steakhal added a comment.
If we worry about having taint-related reports without a Note message
explaining where the taint was introduced, we could just assert that in a
`BugReportVisitor` at the `finalizeVisitor()` callback. I think such an
assertion would make a lot of sense.
To achieve this, we could take the `R.getNotes()` and check if any of them
refers to a specific one produced by the `NoteTag` callback for taint sources,
let's say `TaintSourceTag` for that `PathDiagnosticNotePiece`.
void MyVisitor::finalizeVisitor(BugReporterContext &, const ExplodedNode *,
PathSensitiveBugReport &R) {
assert(llvm::any_of(R.getNotes(),
[](const auto &Piece) { return Piece->getTag() ==
TaintSourceTag; }) &&
"Each taint report should have at least one taint-source");
}
With this assertion, we would gain confidence that the taint reports are
complete, or at least they all have at least one taint source.
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D144269/new/
https://reviews.llvm.org/D144269
_______________________________________________
cfe-commits mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
