UndefinedAssignmentChecker.cpp revision e172e8b9e7fc67d7d03589af7e92fe777afcf33a
1//===--- UndefinedAssignmentChecker.h ---------------------------*- C++ -*--==// 2// 3// The LLVM Compiler Infrastructure 4// 5// This file is distributed under the University of Illinois Open Source 6// License. See LICENSE.TXT for details. 7// 8//===----------------------------------------------------------------------===// 9// 10// This defines UndefinedAssignmentChecker, a builtin check in ExprEngine that 11// checks for assigning undefined values. 12// 13//===----------------------------------------------------------------------===// 14 15#include "ClangSACheckers.h" 16#include "clang/StaticAnalyzer/Core/Checker.h" 17#include "clang/StaticAnalyzer/Core/CheckerManager.h" 18#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h" 19#include "clang/StaticAnalyzer/Core/BugReporter/BugType.h" 20 21using namespace clang; 22using namespace ento; 23 24namespace { 25class UndefinedAssignmentChecker 26 : public Checker<check::Bind> { 27 mutable llvm::OwningPtr<BugType> BT; 28 29public: 30 void checkBind(SVal location, SVal val, CheckerContext &C) const; 31}; 32} 33 34void UndefinedAssignmentChecker::checkBind(SVal location, SVal val, 35 CheckerContext &C) const { 36 if (!val.isUndef()) 37 return; 38 39 ExplodedNode *N = C.generateSink(); 40 41 if (!N) 42 return; 43 44 const char *str = "Assigned value is garbage or undefined"; 45 46 if (!BT) 47 BT.reset(new BuiltinBug(str)); 48 49 // Generate a report for this bug. 50 const Expr *ex = 0; 51 52 const Stmt *StoreE = C.getStmt(); 53 while (StoreE) { 54 if (const BinaryOperator *B = dyn_cast<BinaryOperator>(StoreE)) { 55 if (B->isCompoundAssignmentOp()) { 56 const ProgramState *state = C.getState(); 57 if (state->getSVal(B->getLHS()).isUndef()) { 58 str = "The left expression of the compound assignment is an " 59 "uninitialized value. The computed value will also be garbage"; 60 ex = B->getLHS(); 61 break; 62 } 63 } 64 65 ex = B->getRHS(); 66 break; 67 } 68 69 if (const DeclStmt *DS = dyn_cast<DeclStmt>(StoreE)) { 70 const VarDecl *VD = dyn_cast<VarDecl>(DS->getSingleDecl()); 71 ex = VD->getInit(); 72 } 73 74 break; 75 } 76 77 BugReport *R = new BugReport(*BT, str, N); 78 if (ex) { 79 R->addRange(ex->getSourceRange()); 80 R->addVisitorCreator(bugreporter::registerTrackNullOrUndefValue, ex); 81 } 82 C.EmitReport(R); 83} 84 85void ento::registerUndefinedAssignmentChecker(CheckerManager &mgr) { 86 mgr.registerChecker<UndefinedAssignmentChecker>(); 87} 88