[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb added a comment. There are 105 alarms running the checker on the LibreOffice, 92 True positive, 13 not sure. https://reviews.llvm.org/D34275 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 112196.
wangxindsb added a comment.
- Highlight pure virtual even in non-pure-only mode;
- Add change to the header.
https://reviews.llvm.org/D34275
Files:
lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp
test/Analysis/virtualcall.cpp
test/Analysis/virtualcall.h
Index: test/Analysis/virtualcall.h
===
--- test/Analysis/virtualcall.h
+++ test/Analysis/virtualcall.h
@@ -1,36 +1,14 @@
-#ifdef AS_SYSTEM
-#pragma clang system_header
-
-namespace system {
- class A {
- public:
-A() {
- foo(); // no-warning
-}
-
-virtual int foo();
- };
-}
-
-#else
-
namespace header {
- class A {
+ class Z {
public:
-A() {
+Z() {
foo();
#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
+ // expected-warning-re@-2 ^}}Call to virtual function during construction}}
+ // expected-note-re@-3 ^}}This constructor of an object of type 'Z' has not returned when the virtual method was called}}
+ // expected-note-re@-4 ^}}Call to virtual function during construction}}
#endif
-
}
-
virtual int foo();
};
}
-
-#endif
Index: test/Analysis/virtualcall.cpp
===
--- test/Analysis/virtualcall.cpp
+++ test/Analysis/virtualcall.cpp
@@ -1,98 +1,83 @@
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-output=text -verify -std=c++11 %s
+
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -analyzer-output=text -verify -std=c++11 %s
+
+#include "virtualcall.h"
class A {
public:
A();
- A(int i);
- ~A() {};
-
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
+ ~A(){};
+
+ virtual int foo() = 0;
virtual void bar() = 0;
void f() {
foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
-#endif
+ // expected-warning-re@-1 ^}}Call to pure virtual function during construction}}
+ // expected-note-re@-2 ^}}Call to pure virtual function during construction}}
}
};
class B : public A {
public:
- B() {
-foo();
+ B() { // expected-note {{Calling default constructor for 'A'}}
+foo();
#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
+ // expected-warning-re@-2 ^}}Call to virtual function during construction}}
+ // expected-note-re@-3 ^}}This constructor of an object of type 'B' has not returned when the virtual method was called}}
+ // expected-note-re@-4 ^}}Call to virtual function during construction}}
#endif
-#endif
-
}
~B();
-
+
virtual int foo();
- virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
+ virtual void bar() {
+foo();
+#if !PUREONLY
+ // expected-warning-re@-2 ^}}Call to virtual function during destruction}}
+ // expected-note-re@-3 ^}}Call to virtual function during destruction}}
#endif
+ }
};
-A::A() {
- f();
-}
-
-A::A(int i) {
- foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- //
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb added a comment. @NoQ In https://reviews.llvm.org/D34275#847434, @NoQ wrote: > Most importantly, do you think we can enable the checker by default now? Was > this checker evaluated on any large codebase, and if so, how many true/false > positives did it find, probably compared to the old checker? I am now runing the checker to check the build of firefox, llvm and libreoffice. There are no alarms on the building of firefox and llvm. When use scan-build to check the building of libreoffice, the scan-build failed (this may because the scan-build. Enable or not enable the virtualcallchecker, the build failed all the same, but when I just build the libreoffice and not run the scan-build, the build worked well) and there are 105 alarms about the virtual function in ctors/dtors, I am evaluating these alarms now. https://reviews.llvm.org/D34275 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 112110.
wangxindsb added a comment.
- Fix the errors of the tests;
- Add `-analyzer-output=text` to the run-line;
- Change the message of the visitor's diagnostic piece.
https://reviews.llvm.org/D34275
Files:
lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp
test/Analysis/virtualcall.cpp
Index: test/Analysis/virtualcall.cpp
===
--- test/Analysis/virtualcall.cpp
+++ test/Analysis/virtualcall.cpp
@@ -1,98 +1,86 @@
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-output=text -verify -std=c++11 %s
+
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -analyzer-output=text -verify -std=c++11 %s
class A {
public:
A();
- A(int i);
- ~A() {};
-
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
+ ~A(){};
+
+ virtual int foo() = 0;
virtual void bar() = 0;
void f() {
foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
+#if PUREONLY
+ // expected-warning-re@-2 ^}}Call to pure virtual function during construction}}
+ // expected-note-re@-3 ^}}Call to pure virtual function during construction}}
+#else
+ // expected-warning-re@-5 ^}}Call to virtual function during construction}}
+ // expected-note-re@-6 ^}}Call to virtual function during construction}}
#endif
}
};
class B : public A {
public:
- B() {
-foo();
+ B() { // expected-note {{Calling default constructor for 'A'}}
+foo();
#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
+ // expected-warning-re@-2 ^}}Call to virtual function during construction}}
+ // expected-note-re@-3 ^}}This constructor of an object of type 'B' has not returned when the virtual method was called}}
+ // expected-note-re@-4 ^}}Call to virtual function during construction}}
#endif
-#endif
-
}
~B();
-
+
virtual int foo();
- virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
+ virtual void bar() {
+foo();
+#if !PUREONLY
+ // expected-warning-re@-2 ^}}Call to virtual function during destruction}}
+ // expected-note-re@-3 ^}}Call to virtual function during destruction}}
#endif
+ }
};
-A::A() {
- f();
-}
-
-A::A(int i) {
- foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- // expected-warning-re@-4 ^}}Call to pure virtual function during construction has undefined behavior}}
-#endif
+A::A() {
+ f();
+// expected-note-re@-1 ^}}This constructor of an object of type 'A' has not returned when the virtual method was called}}
+// expected-note-re@-2 ^}}Calling 'A::f'}}
}
B::~B() {
this->B::foo(); // no-warning
this->B::bar();
- this->foo();
#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during destruction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during destruction will not dispatch to derived class}}
+ // expected-note-re@-2 ^}}This destructor of an object of type '~B' has not returned when the virtual method was called}}
+ // expected-note-re@-3 ^}}Calling 'B::bar'}}
#endif
+ this->foo();
+#if !PUREONLY
+ // expected-warning-re@-2
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb added inline comments. Comment at: lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp:31 +} // end namespace + // FIXME: Ascending over StackFrameContext maybe another method. + Add the FIXME https://reviews.llvm.org/D34275 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 111862.
wangxindsb added a comment.
