FlowSensitive/Models/UncheckedOptionalAccessModel.h

0001 //===-- UncheckedOptionalAccessModel.h --------------------------*- C++ -*-===//
0002 //
0003 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
0004 // See https://llvm.org/LICENSE.txt for license information.
0005 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
0006 //
0007 //===----------------------------------------------------------------------===//
0008 //
0009 //  This file defines a dataflow analysis that detects unsafe uses of optional
0010 //  values.
0011 //
0012 //===----------------------------------------------------------------------===//
0013
0014 #ifndef CLANG_ANALYSIS_FLOWSENSITIVE_MODELS_UNCHECKEDOPTIONALACCESSMODEL_H
0015 #define CLANG_ANALYSIS_FLOWSENSITIVE_MODELS_UNCHECKEDOPTIONALACCESSMODEL_H
0016
0017 #include "clang/AST/ASTContext.h"
0018 #include "clang/Analysis/CFG.h"
0019 #include "clang/Analysis/FlowSensitive/CFGMatchSwitch.h"
0020 #include "clang/Analysis/FlowSensitive/CachedConstAccessorsLattice.h"
0021 #include "clang/Analysis/FlowSensitive/DataflowAnalysis.h"
0022 #include "clang/Analysis/FlowSensitive/DataflowEnvironment.h"
0023 #include "clang/Analysis/FlowSensitive/NoopLattice.h"
0024 #include "clang/Basic/SourceLocation.h"
0025 #include "llvm/ADT/SmallVector.h"
0026
0027 namespace clang {
0028 namespace dataflow {
0029
0030 // FIXME: Explore using an allowlist-approach, where constructs supported by the
0031 // analysis are always enabled and additional constructs are enabled through the
0032 // `Options`.
0033 struct UncheckedOptionalAccessModelOptions {
0034   /// In generating diagnostics, ignore optionals reachable through overloaded
0035   /// `operator*` or `operator->` (other than those of the optional type
0036   /// itself). The analysis does not equate the results of such calls, so it
0037   /// can't identify when their results are used safely (across calls),
0038   /// resulting in false positives in all such cases. Note: this option does not
0039   /// cover access through `operator[]`.
0040   ///
0041   /// FIXME: we now cache and equate the result of const accessors
0042   /// that look like unique_ptr, have both `->` (returning a pointer type) and
0043   /// `*` (returning a reference type). This includes mixing `->` and
0044   /// `*` in a sequence of calls as long as the object is not modified. Once we
0045   /// are confident in this const accessor caching, we shouldn't need the
0046   /// IgnoreSmartPointerDereference option anymore.
0047   bool IgnoreSmartPointerDereference = false;
0048 };
0049
0050 using UncheckedOptionalAccessLattice = CachedConstAccessorsLattice<NoopLattice>;
0051
0052 /// Dataflow analysis that models whether optionals hold values or not.
0053 ///
0054 /// Models the `std::optional`, `absl::optional`, and `base::Optional` types.
0055 class UncheckedOptionalAccessModel
0056     : public DataflowAnalysis<UncheckedOptionalAccessModel,
0057                               UncheckedOptionalAccessLattice> {
0058 public:
0059   UncheckedOptionalAccessModel(ASTContext &Ctx, dataflow::Environment &Env);
0060
0061   /// Returns a matcher for the optional classes covered by this model.
0062   static ast_matchers::DeclarationMatcher optionalClassDecl();
0063
0064   static UncheckedOptionalAccessLattice initialElement() { return {}; }
0065
0066   void transfer(const CFGElement &Elt, UncheckedOptionalAccessLattice &L,
0067                 Environment &Env);
0068
0069 private:
0070   CFGMatchSwitch<TransferState<UncheckedOptionalAccessLattice>>
0071       TransferMatchSwitch;
0072 };
0073
0074 class UncheckedOptionalAccessDiagnoser {
0075 public:
0076   UncheckedOptionalAccessDiagnoser(
0077       UncheckedOptionalAccessModelOptions Options = {});
0078
0079   llvm::SmallVector<SourceLocation>
0080   operator()(const CFGElement &Elt, ASTContext &Ctx,
0081              const TransferStateForDiagnostics<UncheckedOptionalAccessLattice>
0082                  &State) {
0083     return DiagnoseMatchSwitch(Elt, Ctx, State.Env);
0084   }
0085
0086 private:
0087   CFGMatchSwitch<const Environment, llvm::SmallVector<SourceLocation>>
0088       DiagnoseMatchSwitch;
0089 };
0090
0091 } // namespace dataflow
0092 } // namespace clang
0093
0094 #endif // CLANG_ANALYSIS_FLOWSENSITIVE_MODELS_UNCHECKEDOPTIONALACCESSMODEL_H