Bug Summary

File:tools/clang/lib/StaticAnalyzer/Core/PlistDiagnostics.cpp
Warning:line 388, column 21
Called C++ object pointer is null

Annotated Source Code

1//===--- PlistDiagnostics.cpp - Plist Diagnostics for Paths -----*- C++ -*-===//
2//
3// The LLVM Compiler Infrastructure
4//
5// This file is distributed under the University of Illinois Open Source
6// License. See LICENSE.TXT for details.
7//
8//===----------------------------------------------------------------------===//
9//
10// This file defines the PlistDiagnostics object.
11//
12//===----------------------------------------------------------------------===//
13
14#include "clang/Basic/FileManager.h"
15#include "clang/Basic/PlistSupport.h"
16#include "clang/Basic/SourceManager.h"
17#include "clang/Basic/Version.h"
18#include "clang/Lex/Preprocessor.h"
19#include "clang/StaticAnalyzer/Core/BugReporter/PathDiagnostic.h"
20#include "clang/StaticAnalyzer/Core/IssueHash.h"
21#include "clang/StaticAnalyzer/Core/PathDiagnosticConsumers.h"
22#include "llvm/ADT/SmallVector.h"
23#include "llvm/Support/Casting.h"
24using namespace clang;
25using namespace ento;
26using namespace markup;
27
28namespace {
29 class PlistDiagnostics : public PathDiagnosticConsumer {
30 const std::string OutputFile;
31 const LangOptions &LangOpts;
32 const bool SupportsCrossFileDiagnostics;
33 public:
34 PlistDiagnostics(AnalyzerOptions &AnalyzerOpts,
35 const std::string& prefix,
36 const LangOptions &LangOpts,
37 bool supportsMultipleFiles);
38
39 ~PlistDiagnostics() override {}
40
41 void FlushDiagnosticsImpl(std::vector<const PathDiagnostic *> &Diags,
42 FilesMade *filesMade) override;
43
44 StringRef getName() const override {
45 return "PlistDiagnostics";
46 }
47
48 PathGenerationScheme getGenerationScheme() const override {
49 return Extensive;
50 }
51 bool supportsLogicalOpControlFlow() const override { return true; }
52 bool supportsCrossFileDiagnostics() const override {
53 return SupportsCrossFileDiagnostics;
54 }
55 };
56} // end anonymous namespace
57
58PlistDiagnostics::PlistDiagnostics(AnalyzerOptions &AnalyzerOpts,
59 const std::string& output,
60 const LangOptions &LO,
61 bool supportsMultipleFiles)
62 : OutputFile(output),
63 LangOpts(LO),
64 SupportsCrossFileDiagnostics(supportsMultipleFiles) {}
65
66void ento::createPlistDiagnosticConsumer(AnalyzerOptions &AnalyzerOpts,
67 PathDiagnosticConsumers &C,
68 const std::string& s,
69 const Preprocessor &PP) {
70 C.push_back(new PlistDiagnostics(AnalyzerOpts, s,
71 PP.getLangOpts(), false));
72}
73
74void ento::createPlistMultiFileDiagnosticConsumer(AnalyzerOptions &AnalyzerOpts,
75 PathDiagnosticConsumers &C,
76 const std::string &s,
77 const Preprocessor &PP) {
78 C.push_back(new PlistDiagnostics(AnalyzerOpts, s,
79 PP.getLangOpts(), true));
80}
81
82static void ReportControlFlow(raw_ostream &o,
83 const PathDiagnosticControlFlowPiece& P,
84 const FIDMap& FM,
85 const SourceManager &SM,
86 const LangOptions &LangOpts,
87 unsigned indent) {
88
89 Indent(o, indent) << "<dict>\n";
90 ++indent;
91
92 Indent(o, indent) << "<key>kind</key><string>control</string>\n";
93
94 // Emit edges.
