This is an archive of the discontinued LLVM Phabricator instance.

Differential D15324

[Sema] Emit warnings when comparing result of a function with `returns_nonnull` to null
ClosedPublic

Authored by george.burgess.iv on Dec 7 2015, 10:41 PM.

Details

Reviewers
rtrieu
aaron.ballman
Commits
rG850269a47eed: [Sema] Add warning when comparing nonnull and null
rC255058: [Sema] Add warning when comparing nonnull and null
rL255058: [Sema] Add warning when comparing nonnull and null
Summary

Addresses a problem brought up by Xavier here: http://permalink.gmane.org/gmane.comp.compilers.clang.devel/46163

tl;dr: We get a warning on the following code

void foo(void *p) __attribute__((nonnull(1))) {
	if (p == NULL) {} // warning: always equal to false
}

…But not this code:

void foo() __attribute__((returns_nonnull));
int main() {
	if (foo() == NULL) {} // no warning
}

This patch makes us give a warning in the second case.

Diff Detail

Repository
rL LLVM

Event Timeline

george.burgess.iv updated this revision to Diff 42139.Dec 7 2015, 10:41 PM
george.burgess.iv retitled this revision from to [Sema] Emit warnings when comparing result of a function with `returns_nonnull` to null.
george.burgess.iv updated this object.
george.burgess.iv added a reviewer: rtrieu.
george.burgess.iv added a subscriber: cfe-commits.
aaron.ballman added a subscriber: aaron.ballman.Dec 8 2015, 5:43 AM
aaron.ballman added inline comments.
include/clang/Basic/DiagnosticSemaKinds.td
2747 ↗(On Diff #42139)

I know this is existing behavior, but can you quote true and false in this diagnostic, similar to the way true is quoted above?

lib/Sema/SemaChecking.cpp
7674 ↗(On Diff #42139)

No need to cast IsParam to int; the diagnostic builder already does the right thing here.

7682 ↗(On Diff #42139)

I think this should be:

if (Callee->hasAttr<ReturnsNonNullAttr>() &&
    ComplainAboutNonnullParamOrCall(false))
  return;

Otherwise, we skip out on the rest of the checking in the presence of ReturnsNonNullAttr.

7716 ↗(On Diff #42139)

Same here as above. The return should only be on failure.

george.burgess.iv updated this revision to Diff 42204.Dec 8 2015, 11:34 AM
george.burgess.iv marked 4 inline comments as done.
  • Addressed all feedback
  • Refactored a loop to make its intent more clear
lib/Sema/SemaChecking.cpp
7674 ↗(On Diff #42139)

Neat. Thanks!

7682 ↗(On Diff #42139)

The function this is in returns void, not bool. I've separated the return from the function call in order to hopefully make things a bit more clear. :)

7716 ↗(On Diff #42139)

Separated into two lines, like above.

aaron.ballman accepted this revision.Dec 8 2015, 12:21 PM
aaron.ballman added a reviewer: aaron.ballman.

Thank you for this, LGTM!

lib/Sema/SemaChecking.cpp
7682 ↗(On Diff #42204)

Oops, I didn't notice that the function returns void, sorry about that. I also didn't notice that early return here is the correct thing because we're only checking one expression at a time within this function.

This revision is now accepted and ready to land.Dec 8 2015, 12:21 PM
Closed by commit rL255058: [Sema] Add warning when comparing nonnull and null (authored by gbiv). · Explain WhyDec 8 2015, 2:05 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
cfe/
trunk/
include/
clang/
Basic/
9 lines
Sema/
2 lines
lib/
Sema/
73 lines
test/
Sema/
22 lines

