--- /dev/null
+// Package staticcheck contains a linter for Go source code.
+package staticcheck // import "honnef.co/go/tools/staticcheck"
+
+import (
+ "fmt"
+ "go/ast"
+ "go/constant"
+ "go/token"
+ "go/types"
+ htmltemplate "html/template"
+ "net/http"
+ "reflect"
+ "regexp"
+ "regexp/syntax"
+ "sort"
+ "strconv"
+ "strings"
+ texttemplate "text/template"
+ "unicode"
+
+ . "honnef.co/go/tools/arg"
+ "honnef.co/go/tools/code"
+ "honnef.co/go/tools/deprecated"
+ "honnef.co/go/tools/edit"
+ "honnef.co/go/tools/facts"
+ "honnef.co/go/tools/functions"
+ "honnef.co/go/tools/internal/passes/buildir"
+ "honnef.co/go/tools/internal/sharedcheck"
+ "honnef.co/go/tools/ir"
+ "honnef.co/go/tools/ir/irutil"
+ "honnef.co/go/tools/lint"
+ . "honnef.co/go/tools/lint/lintdsl"
+ "honnef.co/go/tools/pattern"
+ "honnef.co/go/tools/printf"
+ "honnef.co/go/tools/report"
+
+ "golang.org/x/tools/go/analysis"
+ "golang.org/x/tools/go/analysis/passes/inspect"
+ "golang.org/x/tools/go/ast/astutil"
+ "golang.org/x/tools/go/ast/inspector"
+ "golang.org/x/tools/go/types/typeutil"
+)
+
+func checkSortSlice(call *Call) {
+ c := call.Instr.Common().StaticCallee()
+ arg := call.Args[0]
+
+ T := arg.Value.Value.Type().Underlying()
+ switch T.(type) {
+ case *types.Interface:
+ // we don't know.
+ // TODO(dh): if the value is a phi node we can look at its edges
+ if k, ok := arg.Value.Value.(*ir.Const); ok && k.Value == nil {
+ // literal nil, e.g. sort.Sort(nil, ...)
+ arg.Invalid(fmt.Sprintf("cannot call %s on nil literal", c))
+ }
+ case *types.Slice:
+ // this is fine
+ default:
+ // this is not fine
+ arg.Invalid(fmt.Sprintf("%s must only be called on slices, was called on %s", c, T))
+ }
+}
+
+func validRegexp(call *Call) {
+ arg := call.Args[0]
+ err := ValidateRegexp(arg.Value)
+ if err != nil {
+ arg.Invalid(err.Error())
+ }
+}
+
+type runeSlice []rune
+
+func (rs runeSlice) Len() int { return len(rs) }
+func (rs runeSlice) Less(i int, j int) bool { return rs[i] < rs[j] }
+func (rs runeSlice) Swap(i int, j int) { rs[i], rs[j] = rs[j], rs[i] }
+
+func utf8Cutset(call *Call) {
+ arg := call.Args[1]
+ if InvalidUTF8(arg.Value) {
+ arg.Invalid(MsgInvalidUTF8)
+ }
+}
+
+func uniqueCutset(call *Call) {
+ arg := call.Args[1]
+ if !UniqueStringCutset(arg.Value) {
+ arg.Invalid(MsgNonUniqueCutset)
+ }
+}
+
+func unmarshalPointer(name string, arg int) CallCheck {
+ return func(call *Call) {
+ if !Pointer(call.Args[arg].Value) {
+ call.Args[arg].Invalid(fmt.Sprintf("%s expects to unmarshal into a pointer, but the provided value is not a pointer", name))
+ }
+ }
+}
+
+func pointlessIntMath(call *Call) {
+ if ConvertedFromInt(call.Args[0].Value) {
+ call.Invalid(fmt.Sprintf("calling %s on a converted integer is pointless", code.CallName(call.Instr.Common())))
+ }
+}
+
+func checkValidHostPort(arg int) CallCheck {
+ return func(call *Call) {
+ if !ValidHostPort(call.Args[arg].Value) {
+ call.Args[arg].Invalid(MsgInvalidHostPort)
+ }
+ }
+}
+
+var (
+ checkRegexpRules = map[string]CallCheck{
+ "regexp.MustCompile": validRegexp,
+ "regexp.Compile": validRegexp,
+ "regexp.Match": validRegexp,
+ "regexp.MatchReader": validRegexp,
+ "regexp.MatchString": validRegexp,
+ }
+
