1//===--- SarifDiagnostics.cpp - Sarif Diagnostics for Paths -----*- C++ -*-===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8//
9// This file defines the SarifDiagnostics object.
10//
11//===----------------------------------------------------------------------===//
12
13#include "clang/Analysis/MacroExpansionContext.h"
14#include "clang/Analysis/PathDiagnostic.h"
15#include "clang/Basic/FileManager.h"
16#include "clang/Basic/Version.h"
17#include "clang/Lex/Preprocessor.h"
18#include "clang/StaticAnalyzer/Core/PathDiagnosticConsumers.h"
19#include "llvm/ADT/STLExtras.h"
20#include "llvm/ADT/StringMap.h"
21#include "llvm/Support/ConvertUTF.h"
22#include "llvm/Support/JSON.h"
23#include "llvm/Support/Path.h"
24
25using namespace llvm;
26using namespace clang;
27using namespace ento;
28
29namespace {
30class SarifDiagnostics : public PathDiagnosticConsumer {
31 std::string OutputFile;
32 const LangOptions &LO;
33
34public:
35 SarifDiagnostics(const std::string &Output, const LangOptions &LO)
36 : OutputFile(Output), LO(LO) {}
37 ~SarifDiagnostics() override = default;
38
39 void FlushDiagnosticsImpl(std::vector<const PathDiagnostic *> &Diags,
40 FilesMade *FM) override;
41
42 StringRef getName() const override { return "SarifDiagnostics"; }
43 PathGenerationScheme getGenerationScheme() const override { return Minimal; }
44 bool supportsLogicalOpControlFlow() const override { return true; }
45 bool supportsCrossFileDiagnostics() const override { return true; }
46};
47} // end anonymous namespace
48
49void ento::createSarifDiagnosticConsumer(
50 PathDiagnosticConsumerOptions DiagOpts, PathDiagnosticConsumers &C,
51 const std::string &Output, const Preprocessor &PP,
52 const cross_tu::CrossTranslationUnitContext &CTU,
53 const MacroExpansionContext &MacroExpansions) {
54
55 // TODO: Emit an error here.
56 if (Output.empty())
57 return;
58
59 C.push_back(new SarifDiagnostics(Output, PP.getLangOpts()));
60 createTextMinimalPathDiagnosticConsumer(std::move(DiagOpts), C, Output, PP,
61 CTU, MacroExpansions);
62}
63
64static StringRef getFileName(const FileEntry &FE) {
65 StringRef Filename = FE.tryGetRealPathName();
66 if (Filename.empty())
67 Filename = FE.getName();
68 return Filename;
69}
70
71static std::string percentEncodeURICharacter(char C) {
72 // RFC 3986 claims alpha, numeric, and this handful of
73 // characters are not reserved for the path component and
74 // should be written out directly. Otherwise, percent
75 // encode the character and write that out instead of the
76 // reserved character.
77 if (llvm::isAlnum(C) ||
78 StringRef::npos != StringRef("-._~:@!$&'()*+,;=").find(C))
79 return std::string(&C, 1);
80 return "%" + llvm::toHex(StringRef(&C, 1));
81}
82
83static std::string fileNameToURI(StringRef Filename) {
84 llvm::SmallString<32> Ret = StringRef("file://");
85
86 // Get the root name to see if it has a URI authority.
87 StringRef Root = sys::path::root_name(Filename);
88 if (Root.startswith("//")) {
89 // There is an authority, so add it to the URI.
90 Ret += Root.drop_front(2).str();
91 } else if (!Root.empty()) {
92 // There is no authority, so end the component and add the root to the URI.
93 Ret += Twine("/" + Root).str();
94 }
95
96 auto Iter = sys::path::begin(Filename), End = sys::path::end(Filename);
97 assert(Iter != End && "Expected there to be a non-root path component.");
98 // Add the rest of the path components, encoding any reserved characters;
99 // we skip past the first path component, as it was handled it above.
100 for (StringRef Component : llvm::make_range(++Iter, End)) {
101 // For reasons unknown to me, we may get a backslash with Windows native
102 // paths for the initial backslash following the drive component, which
103 // we need to ignore as a URI path part.