Diff 42221

cfe/trunk/include/clang/Basic/DiagnosticSemaKinds.td

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 2,721 Lines▼ Show 20 Linesdef ext_ms_impcast_fn_obj : ExtWarn<
"implicit conversion between pointer-to-function and pointer-to-object is a " "implicit conversion between pointer-to-function and pointer-to-object is a "
"Microsoft extension">, InGroup<MicrosoftCast>; "Microsoft extension">, InGroup<MicrosoftCast>;
def warn_impcast_pointer_to_bool : Warning< def warn_impcast_pointer_to_bool : Warning<
"address of%select{| function| array}0 '%1' will always evaluate to " "address of%select{| function| array}0 '%1' will always evaluate to "
"'true'">, "'true'">,
InGroup<PointerBoolConversion>; InGroup<PointerBoolConversion>;
def warn_cast_nonnull_to_bool : Warning< def warn_cast_nonnull_to_bool : Warning<
"nonnull parameter '%0' will evaluate to " "nonnull %select{function call|parameter}0 '%1' will evaluate to "
"'true' on first encounter">, "'true' on first encounter">,
InGroup<PointerBoolConversion>; InGroup<PointerBoolConversion>;
def warn_this_bool_conversion : Warning< def warn_this_bool_conversion : Warning<
"'this' pointer cannot be null in well-defined C++ code; pointer may be " "'this' pointer cannot be null in well-defined C++ code; pointer may be "
"assumed to always convert to true">, InGroup<UndefinedBoolConversion>; "assumed to always convert to true">, InGroup<UndefinedBoolConversion>;
def warn_address_of_reference_bool_conversion : Warning< def warn_address_of_reference_bool_conversion : Warning<
"reference cannot be bound to dereferenced null pointer in well-defined C++ " "reference cannot be bound to dereferenced null pointer in well-defined C++ "
"code; pointer may be assumed to always convert to true">, "code; pointer may be assumed to always convert to true">,
InGroup<UndefinedBoolConversion>; InGroup<UndefinedBoolConversion>;
def warn_null_pointer_compare : Warning< def warn_null_pointer_compare : Warning<
"comparison of %select{address of|function|array}0 '%1' %select{not |}2" "comparison of %select{address of|function|array}0 '%1' %select{not |}2"
"equal to a null pointer is always %select{true|false}2">, "equal to a null pointer is always %select{true|false}2">,
InGroup<TautologicalPointerCompare>; InGroup<TautologicalPointerCompare>;
def warn_nonnull_parameter_compare : Warning< def warn_nonnull_expr_compare : Warning<
"comparison of nonnull parameter '%0' %select{not |}1" "comparison of nonnull %select{function call|parameter}0 '%1' "
"equal to a null pointer is %select{true|false}1 on first encounter">, "%select{not |}2equal to a null pointer is '%select{true|false}2' on first "
"encounter">,
InGroup<TautologicalPointerCompare>; InGroup<TautologicalPointerCompare>;
def warn_this_null_compare : Warning< def warn_this_null_compare : Warning<
"'this' pointer cannot be null in well-defined C++ code; comparison may be " "'this' pointer cannot be null in well-defined C++ code; comparison may be "
"assumed to always evaluate to %select{true|false}0">, "assumed to always evaluate to %select{true|false}0">,
InGroup<TautologicalUndefinedCompare>; InGroup<TautologicalUndefinedCompare>;
def warn_address_of_reference_null_compare : Warning< def warn_address_of_reference_null_compare : Warning<
"reference cannot be bound to dereferenced null pointer in well-defined C++ " "reference cannot be bound to dereferenced null pointer in well-defined C++ "
"code; comparison may be assumed to always evaluate to " "code; comparison may be assumed to always evaluate to "
▲ Show 20 LinesShow All 5,420 LinesShow Last 20 Lines