+ checkTimeParseRules = map[string]CallCheck{
+ "time.Parse": func(call *Call) {
+ arg := call.Args[Arg("time.Parse.layout")]
+ err := ValidateTimeLayout(arg.Value)
+ if err != nil {
+ arg.Invalid(err.Error())
+ }
+ },
+ }
+
+ checkEncodingBinaryRules = map[string]CallCheck{
+ "encoding/binary.Write": func(call *Call) {
+ arg := call.Args[Arg("encoding/binary.Write.data")]
+ if !CanBinaryMarshal(call.Pass, arg.Value) {
+ arg.Invalid(fmt.Sprintf("value of type %s cannot be used with binary.Write", arg.Value.Value.Type()))
+ }
+ },
+ }
+
+ checkURLsRules = map[string]CallCheck{
+ "net/url.Parse": func(call *Call) {
+ arg := call.Args[Arg("net/url.Parse.rawurl")]
+ err := ValidateURL(arg.Value)
+ if err != nil {
+ arg.Invalid(err.Error())
+ }
+ },
+ }
+
+ checkSyncPoolValueRules = map[string]CallCheck{
+ "(*sync.Pool).Put": func(call *Call) {
+ arg := call.Args[Arg("(*sync.Pool).Put.x")]
+ typ := arg.Value.Value.Type()
+ if !code.IsPointerLike(typ) {
+ arg.Invalid("argument should be pointer-like to avoid allocations")
+ }
+ },
+ }
+
+ checkRegexpFindAllRules = map[string]CallCheck{
+ "(*regexp.Regexp).FindAll": RepeatZeroTimes("a FindAll method", 1),
+ "(*regexp.Regexp).FindAllIndex": RepeatZeroTimes("a FindAll method", 1),
+ "(*regexp.Regexp).FindAllString": RepeatZeroTimes("a FindAll method", 1),
+ "(*regexp.Regexp).FindAllStringIndex": RepeatZeroTimes("a FindAll method", 1),
+ "(*regexp.Regexp).FindAllStringSubmatch": RepeatZeroTimes("a FindAll method", 1),
+ "(*regexp.Regexp).FindAllStringSubmatchIndex": RepeatZeroTimes("a FindAll method", 1),
+ "(*regexp.Regexp).FindAllSubmatch": RepeatZeroTimes("a FindAll method", 1),
+ "(*regexp.Regexp).FindAllSubmatchIndex": RepeatZeroTimes("a FindAll method", 1),
+ }
+
+ checkUTF8CutsetRules = map[string]CallCheck{
+ "strings.IndexAny": utf8Cutset,
+ "strings.LastIndexAny": utf8Cutset,
+ "strings.ContainsAny": utf8Cutset,
+ "strings.Trim": utf8Cutset,
+ "strings.TrimLeft": utf8Cutset,
+ "strings.TrimRight": utf8Cutset,
+ }
+
+ checkUniqueCutsetRules = map[string]CallCheck{
+ "strings.Trim": uniqueCutset,
+ "strings.TrimLeft": uniqueCutset,
+ "strings.TrimRight": uniqueCutset,
+ }
+
+ checkUnmarshalPointerRules = map[string]CallCheck{
+ "encoding/xml.Unmarshal": unmarshalPointer("xml.Unmarshal", 1),
+ "(*encoding/xml.Decoder).Decode": unmarshalPointer("Decode", 0),
+ "(*encoding/xml.Decoder).DecodeElement": unmarshalPointer("DecodeElement", 0),
+ "encoding/json.Unmarshal": unmarshalPointer("json.Unmarshal", 1),
+ "(*encoding/json.Decoder).Decode": unmarshalPointer("Decode", 0),
+ }
+
+ checkUnbufferedSignalChanRules = map[string]CallCheck{
+ "os/signal.Notify": func(call *Call) {
+ arg := call.Args[Arg("os/signal.Notify.c")]
+ if UnbufferedChannel(arg.Value) {
+ arg.Invalid("the channel used with signal.Notify should be buffered")
+ }
+ },
+ }
+
+ checkMathIntRules = map[string]CallCheck{
+ "math.Ceil": pointlessIntMath,
+ "math.Floor": pointlessIntMath,
+ "math.IsNaN": pointlessIntMath,
+ "math.Trunc": pointlessIntMath,
+ "math.IsInf": pointlessIntMath,
+ }
+
+ checkStringsReplaceZeroRules = map[string]CallCheck{
+ "strings.Replace": RepeatZeroTimes("strings.Replace", 3),
+ "bytes.Replace": RepeatZeroTimes("bytes.Replace", 3),