- Rename reportbug();
- Change message "Pure function" to "pure virtual function";
- Fixing: expected-warning;
https://reviews.llvm.org/D34275
Files:
lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp
test/Analysis/virtualcall.cpp
Index: test/Analysis/virtualcall.cpp
===
--- test/Analysis/virtualcall.cpp
+++ test/Analysis/virtualcall.cpp
@@ -1,99 +1,56 @@
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall
+// -analyzer-store region -verify -std=c++11 %s
+
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall
+// -analyzer-store region -analyzer-config
+// optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
class A {
public:
A();
- A(int i);
- ~A() {};
-
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
+ ~A(){};
+
+ virtual int foo() = 0;
virtual void bar() = 0;
void f() {
-foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
-#endif
+foo(); // expected-warning{{Call to virtual function during construction}}
}
};
class B : public A {
public:
B() {
-foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
-
+foo(); // expected-warning{{Call to virtual function during construction}}
}
~B();
-
+
virtual int foo();
- virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
-#endif
+ virtual void bar() {
+foo();
+ } // expected-warning{{Call to virtual function during destruction}}
};
-A::A() {
- f();
-}
-
-A::A(int i) {
- foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- // expected-warning-re@-4 ^}}Call to pure virtual function during construction has undefined behavior}}
-#endif
-}
+A::A() { f(); }
B::~B() {
this->B::foo(); // no-warning
this->B::bar();
- this->foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during destruction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during destruction will not dispatch to derived class}}
-#endif
-#endif
-
+ this->foo(); // expected-warning{{Call to virtual function during
+ // destruction}}
}
class C : public B {
public:
C();
~C();
-
+
virtual int foo();
void f(int i);
};
C::C() {
- f(foo());
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
+ f(foo()); // expected-warning{{Call to virtual function during construction}}
}
class D : public B {
@@ -115,27 +72,100 @@
int foo() override;
};
-// Regression test: don't crash when there's no direct callee.
class F {
public:
F() {
-void (F::* ptr)() = ::foo;
+void (F::*ptr)() = ::foo;
(this->*ptr)();
}
void foo();
};
-int main() {
- A *a;
- B *b;
- C *c;
- D *d;
- E *e;
- F *f;
+class G {
+public:
+ G() {}
+ virtual void bar();
+ void foo() {
+bar(); // no warning
+ }
+};
+
+class H {
+public:
+ H() : initState(0) { init(); }
+ int initState;
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 111806.
wangxindsb added a comment.
+enum class ObjectState : bool { CtorCalled, DtorCalled };
+} // end namespace
Add namespace closing comment.
https://reviews.llvm.org/D34275
Files:
lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp
test/Analysis/virtualcall.cpp
Index: test/Analysis/virtualcall.cpp
===
--- test/Analysis/virtualcall.cpp
+++ test/Analysis/virtualcall.cpp
@@ -1,79 +1,43 @@
// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
class A {
public:
A();
- A(int i);
~A() {};
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
- virtual void bar() = 0;
+ virtual int foo()=0;
+ virtual void bar()=0;
void f() {
foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
-#endif
+// expected-warning:Call to virtual function during construction
}
};
class B : public A {
public:
B() {
foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
-
+// expected-warning:Call to virtual function during construction
}
~B();
virtual int foo();
virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
-#endif
+ // expected-warning:Call to virtual function during destruction
};
A::A() {
f();
}
-A::A(int i) {
- foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- // expected-warning-re@-4 ^}}Call to pure virtual function during construction has undefined behavior}}
-#endif
-}
-
B::~B() {
this->B::foo(); // no-warning
this->B::bar();
this->foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during destruction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during destruction will not dispatch to derived class}}
-#endif
-#endif
-
+ // expected-warning:Call to virtual function during destruction
}
class C : public B {
@@ -87,13 +51,7 @@
C::C() {
f(foo());
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
+ // expected-warning:Call to virtual function during construction
}
class D : public B {
@@ -103,7 +61,8 @@
}
~D() { bar(); }
int foo() final;
- void bar() final { foo(); } // no-warning
+ void bar() final { foo(); }
+ // no-warning
};
class E final : public B {
@@ -115,7 +74,6 @@
int foo() override;
};
-// Regression test: don't crash when there's no direct callee.
class F {
public:
F() {
@@ -125,17 +83,103 @@
void foo();
};
-int main() {
- A *a;
- B *b;
- C *c;
- D *d;
- E *e;
- F *f;
+class G {
+public:
+ G() {}
+ virtual void bar();
+ void foo() {
+bar();
+ // no warning
+ }
+};
+
+class H{
+public:
+ H() : initState(0) { init(); }
+ int initState;
+ virtual void f() const;
+ void init() {
+if (initState)
+ f();
+ // no warning
+ }
+
+ H(int i) {
+G g;
+g.foo();
+g.bar();
+
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 110899.
wangxindsb added a comment.
Fix the Assertion Failed when run the checker to check the building of
LibreOffice.
https://reviews.llvm.org/D34275
Files:
lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp
test/Analysis/virtualcall.cpp
Index: test/Analysis/virtualcall.cpp
===
--- test/Analysis/virtualcall.cpp
+++ test/Analysis/virtualcall.cpp
@@ -1,79 +1,43 @@
// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
class A {
public:
A();
- A(int i);
~A() {};
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
- virtual void bar() = 0;
+ virtual int foo()=0;
+ virtual void bar()=0;
void f() {
foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
-#endif
+// expected-warning:Call to virtual function during construction
}
};
class B : public A {
public:
B() {
foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
-
+// expected-warning:Call to virtual function during construction
}
~B();
virtual int foo();
virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
-#endif
+ // expected-warning:Call to virtual function during destruction
};
A::A() {
f();
}
-A::A(int i) {
- foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- // expected-warning-re@-4 ^}}Call to pure virtual function during construction has undefined behavior}}
-#endif
-}
-
B::~B() {
this->B::foo(); // no-warning
this->B::bar();
this->foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during destruction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during destruction will not dispatch to derived class}}
-#endif
-#endif
-
+ // expected-warning:Call to virtual function during destruction
}
class C : public B {
@@ -87,13 +51,7 @@
C::C() {
f(foo());
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
+ // expected-warning:Call to virtual function during construction
}
class D : public B {
@@ -103,7 +61,8 @@
}
~D() { bar(); }
int foo() final;
- void bar() final { foo(); } // no-warning
+ void bar() final { foo(); }
+ // no-warning
};
class E final : public B {
@@ -115,7 +74,6 @@
int foo() override;
};
-// Regression test: don't crash when there's no direct callee.
class F {
public:
F() {
@@ -125,17 +83,103 @@
void foo();
};
-int main() {
- A *a;
- B *b;
- C *c;
- D *d;
- E *e;
- F *f;
+class G {
+public:
+ G() {}
+ virtual void bar();
+ void foo() {
+bar();
+ // no warning
+ }
+};
+
+class H{
+public:
+ H() : initState(0) { init(); }
+ int initState;
+ virtual void f() const;
+ void init() {
+if (initState)
+ f();
+ // no warning
+ }
+
+ H(int i) {
+G g;
+g.foo();
+g.bar();
+ // no warning
+f();
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 108236.
wangxindsb added a comment.
