Pass EvalCallOptions via runCheckersForEvalCall into defaultEvalCall.
Update the AnalysisOrderChecker to support evalCall for testing.
Differential Revision: https://reviews.llvm.org/D82256
Released,
Hide>,
CmdLineOption<Boolean,
+ "EvalCall",
+ "",
+ "false",
+ Released,
+ Hide>,
+ CmdLineOption<Boolean,
"PreCall",
"",
"false",
class ExplodedNode;
class ExplodedNodeSet;
class ExprEngine;
+struct EvalCallOptions;
class MemRegion;
struct NodeBuilderContext;
class ObjCMethodCall;
/// Run checkers for evaluating a call.
///
/// Warning: Currently, the CallEvent MUST come from a CallExpr!
- void runCheckersForEvalCall(ExplodedNodeSet &Dst,
- const ExplodedNodeSet &Src,
- const CallEvent &CE, ExprEngine &Eng);
+ void runCheckersForEvalCall(ExplodedNodeSet &Dst, const ExplodedNodeSet &Src,
+ const CallEvent &CE, ExprEngine &Eng,
+ const EvalCallOptions &CallOpts);
/// Run checkers for the entire Translation Unit.
void runCheckersOnEndOfTranslationUnit(const TranslationUnitDecl *TU,
class SymbolManager;
class SwitchNodeBuilder;
+/// Hints for figuring out of a call should be inlined during evalCall().
+struct EvalCallOptions {
+ /// This call is a constructor or a destructor for which we do not currently
+ /// compute the this-region correctly.
+ bool IsCtorOrDtorWithImproperlyModeledTargetRegion = false;
+
+ /// This call is a constructor or a destructor for a single element within
+ /// an array, a part of array construction or destruction.
+ bool IsArrayCtorOrDtor = false;
+
+ /// This call is a constructor or a destructor of a temporary value.
+ bool IsTemporaryCtorOrDtor = false;
+
+ /// This call is a constructor for a temporary that is lifetime-extended
+ /// by binding it to a reference-type field within an aggregate,
+ /// for example 'A { const C &c; }; A a = { C() };'
+ bool IsTemporaryLifetimeExtendedViaAggregate = false;
+
+ /// This call is a pre-C++17 elidable constructor that we failed to elide
+ /// because we failed to compute the target region into which
+ /// this constructor would have been ultimately elided. Analysis that
+ /// we perform in this case is still correct but it behaves differently,
+ /// as if copy elision is disabled.
+ bool IsElidableCtorThatHasNotBeenElided = false;
+
+ EvalCallOptions() {}
+};
+
class ExprEngine {
void anchor();
+
public:
/// The modes of inlining, which override the default analysis-wide settings.
enum InliningModes {
Inline_Minimal = 0x1
};
- /// Hints for figuring out of a call should be inlined during evalCall().
- struct EvalCallOptions {
- /// This call is a constructor or a destructor for which we do not currently
- /// compute the this-region correctly.
- bool IsCtorOrDtorWithImproperlyModeledTargetRegion = false;
-
- /// This call is a constructor or a destructor for a single element within
- /// an array, a part of array construction or destruction.
- bool IsArrayCtorOrDtor = false;
-
- /// This call is a constructor or a destructor of a temporary value.
- bool IsTemporaryCtorOrDtor = false;
-
- /// This call is a constructor for a temporary that is lifetime-extended
- /// by binding it to a reference-type field within an aggregate,
- /// for example 'A { const C &c; }; A a = { C() };'
- bool IsTemporaryLifetimeExtendedViaAggregate = false;
-
- /// This call is a pre-C++17 elidable constructor that we failed to elide
- /// because we failed to compute the target region into which
- /// this constructor would have been ultimately elided. Analysis that
- /// we perform in this case is still correct but it behaves differently,
- /// as if copy elision is disabled.
- bool IsElidableCtorThatHasNotBeenElided = false;
-
- EvalCallOptions() {}
- };
-
private:
cross_tu::CrossTranslationUnitContext &CTU;
check::PostStmt<OffsetOfExpr>, check::PreCall, check::PostCall,
check::EndFunction, check::EndAnalysis, check::NewAllocator,
check::Bind, check::PointerEscape, check::RegionChanges,
- check::LiveSymbols> {
+ check::LiveSymbols, eval::Call> {
bool isCallbackEnabled(const AnalyzerOptions &Opts,
StringRef CallbackName) const {
llvm::errs() << "PostStmt<OffsetOfExpr>\n";
}
+ bool evalCall(const CallEvent &Call, CheckerContext &C) const {
+ if (isCallbackEnabled(C, "EvalCall")) {
+ llvm::errs() << "EvalCall";
+ if (const NamedDecl *ND = dyn_cast_or_null<NamedDecl>(Call.getDecl()))
+ llvm::errs() << " (" << ND->getQualifiedNameAsString() << ')';
+ llvm::errs() << " {argno: " << Call.getNumArgs() << '}';
+ llvm::errs() << " [" << Call.getKindAsString() << ']';
+ llvm::errs() << '\n';
+ return true;
+ }
+ return false;
+ }
+
void checkPreCall(const CallEvent &Call, CheckerContext &C) const {
if (isCallbackEnabled(C, "PreCall")) {
llvm::errs() << "PreCall";
if (!CC)
return None;
- ExprEngine::EvalCallOptions CallOpts;
+ EvalCallOptions CallOpts;
ExprEngine &Engine = getState()->getStateManager().getOwningEngine();
SVal RetVal =
Engine.computeObjectUnderConstruction(getOriginExpr(), getState(),
void CheckerManager::runCheckersForEvalCall(ExplodedNodeSet &Dst,
const ExplodedNodeSet &Src,
const CallEvent &Call,
- ExprEngine &Eng) {
+ ExprEngine &Eng,
+ const EvalCallOptions &CallOpts) {
for (auto *const Pred : Src) {
bool anyEvaluated = false;
// TODO: Support the situation when the call doesn't correspond
// to any Expr.
