This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
cfe/trunk/
-
trunk/
-
lib/StaticAnalyzer/Checkers/
-
StaticAnalyzer/
-
Checkers/
-
MisusedMovedObjectChecker.cpp
-
test/Analysis/
-
Analysis/
-
MisusedMovedObject.cpp

Differential D52983

[analyzer] Support Reinitializes attribute in MisusedMovedObject check
ClosedPublic

Authored by xazax.hun on Oct 8 2018, 6:28 AM.

Download Raw Diff

Details

Reviewers

NoQ
szepet
george.karpenkov

Commits

rGd1fd93ceea42: [analyzer] Support Reinitializes attribute in MisusedMovedObject check
rC344017: [analyzer] Support Reinitializes attribute in MisusedMovedObject check
rL344017: [analyzer] Support Reinitializes attribute in MisusedMovedObject check

Summary

Support the same attribute that the tidy version of this check already supports.
Also do some minor cleanups.

Diff Detail

Repository: rL LLVM

Event Timeline

xazax.hun created this revision.Oct 8 2018, 6:28 AM

Herald added subscribers: Szelethus, mikhail.ramalho, a.sidorin and 4 others. · View Herald TranscriptOct 8 2018, 6:28 AM

Yay, these look useful. Is there also an attribute for methods that should never be called on a 'moved-from' object?

This revision is now accepted and ready to land.Oct 8 2018, 7:09 PM

In D52983#1258466, @NoQ wrote:

Yay, these look useful. Is there also an attribute for methods that should never be called on a 'moved-from' object?

I do not know about such attribute, but once contracts are implemented and wide-spread, a precondition on a method/function is a strong suggestion that it should not be used on a moved-from object.

Closed by commit rL344017: [analyzer] Support Reinitializes attribute in MisusedMovedObject check (authored by xazax). · Explain WhyOct 9 2018, 12:30 AM

This revision was automatically updated to reflect the committed changes.

Herald added a subscriber: llvm-commits. · View Herald TranscriptOct 9 2018, 12:30 AM

In D52983#1258499, @xazax.hun wrote:

In D52983#1258466, @NoQ wrote:

Yay, these look useful. Is there also an attribute for methods that should never be called on a 'moved-from' object?

I do not know about such attribute, but once contracts are implemented and wide-spread, a precondition on a method/function is a strong suggestion that it should not be used on a moved-from object.

Well, that actually sounds like a pretty good heuristic, as long as we know that a moved-from object cannot reliably satisfy these contracts. In other words, it'll probably be fine for most library classes, but my concern is that the more contracts do we document this way, the more false positives would we have, which is not a healthy correlation. Like, for example, if we add a contract "the object is in a consistent state" to all methods of an STL object, eg. something like this->_length == strlen(this->_buf) for std::string methods, it might be a valid contract, but all moved-from objects would trivially satisfy it (because they are guaranteed to be in a consistent albeit unspecified state), so we won't be able to all any method at all.

Revision Contents

Path

Size

cfe/

trunk/

lib/

StaticAnalyzer/

Checkers/

MisusedMovedObjectChecker.cpp

24 lines

test/

Analysis/

MisusedMovedObject.cpp

12 lines

Diff 168750

cfe/trunk/lib/StaticAnalyzer/Checkers/MisusedMovedObjectChecker.cpp

Show First 20 Lines • Show All 308 Lines • ▼ Show 20 Lines	if (const auto *ConversionDec =
dyn_cast_or_null<CXXConversionDecl>(MethodDec)) {		dyn_cast_or_null<CXXConversionDecl>(MethodDec)) {
const Type *Tp = ConversionDec->getConversionType().getTypePtrOrNull();		const Type *Tp = ConversionDec->getConversionType().getTypePtrOrNull();
if (!Tp)		if (!Tp)
return false;		return false;
if (Tp->isBooleanType() \|\| Tp->isVoidType() \|\| Tp->isVoidPointerType())		if (Tp->isBooleanType() \|\| Tp->isVoidType() \|\| Tp->isVoidPointerType())
return true;		return true;
}		}
// Function call `empty` can be skipped.		// Function call `empty` can be skipped.
if (MethodDec && MethodDec->getDeclName().isIdentifier() &&		return (MethodDec && MethodDec->getDeclName().isIdentifier() &&
(MethodDec->getName().lower() == "empty" \|\|		(MethodDec->getName().lower() == "empty" \|\|
MethodDec->getName().lower() == "isempty"))		MethodDec->getName().lower() == "isempty"));
return true;

return false;
}		}

bool MisusedMovedObjectChecker::isStateResetMethod(		bool MisusedMovedObjectChecker::isStateResetMethod(
const CXXMethodDecl *MethodDec) const {		const CXXMethodDecl *MethodDec) const {
if (MethodDec && MethodDec->getDeclName().isIdentifier()) {		if (!MethodDec)
		return false;
		if (MethodDec->hasAttr<ReinitializesAttr>())
		return true;
		if (MethodDec->getDeclName().isIdentifier()) {
std::string MethodName = MethodDec->getName().lower();		std::string MethodName = MethodDec->getName().lower();
if (MethodName == "reset" \|\| MethodName == "clear" \|\|		if (MethodName == "reset" \|\| MethodName == "clear" \|\|
MethodName == "destroy")		MethodName == "destroy")
return true;		return true;
}		}
return false;		return false;
}		}

▲ Show 20 Lines • Show All 88 Lines • ▼ Show 20 Lines	if (OperatorEq) {
C.addTransition(State, N);		C.addTransition(State, N);
return;		return;
}		}

// The remaining part is check only for method call on a moved-from object.		// The remaining part is check only for method call on a moved-from object.