+ }
+
+ checkListenAddressRules = map[string]CallCheck{
+ "net/http.ListenAndServe": checkValidHostPort(0),
+ "net/http.ListenAndServeTLS": checkValidHostPort(0),
+ }
+
+ checkBytesEqualIPRules = map[string]CallCheck{
+ "bytes.Equal": func(call *Call) {
+ if ConvertedFrom(call.Args[Arg("bytes.Equal.a")].Value, "net.IP") &&
+ ConvertedFrom(call.Args[Arg("bytes.Equal.b")].Value, "net.IP") {
+ call.Invalid("use net.IP.Equal to compare net.IPs, not bytes.Equal")
+ }
+ },
+ }
+
+ checkRegexpMatchLoopRules = map[string]CallCheck{
+ "regexp.Match": loopedRegexp("regexp.Match"),
+ "regexp.MatchReader": loopedRegexp("regexp.MatchReader"),
+ "regexp.MatchString": loopedRegexp("regexp.MatchString"),
+ }
+
+ checkNoopMarshal = map[string]CallCheck{
+ // TODO(dh): should we really flag XML? Even an empty struct
+ // produces a non-zero amount of data, namely its type name.
+ // Let's see if we encounter any false positives.
+ //
+ // Also, should we flag gob?
+ "encoding/json.Marshal": checkNoopMarshalImpl(Arg("json.Marshal.v"), "MarshalJSON", "MarshalText"),
+ "encoding/xml.Marshal": checkNoopMarshalImpl(Arg("xml.Marshal.v"), "MarshalXML", "MarshalText"),
+ "(*encoding/json.Encoder).Encode": checkNoopMarshalImpl(Arg("(*encoding/json.Encoder).Encode.v"), "MarshalJSON", "MarshalText"),
+ "(*encoding/xml.Encoder).Encode": checkNoopMarshalImpl(Arg("(*encoding/xml.Encoder).Encode.v"), "MarshalXML", "MarshalText"),
+
+ "encoding/json.Unmarshal": checkNoopMarshalImpl(Arg("json.Unmarshal.v"), "UnmarshalJSON", "UnmarshalText"),
+ "encoding/xml.Unmarshal": checkNoopMarshalImpl(Arg("xml.Unmarshal.v"), "UnmarshalXML", "UnmarshalText"),
+ "(*encoding/json.Decoder).Decode": checkNoopMarshalImpl(Arg("(*encoding/json.Decoder).Decode.v"), "UnmarshalJSON", "UnmarshalText"),
+ "(*encoding/xml.Decoder).Decode": checkNoopMarshalImpl(Arg("(*encoding/xml.Decoder).Decode.v"), "UnmarshalXML", "UnmarshalText"),
+ }
+
+ checkUnsupportedMarshal = map[string]CallCheck{
+ "encoding/json.Marshal": checkUnsupportedMarshalImpl(Arg("json.Marshal.v"), "json", "MarshalJSON", "MarshalText"),
+ "encoding/xml.Marshal": checkUnsupportedMarshalImpl(Arg("xml.Marshal.v"), "xml", "MarshalXML", "MarshalText"),
+ "(*encoding/json.Encoder).Encode": checkUnsupportedMarshalImpl(Arg("(*encoding/json.Encoder).Encode.v"), "json", "MarshalJSON", "MarshalText"),
+ "(*encoding/xml.Encoder).Encode": checkUnsupportedMarshalImpl(Arg("(*encoding/xml.Encoder).Encode.v"), "xml", "MarshalXML", "MarshalText"),
+ }
+
+ checkAtomicAlignment = map[string]CallCheck{
+ "sync/atomic.AddInt64": checkAtomicAlignmentImpl,
+ "sync/atomic.AddUint64": checkAtomicAlignmentImpl,
+ "sync/atomic.CompareAndSwapInt64": checkAtomicAlignmentImpl,
+ "sync/atomic.CompareAndSwapUint64": checkAtomicAlignmentImpl,
+ "sync/atomic.LoadInt64": checkAtomicAlignmentImpl,
+ "sync/atomic.LoadUint64": checkAtomicAlignmentImpl,
+ "sync/atomic.StoreInt64": checkAtomicAlignmentImpl,
+ "sync/atomic.StoreUint64": checkAtomicAlignmentImpl,
+ "sync/atomic.SwapInt64": checkAtomicAlignmentImpl,
+ "sync/atomic.SwapUint64": checkAtomicAlignmentImpl,
+ }
+
+ // TODO(dh): detect printf wrappers
+ checkPrintfRules = map[string]CallCheck{