- Change the bugtype, just like the older checker.
https://reviews.llvm.org/D34275
Files:
lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp
test/Analysis/virtualcall.cpp
Index: test/Analysis/virtualcall.cpp
===
--- test/Analysis/virtualcall.cpp
+++ test/Analysis/virtualcall.cpp
@@ -1,79 +1,43 @@
// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
class A {
public:
A();
- A(int i);
~A() {};
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
- virtual void bar() = 0;
+ virtual int foo()=0;
+ virtual void bar()=0;
void f() {
foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
-#endif
+// expected-warning:Call to virtual function during construction
}
};
class B : public A {
public:
B() {
foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
-
+// expected-warning:Call to virtual function during construction
}
~B();
virtual int foo();
virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
-#endif
+ // expected-warning:Call to virtual function during destruction
};
A::A() {
f();
}
-A::A(int i) {
- foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- // expected-warning-re@-4 ^}}Call to pure virtual function during construction has undefined behavior}}
-#endif
-}
-
B::~B() {
this->B::foo(); // no-warning
this->B::bar();
this->foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during destruction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during destruction will not dispatch to derived class}}
-#endif
-#endif
-
+ // expected-warning:Call to virtual function during destruction
}
class C : public B {
@@ -87,13 +51,7 @@
C::C() {
f(foo());
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
+ // expected-warning:Call to virtual function during construction
}
class D : public B {
@@ -103,7 +61,8 @@
}
~D() { bar(); }
int foo() final;
- void bar() final { foo(); } // no-warning
+ void bar() final { foo(); }
+ // no-warning
};
class E final : public B {
@@ -115,7 +74,6 @@
int foo() override;
};
-// Regression test: don't crash when there's no direct callee.
class F {
public:
F() {
@@ -125,17 +83,103 @@
void foo();
};
-int main() {
- A *a;
- B *b;
- C *c;
- D *d;
- E *e;
- F *f;
+class G {
+public:
+ G() {}
+ virtual void bar();
+ void foo() {
+bar();
+ // no warning
+ }
+};
+
+class H{
+public:
+ H() : initState(0) { init(); }
+ int initState;
+ virtual void f() const;
+ void init() {
+if (initState)
+ f();
+ // no warning
+ }
+
+ H(int i) {
+G g;
+g.foo();
+g.bar();
+ // no warning
+f();
+ // expected-warning:Call to
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 106654.
wangxindsb marked an inline comment as done.
wangxindsb added a comment.
- Change two maps to one map.
- Move the declarations of PSM and SVB after the next early return.
- Delete the variable std::string DeclName.
- Delete last return in reportbug().
https://reviews.llvm.org/D34275
Files:
lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp
test/Analysis/virtualcall.cpp
Index: test/Analysis/virtualcall.cpp
===
--- test/Analysis/virtualcall.cpp
+++ test/Analysis/virtualcall.cpp
@@ -1,79 +1,43 @@
// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
class A {
public:
A();
- A(int i);
~A() {};
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
- virtual void bar() = 0;
+ virtual int foo()=0;
+ virtual void bar()=0;
void f() {
foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
-#endif
+// expected-warning:Call to virtual function during construction
}
};
class B : public A {
public:
B() {
foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
-
+// expected-warning:Call to virtual function during construction
}
~B();
virtual int foo();
virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
-#endif
+ // expected-warning:Call to virtual function during destruction
};
A::A() {
f();
}
-A::A(int i) {
- foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- // expected-warning-re@-4 ^}}Call to pure virtual function during construction has undefined behavior}}
-#endif
-}
-
B::~B() {
this->B::foo(); // no-warning
this->B::bar();
this->foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during destruction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during destruction will not dispatch to derived class}}
-#endif
-#endif
-
+ // expected-warning:Call to virtual function during destruction
}
class C : public B {
@@ -87,13 +51,7 @@
C::C() {
f(foo());
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
+ // expected-warning:Call to virtual function during construction
}
class D : public B {
@@ -103,7 +61,8 @@
}
~D() { bar(); }
int foo() final;
- void bar() final { foo(); } // no-warning
+ void bar() final { foo(); }
+ // no-warning
};
class E final : public B {
@@ -115,7 +74,6 @@
int foo() override;
};
-// Regression test: don't crash when there's no direct callee.
class F {
public:
F() {
@@ -125,17 +83,103 @@
void foo();
};
-int main() {
- A *a;
- B *b;
- C *c;
- D *d;
- E *e;
- F *f;
+class G {
+public:
+ G() {}
+ virtual void bar();
+ void foo() {
+bar();
+ // no warning
+ }
+};
+
+class H{
+public:
+ H() : initState(0) { init(); }
+ int initState;
+ virtual void f() const;
+ void init() {
+
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb marked 5 inline comments as done.
wangxindsb added inline comments.
Comment at: lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp:72
+REGISTER_MAP_WITH_PROGRAMSTATE(CtorMap, const MemRegion *, bool)
+REGISTER_MAP_WITH_PROGRAMSTATE(DtorMap, const MemRegion *, bool)
+
xazax.hun wrote:
> I was wondering if there is another way to represent the state.
> We could have a two element (bool based) enum class like:
> ```
> enum class ObjectState : bool {
> CtorCalled,
> DtorCalled
> };
> ```
>
> Se we could have only one map in the GDM. Either the destructor is called for
> an object or the constructor. Or in case none of them is called on a path,
> the state is empty. What do you think?
>
Yes, it's better than the previous two maps.
https://reviews.llvm.org/D34275
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 106243.
wangxindsb added a comment.
- Change function name to start with a lower case letter.
- Use `StringRef` instead of `const char * ' for ReportBug() const.
- Correct the braces for single statement blocks.
https://reviews.llvm.org/D34275
Files:
lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp
test/Analysis/virtualcall.cpp
Index: test/Analysis/virtualcall.cpp
===
--- test/Analysis/virtualcall.cpp
+++ test/Analysis/virtualcall.cpp
@@ -1,79 +1,43 @@
// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
class A {
public:
A();
- A(int i);
~A() {};
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
- virtual void bar() = 0;
+ virtual int foo()=0;
+ virtual void bar()=0;
void f() {
foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
-#endif
+// expected-warning:Call to virtual function during construction
}
};
class B : public A {
public:
B() {
foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
-
+// expected-warning:Call to virtual function during construction
}
~B();
virtual int foo();
virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
-#endif
+ // expected-warning:Call to virtual function during destruction
};
A::A() {
f();
}
-A::A(int i) {
- foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- // expected-warning-re@-4 ^}}Call to pure virtual function during construction has undefined behavior}}
-#endif
-}
-
B::~B() {
this->B::foo(); // no-warning
this->B::bar();
this->foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during destruction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during destruction will not dispatch to derived class}}
-#endif
-#endif
-
+ // expected-warning:Call to virtual function during destruction
}
class C : public B {
@@ -87,13 +51,7 @@
C::C() {
f(foo());
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
+ // expected-warning:Call to virtual function during construction
}
class D : public B {
@@ -103,7 +61,8 @@
}
~D() { bar(); }
int foo() final;
- void bar() final { foo(); } // no-warning
+ void bar() final { foo(); }
+ // no-warning
};
class E final : public B {
@@ -115,7 +74,6 @@
int foo() override;
};
-// Regression test: don't crash when there's no direct callee.
class F {
public:
F() {
@@ -125,17 +83,100 @@
void foo();
};
-int main() {
- A *a;
- B *b;
- C *c;
- D *d;
- E *e;
- F *f;
+class G {
+public:
+ G() {}
+ virtual void bar();
+ void foo() {
+bar();
+ // no warning
+ }
+};
+
+class H{
+public:
+ H() : initState(0) { init(); }
+ int initState;
+ virtual void f() const;
+ void init() {
+if (initState)
+ f();
+ // no warning
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 106204.
wangxindsb added a comment.
