Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / clang / 5ef04ee40c3332d31b6d1439f50d0ddb45812929 / . / lib / StaticAnalyzer / Checkers / PthreadLockChecker.cpp
blob: 34c095f42e08469abbea50372682a53189f96939 [file] [log] [blame]
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]1//===--- PthreadLockChecker.h - Undefined arguments checker ----*- C++ -*--===//
2//
3// The LLVM Compiler Infrastructure
4//
5// This file is distributed under the University of Illinois Open Source
6// License. See LICENSE.TXT for details.
7//
8//===----------------------------------------------------------------------===//
9//
10// This defines PthreadLockChecker, a simple lock -> unlock checker. Eventually
Argyrios Kyrtzidisd2592a32010-12-22 18:53:44 +0000[diff] [blame]11// this shouldn't be registered with ExprEngineInternalChecks.
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]12//
13//===----------------------------------------------------------------------===//
14
Argyrios Kyrtzidisa0decc92011-02-15 21:25:03 +0000[diff] [blame]15#include "ClangSACheckers.h"
Argyrios Kyrtzidis695fb502011-02-17 21:39:17 +0000[diff] [blame]16#include "clang/StaticAnalyzer/Core/CheckerManager.h"
Ted Kremenek9b663712011-02-10 01:03:03 +0000[diff] [blame]17#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerVisitor.h"
18#include "clang/StaticAnalyzer/Core/BugReporter/BugReporter.h"
19#include "clang/StaticAnalyzer/Core/PathSensitive/GRStateTrait.h"
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]20#include "llvm/ADT/ImmutableSet.h"
21
22using namespace clang;
Ted Kremenek9ef65372010-12-23 07:20:52 +0000[diff] [blame]23using namespace ento;
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]24
25namespace {
Kovarththanan Rajaratnamba5fb5a2009-11-28 06:07:30 +0000[diff] [blame]26class PthreadLockChecker
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]27 : public CheckerVisitor<PthreadLockChecker> {
28 BugType *BT;
29public:
30 PthreadLockChecker() : BT(0) {}
31 static void *getTag() {
32 static int x = 0;
33 return &x;
34 }
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]35 void PostVisitCallExpr(CheckerContext &C, const CallExpr *CE);
36
37 void AcquireLock(CheckerContext &C, const CallExpr *CE,
38 SVal lock, bool isTryLock);
39
40 void ReleaseLock(CheckerContext &C, const CallExpr *CE,
41 SVal lock);
42
43};
44} // end anonymous namespace
45
46// GDM Entry for tracking lock state.
Kovarththanan Rajaratnamba5fb5a2009-11-28 06:07:30 +0000[diff] [blame]47namespace { class LockSet {}; }
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]48namespace clang {
Ted Kremenek9ef65372010-12-23 07:20:52 +0000[diff] [blame]49namespace ento {
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]50template <> struct GRStateTrait<LockSet> :
51 public GRStatePartialTrait<llvm::ImmutableSet<const MemRegion*> > {
52 static void* GDMIndex() { return PthreadLockChecker::getTag(); }
53};
Argyrios Kyrtzidis5a4f98f2010-12-22 18:53:20 +0000[diff] [blame]54} // end GR namespace
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]55} // end clang namespace
56
Argyrios Kyrtzidis695fb502011-02-17 21:39:17 +0000[diff] [blame]57static void RegisterPthreadLockChecker(ExprEngine &Eng) {
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]58 Eng.registerCheck(new PthreadLockChecker());
59}
60
Argyrios Kyrtzidis695fb502011-02-17 21:39:17 +0000[diff] [blame]61void ento::registerPthreadLockChecker(CheckerManager &mgr) {
62 mgr.addCheckerRegisterFunction(RegisterPthreadLockChecker);
63}
64
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]65
66void PthreadLockChecker::PostVisitCallExpr(CheckerContext &C,
67 const CallExpr *CE) {
68 const GRState *state = C.getState();
69 const Expr *Callee = CE->getCallee();
