Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / clang / 75840e1501563fe7c3dcb5600b75965ba1fe1bc4 / . / lib / Analysis / BugReporter.cpp
blob: 294eb5faac3c19b307acb6e8b6eb03d02a11328b [file] [log] [blame]
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]1// BugReporter.cpp - Generate PathDiagnostics for Bugs ------------*- C++ -*--//
2//
3// The LLVM Compiler Infrastructure
4//
5// This file is distributed under the University of Illinois Open Source
6// License. See LICENSE.TXT for details.
7//
8//===----------------------------------------------------------------------===//
9//
10// This file defines BugReporter, a utility class for generating
11// PathDiagnostics for analyses based on GRSimpleVals.
12//
13//===----------------------------------------------------------------------===//
14
15#include "clang/Analysis/PathSensitive/BugReporter.h"
Ted Kremenek50a6d0c2008-04-09 21:41:14 +0000[diff] [blame]16#include "clang/Analysis/PathSensitive/GRExprEngine.h"
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]17#include "clang/Basic/SourceManager.h"
18#include "clang/Basic/SourceLocation.h"
19#include "clang/AST/ASTContext.h"
20#include "clang/AST/CFG.h"
21#include "clang/AST/Expr.h"
22#include "clang/Analysis/ProgramPoint.h"
23#include "clang/Analysis/PathDiagnostic.h"
24#include <sstream>
25
26using namespace clang;
27
28BugReporter::~BugReporter() {}
Ted Kremenek50a6d0c2008-04-09 21:41:14 +0000[diff] [blame]29BugType::~BugType() {}
30BugReport::~BugReport() {}
Ted Kremenek5e55cda2008-04-11 18:40:29 +0000[diff] [blame]31RangedBugReport::~RangedBugReport() {}
32
Ted Kremenek50a6d0c2008-04-09 21:41:14 +0000[diff] [blame]33ExplodedGraph<ValueState>& BugReporter::getGraph() { return Eng.getGraph(); }
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]34
35static inline Stmt* GetStmt(const ProgramPoint& P) {
36 if (const PostStmt* PS = dyn_cast<PostStmt>(&P)) {
37 return PS->getStmt();
38 }
39 else if (const BlockEdge* BE = dyn_cast<BlockEdge>(&P)) {
40 return BE->getSrc()->getTerminator();
41 }
42 else if (const BlockEntrance* BE = dyn_cast<BlockEntrance>(&P)) {
43 return BE->getFirstStmt();
44 }
45
46 assert (false && "Unsupported ProgramPoint.");
47 return NULL;
48}
49
Ted Kremenek706e3cf2008-04-07 23:35:17 +0000[diff] [blame]50static inline Stmt* GetStmt(const CFGBlock* B) {
51 assert (!B->empty());
52 return (*B)[0];
53}
54
Ted Kremenekd2f642b2008-04-14 17:39:48 +0000[diff] [blame]55Stmt* BugReport::getStmt() const {
56 return N ? GetStmt(N->getLocation()) : NULL;
57}
Ted Kremenekbd7efa82008-04-17 23:44:37 +0000[diff] [blame]58
59static inline ExplodedNode<ValueState>*
60GetNextNode(ExplodedNode<ValueState>* N) {
61 return N->pred_empty() ? NULL : *(N->pred_begin());
62}
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]63
Ted Kremenekd2f642b2008-04-14 17:39:48 +0000[diff] [blame]64
Ted Kremenekbd7efa82008-04-17 23:44:37 +0000[diff] [blame]65static Stmt* GetLastStmt(ExplodedNode<ValueState>* N) {
66 assert (isa<BlockEntrance>(N->getLocation()));
67
68 for (N = GetNextNode(N); N; N = GetNextNode(N)) {
69
70 ProgramPoint P = N->getLocation();
71
72 if (PostStmt* PS = dyn_cast<PostStmt>(&P))
73 return PS->getStmt();
74 }
75
76 return NULL;
77}
78
79PathDiagnosticPiece*
80BugReport::getEndPath(BugReporter& BR,
81 ExplodedNode<ValueState>* EndPathNode) const {
82
83 ProgramPoint ProgP = EndPathNode->getLocation();
84 Stmt *S = NULL;
85
86 if (BlockEntrance* BE = dyn_cast<BlockEntrance>(&ProgP))
87 if (BE->getBlock() == &BR.getCFG().getExit())
88 S = GetLastStmt(EndPathNode);
89 if (!S)
90 S = GetStmt(ProgP);
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]91
92 if (!S)
93 return NULL;
94
Ted Kremenekbd7efa82008-04-17 23:44:37 +0000[diff] [blame]95 FullSourceLoc L(S->getLocStart(), BR.getContext().getSourceManager());
Ted Kremenek50a6d0c2008-04-09 21:41:14 +0000[diff] [blame]96
97 PathDiagnosticPiece* P =
98 new PathDiagnosticPiece(L, getDescription());
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]99
Ted Kremenekde7161f2008-04-03 18:00:37 +0000[diff] [blame]100 const SourceRange *Beg, *End;
101 getRanges(Beg, End);
102
103 if (Beg == End) {