- Change IsVirtualCall(const CallExpr *CE) to be a free static function.
- Rename some variables.
- Improve the BugReporterVisitor, enclose the declaration names in single
quotes.
- Hoist getSValBuilder() from the if statements.
- Fix some code duplications.
- Use the CXXMemberCall instead CXXInstanceCall in the CheckPreCall.
- Remove IsVirtualCall(CE) from if statements.
- Fix the error of the visitnode() method which may throw a wrong call graph
for the code blow.
class Y {
public:
virtual void foobar();
Y() {
F f1;
foobar();
}
};
Previous visitnode() will issue the virtual function called from the F();
Current visitnode() fix this bug.
https://reviews.llvm.org/D34275
Files:
lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp
test/Analysis/virtualcall.cpp
Index: test/Analysis/virtualcall.cpp
===
--- test/Analysis/virtualcall.cpp
+++ test/Analysis/virtualcall.cpp
@@ -1,79 +1,43 @@
// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
class A {
public:
A();
- A(int i);
~A() {};
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
- virtual void bar() = 0;
+ virtual int foo()=0;
+ virtual void bar()=0;
void f() {
foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
-#endif
+// expected-warning:Call to virtual function during construction
}
};
class B : public A {
public:
B() {
foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
-
+// expected-warning:Call to virtual function during construction
}
~B();
virtual int foo();
virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
-#endif
+ // expected-warning:Call to virtual function during destruction
};
A::A() {
f();
}
-A::A(int i) {
- foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- // expected-warning-re@-4 ^}}Call to pure virtual function during construction has undefined behavior}}
-#endif
-}
-
B::~B() {
this->B::foo(); // no-warning
this->B::bar();
this->foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during destruction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during destruction will not dispatch to derived class}}
-#endif
-#endif
-
+ // expected-warning:Call to virtual function during destruction
}
class C : public B {
@@ -87,13 +51,7 @@
C::C() {
f(foo());
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
+ // expected-warning:Call to virtual function during construction
}
class D : public B {
@@ -103,7 +61,8 @@
}
~D() { bar(); }
int foo() final;
- void bar() final { foo(); } // no-warning
+ void bar() final { foo(); }
+ // no-warning
};
class E final : public B {
@@ -115,7 +74,6 @@
int
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb added a comment. Look forward to your review. https://reviews.llvm.org/D34275 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 105760.
wangxindsb marked an inline comment as done.
wangxindsb added a comment.
- Use the map of object to ctor/dtor to check the virtual call.
- Use CXXInstanceCall and getCXXThisVal method to get the 'this' instead of
getThisSVal().
- Correct some format errors.
https://reviews.llvm.org/D34275
Files:
lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp
test/Analysis/virtualcall.cpp
Index: test/Analysis/virtualcall.cpp
===
--- test/Analysis/virtualcall.cpp
+++ test/Analysis/virtualcall.cpp
@@ -1,79 +1,43 @@
// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
class A {
public:
A();
- A(int i);
~A() {};
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
- virtual void bar() = 0;
+ virtual int foo()=0;
+ virtual void bar()=0;
void f() {
foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
-#endif
+// expected-warning:Call to virtual function during construction
}
};
class B : public A {
public:
B() {
foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
-
+// expected-warning:Call to virtual function during construction
}
~B();
virtual int foo();
virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
-#endif
+ // expected-warning:Call to virtual function during destruction
};
A::A() {
f();
}
-A::A(int i) {
- foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- // expected-warning-re@-4 ^}}Call to pure virtual function during construction has undefined behavior}}
-#endif
-}
-
B::~B() {
this->B::foo(); // no-warning
this->B::bar();
this->foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during destruction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during destruction will not dispatch to derived class}}
-#endif
-#endif
-
+ // expected-warning:Call to virtual function during destruction
}
class C : public B {
@@ -87,13 +51,7 @@
C::C() {
f(foo());
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
+ // expected-warning:Call to virtual function during construction
}
class D : public B {
@@ -103,7 +61,8 @@
}
~D() { bar(); }
int foo() final;
- void bar() final { foo(); } // no-warning
+ void bar() final { foo(); }
+ // no-warning
};
class E final : public B {
@@ -115,7 +74,6 @@
int foo() override;
};
-// Regression test: don't crash when there's no direct callee.
class F {
public:
F() {
@@ -125,17 +83,96 @@
void foo();
};
-int main() {
- A *a;
- B *b;
- C *c;
- D *d;
- E *e;
- F *f;
+class G {
+public:
+ virtual void bar();
+ void foo() {
+bar();
+ // no warning
+ }
+};
+
+class H{
+public:
+ H() : initState(0) { init(); }
+ int initState;
+ virtual void f() const;
+ void init() {
+if
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 105737.
wangxindsb added a comment.
- Change the two bugtype to one.
- Use the generateErrorNode() for the pure virtual call.
- Change the test case for the new expression.
https://reviews.llvm.org/D34275
Files:
lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp
test/Analysis/virtualcall.cpp
Index: test/Analysis/virtualcall.cpp
===
--- test/Analysis/virtualcall.cpp
+++ test/Analysis/virtualcall.cpp
@@ -1,79 +1,43 @@
// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
class A {
public:
A();
- A(int i);
~A() {};
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
- virtual void bar() = 0;
+ virtual int foo()=0;
+ virtual void bar()=0;
void f() {
foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
-#endif
+// expected-warning:Call to virtual function during construction
}
};
class B : public A {
public:
B() {
foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
-
+// expected-warning:Call to virtual function during construction
}
~B();
virtual int foo();
virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
-#endif
+ // expected-warning:Call to virtual function during destruction
};
A::A() {
f();
}
-A::A(int i) {
- foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- // expected-warning-re@-4 ^}}Call to pure virtual function during construction has undefined behavior}}
-#endif
-}
-
B::~B() {
this->B::foo(); // no-warning
this->B::bar();
this->foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during destruction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during destruction will not dispatch to derived class}}
-#endif
-#endif
-
+ // expected-warning:Call to virtual function during destruction
}
class C : public B {
@@ -87,13 +51,7 @@
C::C() {
f(foo());
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
+ // expected-warning:Call to virtual function during construction
}
class D : public B {
@@ -103,7 +61,8 @@
}
~D() { bar(); }
int foo() final;
- void bar() final { foo(); } // no-warning
+ void bar() final { foo(); }
+ // no-warning
};
class E final : public B {
@@ -115,7 +74,6 @@
int foo() override;
};
-// Regression test: don't crash when there's no direct callee.
class F {
public:
F() {
@@ -125,17 +83,96 @@
void foo();
};
-int main() {
- A *a;
- B *b;
- C *c;
- D *d;
- E *e;
- F *f;
+class G {
+public:
+ virtual void bar();
+ void foo() {
+bar();
+ // no warning
+ }
+};
+
+class H{
+public:
+ H() : initState(0) { init(); }
+ int initState;
+ virtual void f() const;
+ void init() {
+if (initState)
+ f();
+ // no warning
+ }
+
+ H(int i) {
+G g;
+g.foo();
+
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 105738.
wangxindsb added a comment.