Ted Kremenekeb1c7a02009-11-25 01:32:22 +0000[diff] [blame]70 const FunctionTextRegion *R =
Ted Kremenek13976632010-02-08 16:18:51 +0000[diff] [blame]71 dyn_cast_or_null<FunctionTextRegion>(state->getSVal(Callee).getAsRegion());
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]72
73 if (!R)
74 return;
75
Douglas Gregor90d26a42010-11-01 23:16:05 +0000[diff] [blame]76 IdentifierInfo *II = R->getDecl()->getIdentifier();
77 if (!II) // if no identifier, not a simple C function
78 return;
79 llvm::StringRef FName = II->getName();
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]80
Ted Kremenekfe37d042009-11-12 06:26:58 +0000[diff] [blame]81 if (FName == "pthread_mutex_lock") {
82 if (CE->getNumArgs() != 1)
83 return;
Ted Kremenek13976632010-02-08 16:18:51 +0000[diff] [blame]84 AcquireLock(C, CE, state->getSVal(CE->getArg(0)), false);
Ted Kremenekfe37d042009-11-12 06:26:58 +0000[diff] [blame]85 }
86 else if (FName == "pthread_mutex_trylock") {
87 if (CE->getNumArgs() != 1)
88 return;
Ted Kremenek13976632010-02-08 16:18:51 +0000[diff] [blame]89 AcquireLock(C, CE, state->getSVal(CE->getArg(0)), true);
Ted Kremenekfe37d042009-11-12 06:26:58 +0000[diff] [blame]90 }
91 else if (FName == "pthread_mutex_unlock") {
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]92 if (CE->getNumArgs() != 1)
93 return;
Ted Kremenek13976632010-02-08 16:18:51 +0000[diff] [blame]94 ReleaseLock(C, CE, state->getSVal(CE->getArg(0)));
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]95 }
96}
97
98void PthreadLockChecker::AcquireLock(CheckerContext &C, const CallExpr *CE,
99 SVal lock, bool isTryLock) {
100
101 const MemRegion *lockR = lock.getAsRegion();
102 if (!lockR)
103 return;
104
105 const GRState *state = C.getState();
106
Ted Kremenek13976632010-02-08 16:18:51 +0000[diff] [blame]107 SVal X = state->getSVal(CE);
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]108 if (X.isUnknownOrUndef())
109 return;
110
111 DefinedSVal retVal = cast<DefinedSVal>(X);
112 const GRState *lockSucc = state;
113
114 if (isTryLock) {
115 // Bifurcate the state, and allow a mode where the lock acquisition fails.
116 const GRState *lockFail;
Ted Kremenek28f47b92010-12-01 22:16:56 +0000[diff] [blame]117 llvm::tie(lockFail, lockSucc) = state->assume(retVal);
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]118 assert(lockFail && lockSucc);
Ted Kremenekd048c6e2010-12-20 21:19:09 +0000[diff] [blame]119 C.addTransition(C.generateNode(CE, lockFail));
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]120 }
121 else {
122 // Assume that the return value was 0.
Ted Kremenek28f47b92010-12-01 22:16:56 +0000[diff] [blame]123 lockSucc = state->assume(retVal, false);
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]124 assert(lockSucc);
125 }
126
127 // Record that the lock was acquired.
128 lockSucc = lockSucc->add<LockSet>(lockR);
129
Ted Kremenekd048c6e2010-12-20 21:19:09 +0000[diff] [blame]130 C.addTransition(lockSucc != state ? C.generateNode(CE, lockSucc) :
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]131 C.getPredecessor());
132}
133
134void PthreadLockChecker::ReleaseLock(CheckerContext &C, const CallExpr *CE,
135 SVal lock) {
136
137 const MemRegion *lockR = lock.getAsRegion();
138 if (!lockR)
139 return;
140
141 const GRState *state = C.getState();
142
143 // Record that the lock was released.
144 // FIXME: Handle unlocking locks that were never acquired. This may
145 // require IPA for wrappers.
146 const GRState *unlockState = state->remove<LockSet>(lockR);
147
148 if (state == unlockState)
149 return;
150
Ted Kremenekd048c6e2010-12-20 21:19:09 +0000[diff] [blame]151 C.addTransition(C.generateNode(CE, unlockState));
Ted Kremenekac9bea82009-11-12 06:17:47 +0000[diff] [blame]152}