This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
include/clang/StaticAnalyzer/Checkers/
-
clang/
-
StaticAnalyzer/
-
Checkers/
-
Checkers.td
-
lib/StaticAnalyzer/Checkers/
-
StaticAnalyzer/
-
Checkers/
-
CMakeLists.txt
5/30
LabelInsideSwitchChecker.cpp
-
test/Analysis/
-
Analysis/
2
label-inside-switch.c

Differential D40715

[analyser] different.LabelInsideSwitch checker implementation
Needs ReviewPublic

Authored by alexey.knyshev on Dec 1 2017, 4:23 AM.

Download Raw Diff

Details

Reviewers

a.sidorin
NoQ
dcoughlin

Summary

Implementation of checker "different.LabelInsideSwitch" from potential checkers list (https://clang-analyzer.llvm.org/potential_checkers.html#different)

Diff Detail

Repository: rC Clang

Event Timeline

alexey.knyshev created this revision.Dec 1 2017, 4:23 AM

Herald added subscribers: cfe-commits, mgorny. · View Herald TranscriptDec 1 2017, 4:23 AM

Hello Alexey,

Thank you for the patch. I have made a preliminary review and will add some other reviewers. You can find my comments inline.

lib/StaticAnalyzer/Checkers/LabelInsideSwitchChecker.cpp
2	License header and checker descriptions are missed here. You can take a look at any other checker to find how it should be filled.
11	Spaces in template arguments should be removed.
13	LLVM Coding Standard requires variables to start with capital letter: 'Mgr'. Please change such names here and below.
16	We usually pass StringRef by value, not by reference. Same below.
17	LLVM Coding Standard requires method names to start with small letter.
34	Obvious comment. I think it is better to remove it.
48	The longest string we can get here is "label inside switch (did you mean 'default'?)". It is 46 char long so we can reduce the allocation size to 48 or 64. Should we rename the variable to "Message"?
60	raw_svector_ostream is always synchronized with the string it prints to so we can just pass the message string instead of calling .str().
66	Seems like you are trying to implement some kind of "similarity" metric. Consider using `StringRef::edit_distance()` instead. I guess, in your case it will give you much more freedom to vary different match parameters. For example, it can consider replacements. Also, I think it's better to rename this function into something like "areStringsSimilar()".
85	The indent looks broken here. You can use clang-format tool to automatically make your code formatted as needed. How about just returning StringRef? We can return empty StringRef (`return StringRef()`) if no matches found and return a non-empty value if match was found.
111	This line exceeds 80-char limit. Please split it.
116	You can write just `void ento::registerLabelInsideSwitchChecker(CheckerManager &Mgr) {
test/Analysis/label-inside-switch.c
2	Not sure if we need to enable 'core' while testing path-insensitive checkers. Artem?
6	Space after `switch`. Same below

a.sidorin added reviewers: a.sidorin, NoQ, dcoughlin.Dec 3 2017, 6:36 AM

kromanenkov added a subscriber: kromanenkov.Dec 3 2017, 6:49 AM

A few comments.

lib/StaticAnalyzer/Checkers/LabelInsideSwitchChecker.cpp
20	Maybe I miss something, but do not we return StringRef to temporary string going out of scope here? Same below.
25	Do you consider using ASTMatchers like in NumberObjectConversionChecker instead of manually traversing the AST?
60	You could use S->getSourceRange() instead of Sr, as llvm::ArrayRef in EmitBasicReport() could be constructed even from the 0 consecutively elements.
81	Maybe so? size_t MinSize = std::min(StrSize, ExpSize); size_t SizeDelta = std::labs(StrSize, ExpSize);

