This is an archive of the discontinued LLVM Phabricator instance.

[analyzer][StdLibraryFunctionsChecker] Add POSIX networking functions
ClosedPublic

Authored by martong on Jul 8 2020, 9:53 AM.

Details

Summary

Adding networking functions from the POSIX standard (2017). This includes
functions that deal with sockets from socket.h, netdb.h.

In 'socket.h' of some libc implementations (e.g. glibc) with C99, sockaddr
parameter is a transparent union of the underlying sockaddr_ family of pointers
instead of being a pointer to struct sockaddr. In these cases, the standardized
signature will not match, thus we try to match with another signature that has
the joker Irrelevant type. In the case of transparent unions, we also not add
those constraints which require pointer types for the sockaddr param.

Interestingly, in 'netdb.h' sockaddr is not handled as a transparent union.

Diff Detail

Event Timeline

martong created this revision.Jul 8 2020, 9:53 AM
martong marked an inline comment as done.Jul 8 2020, 10:01 AM
martong added inline comments.
clang/test/Analysis/std-c-library-functions-POSIX.c
200

Remove redundant duplicated line.

Are not some functions missing from the list (shutdown, sockatmark, socket) (these come from <sys/socket.h>)? And getnameinfo comes from <netdb.h> with many other functions that are not added.

clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp
1725

There could be a generic form of getting the restrict type for a type so something like this can be done (this is used relatively often):
getRestrictTypeIfApplicable(ACtx, StructSockaddrPtrTy)

martong updated this revision to Diff 276715.Jul 9 2020, 5:50 AM
  • Add getRestrictTy
martong updated this revision to Diff 276716.Jul 9 2020, 5:52 AM
martong marked 2 inline comments as done and an inline comment as not done.
  • Remove redundant line from test code

Are not some functions missing from the list (shutdown, sockatmark, socket) (these come from <sys/socket.h>)? And getnameinfo comes from <netdb.h> with many other functions that are not added.

Yes, there are missing functions, this is not a comprehensive list. I try to be careful in the sense that I am adding only those functions that have a summary in Cppcheck because those constraints are already validated by their community. Of course, the list can be extended anytime, contributions are welcome from anybody.

clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp
1725

Yes, absolutely, good idea!

martong marked an inline comment as done.Jul 9 2020, 5:55 AM
Szelethus added inline comments.Jul 9 2020, 6:59 AM
clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp
1747–1759

This is quite a bit of code duplication -- if we failed to match the precise accept, we just try again with the middle argument type being unspecified? Whats the difference between this and trying to match with Irrelevant straight away?

martong marked an inline comment as done.Jul 9 2020, 7:36 AM
martong added inline comments.
clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp
1747–1759

if we failed to match the precise accept, we just try again with the middle argument type being unspecified?

Yes. And that will be a successful match in the case where sockaddr is a transparent union.

Whats the difference between this and trying to match with Irrelevant straight away?

Yeah, it's a good catch. There is no difference with accept because we don't have any constraints on sockaddr anyway. But, the other functions have fewer constraints with the transparent union.
Perhaps we should separate the body of the Summary from the Signature and in this case we could reuse that for both signatures. Or as you suggested we could just match by default with the Irrelevant. What do you think?

Szelethus added inline comments.Jul 9 2020, 7:42 AM
clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp
1747–1759

Perhaps we should separate the body of the Summary from the Signature and in this case we could reuse that for both signatures. Or as you suggested we could just match by default with the Irrelevant. What do you think?

Separating the summary and the signature sounds great! But, that also adds sufficiently complex code that would definitely warrant individual tests, so we should add that as well.

martong updated this revision to Diff 276759.Jul 9 2020, 9:38 AM
  • Reuse summaries with accept and other functions when sockaddr is a union of pointers
martong marked 2 inline comments as done.Jul 9 2020, 9:41 AM
martong added inline comments.
clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp
1747–1759

Ok, so I added a new overload to addToFunctionSummaryMap that can take a Signature. This signature is set to the given Summary, this way we can avoid the code duplication. Note, this change involved that the Signature is no longer a const member of the Summary, plus the Args and Ret cannot be a const member anymore of the Signature (we have to overwrite the signature of the given summary and that involves the copy assignment op).

martong updated this revision to Diff 276928.Jul 10 2020, 12:07 AM
martong marked an inline comment as done.
  • Make Signature to be an Optional member of the Summary
Szelethus marked an inline comment as done.Jul 10 2020, 5:10 AM

I'm yet to go over line-by-line, but the overall logic looks great.

clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp
328–331

Ah right, because we need to copy this. Shame that Optional can't just inplace construct the object with a copy constructor or something.

1745

AcceptSummary?

martong marked 2 inline comments as done.Jul 10 2020, 7:33 AM
martong added inline comments.
clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp
328–331

The problem is rather with the copy assignment. I think, copy construction could be implemented if we keep the const, but assignment is not.

1745

I prefer simply Accept because right after the = sign we have the Summary string :)

Szelethus marked an inline comment as done.Jul 14 2020, 6:40 AM
Szelethus added inline comments.
clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp
328–331

Yes, but copy assignment happens because out optional isn't optimal (hehe) http://lists.llvm.org/pipermail/cfe-dev/2018-July/058427.html. Anyways, it is what it is. You could add a comment about this, but it might not be worthwhile.

1745

Fair enough.

This revision is now accepted and ready to land.Jul 20 2020, 3:39 AM
This revision was automatically updated to reflect the committed changes.