[clang][analyzer] Move 'alpha.core.FixedAddressDereference' out of alpha by balazske · Pull Request #132404 · llvm/llvm-project (original) (raw)

@llvm/pr-subscribers-clang-static-analyzer-1

@llvm/pr-subscribers-clang

Author: Balázs Kéri (balazske)

Changes

Full diff: https://github.com/llvm/llvm-project/pull/132404.diff

8 Files Affected:

• (modified) clang/docs/analyzer/checkers.rst (+35-35)
• (modified) clang/include/clang/StaticAnalyzer/Checkers/Checkers.td (+6-6)
• (modified) clang/test/Analysis/analyzer-enabled-checkers.c (+1)
• (modified) clang/test/Analysis/dtor.cpp (+1-1)
• (modified) clang/test/Analysis/fixed-address-notes.c (+1-1)
• (modified) clang/test/Analysis/misc-ps.m (+2-2)
• (modified) clang/test/Analysis/pr22954.c (+1-1)
• (modified) clang/test/Analysis/std-c-library-functions-arg-enabled-checkers.c (+1)

diff --git a/clang/docs/analyzer/checkers.rst b/clang/docs/analyzer/checkers.rst index 28286a8a5dba6..c676bef90078f 100644 --- a/clang/docs/analyzer/checkers.rst +++ b/clang/docs/analyzer/checkers.rst @@ -97,6 +97,41 @@ core.DivideZero (C, C++, ObjC) .. literalinclude:: checkers/dividezero_example.c :language: c +.. _core-FixedAddressDereference: + +core.FixedAddressDereference (C, C++, ObjC) +""""""""""""""""""""""""""""""""""""""""""" +Check for dereferences of fixed addresses. + +A pointer contains a fixed address if it was set to a hard-coded value or it +becomes otherwise obvious that at that point it can have only a single specific +value. + +.. code-block:: c + + void test1() { + int *p = (int *)0x020; + int x = p[0]; // warn + } + + void test2(int *p) { + if (p == (int *)-1) + *p = 0; // warn + } + + void test3() { + int (p_function)(char, char); + p_function = (int ()(char, char))0x04080; + int x = (*p_function)('x', 'y'); // NO warning yet at functon pointer calls + } + +If the analyzer option suppress-dereferences-from-any-address-space is set +to true (the default value), then this checker never reports dereference of +pointers with a specified address space. If the option is set to false, then +reports from the specific x86 address spaces 256, 257 and 258 are still +suppressed, but fixed address dereferences from other address spaces are +reported. + .. _core-NonNullParamChecker: core.NonNullParamChecker (C, C++, ObjC) @@ -2919,41 +2954,6 @@ Check for assignment of a fixed address to a pointer. p = (int *) 0x10000; // warn } -.. _alpha-core-FixedAddressDereference:

-alpha.core.FixedAddressDereference (C, C++, ObjC) -""""""""""""""""""""""""""""""""""""""""""""""""" -Check for dereferences of fixed addresses.

-A pointer contains a fixed address if it was set to a hard-coded value or it -becomes otherwise obvious that at that point it can have only a single specific -value.

-.. code-block:: c

• void test1() {

• int *p = (int *)0x020;

• int x = p[0]; // warn

• }

• void test2(int *p) {

• if (p == (int *)-1)

• *p = 0; // warn

• }

• void test3() {

• int (*p_function)(char, char);

• p_function = (int (*)(char, char))0x04080;

• int x = (*p_function)('x', 'y'); // NO warning yet at functon pointer calls

• }

• -If the analyzer option suppress-dereferences-from-any-address-space is set -to true (the default value), then this checker never reports dereference of -pointers with a specified address space. If the option is set to false, then -reports from the specific x86 address spaces 256, 257 and 258 are still -suppressed, but fixed address dereferences from other address spaces are -reported.

• .. _alpha-core-PointerArithm:

  alpha.core.PointerArithm (C)

diff --git a/clang/include/clang/StaticAnalyzer/Checkers/Checkers.td b/clang/include/clang/StaticAnalyzer/Checkers/Checkers.td index 6632254955fe6..a34ddee455720 100644 --- a/clang/include/clang/StaticAnalyzer/Checkers/Checkers.td +++ b/clang/include/clang/StaticAnalyzer/Checkers/Checkers.td @@ -211,6 +211,12 @@ def DereferenceModeling : Checker<"DereferenceModeling">, Documentation, Hidden; +def FixedAddressDereferenceChecker + : Checker<"FixedAddressDereference">, + HelpText<"Check for dereferences of fixed addresses">, + Documentation, + Dependencies<[DereferenceModeling]>; + def NullDereferenceChecker : Checker<"NullDereference">, HelpText<"Check for dereferences of null pointers">, Documentation, @@ -278,12 +284,6 @@ def FixedAddressChecker : Checker<"FixedAddr">, HelpText<"Check for assignment of a fixed address to a pointer">, Documentation; -def FixedAddressDereferenceChecker - : Checker<"FixedAddressDereference">, - HelpText<"Check for dereferences of fixed addresses">, - Documentation, - Dependencies<[DereferenceModeling]>;