Now implemented via MatchFinder
Added missing License header
Pass all StringRefs by value
Method names now start from small letter
Using StringRef::edit_distance instead of custom "similarity" metric
Various other formating fixes

alexey.knyshev added inline comments.Dec 10 2017, 10:24 AM

lib/StaticAnalyzer/Checkers/LabelInsideSwitchChecker.cpp
25	Haven't seen it before but surely will consider to use it. Looks like I should use StatementMatcher, shouldn't I?
25	One more thing. After reviewing implementation of NumberObjectConversionChecker I'm not sure if it's more clear to use Matcher + Callback there.
60	Is there way to getSourceRange() which doesn't include following comment (if it exists)? Currently source range marks comment string in addition to LabelStmt.
66	Looks like it can be replaced by StringRef::edit_distance
81	SizeDelta is abs(StrSize - ExpSize) from logical point of view. But if StrSize < ExpSize subtraction ExpSize from StrSize will underflow. Anyway I'm going to replace whole function with existing implementation StringRef::edit_distance.
87	Looks like I have to use `forEachDescendant` instead of `hasDescendant`. Please, comment!
95	Typo: Of course should be "sense" instead
116	Actually I can't, get error: /llvm/tools/clang/lib/StaticAnalyzer/Checkers/LabelInsideSwitchChecker.cpp:103:68: error: 'void clang::ento::registerLabelInsideSwitchChecker(clang::ento::CheckerManager&)' should have been declared inside 'clang::ento' void ento::registerLabelInsideSwitchChecker(CheckerManager &Mgr) {

Hello Alexey,

Thank you for the update. The code looks much cleaner now.

lib/StaticAnalyzer/Checkers/LabelInsideSwitchChecker.cpp
1	Check for label inside switch
11	misprinting
19	We don't use CheckerContext in the code below. Looks like this include is redundant or should be replaced by more relevant include files.
87	Yes, `hasDescendant()` will give you only single match. `forEachDescendant()` will continue matching after match found and that is what we should do here. Maybe we can just use stmt(forEachDescendant(switchStmt(forEachDescendant(labelStmt()))))? We don't distinguish "label" and "label_in_case" anyway. Also, current matcher will ignore deeply-nested switches: switch (x) } case 1: { {{ label: }} // ignored } } Is that intentional?
116	This looks strange. I can remember that I have met this issue but I cannot remember how I resolved it.

alexey.knyshev added inline comments.Dec 11 2017, 2:30 AM

lib/StaticAnalyzer/Checkers/LabelInsideSwitchChecker.cpp
87	Thanks, got it. I've used `eachOf` for matching 2 different cases: Label under case stmt such as: switch (x) { case 1: someCodeHere; cas: // missprint ... // other cases } And label under switch compound stmt: switch (x) { cas: blabla; // this label is not a child of any case stmt case 3: ... ... // etc On the other hand I would like to avoid matching deeply-nested labels inside switch compound stmt for reducing false-positives probability. Actually I'm not sure in my assumption.

alexey.knyshev marked 5 inline comments as done.Dec 11 2017, 5:47 AM

Thanks for looking into this!

This checker is in the 'core' package, which means (when moved out of alpha) it will be enabled by default.

Do you think that this checker should be enabled by default for all users of the analyzer?
If users do actually want to use labels in their switch statements, how should they suppress the diagnostics from the checker?
What is the benefit of adding this check in the static analyzer vs. in clang-tidy?

(My own sense is that the check for labels that are close to "default" could be on by default but that warning on *any* label inside a switch is more stylistic. I think users should have to opt in to that check.)

In D40715#951665, @dcoughlin wrote:

Thanks for looking into this!

This checker is in the 'core' package, which means (when moved out of alpha) it will be enabled by default.

Do you think that this checker should be enabled by default for all users of the analyzer?

I think so

If users do actually want to use labels in their switch statements, how should they suppress the diagnostics from the checker?

Good point, is there recommended way to implement options for checker? Where can I find any reference example?

What is the benefit of adding this check in the static analyzer vs. in clang-tidy?

(My own sense is that the check for labels that are close to "default" could be on by default but that warning on *any* label inside a switch is more stylistic. I think users should have to opt in to that check.)

It makes sense. So, I can make generic case when we found any label in swichStmt opt-in (default=off) and left cases when it looks like typo in 'case' or 'default' keywords enabled by default.
Thanks!