95 Indent(o, indent) << "<key>edges</key>\n";
96 ++indent;
97 Indent(o, indent) << "<array>\n";
98 ++indent;
99 for (PathDiagnosticControlFlowPiece::const_iterator I=P.begin(), E=P.end();
100 I!=E; ++I) {
101 Indent(o, indent) << "<dict>\n";
102 ++indent;
103
104 // Make the ranges of the start and end point self-consistent with adjacent edges
105 // by forcing to use only the beginning of the range. This simplifies the layout
106 // logic for clients.
107 Indent(o, indent) << "<key>start</key>\n";
108 SourceRange StartEdge(
109 SM.getExpansionLoc(I->getStart().asRange().getBegin()));
110 EmitRange(o, SM, Lexer::getAsCharRange(StartEdge, SM, LangOpts), FM,
111 indent + 1);
112
113 Indent(o, indent) << "<key>end</key>\n";
114 SourceRange EndEdge(SM.getExpansionLoc(I->getEnd().asRange().getBegin()));
115 EmitRange(o, SM, Lexer::getAsCharRange(EndEdge, SM, LangOpts), FM,
116 indent + 1);
117
118 --indent;
119 Indent(o, indent) << "</dict>\n";
120 }
121 --indent;
122 Indent(o, indent) << "</array>\n";
123 --indent;
124
125 // Output any helper text.
126 const auto &s = P.getString();
127 if (!s.empty()) {
128 Indent(o, indent) << "<key>alternate</key>";
129 EmitString(o, s) << '\n';
130 }
131
132 --indent;
133 Indent(o, indent) << "</dict>\n";
134}
135
136static void ReportEvent(raw_ostream &o, const PathDiagnosticPiece& P,
137 const FIDMap& FM,
138 const SourceManager &SM,
139 const LangOptions &LangOpts,
140 unsigned indent,
141 unsigned depth,
142 bool isKeyEvent = false) {
143
144 Indent(o, indent) << "<dict>\n";
145 ++indent;
146
147 Indent(o, indent) << "<key>kind</key><string>event</string>\n";
148
149 if (isKeyEvent) {
150 Indent(o, indent) << "<key>key_event</key><true/>\n";
151 }
152
153 // Output the location.
154 FullSourceLoc L = P.getLocation().asLocation();
155
156 Indent(o, indent) << "<key>location</key>\n";
157 EmitLocation(o, SM, L, FM, indent);
158
159 // Output the ranges (if any).
160 ArrayRef<SourceRange> Ranges = P.getRanges();
161
162 if (!Ranges.empty()) {
163 Indent(o, indent) << "<key>ranges</key>\n";
164 Indent(o, indent) << "<array>\n";
165 ++indent;
166 for (auto &R : Ranges)
167 EmitRange(o, SM,
168 Lexer::getAsCharRange(SM.getExpansionRange(R), SM, LangOpts),
169 FM, indent + 1);
170 --indent;
171 Indent(o, indent) << "</array>\n";
172 }
173
174 // Output the call depth.
175 Indent(o, indent) << "<key>depth</key>";
176 EmitInteger(o, depth) << '\n';
177
178 // Output the text.
179 assert(!P.getString().empty())((!P.getString().empty()) ? static_cast<void> (0) : __assert_fail
("!P.getString().empty()", "/tmp/buildd/llvm-toolchain-snapshot-5.0~svn303373/tools/clang/lib/StaticAnalyzer/Core/PlistDiagnostics.cpp"
, 179, __PRETTY_FUNCTION__))
;
180 Indent(o, indent) << "<key>extended_message</key>\n";
181 Indent(o, indent);
182 EmitString(o, P.getString()) << '\n';
183
184 // Output the short text.
185 // FIXME: Really use a short string.
186 Indent(o, indent) << "<key>message</key>\n";
187 Indent(o, indent);
188 EmitString(o, P.getString()) << '\n';
189
190 // Finish up.