- Change the two bugtype to one.
- Use the generateErrorNode() for the pure virtual call.
- Change the test case for the new expression.
https://reviews.llvm.org/D34275
Files:
lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp
test/Analysis/virtualcall.cpp
Index: test/Analysis/virtualcall.cpp
===
--- test/Analysis/virtualcall.cpp
+++ test/Analysis/virtualcall.cpp
@@ -1,79 +1,43 @@
// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
class A {
public:
A();
- A(int i);
~A() {};
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
- virtual void bar() = 0;
+ virtual int foo()=0;
+ virtual void bar()=0;
void f() {
foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
-#endif
+// expected-warning:Call to virtual function during construction
}
};
class B : public A {
public:
B() {
foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
-
+// expected-warning:Call to virtual function during construction
}
~B();
virtual int foo();
virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
-#endif
+ // expected-warning:Call to virtual function during destruction
};
A::A() {
f();
}
-A::A(int i) {
- foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- // expected-warning-re@-4 ^}}Call to pure virtual function during construction has undefined behavior}}
-#endif
-}
-
B::~B() {
this->B::foo(); // no-warning
this->B::bar();
this->foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during destruction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during destruction will not dispatch to derived class}}
-#endif
-#endif
-
+ // expected-warning:Call to virtual function during destruction
}
class C : public B {
@@ -87,13 +51,7 @@
C::C() {
f(foo());
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
+ // expected-warning:Call to virtual function during construction
}
class D : public B {
@@ -103,7 +61,8 @@
}
~D() { bar(); }
int foo() final;
- void bar() final { foo(); } // no-warning
+ void bar() final { foo(); }
+ // no-warning
};
class E final : public B {
@@ -115,7 +74,6 @@
int foo() override;
};
-// Regression test: don't crash when there's no direct callee.
class F {
public:
F() {
@@ -125,17 +83,96 @@
void foo();
};
-int main() {
- A *a;
- B *b;
- C *c;
- D *d;
- E *e;
- F *f;
+class G {
+public:
+ virtual void bar();
+ void foo() {
+bar();
+ // no warning
+ }
+};
+
+class H{
+public:
+ H() : initState(0) { init(); }
+ int initState;
+ virtual void f() const;
+ void init() {
+if (initState)
+ f();
+ // no warning
+ }
+
+ H(int i) {
+G g;
+g.foo();
+
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb added inline comments.
Comment at: lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp:332
+// Check the base of the callexpr is equal to the this of the ctor
+bool VirtualCallChecker::isCalledbyCtor(const CallExpr *CE,ProgramStateRef
State,const LocationContext *LCtx) const {
+ if (const MemberExpr *CME = dyn_cast(CE->getCallee())) {
xazax.hun wrote:
> Maybe instead of callExpr, you should get CXXInstanceCall, which has a
> getCXXThisVal method.
I tried to use the CXXInstanceCall, but I can't use it to get the expr which
call the function.
https://reviews.llvm.org/D34275
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 105440.
wangxindsb added a comment.
- Rename the BugType.
- Correct the code style to be clang format.
- Rename the arguments to start with uppercase letter.
- Add the support to check for the constructor called by the New expr.
You don't need to put effort to review the code, because I will make some
changes to the bug report system and the GDM of the checker which has not been
done now.
https://reviews.llvm.org/D34275
Files:
lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp
test/Analysis/virtualcall.cpp
Index: test/Analysis/virtualcall.cpp
===
--- test/Analysis/virtualcall.cpp
+++ test/Analysis/virtualcall.cpp
@@ -1,79 +1,43 @@
// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
class A {
public:
A();
- A(int i);
~A() {};
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
- virtual void bar() = 0;
+ virtual int foo()=0;
+ virtual void bar()=0;
void f() {
foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
-#endif
+// expected-warning:Call to virtual function during construction
}
};
class B : public A {
public:
B() {
foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
-
+// expected-warning:Call to virtual function during construction
}
~B();
virtual int foo();
virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
-#endif
+ // expected-warning:Call to virtual function during destruction
};
A::A() {
f();
}
-A::A(int i) {
- foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- // expected-warning-re@-4 ^}}Call to pure virtual function during construction has undefined behavior}}
-#endif
-}
-
B::~B() {
this->B::foo(); // no-warning
this->B::bar();
this->foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during destruction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during destruction will not dispatch to derived class}}
-#endif
-#endif
-
+ // expected-warning:Call to virtual function during destruction
}
class C : public B {
@@ -87,13 +51,7 @@
C::C() {
f(foo());
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
+ // expected-warning:Call to virtual function during construction
}
class D : public B {
@@ -103,7 +61,8 @@
}
~D() { bar(); }
int foo() final;
- void bar() final { foo(); } // no-warning
+ void bar() final { foo(); }
+ // no-warning
};
class E final : public B {
@@ -115,7 +74,6 @@
int foo() override;
};
-// Regression test: don't crash when there's no direct callee.
class F {
public:
F() {
@@ -125,17 +83,90 @@
void foo();
};
-int main() {
- A *a;
- B *b;
- C *c;
- D *d;
- E *e;
- F *f;
-}
+class G {
+public:
+ virtual void bar();
+ void foo() {
+bar();
+ // no warning
+
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 104201.
wangxindsb marked an inline comment as done.
wangxindsb added a comment.
-Fix the bug of the virtual call during a function call of the object.
-Add flag for the PUREONLY.
https://reviews.llvm.org/D34275
Files:
lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp
test/Analysis/virtualcall.cpp
Index: test/Analysis/virtualcall.cpp
===
--- test/Analysis/virtualcall.cpp
+++ test/Analysis/virtualcall.cpp
@@ -1,79 +1,43 @@
// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
class A {
public:
A();
- A(int i);
~A() {};
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
- virtual void bar() = 0;
+ virtual int foo()=0;
+ virtual void bar()=0;
void f() {
foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
-#endif
+// expected-warning:Call to virtual function during construction
}
};
class B : public A {
public:
B() {
foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
-
+// expected-warning:Call to virtual function during construction
}
~B();
virtual int foo();
virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
-#endif
+ // expected-warning:Call to virtual function during destruction
};
A::A() {
f();
}
-A::A(int i) {
- foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- // expected-warning-re@-4 ^}}Call to pure virtual function during construction has undefined behavior}}
-#endif
-}
-
B::~B() {
this->B::foo(); // no-warning
this->B::bar();
this->foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during destruction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during destruction will not dispatch to derived class}}
-#endif
-#endif
-
+ // expected-warning:Call to virtual function during destruction
}
class C : public B {
@@ -87,13 +51,7 @@
C::C() {
f(foo());
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
+ // expected-warning:Call to virtual function during construction
}
class D : public B {
@@ -103,7 +61,8 @@
}
~D() { bar(); }
int foo() final;
- void bar() final { foo(); } // no-warning
+ void bar() final { foo(); }
+ // no-warning
};
class E final : public B {
@@ -115,7 +74,6 @@
int foo() override;
};
-// Regression test: don't crash when there's no direct callee.
class F {
public:
F() {
@@ -125,17 +83,88 @@
void foo();
};
-int main() {
- A *a;
- B *b;
- C *c;
- D *d;
- E *e;
- F *f;
-}
+class G {
+public:
+ virtual void bar();
+ void foo() {
+bar();
+ // no warning
+ }
+};
+
+class H{
+public:
+ H() : initState(0) { init(); }
+ int initState;
+ virtual void f() const;
+ void init() {
+if (initState)
+ f();
+ // no warning
+ }
+
+ H(int i) {
+G g;
+
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 103832.
wangxindsb added a comment.
