search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[AMDGPU][AsmParser][NFC] Get rid of custom default operand handlers.
[llvm-project.git] / clang / lib / StaticAnalyzer / Checkers / UndefCapturedBlockVarChecker.cpp
blob27f3345e67ac8eb5ff996e0eb72e9e46fde9ee24
1 // UndefCapturedBlockVarChecker.cpp - Uninitialized captured vars -*- C++ -*-=//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 // This checker detects blocks that capture uninitialized values.
10 //
11 //===----------------------------------------------------------------------===//
12
13 #include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h"
14 #include "clang/AST/Attr.h"
15 #include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
16 #include "clang/StaticAnalyzer/Core/Checker.h"
17 #include "clang/StaticAnalyzer/Core/CheckerManager.h"
18 #include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
19 #include "clang/StaticAnalyzer/Core/PathSensitive/ExprEngine.h"
20 #include "llvm/ADT/SmallString.h"
21 #include "llvm/Support/raw_ostream.h"
22 #include <optional>
23
24 using namespace clang;
25 using namespace ento;
26
27 namespace {
28 class UndefCapturedBlockVarChecker
29 : public Checker< check::PostStmt<BlockExpr> > {
30 mutable std::unique_ptr<BugType> BT;
31
32 public:
33 void checkPostStmt(const BlockExpr *BE, CheckerContext &C) const;
34 };
35 } // end anonymous namespace
36
37 static const DeclRefExpr *FindBlockDeclRefExpr(const Stmt *S,
38 const VarDecl *VD) {
39 if (const DeclRefExpr *BR = dyn_cast<DeclRefExpr>(S))
40 if (BR->getDecl() == VD)
41 return BR;
42
43 for (const Stmt *Child : S->children())
44 if (Child)
45 if (const DeclRefExpr *BR = FindBlockDeclRefExpr(Child, VD))
46 return BR;
47
48 return nullptr;
49 }
50
51 void
52 UndefCapturedBlockVarChecker::checkPostStmt(const BlockExpr *BE,
53 CheckerContext &C) const {
54 if (!BE->getBlockDecl()->hasCaptures())
55 return;
56
57 ProgramStateRef state = C.getState();
58 auto *R = cast<BlockDataRegion>(C.getSVal(BE).getAsRegion());
59
60 BlockDataRegion::referenced_vars_iterator I = R->referenced_vars_begin(),
61 E = R->referenced_vars_end();
62
63 for (; I != E; ++I) {
64 // This VarRegion is the region associated with the block; we need
65 // the one associated with the encompassing context.
66 const VarRegion *VR = I.getCapturedRegion();
67 const VarDecl *VD = VR->getDecl();
68
69 if (VD->hasAttr<BlocksAttr>() || !VD->hasLocalStorage())
70 continue;
71
72 // Get the VarRegion associated with VD in the local stack frame.
73 if (std::optional<UndefinedVal> V =
74 state->getSVal(I.getOriginalRegion()).getAs<UndefinedVal>()) {
75 if (ExplodedNode *N = C.generateErrorNode()) {
76 if (!BT)
77 BT.reset(
78 new BuiltinBug(this, "uninitialized variable captured by block"));
79
80 // Generate a bug report.
81 SmallString<128> buf;
82 llvm::raw_svector_ostream os(buf);
83
84 os << "Variable '" << VD->getName()
85 << "' is uninitialized when captured by block";
86
87 auto R = std::make_unique<PathSensitiveBugReport>(*BT, os.str(), N);
88 if (const Expr *Ex = FindBlockDeclRefExpr(BE->getBody(), VD))
89 R->addRange(Ex->getSourceRange());
90 bugreporter::trackStoredValue(*V, VR, *R,
91 {bugreporter::TrackingKind::Thorough,
92 /*EnableNullFPSuppression*/ false});
93 R->disablePathPruning();
94 // need location of block
95 C.emitReport(std::move(R));
96 }
97 }
98 }
99 }
100
101 void ento::registerUndefCapturedBlockVarChecker(CheckerManager &mgr) {
102 mgr.registerChecker<UndefCapturedBlockVarChecker>();
103 }
104
105 bool ento::shouldRegisterUndefCapturedBlockVarChecker(const CheckerManager &mgr) {
106 return true;
107 }
LLVM monorepo