Data Structures | |
| class | sarif_token_printer |
Private Attributes | |
| diagnostic_context & | m_context |
| pretty_printer * | m_printer |
| const line_maps * | m_line_maps |
| sarif_token_printer | m_token_printer |
| const logical_location_manager * | m_logical_loc_mgr |
| std::unique_ptr< sarif_invocation > | m_invocation_obj |
| std::unique_ptr< json::array > | m_results_array |
| std::unique_ptr< sarif_result > | m_cur_group_result |
| ordered_hash_map< nofree_string_hash, sarif_artifact * > | m_filename_to_artifact_map |
| bool | m_seen_any_relative_paths |
| hash_set< free_string_hash > | m_rule_id_set |
| std::unique_ptr< json::array > | m_rules_arr |
| hash_set< int_hash< int, 0, 1 > > | m_cwe_id_set |
| std::unique_ptr< sarif_array_of_unique< sarif_logical_location > > | m_cached_logical_locs |
| int | m_tabstop |
| std::unique_ptr< sarif_serialization_format > | m_serialization_format |
| const sarif_generation_options | m_sarif_gen_opts |
| unsigned | m_next_result_idx |
| sarif_code_flow * | m_current_code_flow |
Friends | |
| class | diagnostic_sarif_format_buffer |
A class for managing SARIF output (for -fdiagnostics-format=sarif-stderr
and -fdiagnostics-format=sarif-file).
As diagnostics occur, we build "result" JSON objects, and
accumulate state:
- which source files are referenced
- which warnings are emitted
- which CWEs are used
At the end of the compile, we use the above to build the full SARIF
object tree, adding the result objects to the correct place, and
creating objects for the various source files, warnings and CWEs
referenced.
Implemented:
- fix-it hints
- CWE metadata
- diagnostic groups (see limitations below)
- logical locations (e.g. cfun)
- labelled ranges (as annotations)
- secondary ranges without labels (as related locations)
Known limitations:
- GCC supports nesting of diagnostics (one-deep nesting via
auto_diagnostic_group, and arbitrary nesting via
auto_diagnostic_nesting_level). These are captured in the SARIF
as related locations, and so we only capture location and message
information from such nested diagnostics (e.g. we ignore fix-it
hints on them). Diagnostics within an auto_diagnostic_nesting_level
have their nesting level captured as a property.
- although we capture command-line arguments (section 3.20.2), we don't
yet capture response files.
- doesn't capture "artifact.encoding" property
(SARIF v2.1.0 section 3.24.9).
- doesn't capture hashes of the source files
("artifact.hashes" property (SARIF v2.1.0 section 3.24.11).
- doesn't capture the "analysisTarget" property
(SARIF v2.1.0 section 3.27.13).
- doesn't capture -Werror cleanly
- doesn't capture inlining information (can SARIF handle this?)
- doesn't capture macro expansion information (can SARIF handle this?).
- doesn't capture any diagnostic_metadata::rules associated with
a diagnostic. | sarif_builder::sarif_builder | ( | diagnostic_context & | context, |
| pretty_printer & | printer, | ||
| const line_maps * | line_maps, | ||
| const char * | main_input_filename_, | ||
| std::unique_ptr< sarif_serialization_format > | serialization_format, | ||
| const sarif_generation_options & | sarif_gen_opts ) |
class sarif_builder.
sarif_builder's ctor.
References analysis_target, false, gcc_assert, diagnostic_context::get_client_data_hooks(), get_or_create_artifact(), m_cached_logical_locs, m_context, m_cur_group_result, m_current_code_flow, m_invocation_obj, m_line_maps, m_logical_loc_mgr, m_next_result_idx, m_printer, m_results_array, m_rule_id_set, m_rules_arr, m_sarif_gen_opts, m_seen_any_relative_paths, m_serialization_format, m_tabstop, and m_token_printer.
Referenced by make_location_object(), and sarif_builder::sarif_token_printer::sarif_token_printer().
| sarif_builder::~sarif_builder | ( | ) |
References m_filename_to_artifact_map.
|
private |
If WHERE was #included from somewhere, add a worklist item to LOC_MGR to lazily add a location for the #include location, and relationships between it and the LOCATION_OBJ. Compare with diagnostic_context::report_current_module, but rather than iterating the current chain, we add the next edge and iterate in the worklist, so that edges are only added once.
