Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 582ec2b0 authored by George Burgess IV's avatar George Burgess IV
Browse files

fix static-analyzer logging/CHECK macros 

Two small changes in one:

- `foo || for (;;abort()) bar();` isn't valid C or C++, since for is a
  statement. We need an expression instead.
- we'll now treat everything after LOG(foo) as unreachable in the
  static analyzer, as long as we can prove at compile-time that
  foo == FATAL.

The impact of this, running across internal master, is that we see ~50
fewer medium/high-severity false positives from clang-tidy. We see 15
new complaints about unreachable code (at the "tidy" severity), but all
of them are harmless AFAICT (e.g.

switch (foo) {
  // ...
  default:
    LOG(FATAL) << "Unhandled case!"; // or CHECK(false);
    break; // clang-tidy: unreachable break.
})

(Some of the macros were forcibly formatted by the clang-format hook)

Bug: None
Test: Ran
`DEFAULT_GLOBAL_TIDY_CHECKS=clang-analyzer*,-clang-analyzer-alpha* m`;
stared at warn.py output.

Change-Id: Ie984eda0481afad4274b9def7c61ba777cfa289a
parent 8fc6cc89

base/include/android-base/logging.h

+40 −29
Original line number Diff line number Diff line
@@ -164,6 +164,24 @@ class ErrnoRestorer { 
  using ::android::base::FATAL;               \

  return (severity); }())



#ifdef __clang_analyzer__

// Clang's static analyzer does not see the conditional statement inside

// LogMessage's destructor that will abort on FATAL severity.

#define ABORT_AFTER_LOG_FATAL for (;; abort())



struct LogAbortAfterFullExpr {

  ~LogAbortAfterFullExpr() __attribute__((noreturn)) { abort(); }

  explicit operator bool() const { return false; }

};

// Provides an expression that evaluates to the truthiness of `x`, automatically

// aborting if `c` is true.

#define ABORT_AFTER_LOG_EXPR_IF(c, x) (((c) && ::android::base::LogAbortAfterFullExpr()) || (x))

#else

#define ABORT_AFTER_LOG_FATAL

#define ABORT_AFTER_LOG_EXPR_IF(c, x) (x)

#endif

#define ABORT_AFTER_LOG_FATAL_EXPR(x) ABORT_AFTER_LOG_EXPR_IF(true, x)



// Defines whether the given severity will be logged or silently swallowed.

#define WOULD_LOG(severity) \

  UNLIKELY((SEVERITY_LAMBDA(severity)) >= ::android::base::GetMinimumLogSeverity())
@@ -190,17 +208,19 @@ class ErrnoRestorer { 
//     LOG(FATAL) << "We didn't expect to reach here";

#define LOG(severity) LOG_TO(DEFAULT, severity)



// Checks if we want to log something, and sets up appropriate RAII objects if

// so.

// Note: DO NOT USE DIRECTLY. This is an implementation detail.

#define LOGGING_PREAMBLE(severity)                                                         \

  (WOULD_LOG(severity) &&                                                                  \

   ABORT_AFTER_LOG_EXPR_IF((SEVERITY_LAMBDA(severity)) == ::android::base::FATAL, true) && \

   ::android::base::ErrnoRestorer())



// Logs a message to logcat with the specified log ID on Android otherwise to

// stderr. If the severity is FATAL it also causes an abort.

// Use an if-else statement instead of just an if statement here. So if there is a

// else statement after LOG() macro, it won't bind to the if statement in the macro.

// do-while(0) statement doesn't work here. Because we need to support << operator

// following the macro, like "LOG(DEBUG) << xxx;".



#define LOG_TO(dest, severity) \

  WOULD_LOG(severity) &&                   \

    ::android::base::ErrnoRestorer() &&    \

      LOG_STREAM_TO(dest, severity)

// Use an expression here so we can support the << operator following the macro,

// like "LOG(DEBUG) << xxx;".

#define LOG_TO(dest, severity) LOGGING_PREAMBLE(severity) && LOG_STREAM_TO(dest, severity)



// A variant of LOG that also logs the current errno value. To be used when

// library calls fail.
@@ -208,24 +228,15 @@ class ErrnoRestorer { 


// Behaves like PLOG, but logs to the specified log ID.

#define PLOG_TO(dest, severity)                                              \

  WOULD_LOG(SEVERITY_LAMBDA(severity)) &&               \

    ::android::base::ErrnoRestorer() &&                 \

      ::android::base::LogMessage(__FILE__, __LINE__,   \

          ::android::base::dest,                        \

          SEVERITY_LAMBDA(severity), errno).stream()

  LOGGING_PREAMBLE(severity) &&                                              \

      ::android::base::LogMessage(__FILE__, __LINE__, ::android::base::dest, \

                                  SEVERITY_LAMBDA(severity), errno)          \

          .stream()



// Marker that code is yet to be implemented.

#define UNIMPLEMENTED(level) \

  LOG(level) << __PRETTY_FUNCTION__ << " unimplemented "



#ifdef __clang_analyzer__

// ClangL static analyzer does not see the conditional statement inside

// LogMessage's destructor that will abort on FATAL severity.

#define ABORT_AFTER_LOG_FATAL for (;;abort())

#else

#define ABORT_AFTER_LOG_FATAL

#endif



// Check whether condition x holds and LOG(FATAL) if not. The value of the

// expression x is only evaluated once. Extra logging can be appended using <<

// after. For example:
@@ -233,10 +244,10 @@ class ErrnoRestorer { 
//     CHECK(false == true) results in a log message of

//       "Check failed: false == true".

#define CHECK(x)                                                                \

  LIKELY((x)) ||                                                              \

    ABORT_AFTER_LOG_FATAL                                                     \

    ::android::base::LogMessage(__FILE__, __LINE__, ::android::base::DEFAULT, \

                                ::android::base::FATAL, -1).stream()          \

  LIKELY((x)) || ABORT_AFTER_LOG_FATAL_EXPR(false) ||                           \

      ::android::base::LogMessage(                                              \

          __FILE__, __LINE__, ::android::base::DEFAULT, ::android::base::FATAL, \

          -1).stream()                                                          \

          << "Check failed: " #x << " "



// Helper for CHECK_xx(x,y) macros.