clang 22.0.0git
NoReturnFunctionChecker.cpp
Go to the documentation of this file.
1//=== NoReturnFunctionChecker.cpp -------------------------------*- C++ -*-===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8//
9// This defines NoReturnFunctionChecker, which evaluates functions that do not
10// return to the caller.
11//
12//===----------------------------------------------------------------------===//
13
14#include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h"
15#include "clang/AST/Attr.h"
16#include "clang/Analysis/SelectorExtras.h"
17#include "clang/StaticAnalyzer/Core/Checker.h"
18#include "clang/StaticAnalyzer/Core/CheckerManager.h"
19#include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h"
20#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
21#include "llvm/ADT/StringSwitch.h"
22#include <cstdarg>
23
24using namespace clang;
25using namespace ento;
26
27namespace {
28
29class NoReturnFunctionChecker : public Checker< check::PostCall,
30 check::PostObjCMessage > {
31 mutable Selector HandleFailureInFunctionSel;
32 mutable Selector HandleFailureInMethodSel;
33public:
34 void checkPostCall(const CallEvent &CE, CheckerContext &C) const;
35 void checkPostObjCMessage(const ObjCMethodCall &msg, CheckerContext &C) const;
36};
37
38}
39
40void NoReturnFunctionChecker::checkPostCall(const CallEvent &CE,
41 CheckerContext &C) const {
42 bool BuildSinks = false;
43
44 if (const FunctionDecl *FD = dyn_cast_or_null<FunctionDecl>(CE.getDecl()))
45 BuildSinks = FD->hasAttr<AnalyzerNoReturnAttr>() || FD->isNoReturn();
46
47 if (const CallExpr *CExpr = dyn_cast_or_null<CallExpr>(CE.getOriginExpr());
48 CExpr && !BuildSinks) {
49 if (const Expr *C = CExpr->getCallee())
50 BuildSinks = getFunctionExtInfo(C->getType()).getNoReturn();
51 }
52
53 if (!BuildSinks && CE.isGlobalCFunction()) {
54 if (const IdentifierInfo *II = CE.getCalleeIdentifier()) {
55 // HACK: Some functions are not marked noreturn, and don't return.
56 // Here are a few hardwired ones. If this takes too long, we can
57 // potentially cache these results.
58 BuildSinks
59 = llvm::StringSwitch<bool>(StringRef(II->getName()))
60 .Case("exit", true)
61 .Case("panic", true)
62 .Case("error", true)
63 .Case("Assert", true)
64 // FIXME: This is just a wrapper around throwing an exception.
65 // Eventually inter-procedural analysis should handle this easily.
66 .Case("ziperr", true)
67 .Case("assfail", true)
68 .Case("db_error", true)
69 .Case("__assert", true)
70 .Case("__assert2", true)
71 // For the purpose of static analysis, we do not care that
72 // this MSVC function will return if the user decides to continue.
73 .Case("_wassert", true)
74 .Case("__assert_rtn", true)
75 .Case("__assert_fail", true)
76 .Case("dtrace_assfail", true)
77 .Case("yy_fatal_error", true)
78 .Case("_XCAssertionFailureHandler", true)
79 .Case("_DTAssertionFailureHandler", true)
80 .Case("_TSAssertionFailureHandler", true)
81 .Default(false);
82 }
83 }
84
85 if (BuildSinks)
86 C.generateSink(C.getState(), C.getPredecessor());
87}
88
89void NoReturnFunctionChecker::checkPostObjCMessage(const ObjCMethodCall &Msg,
90 CheckerContext &C) const {
91 // Check if the method is annotated with analyzer_noreturn.
92 if (const ObjCMethodDecl *MD = Msg.getDecl()) {
93 MD = MD->getCanonicalDecl();
94 if (MD->hasAttr<AnalyzerNoReturnAttr>()) {
95 C.generateSink(C.getState(), C.getPredecessor());
96 return;
97 }
98 }
99
100 // HACK: This entire check is to handle two messages in the Cocoa frameworks:
101 // -[NSAssertionHandler
102 // handleFailureInMethod:object:file:lineNumber:description:]
103 // -[NSAssertionHandler
104 // handleFailureInFunction:file:lineNumber:description:]
105 // Eventually these should be annotated with __attribute__((noreturn)).