References sarif_location_manager::add_relationship_to_worklist(), BUILTINS_LOCATION, m_line_maps, and map.
Referenced by make_location_object(), make_location_object(), and make_location_object().
| void sarif_builder::emit_diagram | ( | const diagnostic_diagram & | diagram | ) |
Implementation of diagnostic_context::m_diagrams.m_emission_cb for SARIF output.
References gcc_assert, and m_cur_group_result.
| void sarif_builder::end_group | ( | ) |
Implementation of "end_group_cb" for SARIF output.
References m_cur_group_result, and m_results_array.
|
private |
Ensure that m_cached_logical_locs has a "logicalLocation" object (SARIF v2.1.0 section 3.33) for K, and return its index within the array.
References ensure_sarif_logical_location_for(), gcc_assert, m_cached_logical_locs, m_logical_loc_mgr, and maybe_get_sarif_kind().
Referenced by ensure_sarif_logical_location_for(), and make_minimal_sarif_logical_location().
| void sarif_builder::flush_to_file | ( | FILE * | outf | ) |
Create a top-level object, and add it to all the results (and other entities) we've seen so far. Flush it all to OUTF.
References flush_to_object(), and m_serialization_format.
| std::unique_ptr< sarif_log > sarif_builder::flush_to_object | ( | ) |
Create a top-level object, and add it to all the results (and other entities) we've seen so far, moving ownership to the object.
References m_invocation_obj, m_results_array, and make_top_level_object().
Referenced by flush_to_file().
|
inline |
References m_current_code_flow.
|
inline |
References m_context.
Referenced by sarif_result::on_nested_diagnostic(), and sarif_invocation::prepare_to_flush().
|
inline |
References m_logical_loc_mgr.
|
inline |
References m_sarif_gen_opts.
|
private |
Ensure that we have an "artifact" object (SARIF v2.1.0 section 3.24) for FILENAME, adding it to m_filename_to_artifact_map if not already found, and adding ROLE to it. If EMBED_CONTENTS is true, then flag that we will attempt to embed the contents of this artifact when writing it out.
References sarif_artifact::add_role(), analysis_target, debug_output_file, gcc_unreachable, m_context, m_filename_to_artifact_map, make_artifact_location_object(), result_file, scanned_file, json::object::set(), json::object::set_string(), and traced_file.
Referenced by maybe_make_physical_location_object(), and sarif_builder().
|
inline |
References m_printer.
Referenced by make_location_object(), sarif_result::on_nested_diagnostic(), and sarif_ice_notification::sarif_ice_notification().
|
inline |
References gcc_assert.
|
private |
Get the column number within EXPLOC.
References location_compute_display_column(), m_context, and m_tabstop.
Referenced by make_region_object_for_hint(), and maybe_make_region_object().
|
private |
Attempt to read the given range of lines from FILENAME; return a freshly-allocated 0-terminated buffer containing them, or nullptr.
References char_span::get_buffer(), i, char_span::length(), and m_context.
Referenced by maybe_make_artifact_content_object().
|
inline |
References m_token_printer.
|
inline |
References m_sarif_gen_opts.
Referenced by sarif_invocation::add_notification_for_ice(), sarif_ice_notification::add_related_location(), and make_top_level_object().
|
private |
Make an "artifactChange" object (SARIF v2.1.0 section 3.56) for RICHLOC.
References i, make_artifact_location_object(), and make_replacement_object().
Referenced by make_fix_object().
|
private |
Make an "artifactContent" object (SARIF v2.1.0 section 3.3) for TEXT.
Referenced by make_replacement_object().
| std::unique_ptr< sarif_artifact_location > sarif_builder::make_artifact_location_object | ( | const char * | filename | ) |
Make an "artifactLocation" object (SARIF v2.1.0 section 3.4) for FILENAME, or return nullptr.
References m_seen_any_relative_paths, and PWD_PROPERTY_NAME.