191 --indent;
192 Indent(o, indent); o << "</dict>\n";
193}
194
195static void ReportPiece(raw_ostream &o,
196 const PathDiagnosticPiece &P,
197 const FIDMap& FM, const SourceManager &SM,
198 const LangOptions &LangOpts,
199 unsigned indent,
200 unsigned depth,
201 bool includeControlFlow,
202 bool isKeyEvent = false);
203
204static void ReportCall(raw_ostream &o,
205 const PathDiagnosticCallPiece &P,
206 const FIDMap& FM, const SourceManager &SM,
207 const LangOptions &LangOpts,
208 unsigned indent,
209 unsigned depth) {
210
211 if (auto callEnter = P.getCallEnterEvent())
212 ReportPiece(o, *callEnter, FM, SM, LangOpts, indent, depth, true,
213 P.isLastInMainSourceFile());
214
215
216 ++depth;
217
218 if (auto callEnterWithinCaller = P.getCallEnterWithinCallerEvent())
219 ReportPiece(o, *callEnterWithinCaller, FM, SM, LangOpts,
220 indent, depth, true);
221
222 for (PathPieces::const_iterator I = P.path.begin(), E = P.path.end();I!=E;++I)
223 ReportPiece(o, **I, FM, SM, LangOpts, indent, depth, true);
224
225 --depth;
226
227 if (auto callExit = P.getCallExitEvent())
228 ReportPiece(o, *callExit, FM, SM, LangOpts, indent, depth, true);
229}
230
231static void ReportMacro(raw_ostream &o,
232 const PathDiagnosticMacroPiece& P,
233 const FIDMap& FM, const SourceManager &SM,
234 const LangOptions &LangOpts,
235 unsigned indent,
236 unsigned depth) {
237
238 for (PathPieces::const_iterator I = P.subPieces.begin(), E=P.subPieces.end();
239 I!=E; ++I) {
240 ReportPiece(o, **I, FM, SM, LangOpts, indent, depth, false);
241 }
242}
243
244static void ReportDiag(raw_ostream &o, const PathDiagnosticPiece& P,
245 const FIDMap& FM, const SourceManager &SM,
246 const LangOptions &LangOpts) {
247 ReportPiece(o, P, FM, SM, LangOpts, 4, 0, true);
248}
249
250static void ReportPiece(raw_ostream &o,
251 const PathDiagnosticPiece &P,
252 const FIDMap& FM, const SourceManager &SM,
253 const LangOptions &LangOpts,
254 unsigned indent,
255 unsigned depth,
256 bool includeControlFlow,
257 bool isKeyEvent) {
258 switch (P.getKind()) {
259 case PathDiagnosticPiece::ControlFlow:
260 if (includeControlFlow)
261 ReportControlFlow(o, cast<PathDiagnosticControlFlowPiece>(P), FM, SM,
262 LangOpts, indent);
263 break;
264 case PathDiagnosticPiece::Call:
265 ReportCall(o, cast<PathDiagnosticCallPiece>(P), FM, SM, LangOpts,
266 indent, depth);
267 break;
268 case PathDiagnosticPiece::Event:
269 ReportEvent(o, cast<PathDiagnosticSpotPiece>(P), FM, SM, LangOpts,
270 indent, depth, isKeyEvent);
271 break;
272 case PathDiagnosticPiece::Macro:
273 ReportMacro(o, cast<PathDiagnosticMacroPiece>(P), FM, SM, LangOpts,
274 indent, depth);
275 break;
276 case PathDiagnosticPiece::Note:
277 // FIXME: Extend the plist format to support those.
278 break;
279 }
280}
281
282void PlistDiagnostics::FlushDiagnosticsImpl(
283 std::vector<const PathDiagnostic *> &Diags,
284 FilesMade *filesMade) {
285 // Build up a set of FIDs that we use by scanning the locations and
286 // ranges of the diagnostics.
