[static analyzer] Analyzer is skipping forward declared C/C++ functions

A patch by Karthik Bhat! This patch fixes a regression introduced by r224398. Prior to r224398 we were able to analyze the following code in test-include.c and report a null deref in this case. But post r224398 this analysis is being skipped. E.g. // test-include.c #include "test-include.h" void test(int * data) { data = 0; *data = 1; } // test-include.h void test(int * data); This patch uses the function body (instead of its declaration) as the location of the function when deciding if the Decl should be analyzed with path-sensitive analysis. (Prior to r224398, the call graph was guaranteed to have a definition when available.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@240800 91177308-0d34-0410-b5e6-96231b3b80d8

[static analyzer] Analyzer is skipping forward declared C/C++ functions
A patch by Karthik Bhat! This patch fixes a regression introduced by r224398. Prior to r224398 we were able to analyze the following code in test-include.c and report a null deref in this case. But post r224398 this analysis is being skipped. E.g. // test-include.c #include "test-include.h" void test(int * data) { data = 0; *data = 1; } // test-include.h void test(int * data); This patch uses the function body (instead of its declaration) as the location of the function when deciding if the Decl should be analyzed with path-sensitive analysis. (Prior to r224398, the call graph was guaranteed to have a definition when available.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@240800 91177308-0d34-0410-b5e6-96231b3b80d8
ec216ad1 · Anna Zaks · e9bb2d18 · ec216ad1 · ec216ad1 · ec216ad1
Commit ec216ad1 authored 9 years ago by Anna Zaks
--- a/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp
+++ b/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp
@@ -588,7 +588,10 @@ AnalysisConsumer::getModeForDecl(Decl *D, AnalysisMode Mode) {
  // - Header files: run non-path-sensitive checks only.
  // - System headers: don't run any checks.
  SourceManager &SM = Ctx->getSourceManager();
-  SourceLocation SL = SM.getExpansionLoc(D->getLocation());
+  SourceLocation SL = D->hasBody() ? D->getBody()->getLocStart()
+                                     : D->getLocation();
+  SL = SM.getExpansionLoc(SL);
+
  if (!Opts->AnalyzeAll && !SM.isWrittenInMainFile(SL)) {
    if (SL.isInvalid() || SM.isInSystemHeader(SL))
      return AM_None;

--- a/test/Analysis/test-include-cpp.cpp
+++ b/test/Analysis/test-include-cpp.cpp
+// RUN: %clang_cc1 -analyze -analyzer-checker=core -verify %s
+
+#include "test-include-cpp.h"
+
+int TestIncludeClass::test1(int *p) {
+  p = 0;
+  return *p; // expected-warning{{Dereference of null pointer}}
+}
+
+int TestIncludeClass::test2(int *p) {
+  p = 0;
+  return *p; // expected-warning{{Dereference of null pointer}}
+}
--- a/test/Analysis/test-include-cpp.h
+++ b/test/Analysis/test-include-cpp.h
+#ifndef TEST_INCLUDE_CPP_H
+#define TEST_INCLUDE_CPP_H
+
+class TestIncludeClass {
+  int test1(int *);
+  static int test2(int *);
+};
+
+#endif
--- a/test/Analysis/test-include.c
+++ b/test/Analysis/test-include.c
+// RUN: %clang_cc1 -analyze -analyzer-checker=core -verify %s
+
+#include "test-include.h"
+#define DIVYX(X,Y) Y/X
+
+void test_01(int *data) {
+  data = 0;
+  *data = 1; // expected-warning{{Dereference of null pointer}}
+}
+
+int test_02() {
+  int res = DIVXY(1,0); // expected-warning{{Division by zero}}
+                        // expected-warning@-1{{division by zero is undefined}}
+  return res;
+}
+
+int test_03() {
+  int res = DIVYX(0,1); // expected-warning{{Division by zero}}
+                        // expected-warning@-1{{division by zero is undefined}}
+  return res;
+}
\ No newline at end of file
--- a/test/Analysis/test-include.h
+++ b/test/Analysis/test-include.h
+void test_01(int * data);
+#define DIVXY(X,Y) X/Y