104 if (Expr* E = dyn_cast<Expr>(S))
105 P->addRange(E->getSourceRange());
106 }
107 else {
108 assert (Beg < End);
109 for (; Beg != End; ++Beg)
110 P->addRange(*Beg);
111 }
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]112
113 return P;
114}
115
Ted Kremenek50a6d0c2008-04-09 21:41:14 +0000[diff] [blame]116void BugReport::getRanges(const SourceRange*& beg,
Ted Kremenekd2f642b2008-04-14 17:39:48 +0000[diff] [blame]117 const SourceRange*& end) const {
Ted Kremenekf1ae7052008-04-03 17:57:38 +0000[diff] [blame]118 beg = NULL;
119 end = NULL;
120}
121
Ted Kremenekd2f642b2008-04-14 17:39:48 +0000[diff] [blame]122FullSourceLoc BugReport::getLocation(SourceManager& Mgr) {
123
124 if (!N)
125 return FullSourceLoc();
126
127 Stmt* S = GetStmt(N->getLocation());
128
129 if (!S)
130 return FullSourceLoc();
131
132 return FullSourceLoc(S->getLocStart(), Mgr);
133}
134
Ted Kremenek50a6d0c2008-04-09 21:41:14 +0000[diff] [blame]135PathDiagnosticPiece* BugReport::VisitNode(ExplodedNode<ValueState>* N,
136 ExplodedNode<ValueState>* PrevN,
137 ExplodedGraph<ValueState>& G,
138 ASTContext& Ctx) {
139 return NULL;
140}
141
142void BugReporter::GeneratePathDiagnostic(PathDiagnostic& PD,
Ted Kremenekd2f642b2008-04-14 17:39:48 +0000[diff] [blame]143 BugReport& R) {
Ted Kremenek50a6d0c2008-04-09 21:41:14 +0000[diff] [blame]144
Ted Kremenek75840e12008-04-18 01:56:37 +0000[diff] [blame^]145 ExplodedNode<ValueState>* N = R.getEndNode();
146
147 if (!N)
148 return;
Ted Kremenekd2f642b2008-04-14 17:39:48 +0000[diff] [blame]149
Ted Kremenek50a6d0c2008-04-09 21:41:14 +0000[diff] [blame]150 llvm::OwningPtr<ExplodedGraph<ValueState> > GTrim(getGraph().Trim(&N, &N+1));
Ted Kremenekbd7efa82008-04-17 23:44:37 +0000[diff] [blame]151
Ted Kremenek94826a72008-04-03 04:59:14 +0000[diff] [blame]152 // Find the sink in the trimmed graph.
153 // FIXME: Should we eventually have a sink iterator?
154
155 ExplodedNode<ValueState>* NewN = 0;
156
Ted Kremenek50a6d0c2008-04-09 21:41:14 +0000[diff] [blame]157 for (ExplodedGraph<ValueState>::node_iterator
Ted Kremenekbd7efa82008-04-17 23:44:37 +0000[diff] [blame]158 I = GTrim->nodes_begin(), E = GTrim->nodes_end(); I != E; ++I) {
Ted Kremenek94826a72008-04-03 04:59:14 +0000[diff] [blame]159
160 if (I->isSink()) {
161 NewN = &*I;
162 break;
163 }
164 }
165
166 assert (NewN);
167 assert (NewN->getLocation() == N->getLocation());
168
169 N = NewN;
Ted Kremenekbd7efa82008-04-17 23:44:37 +0000[diff] [blame]170
171 if (PathDiagnosticPiece* Piece = R.getEndPath(*this, N))
172 PD.push_back(Piece);
173 else
174 return;
Ted Kremenek6837faa2008-04-09 00:20:43 +0000[diff] [blame]175
176 ExplodedNode<ValueState>* NextNode = N->pred_empty()
177 ? NULL : *(N->pred_begin());
178
Ted Kremenekbd7efa82008-04-17 23:44:37 +0000[diff] [blame]179 SourceManager& SMgr = Ctx.getSourceManager();
180
Ted Kremenek6837faa2008-04-09 00:20:43 +0000[diff] [blame]181 while (NextNode) {
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]182
183 ExplodedNode<ValueState>* LastNode = N;
Ted Kremenek6837faa2008-04-09 00:20:43 +0000[diff] [blame]184 N = NextNode;
Ted Kremenekbd7efa82008-04-17 23:44:37 +0000[diff] [blame]185 NextNode = GetNextNode(N);
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]186
187 ProgramPoint P = N->getLocation();
188
189 if (const BlockEdge* BE = dyn_cast<BlockEdge>(&P)) {
190
191 CFGBlock* Src = BE->getSrc();
192 CFGBlock* Dst = BE->getDst();
193
194 Stmt* T = Src->getTerminator();
195
196 if (!T)
197 continue;
198
199 FullSourceLoc L(T->getLocStart(), SMgr);
200
201 switch (T->getStmtClass()) {
202 default:
203 break;
204
205 case Stmt::GotoStmtClass:
206 case Stmt::IndirectGotoStmtClass: {
207
208 Stmt* S = GetStmt(LastNode->getLocation());
209
210 if (!S)
211 continue;
212
213 std::ostringstream os;
214
215 os << "Control jumps to line "
Ted Kremenek706e3cf2008-04-07 23:35:17 +0000[diff] [blame]216 << SMgr.getLogicalLineNumber(S->getLocStart()) << ".\n";
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]217
218 PD.push_front(new PathDiagnosticPiece(L, os.str()));
219 break;
220 }
221
222 case Stmt::SwitchStmtClass: {
223
224 // Figure out what case arm we took.