Revision Contents

Path

Size

include/

clang/

StaticAnalyzer/

Checkers/

Checkers.td

4 lines

lib/

StaticAnalyzer/

Checkers/

CMakeLists.txt

1 line

LabelInsideSwitchChecker.cpp

104 lines

test/

Analysis/

label-inside-switch.c

67 lines

Diff 126293

include/clang/StaticAnalyzer/Checkers/Checkers.td

Context not available.
	HelpText<"Warn about unintended use of identical expressions in operators">,	HelpText<"Warn about unintended use of identical expressions in operators">,
	DescFile<"IdenticalExprChecker.cpp">;	DescFile<"IdenticalExprChecker.cpp">;

		def LabelInsideSwitchChecker : Checker<"LabelInsideSwitch">,
		HelpText<"Warn about labeled statements inside switch">,
		DescFile<"LabelInsideSwitchChecker.cpp">;

	def FixedAddressChecker : Checker<"FixedAddr">,	def FixedAddressChecker : Checker<"FixedAddr">,
	HelpText<"Check for assignment of a fixed address to a pointer">,	HelpText<"Check for assignment of a fixed address to a pointer">,
	DescFile<"FixedAddressChecker.cpp">;	DescFile<"FixedAddressChecker.cpp">;
Context not available.

lib/StaticAnalyzer/Checkers/CMakeLists.txt

Context not available.
	IteratorChecker.cpp	IteratorChecker.cpp
	IvarInvalidationChecker.cpp	IvarInvalidationChecker.cpp
	LLVMConventionsChecker.cpp	LLVMConventionsChecker.cpp
		LabelInsideSwitchChecker.cpp
	LocalizationChecker.cpp	LocalizationChecker.cpp
	MacOSKeychainAPIChecker.cpp	MacOSKeychainAPIChecker.cpp
	MacOSXAPIChecker.cpp	MacOSXAPIChecker.cpp
Context not available.

lib/StaticAnalyzer/Checkers/LabelInsideSwitchChecker.cpp

				//== LabelInsideSwitchChecker.cpp - Lable inside switch checker -- C++ ---==//
				a.sidorinUnsubmitted Done Reply Inline Actions Check for label inside switch a.sidorin: Check for label inside switch
				//
				a.sidorinUnsubmitted Not Done Reply Inline Actions License header and checker descriptions are missed here. You can take a look at any other checker to find how it should be filled. a.sidorin: License header and checker descriptions are missed here. You can take a look at any other…
				// The LLVM Compiler Infrastructure
				//
				// This file is distributed under the University of Illinois Open Source
				// License. See LICENSE.TXT for details.
				//
				//===----------------------------------------------------------------------===//
				//
				// This defines LabelInsideSwitchChecker, which looks for typos in switch
				// cases like missprinting 'defualt', 'cas' or other accidental insertion
				a.sidorinUnsubmitted Not Done Reply Inline Actions Spaces in template arguments should be removed. a.sidorin: Spaces in template arguments should be removed.
				a.sidorinUnsubmitted Done Reply Inline Actions misprinting a.sidorin: misprinting
				// of labeled statement.
				//
				a.sidorinUnsubmitted Not Done Reply Inline Actions LLVM Coding Standard requires variables to start with capital letter: 'Mgr'. Please change such names here and below. a.sidorin: LLVM Coding Standard requires variables to start with capital letter: 'Mgr'. Please change such…
				//===----------------------------------------------------------------------===//

				#include "clang/ASTMatchers/ASTMatchFinder.h"
				a.sidorinUnsubmitted Not Done Reply Inline Actions We usually pass StringRef by value, not by reference. Same below. a.sidorin: We usually pass StringRef by value, not by reference. Same below.
				#include "clang/StaticAnalyzer/Core/BugReporter/CommonBugCategories.h"
				a.sidorinUnsubmitted Not Done Reply Inline Actions LLVM Coding Standard requires method names to start with small letter. a.sidorin: LLVM Coding Standard requires method names to start with small letter.
				#include "clang/StaticAnalyzer/Core/Checker.h"
				#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
				a.sidorinUnsubmitted Done Reply Inline Actions We don't use CheckerContext in the code below. Looks like this include is redundant or should be replaced by more relevant include files. a.sidorin: We don't use CheckerContext in the code below. Looks like this include is redundant or should…

