r355720 - [Analyzer] Checker for non-determinism caused by sorting of pointer-like elements
Mandeep Singh Grang via cfe-commits
cfe-commits at lists.llvm.org
Fri Mar 8 12:13:53 PST 2019
Author: mgrang
Date: Fri Mar 8 12:13:53 2019
New Revision: 355720
URL: http://llvm.org/viewvc/llvm-project?rev=355720&view=rev
Log:
[Analyzer] Checker for non-determinism caused by sorting of pointer-like elements
Summary:
Added a new category of checkers for non-determinism. Added a checker for non-determinism
caused due to sorting containers with pointer-like elements.
Reviewers: NoQ, george.karpenkov, whisperity, Szelethus
Reviewed By: NoQ, Szelethus
Subscribers: Charusso, baloghadamsoftware, jdoerfert, donat.nagy, dkrupp, martong, dblaikie, MTC, Szelethus, mgorny, xazax.hun, szepet, rnkovacs, a.sidorin, mikhail.ramalho, cfe-commits
Tags: #clang
Differential Revision: https://reviews.llvm.org/D50488
Added:
cfe/trunk/lib/StaticAnalyzer/Checkers/PointerSortingChecker.cpp
cfe/trunk/test/Analysis/ptr-sort.cpp
Modified:
cfe/trunk/docs/analyzer/checkers.rst
cfe/trunk/include/clang/StaticAnalyzer/Checkers/Checkers.td
cfe/trunk/lib/StaticAnalyzer/Checkers/CMakeLists.txt
cfe/trunk/test/Analysis/Inputs/system-header-simulator-cxx.h
cfe/trunk/www/analyzer/alpha_checks.html
Modified: cfe/trunk/docs/analyzer/checkers.rst
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/docs/analyzer/checkers.rst?rev=355720&r1=355719&r2=355720&view=diff
==============================================================================
--- cfe/trunk/docs/analyzer/checkers.rst (original)
+++ cfe/trunk/docs/analyzer/checkers.rst Fri Mar 8 12:13:53 2019
@@ -1943,6 +1943,18 @@ Check for out-of-bounds access in string
int y = strlen((char *)&test); // warn
}
+alpha.nondeterminism.PointerSorting (C++)
+"""""""""""""""""""""""""
+Check for non-determinism caused by sorting of pointers.
+
+.. code-block:: c
+
+ void test() {
+ int a = 1, b = 2;
+ std::vector<int *> V = {&a, &b};
+ std::sort(V.begin(), V.end()); // warn
+ }
+
Debug Checkers
---------------
Modified: cfe/trunk/include/clang/StaticAnalyzer/Checkers/Checkers.td
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/StaticAnalyzer/Checkers/Checkers.td?rev=355720&r1=355719&r2=355720&view=diff
==============================================================================
--- cfe/trunk/include/clang/StaticAnalyzer/Checkers/Checkers.td (original)
+++ cfe/trunk/include/clang/StaticAnalyzer/Checkers/Checkers.td Fri Mar 8 12:13:53 2019
@@ -94,6 +94,8 @@ def Debug : Package<"debug">;
def CloneDetectionAlpha : Package<"clone">, ParentPackage<Alpha>;
+def NonDeterminismAlpha : Package<"nondeterminism">, ParentPackage<Alpha>;
+
//===----------------------------------------------------------------------===//
// Core Checkers.
//===----------------------------------------------------------------------===//
@@ -1043,3 +1045,15 @@ def UnixAPIPortabilityChecker : Checker<
Documentation<NotDocumented>;
} // end optin.portability
+
+//===----------------------------------------------------------------------===//
+// NonDeterminism checkers.
