Merge pull request #258 from plum-umd/RootCauseDiag

Add flag for root cause diagnostic output

Author: jackastner

clang/include/clang/CConv/CCGlobalOptions.h

@@ -26,5 +26,7 @@ extern bool NewSolver;
 extern std::string BaseDir;
 extern std::vector<std::string> AllocatorFunctions;
 extern bool AddCheckedRegions;
+extern bool WarnRootCause;
+extern bool WarnAllRootCause;
 
 #endif //_CCGLOBALOPTIONS_H

clang/include/clang/CConv/CConv.h

@@ -51,6 +51,10 @@ struct CConvertOptions {
   bool AddCheckedRegions;
 
   bool DisableCCTypeChecker;
+
+  bool WarnRootCause;
+
+  bool WarnAllRootCause;
 };
 
 // The main interface exposed by the CConv to interact with the tool.

clang/include/clang/CConv/ConstraintVariables.h

@@ -304,14 +304,27 @@ class PointerVariableConstraint : public ConstraintVariable {
   bool solutionEqualTo(Constraints &CS,
                        const ConstraintVariable *CV) const override;
 
-  // Constructor for when we have a Decl. K is the current free
-  // constraint variable index. We don't need to explicitly pass
-  // the name because it's available in 'D'.
+  // Construct a PVConstraint when the variable is generated by a specific
+  // declaration (D). This constructor calls the next constructor below with
+  // QT and N instantiated with information in D.
   PointerVariableConstraint(clang::DeclaratorDecl *D,
                             ProgramInfo &I, const clang::ASTContext &C);
 
-  // Constructor for when we only have a Type. Needs a string name
-  // N for the name of the variable that this represents.
+  // QT: Defines the type for the constraint variable. One atom is added for
+  //     each level of pointer (or array) indirection in the type.
+  // D: If this constraint is generated because of a variable declaration, this
+  //    should be a pointer to the the declaration AST node. May be null if the
+  //    constraint is not generated by a declaration.
+  // N: Name for the constraint variable. This may be chosen arbitrarily, as it
+  //    it is only used for labeling graph nodes. Equality is based on generated
+  //    unique ids.
+  // I and C: Context objects required for this construction. It is expected
+  //          that all constructor calls will take the same global objects here.
+  // inFunc: If this variable is part of a function prototype, this string is
+  //         the name of the function. nullptr otherwise.
+  // IsGeneric: CheckedC supports generic types (_Itype_for_any) which need less
+  //            restrictive constraints. Set to true to indicate that this
+  //            variable is generic.
   PointerVariableConstraint(const clang::QualType &QT,
                             clang::DeclaratorDecl *D, std::string N,
                             ProgramInfo &I,

clang/include/clang/CConv/RewriteUtils.h

@@ -219,6 +219,13 @@ class RewriteConsumer : public ASTConsumer {
   ProgramInfo &Info;
   static std::map<std::string, std::string> ModifiedFuncSignatures;
   std::string &OutputPostfix;
+
+  // A single header file can be included in multiple translations units. This
+  // set ensures that the diagnostics for a header file are not emitted each
+  // time a translation unit containing the header is vistied.
+  static std::set<PersistentSourceLoc *> EmittedDiagnostics;
+
+  void emitRootCauseDiagnostics(ASTContext &Context);
 };
 
 bool canRewrite(Rewriter &R, SourceRange &SR);

clang/lib/CConv/CConv.cpp

@@ -51,8 +51,11 @@ bool AllTypes;
 std::string BaseDir;
 bool AddCheckedRegions;
 bool DisableCCTypeChecker;
+bool WarnRootCause;
+bool WarnAllRootCause;
 std::set<std::string> FilePaths;
 