ProgramPoint L = ProgramPoint::getProgramPoint(
- cast<CallExpr>(Call.getOriginExpr()),
- ProgramPoint::PostStmtKind,
- Pred->getLocationContext(),
- EvalCallChecker.Checker);
+ Call.getOriginExpr(), ProgramPoint::PostStmtKind,
+ Pred->getLocationContext(), EvalCallChecker.Checker);
bool evaluated = false;
{ // CheckerContext generates transitions(populates checkDest) on
// destruction, so introduce the scope to make sure it gets properly
// If none of the checkers evaluated the call, ask ExprEngine to handle it.
if (!anyEvaluated) {
NodeBuilder B(Pred, Dst, Eng.getBuilderContext());
- Eng.defaultEvalCall(B, Pred, Call);
+ Eng.defaultEvalCall(B, Pred, Call, CallOpts);
}
}
}
} else {
for (ExplodedNodeSet::iterator I = DstPreCall.begin(), E = DstPreCall.end();
I != E; ++I)
- defaultEvalCall(Bldr, *I, *Call, CallOpts);
+ getCheckerManager().runCheckersForEvalCall(DstEvaluated, *I, *Call, *this,
+ CallOpts);
}
// If the CFG was constructed without elements for temporary destructors
// defaultEvalCall if all of them fail.
ExplodedNodeSet dstCallEvaluated;
getCheckerManager().runCheckersForEvalCall(dstCallEvaluated, dstPreVisit,
- Call, *this);
+ Call, *this, EvalCallOptions());
// If there were other constructors called for object-type arguments
// of this call, clean them up.
ExprEngine::CallInlinePolicy
ExprEngine::mayInlineCallKind(const CallEvent &Call, const ExplodedNode *Pred,
AnalyzerOptions &Opts,
- const ExprEngine::EvalCallOptions &CallOpts) {
+ const EvalCallOptions &CallOpts) {
const LocationContext *CurLC = Pred->getLocationContext();
const StackFrameContext *CallerSFC = CurLC->getStackFrame();
switch (Call.getKind()) {
// CHECK-NEXT: debug.AnalysisOrder:Bind = false
// CHECK-NEXT: debug.AnalysisOrder:EndAnalysis = false
// CHECK-NEXT: debug.AnalysisOrder:EndFunction = false
+// CHECK-NEXT: debug.AnalysisOrder:EvalCall = false
// CHECK-NEXT: debug.AnalysisOrder:LiveSymbols = false
// CHECK-NEXT: debug.AnalysisOrder:NewAllocator = false
// CHECK-NEXT: debug.AnalysisOrder:PointerEscape = false
--- /dev/null
+// RUN: %clang_analyze_cc1 %s \
+// RUN: -analyzer-checker=debug.AnalysisOrder \
+// RUN: -analyzer-config debug.AnalysisOrder:EvalCall=true \
+// RUN: -analyzer-config debug.AnalysisOrder:PreCall=true \
+// RUN: -analyzer-config debug.AnalysisOrder:PostCall=true \
+// RUN: 2>&1 | FileCheck %s
+
+// This test ensures that eval::Call event will be triggered for constructors.
+
+class C {
+public:
+ C(){};
+ C(int x){};
+ C(int x, int y){};
+};
+
+void foo() {
+ C C0;
+ C C1(42);
+ C *C2 = new C{2, 3};
+}
+
+// CHECK: PreCall (C::C) [CXXConstructorCall]
+// CHECK-NEXT: EvalCall (C::C) {argno: 0} [CXXConstructorCall]
+// CHECK-NEXT: PostCall (C::C) [CXXConstructorCall]
+// CHECK-NEXT: PreCall (C::C) [CXXConstructorCall]
+// CHECK-NEXT: EvalCall (C::C) {argno: 1} [CXXConstructorCall]
+// CHECK-NEXT: PostCall (C::C) [CXXConstructorCall]
+// CHECK-NEXT: PreCall (operator new) [CXXAllocatorCall]
+// CHECK-NEXT: PostCall (operator new) [CXXAllocatorCall]
+// CHECK-NEXT: PreCall (C::C) [CXXConstructorCall]
+// CHECK-NEXT: EvalCall (C::C) {argno: 2} [CXXConstructorCall]
+// CHECK-NEXT: PostCall (C::C) [CXXConstructorCall]
S *s = new S[10];
// FIXME: Should be true once we inline array constructors.
clang_analyzer_eval(s[0].x == 1); // expected-warning{{UNKNOWN}}
+ clang_analyzer_eval(s[1].x == 1); // expected-warning{{UNKNOWN}}
}
struct NullS {
OSDN Git Service