+ "fmt.Errorf": func(call *Call) { checkPrintfCall(call, 0, 1) },
+ "fmt.Printf": func(call *Call) { checkPrintfCall(call, 0, 1) },
+ "fmt.Sprintf": func(call *Call) { checkPrintfCall(call, 0, 1) },
+ "fmt.Fprintf": func(call *Call) { checkPrintfCall(call, 1, 2) },
+ "golang.org/x/xerrors.Errorf": func(call *Call) { checkPrintfCall(call, 0, 1) },
+ }
+
+ checkSortSliceRules = map[string]CallCheck{
+ "sort.Slice": checkSortSlice,
+ "sort.SliceIsSorted": checkSortSlice,
+ "sort.SliceStable": checkSortSlice,
+ }
+
+ checkWithValueKeyRules = map[string]CallCheck{
+ "context.WithValue": checkWithValueKey,
+ }
+)
+
+func checkPrintfCall(call *Call, fIdx, vIdx int) {
+ f := call.Args[fIdx]
+ var args []ir.Value
+ switch v := call.Args[vIdx].Value.Value.(type) {
+ case *ir.Slice:
+ var ok bool
+ args, ok = irutil.Vararg(v)
+ if !ok {
+ // We don't know what the actual arguments to the function are
+ return
+ }
+ case *ir.Const:
+ // nil, i.e. no arguments
+ default:
+ // We don't know what the actual arguments to the function are
+ return
+ }
+ checkPrintfCallImpl(f, f.Value.Value, args)
+}
+
+type verbFlag int
+
+const (
+ isInt verbFlag = 1 << iota
+ isBool
+ isFP
+ isString
+ isPointer
+ // Verbs that accept "pseudo pointers" will sometimes dereference
+ // non-nil pointers. For example, %x on a non-nil *struct will print the
+ // individual fields, but on a nil pointer it will print the address.
+ isPseudoPointer
+ isSlice
+ isAny
+ noRecurse
+)
+
+var verbs = [...]verbFlag{
+ 'b': isPseudoPointer | isInt | isFP,
+ 'c': isInt,
+ 'd': isPseudoPointer | isInt,
+ 'e': isFP,
+ 'E': isFP,
+ 'f': isFP,
+ 'F': isFP,
+ 'g': isFP,
+ 'G': isFP,
+ 'o': isPseudoPointer | isInt,
+ 'O': isPseudoPointer | isInt,
+ 'p': isSlice | isPointer | noRecurse,
+ 'q': isInt | isString,
+ 's': isString,
+ 't': isBool,
+ 'T': isAny,
+ 'U': isInt,
+ 'v': isAny,
+ 'X': isPseudoPointer | isInt | isFP | isString,
+ 'x': isPseudoPointer | isInt | isFP | isString,
+}
+
+func checkPrintfCallImpl(carg *Argument, f ir.Value, args []ir.Value) {
+ var msCache *typeutil.MethodSetCache
+ if f.Parent() != nil {
+ msCache = &f.Parent().Prog.MethodSets
+ }
+
+ elem := func(T types.Type, verb rune) ([]types.Type, bool) {
+ if verbs[verb]&noRecurse != 0 {
+ return []types.Type{T}, false
+ }
+ switch T := T.(type) {
+ case *types.Slice:
+ if verbs[verb]&isSlice != 0 {
+ return []types.Type{T}, false
+ }
+ if verbs[verb]&isString != 0 && code.IsType(T.Elem().Underlying(), "byte") {
+ return []types.Type{T}, false
+ }
+ return []types.Type{T.Elem()}, true
+ case *types.Map:
+ key := T.Key()
+ val := T.Elem()
+ return []types.Type{key, val}, true
+ case *types.Struct:
+ out := make([]types.Type, 0, T.NumFields())
+ for i := 0; i < T.NumFields(); i++ {
+ out = append(out, T.Field(i).Type())
+ }
+ return out, true
+ case *types.Array:
+ return []types.Type{T.Elem()}, true
+ default:
+ return []types.Type{T}, false
+ }
+ }
+ isInfo := func(T types.Type, info types.BasicInfo) bool {
+ basic, ok := T.Underlying().(*types.Basic)
+ return ok && basic.Info()&info != 0
+ }
+
+ isStringer := func(T types.Type, ms *types.MethodSet) bool {
+ sel := ms.Lookup(nil, "String")
+ if sel == nil {
+ return false
+ }
+ fn, ok := sel.Obj().(*types.Func)