def PointerArithChecker : Checker<"PointerArithm">, HelpText<"Check for pointer arithmetic on locations other than array " "elements">, diff --git a/clang/test/Analysis/analyzer-enabled-checkers.c b/clang/test/Analysis/analyzer-enabled-checkers.c index e5d0acb84a039..66b9be9795f12 100644 --- a/clang/test/Analysis/analyzer-enabled-checkers.c +++ b/clang/test/Analysis/analyzer-enabled-checkers.c @@ -17,6 +17,7 @@ // CHECK-NEXT: core.DereferenceModeling // CHECK-NEXT: core.DivideZero // CHECK-NEXT: core.DynamicTypePropagation +// CHECK-NEXT: core.FixedAddressDereference // CHECK-NEXT: core.NonNullParamChecker // CHECK-NEXT: core.NonnilStringConstants // CHECK-NEXT: core.NullDereference diff --git a/clang/test/Analysis/dtor.cpp b/clang/test/Analysis/dtor.cpp index bda7d19522bdd..c17c886d97fb4 100644 --- a/clang/test/Analysis/dtor.cpp +++ b/clang/test/Analysis/dtor.cpp @@ -1,4 +1,4 @@ -// RUN: %clang_analyze_cc1 -analyzer-checker=core,unix.Malloc,debug.ExprInspection,cplusplus -analyzer-config c++-inlining=destructors -Wno-null-dereference -Wno-inaccessible-base -verify -analyzer-config eagerly-assume=false %s +// RUN: %clang_analyze_cc1 -analyzer-checker=core,unix.Malloc,debug.ExprInspection,cplusplus -analyzer-disable-checker=core.FixedAddressDereference -analyzer-config c++-inlining=destructors -Wno-null-dereference -Wno-inaccessible-base -verify -analyzer-config eagerly-assume=false %s

void clang_analyzer_eval(bool); void clang_analyzer_checkInlined(bool); diff --git a/clang/test/Analysis/fixed-address-notes.c b/clang/test/Analysis/fixed-address-notes.c index fd7baf7fc14cb..59b417eed38f1 100644 --- a/clang/test/Analysis/fixed-address-notes.c +++ b/clang/test/Analysis/fixed-address-notes.c @@ -1,4 +1,4 @@ -// RUN: %clang_analyze_cc1 -analyzer-checker=core,alpha.core.FixedAddressDereference -analyzer-output=text -verify %s +// RUN: %clang_analyze_cc1 -analyzer-checker=core -analyzer-output=text -verify %s

extern char *something();

diff --git a/clang/test/Analysis/misc-ps.m b/clang/test/Analysis/misc-ps.m index 841f618fbdfab..9c19d0cb4556f 100644 --- a/clang/test/Analysis/misc-ps.m +++ b/clang/test/Analysis/misc-ps.m @@ -1,6 +1,6 @@ // NOTE: Use '-fobjc-gc' to test the analysis being run twice, and multiple reports are not issued. -// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 -analyzer-checker=core,alpha.core,osx.cocoa.AtSync -analyzer-disable-checker=alpha.core.FixedAddressDereference -Wno-strict-prototypes -Wno-pointer-to-int-cast -verify -fblocks -Wno-unreachable-code -Wno-null-dereference -Wno-objc-root-class %s -// RUN: %clang_analyze_cc1 -triple x86_64-apple-darwin10 -analyzer-checker=core,alpha.core,osx.cocoa.AtSync -analyzer-disable-checker=alpha.core.FixedAddressDereference -Wno-strict-prototypes -Wno-pointer-to-int-cast -verify -fblocks -Wno-unreachable-code -Wno-null-dereference -Wno-objc-root-class %s +// RUN: %clang_analyze_cc1 -triple i386-apple-darwin10 -analyzer-checker=core,alpha.core,osx.cocoa.AtSync -analyzer-disable-checker=core.FixedAddressDereference -Wno-strict-prototypes -Wno-pointer-to-int-cast -verify -fblocks -Wno-unreachable-code -Wno-null-dereference -Wno-objc-root-class %s +// RUN: %clang_analyze_cc1 -triple x86_64-apple-darwin10 -analyzer-checker=core,alpha.core,osx.cocoa.AtSync -analyzer-disable-checker=core.FixedAddressDereference -Wno-strict-prototypes -Wno-pointer-to-int-cast -verify -fblocks -Wno-unreachable-code -Wno-null-dereference -Wno-objc-root-class %s

#ifndef clang_analyzer #error clang_analyzer not defined diff --git a/clang/test/Analysis/pr22954.c b/clang/test/Analysis/pr22954.c index 3d1cac1972066..b5f8aeb2a5ca6 100644 --- a/clang/test/Analysis/pr22954.c +++ b/clang/test/Analysis/pr22954.c @@ -3,7 +3,7 @@ // At the moment the whole of the destination array content is invalidated. // If a.s1 region has a symbolic offset, the whole region of 'a' is invalidated. // Specific triple set to test structures of size 0. -// RUN: %clang_analyze_cc1 -triple x86_64-pc-linux-gnu -analyzer-checker=core,unix.Malloc,debug.ExprInspection -Wno-error=int-conversion -verify -analyzer-config eagerly-assume=false %s +// RUN: %clang_analyze_cc1 -triple x86_64-pc-linux-gnu -analyzer-checker=core,unix.Malloc,debug.ExprInspection -analyzer-disable-checker=core.FixedAddressDereference -Wno-error=int-conversion -verify -analyzer-config eagerly-assume=false %s

typedef __typeof(sizeof(int)) size_t;

diff --git a/clang/test/Analysis/std-c-library-functions-arg-enabled-checkers.c b/clang/test/Analysis/std-c-library-functions-arg-enabled-checkers.c index d2900c6a42fff..8c6078a49c231 100644 --- a/clang/test/Analysis/std-c-library-functions-arg-enabled-checkers.c +++ b/clang/test/Analysis/std-c-library-functions-arg-enabled-checkers.c @@ -25,6 +25,7 @@ // CHECK-NEXT: core.DereferenceModeling // CHECK-NEXT: core.DivideZero // CHECK-NEXT: core.DynamicTypePropagation +// CHECK-NEXT: core.FixedAddressDereference // CHECK-NEXT: core.NonNullParamChecker // CHECK-NEXT: core.NonnilStringConstants // CHECK-NEXT: core.NullDereference