225
226 Stmt* S = Dst->getLabel();
227
228 if (!S)
229 continue;
230
231 std::ostringstream os;
232
233 switch (S->getStmtClass()) {
234 default:
235 continue;
236
237 case Stmt::DefaultStmtClass: {
238
239 os << "Control jumps to the 'default' case at line "
Ted Kremenek6837faa2008-04-09 00:20:43 +0000[diff] [blame]240 << SMgr.getLogicalLineNumber(S->getLocStart()) << ".\n";
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]241
242 break;
243 }
244
245 case Stmt::CaseStmtClass: {
246
247 os << "Control jumps to 'case ";
248
249 Expr* CondE = cast<SwitchStmt>(T)->getCond();
250 unsigned bits = Ctx.getTypeSize(CondE->getType());
251
252 llvm::APSInt V1(bits, false);
253
254 CaseStmt* Case = cast<CaseStmt>(S);
255
256 if (!Case->getLHS()->isIntegerConstantExpr(V1, Ctx, 0, true)) {
257 assert (false &&
258 "Case condition must evaluate to an integer constant.");
259 continue;
260 }
261
262 os << V1.toString();
263
264 // Get the RHS of the case, if it exists.
265
266 if (Expr* E = Case->getRHS()) {
267
268 llvm::APSInt V2(bits, false);
269
270 if (!E->isIntegerConstantExpr(V2, Ctx, 0, true)) {
271 assert (false &&
272 "Case condition (RHS) must evaluate to an integer constant.");
273 continue;
274 }
275
276 os << " .. " << V2.toString();
277 }
278
279 os << ":' at line "
Ted Kremenek706e3cf2008-04-07 23:35:17 +0000[diff] [blame]280 << SMgr.getLogicalLineNumber(S->getLocStart()) << ".\n";
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]281
282 break;
283
284 }
285 }
286
287 PD.push_front(new PathDiagnosticPiece(L, os.str()));
288 break;
289 }
Ted Kremenek706e3cf2008-04-07 23:35:17 +0000[diff] [blame]290
291 case Stmt::ConditionalOperatorClass: {
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]292
Ted Kremenek706e3cf2008-04-07 23:35:17 +0000[diff] [blame]293 std::ostringstream os;
294 os << "'?' condition evaluates to ";
295
296 if (*(Src->succ_begin()+1) == Dst)
297 os << "false.";
298 else
299 os << "true.";
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]300
Ted Kremenek706e3cf2008-04-07 23:35:17 +0000[diff] [blame]301 PD.push_front(new PathDiagnosticPiece(L, os.str()));
302
303 break;
304 }
305
306 case Stmt::DoStmtClass: {
307
308 if (*(Src->succ_begin()) == Dst) {
309
310 std::ostringstream os;
311
312 os << "Loop condition is true. Execution continues on line "
313 << SMgr.getLogicalLineNumber(GetStmt(Dst)->getLocStart()) << '.';
314
315 PD.push_front(new PathDiagnosticPiece(L, os.str()));
316 }
317 else
318 PD.push_front(new PathDiagnosticPiece(L,
319 "Loop condition is false. Exiting loop."));
320
321 break;
322 }
323
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]324 case Stmt::WhileStmtClass:
Ted Kremenek706e3cf2008-04-07 23:35:17 +0000[diff] [blame]325 case Stmt::ForStmtClass: {
326
327 if (*(Src->succ_begin()+1) == Dst) {
328
329 std::ostringstream os;
330
331 os << "Loop condition is false. Execution continues on line "
332 << SMgr.getLogicalLineNumber(GetStmt(Dst)->getLocStart()) << '.';
333
334 PD.push_front(new PathDiagnosticPiece(L, os.str()));
335 }
336 else
337 PD.push_front(new PathDiagnosticPiece(L,
338 "Loop condition is true. Entering loop body."));
339
340 break;
341 }
342
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]343 case Stmt::IfStmtClass: {
344
345 if (*(Src->succ_begin()+1) == Dst)
346 PD.push_front(new PathDiagnosticPiece(L, "Taking false branch."));
347 else
348 PD.push_front(new PathDiagnosticPiece(L, "Taking true branch."));
349
350 break;
351 }
352 }
Ted Kremenek6837faa2008-04-09 00:20:43 +0000[diff] [blame]353 }
354 else
Ted Kremenek50a6d0c2008-04-09 21:41:14 +0000[diff] [blame]355 if (PathDiagnosticPiece* piece = R.VisitNode(N, NextNode, *GTrim, Ctx))
356 PD.push_front(piece);
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]357 }
358}
359
360bool BugReporter::IsCached(ExplodedNode<ValueState>* N) {
361
362 // HACK: Cache the location of the error. Don't emit the same
363 // warning for the same error type that occurs at the same program
364 // location but along a different path.