Add license to VirtualCallChecker.cpp
https://reviews.llvm.org/D34275
Files:
lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp
test/Analysis/virtualcall.cpp
Index: test/Analysis/virtualcall.cpp
===
--- test/Analysis/virtualcall.cpp
+++ test/Analysis/virtualcall.cpp
@@ -1,79 +1,49 @@
// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
class A {
public:
A();
A(int i);
~A() {};
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
- virtual void bar() = 0;
+ virtual int foo(); // from Sema: expected-note {{'foo' declared here}}
+ virtual void bar();
void f() {
foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
-#endif
+// expected-warning:Call to virtual function during construction
}
};
class B : public A {
public:
B() {
foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
-
+// expected-warning:Call to virtual function during construction
}
~B();
virtual int foo();
virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
-#endif
+ // expected-warning:Call to virtual function during destruction
};
A::A() {
f();
}
A::A(int i) {
foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- // expected-warning-re@-4 ^}}Call to pure virtual function during construction has undefined behavior}}
-#endif
+ // expected-warning:Call to virtual function during construction
}
B::~B() {
this->B::foo(); // no-warning
this->B::bar();
this->foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during destruction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during destruction will not dispatch to derived class}}
-#endif
-#endif
-
+ // expected-warning:Call to virtual function during destruction
}
class C : public B {
@@ -87,13 +57,7 @@
C::C() {
f(foo());
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
+ // expected-warning:Call to virtual function during construction
}
class D : public B {
@@ -115,7 +79,6 @@
int foo() override;
};
-// Regression test: don't crash when there's no direct callee.
class F {
public:
F() {
@@ -125,17 +88,68 @@
void foo();
};
-int main() {
- A *a;
- B *b;
- C *c;
- D *d;
- E *e;
- F *f;
-}
+class G {
+public:
+ virtual void bar();
+ void foo() {
+bar();
+ // no warning
+ }
+};
-#include "virtualcall.h"
+class H{
+public:
+ H() : initState(0) { init(); }
+ int initState;
+ virtual void f() const;
+ void init() {
+if (initState)
+ f();
+ // no warning
+ }
-#define AS_SYSTEM
-#include "virtualcall.h"
-#undef AS_SYSTEM
+ H(int i) {
+G g;
+g.foo();
+g.bar();
+ // no warning
+f();
+ // expected-warning:Call to
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb added a comment.
> Oh, I think I see how it works now. How about:
>
>
> struct A;
> struct X {
> void callFooOfA(A*);
> };
> struct A {
> A() {
> X x;
> x.virtualMethod(); // this virtual call is ok
> x.callFooOfA(this)
> }
> virtual foo();
> };
> void X::callFooOfA(A* a) {
> a->foo(); // Would be good to warn here.
> }
> int main() {
> A a;
> }
Yes, you are right, the checker doesn't warn on the //a->foo();//. I will fix
this error soon.
Thanks,
Xin
https://reviews.llvm.org/D34275
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 103214.
wangxindsb added a comment.
Correct some error in VirtualCallChecker.cpp.
Complete the test case.
https://reviews.llvm.org/D34275
Files:
lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp
test/Analysis/virtualcall.cpp
Index: test/Analysis/virtualcall.cpp
===
--- test/Analysis/virtualcall.cpp
+++ test/Analysis/virtualcall.cpp
@@ -1,79 +1,49 @@
// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
+// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
class A {
public:
A();
A(int i);
~A() {};
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
- virtual void bar() = 0;
+ virtual int foo(); // from Sema: expected-note {{'foo' declared here}}
+ virtual void bar();
void f() {
foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
-#endif
+// expected-warning:Call to virtual function during construction
}
};
class B : public A {
public:
B() {
foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
-
+// expected-warning:Call to virtual function during construction
}
~B();
virtual int foo();
virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
-#endif
+ // expected-warning:Call to virtual function during destruction
};
A::A() {
f();
}
A::A(int i) {
foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- // expected-warning-re@-4 ^}}Call to pure virtual function during construction has undefined behavior}}
-#endif
+ // expected-warning:Call to virtual function during construction
}
B::~B() {
this->B::foo(); // no-warning
this->B::bar();
this->foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during destruction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during destruction will not dispatch to derived class}}
-#endif
-#endif
-
+ // expected-warning:Call to virtual function during destruction
}
class C : public B {
@@ -87,13 +57,7 @@
C::C() {
f(foo());
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
+ // expected-warning:Call to virtual function during construction
}
class D : public B {
@@ -115,7 +79,6 @@
int foo() override;
};
-// Regression test: don't crash when there's no direct callee.
class F {
public:
F() {
@@ -125,17 +88,68 @@
void foo();
};
-int main() {
- A *a;
- B *b;
- C *c;
- D *d;
- E *e;
- F *f;
-}
+class G {
+public:
+ virtual void bar();
+ void foo() {
+bar();
+ // no warning
+ }
+};
-#include "virtualcall.h"
+class H{
+public:
+ H() : initState(0) { init(); }
+ int initState;
+ virtual void f() const;
+ void init() {
+if (initState)
+ f();
+ // no warning
+ }
-#define AS_SYSTEM
-#include "virtualcall.h"
-#undef AS_SYSTEM
+ H(int i) {
+G g;
+g.foo();
+g.bar();
+ // no warning
+f();
+
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb marked 5 inline comments as done.
wangxindsb added inline comments.
Comment at: VirtualCallChecker.cpp:260
+ if (SFC->inTopFrame()) {
+ const FunctionDecl *FD = SFC->getDecl()->getAsFunction();
+if (!FD)
xazax.hun wrote:
> The formatting seems to be off here I recommend using clang format.
Sorry, can you explain what this means?
https://reviews.llvm.org/D34275
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 103199.
wangxindsb added a comment.
