1706b4fc4SDimitry Andric //===-- DebugIteratorModeling.cpp ---------------------------------*- C++ -*--//
2706b4fc4SDimitry Andric //
3706b4fc4SDimitry Andric // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4706b4fc4SDimitry Andric // See https://llvm.org/LICENSE.txt for license information.
5706b4fc4SDimitry Andric // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6706b4fc4SDimitry Andric //
7706b4fc4SDimitry Andric //===----------------------------------------------------------------------===//
8706b4fc4SDimitry Andric //
9706b4fc4SDimitry Andric // Defines a checker for debugging iterator modeling.
10706b4fc4SDimitry Andric //
11706b4fc4SDimitry Andric //===----------------------------------------------------------------------===//
12706b4fc4SDimitry Andric
13706b4fc4SDimitry Andric #include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h"
14706b4fc4SDimitry Andric #include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
15706b4fc4SDimitry Andric #include "clang/StaticAnalyzer/Core/Checker.h"
16c0981da4SDimitry Andric #include "clang/StaticAnalyzer/Core/PathSensitive/CallDescription.h"
17706b4fc4SDimitry Andric #include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h"
18706b4fc4SDimitry Andric #include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
19706b4fc4SDimitry Andric
20706b4fc4SDimitry Andric #include "Iterator.h"
21706b4fc4SDimitry Andric
22706b4fc4SDimitry Andric using namespace clang;
23706b4fc4SDimitry Andric using namespace ento;
24706b4fc4SDimitry Andric using namespace iterator;
25706b4fc4SDimitry Andric
26706b4fc4SDimitry Andric namespace {
27706b4fc4SDimitry Andric
28706b4fc4SDimitry Andric class DebugIteratorModeling
29706b4fc4SDimitry Andric : public Checker<eval::Call> {
30706b4fc4SDimitry Andric
3177dbea07SDimitry Andric const BugType DebugMsgBugType{this, "Checking analyzer assumptions", "debug",
3277dbea07SDimitry Andric /*SuppressOnSink=*/true};
33706b4fc4SDimitry Andric
34706b4fc4SDimitry Andric template <typename Getter>
35706b4fc4SDimitry Andric void analyzerIteratorDataField(const CallExpr *CE, CheckerContext &C,
36706b4fc4SDimitry Andric Getter get, SVal Default) const;
37706b4fc4SDimitry Andric void analyzerIteratorPosition(const CallExpr *CE, CheckerContext &C) const;
38706b4fc4SDimitry Andric void analyzerIteratorContainer(const CallExpr *CE, CheckerContext &C) const;
39706b4fc4SDimitry Andric void analyzerIteratorValidity(const CallExpr *CE, CheckerContext &C) const;
40706b4fc4SDimitry Andric ExplodedNode *reportDebugMsg(llvm::StringRef Msg, CheckerContext &C) const;
41706b4fc4SDimitry Andric
42706b4fc4SDimitry Andric typedef void (DebugIteratorModeling::*FnCheck)(const CallExpr *,
43706b4fc4SDimitry Andric CheckerContext &) const;
44706b4fc4SDimitry Andric
45706b4fc4SDimitry Andric CallDescriptionMap<FnCheck> Callbacks = {
46ac9a064cSDimitry Andric {{CDM::SimpleFunc, {"clang_analyzer_iterator_position"}, 1},
47706b4fc4SDimitry Andric &DebugIteratorModeling::analyzerIteratorPosition},
48ac9a064cSDimitry Andric {{CDM::SimpleFunc, {"clang_analyzer_iterator_container"}, 1},
49706b4fc4SDimitry Andric &DebugIteratorModeling::analyzerIteratorContainer},
50ac9a064cSDimitry Andric {{CDM::SimpleFunc, {"clang_analyzer_iterator_validity"}, 1},
51706b4fc4SDimitry Andric &DebugIteratorModeling::analyzerIteratorValidity},
52706b4fc4SDimitry Andric };
53706b4fc4SDimitry Andric
54706b4fc4SDimitry Andric public:
55706b4fc4SDimitry Andric bool evalCall(const CallEvent &Call, CheckerContext &C) const;
56706b4fc4SDimitry Andric };
57706b4fc4SDimitry Andric
58706b4fc4SDimitry Andric } // namespace
59706b4fc4SDimitry Andric
evalCall(const CallEvent & Call,CheckerContext & C) const60706b4fc4SDimitry Andric bool DebugIteratorModeling::evalCall(const CallEvent &Call,
61706b4fc4SDimitry Andric CheckerContext &C) const {
62706b4fc4SDimitry Andric const auto *CE = dyn_cast_or_null<CallExpr>(Call.getOriginExpr());
63706b4fc4SDimitry Andric if (!CE)
64706b4fc4SDimitry Andric return false;
65706b4fc4SDimitry Andric
66706b4fc4SDimitry Andric const FnCheck *Handler = Callbacks.lookup(Call);
67706b4fc4SDimitry Andric if (!Handler)
68706b4fc4SDimitry Andric return false;
69706b4fc4SDimitry Andric
70706b4fc4SDimitry Andric (this->**Handler)(CE, C);
71706b4fc4SDimitry Andric return true;