Referenced by get_or_create_artifact(), make_artifact_change_object(), make_artifact_location_object(), maybe_make_physical_location_object(), and sarif_invocation::sarif_invocation().
|
private |
Make an "artifactLocation" object (SARIF v2.1.0 section 3.4) for LOC, or return nullptr.
References LOCATION_FILE, and make_artifact_location_object().
|
private |
Make an "artifactLocation" object (SARIF v2.1.0 section 3.4) for the pwd, for use in the "run.originalUriBaseIds" property (SARIF v2.1.0 section 3.14.14) when we have any relative paths.
References free(), gcc_assert, and make_pwd_uri_str().
Referenced by make_run_object().
|
private |
Make a "codeFlow" object (SARIF v2.1.0 section 3.36) for PATH.
References sarif_thread_flow::add_location(), i, m_current_code_flow, path, and populate_thread_flow_location_object().
Referenced by make_result_object().
|
private |
Make a "toolComponent" object (SARIF v2.1.0 section 3.19) for what SARIF calls the "driver" (see SARIF v2.1.0 section 3.18.1).
References free(), m_context, and m_rules_arr.
Referenced by make_tool_object().
|
private |
Make a "fix" object (SARIF v2.1.0 section 3.55) for RICHLOC.
References make_artifact_change_object(), and json::object::set().
Referenced by make_result_object().
|
private |
Make a "location" object (SARIF v2.1.0 section 3.28) for EVENT within a diagnostic_path.
References add_any_include_chain(), pretty_printer::clone(), json::object::get(), get_printer(), make_message_object(), maybe_make_physical_location_object(), pp_formatted_text(), and set_any_logical_locs_arr().
| std::unique_ptr< sarif_location > sarif_builder::make_location_object | ( | sarif_location_manager & | loc_mgr, |
| const rich_location & | rich_loc, | ||
| logical_location | logical_loc, | ||
| enum diagnostic_artifact_role | role ) |
Make a "location" object (SARIF v2.1.0 section 3.28) for RICH_LOC and LOGICAL_LOC. Use LOC_MGR for any locations that need "id" values, and for any worklist items.
References add_any_include_chain(), sarif_location_manager::add_relationship_to_worklist(), diagnostic_source_printing_options::colorize_source_p, diagnostic_finish(), diagnostic_initialize(), diagnostic_source_printing_options::enabled, json::object::get(), diagnostic_output_format::get_printer(), i, m_context, diagnostic_context::m_source_printing, make_message_object(), make_multiformat_message_string(), maybe_make_physical_location_object(), maybe_make_region_object(), pp_formatted_text(), diagnostic_source_print_policy::print(), sarif_builder(), set_any_logical_locs_arr(), json::object::set_bool(), diagnostic_context::set_escape_format(), diagnostic_source_printing_options::show_labels_p, diagnostic_source_printing_options::show_line_numbers_p, and sarif_location_manager::worklist_item::unlabelled_secondary_location.
Referenced by make_locations_arr(), sarif_result::on_nested_diagnostic(), populate_thread_flow_location_object(), and sarif_location_manager::process_worklist_item().
| std::unique_ptr< sarif_location > sarif_builder::make_location_object | ( | sarif_location_manager & | loc_mgr, |
| location_t | loc, | ||
| enum diagnostic_artifact_role | role ) |
Make a "location" object (SARIF v2.1.0 section 3.28) for WHERE within an include chain.
References add_any_include_chain(), json::object::get(), and maybe_make_physical_location_object().
| std::unique_ptr< json::array > sarif_builder::make_locations_arr | ( | sarif_location_manager & | loc_mgr, |
| const diagnostic_info & | diagnostic, | ||
| enum diagnostic_artifact_role | role ) |
Make an array suitable for use as the "locations" property of: - a "result" object (SARIF v2.1.0 section 3.27.12), or - a "notification" object (SARIF v2.1.0 section 3.58.4). Use LOC_MGR for any locations that need "id" values.
References m_context, and make_location_object().