cfe/trunk/include/clang/Sema/ScopeInfo.h

Show First 20 LinesShow All 158 Lines▼ Show 20 Linespublic:
/// \brief A list of PartialDiagnostics created but delayed within the /// \brief A list of PartialDiagnostics created but delayed within the
/// current function scope. These diagnostics are vetted for reachability /// current function scope. These diagnostics are vetted for reachability
/// prior to being emitted. /// prior to being emitted.
SmallVector<PossiblyUnreachableDiag, 4> PossiblyUnreachableDiags; SmallVector<PossiblyUnreachableDiag, 4> PossiblyUnreachableDiags;
/// \brief A list of parameters which have the nonnull attribute and are /// \brief A list of parameters which have the nonnull attribute and are
/// modified in the function. /// modified in the function.
llvm::SmallPtrSet<const ParmVarDecl*, 8> ModifiedNonNullParams; llvm::SmallPtrSet<const ParmVarDecl*, 8> ModifiedNonNullParams;
public: public:
/// Represents a simple identification of a weak object. /// Represents a simple identification of a weak object.
/// ///
/// Part of the implementation of -Wrepeated-use-of-weak. /// Part of the implementation of -Wrepeated-use-of-weak.
/// ///
/// This is used to determine if two weak accesses refer to the same object. /// This is used to determine if two weak accesses refer to the same object.
/// Here are some examples of how various accesses are "profiled": /// Here are some examples of how various accesses are "profiled":
▲ Show 20 LinesShow All 683 LinesShow Last 20 Lines

