xref: /freebsd/contrib/llvm-project/clang/lib/StaticAnalyzer/Checkers/DebugIteratorModeling.cpp (revision 0fca6ea1d4eea4c934cfff25ac9ee8ad6fe95583) 
1480093f4SDimitry Andric //===-- DebugIteratorModeling.cpp ---------------------------------*- C++ -*--//
2480093f4SDimitry Andric //
3480093f4SDimitry Andric // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4480093f4SDimitry Andric // See https://llvm.org/LICENSE.txt for license information.
5480093f4SDimitry Andric // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6480093f4SDimitry Andric //
7480093f4SDimitry Andric //===----------------------------------------------------------------------===//
8480093f4SDimitry Andric //
9480093f4SDimitry Andric // Defines a checker for debugging iterator modeling.
10480093f4SDimitry Andric //
11480093f4SDimitry Andric //===----------------------------------------------------------------------===//
12480093f4SDimitry Andric 
13480093f4SDimitry Andric #include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h"
14480093f4SDimitry Andric #include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
15480093f4SDimitry Andric #include "clang/StaticAnalyzer/Core/Checker.h"
16349cc55cSDimitry Andric #include "clang/StaticAnalyzer/Core/PathSensitive/CallDescription.h"
17480093f4SDimitry Andric #include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h"
18480093f4SDimitry Andric #include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
19480093f4SDimitry Andric 
20480093f4SDimitry Andric #include "Iterator.h"
21480093f4SDimitry Andric 
22480093f4SDimitry Andric using namespace clang;
23480093f4SDimitry Andric using namespace ento;
24480093f4SDimitry Andric using namespace iterator;
25480093f4SDimitry Andric 
26480093f4SDimitry Andric namespace {
27480093f4SDimitry Andric 
28480093f4SDimitry Andric class DebugIteratorModeling
29480093f4SDimitry Andric   : public Checker<eval::Call> {
30480093f4SDimitry Andric 
31647cbc5dSDimitry Andric   const BugType DebugMsgBugType{this, "Checking analyzer assumptions", "debug",
32647cbc5dSDimitry Andric                                 /*SuppressOnSink=*/true};
33480093f4SDimitry Andric 
34480093f4SDimitry Andric   template <typename Getter>
35480093f4SDimitry Andric   void analyzerIteratorDataField(const CallExpr *CE, CheckerContext &C,
36480093f4SDimitry Andric                                  Getter get, SVal Default) const;
37480093f4SDimitry Andric   void analyzerIteratorPosition(const CallExpr *CE, CheckerContext &C) const;
38480093f4SDimitry Andric   void analyzerIteratorContainer(const CallExpr *CE, CheckerContext &C) const;
39480093f4SDimitry Andric   void analyzerIteratorValidity(const CallExpr *CE, CheckerContext &C) const;
40480093f4SDimitry Andric   ExplodedNode *reportDebugMsg(llvm::StringRef Msg, CheckerContext &C) const;
41480093f4SDimitry Andric 
42480093f4SDimitry Andric   typedef void (DebugIteratorModeling::*FnCheck)(const CallExpr *,
43480093f4SDimitry Andric                                                  CheckerContext &) const;
44480093f4SDimitry Andric 
45480093f4SDimitry Andric   CallDescriptionMap<FnCheck> Callbacks = {
46*0fca6ea1SDimitry Andric       {{CDM::SimpleFunc, {"clang_analyzer_iterator_position"}, 1},
47480093f4SDimitry Andric        &DebugIteratorModeling::analyzerIteratorPosition},
48*0fca6ea1SDimitry Andric       {{CDM::SimpleFunc, {"clang_analyzer_iterator_container"}, 1},
49480093f4SDimitry Andric        &DebugIteratorModeling::analyzerIteratorContainer},
50*0fca6ea1SDimitry Andric       {{CDM::SimpleFunc, {"clang_analyzer_iterator_validity"}, 1},
51480093f4SDimitry Andric        &DebugIteratorModeling::analyzerIteratorValidity},
52480093f4SDimitry Andric   };
53480093f4SDimitry Andric 
54480093f4SDimitry Andric public:
55480093f4SDimitry Andric   bool evalCall(const CallEvent &Call, CheckerContext &C) const;
56480093f4SDimitry Andric };
57480093f4SDimitry Andric 
58480093f4SDimitry Andric } // namespace
59480093f4SDimitry Andric 
evalCall(const CallEvent & Call,CheckerContext & C) const60480093f4SDimitry Andric bool DebugIteratorModeling::evalCall(const CallEvent &Call,
61480093f4SDimitry Andric                                      CheckerContext &C) const {
62480093f4SDimitry Andric   const auto *CE = dyn_cast_or_null<CallExpr>(Call.getOriginExpr());
63480093f4SDimitry Andric   if (!CE)
64480093f4SDimitry Andric     return false;
65480093f4SDimitry Andric 
66480093f4SDimitry Andric   const FnCheck *Handler = Callbacks.lookup(Call);
67480093f4SDimitry Andric   if (!Handler)
68480093f4SDimitry Andric     return false;
69480093f4SDimitry Andric 
70480093f4SDimitry Andric   (this->**Handler)(CE, C);
71480093f4SDimitry Andric   return true;
72480093f4SDimitry Andric }
73480093f4SDimitry Andric 