Referenced by make_result_object(), and sarif_ice_notification::sarif_ice_notification().
| std::unique_ptr< sarif_message > sarif_builder::make_message_object | ( | const char * | msg | ) | const |
Make a "message" object (SARIF v2.1.0 section 3.11) for MSG.
References msg, and set_string_property_escaping_braces().
Referenced by make_location_object(), make_location_object(), make_result_object(), sarif_result::on_nested_diagnostic(), and sarif_ice_notification::sarif_ice_notification().
| std::unique_ptr< sarif_message > sarif_builder::make_message_object_for_diagram | ( | const diagnostic_diagram & | diagram | ) |
Make a "message" object (SARIF v2.1.0 section 3.11) for DIAGRAM. We emit the diagram as a code block within the Markdown part of the message.
References diagnostic_diagram::get_alt_text(), diagnostic_diagram::get_canvas(), m_printer, pp_clear_output_area(), pp_formatted_text(), pp_set_prefix(), pp_take_prefix(), and set_string_property_escaping_braces().
Referenced by sarif_result::on_diagram().
| std::unique_ptr< sarif_logical_location > sarif_builder::make_minimal_sarif_logical_location | ( | logical_location | logical_loc | ) |
Ensure that theRuns.logicalLocations (3.14.17) has a "logicalLocation" object (SARIF v2.1.0 section 3.33) for LOGICAL_LOC. Create and return a minimal logicalLocation object referring to the full object by index.
References ensure_sarif_logical_location_for(), gcc_assert, and m_logical_loc_mgr.
Referenced by set_any_logical_locs_arr(), and sarif_property_bag::set_logical_location().
|
private |
Make a "multiformatMessageString object" (SARIF v2.1.0 section 3.12) for MSG.
References msg, and set_string_property_escaping_braces().
Referenced by make_location_object(), and maybe_make_cwe_taxonomy_object().
|
private |
Make a "region" object (SARIF v2.1.0 section 3.30) for the deletion region of HINT (as per SARIF v2.1.0 section 3.57.3).
References expand_location(), and get_sarif_column().
Referenced by make_replacement_object().
|
private |
Make a "replacement" object (SARIF v2.1.0 section 3.57) for HINT.
References make_artifact_content_object(), make_region_object_for_hint(), and json::object::set().
Referenced by make_artifact_change_object().
|
private |
Make a "reportingDescriptor" object (SARIF v2.1.0 section 3.49) for CWE_ID, for use within the CWE taxa array.
References free(), get_cwe_url(), pp_formatted_text(), and pp_printf().
Referenced by maybe_make_cwe_taxonomy_object().
|
private |
Make a "reportingDescriptor" object (SARIF v2.1.0 section 3.49) for a GCC warning.
References free(), and m_context.
Referenced by make_result_object().
|
private |
Make a "reportingDescriptorReference" object (SARIF v2.1.0 section 3.52) referencing CWE_ID, for use within a result object. Also, add CWE_ID to m_cwe_id_set.
References gcc_assert, m_cwe_id_set, make_tool_component_reference_object_for_cwe(), pp_formatted_text(), and pp_printf().
Referenced by make_result_object().
|
private |
Make a "result" object (SARIF v2.1.0 section 3.27) for DIAGNOSTIC.
References free(), m_context, m_printer, m_rule_id_set, m_rules_arr, make_code_flow_object(), make_fix_object(), make_locations_arr(), make_message_object(), make_reporting_descriptor_object_for_warning(), make_reporting_descriptor_reference_object_for_cwe_id(), make_rule_id_for_diagnostic_kind(), maybe_get_sarif_level(), path, pp_clear_output_area(), pp_formatted_text(), result_file, and json::object::set().
Referenced by on_report_diagnostic().
|
private |
Make a "run" object (SARIF v2.1.0 section 3.14).
References sarif_artifact::embed_contents_p(), m_cached_logical_locs, m_filename_to_artifact_map, m_seen_any_relative_paths, make_artifact_location_object_for_pwd(), make_tool_object(), maybe_make_taxonomies_array(), sarif_artifact::populate_contents(), sarif_artifact::populate_roles(), PWD_PROPERTY_NAME, and json::object::set().
