[PATCH] D19866: [Analyzer] Correct stack address escape diagnostic

Tue May 3 07:00:14 PDT 2016

FlameTop created this revision.
FlameTop added reviewers: zaks.anna, dcoughlin.
FlameTop added a subscriber: cfe-commits.

Leaking a stack address via a static variable refers to it in the diagnostic as a 'global'. This patch corrects the diagnostic for static variables. 

Patch by Phil Camp, SN Systems

http://reviews.llvm.org/D19866

Files:
  llvm/tools/clang/lib/StaticAnalyzer/Checkers/StackAddrEscapeChecker.cpp
  llvm/tools/clang/test/Analysis/stackaddrleak.c

Index: llvm/tools/clang/test/Analysis/stackaddrleak.c
===================================================================

--- llvm/tools/clang/test/Analysis/stackaddrleak.c
+++ llvm/tools/clang/test/Analysis/stackaddrleak.c
@@ -19,7 +19,7 @@
   p = (const char *) __builtin_alloca(12);
 } // expected-warning{{Address of stack memory allocated by call to alloca() on line 19 is still referred to by the global variable 'p' upon returning to the caller.  This will be a dangling reference}}
 
-// PR 7383 - previosly the stack address checker would crash on this example
+// PR 7383 - previously the stack address checker would crash on this example
 //  because it would attempt to do a direct load from 'pr7383_list'. 
 static int pr7383(__const char *__)
 {
@@ -33,7 +33,7 @@
   int x;
   a = &x;
   b = &x;
-} // expected-warning{{Address of stack memory associated with local variable 'x' is still referred to by the global variable 'a' upon returning}} expected-warning{{Address of stack memory associated with local variable 'x' is still referred to by the global variable 'b' upon returning}}
+} // expected-warning{{Address of stack memory associated with local variable 'x' is still referred to by the static variable 'a' upon returning}} expected-warning{{Address of stack memory associated with local variable 'x' is still referred to by the static variable 'b' upon returning}}
 
 intptr_t returnAsNonLoc() {
   int x;
Index: llvm/tools/clang/lib/StaticAnalyzer/Checkers/StackAddrEscapeChecker.cpp
===================================================================
--- llvm/tools/clang/lib/StaticAnalyzer/Checkers/StackAddrEscapeChecker.cpp
+++ llvm/tools/clang/lib/StaticAnalyzer/Checkers/StackAddrEscapeChecker.cpp
@@ -226,17 +226,22 @@
 
   if (!BT_stackleak)
     BT_stackleak.reset(
-        new BuiltinBug(this, "Stack address stored into global variable",
-                       "Stack address was saved into a global variable. "
+        new BuiltinBug(this, "Stack address stored into global/static variable",
+                       "Stack address was saved into a global/static variable. "
                        "This is dangerous because the address will become "
                        "invalid after returning from the function"));
 
   for (unsigned i = 0, e = cb.V.size(); i != e; ++i) {
     // Generate a report for this bug.
     SmallString<512> buf;
     llvm::raw_svector_ostream os(buf);
     SourceRange range = genName(os, cb.V[i].second, Ctx.getASTContext());
-    os << " is still referred to by the global variable '";
+    os << " is still referred to by the ";
+    if (isa<StaticGlobalSpaceRegion>(cb.V[i].first->getMemorySpace()))
+      os << "static";
+    else
+      os << "global";
+    os << " variable '";
     const VarRegion *VR = cast<VarRegion>(cb.V[i].first->getBaseRegion());
     os << *VR->getDecl()
        << "' upon returning to the caller.  This will be a dangling reference";


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D19866.55983.patch
Type: text/x-patch
Size: 2945 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20160503/65d082a0/attachment.bin>