cfe/trunk/lib/Sema/SemaChecking.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 1,174 Lines▼ Show 20 Lines if (FSI->FirstDataArg != 0)
--FSI->FirstDataArg; --FSI->FirstDataArg;
} }
return true; return true;
} }
/// Checks if a the given expression evaluates to null. /// Checks if a the given expression evaluates to null.
/// ///
/// \brief Returns true if the value evaluates to null. /// \brief Returns true if the value evaluates to null.
static bool CheckNonNullExpr(Sema &S, static bool CheckNonNullExpr(Sema &S, const Expr *Expr) {
const Expr *Expr) {
// If the expression has non-null type, it doesn't evaluate to null. // If the expression has non-null type, it doesn't evaluate to null.
if (auto nullability if (auto nullability
= Expr->IgnoreImplicit()->getType()->getNullability(S.Context)) { = Expr->IgnoreImplicit()->getType()->getNullability(S.Context)) {
if (*nullability == NullabilityKind::NonNull) if (*nullability == NullabilityKind::NonNull)
return false; return false;
} }
// As a special case, transparent unions initialized with zero are // As a special case, transparent unions initialized with zero are
▲ Show 20 LinesShow All 6,468 Lines▼ Show 20 Lines unsigned DiagID = IsCompare
: diag::warn_address_of_reference_bool_conversion; : diag::warn_address_of_reference_bool_conversion;
PartialDiagnostic PD = PDiag(DiagID) << E->getSourceRange() << Range PartialDiagnostic PD = PDiag(DiagID) << E->getSourceRange() << Range
<< IsEqual; << IsEqual;
if (CheckForReference(*this, E, PD)) { if (CheckForReference(*this, E, PD)) {
return; return;
} }
} }
auto ComplainAboutNonnullParamOrCall = [&](bool IsParam) {
std::string Str;
llvm::raw_string_ostream S(Str);
E->printPretty(S, nullptr, getPrintingPolicy());
unsigned DiagID = IsCompare ? diag::warn_nonnull_expr_compare
: diag::warn_cast_nonnull_to_bool;
Diag(E->getExprLoc(), DiagID) << IsParam << S.str()
<< E->getSourceRange() << Range << IsEqual;
};
// If we have a CallExpr that is tagged with returns_nonnull, we can complain.
if (auto *Call = dyn_cast<CallExpr>(E->IgnoreParenImpCasts())) {
if (auto *Callee = Call->getDirectCallee()) {
if (Callee->hasAttr<ReturnsNonNullAttr>()) {
ComplainAboutNonnullParamOrCall(false);
return;
}
}
}
// Expect to find a single Decl. Skip anything more complicated. // Expect to find a single Decl. Skip anything more complicated.
ValueDecl *D = nullptr; ValueDecl *D = nullptr;
if (DeclRefExpr *R = dyn_cast<DeclRefExpr>(E)) { if (DeclRefExpr *R = dyn_cast<DeclRefExpr>(E)) {
D = R->getDecl(); D = R->getDecl();
} else if (MemberExpr *M = dyn_cast<MemberExpr>(E)) { } else if (MemberExpr *M = dyn_cast<MemberExpr>(E)) {
D = M->getMemberDecl(); D = M->getMemberDecl();
} }
// Weak Decls can be null. // Weak Decls can be null.
if (!D || D->isWeak()) if (!D || D->isWeak())
return; return;
// Check for parameter decl with nonnull attribute // Check for parameter decl with nonnull attribute
if (const ParmVarDecl* PV = dyn_cast<ParmVarDecl>(D)) { if (const auto* PV = dyn_cast<ParmVarDecl>(D)) {
if (getCurFunction() && !getCurFunction()->ModifiedNonNullParams.count(PV)) if (getCurFunction() &&
if (const FunctionDecl* FD = dyn_cast<FunctionDecl>(PV->getDeclContext())) { !getCurFunction()->ModifiedNonNullParams.count(PV)) {
unsigned NumArgs = FD->getNumParams(); if (PV->hasAttr<NonNullAttr>()) {
llvm::SmallBitVector AttrNonNull(NumArgs); ComplainAboutNonnullParamOrCall(true);
return;
}
if (const auto *FD = dyn_cast<FunctionDecl>(PV->getDeclContext())) {
auto ParamIter = std::find(FD->param_begin(), FD->param_end(), PV);
assert(ParamIter != FD->param_end());
unsigned ParamNo = std::distance(FD->param_begin(), ParamIter);
for (const auto *NonNull : FD->specific_attrs<NonNullAttr>()) { for (const auto *NonNull : FD->specific_attrs<NonNullAttr>()) {
if (!NonNull->args_size()) { if (!NonNull->args_size()) {
AttrNonNull.set(0, NumArgs); ComplainAboutNonnullParamOrCall(true);
break; return;
}
for (unsigned ArgNo : NonNull->args()) {
if (ArgNo == ParamNo) {
ComplainAboutNonnullParamOrCall(true);
return;
} }
for (unsigned Val : NonNull->args()) {
if (Val >= NumArgs)
continue;
AttrNonNull.set(Val);
} }
} }
if (!AttrNonNull.empty())
for (unsigned i = 0; i < NumArgs; ++i)
if (FD->getParamDecl(i) == PV &&
(AttrNonNull[i] || PV->hasAttr<NonNullAttr>())) {
std::string Str;
llvm::raw_string_ostream S(Str);
E->printPretty(S, nullptr, getPrintingPolicy());
unsigned DiagID = IsCompare ? diag::warn_nonnull_parameter_compare
: diag::warn_cast_nonnull_to_bool;
Diag(E->getExprLoc(), DiagID) << S.str() << E->getSourceRange()
<< Range << IsEqual;
return;
} }
} }
} }
QualType T = D->getType(); QualType T = D->getType();
const bool IsArray = T->isArrayType(); const bool IsArray = T->isArrayType();
const bool IsFunction = T->isFunctionType(); const bool IsFunction = T->isFunctionType();
// Address of function is used to silence the function warning. // Address of function is used to silence the function warning.
if (IsAddressOf && IsFunction) { if (IsAddressOf && IsFunction) {
return; return;
} }
▲ Show 20 LinesShow All 2,159 LinesShow Last 20 Lines