+ if !ok {
+ // should be unreachable
+ return false
+ }
+ sig := fn.Type().(*types.Signature)
+ if sig.Params().Len() != 0 {
+ return false
+ }
+ if sig.Results().Len() != 1 {
+ return false
+ }
+ if !code.IsType(sig.Results().At(0).Type(), "string") {
+ return false
+ }
+ return true
+ }
+ isError := func(T types.Type, ms *types.MethodSet) bool {
+ sel := ms.Lookup(nil, "Error")
+ if sel == nil {
+ return false
+ }
+ fn, ok := sel.Obj().(*types.Func)
+ if !ok {
+ // should be unreachable
+ return false
+ }
+ sig := fn.Type().(*types.Signature)
+ if sig.Params().Len() != 0 {
+ return false
+ }
+ if sig.Results().Len() != 1 {
+ return false
+ }
+ if !code.IsType(sig.Results().At(0).Type(), "string") {
+ return false
+ }
+ return true
+ }
+
+ isFormatter := func(T types.Type, ms *types.MethodSet) bool {
+ sel := ms.Lookup(nil, "Format")
+ if sel == nil {
+ return false
+ }
+ fn, ok := sel.Obj().(*types.Func)
+ if !ok {
+ // should be unreachable
+ return false
+ }
+ sig := fn.Type().(*types.Signature)
+ if sig.Params().Len() != 2 {
+ return false
+ }
+ // TODO(dh): check the types of the arguments for more
+ // precision
+ if sig.Results().Len() != 0 {
+ return false
+ }
+ return true
+ }
+
+ seen := map[types.Type]bool{}
+ var checkType func(verb rune, T types.Type, top bool) bool
+ checkType = func(verb rune, T types.Type, top bool) bool {
+ if top {
+ for k := range seen {
+ delete(seen, k)
+ }
+ }
+ if seen[T] {
+ return true
+ }
+ seen[T] = true
+ if int(verb) >= len(verbs) {
+ // Unknown verb
+ return true
+ }
+
+ flags := verbs[verb]
+ if flags == 0 {
+ // Unknown verb
+ return true
+ }
+
+ ms := msCache.MethodSet(T)
+ if isFormatter(T, ms) {
+ // the value is responsible for formatting itself
+ return true
+ }
+
+ if flags&isString != 0 && (isStringer(T, ms) || isError(T, ms)) {
+ // Check for stringer early because we're about to dereference
+ return true
+ }
+
+ T = T.Underlying()
+ if flags&(isPointer|isPseudoPointer) == 0 && top {
+ T = code.Dereference(T)
+ }
+ if flags&isPseudoPointer != 0 && top {
+ t := code.Dereference(T)
+ if _, ok := t.Underlying().(*types.Struct); ok {
+ T = t
+ }
+ }
+
+ if _, ok := T.(*types.Interface); ok {
+ // We don't know what's in the interface
+ return true
+ }
+
+ var info types.BasicInfo
+ if flags&isInt != 0 {
+ info |= types.IsInteger
+ }
+ if flags&isBool != 0 {
+ info |= types.IsBoolean
+ }
+ if flags&isFP != 0 {
+ info |= types.IsFloat | types.IsComplex
+ }
+ if flags&isString != 0 {
+ info |= types.IsString
+ }
+
+ if info != 0 && isInfo(T, info) {
+ return true
+ }
+
+ if flags&isString != 0 && (code.IsType(T, "[]byte") || isStringer(T, ms) || isError(T, ms)) {
+ return true
+ }
+
+ if flags&isPointer != 0 && code.IsPointerLike(T) {
+ return true
+ }
+ if flags&isPseudoPointer != 0 {
+ switch U := T.Underlying().(type) {
+ case *types.Pointer:
+ if !top {
+ return true
+ }
+
+ if _, ok := U.Elem().Underlying().(*types.Struct); !ok {
+ // TODO(dh): can this condition ever be false? For
+ // *T, if T is a struct, we'll already have
+ // dereferenced it, meaning the *types.Pointer
+ // branch couldn't have been taken. For T that
+ // aren't structs, this condition will always
+ // evaluate to true.
