Split libAnalysis into two libraries: libAnalysis and libChecker.

(1) libAnalysis is a generic analysis library that can be used by
    Sema.  It defines the CFG, basic dataflow analysis primitives, and
    inexpensive flow-sensitive analyses (e.g. LiveVariables).

(2) libChecker contains the guts of the static analyzer, incuding the
    path-sensitive analysis engine and domain-specific checks.

Now any clients that want to use the frontend to build their own tools
don't need to link in the entire static analyzer.

This change exposes various obvious cleanups that can be made to the
layout of files and headers in libChecker.  More changes pending.  :)

This change also exposed a layering violation between AnalysisContext
and MemRegion.  BlockInvocationContext shouldn't explicitly know about
BlockDataRegions.  For now I've removed the BlockDataRegion* from
BlockInvocationContext (removing context-sensitivity; although this
wasn't used yet).  We need to have a better way to extend
BlockInvocationContext (and any LocationContext) to add
context-sensitivty.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@94406 91177308-0d34-0410-b5e6-96231b3b80d8

1 files changed, 56 insertions, 0 deletions

diff --git a/lib/Checker/UndefinedArraySubscriptChecker.cpp b/lib/Checker/UndefinedArraySubscriptChecker.cpp
new file mode 100644
index 0000000000..b20154df33
--- /dev/null
+++ b/lib/Checker/UndefinedArraySubscriptChecker.cpp
@@ -0,0 +1,56 @@
+//===--- UndefinedArraySubscriptChecker.h ----------------------*- C++ -*--===//
+//
+//                     The LLVM Compiler Infrastructure
+//
+// This file is distributed under the University of Illinois Open Source
+// License. See LICENSE.TXT for details.
+//
+//===----------------------------------------------------------------------===//
+//
+// This defines UndefinedArraySubscriptChecker, a builtin check in GRExprEngine
+// that performs checks for undefined array subscripts.
+//
+//===----------------------------------------------------------------------===//
+
+#include "clang/Checker/PathSensitive/CheckerVisitor.h"
+#include "clang/Checker/PathSensitive/BugReporter.h"
+#include "GRExprEngineInternalChecks.h"
+
+using namespace clang;
+
+namespace {
+class UndefinedArraySubscriptChecker
+  : public CheckerVisitor<UndefinedArraySubscriptChecker> {
+  BugType *BT;
+public:
+  UndefinedArraySubscriptChecker() : BT(0) {}
+  static void *getTag() {
+    static int x = 0;
+    return &x;
+  }
+  void PreVisitArraySubscriptExpr(CheckerContext &C, 
+                                  const ArraySubscriptExpr *A);
+};
+} // end anonymous namespace
+
+void clang::RegisterUndefinedArraySubscriptChecker(GRExprEngine &Eng) {
+  Eng.registerCheck(new UndefinedArraySubscriptChecker());
+}
+
+void 
+UndefinedArraySubscriptChecker::PreVisitArraySubscriptExpr(CheckerContext &C, 
+                                                const ArraySubscriptExpr *A) {
+  if (C.getState()->getSVal(A->getIdx()).isUndef()) {
+    if (ExplodedNode *N = C.GenerateSink()) {
+      if (!BT)
+        BT = new BuiltinBug("Array subscript is undefined");
+
+      // Generate a report for this bug.
+      EnhancedBugReport *R = new EnhancedBugReport(*BT, BT->getName(), N);
+      R->addRange(A->getIdx()->getSourceRange());
+      R->addVisitorCreator(bugreporter::registerTrackNullOrUndefValue, 
+                           A->getIdx());
+      C.EmitReport(R);
+    }
+  }
+}