365
366 void* p = N->getLocation().getRawData();
367
368 if (CachedErrors.count(p))
369 return true;
370
371 CachedErrors.insert(p);
372
373 return false;
374}
375
Ted Kremenek75840e12008-04-18 01:56:37 +0000[diff] [blame^]376void BugReporter::EmitWarning(BugReport& R) {
377
378 if (IsCached(R.getEndNode()))
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]379 return;
Ted Kremenek75840e12008-04-18 01:56:37 +0000[diff] [blame^]380
Ted Kremenek50a6d0c2008-04-09 21:41:14 +0000[diff] [blame]381 PathDiagnostic D(R.getName());
Ted Kremenekd2f642b2008-04-14 17:39:48 +0000[diff] [blame]382 GeneratePathDiagnostic(D, R);
Ted Kremenek75840e12008-04-18 01:56:37 +0000[diff] [blame^]383
384 // Emit a full diagnostic for the path if we have a PathDiagnosticClient.
Ted Kremenek70d17222008-04-03 07:33:55 +0000[diff] [blame]385
Ted Kremenek75840e12008-04-18 01:56:37 +0000[diff] [blame^]386 if (PD && !D.empty()) {
Ted Kremenek50a6d0c2008-04-09 21:41:14 +0000[diff] [blame]387 PD->HandlePathDiagnostic(D);
Ted Kremenek75840e12008-04-18 01:56:37 +0000[diff] [blame^]388 return;
389 }
Ted Kremenekd2f642b2008-04-14 17:39:48 +0000[diff] [blame]390
Ted Kremenek75840e12008-04-18 01:56:37 +0000[diff] [blame^]391 // We don't have a PathDiagnosticClient, but we can still emit a single
392 // line diagnostic. Determine the location.
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]393
Ted Kremenek75840e12008-04-18 01:56:37 +0000[diff] [blame^]394 FullSourceLoc L = D.empty() ? R.getLocation(Ctx.getSourceManager())
395 : D.back()->getLocation();
396
397
398 // Determine the range.
Ted Kremenek5fcca682008-04-14 18:06:42 +0000[diff] [blame]399
Ted Kremenek4bb6ac22008-04-10 16:12:38 +0000[diff] [blame]400 const SourceRange *Beg, *End;
Ted Kremenek5fcca682008-04-14 18:06:42 +0000[diff] [blame]401
Ted Kremenek75840e12008-04-18 01:56:37 +0000[diff] [blame^]402 if (!D.empty()) {
403 Beg = D.back()->ranges_begin();
404 End = D.back()->ranges_end();
405 }
406 else
407 R.getRanges(Beg, End);
408
409 // Compute the message.
Ted Kremenek5fcca682008-04-14 18:06:42 +0000[diff] [blame]410
Ted Kremenek75840e12008-04-18 01:56:37 +0000[diff] [blame^]411 std::ostringstream os;
412 os << "[CHECKER] ";
413
414 if (D.empty())
415 os << R.getDescription();
416 else
417 os << D.back()->getString();
418
419 unsigned ErrorDiag = Diag.getCustomDiagID(Diagnostic::Warning,
420 os.str().c_str());
421
422 Diag.Report(L, ErrorDiag, NULL, 0, Beg, End - Beg);
Ted Kremenek61f3e052008-04-03 04:42:52 +0000[diff] [blame]423}