[analyzer] Migrate ArrayBoundCheckerV2 to CheckerV2.
Turns -analyzer-check-buffer-overflows into -analyzer-checker=core.experimental.Overflow
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126609 91177308-0d34-0410-b5e6-96231b3b80d8
diff --git a/include/clang/Driver/CC1Options.td b/include/clang/Driver/CC1Options.td
index a5240bf..46f5916 100644
--- a/include/clang/Driver/CC1Options.td
+++ b/include/clang/Driver/CC1Options.td
@@ -46,8 +46,6 @@
HelpText<"Warn about uses of uninitialized variables">;
def analysis_ObjCMemChecker : Flag<"-analyzer-check-objc-mem">,
HelpText<"Run the [Core] Foundation reference count checker">;
-def analysis_WarnBufferOverflows : Flag<"-analyzer-check-buffer-overflows">,
- HelpText<"Warn about buffer overflows">;
def analyzer_store : Separate<"-analyzer-store">,
HelpText<"Source Code Analysis - Abstract Memory Store Models">;
diff --git a/include/clang/Frontend/AnalyzerOptions.h b/include/clang/Frontend/AnalyzerOptions.h
index ad42dae..ae1b290 100644
--- a/include/clang/Frontend/AnalyzerOptions.h
+++ b/include/clang/Frontend/AnalyzerOptions.h
@@ -69,7 +69,6 @@
unsigned AnalyzerDisplayProgress : 1;
unsigned AnalyzeNestedBlocks : 1;
unsigned EagerlyAssume : 1;
- unsigned BufferOverflows : 1;
unsigned PurgeDead : 1;
unsigned TrimGraph : 1;
unsigned VisualizeEGDot : 1;
@@ -90,7 +89,6 @@
AnalyzerDisplayProgress = 0;
AnalyzeNestedBlocks = 0;
EagerlyAssume = 0;
- BufferOverflows = 0;
PurgeDead = 1;
TrimGraph = 0;
VisualizeEGDot = 0;
diff --git a/lib/Frontend/CompilerInvocation.cpp b/lib/Frontend/CompilerInvocation.cpp
index e4fb0bd..6600ff9 100644
--- a/lib/Frontend/CompilerInvocation.cpp
+++ b/lib/Frontend/CompilerInvocation.cpp
@@ -112,8 +112,6 @@
Res.push_back("-analyzer-viz-egraph-graphviz");
if (Opts.VisualizeEGDot)
Res.push_back("-analyzer-viz-egraph-ubigraph");
- if (Opts.BufferOverflows)
- Res.push_back("-analyzer-check-buffer-overflows");
for (unsigned i = 0, e = Opts.CheckersControlList.size(); i != e; ++i) {
const std::pair<std::string, bool> &opt = Opts.CheckersControlList[i];
@@ -875,7 +873,6 @@
Opts.MaxLoop = Args.getLastArgIntValue(OPT_analyzer_max_loop, 4, Diags);
Opts.EagerlyTrimEGraph = !Args.hasArg(OPT_analyzer_no_eagerly_trim_egraph);
Opts.InlineCall = Args.hasArg(OPT_analyzer_inline_call);
- Opts.BufferOverflows = Args.hasArg(OPT_analysis_WarnBufferOverflows);
Opts.CheckersControlList.clear();
for (arg_iterator it = Args.filtered_begin(OPT_analyzer_checker,
diff --git a/lib/StaticAnalyzer/Checkers/ArrayBoundCheckerV2.cpp b/lib/StaticAnalyzer/Checkers/ArrayBoundCheckerV2.cpp
index f803d27..bfea54e 100644
--- a/lib/StaticAnalyzer/Checkers/ArrayBoundCheckerV2.cpp
+++ b/lib/StaticAnalyzer/Checkers/ArrayBoundCheckerV2.cpp
@@ -12,9 +12,11 @@
//
//===----------------------------------------------------------------------===//
-#include "InternalChecks.h"
+#include "ClangSACheckers.h"
+#include "clang/StaticAnalyzer/Core/CheckerV2.h"
+#include "clang/StaticAnalyzer/Core/CheckerManager.h"
+#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
#include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
-#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerVisitor.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/ExprEngine.h"
#include "clang/AST/CharUnits.h"
@@ -23,18 +25,16 @@
namespace {
class ArrayBoundCheckerV2 :
- public CheckerVisitor<ArrayBoundCheckerV2> {
- BuiltinBug *BT;
+ public CheckerV2<check::Location> {
+ mutable llvm::OwningPtr<BuiltinBug> BT;
enum OOB_Kind { OOB_Precedes, OOB_Excedes };
void reportOOB(CheckerContext &C, const GRState *errorState,
- OOB_Kind kind);
+ OOB_Kind kind) const;
public:
- ArrayBoundCheckerV2() : BT(0) {}
- static void *getTag() { static int x = 0; return &x; }
- void visitLocation(CheckerContext &C, const Stmt *S, SVal l, bool isLoad);
+ void checkLocation(SVal l, bool isLoad, CheckerContext &C) const;
};
// FIXME: Eventually replace RegionRawOffset with this class.