74480093f4SDimitry Andric template <typename Getter>
analyzerIteratorDataField(const CallExpr * CE,CheckerContext & C,Getter get,SVal Default) const75480093f4SDimitry Andric void DebugIteratorModeling::analyzerIteratorDataField(const CallExpr *CE,
76480093f4SDimitry Andric                                                       CheckerContext &C,
77480093f4SDimitry Andric                                                       Getter get,
78480093f4SDimitry Andric                                                       SVal Default) const {
79480093f4SDimitry Andric   if (CE->getNumArgs() == 0) {
80480093f4SDimitry Andric     reportDebugMsg("Missing iterator argument", C);
81480093f4SDimitry Andric     return;
82480093f4SDimitry Andric   }
83480093f4SDimitry Andric 
84480093f4SDimitry Andric   auto State = C.getState();
85480093f4SDimitry Andric   SVal V = C.getSVal(CE->getArg(0));
86480093f4SDimitry Andric   const auto *Pos = getIteratorPosition(State, V);
87480093f4SDimitry Andric   if (Pos) {
88480093f4SDimitry Andric     State = State->BindExpr(CE, C.getLocationContext(), get(Pos));
89480093f4SDimitry Andric   } else {
90480093f4SDimitry Andric     State = State->BindExpr(CE, C.getLocationContext(), Default);
91480093f4SDimitry Andric   }
92480093f4SDimitry Andric   C.addTransition(State);
93480093f4SDimitry Andric }
94480093f4SDimitry Andric 
analyzerIteratorPosition(const CallExpr * CE,CheckerContext & C) const95480093f4SDimitry Andric void DebugIteratorModeling::analyzerIteratorPosition(const CallExpr *CE,
96480093f4SDimitry Andric                                                      CheckerContext &C) const {
97480093f4SDimitry Andric   auto &BVF = C.getSValBuilder().getBasicValueFactory();
98480093f4SDimitry Andric   analyzerIteratorDataField(CE, C, [](const IteratorPosition *P) {
99480093f4SDimitry Andric       return nonloc::SymbolVal(P->getOffset());
100480093f4SDimitry Andric     }, nonloc::ConcreteInt(BVF.getValue(llvm::APSInt::get(0))));
101480093f4SDimitry Andric }
102480093f4SDimitry Andric 
analyzerIteratorContainer(const CallExpr * CE,CheckerContext & C) const103480093f4SDimitry Andric void DebugIteratorModeling::analyzerIteratorContainer(const CallExpr *CE,
104480093f4SDimitry Andric                                                       CheckerContext &C) const {
105480093f4SDimitry Andric   auto &BVF = C.getSValBuilder().getBasicValueFactory();
106480093f4SDimitry Andric   analyzerIteratorDataField(CE, C, [](const IteratorPosition *P) {
107480093f4SDimitry Andric       return loc::MemRegionVal(P->getContainer());
108480093f4SDimitry Andric     }, loc::ConcreteInt(BVF.getValue(llvm::APSInt::get(0))));
109480093f4SDimitry Andric }
110480093f4SDimitry Andric 
analyzerIteratorValidity(const CallExpr * CE,CheckerContext & C) const111480093f4SDimitry Andric void DebugIteratorModeling::analyzerIteratorValidity(const CallExpr *CE,
112480093f4SDimitry Andric                                                      CheckerContext &C) const {
113480093f4SDimitry Andric   auto &BVF = C.getSValBuilder().getBasicValueFactory();
114480093f4SDimitry Andric   analyzerIteratorDataField(CE, C, [&BVF](const IteratorPosition *P) {
115480093f4SDimitry Andric       return
116480093f4SDimitry Andric         nonloc::ConcreteInt(BVF.getValue(llvm::APSInt::get((P->isValid()))));
117480093f4SDimitry Andric     }, nonloc::ConcreteInt(BVF.getValue(llvm::APSInt::get(0))));
118480093f4SDimitry Andric }
119480093f4SDimitry Andric 
reportDebugMsg(llvm::StringRef Msg,CheckerContext & C) const120480093f4SDimitry Andric ExplodedNode *DebugIteratorModeling::reportDebugMsg(llvm::StringRef Msg,
121480093f4SDimitry Andric                                                     CheckerContext &C) const {
122480093f4SDimitry Andric   ExplodedNode *N = C.generateNonFatalErrorNode();
123480093f4SDimitry Andric   if (!N)
124480093f4SDimitry Andric     return nullptr;
125480093f4SDimitry Andric 
126480093f4SDimitry Andric   auto &BR = C.getBugReporter();
127647cbc5dSDimitry Andric   BR.emitReport(
128647cbc5dSDimitry Andric       std::make_unique<PathSensitiveBugReport>(DebugMsgBugType, Msg, N));
129480093f4SDimitry Andric   return N;
130480093f4SDimitry Andric }
131480093f4SDimitry Andric 
registerDebugIteratorModeling(CheckerManager & mgr)132480093f4SDimitry Andric void ento::registerDebugIteratorModeling(CheckerManager &mgr) {
133480093f4SDimitry Andric   mgr.registerChecker<DebugIteratorModeling>();
134480093f4SDimitry Andric }
135480093f4SDimitry Andric 
shouldRegisterDebugIteratorModeling(const CheckerManager & mgr)1365ffd83dbSDimitry Andric bool ento::shouldRegisterDebugIteratorModeling(const CheckerManager &mgr) {
137480093f4SDimitry Andric   return true;
138480093f4SDimitry Andric }
139