104 if (Component == "\\")
105 continue;
106
107 // Add the separator between the previous path part and the one being
108 // currently processed.
109 Ret += "/";
110
111 // URI encode the part.
112 for (char C : Component) {
113 Ret += percentEncodeURICharacter(C);
114 }
115 }
116
117 return std::string(Ret);
118}
119
120static json::Object createArtifactLocation(const FileEntry &FE) {
121 return json::Object{{"uri", fileNameToURI(getFileName(FE))}};
122}
123
124static json::Object createArtifact(const FileEntry &FE) {
125 return json::Object{{"location", createArtifactLocation(FE)},
126 {"roles", json::Array{"resultFile"}},
127 {"length", FE.getSize()},
128 {"mimeType", "text/plain"}};
129}
130
131static json::Object createArtifactLocation(const FileEntry &FE,
132 json::Array &Artifacts) {
133 std::string FileURI = fileNameToURI(getFileName(FE));
134
135 // See if the Artifacts array contains this URI already. If it does not,
136 // create a new artifact object to add to the array.
137 auto I = llvm::find_if(Artifacts, [&](const json::Value &File) {
138 if (const json::Object *Obj = File.getAsObject()) {
139 if (const json::Object *FileLoc = Obj->getObject("location")) {
140 Optional<StringRef> URI = FileLoc->getString("uri");
141 return URI && URI->equals(FileURI);
142 }
143 }
144 return false;
145 });
146
147 // Calculate the index within the artifact array so it can be stored in
148 // the JSON object.
149 auto Index = static_cast<unsigned>(std::distance(Artifacts.begin(), I));
150 if (I == Artifacts.end())
151 Artifacts.push_back(createArtifact(FE));
152
153 return json::Object{{"uri", FileURI}, {"index", Index}};
154}
155
156static unsigned int adjustColumnPos(const SourceManager &SM, SourceLocation Loc,
157 unsigned int TokenLen = 0) {
158 assert(!Loc.isInvalid() && "invalid Loc when adjusting column position");
159
160 std::pair<FileID, unsigned> LocInfo = SM.getDecomposedExpansionLoc(Loc);
161 assert(LocInfo.second > SM.getExpansionColumnNumber(Loc) &&
162 "position in file is before column number?");
163
164 Optional<MemoryBufferRef> Buf = SM.getBufferOrNone(LocInfo.first);
165 assert(Buf && "got an invalid buffer for the location's file");
166 assert(Buf->getBufferSize() >= (LocInfo.second + TokenLen) &&
167 "token extends past end of buffer?");
168
169 // Adjust the offset to be the start of the line, since we'll be counting
170 // Unicode characters from there until our column offset.
171 unsigned int Off = LocInfo.second - (SM.getExpansionColumnNumber(Loc) - 1);
172 unsigned int Ret = 1;
173 while (Off < (LocInfo.second + TokenLen)) {
174 Off += getNumBytesForUTF8(Buf->getBuffer()[Off]);
175 Ret++;
176 }
177
178 return Ret;
179}
180
181static json::Object createTextRegion(const LangOptions &LO, SourceRange R,
182 const SourceManager &SM) {
183 json::Object Region{
184 {"startLine", SM.getExpansionLineNumber(R.getBegin())},
185 {"startColumn", adjustColumnPos(SM, R.getBegin())},
186 };
187 if (R.getBegin() == R.getEnd()) {
188 Region["endColumn"] = adjustColumnPos(SM, R.getBegin());
189 } else {
190 Region["endLine"] = SM.getExpansionLineNumber(R.getEnd());
191 Region["endColumn"] = adjustColumnPos(
192 SM, R.getEnd(),
193 Lexer::MeasureTokenLength(R.getEnd(), SM, LO));
194 }
195 return Region;
196}
197
198static json::Object createPhysicalLocation(const LangOptions &LO,
199 SourceRange R, const FileEntry &FE,
200 const SourceManager &SMgr,
201 json::Array &Artifacts) {
202 return json::Object{
