[clang] [analyzer] Improve diagnostics from ArrayBoundCheckerV2 (PR #70056)

[Balazs Benics via cfe-commits]

=?utf-8?q?Donát?= Nagy <donat.nagy at ericsson.com>,
=?utf-8?q?Donát?= Nagy <donat.nagy at ericsson.com>
Message-ID:
In-Reply-To: <llvm/llvm-project/pull/70056 at github.com>


================
@@ -217,80 +326,71 @@ void ArrayBoundCheckerV2::checkLocation(SVal location, bool isLoad,
     // MallocChecker that call SValBuilder::getConjuredHeapSymbolVal()) and
     // non-symbolic regions (e.g. a field subregion of a symbolic region) in
     // unknown space.
-    auto [state_precedesLowerBound, state_withinLowerBound] =
-        compareValueToThreshold(state, ByteOffset,
-                                svalBuilder.makeZeroArrayIndex(), svalBuilder);
+    auto [PrecedesLowerBound, WithinLowerBound] = compareValueToThreshold(
+        State, ByteOffset, SVB.makeZeroArrayIndex(), SVB);
 
-    if (state_precedesLowerBound && !state_withinLowerBound) {
+    if (PrecedesLowerBound && !WithinLowerBound) {
       // We know that the index definitely precedes the lower bound.
-      reportOOB(checkerContext, state_precedesLowerBound, OOB_Precedes);
+      std::string RegName = getRegionName(Reg);
+      std::string Msg = getPrecedesMsg(RegName, ByteOffset);
+      reportOOB(C, PrecedesLowerBound, OOB_Precedes, ByteOffset, RegName, Msg);
       return;
     }
 
-    if (state_withinLowerBound)
-      state = state_withinLowerBound;
+    if (WithinLowerBound)
+      State = WithinLowerBound;
   }
 
   // CHECK UPPER BOUND
-  DefinedOrUnknownSVal Size = getDynamicExtent(state, Reg, svalBuilder);
+  DefinedOrUnknownSVal Size = getDynamicExtent(State, Reg, SVB);
   if (auto KnownSize = Size.getAs<NonLoc>()) {
-    auto [state_withinUpperBound, state_exceedsUpperBound] =
-        compareValueToThreshold(state, ByteOffset, *KnownSize, svalBuilder);
+    auto [WithinUpperBound, ExceedsUpperBound] =
+        compareValueToThreshold(State, ByteOffset, *KnownSize, SVB);
 
-    if (state_exceedsUpperBound) {
-      if (!state_withinUpperBound) {
+    if (ExceedsUpperBound) {
+      if (!WithinUpperBound) {
         // We know that the index definitely exceeds the upper bound.
-        reportOOB(checkerContext, state_exceedsUpperBound, OOB_Exceeds);
+        std::string RegName = getRegionName(Reg);
+        std::string Msg = getExceedsMsg(C.getASTContext(), RegName, ByteOffset,
+                                        *KnownSize, Location);
+        reportOOB(C, ExceedsUpperBound, OOB_Exceeds, ByteOffset, RegName, Msg);
         return;
       }
-      if (isTainted(state, ByteOffset)) {
+      if (isTainted(State, ByteOffset)) {
         // Both cases are possible, but the index is tainted, so report.
-        reportOOB(checkerContext, state_exceedsUpperBound, OOB_Taint,
-                  ByteOffset);
+        std::string RegName = getRegionName(Reg);
+        std::string Msg = getTaintMsg(RegName);
+        reportOOB(C, ExceedsUpperBound, OOB_Taint, ByteOffset, RegName, Msg);
----------------
steakhal wrote:

```suggestion
        reportOOB(C, ExceedsUpperBound, OOB_Taint, ByteOffset, std::move(RegName), std::move(Msg));
```

https://github.com/llvm/llvm-project/pull/70056