+//===----------------------------------------------------------------------===//
+
+let ParentPackage = NonDeterminismAlpha in {
+
+def PointerSortingChecker : Checker<"PointerSorting">,
+ HelpText<"Check for non-determinism caused by sorting of pointers">,
+ Documentation<HasDocumentation>;
+
+} // end alpha.nondeterminism
Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/CMakeLists.txt
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/CMakeLists.txt?rev=355720&r1=355719&r2=355720&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Checkers/CMakeLists.txt (original)
+++ cfe/trunk/lib/StaticAnalyzer/Checkers/CMakeLists.txt Fri Mar 8 12:13:53 2019
@@ -75,6 +75,7 @@ add_clang_library(clangStaticAnalyzerChe
OSObjectCStyleCast.cpp
PaddingChecker.cpp
PointerArithChecker.cpp
+ PointerSortingChecker.cpp
PointerSubChecker.cpp
PthreadLockChecker.cpp
RetainCountChecker/RetainCountChecker.cpp
Added: cfe/trunk/lib/StaticAnalyzer/Checkers/PointerSortingChecker.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/PointerSortingChecker.cpp?rev=355720&view=auto
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Checkers/PointerSortingChecker.cpp (added)
+++ cfe/trunk/lib/StaticAnalyzer/Checkers/PointerSortingChecker.cpp Fri Mar 8 12:13:53 2019
@@ -0,0 +1,114 @@
+//=== PointerSortingChecker.cpp - Pointer sorting checker ------*- C++ -*--===//
+//
+// The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===----------------------------------------------------------------------===//
+//
+// This file defines PointerSortingChecker which checks for non-determinism
+// caused due to sorting containers with pointer-like elements.
+//
+//===----------------------------------------------------------------------===//
+
+#include "clang/ASTMatchers/ASTMatchFinder.h"
+#include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h"
+#include "clang/StaticAnalyzer/Core/Checker.h"
+#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
+
+using namespace clang;
+using namespace ento;
+using namespace ast_matchers;
+
+namespace {
+
+// ID of a node at which the diagnostic would be emitted.
+constexpr llvm::StringLiteral WarnAtNode = "sort";
+
+class PointerSortingChecker : public Checker<check::ASTCodeBody> {
+public:
+ void checkASTCodeBody(const Decl *D,
+ AnalysisManager &AM,
+ BugReporter &BR) const;
+};
+
+static void emitDiagnostics(const BoundNodes &Match, const Decl *D,
+ BugReporter &BR, AnalysisManager &AM,
+ const PointerSortingChecker *Checker) {
+ auto *ADC = AM.getAnalysisDeclContext(D);
+
+ const auto *MarkedStmt = Match.getNodeAs<CallExpr>(WarnAtNode);
+ assert(MarkedStmt);
+
+ auto Range = MarkedStmt->getSourceRange();
+ auto Location = PathDiagnosticLocation::createBegin(MarkedStmt,
+ BR.getSourceManager(),
+ ADC);
+ std::string Diagnostics;
+ llvm::raw_string_ostream OS(Diagnostics);
+ OS << "Sorting pointer-like elements "
+ << "can result in non-deterministic ordering";
+
+ BR.EmitBasicReport(ADC->getDecl(), Checker,
+ "Sorting of pointer-like elements", "Non-determinism",
+ OS.str(), Location, Range);
+}
+
+auto callsName(const char *FunctionName) -> decltype(callee(functionDecl())) {
+ return callee(functionDecl(hasName(FunctionName)));
+}
+
+// FIXME: Currently we simply check if std::sort is used with pointer-like
+// elements. This approach can have a big false positive rate. Using std::sort,
+// std::unique and then erase is common technique for deduplicating a container
+// (which in some cases might even be quicker than using, let's say std::set).
+// In case a container contains arbitrary memory addresses (e.g. multiple
+// things give different stuff but might give the same thing multiple times)
+// which we don't want to do things with more than once, we might use
+// sort-unique-erase and the sort call will emit a report.
+auto matchSortWithPointers() -> decltype(decl()) {
+ // Match any of these function calls.
+ auto SortFuncM = anyOf(
+ callsName("std::is_sorted"),
+ callsName("std::nth_element"),
+ callsName("std::partial_sort"),
+ callsName("std::partition"),
+ callsName("std::sort"),
+ callsName("std::stable_partition"),
+ callsName("std::stable_sort")
+ );
+
+ // Match only if the container has pointer-type elements.