cfe/trunk/test/Sema/nonnull.c

Show First 20 LinesShow All 83 Lines▼ Show 20 Linesvoid redecl_test(void *p) {
redecl(0, p); // expected-warning{{null passed}} redecl(0, p); // expected-warning{{null passed}}
} }
// rdar://18712242 // rdar://18712242
#define NULL (void*)0 #define NULL (void*)0
__attribute__((__nonnull__)) __attribute__((__nonnull__))
int evil_nonnull_func(int* pointer, void * pv) int evil_nonnull_func(int* pointer, void * pv)
{ {
if (pointer == NULL) { // expected-warning {{comparison of nonnull parameter 'pointer' equal to a null pointer is false on first encounter}} if (pointer == NULL) { // expected-warning {{comparison of nonnull parameter 'pointer' equal to a null pointer is 'false' on first encounter}}
return 0; return 0;
} else { } else {
return *pointer; return *pointer;
} }
pointer = pv; pointer = pv;
if (!pointer) if (!pointer)
return 0; return 0;
else else
return *pointer; return *pointer;
if (pv == NULL) {} // expected-warning {{comparison of nonnull parameter 'pv' equal to a null pointer is false on first encounter}} if (pv == NULL) {} // expected-warning {{comparison of nonnull parameter 'pv' equal to a null pointer is 'false' on first encounter}}
} }
void set_param_to_null(int**); void set_param_to_null(int**);
int another_evil_nonnull_func(int* pointer, char ch, void * pv) __attribute__((nonnull(1, 3))); int another_evil_nonnull_func(int* pointer, char ch, void * pv) __attribute__((nonnull(1, 3)));
int another_evil_nonnull_func(int* pointer, char ch, void * pv) { int another_evil_nonnull_func(int* pointer, char ch, void * pv) {
if (pointer == NULL) { // expected-warning {{comparison of nonnull parameter 'pointer' equal to a null pointer is false on first encounter}} if (pointer == NULL) { // expected-warning {{comparison of nonnull parameter 'pointer' equal to a null pointer is 'false' on first encounter}}
return 0; return 0;
} else { } else {
return *pointer; return *pointer;
} }
set_param_to_null(&pointer); set_param_to_null(&pointer);
if (!pointer) if (!pointer)
return 0; return 0;
else else
return *pointer; return *pointer;
if (pv == NULL) {} // expected-warning {{comparison of nonnull parameter 'pv' equal to a null pointer is false on first encounter}} if (pv == NULL) {} // expected-warning {{comparison of nonnull parameter 'pv' equal to a null pointer is 'false' on first encounter}}
} }
extern void *returns_null(void**); extern void *returns_null(void**);
extern void FOO(); extern void FOO();
extern void FEE(); extern void FEE();
extern void *pv; extern void *pv;
__attribute__((__nonnull__)) __attribute__((__nonnull__))
Show All 17 Lines if (s) // No warning
; ;
} }
void pr21668_2(__attribute__((nonnull)) const char *p) { void pr21668_2(__attribute__((nonnull)) const char *p) {
p = 0; p = 0;
if (p) // No warning if (p) // No warning
; ;
} }
__attribute__((returns_nonnull)) void *returns_nonnull_whee();
void returns_nonnull_warning_tests() {
if (returns_nonnull_whee() == NULL) {} // expected-warning {{comparison of nonnull function call 'returns_nonnull_whee()' equal to a null pointer is 'false' on first encounter}}
if (returns_nonnull_whee() != NULL) {} // expected-warning {{comparison of nonnull function call 'returns_nonnull_whee()' not equal to a null pointer is 'true' on first encounter}}
if (returns_nonnull_whee()) {} // expected-warning {{nonnull function call 'returns_nonnull_whee()' will evaluate to 'true' on first encounter}}
if (!returns_nonnull_whee()) {} // expected-warning {{nonnull function call 'returns_nonnull_whee()' will evaluate to 'true' on first encounter}}
int and_again = !returns_nonnull_whee(); // expected-warning {{nonnull function call 'returns_nonnull_whee()' will evaluate to 'true' on first encounter}}
and_again = !returns_nonnull_whee(); // expected-warning {{nonnull function call 'returns_nonnull_whee()' will evaluate to 'true' on first encounter}}
}