search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[DFAJumpThreading] Remove incoming StartBlock from all phis when unfolding select...
[llvm-project.git] / clang / lib / StaticAnalyzer / Checkers / UndefinedAssignmentChecker.cpp
blob49ac94f65dd0c03273c75da9b91bdf5ad41f9f43
1 //===--- UndefinedAssignmentChecker.h ---------------------------*- C++ -*--==//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 // This defines UndefinedAssignmentChecker, a builtin check in ExprEngine that
10 // checks for assigning undefined values.
11 //
12 //===----------------------------------------------------------------------===//
13
14 #include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h"
15 #include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
16 #include "clang/StaticAnalyzer/Core/Checker.h"
17 #include "clang/StaticAnalyzer/Core/CheckerManager.h"
18 #include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
19
20 using namespace clang;
21 using namespace ento;
22
23 namespace {
24 class UndefinedAssignmentChecker
25 : public Checker<check::Bind> {
26 mutable std::unique_ptr<BugType> BT;
27
28 public:
29 void checkBind(SVal location, SVal val, const Stmt *S,
30 CheckerContext &C) const;
31 };
32 }
33
34 void UndefinedAssignmentChecker::checkBind(SVal location, SVal val,
35 const Stmt *StoreE,
36 CheckerContext &C) const {
37 if (!val.isUndef())
38 return;
39
40 // Do not report assignments of uninitialized values inside swap functions.
41 // This should allow to swap partially uninitialized structs
42 if (const FunctionDecl *EnclosingFunctionDecl =
43 dyn_cast<FunctionDecl>(C.getStackFrame()->getDecl()))
44 if (C.getCalleeName(EnclosingFunctionDecl) == "swap")
45 return;
46
47 ExplodedNode *N = C.generateErrorNode();
48
49 if (!N)
50 return;
51
52 static const char *const DefaultMsg =
53 "Assigned value is garbage or undefined";
54 if (!BT)
55 BT.reset(new BugType(this, DefaultMsg));
56
57 // Generate a report for this bug.
58 llvm::SmallString<128> Str;
59 llvm::raw_svector_ostream OS(Str);
60
61 const Expr *ex = nullptr;
62
63 while (StoreE) {
64 if (const UnaryOperator *U = dyn_cast<UnaryOperator>(StoreE)) {
65 OS << "The expression is an uninitialized value. "
66 "The computed value will also be garbage";
67
68 ex = U->getSubExpr();
69 break;
70 }
71
72 if (const BinaryOperator *B = dyn_cast<BinaryOperator>(StoreE)) {
73 if (B->isCompoundAssignmentOp()) {
74 if (C.getSVal(B->getLHS()).isUndef()) {
75 OS << "The left expression of the compound assignment is an "
76 "uninitialized value. The computed value will also be garbage";
77 ex = B->getLHS();
78 break;
79 }
80 }
81
82 ex = B->getRHS();
83 break;
84 }
85
86 if (const DeclStmt *DS = dyn_cast<DeclStmt>(StoreE)) {
87 const VarDecl *VD = cast<VarDecl>(DS->getSingleDecl());
88 ex = VD->getInit();
89 }
90
91 if (const auto *CD =
92 dyn_cast<CXXConstructorDecl>(C.getStackFrame()->getDecl())) {
93 if (CD->isImplicit()) {
94 for (auto *I : CD->inits()) {
95 if (I->getInit()->IgnoreImpCasts() == StoreE) {
96 OS << "Value assigned to field '" << I->getMember()->getName()
97 << "' in implicit constructor is garbage or undefined";
98 break;
99 }
100 }
101 }
102 }
103
104 break;
105 }
106
107 if (OS.str().empty())
108 OS << DefaultMsg;
109
110 auto R = std::make_unique<PathSensitiveBugReport>(*BT, OS.str(), N);
111 if (ex) {
112 R->addRange(ex->getSourceRange());
113 bugreporter::trackExpressionValue(N, ex, *R);
114 }
115 C.emitReport(std::move(R));
116 }
117
118 void ento::registerUndefinedAssignmentChecker(CheckerManager &mgr) {
119 mgr.registerChecker<UndefinedAssignmentChecker>();
120 }
121
122 bool ento::shouldRegisterUndefinedAssignmentChecker(const CheckerManager &mgr) {
123 return true;
124 }
LLVM monorepo