+ auto IteratesPointerEltsM = hasArgument(0,
+ hasType(cxxRecordDecl(has(
+ fieldDecl(hasType(hasCanonicalType(
+ pointsTo(hasCanonicalType(pointerType()))
+ )))
+ ))));
+
+ auto PointerSortM = stmt(callExpr(allOf(SortFuncM, IteratesPointerEltsM))
+ ).bind(WarnAtNode);
+
+ return decl(forEachDescendant(PointerSortM));
+}
+
+void PointerSortingChecker::checkASTCodeBody(const Decl *D,
+ AnalysisManager &AM,
+ BugReporter &BR) const {
+ auto MatcherM = matchSortWithPointers();
+
+ auto Matches = match(MatcherM, *D, AM.getASTContext());
+ for (const auto &Match : Matches)
+ emitDiagnostics(Match, D, BR, AM, this);
+}
+
+} // end of anonymous namespace
+
+void ento::registerPointerSortingChecker(CheckerManager &Mgr) {
+ Mgr.registerChecker<PointerSortingChecker>();
+}
+
+bool ento::shouldRegisterPointerSortingChecker(const LangOptions &LO) {
+ return LO.CPlusPlus;
+}
Modified: cfe/trunk/test/Analysis/Inputs/system-header-simulator-cxx.h
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/Inputs/system-header-simulator-cxx.h?rev=355720&r1=355719&r2=355720&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/Inputs/system-header-simulator-cxx.h (original)
+++ cfe/trunk/test/Analysis/Inputs/system-header-simulator-cxx.h Fri Mar 8 12:13:53 2019
@@ -822,3 +822,26 @@ extern char *__cxa_demangle(const char *
int *status);
}}
namespace abi = __cxxabiv1;
+
+namespace std {
+ template<class ForwardIt>
+ bool is_sorted(ForwardIt first, ForwardIt last);
+
+ template <class RandomIt>
+ void nth_element(RandomIt first, RandomIt nth, RandomIt last);
+
+ template<class RandomIt>
+ void partial_sort(RandomIt first, RandomIt middle, RandomIt last);
+
+ template<class RandomIt>
+ void sort (RandomIt first, RandomIt last);
+
+ template<class RandomIt>
+ void stable_sort(RandomIt first, RandomIt last);
+
+ template<class BidirIt, class UnaryPredicate>
+ BidirIt partition(BidirIt first, BidirIt last, UnaryPredicate p);
+
+ template<class BidirIt, class UnaryPredicate>
+ BidirIt stable_partition(BidirIt first, BidirIt last, UnaryPredicate p);
+}
Added: cfe/trunk/test/Analysis/ptr-sort.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/ptr-sort.cpp?rev=355720&view=auto
==============================================================================
--- cfe/trunk/test/Analysis/ptr-sort.cpp (added)
+++ cfe/trunk/test/Analysis/ptr-sort.cpp Fri Mar 8 12:13:53 2019
@@ -0,0 +1,35 @@
+// RUN: %clang_analyze_cc1 -analyzer-checker=core,alpha.nondeterminism.PointerSorting %s -analyzer-output=text -verify
+
+#include "Inputs/system-header-simulator-cxx.h"
+
+bool f (int x) { return true; }
+bool g (int *x) { return true; }
+
+void PointerSorting() {
+ int a = 1, b = 2, c = 3;
+ std::vector<int> V1 = {a, b};
+ std::vector<int *> V2 = {&a, &b};
+
+ std::is_sorted(V1.begin(), V1.end()); // no-warning
+ std::nth_element(V1.begin(), V1.begin() + 1, V1.end()); // no-warning
+ std::partial_sort(V1.begin(), V1.begin() + 1, V1.end()); // no-warning
+ std::sort(V1.begin(), V1.end()); // no-warning
+ std::stable_sort(V1.begin(), V1.end()); // no-warning
+ std::partition(V1.begin(), V1.end(), f); // no-warning
+ std::stable_partition(V1.begin(), V1.end(), g); // no-warning
+
+ std::is_sorted(V2.begin(), V2.end()); // expected-warning {{Sorting pointer-like elements can result in non-deterministic ordering}} [alpha.nondeterminism.PointerSorting]
+ // expected-note at -1 {{Sorting pointer-like elements can result in non-deterministic ordering}} [alpha.nondeterminism.PointerSorting]
+ std::nth_element(V2.begin(), V2.begin() + 1, V2.end()); // expected-warning {{Sorting pointer-like elements can result in non-deterministic ordering}} [alpha.nondeterminism.PointerSorting]