				kromanenkovUnsubmitted Not Done Reply Inline Actions Maybe I miss something, but do not we return StringRef to temporary string going out of scope here? Same below. kromanenkov: Maybe I miss something, but do not we return StringRef to temporary string going out of scope…
				using namespace clang;
				using namespace ento;
				using namespace ast_matchers;

				namespace {
				kromanenkovUnsubmitted Not Done Reply Inline Actions Do you consider using ASTMatchers like in NumberObjectConversionChecker instead of manually traversing the AST? kromanenkov: Do you consider using ASTMatchers like in NumberObjectConversionChecker instead of manually…
				alexey.knyshevAuthorUnsubmitted Not Done Reply Inline Actions Haven't seen it before but surely will consider to use it. Looks like I should use StatementMatcher, shouldn't I? alexey.knyshev: Haven't seen it before but surely will consider to use it. Looks like I should use…
				alexey.knyshevAuthorUnsubmitted Not Done Reply Inline Actions One more thing. After reviewing implementation of NumberObjectConversionChecker I'm not sure if it's more clear to use Matcher + Callback there. alexey.knyshev: One more thing. After reviewing implementation of NumberObjectConversionChecker I'm not sure if…
				class LabelInsideSwitchChecker : public Checker<check::ASTCodeBody> {
				public:
				void checkASTCodeBody(const Decl *D, AnalysisManager &Mgr,
				BugReporter &BR) const;
				};

				static StringRef suggestTypoFix(StringRef Str) {
				StringRef DefaultStr("default");
				const unsigned DefaultStrED =
				a.sidorinUnsubmitted Not Done Reply Inline Actions Obvious comment. I think it is better to remove it. a.sidorin: Obvious comment. I think it is better to remove it.
				Str.edit_distance(DefaultStr, true, DefaultStr.size() / 2);

				if (DefaultStrED <= DefaultStr.size() / 2)
				return DefaultStr;

				StringRef CaseStr("case");
				const unsigned CaseStrED =
				Str.edit_distance(CaseStr, true, CaseStr.size() / 2);

				if (CaseStrED <= CaseStr.size() / 2)
				return CaseStr;

				return StringRef();
				}
				a.sidorinUnsubmitted Not Done Reply Inline Actions The longest string we can get here is "label inside switch (did you mean 'default'?)". It is 46 char long so we can reduce the allocation size to 48 or 64. Should we rename the variable to "Message"? a.sidorin: 1. The longest string we can get here is "label inside switch (did you mean 'default'?)". It is…

				class Callback : public MatchFinder::MatchCallback {
				const CheckerBase *C;
				BugReporter &BR;
				AnalysisDeclContext *AC;

				void report(const LabelStmt *L) {
				StringRef Suggest = suggestTypoFix(L->getName());

				SmallString<64> Message;
				llvm::raw_svector_ostream OS(Message);
				OS << "label inside switch";
				a.sidorinUnsubmitted Not Done Reply Inline Actions raw_svector_ostream is always synchronized with the string it prints to so we can just pass the message string instead of calling .str(). a.sidorin: raw_svector_ostream is always synchronized with the string it prints to so we can just pass the…
				kromanenkovUnsubmitted Not Done Reply Inline Actions You could use S->getSourceRange() instead of Sr, as llvm::ArrayRef in EmitBasicReport() could be constructed even from the 0 consecutively elements. kromanenkov: You could use S->getSourceRange() instead of Sr, as llvm::ArrayRef in EmitBasicReport() could…
				alexey.knyshevAuthorUnsubmitted Not Done Reply Inline Actions Is there way to getSourceRange() which doesn't include following comment (if it exists)? Currently source range marks comment string in addition to LabelStmt. alexey.knyshev: Is there way to getSourceRange() which doesn't include following comment (if it exists)?
				if (!Suggest.empty())
				OS << " (did you mean '" << Suggest << "'?)";