+
 static ClangTool *GlobalCTool = nullptr;
 
 static CompilationDatabase *CurrCompDB = nullptr;
@@ -185,6 +188,8 @@ CConvInterface::CConvInterface(const struct CConvertOptions &CCopt,
   AddCheckedRegions = CCopt.AddCheckedRegions;
   DisableCCTypeChecker = CCopt.DisableCCTypeChecker;
   AllocatorFunctions = CCopt.AllocatorFunctions;
+  WarnRootCause = CCopt.WarnRootCause || CCopt.WarnAllRootCause;
+  WarnAllRootCause = CCopt.WarnAllRootCause;
 
   llvm::InitializeAllTargets();
   llvm::InitializeAllTargetMCs();

clang/lib/CConv/ConstraintBuilder.cpp

@@ -122,8 +122,7 @@ class FunctionVisitor : public RecursiveASTVisitor<FunctionVisitor> {
     QualType DstT = C->getType();
     if (!isCastSafe(DstT, SrcT)) {
       auto CVs = CB.getExprConstraintVars(C->getSubExpr());
-      std::string Rsn = "Casted from " +
-                        SrcT.getAsString() +  " to " +
+      std::string Rsn = "Cast from " + SrcT.getAsString() +  " to " +
                         DstT.getAsString();
       CB.constraintAllCVarsToWild(CVs, Rsn, C);
     }

clang/lib/CConv/ConstraintResolver.cpp

@@ -187,17 +187,12 @@ CVarSet ConstraintResolver::getInvalidCastPVCons(Expr *E) {
   if (ExplicitCastExpr *ECE = dyn_cast<ExplicitCastExpr>(E))
     SrcType = ECE->getSubExpr()->getType();
 
-  auto &CS = Info.getConstraints();
-  CAtoms NewVA;
-  Atom *NewA = CS.getFreshVar("Invalid cast to:" + E->getType().getAsString(),
-                              VarAtom::V_Other);
-  NewVA.push_back(NewA);
+  auto *P = new PVConstraint(DstType, nullptr, "Invalid cast", Info, *Context);
 
-  PVConstraint *P = new PVConstraint(NewVA, "unsigned", "wildvar",
-                                     nullptr, false, false, "");
   PersistentSourceLoc PL = PersistentSourceLoc::mkPSL(E, *Context);
-  P->constrainToWild(CS, "Casted from " + SrcType.getAsString() +  " to " +
-                             DstType.getAsString() , &PL);
+  std::string Rsn =
+      "Cast from " + SrcType.getAsString() + " to " + DstType.getAsString();
+  P->constrainToWild(Info.getConstraints(), Rsn, &PL);
   Ret = {P};
   storePersistentConstraints(E, Ret);
   return Ret;
@@ -240,8 +235,7 @@ CVarSet
           !(SubTypE->isFunctionType() || SubTypE->isArrayType() ||
             SubTypE->isVoidPointerType()) &&
           !isCastSafe(TypE, SubTypE)) {
-        std::string Rsn = "Casted from " +
-                          SubTypE.getAsString() +  " to " +
+        std::string Rsn = "Cast from " + SubTypE.getAsString() +  " to " +
                           TypE.getAsString();
         constraintAllCVarsToWild(CVs, Rsn, IE);
         return getInvalidCastPVCons(E);

clang/lib/CConv/ConstraintVariables.cpp

@@ -373,11 +373,9 @@ PointerVariableConstraint::PointerVariableConstraint(const QualType &QT,
 
   bool IsWild = !IsGeneric && (isVarArgType(BaseType) || isTypeHasVoid(QT));
   if (IsWild) {
-    std::string Rsn = "Default Var arg list type.";
-    if (D && hasVoidType(D))
-      Rsn = "Default void* type";
-    // TODO: Github issue #61: improve handling of types for
-    // Variable arguments.
+    std::string Rsn =
+        isTypeHasVoid(QT) ? "Default void* type" : "Default Var arg list type";
+    // TODO: Github issue #61: improve handling of types for variable arguments.
     for (const auto &V : vars)
       if (VarAtom *VA = dyn_cast<VarAtom>(V))
         CS.addConstraint(CS.createGeq(VA, CS.getWild(), Rsn));

clang/lib/CConv/RewriteUtils.cpp

@@ -15,6 +15,7 @@
 #include "clang/CConv/DeclRewriter.h"
 #include "clang/Tooling/Refactoring/SourceCode.h"
 #include "clang/CConv/CCGlobalOptions.h"
+#include "clang/Basic/DiagnosticCConvKinds.inc"
 
 using namespace llvm;
 using namespace clang;
@@ -360,9 +361,46 @@ std::string ArrayBoundsRewriter::getBoundsString(PVConstraint *PV,
   return BString;
 }
 
