[PATCH] D77410: [analyzer] StdLibraryFunctionsChecker: match signature based on FunctionDecl
Gabor Marton via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Fri Apr 3 08:37:13 PDT 2020
martong created this revision.
martong added reviewers: NoQ, Szelethus, gamesh411, baloghadamsoftware.
Herald added subscribers: cfe-commits, ASDenysPetrov, danielkiss, steakhal, Charusso, dkrupp, donat.nagy, mikhail.ramalho, a.sidorin, rnkovacs, szepet, kristof.beyls, xazax.hun, whisperity.
Herald added a project: clang.
Currently we match the summary signature based on the arguments in the CallExpr.
There are a few problems with this approach.
1. Variadic arguments are handled badly. Consider the below code: int foo(void *stream, const char *format, ...); void test_arg_constraint_on_variadic_fun() { foo(0, "%d%d", 1, 2); // CallExpr } Here the call expression holds 4 arguments, whereas the function declaration has only 2 `ParmVarDecl`s. So there is no way to create a summary that matches the call expression, because the discrepancy in the number of arguments causes a mismatch.
2. The call expression does not handle the `restrict` type qualifier. In C99, fwrite's signature is the following: size_t fwrite(const void *restrict, size_t, size_t, FILE *restrict); However, in a call expression, like below, the type of the argument does not have the restrict qualifier. void test_fread_fwrite(FILE *fp, int *buf) { size_t x = fwrite(buf, sizeof(int), 10, fp); } This can result in an unmatches signature, so the summary is not applied.
The solution is to match the summary against the referened callee
`FunctionDecl` that we can query from the `CallExpr`.
Further patches will continue with additional refactoring where I am going to
do a lookup during the checker initialization and the signature match will
happen there. That way, we will not check the signature during every call,
rather we will compare only two `FunctionDecl` pointers.
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D77410
Files:
clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp
clang/test/Analysis/std-c-library-functions-arg-constraints.c
clang/test/Analysis/std-c-library-functions.c
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D77410.254824.patch
Type: text/x-patch
Size: 6834 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20200403/e6f3f0f7/attachment-0001.bin>
More information about the cfe-commits
mailing list