[analyzer] Note last "fclose" call from "ensureStreamOpened" #109112
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Patch by Arseniy Zaostrovnykh!
|
@llvm/pr-subscribers-clang @llvm/pr-subscribers-clang-static-analyzer-1 Author: Balazs Benics (steakhal) ChangesPatch by Arseniy Zaostrovnykh! Full diff: https://github.com/llvm/llvm-project/pull/109112.diff 2 Files Affected:
diff --git a/clang/lib/StaticAnalyzer/Checkers/StreamChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/StreamChecker.cpp
index 8bb7880a3cc283..c0f3591662b418 100644
--- a/clang/lib/StaticAnalyzer/Checkers/StreamChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/StreamChecker.cpp
@@ -1835,6 +1835,46 @@ StreamChecker::ensureStreamNonNull(SVal StreamVal, const Expr *StreamE,
return StateNotNull;
}
+namespace {
+class StreamClosedVisitor final : public BugReporterVisitor {
+ const SymbolRef StreamSym;
+ bool Satisfied = false;
+
+public:
+ explicit StreamClosedVisitor(SymbolRef StreamSym) : StreamSym(StreamSym) {}
+
+ static void *getTag() {
+ static int Tag = 0;
+ return &Tag;
+ }
+
+ void Profile(llvm::FoldingSetNodeID &ID) const override {
+ ID.AddPointer(getTag());
+ ID.AddPointer(StreamSym);
+ }
+
+ PathDiagnosticPieceRef VisitNode(const ExplodedNode *N,
+ BugReporterContext &BRC,
+ PathSensitiveBugReport &BR) override {
+ if (Satisfied)
+ return nullptr;
+ const StreamState *PredSS =
+ N->getFirstPred()->getState()->get<StreamMap>(StreamSym);
+ if (PredSS && PredSS->isClosed())
+ return nullptr;
+
+ const Stmt *S = N->getStmtForDiagnostics();
+ if (!S)
+ return nullptr;
+ Satisfied = true;
+ PathDiagnosticLocation Pos(S, BRC.getSourceManager(),
+ N->getLocationContext());
+ llvm::StringLiteral Msg = "Stream is closed here";
+ return std::make_shared<PathDiagnosticEventPiece>(Pos, Msg);
+ }
+};
+} // namespace
+
ProgramStateRef StreamChecker::ensureStreamOpened(SVal StreamVal,
CheckerContext &C,
ProgramStateRef State) const {
@@ -1849,11 +1889,12 @@ ProgramStateRef StreamChecker::ensureStreamOpened(SVal StreamVal,
if (SS->isClosed()) {
// Using a stream pointer after 'fclose' causes undefined behavior
// according to cppreference.com .
- ExplodedNode *N = C.generateErrorNode();
- if (N) {
- C.emitReport(std::make_unique<PathSensitiveBugReport>(
+ if (ExplodedNode *N = C.generateErrorNode()) {
+ auto R = std::make_unique<PathSensitiveBugReport>(
BT_UseAfterClose,
- "Stream might be already closed. Causes undefined behaviour.", N));
+ "Stream might be already closed. Causes undefined behaviour.", N);
+ R->addVisitor<StreamClosedVisitor>(Sym);
+ C.emitReport(std::move(R));
return nullptr;
}
diff --git a/clang/test/Analysis/stream-note.c b/clang/test/Analysis/stream-note.c
index 3aef707d50056e..02251e2e12d6a1 100644
--- a/clang/test/Analysis/stream-note.c
+++ b/clang/test/Analysis/stream-note.c
@@ -264,3 +264,12 @@ void error_fseek_read_eof(void) {
fgetc(F); // no warning
fclose(F);
}
+
+void check_note_at_use_after_close(void) {
+ FILE *F = tmpfile();
+ if (!F) // expected-note {{'F' is non-null}} expected-note {{Taking false branch}}
+ return;
+ fclose(F); // expected-note {{Stream is closed here}}
+ rewind(F); // expected-warning {{Stream might be already closed. Causes undefined behaviour}}
+ // expected-note@-1 {{Stream might be already closed. Causes undefined behaviour}}
+}
|
NagyDonat
approved these changes
Sep 18, 2024
There was a problem hiding this comment.
I like this improvement 😄, thanks for implementing it!
The code that you added LGTM, my only concern is the awkward warning message which was inherited from the earlier state of the codebase. I think it would be nice to slip in an "attack of opportunity" that improves it, but I can also change that message in a follow-up commit if you don't want to bother with it.
Co-authored-by: Donát Nagy <[email protected]>
|
✅ With the latest revision this PR passed the C/C++ code formatter. |
tmsri
pushed a commit
to tmsri/llvm-project
that referenced
this pull request
Sep 19, 2024
…9112) Patch by Arseniy Zaostrovnykh!
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Patch by Arseniy Zaostrovnykh!