203 {{"artifactLocation", createArtifactLocation(FE, Artifacts)},
204 {"region", createTextRegion(LO, R, SMgr)}}};
205}
206
207enum class Importance { Important, Essential, Unimportant };
208
209static StringRef importanceToStr(Importance I) {
210 switch (I) {
211 case Importance::Important:
212 return "important";
213 case Importance::Essential:
214 return "essential";
215 case Importance::Unimportant:
216 return "unimportant";
217 }
218 llvm_unreachable("Fully covered switch is not so fully covered");
219}
220
221static json::Object createThreadFlowLocation(json::Object &&Location,
222 Importance I) {
223 return json::Object{{"location", std::move(Location)},
224 {"importance", importanceToStr(I)}};
225}
226
227static json::Object createMessage(StringRef Text) {
228 return json::Object{{"text", Text.str()}};
229}
230
231static json::Object createLocation(json::Object &&PhysicalLocation,
232 StringRef Message = "") {
233 json::Object Ret{{"physicalLocation", std::move(PhysicalLocation)}};
234 if (!Message.empty())
235 Ret.insert({"message", createMessage(Message)});
236 return Ret;
237}
238
239static Importance calculateImportance(const PathDiagnosticPiece &Piece) {
240 switch (Piece.getKind()) {
241 case PathDiagnosticPiece::Call:
242 case PathDiagnosticPiece::Macro:
243 case PathDiagnosticPiece::Note:
244 case PathDiagnosticPiece::PopUp:
245 // FIXME: What should be reported here?
246 break;
247 case PathDiagnosticPiece::Event:
248 return Piece.getTagStr() == "ConditionBRVisitor" ? Importance::Important
249 : Importance::Essential;
250 case PathDiagnosticPiece::ControlFlow:
251 return Importance::Unimportant;
252 }
253 return Importance::Unimportant;
254}
255
256static json::Object createThreadFlow(const LangOptions &LO,
257 const PathPieces &Pieces,
258 json::Array &Artifacts) {
259 const SourceManager &SMgr = Pieces.front()->getLocation().getManager();
260 json::Array Locations;
261 for (const auto &Piece : Pieces) {
262 const PathDiagnosticLocation &P = Piece->getLocation();
263 Locations.push_back(createThreadFlowLocation(
264 createLocation(createPhysicalLocation(
265 LO, P.asRange(),
266 *P.asLocation().getExpansionLoc().getFileEntry(),
267 SMgr, Artifacts),
268 Piece->getString()),
269 calculateImportance(*Piece)));
270 }
271 return json::Object{{"locations", std::move(Locations)}};
272}
273
274static json::Object createCodeFlow(const LangOptions &LO,
275 const PathPieces &Pieces,
276 json::Array &Artifacts) {
277 return json::Object{
278 {"threadFlows", json::Array{createThreadFlow(LO, Pieces, Artifacts)}}};
279}
280
281static json::Object createResult(const LangOptions &LO,
282 const PathDiagnostic &Diag,
283 json::Array &Artifacts,
284 const StringMap<unsigned> &RuleMapping) {
285 const PathPieces &Path = Diag.path.flatten(false);
286 const SourceManager &SMgr = Path.front()->getLocation().getManager();
287
288 auto Iter = RuleMapping.find(Diag.getCheckerName());
289 assert(Iter != RuleMapping.end() && "Rule ID is not in the array index map?");
290
291 return json::Object{
292 {"message", createMessage(Diag.getVerboseDescription())},
293 {"codeFlows", json::Array{createCodeFlow(LO, Path, Artifacts)}},
294 {"locations",
295 json::Array{createLocation(createPhysicalLocation(
296 LO, Diag.getLocation().asRange(),
297 *Diag.getLocation().asLocation().getExpansionLoc().getFileEntry(),
298 SMgr, Artifacts))}},
299 {"ruleIndex", Iter->getValue()},
300 {"ruleId", Diag.getCheckerName()}};
301}
302
303static StringRef getRuleDescription(StringRef CheckName) {