@@ -62,13 +62,8 @@
};
}
-void ento::RegisterArrayBoundCheckerV2(ExprEngine &Eng) {
- Eng.registerCheck(new ArrayBoundCheckerV2());
-}
-
-void ArrayBoundCheckerV2::visitLocation(CheckerContext &checkerContext,
- const Stmt *S,
- SVal location, bool isLoad) {
+void ArrayBoundCheckerV2::checkLocation(SVal location, bool isLoad,
+ CheckerContext &checkerContext) const {
// NOTE: Instead of using GRState::assumeInBound(), we are prototyping
// some new logic here that reasons directly about memory region extents.
@@ -153,14 +148,14 @@
void ArrayBoundCheckerV2::reportOOB(CheckerContext &checkerContext,
const GRState *errorState,
- OOB_Kind kind) {
+ OOB_Kind kind) const {
ExplodedNode *errorNode = checkerContext.generateSink(errorState);
if (!errorNode)
return;
if (!BT)
- BT = new BuiltinBug("Out-of-bound access");
+ BT.reset(new BuiltinBug("Out-of-bound access"));
// FIXME: This diagnostics are preliminary. We should get far better
// diagnostics for explaining buffer overruns.
@@ -274,4 +269,6 @@
}
-
+void ento::registerArrayBoundCheckerV2(CheckerManager &mgr) {
+ mgr.registerChecker<ArrayBoundCheckerV2>();
+}
diff --git a/lib/StaticAnalyzer/Checkers/Checkers.td b/lib/StaticAnalyzer/Checkers/Checkers.td
index 1ed8434..801efef 100644
--- a/lib/StaticAnalyzer/Checkers/Checkers.td
+++ b/lib/StaticAnalyzer/Checkers/Checkers.td
@@ -134,6 +134,12 @@
let Group = AllExperimental in {
+def ArrayBoundCheckerV2 : Checker<"Overflow">,
+ InPackage<CoreExperimental>,
+ HelpText<"Warn about buffer overflows">,
+ DescFile<"ArrayBoundCheckerV2.cpp">,
+ Hidden; // Must be specified explicitly in order to run.
+
def MallocChecker : Checker<"Malloc">,
InPackage<CoreExperimental>,
HelpText<"Check for potential memory leaks, double free, and use-after-free problems">,
diff --git a/lib/StaticAnalyzer/Checkers/InternalChecks.h b/lib/StaticAnalyzer/Checkers/InternalChecks.h
index e7c38ee..3845a69 100644
--- a/lib/StaticAnalyzer/Checkers/InternalChecks.h
+++ b/lib/StaticAnalyzer/Checkers/InternalChecks.h
@@ -23,7 +23,6 @@
// Foundational checks that handle basic semantics.
void RegisterAdjustedReturnValueChecker(ExprEngine &Eng);
-void RegisterArrayBoundCheckerV2(ExprEngine &Eng);
void RegisterAttrNonNullChecker(ExprEngine &Eng);
void RegisterBuiltinFunctionChecker(ExprEngine &Eng);
void RegisterCallAndMessageChecker(ExprEngine &Eng);
diff --git a/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp b/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp
index 50afdef..26ee040 100644
--- a/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp
+++ b/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp
@@ -31,7 +31,6 @@
#include "clang/StaticAnalyzer/Core/PathDiagnosticClients.h"
// FIXME: Restructure checker registration.
-#include "../Checkers/InternalChecks.h"
#include "../Checkers/BasicObjCFoundationChecks.h"
#include "clang/Basic/FileManager.h"
@@ -340,9 +339,6 @@
RegisterNSErrorChecks(Eng.getBugReporter(), Eng, *D);
- if (C.Opts.BufferOverflows)
- RegisterArrayBoundCheckerV2(Eng);
-
// Set the graph auditor.
llvm::OwningPtr<ExplodedNode::Auditor> Auditor;
if (mgr.shouldVisualizeUbigraph()) {
diff --git a/test/Analysis/out-of-bounds.c b/test/Analysis/out-of-bounds.c
index b8d6e44..c4d1f4b 100644
--- a/test/Analysis/out-of-bounds.c
+++ b/test/Analysis/out-of-bounds.c
@@ -1,4 +1,4 @@
-// RUN: %clang_cc1 -Wno-array-bounds -analyze -analyzer-check-objc-mem -analyzer-check-buffer-overflows -verify %s
+// RUN: %clang_cc1 -Wno-array-bounds -analyze -analyzer-check-objc-mem -analyzer-checker=core.experimental.Overflow -verify %s
// Tests doing an out-of-bounds access after the end of an array using:
// - constant integer index