r240800 - [static analyzer] Analyzer is skipping forward declared C/C++ functions

Anna Zaks ganna at apple.com
Fri Jun 26 10:42:58 PDT 2015 

Author: zaks
Date: Fri Jun 26 12:42:58 2015
New Revision: 240800

URL: http://llvm.org/viewvc/llvm-project?rev=240800&view=rev
Log:
[static analyzer] Analyzer is skipping forward declared C/C++ functions

A patch by Karthik Bhat!

This patch fixes a regression introduced by r224398. Prior to r224398
we were able to analyze the following code in test-include.c and report
a null deref in this case. But post r224398 this analysis is being skipped.

E.g.
  // test-include.c
  #include "test-include.h"
  void test(int * data) {
    data = 0;
    *data = 1;
  }

   // test-include.h
  void test(int * data);

This patch uses the function body (instead of its declaration) as the location
of the function when deciding if the Decl should be analyzed with path-sensitive
analysis. (Prior to r224398, the call graph was guaranteed to have a definition
when available.)

Added:
    cfe/trunk/test/Analysis/test-include-cpp.cpp
    cfe/trunk/test/Analysis/test-include-cpp.h
    cfe/trunk/test/Analysis/test-include.c
    cfe/trunk/test/Analysis/test-include.h
Modified:
    cfe/trunk/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp

Modified: cfe/trunk/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp?rev=240800&r1=240799&r2=240800&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp Fri Jun 26 12:42:58 2015
@@ -588,7 +588,10 @@ AnalysisConsumer::getModeForDecl(Decl *D
   // - Header files: run non-path-sensitive checks only.
   // - System headers: don't run any checks.
   SourceManager &SM = Ctx->getSourceManager();
-  SourceLocation SL = SM.getExpansionLoc(D->getLocation());
+  SourceLocation SL = D->hasBody() ? D->getBody()->getLocStart()
+                                     : D->getLocation();
+  SL = SM.getExpansionLoc(SL);
+
   if (!Opts->AnalyzeAll && !SM.isWrittenInMainFile(SL)) {
     if (SL.isInvalid() || SM.isInSystemHeader(SL))
       return AM_None;

Added: cfe/trunk/test/Analysis/test-include-cpp.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/test-include-cpp.cpp?rev=240800&view=auto
==============================================================================
--- cfe/trunk/test/Analysis/test-include-cpp.cpp (added)
+++ cfe/trunk/test/Analysis/test-include-cpp.cpp Fri Jun 26 12:42:58 2015
@@ -0,0 +1,13 @@
+// RUN: %clang_cc1 -analyze -analyzer-checker=core -verify %s
+
+#include "test-include-cpp.h"
+
+int TestIncludeClass::test1(int *p) {
+  p = 0;
+  return *p; // expected-warning{{Dereference of null pointer}}
+}
+
+int TestIncludeClass::test2(int *p) {
+  p = 0;
+  return *p; // expected-warning{{Dereference of null pointer}}
+}

Added: cfe/trunk/test/Analysis/test-include-cpp.h
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/test-include-cpp.h?rev=240800&view=auto
==============================================================================
--- cfe/trunk/test/Analysis/test-include-cpp.h (added)
+++ cfe/trunk/test/Analysis/test-include-cpp.h Fri Jun 26 12:42:58 2015
@@ -0,0 +1,9 @@
+#ifndef TEST_INCLUDE_CPP_H
+#define TEST_INCLUDE_CPP_H
+
+class TestIncludeClass {
+  int test1(int *);
+  static int test2(int *);
+};
+
+#endif

Added: cfe/trunk/test/Analysis/test-include.c
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/test-include.c?rev=240800&view=auto
==============================================================================
--- cfe/trunk/test/Analysis/test-include.c (added)
+++ cfe/trunk/test/Analysis/test-include.c Fri Jun 26 12:42:58 2015
@@ -0,0 +1,21 @@
+// RUN: %clang_cc1 -analyze -analyzer-checker=core -verify %s
+
+#include "test-include.h"
+#define DIVYX(X,Y) Y/X
+
+void test_01(int *data) {
+  data = 0;
+  *data = 1; // expected-warning{{Dereference of null pointer}}
+}
+
+int test_02() {
+  int res = DIVXY(1,0); // expected-warning{{Division by zero}}
+                        // expected-warning at -1{{division by zero is undefined}}
+  return res;
+}
+
+int test_03() {
+  int res = DIVYX(0,1); // expected-warning{{Division by zero}}
+                        // expected-warning at -1{{division by zero is undefined}}
+  return res;
+}
\ No newline at end of file

Added: cfe/trunk/test/Analysis/test-include.h
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/test-include.h?rev=240800&view=auto
==============================================================================
--- cfe/trunk/test/Analysis/test-include.h (added)
+++ cfe/trunk/test/Analysis/test-include.h Fri Jun 26 12:42:58 2015
@@ -0,0 +1,2 @@
+void test_01(int * data);
+#define DIVXY(X,Y) X/Y

More information about the cfe-commits mailing list