304 return llvm::StringSwitch<StringRef>(CheckName)
305#define GET_CHECKERS
306#define CHECKER(FULLNAME, CLASS, HELPTEXT, DOC_URI, IS_HIDDEN) \
307 .Case(FULLNAME, HELPTEXT)
308#include "clang/StaticAnalyzer/Checkers/Checkers.inc"
309#undef CHECKER
310#undef GET_CHECKERS
311 ;
312}
313
314static StringRef getRuleHelpURIStr(StringRef CheckName) {
315 return llvm::StringSwitch<StringRef>(CheckName)
316#define GET_CHECKERS
317#define CHECKER(FULLNAME, CLASS, HELPTEXT, DOC_URI, IS_HIDDEN) \
318 .Case(FULLNAME, DOC_URI)
319#include "clang/StaticAnalyzer/Checkers/Checkers.inc"
320#undef CHECKER
321#undef GET_CHECKERS
322 ;
323}
324
325static json::Object createRule(const PathDiagnostic &Diag) {
326 StringRef CheckName = Diag.getCheckerName();
327 json::Object Ret{
328 {"fullDescription", createMessage(getRuleDescription(CheckName))},
329 {"name", CheckName},
330 {"id", CheckName}};
331
332 std::string RuleURI = std::string(getRuleHelpURIStr(CheckName));
333 if (!RuleURI.empty())
334 Ret["helpUri"] = RuleURI;
335
336 return Ret;
337}
338
339static json::Array createRules(std::vector<const PathDiagnostic *> &Diags,
340 StringMap<unsigned> &RuleMapping) {
341 json::Array Rules;
342 llvm::StringSet<> Seen;
343
344 for (const PathDiagnostic *D : Diags) {
345 StringRef RuleID = D->getCheckerName();
346 std::pair<llvm::StringSet<>::iterator, bool> P = Seen.insert(RuleID);
347 if (P.second) {
348 RuleMapping[RuleID] = Rules.size(); // Maps RuleID to an Array Index.
349 Rules.push_back(createRule(*D));
350 }
351 }
352
353 return Rules;
354}
355
356static json::Object createTool(std::vector<const PathDiagnostic *> &Diags,
357 StringMap<unsigned> &RuleMapping) {
358 return json::Object{
359 {"driver", json::Object{{"name", "clang"},
360 {"fullName", "clang static analyzer"},
361 {"language", "en-US"},
362 {"version", getClangFullVersion()},
363 {"rules", createRules(Diags, RuleMapping)}}}};
364}
365
366static json::Object createRun(const LangOptions &LO,
367 std::vector<const PathDiagnostic *> &Diags) {
368 json::Array Results, Artifacts;
369 StringMap<unsigned> RuleMapping;
370 json::Object Tool = createTool(Diags, RuleMapping);
371
372 for (const PathDiagnostic *D : Diags)
373 Results.push_back(createResult(LO, *D, Artifacts, RuleMapping));
374
375 return json::Object{{"tool", std::move(Tool)},
376 {"results", std::move(Results)},
377 {"artifacts", std::move(Artifacts)},
378 {"columnKind", "unicodeCodePoints"}};
379}
380
381void SarifDiagnostics::FlushDiagnosticsImpl(
382 std::vector<const PathDiagnostic *> &Diags, FilesMade *) {
383 // We currently overwrite the file if it already exists. However, it may be
384 // useful to add a feature someday that allows the user to append a run to an
385 // existing SARIF file. One danger from that approach is that the size of the
386 // file can become large very quickly, so decoding into JSON to append a run
387 // may be an expensive operation.
388 std::error_code EC;
389 llvm::raw_fd_ostream OS(OutputFile, EC, llvm::sys::fs::OF_TextWithCRLF);
390 if (EC) {
391 llvm::errs() << "warning: could not create file: " << EC.message() << '\n';
392 return;
393 }
394 json::Object Sarif{
395 {"$schema",
396 "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json"},
397 {"version", "2.1.0"},
398 {"runs", json::Array{createRun(LO, Diags)}}};
399 OS << llvm::formatv("{0:2}\n", json::Value(std::move(Sarif)));
400}
401

source code of clang/lib/StaticAnalyzer/Core/SarifDiagnostics.cpp