+ return true
+ }
+ case *types.Chan, *types.Signature:
+ // Channels and functions are always treated as
+ // pointers and never recursed into.
+ return true
+ case *types.Basic:
+ if U.Kind() == types.UnsafePointer {
+ return true
+ }
+ case *types.Interface:
+ // we will already have bailed if the type is an
+ // interface.
+ panic("unreachable")
+ default:
+ // other pointer-like types, such as maps or slices,
+ // will be printed element-wise.
+ }
+ }
+
+ if flags&isSlice != 0 {
+ if _, ok := T.(*types.Slice); ok {
+ return true
+ }
+ }
+
+ if flags&isAny != 0 {
+ return true
+ }
+
+ elems, ok := elem(T.Underlying(), verb)
+ if !ok {
+ return false
+ }
+ for _, elem := range elems {
+ if !checkType(verb, elem, false) {
+ return false
+ }
+ }
+
+ return true
+ }
+
+ k, ok := f.(*ir.Const)
+ if !ok {
+ return
+ }
+ actions, err := printf.Parse(constant.StringVal(k.Value))
+ if err != nil {
+ carg.Invalid("couldn't parse format string")
+ return
+ }
+
+ ptr := 1
+ hasExplicit := false
+
+ checkStar := func(verb printf.Verb, star printf.Argument) bool {
+ if star, ok := star.(printf.Star); ok {
+ idx := 0
+ if star.Index == -1 {
+ idx = ptr
+ ptr++
+ } else {
+ hasExplicit = true
+ idx = star.Index
+ ptr = star.Index + 1
+ }
+ if idx == 0 {
+ carg.Invalid(fmt.Sprintf("Printf format %s reads invalid arg 0; indices are 1-based", verb.Raw))
+ return false
+ }
+ if idx > len(args) {
+ carg.Invalid(
+ fmt.Sprintf("Printf format %s reads arg #%d, but call has only %d args",
+ verb.Raw, idx, len(args)))
+ return false
+ }
+ if arg, ok := args[idx-1].(*ir.MakeInterface); ok {
+ if !isInfo(arg.X.Type(), types.IsInteger) {
+ carg.Invalid(fmt.Sprintf("Printf format %s reads non-int arg #%d as argument of *", verb.Raw, idx))
+ }
+ }
+ }
+ return true
+ }
+
+ // We only report one problem per format string. Making a
+ // mistake with an index tends to invalidate all future
+ // implicit indices.