287 FIDMap FM;
288 SmallVector<FileID, 10> Fids;
289 const SourceManager* SM = nullptr;
1
'SM' initialized to a null pointer value
290
291 if (!Diags.empty())
2
Assuming the condition is false
3
Taking false branch
292 SM = &Diags.front()->path.front()->getLocation().getManager();
293
294 auto AddPieceFID = [&FM, &Fids, SM](const PathDiagnosticPiece &Piece) {
295 AddFID(FM, Fids, *SM, Piece.getLocation().asLocation());
296 ArrayRef<SourceRange> Ranges = Piece.getRanges();
297 for (const SourceRange &Range : Ranges) {
298 AddFID(FM, Fids, *SM, Range.getBegin());
299 AddFID(FM, Fids, *SM, Range.getEnd());
300 }
301 };
302
303 for (const PathDiagnostic *D : Diags) {
304
305 SmallVector<const PathPieces *, 5> WorkList;
306 WorkList.push_back(&D->path);
307
308 while (!WorkList.empty()) {
309 const PathPieces &Path = *WorkList.pop_back_val();
310
311 for (const auto &Iter : Path) {
312 const PathDiagnosticPiece &Piece = *Iter;
313 AddPieceFID(Piece);
314
315 if (const PathDiagnosticCallPiece *Call =
316 dyn_cast<PathDiagnosticCallPiece>(&Piece)) {
317 if (auto CallEnterWithin = Call->getCallEnterWithinCallerEvent())
318 AddPieceFID(*CallEnterWithin);
319
320 if (auto CallEnterEvent = Call->getCallEnterEvent())
321 AddPieceFID(*CallEnterEvent);
322
323 WorkList.push_back(&Call->path);
324 } else if (const PathDiagnosticMacroPiece *Macro =
325 dyn_cast<PathDiagnosticMacroPiece>(&Piece)) {
326 WorkList.push_back(&Macro->subPieces);
327 }
328 }
329 }
330 }
331
332 // Open the file.
333 std::error_code EC;
334 llvm::raw_fd_ostream o(OutputFile, EC, llvm::sys::fs::F_Text);
335 if (EC) {
4
Taking false branch
336 llvm::errs() << "warning: could not create file: " << EC.message() << '\n';
337 return;
338 }
339
340 EmitPlistHeader(o);
341
342 // Write the root object: a <dict> containing...
343 // - "clang_version", the string representation of clang version
344 // - "files", an <array> mapping from FIDs to file names
345 // - "diagnostics", an <array> containing the path diagnostics
346 o << "<dict>\n" <<
347 " <key>clang_version</key>\n";
348 EmitString(o, getClangFullVersion()) << '\n';
349 o << " <key>files</key>\n"
350 " <array>\n";
351
352 for (FileID FID : Fids)
5
Assuming '__begin' is equal to '__end'
353 EmitString(o << " ", SM->getFileEntryForID(FID)->getName()) << '\n';
354
355 o << " </array>\n"
356 " <key>diagnostics</key>\n"
357 " <array>\n";
358
359 for (std::vector<const PathDiagnostic*>::iterator DI=Diags.begin(),
6
Loop condition is true. Entering loop body
360 DE = Diags.end(); DI!=DE; ++DI) {
361
362 o << " <dict>\n"
363 " <key>path</key>\n";
364
365 const PathDiagnostic *D = *DI;
366
367 o << " <array>\n";
368
369 for (PathPieces::const_iterator I = D->path.begin(), E = D->path.end();
7
Loop condition is false. Execution continues on line 373
370 I != E; ++I)
371 ReportDiag(o, **I, FM, *SM, LangOpts);
372
373 o << " </array>\n";
374
375 // Output the bug type and bug category.