+std::set<PersistentSourceLoc *> RewriteConsumer::EmittedDiagnostics;
+void RewriteConsumer::emitRootCauseDiagnostics(ASTContext &Context) {
+  clang::DiagnosticsEngine &DE = Context.getDiagnostics();
+  unsigned ID = DE.getCustomDiagID(DiagnosticsEngine::Warning,
+                                   "Root cause of unchecked pointers: %0");
+  auto I = Info.getInterimConstraintState();
+  SourceManager &SM = Context.getSourceManager();
+  for (auto &WReason : I.RealWildPtrsWithReasons) {
+    if (I.PtrSourceMap.find(WReason.first) != I.PtrSourceMap.end()) {
+      PersistentSourceLoc *PsInfo = I.PtrSourceMap[WReason.first];
+      // Avoid emitting the same diagnostic message twice.
+      if (EmittedDiagnostics.find(PsInfo) == EmittedDiagnostics.end()) {
+        // Convert the PSL into a clang::SourceLocation that can be used with
+        // the DiagnosticsEngine.
+        auto File = SM.getFileManager().getFile(PsInfo->getFileName());
+        SourceLocation SL = SM.translateFileLineCol(File, PsInfo->getLineNo(),
+                                                    PsInfo->getColSNo());
+        // Limit emitted root causes to those that effect more than one pointer
+        // or are in the main file of the TU. Alternatively, don't filter causes
+        // if -warn-all-root-cause is passed.
+        if (WarnAllRootCause || SM.isInMainFile(SL)
+            || I.GetSrcCVars(WReason.first).size() > 1) {
+          // SL is invalid when the File is not in the current translation unit.
+          if (SL.isValid()) {
+            EmittedDiagnostics.insert(PsInfo);
+            auto DiagBuilder = DE.Report(SL, ID);
+            DiagBuilder.AddString(WReason.second.WildPtrReason);
+          }
+        }
+      }
+    }
+  }
+}
+
 void RewriteConsumer::HandleTranslationUnit(ASTContext &Context) {
   Info.enterCompilationUnit(Context);
 
+  if (WarnRootCause)
+    emitRootCauseDiagnostics(Context);
+
   // Rewrite Variable declarations
   Rewriter R(Context.getSourceManager(), Context.getLangOpts());
   DeclRewriter::rewriteDecls(Context, Info, R);
@@ -397,4 +435,4 @@ void RewriteConsumer::HandleTranslationUnit(ASTContext &Context) {
 
   Info.exitCompilationUnit();
   return;
-}
+}

clang/tools/cconv-standalone/CConvStandalone.cpp

@@ -104,6 +104,17 @@ static cl::opt<std::string>
             cl::desc("Base directory for the code we're translating"),
             cl::init(""), cl::cat(ConvertCategory));
 
+static cl::opt<bool> OptWarnRootCause
+    ("warn-root-cause",
+    cl::desc("Emit warnings indicating root causes of unchecked pointers."),
+    cl::init(false), cl::cat(ConvertCategory));
+
+static cl::opt<bool> OptWarnAllRootCause
+    ("warn-all-root-cause",
+     cl::desc("Emit warnings for all root causes, "
+              "even those unlikely to be interesting."),
+     cl::init(false), cl::cat(ConvertCategory));
+
 int main(int argc, const char **argv) {
   sys::PrintStackTraceOnErrorSignal(argv[0]);
 
@@ -131,6 +142,8 @@ int main(int argc, const char **argv) {
   CcOptions.AddCheckedRegions = OptAddCheckedRegions;
   CcOptions.EnableAllTypes = OptAllTypes;
   CcOptions.DisableCCTypeChecker = OptDiableCCTypeChecker;
+  CcOptions.WarnRootCause = OptWarnRootCause;
+  CcOptions.WarnAllRootCause = OptWarnAllRootCause;
   //Add user specified function allocators
   std::string Malloc = OptMalloc.getValue();
   if (!Malloc.empty()) {
@@ -167,7 +180,7 @@ int main(int argc, const char **argv) {
   }
 
   // Next solve the constraints.
-  if (!CCInterface.SolveConstraints()) {
+  if (!CCInterface.SolveConstraints(OptWarnRootCause)) {
     errs() << "Failure occurred while trying to solve constraints. Exiting.\n";
     return 1;
   }