72706b4fc4SDimitry Andric }
73706b4fc4SDimitry Andric
74706b4fc4SDimitry Andric template <typename Getter>
analyzerIteratorDataField(const CallExpr * CE,CheckerContext & C,Getter get,SVal Default) const75706b4fc4SDimitry Andric void DebugIteratorModeling::analyzerIteratorDataField(const CallExpr *CE,
76706b4fc4SDimitry Andric CheckerContext &C,
77706b4fc4SDimitry Andric Getter get,
78706b4fc4SDimitry Andric SVal Default) const {
79706b4fc4SDimitry Andric if (CE->getNumArgs() == 0) {
80706b4fc4SDimitry Andric reportDebugMsg("Missing iterator argument", C);
81706b4fc4SDimitry Andric return;
82706b4fc4SDimitry Andric }
83706b4fc4SDimitry Andric
84706b4fc4SDimitry Andric auto State = C.getState();
85706b4fc4SDimitry Andric SVal V = C.getSVal(CE->getArg(0));
86706b4fc4SDimitry Andric const auto *Pos = getIteratorPosition(State, V);
87706b4fc4SDimitry Andric if (Pos) {
88706b4fc4SDimitry Andric State = State->BindExpr(CE, C.getLocationContext(), get(Pos));
89706b4fc4SDimitry Andric } else {
90706b4fc4SDimitry Andric State = State->BindExpr(CE, C.getLocationContext(), Default);
91706b4fc4SDimitry Andric }
92706b4fc4SDimitry Andric C.addTransition(State);
93706b4fc4SDimitry Andric }
94706b4fc4SDimitry Andric
analyzerIteratorPosition(const CallExpr * CE,CheckerContext & C) const95706b4fc4SDimitry Andric void DebugIteratorModeling::analyzerIteratorPosition(const CallExpr *CE,
96706b4fc4SDimitry Andric CheckerContext &C) const {
97706b4fc4SDimitry Andric auto &BVF = C.getSValBuilder().getBasicValueFactory();
98706b4fc4SDimitry Andric analyzerIteratorDataField(CE, C, [](const IteratorPosition *P) {
99706b4fc4SDimitry Andric return nonloc::SymbolVal(P->getOffset());
100706b4fc4SDimitry Andric }, nonloc::ConcreteInt(BVF.getValue(llvm::APSInt::get(0))));
101706b4fc4SDimitry Andric }
102706b4fc4SDimitry Andric
analyzerIteratorContainer(const CallExpr * CE,CheckerContext & C) const103706b4fc4SDimitry Andric void DebugIteratorModeling::analyzerIteratorContainer(const CallExpr *CE,
104706b4fc4SDimitry Andric CheckerContext &C) const {
105706b4fc4SDimitry Andric auto &BVF = C.getSValBuilder().getBasicValueFactory();
106706b4fc4SDimitry Andric analyzerIteratorDataField(CE, C, [](const IteratorPosition *P) {
107706b4fc4SDimitry Andric return loc::MemRegionVal(P->getContainer());
108706b4fc4SDimitry Andric }, loc::ConcreteInt(BVF.getValue(llvm::APSInt::get(0))));
109706b4fc4SDimitry Andric }
110706b4fc4SDimitry Andric
analyzerIteratorValidity(const CallExpr * CE,CheckerContext & C) const111706b4fc4SDimitry Andric void DebugIteratorModeling::analyzerIteratorValidity(const CallExpr *CE,
112706b4fc4SDimitry Andric CheckerContext &C) const {
113706b4fc4SDimitry Andric auto &BVF = C.getSValBuilder().getBasicValueFactory();
114706b4fc4SDimitry Andric analyzerIteratorDataField(CE, C, [&BVF](const IteratorPosition *P) {
115706b4fc4SDimitry Andric return
116706b4fc4SDimitry Andric nonloc::ConcreteInt(BVF.getValue(llvm::APSInt::get((P->isValid()))));
117706b4fc4SDimitry Andric }, nonloc::ConcreteInt(BVF.getValue(llvm::APSInt::get(0))));
118706b4fc4SDimitry Andric }
119706b4fc4SDimitry Andric
reportDebugMsg(llvm::StringRef Msg,CheckerContext & C) const120706b4fc4SDimitry Andric ExplodedNode *DebugIteratorModeling::reportDebugMsg(llvm::StringRef Msg,
121706b4fc4SDimitry Andric CheckerContext &C) const {
122706b4fc4SDimitry Andric ExplodedNode *N = C.generateNonFatalErrorNode();
123706b4fc4SDimitry Andric if (!N)
124706b4fc4SDimitry Andric return nullptr;
125706b4fc4SDimitry Andric
126706b4fc4SDimitry Andric auto &BR = C.getBugReporter();
12777dbea07SDimitry Andric BR.emitReport(
12877dbea07SDimitry Andric std::make_unique<PathSensitiveBugReport>(DebugMsgBugType, Msg, N));
129706b4fc4SDimitry Andric return N;
130706b4fc4SDimitry Andric }
131706b4fc4SDimitry Andric
registerDebugIteratorModeling(CheckerManager & mgr)132706b4fc4SDimitry Andric void ento::registerDebugIteratorModeling(CheckerManager &mgr) {
133706b4fc4SDimitry Andric mgr.registerChecker<DebugIteratorModeling>();
134706b4fc4SDimitry Andric }
135706b4fc4SDimitry Andric
shouldRegisterDebugIteratorModeling(const CheckerManager & mgr)136cfca06d7SDimitry Andric bool ento::shouldRegisterDebugIteratorModeling(const CheckerManager &mgr) {
137706b4fc4SDimitry Andric return true;
138706b4fc4SDimitry Andric }
139