[Sema] Add warning when comparing nonnull and null

Currently, we emit warnings in some cases where nonnull function
parameters are compared against null. This patch extends this support
to warn when comparing the result of `returns_nonnull` functions
against null.

More specifically, we will now warn cases like:

int *foo() __attribute__((returns_nonnull));
int main() {
  if (foo() == NULL) {} // warning: will always evaluate to false
}

Differential Revision: http://reviews.llvm.org/D15324

llvm-svn: 255058
This commit is contained in:
George Burgess IV 2015-12-08 22:02:00 +00:00
parent 2979162732
commit 850269a47e
4 changed files with 69 additions and 37 deletions

View File

@ -2727,7 +2727,7 @@ def warn_impcast_pointer_to_bool : Warning<
"'true'">, "'true'">,
InGroup<PointerBoolConversion>; InGroup<PointerBoolConversion>;
def warn_cast_nonnull_to_bool : Warning< def warn_cast_nonnull_to_bool : Warning<
"nonnull parameter '%0' will evaluate to " "nonnull %select{function call|parameter}0 '%1' will evaluate to "
"'true' on first encounter">, "'true' on first encounter">,
InGroup<PointerBoolConversion>; InGroup<PointerBoolConversion>;
def warn_this_bool_conversion : Warning< def warn_this_bool_conversion : Warning<
@ -2742,9 +2742,10 @@ def warn_null_pointer_compare : Warning<
"comparison of %select{address of|function|array}0 '%1' %select{not |}2" "comparison of %select{address of|function|array}0 '%1' %select{not |}2"
"equal to a null pointer is always %select{true|false}2">, "equal to a null pointer is always %select{true|false}2">,
InGroup<TautologicalPointerCompare>; InGroup<TautologicalPointerCompare>;
def warn_nonnull_parameter_compare : Warning< def warn_nonnull_expr_compare : Warning<
"comparison of nonnull parameter '%0' %select{not |}1" "comparison of nonnull %select{function call|parameter}0 '%1' "
"equal to a null pointer is %select{true|false}1 on first encounter">, "%select{not |}2equal to a null pointer is '%select{true|false}2' on first "
"encounter">,
InGroup<TautologicalPointerCompare>; InGroup<TautologicalPointerCompare>;
def warn_this_null_compare : Warning< def warn_this_null_compare : Warning<
"'this' pointer cannot be null in well-defined C++ code; comparison may be " "'this' pointer cannot be null in well-defined C++ code; comparison may be "

View File

@ -1180,8 +1180,7 @@ bool Sema::getFormatStringInfo(const FormatAttr *Format, bool IsCXXMember,
/// Checks if a the given expression evaluates to null. /// Checks if a the given expression evaluates to null.
/// ///
/// \brief Returns true if the value evaluates to null. /// \brief Returns true if the value evaluates to null.
static bool CheckNonNullExpr(Sema &S, static bool CheckNonNullExpr(Sema &S, const Expr *Expr) {
const Expr *Expr) {
// If the expression has non-null type, it doesn't evaluate to null. // If the expression has non-null type, it doesn't evaluate to null.
if (auto nullability if (auto nullability
= Expr->IgnoreImplicit()->getType()->getNullability(S.Context)) { = Expr->IgnoreImplicit()->getType()->getNullability(S.Context)) {
@ -7666,6 +7665,26 @@ void Sema::DiagnoseAlwaysNonNullPointer(Expr *E,
} }
} }
auto ComplainAboutNonnullParamOrCall = [&](bool IsParam) {
std::string Str;
llvm::raw_string_ostream S(Str);
E->printPretty(S, nullptr, getPrintingPolicy());
unsigned DiagID = IsCompare ? diag::warn_nonnull_expr_compare
: diag::warn_cast_nonnull_to_bool;
Diag(E->getExprLoc(), DiagID) << IsParam << S.str()
<< E->getSourceRange() << Range << IsEqual;
};
// If we have a CallExpr that is tagged with returns_nonnull, we can complain.
if (auto *Call = dyn_cast<CallExpr>(E->IgnoreParenImpCasts())) {
if (auto *Callee = Call->getDirectCallee()) {
if (Callee->hasAttr<ReturnsNonNullAttr>()) {
ComplainAboutNonnullParamOrCall(false);
return;
}
}
}
// Expect to find a single Decl. Skip anything more complicated. // Expect to find a single Decl. Skip anything more complicated.
ValueDecl *D = nullptr; ValueDecl *D = nullptr;
if (DeclRefExpr *R = dyn_cast<DeclRefExpr>(E)) { if (DeclRefExpr *R = dyn_cast<DeclRefExpr>(E)) {
@ -7679,35 +7698,33 @@ void Sema::DiagnoseAlwaysNonNullPointer(Expr *E,
return; return;
// Check for parameter decl with nonnull attribute // Check for parameter decl with nonnull attribute
if (const ParmVarDecl* PV = dyn_cast<ParmVarDecl>(D)) { if (const auto* PV = dyn_cast<ParmVarDecl>(D)) {
if (getCurFunction() && !getCurFunction()->ModifiedNonNullParams.count(PV)) if (getCurFunction() &&
if (const FunctionDecl* FD = dyn_cast<FunctionDecl>(PV->getDeclContext())) { !getCurFunction()->ModifiedNonNullParams.count(PV)) {
unsigned NumArgs = FD->getNumParams(); if (PV->hasAttr<NonNullAttr>()) {
llvm::SmallBitVector AttrNonNull(NumArgs); ComplainAboutNonnullParamOrCall(true);
return;
}
if (const auto *FD = dyn_cast<FunctionDecl>(PV->getDeclContext())) {
auto ParamIter = std::find(FD->param_begin(), FD->param_end(), PV);
assert(ParamIter != FD->param_end());
unsigned ParamNo = std::distance(FD->param_begin(), ParamIter);
for (const auto *NonNull : FD->specific_attrs<NonNullAttr>()) { for (const auto *NonNull : FD->specific_attrs<NonNullAttr>()) {
if (!NonNull->args_size()) { if (!NonNull->args_size()) {
AttrNonNull.set(0, NumArgs); ComplainAboutNonnullParamOrCall(true);
break;
}
for (unsigned Val : NonNull->args()) {
if (Val >= NumArgs)
continue;
AttrNonNull.set(Val);
}
}
if (!AttrNonNull.empty())
for (unsigned i = 0; i < NumArgs; ++i)
if (FD->getParamDecl(i) == PV &&
(AttrNonNull[i] || PV->hasAttr<NonNullAttr>())) {
std::string Str;
llvm::raw_string_ostream S(Str);
E->printPretty(S, nullptr, getPrintingPolicy());
unsigned DiagID = IsCompare ? diag::warn_nonnull_parameter_compare
: diag::warn_cast_nonnull_to_bool;
Diag(E->getExprLoc(), DiagID) << S.str() << E->getSourceRange()
<< Range << IsEqual;
return; return;
} }
for (unsigned ArgNo : NonNull->args()) {
if (ArgNo == ParamNo) {
ComplainAboutNonnullParamOrCall(true);
return;
}
}
}
}
} }
} }