Add run line in the test case.
https://reviews.llvm.org/D34275
Files:
lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp
test/Analysis/virtualcall.cpp
Index: test/Analysis/virtualcall.cpp
===
--- test/Analysis/virtualcall.cpp
+++ test/Analysis/virtualcall.cpp
@@ -1,79 +1,49 @@
// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
class A {
public:
A();
A(int i);
~A() {};
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
- virtual void bar() = 0;
+ virtual int foo()=0; // from Sema: expected-note {{'foo' declared here}}
+ virtual void bar()=0;
void f() {
foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
-#endif
+// expected-warning:Call to virtual function during construction
}
};
class B : public A {
public:
B() {
foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
-
+// expected-warning:Call to virtual function during construction
}
~B();
virtual int foo();
virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
-#endif
+ // expected-warning:Call to virtual function during destruction
};
A::A() {
f();
}
A::A(int i) {
foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- // expected-warning-re@-4 ^}}Call to pure virtual function during construction has undefined behavior}}
-#endif
+ // expected-warning:Call to virtual function during construction
}
B::~B() {
this->B::foo(); // no-warning
this->B::bar();
this->foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during destruction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during destruction will not dispatch to derived class}}
-#endif
-#endif
-
+ // expected-warning:Call to virtual function during destruction
}
class C : public B {
@@ -87,13 +57,7 @@
C::C() {
f(foo());
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
+ // expected-warning:Call to virtual function during construction
}
class D : public B {
@@ -115,7 +79,6 @@
int foo() override;
};
-// Regression test: don't crash when there's no direct callee.
class F {
public:
F() {
@@ -125,17 +88,65 @@
void foo();
};
-int main() {
- A *a;
- B *b;
- C *c;
- D *d;
- E *e;
- F *f;
-}
+class G {
+public:
+ virtual void bar();
+ void foo() {
+bar();
+ // no warning
+ }
+};
+
+class H{
+public:
+ H() : initState(0) { init(); }
+ int initState;
+ virtual void f() const;
+ void init() {
+if (initState)
+ f();
+ // no warning
+ }
-#include "virtualcall.h"
+ H(int i) {
+G g;
+g.foo();
+g.bar();
+ // no warning
+f();
+ // expected-warning:Call to virtual function during construction
+H& h = *this;
+h.f();
+ // expected-warning:Call to virtual function during construction
+ }
+};
+
+class X {
+public:
+ X() {
+g();
+ // expected-warning:Call to virtual function during
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 103196.
wangxindsb added a comment.
Add test case for the virtual call checker.
https://reviews.llvm.org/D34275
Files:
lib/StaticAnalyzer/Checkers/VirtualCallChecker.cpp
test/Analysis/virtualcall.cpp
Index: test/Analysis/virtualcall.cpp
===
--- test/Analysis/virtualcall.cpp
+++ test/Analysis/virtualcall.cpp
@@ -1,79 +1,45 @@
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
-
class A {
public:
A();
A(int i);
~A() {};
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
- virtual void bar() = 0;
+ virtual int foo()=0; // from Sema: expected-note {{'foo' declared here}}
+ virtual void bar()=0;
void f() {
foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
-#endif
+// expected-warning:Call to virtual function during construction
}
};
class B : public A {
public:
B() {
foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
-
+// expected-warning:Call to virtual function during construction
}
~B();
virtual int foo();
virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
-#endif
+ // expected-warning:Call to virtual function during destruction
};
A::A() {
f();
}
A::A(int i) {
foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- // expected-warning-re@-4 ^}}Call to pure virtual function during construction has undefined behavior}}
-#endif
+ // expected-warning:Call to virtual function during construction
}
B::~B() {
this->B::foo(); // no-warning
this->B::bar();
this->foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during destruction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during destruction will not dispatch to derived class}}
-#endif
-#endif
-
+ // expected-warning:Call to virtual function during destruction
}
class C : public B {
@@ -87,13 +53,7 @@
C::C() {
f(foo());
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
+ // expected-warning:Call to virtual function during construction
}
class D : public B {
@@ -115,7 +75,6 @@
int foo() override;
};
-// Regression test: don't crash when there's no direct callee.
class F {
public:
F() {
@@ -125,17 +84,65 @@
void foo();
};
-int main() {
- A *a;
- B *b;
- C *c;
- D *d;
- E *e;
- F *f;
-}
+class G {
+public:
+ virtual void bar();
+ void foo() {
+bar();
+ // no warning
+ }
+};
-#include "virtualcall.h"
+class H{
+public:
+ H() : initState(0) { init(); }
+ int initState;
+ virtual void f() const;
+ void init() {
+if (initState)
+ f();
+ // no warning
+ }
-#define AS_SYSTEM
-#include "virtualcall.h"
-#undef AS_SYSTEM
+ H(int i) {
+G g;
+g.foo();
+g.bar();
+ // no warning
+f();
+ // expected-warning:Call to virtual function during construction
+H& h = *this;
+h.f();
+ // expected-warning:Call to virtual function during construction
+ }
+};
+
+class X {
+public:
+ X() {
+
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb added a comment.
> What about:
>
> struct A {
> A() {
> X x;
> x.virtualMethod(); // this virtual call is ok
> foo(); // should warn here
> }
> virtual foo();
> }
> int main() {
> A a;
> }
>
>
> Does the checker warn on the second call?
Yes, the checker warn on the second call.
https://reviews.llvm.org/D34275
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb added a comment.
> I do not see any test cases for this patch. Could you add them as well?
I add the test case just now.
> How do you handle the following case?
>
> struct A {
> A() {
> X x;
> x.virtualMethod(); // this virtual call is ok
> }
> }
> int main() {
> A a;
> }
I use the checker to check the code above, the checker works as expect and
doesn't throw the warning.
https://reviews.llvm.org/D34275
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb updated this revision to Diff 103180.
wangxindsb added a comment.
Add test case for the patch
https://reviews.llvm.org/D34275
Files:
virtualcall.cpp
Index: virtualcall.cpp
===
--- virtualcall.cpp
+++ virtualcall.cpp
@@ -1,79 +1,45 @@
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:Interprocedural=true -DINTERPROCEDURAL=1 -verify -std=c++11 %s
-// RUN: %clang_analyze_cc1 -analyzer-checker=optin.cplusplus.VirtualCall -analyzer-store region -analyzer-config optin.cplusplus.VirtualCall:PureOnly=true -DPUREONLY=1 -verify -std=c++11 %s
-
-/* When INTERPROCEDURAL is set, we expect diagnostics in all functions reachable
- from a constructor or destructor. If it is not set, we expect diagnostics
- only in the constructor or destructor.
-
- When PUREONLY is set, we expect diagnostics only for calls to pure virtual
- functions not to non-pure virtual functions.