// We want to investigate the whole object, not only sub-object of a parent		// We want to investigate the whole object, not only sub-object of a parent
// class in which the encountered method defined.		// class in which the encountered method defined.
while (const CXXBaseObjectRegion *BR =		while (const auto *BR = dyn_cast<CXXBaseObjectRegion>(ThisRegion))
dyn_cast<CXXBaseObjectRegion>(ThisRegion))
ThisRegion = BR->getSuperRegion();		ThisRegion = BR->getSuperRegion();

if (isMoveSafeMethod(MethodDecl))		if (isMoveSafeMethod(MethodDecl))
return;		return;

if (isStateResetMethod(MethodDecl)) {		if (isStateResetMethod(MethodDecl)) {
State = removeFromState(State, ThisRegion);		State = removeFromState(State, ThisRegion);
C.addTransition(State);		C.addTransition(State);
Show All 40 Lines	ProgramStateRef MisusedMovedObjectChecker::checkRegionChanges(
const CallEvent *Call) const {		const CallEvent *Call) const {
// In case of an InstanceCall don't remove the ThisRegion from the GDM since		// In case of an InstanceCall don't remove the ThisRegion from the GDM since
// it is handled in checkPreCall and checkPostCall.		// it is handled in checkPreCall and checkPostCall.
const MemRegion *ThisRegion = nullptr;		const MemRegion *ThisRegion = nullptr;
if (const auto *IC = dyn_cast_or_null<CXXInstanceCall>(Call)) {		if (const auto *IC = dyn_cast_or_null<CXXInstanceCall>(Call)) {
ThisRegion = IC->getCXXThisVal().getAsRegion();		ThisRegion = IC->getCXXThisVal().getAsRegion();
}		}

for (ArrayRef<const MemRegion *>::iterator I = ExplicitRegions.begin(),		for (const auto *Region : ExplicitRegions) {
E = ExplicitRegions.end();		if (ThisRegion != Region)
I != E; ++I) {
const auto Region = I;
if (ThisRegion != Region) {
State = removeFromState(State, Region);		State = removeFromState(State, Region);
}		}
}

return State;		return State;
}		}

void MisusedMovedObjectChecker::printState(raw_ostream &Out,		void MisusedMovedObjectChecker::printState(raw_ostream &Out,
ProgramStateRef State,		ProgramStateRef State,
const char *NL,		const char *NL,
const char *Sep) const {		const char *Sep) const {
Show All 18 Lines

cfe/trunk/test/Analysis/MisusedMovedObject.cpp

Show First 20 Lines • Show All 632 Lines • ▼ Show 20 Lines	void ifStmtSequencesDeclAndConditionTest() {
for (int i = 0; i < 3; ++i) {		for (int i = 0; i < 3; ++i) {
if (A a = A()) {		if (A a = A()) {
A b;		A b;
b = std::move(a); // no-warning		b = std::move(a); // no-warning
}		}
}		}
}		}

class C : public A {};		struct C : public A {
		[[clang::reinitializes]] void reinit();
		};

void subRegionMoveTest() {		void subRegionMoveTest() {
{		{
A a;		A a;
B b = std::move(a.b); // expected-note {{'b' became 'moved-from' here}}		B b = std::move(a.b); // expected-note {{'b' became 'moved-from' here}}
a.b.foo(); // expected-warning {{Method call on a 'moved-from' object 'b'}} expected-note {{Method call on a 'moved-from' object 'b'}}		a.b.foo(); // expected-warning {{Method call on a 'moved-from' object 'b'}} expected-note {{Method call on a 'moved-from' object 'b'}}
}		}
{		{
A a;		A a;
Show All 17 Lines

void resetSuperClass() {		void resetSuperClass() {
C c;		C c;
C c1 = std::move(c);		C c1 = std::move(c);
c.clear();		c.clear();
C c2 = c; // no-warning		C c2 = c; // no-warning
}		}

		void resetSuperClass2() {
		C c;
		C c1 = std::move(c);
		c.reinit();
		C c2 = c; // no-warning
		}

void reportSuperClass() {		void reportSuperClass() {
C c;		C c;
C c1 = std::move(c); // expected-note {{'c' became 'moved-from' here}}		C c1 = std::move(c); // expected-note {{'c' became 'moved-from' here}}
c.foo(); // expected-warning {{Method call on a 'moved-from' object 'c'}} expected-note {{Method call on a 'moved-from' object 'c'}}		c.foo(); // expected-warning {{Method call on a 'moved-from' object 'c'}} expected-note {{Method call on a 'moved-from' object 'c'}}
C c2 = c; // no-warning		C c2 = c; // no-warning
}		}