View File

@ -89,7 +89,7 @@ void redecl_test(void *p) {
__attribute__((__nonnull__)) __attribute__((__nonnull__))
int evil_nonnull_func(int* pointer, void * pv) int evil_nonnull_func(int* pointer, void * pv)
{ {
if (pointer == NULL) { // expected-warning {{comparison of nonnull parameter 'pointer' equal to a null pointer is false on first encounter}} if (pointer == NULL) { // expected-warning {{comparison of nonnull parameter 'pointer' equal to a null pointer is 'false' on first encounter}}
return 0; return 0;
} else { } else {
return *pointer; return *pointer;
@ -101,13 +101,13 @@ int evil_nonnull_func(int* pointer, void * pv)
else else
return *pointer; return *pointer;
if (pv == NULL) {} // expected-warning {{comparison of nonnull parameter 'pv' equal to a null pointer is false on first encounter}} if (pv == NULL) {} // expected-warning {{comparison of nonnull parameter 'pv' equal to a null pointer is 'false' on first encounter}}
} }
void set_param_to_null(int**); void set_param_to_null(int**);
int another_evil_nonnull_func(int* pointer, char ch, void * pv) __attribute__((nonnull(1, 3))); int another_evil_nonnull_func(int* pointer, char ch, void * pv) __attribute__((nonnull(1, 3)));
int another_evil_nonnull_func(int* pointer, char ch, void * pv) { int another_evil_nonnull_func(int* pointer, char ch, void * pv) {
if (pointer == NULL) { // expected-warning {{comparison of nonnull parameter 'pointer' equal to a null pointer is false on first encounter}} if (pointer == NULL) { // expected-warning {{comparison of nonnull parameter 'pointer' equal to a null pointer is 'false' on first encounter}}
return 0; return 0;
} else { } else {
return *pointer; return *pointer;
@ -119,7 +119,7 @@ int another_evil_nonnull_func(int* pointer, char ch, void * pv) {
else else
return *pointer; return *pointer;
if (pv == NULL) {} // expected-warning {{comparison of nonnull parameter 'pv' equal to a null pointer is false on first encounter}} if (pv == NULL) {} // expected-warning {{comparison of nonnull parameter 'pv' equal to a null pointer is 'false' on first encounter}}
} }
extern void *returns_null(void**); extern void *returns_null(void**);
@ -153,3 +153,17 @@ void pr21668_2(__attribute__((nonnull)) const char *p) {
if (p) // No warning if (p) // No warning
; ;
} }
__attribute__((returns_nonnull)) void *returns_nonnull_whee();
void returns_nonnull_warning_tests() {
if (returns_nonnull_whee() == NULL) {} // expected-warning {{comparison of nonnull function call 'returns_nonnull_whee()' equal to a null pointer is 'false' on first encounter}}
if (returns_nonnull_whee() != NULL) {} // expected-warning {{comparison of nonnull function call 'returns_nonnull_whee()' not equal to a null pointer is 'true' on first encounter}}
if (returns_nonnull_whee()) {} // expected-warning {{nonnull function call 'returns_nonnull_whee()' will evaluate to 'true' on first encounter}}
if (!returns_nonnull_whee()) {} // expected-warning {{nonnull function call 'returns_nonnull_whee()' will evaluate to 'true' on first encounter}}
int and_again = !returns_nonnull_whee(); // expected-warning {{nonnull function call 'returns_nonnull_whee()' will evaluate to 'true' on first encounter}}
and_again = !returns_nonnull_whee(); // expected-warning {{nonnull function call 'returns_nonnull_whee()' will evaluate to 'true' on first encounter}}
}