[analyzer] Use explicit call description mode in MIGChecker #91331
Conversation
This commit explicitly specifies the matching mode (C library function, any non-method function, or C++ method) for the `CallDescription`s constructed in the checker `osx.MIG`. The code was simplified to use a `CallDescriptionMap` instead of a raw vector of pairs. This change won't cause major functional changes, but isn't NFC because it ensures that e.g. call descriptions for a non-method function won't accidentally match a method that has the same name. Separate commits have already performed this change in other checkers: - easy cases: e2f1cba, 6d64f8e - MallocChecker: d6d84b5 - iterator checkers: 06eedff - InvalidPtr checker: 024281d - apiModeling.llvm.ReturnValue: 97dd8e3 ... and follow-up commits will handle the remaining few checkers. My goal is to ensure that the call description mode is always explicitly specified and eliminate (or strongly restrict) the vague "may be either a method or a simple function" mode that's the current default.
llvmbot
added
clang
|
@llvm/pr-subscribers-clang-static-analyzer-1 @llvm/pr-subscribers-clang Author: Donát Nagy (NagyDonat) ChangesThis commit explicitly specifies the matching mode (C library function, any non-method function, or C++ method) for the The code was simplified to use a This change won't cause major functional changes, but isn't NFC because it ensures that e.g. call descriptions for a non-method function won't accidentally match a method that has the same name. Separate commits have already performed this change in other checkers:
... and follow-up commits will handle the remaining few checkers. My goal is to ensure that the call description mode is always explicitly specified and eliminate (or strongly restrict) the vague "may be either a method or a simple function" mode that's the current default. Full diff: https://github.com/llvm/llvm-project/pull/91331.diff 1 Files Affected:
diff --git a/clang/lib/StaticAnalyzer/Checkers/MIGChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/MIGChecker.cpp
index 153a0a51e98024..9757a00f1fb2f6 100644
--- a/clang/lib/StaticAnalyzer/Checkers/MIGChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/MIGChecker.cpp
@@ -46,13 +46,13 @@ class MIGChecker : public Checker<check::PostCall, check::PreStmt<ReturnStmt>,
// additionally an argument of a MIG routine, the checker keeps track of that
// information and issues a warning when an error is returned from the
// respective routine.
- std::vector<std::pair<CallDescription, unsigned>> Deallocators = {
+ CallDescriptionMap<unsigned> Deallocators = {
#define CALL(required_args, deallocated_arg, ...) \
- {{{__VA_ARGS__}, required_args}, deallocated_arg}
- // E.g., if the checker sees a C function 'vm_deallocate' that is
- // defined on class 'IOUserClient' that has exactly 3 parameters, it knows
- // that argument #1 (starting from 0, i.e. the second argument) is going
- // to be consumed in the sense of the MIG consume-on-success convention.
+ {{CDM::SimpleFunc, {__VA_ARGS__}, required_args}, deallocated_arg}
+ // E.g., if the checker sees a C function 'vm_deallocate' that has
+ // exactly 3 parameters, it knows that argument #1 (starting from 0, i.e.
+ // the second argument) is going to be consumed in the sense of the MIG
+ // consume-on-success convention.
CALL(3, 1, "vm_deallocate"),
CALL(3, 1, "mach_vm_deallocate"),
CALL(2, 0, "mig_deallocate"),
@@ -78,6 +78,9 @@ class MIGChecker : public Checker<check::PostCall, check::PreStmt<ReturnStmt>,
CALL(1, 0, "thread_inspect_deallocate"),
CALL(1, 0, "upl_deallocate"),
CALL(1, 0, "vm_map_deallocate"),
+#undef CALL
+#define CALL(required_args, deallocated_arg, ...) \
+ {{CDM::CXXMethod, {__VA_ARGS__}, required_args}, deallocated_arg}
// E.g., if the checker sees a method 'releaseAsyncReference64()' that is
// defined on class 'IOUserClient' that takes exactly 1 argument, it knows
// that the argument is going to be consumed in the sense of the MIG
@@ -87,7 +90,7 @@ class MIGChecker : public Checker<check::PostCall, check::PreStmt<ReturnStmt>,
#undef CALL
};
- CallDescription OsRefRetain{{"os_ref_retain"}, 1};
+ CallDescription OsRefRetain{CDM::SimpleFunc, {"os_ref_retain"}, 1};
void checkReturnAux(const ReturnStmt *RS, CheckerContext &C) const;
@@ -198,15 +201,12 @@ void MIGChecker::checkPostCall(const CallEvent &Call, CheckerContext &C) const {
if (!isInMIGCall(C))
return;
- auto I = llvm::find_if(Deallocators,
- [&](const std::pair<CallDescription, unsigned> &Item) {
- return Item.first.matches(Call);
- });
- if (I == Deallocators.end())
+ const unsigned *ArgIdxPtr = Deallocators.lookup(Call);
+ if (!ArgIdxPtr)
return;
ProgramStateRef State = C.getState();
- unsigned ArgIdx = I->second;
+ unsigned ArgIdx = *ArgIdxPtr;
SVal Arg = Call.getArgSVal(ArgIdx);
const ParmVarDecl *PVD = getOriginParam(Arg, C);
if (!PVD || State->contains<RefCountedParameters>(PVD))
|
| @@ -87,7 +90,7 @@ class MIGChecker : public Checker<check::PostCall, check::PreStmt<ReturnStmt>, | |||
| #undef CALL | |||
| }; | |||
|
|
|||
| CallDescription OsRefRetain{{"os_ref_retain"}, 1}; | |||
| CallDescription OsRefRetain{CDM::SimpleFunc, {"os_ref_retain"}, 1}; | |||
There was a problem hiding this comment.
CDM::SimpleFunc is used instead of CDM::CLibrary because there might be some headers that declare os_ref_retain as a static and non-inline function -- e.g. random internet search provided this source file.
There was a problem hiding this comment.
Yes, this is a plain C function. Definitely not builtin. May or may not come from system headers depending on what we're compiling.
| // defined on class 'IOUserClient' that has exactly 3 parameters, it knows | ||
| // that argument #1 (starting from 0, i.e. the second argument) is going | ||
| // to be consumed in the sense of the MIG consume-on-success convention. | ||
| {{CDM::SimpleFunc, {__VA_ARGS__}, required_args}, deallocated_arg} |
There was a problem hiding this comment.
CDM::SimpleFunc is used for the sake of consistency with the case of os_ref_retain (and because I'm not familiar with this MIG calling convention).
| @@ -87,7 +90,7 @@ class MIGChecker : public Checker<check::PostCall, check::PreStmt<ReturnStmt>, | |||
| #undef CALL | |||
| }; | |||
|
|
|||
| CallDescription OsRefRetain{{"os_ref_retain"}, 1}; | |||
| CallDescription OsRefRetain{CDM::SimpleFunc, {"os_ref_retain"}, 1}; | |||
There was a problem hiding this comment.
Yes, this is a plain C function. Definitely not builtin. May or may not come from system headers depending on what we're compiling.
This commit explicitly specifies the matching mode (C library function, any non-method function, or C++ method) for the
CallDescriptions constructed in the checkerosx.MIG.The code was simplified to use a
CallDescriptionMapinstead of a raw vector of pairs.This change won't cause major functional changes, but isn't NFC because it ensures that e.g. call descriptions for a non-method function won't accidentally match a method that has the same name.
Separate commits have already performed this change in other checkers:
... and follow-up commits will handle the remaining few checkers.
My goal is to ensure that the call description mode is always explicitly specified and eliminate (or strongly restrict) the vague "may be either a method or a simple function" mode that's the current default.