106 // Because ObjC messages use dynamic dispatch, it is not generally safe to
107 // assume certain methods can't return. In cases where it is definitely valid,
108 // see if you can mark the methods noreturn or analyzer_noreturn instead of
109 // adding more explicit checks to this method.
110
111 if (!Msg.isInstanceMessage())
112 return;
113
114 const ObjCInterfaceDecl *Receiver = Msg.getReceiverInterface();
115 if (!Receiver)
116 return;
117 if (!Receiver->getIdentifier()->isStr("NSAssertionHandler"))
118 return;
119
120 Selector Sel = Msg.getSelector();
121 switch (Sel.getNumArgs()) {
122 default:
123 return;
124 case 4:
125 lazyInitKeywordSelector(HandleFailureInFunctionSel, C.getASTContext(),
126 "handleFailureInFunction", "file", "lineNumber",
127 "description");
128 if (Sel != HandleFailureInFunctionSel)
129 return;
130 break;
131 case 5:
132 lazyInitKeywordSelector(HandleFailureInMethodSel, C.getASTContext(),
133 "handleFailureInMethod", "object", "file",
134 "lineNumber", "description");
135 if (Sel != HandleFailureInMethodSel)
136 return;
137 break;
138 }
139
140 // If we got here, it's one of the messages we care about.
141 C.generateSink(C.getState(), C.getPredecessor());
142}
143
144void ento::registerNoReturnFunctionChecker(CheckerManager &mgr) {
145 mgr.registerChecker<NoReturnFunctionChecker>();
146}
147
148bool ento::shouldRegisterNoReturnFunctionChecker(const CheckerManager &mgr) {
149 return true;
150}
clang::IdentifierInfo::isStr
bool isStr(const char(&Str)[StrLen]) const
Return true if this is the identifier for the specified string.
Definition IdentifierTable.h:231
clang::NamedDecl::getIdentifier
IdentifierInfo * getIdentifier() const
Get the identifier that names this declaration, if there is one.
Definition Decl.h:294
clang::Selector::getNumArgs
unsigned getNumArgs() const
Definition IdentifierTable.cpp:564
clang::ento::CallEvent
Represents an abstract call to a function or method along a particular path.
Definition CallEvent.h:153
clang::ento::CallEvent::getOriginExpr
virtual const Expr * getOriginExpr() const
Returns the expression whose value will be the result of this call.
Definition CallEvent.h:250
clang::ento::CallEvent::getCalleeIdentifier
const IdentifierInfo * getCalleeIdentifier() const
Returns the name of the callee, if its name is a simple identifier.
Definition CallEvent.h:351
clang::ento::CallEvent::isGlobalCFunction
bool isGlobalCFunction(StringRef SpecificName=StringRef()) const
Returns true if the callee is an externally-visible function in the top-level namespace,...
Definition CallEvent.cpp:143
clang::ento::CallEvent::getDecl
virtual const Decl * getDecl() const
Returns the declaration of the function or method that will be called.
Definition CallEvent.h:224
clang::ento::CheckerManager::registerChecker
CHECKER * registerChecker(AT &&...Args)
Register a single-part checker (derived from Checker): construct its singleton instance,...
Definition CheckerManager.h:218
clang::ento::Checker
Simple checker classes that implement one frontend (i.e.
Definition Checker.h:553
clang::ento::ObjCMethodCall::getDecl
const ObjCMethodDecl * getDecl() const override
Returns the declaration of the function or method that will be called.
Definition CallEvent.h:1280
clang::ento::ObjCMethodCall::getReceiverInterface
const ObjCInterfaceDecl * getReceiverInterface() const
Get the interface for the receiver.
Definition CallEvent.h:1309
clang::ento::ObjCMethodCall::getSelector
Selector getSelector() const
Definition CallEvent.h:1298
clang
The JSON file list parser is used to communicate input to InstallAPI.
Definition CalledOnceCheck.h:17
clang::lazyInitKeywordSelector
static void lazyInitKeywordSelector(Selector &Sel, ASTContext &Ctx, IdentifierInfos *... IIs)
Definition SelectorExtras.h:27
clang::getFunctionExtInfo
FunctionType::ExtInfo getFunctionExtInfo(const Type &t)
Definition TypeBase.h:8420
Generated on for clang by doxygen 1.14.0