xref: /llvm-project/clang/lib/StaticAnalyzer/Checkers/WebKit/ASTUtils.cpp (revision a1580d7b59b65b17f2ce7fdb95f46379e7df4089) 
1 //=======- ASTUtils.cpp ------------------------------------------*- C++ -*-==//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 
9 #include "ASTUtils.h"
10 #include "PtrTypesSemantics.h"
11 #include "clang/AST/CXXInheritance.h"
12 #include "clang/AST/Decl.h"
13 #include "clang/AST/DeclCXX.h"
14 #include "clang/AST/ExprCXX.h"
15 #include <optional>
16 
17 using llvm::Optional;
18 namespace clang {
19 
20 std::pair<const Expr *, bool>
21 tryToFindPtrOrigin(const Expr *E, bool StopAtFirstRefCountedObj) {
22   while (E) {
23     if (auto *cast = dyn_cast<CastExpr>(E)) {
24       if (StopAtFirstRefCountedObj) {
25         if (auto *ConversionFunc =
26                 dyn_cast_or_null<FunctionDecl>(cast->getConversionFunction())) {
27           if (isCtorOfRefCounted(ConversionFunc))
28             return {E, true};
29         }
30       }
31       // FIXME: This can give false "origin" that would lead to false negatives
32       // in checkers. See https://reviews.llvm.org/D37023 for reference.
33       E = cast->getSubExpr();
34       continue;
35     }
36     if (auto *call = dyn_cast<CallExpr>(E)) {
37       if (auto *memberCall = dyn_cast<CXXMemberCallExpr>(call)) {
38         Optional<bool> IsGetterOfRefCt =
39             isGetterOfRefCounted(memberCall->getMethodDecl());
40         if (IsGetterOfRefCt && *IsGetterOfRefCt) {
41           E = memberCall->getImplicitObjectArgument();
42           if (StopAtFirstRefCountedObj) {
43             return {E, true};
44           }
45           continue;
46         }
47       }
48 
49       if (auto *operatorCall = dyn_cast<CXXOperatorCallExpr>(E)) {
50         if (operatorCall->getNumArgs() == 1) {
51           E = operatorCall->getArg(0);
52           continue;
53         }
54       }
55 
56       if (auto *callee = call->getDirectCallee()) {
57         if (isCtorOfRefCounted(callee)) {
58           if (StopAtFirstRefCountedObj)
59             return {E, true};
60 
61           E = call->getArg(0);
62           continue;
63         }
64 
65         if (isPtrConversion(callee)) {
66           E = call->getArg(0);
67           continue;
68         }
69       }
70     }
71     if (auto *unaryOp = dyn_cast<UnaryOperator>(E)) {
72       // FIXME: Currently accepts ANY unary operator. Is it OK?
73       E = unaryOp->getSubExpr();
74       continue;
75     }
76 
77     break;
78   }
79   // Some other expression.
80   return {E, false};
81 }
82 
83 bool isASafeCallArg(const Expr *E) {
84   assert(E);
85   if (auto *Ref = dyn_cast<DeclRefExpr>(E)) {
86     if (auto *D = dyn_cast_or_null<VarDecl>(Ref->getFoundDecl())) {
87       if (isa<ParmVarDecl>(D) || D->isLocalVarDecl())
88         return true;
89     }
90   }
91 
92   // TODO: checker for method calls on non-refcounted objects
93   return isa<CXXThisExpr>(E);
94 }
95 
96 } // namespace clang
97