376 o << " <key>description</key>";
377 EmitString(o, D->getShortDescription()) << '\n';
378 o << " <key>category</key>";
379 EmitString(o, D->getCategory()) << '\n';
380 o << " <key>type</key>";
381 EmitString(o, D->getBugType()) << '\n';
382 o << " <key>check_name</key>";
383 EmitString(o, D->getCheckName()) << '\n';
384
385 o << " <!-- This hash is experimental and going to change! -->\n";
386 o << " <key>issue_hash_content_of_line_in_context</key>";
387 PathDiagnosticLocation UPDLoc = D->getUniqueingLoc();
388 FullSourceLoc L(SM->getExpansionLoc(UPDLoc.isValid()
8
'?' condition is true
9
Called C++ object pointer is null
389 ? UPDLoc.asLocation()
390 : D->getLocation().asLocation()),
391 *SM);
392 const Decl *DeclWithIssue = D->getDeclWithIssue();
393 EmitString(o, GetIssueHash(*SM, L, D->getCheckName(), D->getBugType(),
394 DeclWithIssue, LangOpts))
395 << '\n';
396
397 // Output information about the semantic context where
398 // the issue occurred.
399 if (const Decl *DeclWithIssue = D->getDeclWithIssue()) {
400 // FIXME: handle blocks, which have no name.
401 if (const NamedDecl *ND = dyn_cast<NamedDecl>(DeclWithIssue)) {
402 StringRef declKind;
403 switch (ND->getKind()) {
404 case Decl::CXXRecord:
405 declKind = "C++ class";
406 break;
407 case Decl::CXXMethod:
408 declKind = "C++ method";
409 break;
410 case Decl::ObjCMethod:
411 declKind = "Objective-C method";
412 break;
413 case Decl::Function:
414 declKind = "function";
415 break;
416 default:
417 break;
418 }
419 if (!declKind.empty()) {
420 const std::string &declName = ND->getDeclName().getAsString();
421 o << " <key>issue_context_kind</key>";
422 EmitString(o, declKind) << '\n';
423 o << " <key>issue_context</key>";
424 EmitString(o, declName) << '\n';
425 }
426
427 // Output the bug hash for issue unique-ing. Currently, it's just an
428 // offset from the beginning of the function.
429 if (const Stmt *Body = DeclWithIssue->getBody()) {
430
431 // If the bug uniqueing location exists, use it for the hash.
432 // For example, this ensures that two leaks reported on the same line
433 // will have different issue_hashes and that the hash will identify
434 // the leak location even after code is added between the allocation
435 // site and the end of scope (leak report location).
436 if (UPDLoc.isValid()) {
437 FullSourceLoc UFunL(SM->getExpansionLoc(
438 D->getUniqueingDecl()->getBody()->getLocStart()), *SM);
439 o << " <key>issue_hash_function_offset</key><string>"
440 << L.getExpansionLineNumber() - UFunL.getExpansionLineNumber()
441 << "</string>\n";
442
443 // Otherwise, use the location on which the bug is reported.
444 } else {
445 FullSourceLoc FunL(SM->getExpansionLoc(Body->getLocStart()), *SM);
446 o << " <key>issue_hash_function_offset</key><string>"
447 << L.getExpansionLineNumber() - FunL.getExpansionLineNumber()
448 << "</string>\n";
449 }
450
451 }
452 }
453 }
454
455 // Output the location of the bug.
456 o << " <key>location</key>\n";
457 EmitLocation(o, *SM, D->getLocation().asLocation(), FM, 2);
458
459 // Output the diagnostic to the sub-diagnostic client, if any.
460 if (!filesMade->empty()) {
461 StringRef lastName;
462 PDFileEntry::ConsumerFiles *files = filesMade->getFiles(*D);
463 if (files) {
464 for (PDFileEntry::ConsumerFiles::const_iterator CI = files->begin(),
465 CE = files->end(); CI != CE; ++CI) {
466 StringRef newName = CI->first;
467 if (newName != lastName) {
468 if (!lastName.empty()) {
469 o << " </array>\n";
470 }
471 lastName = newName;
472 o << " <key>" << lastName << "_files</key>\n";
473 o << " <array>\n";
474 }
475 o << " <string>" << CI->second << "</string>\n";
476 }
477 o << " </array>\n";
478 }
479 }
480
481 // Close up the entry.
482 o << " </dict>\n";
483 }
484
485 o << " </array>\n";
486
487 // Finish.
488 o << "</dict>\n</plist>";
489}