				PathDiagnosticLocation Loc =
				PathDiagnosticLocation::createBegin(L, BR.getSourceManager(), AC);
				BR.EmitBasicReport(AC->getDecl(), C, "Labeled statement inside switch",
				alexey.knyshevAuthorUnsubmitted Not Done Reply Inline Actions Looks like it can be replaced by StringRef::edit_distance alexey.knyshev: Looks like it can be replaced by [[ https://llvm.org/doxygen/classllvm_1_1StringRef.
				a.sidorinUnsubmitted Not Done Reply Inline Actions Seems like you are trying to implement some kind of "similarity" metric. Consider using `StringRef::edit_distance()` instead. I guess, in your case it will give you much more freedom to vary different match parameters. For example, it can consider replacements. Also, I think it's better to rename this function into something like "areStringsSimilar()". a.sidorin: Seems like you are trying to implement some kind of "similarity" metric. Consider using…
				categories::LogicError, Message, Loc,
				L->getSourceRange());
				}

				public:
				Callback(const CheckerBase C, BugReporter &BR, AnalysisDeclContext AC)
				: C(C), BR(BR), AC(AC) {}

				virtual void run(const MatchFinder::MatchResult &Result) override {
				if (const LabelStmt *L = Result.Nodes.getNodeAs<LabelStmt>("label"))
				report(L);
				if (const LabelStmt *L = Result.Nodes.getNodeAs<LabelStmt>("label_in_case"))
				report(L);
				}
				};
				kromanenkovUnsubmitted Not Done Reply Inline Actions Maybe so? size_t MinSize = std::min(StrSize, ExpSize); size_t SizeDelta = std::labs(StrSize, ExpSize); kromanenkov: Maybe so? size_t MinSize = std::min(StrSize, ExpSize); size_t SizeDelta = std::labs(StrSize…
				alexey.knyshevAuthorUnsubmitted Not Done Reply Inline Actions SizeDelta is abs(StrSize - ExpSize) from logical point of view. But if StrSize < ExpSize subtraction ExpSize from StrSize will underflow. Anyway I'm going to replace whole function with existing implementation StringRef::edit_distance. alexey.knyshev: SizeDelta is abs(StrSize - ExpSize) from logical point of view. But if StrSize < ExpSize…
				} // end anonymous namespace

				void LabelInsideSwitchChecker::checkASTCodeBody(const Decl *D,
				AnalysisManager &Mgr,
				a.sidorinUnsubmitted Not Done Reply Inline Actions The indent looks broken here. You can use clang-format tool to automatically make your code formatted as needed. How about just returning StringRef? We can return empty StringRef (`return StringRef()`) if no matches found and return a non-empty value if match was found. a.sidorin: 1. The indent looks broken here. You can use clang-format tool to automatically make your code…
				BugReporter &BR) const {
				auto LabelStmt = stmt(hasDescendant(switchStmt(
				alexey.knyshevAuthorUnsubmitted Done Reply Inline Actions Looks like I have to use `forEachDescendant` instead of `hasDescendant`. Please, comment! alexey.knyshev: Looks like I have to use `forEachDescendant` instead of `hasDescendant`. Please, comment!
				a.sidorinUnsubmitted Done Reply Inline Actions Yes, `hasDescendant()` will give you only single match. `forEachDescendant()` will continue matching after match found and that is what we should do here. Maybe we can just use stmt(forEachDescendant(switchStmt(forEachDescendant(labelStmt()))))? We don't distinguish "label" and "label_in_case" anyway. Also, current matcher will ignore deeply-nested switches: switch (x) } case 1: { {{ label: }} // ignored } } Is that intentional? a.sidorin: 1. Yes, `hasDescendant()` will give you only single match. `forEachDescendant()` will continue…
				alexey.knyshevAuthorUnsubmitted Not Done Reply Inline Actions Thanks, got it. I've used `eachOf` for matching 2 different cases: Label under case stmt such as: switch (x) { case 1: someCodeHere; cas: // missprint ... // other cases } And label under switch compound stmt: switch (x) { cas: blabla; // this label is not a child of any case stmt case 3: ... ... // etc On the other hand I would like to avoid matching deeply-nested labels inside switch compound stmt for reducing false-positives probability. Actually I'm not sure in my assumption. alexey.knyshev: 1. Thanks, got it. 2. I've used `eachOf` for matching 2 different cases: - Label under case…
				eachOf(has(compoundStmt(forEach(labelStmt().bind("label")))),
				forEachSwitchCase(forEach(labelStmt().bind("label_in_case")))))));