+ for _, action := range actions {
+ verb, ok := action.(printf.Verb)
+ if !ok {
+ continue
+ }
+
+ if !checkStar(verb, verb.Width) || !checkStar(verb, verb.Precision) {
+ return
+ }
+
+ off := ptr
+ if verb.Value != -1 {
+ hasExplicit = true
+ off = verb.Value
+ }
+ if off > len(args) {
+ carg.Invalid(
+ fmt.Sprintf("Printf format %s reads arg #%d, but call has only %d args",
+ verb.Raw, off, len(args)))
+ return
+ } else if verb.Value == 0 && verb.Letter != '%' {
+ carg.Invalid(fmt.Sprintf("Printf format %s reads invalid arg 0; indices are 1-based", verb.Raw))
+ return
+ } else if off != 0 {
+ arg, ok := args[off-1].(*ir.MakeInterface)
+ if ok {
+ if !checkType(verb.Letter, arg.X.Type(), true) {
+ carg.Invalid(fmt.Sprintf("Printf format %s has arg #%d of wrong type %s",
+ verb.Raw, ptr, args[ptr-1].(*ir.MakeInterface).X.Type()))
+ return
+ }
+ }
+ }
+
+ switch verb.Value {
+ case -1:
+ // Consume next argument
+ ptr++
+ case 0:
+ // Don't consume any arguments
+ default:
+ ptr = verb.Value + 1
+ }
+ }
+
+ if !hasExplicit && ptr <= len(args) {
+ carg.Invalid(fmt.Sprintf("Printf call needs %d args but has %d args", ptr-1, len(args)))
+ }
+}
+
+func checkAtomicAlignmentImpl(call *Call) {
+ sizes := call.Pass.TypesSizes
+ if sizes.Sizeof(types.Typ[types.Uintptr]) != 4 {
+ // Not running on a 32-bit platform
+ return
+ }
+ v, ok := call.Args[0].Value.Value.(*ir.FieldAddr)
+ if !ok {
+ // TODO(dh): also check indexing into arrays and slices
+ return
+ }
+ T := v.X.Type().Underlying().(*types.Pointer).Elem().Underlying().(*types.Struct)
+ fields := make([]*types.Var, 0, T.NumFields())
+ for i := 0; i < T.NumFields() && i <= v.Field; i++ {
+ fields = append(fields, T.Field(i))
+ }
+
+ off := sizes.Offsetsof(fields)[v.Field]
+ if off%8 != 0 {
+ msg := fmt.Sprintf("address of non 64-bit aligned field %s passed to %s",
+ T.Field(v.Field).Name(),
+ code.CallName(call.Instr.Common()))
+ call.Invalid(msg)
+ }
+}
+
+func checkNoopMarshalImpl(argN int, meths ...string) CallCheck {
+ return func(call *Call) {
+ if code.IsGenerated(call.Pass, call.Instr.Pos()) {
+ return
+ }
+ arg := call.Args[argN]
+ T := arg.Value.Value.Type()
+ Ts, ok := code.Dereference(T).Underlying().(*types.Struct)
+ if !ok {
+ return
+ }
+ if Ts.NumFields() == 0 {
+ return
+ }
+ fields := code.FlattenFields(Ts)
+ for _, field := range fields {
+ if field.Var.Exported() {
+ return
+ }
+ }
+ // OPT(dh): we could use a method set cache here
+ ms := call.Instr.Parent().Prog.MethodSets.MethodSet(T)
+ // TODO(dh): we're not checking the signature, which can cause false negatives.
+ // This isn't a huge problem, however, since vet complains about incorrect signatures.
+ for _, meth := range meths {
+ if ms.Lookup(nil, meth) != nil {
+ return
+ }
+ }
+ arg.Invalid("struct doesn't have any exported fields, nor custom marshaling")
+ }
+}
+
+func checkUnsupportedMarshalImpl(argN int, tag string, meths ...string) CallCheck {
+ // TODO(dh): flag slices and maps of unsupported types
+ return func(call *Call) {
+ msCache := &call.Instr.Parent().Prog.MethodSets
+
+ arg := call.Args[argN]
+ T := arg.Value.Value.Type()
+ Ts, ok := code.Dereference(T).Underlying().(*types.Struct)
+ if !ok {
+ return
+ }
+ ms := msCache.MethodSet(T)
+ // TODO(dh): we're not checking the signature, which can cause false negatives.
+ // This isn't a huge problem, however, since vet complains about incorrect signatures.
+ for _, meth := range meths {
+ if ms.Lookup(nil, meth) != nil {
+ return
+ }
+ }
+ fields := code.FlattenFields(Ts)
+ for _, field := range fields {
+ if !(field.Var.Exported()) {
+ continue
+ }
+ if reflect.StructTag(field.Tag).Get(tag) == "-" {
+ continue
+ }
+ ms := msCache.MethodSet(field.Var.Type())
+ // TODO(dh): we're not checking the signature, which can cause false negatives.