+ // expected-note at -1 {{Sorting pointer-like elements can result in non-deterministic ordering}} [alpha.nondeterminism.PointerSorting]
+ std::partial_sort(V2.begin(), V2.begin() + 1, V2.end()); // expected-warning {{Sorting pointer-like elements can result in non-deterministic ordering}} [alpha.nondeterminism.PointerSorting]
+ // expected-note at -1 {{Sorting pointer-like elements can result in non-deterministic ordering}} [alpha.nondeterminism.PointerSorting]
+ std::sort(V2.begin(), V2.end()); // expected-warning {{Sorting pointer-like elements can result in non-deterministic ordering}} [alpha.nondeterminism.PointerSorting]
+ // expected-note at -1 {{Sorting pointer-like elements can result in non-deterministic ordering}} [alpha.nondeterminism.PointerSorting]
+ std::stable_sort(V2.begin(), V2.end()); // expected-warning {{Sorting pointer-like elements can result in non-deterministic ordering}} [alpha.nondeterminism.PointerSorting]
+ // expected-note at -1 {{Sorting pointer-like elements can result in non-deterministic ordering}} [alpha.nondeterminism.PointerSorting]
+ std::partition(V2.begin(), V2.end(), f); // expected-warning {{Sorting pointer-like elements can result in non-deterministic ordering}} [alpha.nondeterminism.PointerSorting]
+ // expected-note at -1 {{Sorting pointer-like elements can result in non-deterministic ordering}} [alpha.nondeterminism.PointerSorting]
+ std::stable_partition(V2.begin(), V2.end(), g); // expected-warning {{Sorting pointer-like elements can result in non-deterministic ordering}} [alpha.nondeterminism.PointerSorting]
+ // expected-note at -1 {{Sorting pointer-like elements can result in non-deterministic ordering}} [alpha.nondeterminism.PointerSorting]
+}
Modified: cfe/trunk/www/analyzer/alpha_checks.html
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/www/analyzer/alpha_checks.html?rev=355720&r1=355719&r2=355720&view=diff
==============================================================================
--- cfe/trunk/www/analyzer/alpha_checks.html (original)
+++ cfe/trunk/www/analyzer/alpha_checks.html Fri Mar 8 12:13:53 2019
@@ -33,6 +33,7 @@ Patches welcome!
<li><a href="#osx_alpha_checkers">OS X Alpha Checkers</a></li>
<li><a href="#security_alpha_checkers">Security Alpha Checkers</a></li>
<li><a href="#unix_alpha_checkers">Unix Alpha Checkers</a></li>
+<li><a href="#nondeterminism_alpha_checkers">Non-determinism Alpha Checkers</a></li>
</ul>
<!-- ============================= clone alpha ============================= -->
@@ -1174,6 +1175,28 @@ void test(char *y) {
</tbody></table>
+<!-- =========================== nondeterminism alpha =========================== -->
+<h3 id="nondeterminism_alpha_checkers">Non-determinism Alpha Checkers</h3>
+<table class="checkers">
+<colgroup><col class="namedescr"><col class="example"></colgroup>
+<thead><tr><td>Name, Description</td><td>Example</td></tr></thead>
+
+<tbody>
+<tr><td><a id="alpha.nondeterminism.PointerSorting"><div class="namedescr expandable"><span class="name">
+alpha.nondeterminism.PointerSorting</span><span class="lang">
+(C++)</span><div class="descr">
+Check for non-determinism caused by sorting of pointers.</div></div></a></td>
+<td><div class="exampleContainer expandable">
+<div class="example"><pre>
+// C++
+void test() {
+ int a = 1, b = 2;
+ std::vector<int *> V = {&a, &b};
+ std::sort(V.begin(), V.end()); // warn
+}
+</pre></div></div></td></tr>
+</tbody></table>
+
</div> <!-- page -->
</div> <!-- content -->
</body>
More information about the cfe-commits
mailing list