Referenced by make_top_level_object().
|
private |
Attempt to generate a JSON object representing a backtrace, for adding to ICE notifications.
References bt_callback().
Referenced by on_report_diagnostic().
|
private |
Make a "toolComponentReference" object (SARIF v2.1.0 section 3.54) that references the CWE taxonomy.
Referenced by make_reporting_descriptor_reference_object_for_cwe_id().
|
private |
Make a "tool" object (SARIF v2.1.0 section 3.18).
References diagnostic_client_plugin_info::get_full_name(), diagnostic_client_plugin_info::get_short_name(), diagnostic_client_plugin_info::get_version(), m_context, make_driver_tool_component_object(), and json::object::set().
Referenced by make_run_object().
|
private |
Make a top-level "sarifLog" object (SARIF v2.1.0 section 3.13).
References get_version(), make_run_object(), sarif_version_to_property(), sarif_version_to_url(), and json::object::set().
Referenced by flush_to_object().
| std::unique_ptr< sarif_artifact_content > sarif_builder::maybe_make_artifact_content_object | ( | const char * | filename | ) | const |
Make an "artifactContent" object (SARIF v2.1.0 section 3.3) for the full contents of FILENAME.
References char_span::get_buffer(), char_span::length(), and m_context.
Referenced by maybe_make_region_object_for_context(), and sarif_artifact::populate_contents().
|
private |
Make an "artifactContent" object (SARIF v2.1.0 section 3.3) for the given run of lines within FILENAME (including the endpoints). If R is non-NULL, use it to potentially set the "rendered" property (3.3.4).
References free(), get_source_lines(), and r.
|
private |
If we've seen any CWE IDs, make a "toolComponent" object (SARIF v2.1.0 section 3.19) representing the CWE taxonomy, as per 3.19.3. Populate the "taxa" property with all of the CWE IDs in m_cwe_id_set. Otherwise return nullptr.
References m_cwe_id_set, make_multiformat_message_string(), make_reporting_descriptor_object_for_cwe_id(), and json::object::set().
Referenced by maybe_make_taxonomies_array().
|
private |
If M has any known meaning, make a json array suitable for the "kinds" property of a "threadFlowLocation" object (SARIF v2.1.0 section 3.38.8). Otherwise, return nullptr.
References diagnostic_event::meaning::m_noun, diagnostic_event::meaning::m_property, diagnostic_event::meaning::m_verb, diagnostic_event::meaning::maybe_get_noun_str(), diagnostic_event::meaning::maybe_get_property_str(), diagnostic_event::meaning::maybe_get_verb_str(), diagnostic_event::NOUN_unknown, diagnostic_event::PROPERTY_unknown, and diagnostic_event::VERB_unknown.
Referenced by populate_thread_flow_location_object().
|
private |
Make a "physicalLocation" object (SARIF v2.1.0 section 3.29) for LOC. If COLUMN_OVERRIDE is non-zero, then use it as the column number if LOC has no column information. Ensure that we have an artifact object for the file, adding ROLE to it, and flagging that we will attempt to embed the contents of the artifact when writing it out.
References BUILTINS_LOCATION, get_or_create_artifact(), LOCATION_FILE, make_artifact_location_object(), maybe_make_region_object(), maybe_make_region_object_for_context(), and json::object::set().
Referenced by make_location_object(), make_location_object(), and make_location_object().
|
private |
Make a "region" object (SARIF v2.1.0 section 3.30) for LOC,
or return nullptr.
If COLUMN_OVERRIDE is non-zero, then use it as the column number
if LOC has no column information.
We only support text properties of regions ("text regions"),
not binary properties ("binary regions"); see 3.30.1.
References BUILTINS_LOCATION, expand_location(), get_finish(), get_pure_location(), get_sarif_column(), and get_start().
Referenced by make_location_object(), and maybe_make_physical_location_object().
|
private |
Make a "region" object (SARIF v2.1.0 section 3.30) for the "contextRegion" property (SARIF v2.1.0 section 3.29.5) of a "physicalLocation". This is similar to maybe_make_region_object, but ignores column numbers, covering the line(s) as a whole, and including a "snippet" property embedding those source lines, making it easier for consumers to show the pertinent source.
