StackAddrLeakChecker::EmitStackError(CheckerContext &C, const MemRegion *R,
- const Expr *RetE) const {
- ExplodedNode *N = C.generateSink();
-
- if (!N)
- return;
-
- if (!BT_returnstack)
- BT_returnstack.reset(
- new BuiltinBug("Return of address to stack-allocated memory"));
-
- // Generate a report for this bug.
- llvm::SmallString<512> buf;
- llvm::raw_svector_ostream os(buf);
- SourceRange range = GenName(os, R, C.getSourceManager());
- os << " returned to caller";
- RangedBugReport *report = new RangedBugReport(*BT_returnstack, os.str(), N);
- report->addRange(RetE->getSourceRange());
- if (range.isValid())
- report->addRange(range);
-
- C.EmitReport(report);
-}
-
-void StackAddrLeakChecker::checkPreStmt(const ReturnStmt *RS,
- CheckerContext &C) const {
-
- const Expr *RetE = RS->getRetValue();
- if (!RetE)
- return;
-
- SVal V = C.getState()->getSVal(RetE);
- const MemRegion *R = V.getAsRegion();
-
- if (!R || !R->hasStackStorage())
- return;
-
- if (R->hasStackStorage()) {
- EmitStackError(C, R, RetE);
- return;
- }
-}
-
-void StackAddrLeakChecker::checkEndPath(EndOfFunctionNodeBuilder &B,
- ExprEngine &Eng) const {
-
- const GRState *state = B.getState();
-
- // Iterate over all bindings to global variables and see if it contains
- // a memory region in the stack space.
- class CallBack : public StoreManager::BindingsHandler {
- private:
- const StackFrameContext *CurSFC;
- public:
- llvm::SmallVector<std::pair<const MemRegion*, const MemRegion*>, 10> V;
-
- CallBack(const LocationContext *LCtx)
- : CurSFC(LCtx->getCurrentStackFrame()) {}
-
- bool HandleBinding(StoreManager &SMgr, Store store,
- const MemRegion *region, SVal val) {
-
- if (!isa<GlobalsSpaceRegion>(region->getMemorySpace()))
- return true;
-
- const MemRegion *vR = val.getAsRegion();
- if (!vR)
- return true;
-
- if (const StackSpaceRegion *SSR =
- dyn_cast<StackSpaceRegion>(vR->getMemorySpace())) {
- // If the global variable holds a location in the current stack frame,
- // record the binding to emit a warning.
- if (SSR->getStackFrame() == CurSFC)
- V.push_back(std::make_pair(region, vR));
- }
-
- return true;
- }
- };
-
- CallBack cb(B.getPredecessor()->getLocationContext());
- state->getStateManager().getStoreManager().iterBindings(state->getStore(),cb);
-
- if (cb.V.empty())
- return;
-
- // Generate an error node.
- ExplodedNode *N = B.generateNode(state);
- if (!N)
- return;
-
- if (!BT_stackleak)
- BT_stackleak.reset(
- new BuiltinBug("Stack address stored into global variable",
- "Stack address was saved into a global variable. "
- "This is dangerous because the address will become "
- "invalid after returning from the function"));
-
- for (unsigned i = 0, e = cb.V.size(); i != e; ++i) {
- // Generate a report for this bug.
- llvm::SmallString<512> buf;
- llvm::raw_svector_ostream os(buf);
- SourceRange range = GenName(os, cb.V[i].second,
- Eng.getContext().getSourceManager());
- os << " is still referred to by the global variable '";
- const VarRegion *VR = cast<VarRegion>(cb.V[i].first->getBaseRegion());
- os << VR->getDecl()->getNameAsString()
- << "' upon returning to the caller. This will be a dangling reference";
- RangedBugReport *report = new RangedBugReport(*BT_stackleak, os.str(), N);
- if (range.isValid())
- report->addRange(range);
-
- Eng.getBugReporter().EmitReport(report);
- }
-}
-
-void ento::registerStackAddrLeakChecker(CheckerManager &mgr) {
- mgr.registerChecker<StackAddrLeakChecker>();
-}
More information about the cfe-commits
mailing list