[cfe-dev] Clang Static Analyzer (different.ConversionToBool check)
Artem Dergachev via cfe-dev
cfe-dev at lists.llvm.org
Thu Nov 30 08:34:32 PST 2017
(forgot to add cfe-dev on reply, re-replying, sry)
Hello,
I'd really like to know more about the approach you've taken with this
checker. What kinds of conversions does it flag? Eg.:
bool foo() {
return ""; // warn.
// or...
char *str1 = "";
return str1; // warn?
// or...
char *null_str = 0;
return null_str; // nope.
}
It's not clear to me why would it warn on converting something to an
int. In C, there doesn't seem to be an easy way to discriminate between
int and boolean types. You might eventually want to hardcode a list of
common library functions that treat their int arguments as boolean
flags. And even if we have platform/library-specific typedefs such as
ObjC BOOL, they are usually quite distinct from plain ints (eg. by
typedef sugar).
Then, ideally new checkers shouldn't be enabled on existing tests.
Nowadays we try to make each test file correspond to a single checker.
So you're running into a problem that arises because we didn't take this
approach before, so we have some tests that have the whole alpha.core
enabled (which is gross).
If you're running into existing test file with a lot of eg.
clang_analyzer_eval(BOOL) calls, and many of those suddenly get flagged,
i think these are true positives. The checker works as intended, and we
could just add expected-warnings on these lines. If there are too many
such lines, i'd probably suggest to disable the checker for this file,
i.e. adding -analyzer-disable-checker=alpha.core.YourChecker to the
run-line at the top of the file. Separate files for the checker should
be enough.
But i don't think that there is a need for special code in the checker
that detects testing environment and changes the behavior. After all,
that defeats the purpose of testing.
On 11/29/17 12:20 PM, Alexey Knyshev via cfe-dev wrote:
> Hello everyone!
>
> I have implemented a prototype of "different.ConversionToBool(C, C++)".
> According to list of potential checkers
> (https://clang-analyzer.llvm.org/potential_checkers.html
> <https://clang-analyzer.llvm.org/potential_checkers.html>) I've
> implemented it as the part of existing alpha.core.BoolAssignment
> checker. There is one problem I've faced while testing changes via
> llvm-lit. There are many FnChecks calls like /clang_analyzer_eval/ in
> Analysis/casts.[c/m] which are called with integer arguments instead
> of bool according declaration. Obviously it leads to false positives
> in implemented checker (implicit cast to boolean). Actually, the
> question is: What is the best way to avoid such false-positives? I
> came up with the following possible solutions:
>
> 1. Is there way to distinguish FnCheck CallExpr from common CallExpr
> (any flag or whatever). If so, it's quite simple to ignore them in the
> checker.
> 2. Is there way to determine if checker is running in testing env? And
> afterwards filter any calls to FnChecks like/clang_analyzer_eval /by
> name. As it was implemented in /CStringChecker:evalCall/.
> 3. Add special FnCheck like /clang_analyser_eval_implicit_cast(bool)/
> which is supposed to replace /clang_analyzer_eval /in cast tests.
>
> Any suggestions?
>
> Thanks, Alexey K
>
> --
> linkedin.com/profile
> <https://www.linkedin.com/profile/view?id=AAMAABn6oKQBDhBteiQnWsYm-S9yxT7wQkfWhSw>
>
> github.com/alexeyknyshev <http://github.com/alexeyknyshev>
> bitbucket.org/alexeyknyshev <https://bitbucket.org/alexeyknyshev/>
>
>
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
More information about the cfe-dev
mailing list