References BUILTINS_LOCATION, expand_location(), get_finish(), get_pure_location(), get_start(), and maybe_make_artifact_content_object().
Referenced by maybe_make_physical_location_object().
|
private |
If we've seen any CWE IDs, make an array for the "taxonomies" property (SARIF v2.1.0 section 3.14.8) of a run object, containing a single "toolComponent" (3.19) as per 3.19.3, representing the CWE. Otherwise return nullptr.
References maybe_make_cwe_taxonomy_object().
Referenced by make_run_object().
|
inline |
References m_results_array.
| void sarif_builder::on_report_diagnostic | ( | const diagnostic_info & | diagnostic, |
| diagnostic_t | orig_diag_kind, | ||
| diagnostic_sarif_format_buffer * | buffer ) |
Implementation of "on_report_diagnostic" for SARIF output.
References diagnostic_sarif_format_buffer::add_result(), diagnostic_sarif_format_buffer, fnotice(), gcc_assert, m_context, m_cur_group_result, m_invocation_obj, m_next_result_idx, m_printer, make_result_object(), make_stack_from_backtrace(), and pp_output_formatted_text().
|
private |
Populate TFL_OBJ, a "threadFlowLocation" object (SARIF v2.1.0 section 3.38) based on EVENT.
References diagnostic_event::get_meaning(), diagnostic_event::get_stack_depth(), make_location_object(), diagnostic_event::maybe_add_sarif_properties(), maybe_make_kinds_array(), json::object::set(), json::object::set_integer(), and traced_file.
Referenced by make_code_flow_object().
|
private |
If LOGICAL_LOC is non-null, use it to create a "logicalLocations" property within LOCATION_OBJ (SARIF v2.1.0 section 3.28.4) with a minimal logical location object referencing theRuns.logicalLocations (3.33.3).
References gcc_assert, m_logical_loc_mgr, make_minimal_sarif_logical_location(), and json::object::set().
Referenced by make_location_object(), and make_location_object().
|
inline |
References m_printer.
|
inline |
References m_cur_group_result.
|
friend |
References diagnostic_sarif_format_buffer.
Referenced by diagnostic_sarif_format_buffer, and on_report_diagnostic().
|
private |
Referenced by ensure_sarif_logical_location_for(), make_run_object(), and sarif_builder().
|
private |
Referenced by get_context(), get_or_create_artifact(), get_sarif_column(), get_source_lines(), make_driver_tool_component_object(), make_location_object(), make_locations_arr(), make_reporting_descriptor_object_for_warning(), make_result_object(), make_tool_object(), maybe_make_artifact_content_object(), on_report_diagnostic(), and sarif_builder().
|
private |
Referenced by emit_diagram(), end_group(), on_report_diagnostic(), sarif_builder(), and take_current_result().
|
private |
Referenced by get_code_flow_for_event_ids(), make_code_flow_object(), and sarif_builder().
|
private |
Referenced by get_or_create_artifact(), make_run_object(), and ~sarif_builder().
|
private |
Referenced by flush_to_object(), on_report_diagnostic(), and sarif_builder().
|
private |
Referenced by add_any_include_chain(), and sarif_builder().
|
private |
|
private |
Referenced by on_report_diagnostic(), and sarif_builder().
|
private |
Referenced by get_printer(), make_message_object_for_diagram(), make_result_object(), on_report_diagnostic(), sarif_builder(), and set_printer().
|
private |
Referenced by end_group(), flush_to_object(), num_results(), and sarif_builder().
|
private |
Referenced by make_result_object(), and sarif_builder().
|
private |
Referenced by make_driver_tool_component_object(), make_result_object(), and sarif_builder().
|
private |
Referenced by get_opts(), get_version(), and sarif_builder().
|
private |
Referenced by make_artifact_location_object(), make_run_object(), and sarif_builder().
|
private |
Referenced by flush_to_file(), and sarif_builder().
|
private |
Referenced by get_sarif_column(), and sarif_builder().
|
private |
Referenced by get_token_printer(), and sarif_builder().
1.13.2