-*/
-
class A {
public:
A();
A(int i);
~A() {};
- virtual int foo() = 0; // from Sema: expected-note {{'foo' declared here}}
- virtual void bar() = 0;
+ virtual int foo()=0; // from Sema: expected-note {{'foo' declared here}}
+ virtual void bar()=0;
void f() {
foo();
-#if INTERPROCEDURAL
-// expected-warning-re@-2 ^}}Call Path : foo <-- fCall to pure virtual function during construction has undefined behavior}}
-#endif
+// expected-warning:Call to virtual function during construction
}
};
class B : public A {
public:
B() {
foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
-// expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
-// expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
-
+// expected-warning:Call to virtual function during construction
}
~B();
virtual int foo();
virtual void bar() { foo(); }
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : foo <-- barCall to virtual function during destruction will not dispatch to derived class}}
-#endif
+ // expected-warning:Call to virtual function during destruction
};
A::A() {
f();
}
A::A(int i) {
foo(); // From Sema: expected-warning {{call to pure virtual member function 'foo' has undefined behavior}}
-#if INTERPROCEDURAL
- // expected-warning-re@-2 ^}}Call Path : fooCall to pure virtual function during construction has undefined behavior}}
-#else
- // expected-warning-re@-4 ^}}Call to pure virtual function during construction has undefined behavior}}
-#endif
+ // expected-warning:Call to virtual function during construction
}
B::~B() {
this->B::foo(); // no-warning
this->B::bar();
this->foo();
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during destruction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during destruction will not dispatch to derived class}}
-#endif
-#endif
-
+ // expected-warning:Call to virtual function during destruction
}
class C : public B {
@@ -87,13 +53,7 @@
C::C() {
f(foo());
-#if !PUREONLY
-#if INTERPROCEDURAL
- // expected-warning-re@-3 ^}}Call Path : fooCall to virtual function during construction will not dispatch to derived class}}
-#else
- // expected-warning-re@-5 ^}}Call to virtual function during construction will not dispatch to derived class}}
-#endif
-#endif
+ // expected-warning:Call to virtual function during construction
}
class D : public B {
@@ -115,7 +75,6 @@
int foo() override;
};
-// Regression test: don't crash when there's no direct callee.
class F {
public:
F() {
@@ -125,17 +84,65 @@
void foo();
};
-int main() {
- A *a;
- B *b;
- C *c;
- D *d;
- E *e;
- F *f;
-}
+class G {
+public:
+ virtual void bar();
+ void foo() {
+bar();
+ // no warning
+ }
+};
-#include "virtualcall.h"
+class H{
+public:
+ H() : initState(0) { init(); }
+ int initState;
+ virtual void f() const;
+ void init() {
+if (initState)
+ f();
+ // no warning
+ }
-#define AS_SYSTEM
-#include "virtualcall.h"
-#undef AS_SYSTEM
+ H(int i) {
+G g;
+g.foo();
+g.bar();
+ // no warning
+f();
+ // expected-warning:Call to virtual function during construction
+H& h = *this;
+h.f();
+ // expected-warning:Call to virtual function during construction
+ }
+};
+
+class X {
+public:
+ X() {
+g();
+ // expected-warning:Call to virtual function during construction
+ }
+ X(int i) {
+if (i > 0) {
+ X
[PATCH] D34275: [analyzer] Re-implemente current virtual calls checker in a path-sensitive way
wangxindsb created this revision.
This implement a path-sensitive checker that warns if virtual calls are made
from constructors and destructors.
The checker use the GDM (generic data map) to store three integers in the
program state for constructors, destructors and objects. Once enter one of
these is entered, increase the corresponding integer, once leave, decrease the
corresponding integer. In a PreCall callback, the checker first check if a
virtual method is called and the GDM meets the conditions, if yes, a warning
will be issued.
The checker also include a bug reporter visitor to add an extra note when the
last constructor/destructor was called before the call to the virtual function.
https://reviews.llvm.org/D34275
Files:
VirtualCallChecker.cpp
Index: VirtualCallChecker.cpp
===
--- VirtualCallChecker.cpp
+++ VirtualCallChecker.cpp
@@ -14,279 +14,269 @@
#include "ClangSACheckers.h"
#include "clang/AST/DeclCXX.h"
-#include "clang/AST/StmtVisitor.h"
#include "clang/StaticAnalyzer/Core/BugReporter/BugReporter.h"
+#include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
#include "clang/StaticAnalyzer/Core/Checker.h"
-#include "clang/StaticAnalyzer/Core/PathSensitive/AnalysisManager.h"
-#include "llvm/ADT/SmallString.h"
-#include "llvm/Support/SaveAndRestore.h"
-#include "llvm/Support/raw_ostream.h"
+#include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h"
+#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
+#include "clang/StaticAnalyzer/Core/PathSensitive/ProgramStateTrait.h"
+#include "clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h"
using namespace clang;
using namespace ento;
namespace {
-class WalkAST : public StmtVisitor {
- const CheckerBase *Checker;
- BugReporter
- AnalysisDeclContext *AC;
-
- /// The root constructor or destructor whose callees are being analyzed.
- const CXXMethodDecl *RootMethod = nullptr;
-
- /// Whether the checker should walk into bodies of called functions.
- /// Controlled by the "Interprocedural" analyzer-config option.
- bool IsInterprocedural = false;
-
- /// Whether the checker should only warn for calls to pure virtual functions
- /// (which is undefined behavior) or for all virtual functions (which may
- /// may result in unexpected behavior).
- bool ReportPureOnly = false;
-
- typedef const CallExpr * WorkListUnit;
- typedef SmallVector DFSWorkList;
-
- /// A vector representing the worklist which has a chain of CallExprs.
- DFSWorkList WList;
-
- // PreVisited : A CallExpr to this FunctionDecl is in the worklist, but the
- // body has not been visited yet.
- // PostVisited : A CallExpr to this FunctionDecl is in the worklist, and the
- // body has been visited.
- enum Kind { NotVisited,
- PreVisited, /**< A CallExpr to this FunctionDecl is in the
-worklist, but the body has not yet been
-visited. */
- PostVisited /**< A CallExpr to this FunctionDecl is in the
-worklist, and the body has been visited. */
- };
+class VirtualCallChecker: public Checker {
+ mutable std::unique_ptr BT_CT;
+ mutable std::unique_ptr BT_DT;
- /// A DenseMap that records visited states of FunctionDecls.
- llvm::DenseMap VisitedFunctions;
+public:
+ void checkPreCall(const CallEvent , CheckerContext ) const;
+ void checkPostCall(const CallEvent , CheckerContext ) const;
- /// The CallExpr whose body is currently being visited. This is used for
- /// generating bug reports. This is null while visiting the body of a
- /// constructor or destructor.
- const CallExpr *visitingCallExpr;
+private:
+ bool isVirtualCall(const CallExpr *CE) const;
+ Optional getThisSVal(const StackFrameContext *SFC,
+ const ProgramStateRef State) const;
+ class VirtualBugVisitor : public BugReporterVisitorImpl {
+ private:
+const unsigned Flag;
+bool Found;
+
+ public:
+VirtualBugVisitor(const unsigned Flag) : Flag(Flag), Found(false) {}
+void Profile(llvm::FoldingSetNodeID ) const override{
+ static int x = 0;
+ ID.AddPointer();
+ ID.AddPointer();
+}
+std::shared_ptr VisitNode(const ExplodedNode *N,
+ const ExplodedNode *PrevN,
+ BugReporterContext ,
+ BugReport ) override;
+ };
+};
+} // end anonymous namespace
-public:
- WalkAST(const CheckerBase *checker, BugReporter , AnalysisDeclContext *ac,
- const CXXMethodDecl *rootMethod, bool isInterprocedural,
- bool reportPureOnly)
- : Checker(checker), BR(br), AC(ac), RootMethod(rootMethod),
-IsInterprocedural(isInterprocedural), ReportPureOnly(reportPureOnly),
-