				MatchFinder F;
				Callback CB(this, BR, Mgr.getAnalysisDeclContext(D));

				F.addMatcher(LabelStmt, &CB);
				F.match(*D->getBody(), Mgr.getASTContext());
				alexey.knyshevAuthorUnsubmitted Not Done Reply Inline Actions Typo: Of course should be "sense" instead alexey.knyshev: Typo: Of course should be "sense" instead
				}

				namespace clang {
				namespace ento {
				void registerLabelInsideSwitchChecker(CheckerManager &Mgr) {
				Mgr.registerChecker<LabelInsideSwitchChecker>();
				}
				} // namespace ento
				} // namespace clang
				a.sidorinUnsubmitted Not Done Reply Inline Actions You can write just `void ento::registerLabelInsideSwitchChecker(CheckerManager &Mgr) { a.sidorin: You can write just `void ento::registerLabelInsideSwitchChecker(CheckerManager &Mgr) {
				alexey.knyshevAuthorUnsubmitted Not Done Reply Inline Actions Actually I can't, get error: /llvm/tools/clang/lib/StaticAnalyzer/Checkers/LabelInsideSwitchChecker.cpp:103:68: error: 'void clang::ento::registerLabelInsideSwitchChecker(clang::ento::CheckerManager&)' should have been declared inside 'clang::ento' void ento::registerLabelInsideSwitchChecker(CheckerManager &Mgr) { alexey.knyshev: Actually I can't, get error: ``` /llvm/tools/clang/lib/StaticAnalyzer/Checkers/LabelInsideSwit…
				a.sidorinUnsubmitted Not Done Reply Inline Actions This looks strange. I can remember that I have met this issue but I cannot remember how I resolved it. a.sidorin: This looks strange. I can remember that I have met this issue but I cannot remember how I…
				a.sidorinUnsubmitted Not Done Reply Inline Actions This line exceeds 80-char limit. Please split it. a.sidorin: This line exceeds 80-char limit. Please split it.

test/Analysis/label-inside-switch.c

				// RUN: %clang_analyze_cc1 -analyzer-checker=core,alpha.core.LabelInsideSwitch -w -verify %s

				a.sidorinUnsubmitted Not Done Reply Inline Actions Not sure if we need to enable 'core' while testing path-insensitive checkers. Artem? a.sidorin: Not sure if we need to enable 'core' while testing path-insensitive checkers. Artem?
				int caseAndDefaultMissprint(unsigned count) {
				int res = 0;
				switch (count) {
				case 1:
				a.sidorinUnsubmitted Not Done Reply Inline Actions Space after `switch`. Same below a.sidorin: Space after `switch`. Same below
				res = 1;
				break;
				cas: // expected-warning {{label inside switch (did you mean 'case'?)}}
				case 2:
				res = 5;
				break;
				case 3:
				exit(1);
				defaul: // expected-warning {{label inside switch (did you mean 'default'?)}}
				return -1;
				}

				return res;
				}

				int nestedSwitch(unsigned x, unsigned y) {
				int res = 0;
				switch (x) {
				case 1:
				res = 1;
				break;
				case 2:
				res = 5;
				break;
				case 3:
				switch (y) {
				case 1:
				case 2:
				case 4:
				res = x * y;
				break;
				defaul:; // expected-warning {{label inside switch (did you mean 'default'?)}}
				}
				break;
				default:;
				}

				return res;
				}

				int arbitaryLabelInSwitch(int arg) {
				switch (arg) {
				case 1:
				case 2:
				label: // expected-warning {{label inside switch}}
				case 3:
				break;
				}

				return 0;
				}

				int unreachableLabelInSwitch(int arg) {
				switch (arg) {
				unreachable: // expected-warning {{label inside switch}}
				case 1:
				return 0;
				default:
				return arg;
				}
				}