//==- GTestChecker.cpp - Model gtest API --*- C++ -*-==// // // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // See https://llvm.org/LICENSE.txt for license information. // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // //===----------------------------------------------------------------------===// // // This checker models the behavior of un-inlined APIs from the gtest // unit-testing library to avoid false positives when using assertions from // that library. // //===----------------------------------------------------------------------===// #include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h" #include "clang/AST/Expr.h" #include "clang/Basic/LangOptions.h" #include "clang/StaticAnalyzer/Core/Checker.h" #include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h" #include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h" #include "clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h" #include "llvm/Support/raw_ostream.h" #include <optional> usingnamespaceclang; usingnamespaceento; // Modeling of un-inlined AssertionResult constructors // // The gtest unit testing API provides macros for assertions that expand // into an if statement that calls a series of constructors and returns // when the "assertion" is false. // // For example, // // ASSERT_TRUE(a == b) // // expands into: // // switch (0) // case 0: // default: // if (const ::testing::AssertionResult gtest_ar_ = // ::testing::AssertionResult((a == b))) // ; // else // return ::testing::internal::AssertHelper( // ::testing::TestPartResult::kFatalFailure, // "<path to project>", // <line number>, // ::testing::internal::GetBoolAssertionFailureMessage( // gtest_ar_, "a == b", "false", "true") // .c_str()) = ::testing::Message(); // // where AssertionResult is defined similarly to // // class AssertionResult { // public: // AssertionResult(const AssertionResult& other); // explicit AssertionResult(bool success) : success_(success) {} // operator bool() const { return success_; } // ... // private: // bool success_; // }; // // In order for the analyzer to correctly handle this assertion, it needs to // know that the boolean value of the expression "a == b" is stored the // 'success_' field of the original AssertionResult temporary and propagated // (via the copy constructor) into the 'success_' field of the object stored // in 'gtest_ar_'. That boolean value will then be returned from the bool // conversion method in the if statement. This guarantees that the assertion // holds when the return path is not taken. // // If the success value is not properly propagated, then the eager case split // on evaluating the expression can cause pernicious false positives // on the non-return path: // // ASSERT(ptr != NULL) // *ptr = 7; // False positive null pointer dereference here // // Unfortunately, the bool constructor cannot be inlined (because its // implementation is not present in the headers) and the copy constructor is // not inlined (because it is constructed into a temporary and the analyzer // does not inline these since it does not yet reliably call temporary // destructors). // // This checker compensates for the missing inlining by propagating the // _success value across the bool and copy constructors so the assertion behaves // as expected. namespace { class GTestChecker : public Checker<check::PostCall> { … }; } // End anonymous namespace. /// Model a call to an un-inlined AssertionResult(bool) or /// AssertionResult(bool &, ...). /// To do so, constrain the value of the newly-constructed instance's 'success_' /// field to be equal to the passed-in boolean value. /// /// \param IsRef Whether the boolean parameter is a reference or not. void GTestChecker::modelAssertionResultBoolConstructor( const CXXConstructorCall *Call, bool IsRef, CheckerContext &C) const { … } /// Model a call to an un-inlined AssertionResult copy constructor: /// /// AssertionResult(const &AssertionResult other) /// /// To do so, constrain the value of the newly-constructed instance's /// 'success_' field to be equal to the value of the pass-in instance's /// 'success_' field. void GTestChecker::modelAssertionResultCopyConstructor( const CXXConstructorCall *Call, CheckerContext &C) const { … } /// Model calls to AssertionResult constructors that are not inlined. void GTestChecker::checkPostCall(const CallEvent &Call, CheckerContext &C) const { … } void GTestChecker::initIdentifierInfo(ASTContext &Ctx) const { … } /// Returns the value stored in the 'success_' field of the passed-in /// AssertionResult instance. SVal GTestChecker::getAssertionResultSuccessFieldValue( const CXXRecordDecl *AssertionResultDecl, SVal Instance, ProgramStateRef State) const { … } /// Constrain the passed-in state to assume two values are equal. ProgramStateRef GTestChecker::assumeValuesEqual(SVal Val1, SVal Val2, ProgramStateRef State, CheckerContext &C) { … } void ento::registerGTestChecker(CheckerManager &Mgr) { … } bool ento::shouldRegisterGTestChecker(const CheckerManager &mgr) { … }
Codebase Browser
llvm