+ // This isn't a huge problem, however, since vet complains about incorrect signatures.
+ for _, meth := range meths {
+ if ms.Lookup(nil, meth) != nil {
+ return
+ }
+ }
+ switch field.Var.Type().Underlying().(type) {
+ case *types.Chan, *types.Signature:
+ arg.Invalid(fmt.Sprintf("trying to marshal chan or func value, field %s", fieldPath(T, field.Path)))
+ }
+ }
+ }
+}
+
+func fieldPath(start types.Type, indices []int) string {
+ p := start.String()
+ for _, idx := range indices {
+ field := code.Dereference(start).Underlying().(*types.Struct).Field(idx)
+ start = field.Type()
+ p += "." + field.Name()
+ }
+ return p
+}
+
+func isInLoop(b *ir.BasicBlock) bool {
+ sets := functions.FindLoops(b.Parent())
+ for _, set := range sets {
+ if set.Has(b) {
+ return true
+ }
+ }
+ return false
+}
+
+func CheckUntrappableSignal(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ call := node.(*ast.CallExpr)
+ if !code.IsCallToAnyAST(pass, call,
+ "os/signal.Ignore", "os/signal.Notify", "os/signal.Reset") {
+ return
+ }
+
+ hasSigterm := false
+ for _, arg := range call.Args {
+ if conv, ok := arg.(*ast.CallExpr); ok && isName(pass, conv.Fun, "os.Signal") {
+ arg = conv.Args[0]
+ }
+
+ if isName(pass, arg, "syscall.SIGTERM") {
+ hasSigterm = true
+ break
+ }
+
+ }
+ for i, arg := range call.Args {
+ if conv, ok := arg.(*ast.CallExpr); ok && isName(pass, conv.Fun, "os.Signal") {
+ arg = conv.Args[0]
+ }
+
+ if isName(pass, arg, "os.Kill") || isName(pass, arg, "syscall.SIGKILL") {
+ var fixes []analysis.SuggestedFix
+ if !hasSigterm {
+ nargs := make([]ast.Expr, len(call.Args))
+ for j, a := range call.Args {
+ if i == j {
+ nargs[j] = Selector("syscall", "SIGTERM")
+ } else {
+ nargs[j] = a
+ }
+ }
+ ncall := *call
+ ncall.Args = nargs
+ fixes = append(fixes, edit.Fix(fmt.Sprintf("use syscall.SIGTERM instead of %s", report.Render(pass, arg)), edit.ReplaceWithNode(pass.Fset, call, &ncall)))
+ }
+ nargs := make([]ast.Expr, 0, len(call.Args))
+ for j, a := range call.Args {
+ if i == j {
+ continue
+ }
+ nargs = append(nargs, a)
+ }
+ ncall := *call
+ ncall.Args = nargs
+ fixes = append(fixes, edit.Fix(fmt.Sprintf("remove %s from list of arguments", report.Render(pass, arg)), edit.ReplaceWithNode(pass.Fset, call, &ncall)))
+ report.Report(pass, arg, fmt.Sprintf("%s cannot be trapped (did you mean syscall.SIGTERM?)", report.Render(pass, arg)), report.Fixes(fixes...))
+ }
+ if isName(pass, arg, "syscall.SIGSTOP") {
+ nargs := make([]ast.Expr, 0, len(call.Args)-1)
+ for j, a := range call.Args {
+ if i == j {
+ continue
+ }
+ nargs = append(nargs, a)
+ }
+ ncall := *call
+ ncall.Args = nargs
+ report.Report(pass, arg, "syscall.SIGSTOP cannot be trapped", report.Fixes(edit.Fix("remove syscall.SIGSTOP from list of arguments", edit.ReplaceWithNode(pass.Fset, call, &ncall))))
+ }
+ }
+ }
+ code.Preorder(pass, fn, (*ast.CallExpr)(nil))
+ return nil, nil
+}
+
+func CheckTemplate(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ call := node.(*ast.CallExpr)
+ var kind string
+ switch code.CallNameAST(pass, call) {
+ case "(*text/template.Template).Parse":
+ kind = "text"
+ case "(*html/template.Template).Parse":
+ kind = "html"
+ default:
+ return
+ }
+ sel := call.Fun.(*ast.SelectorExpr)
+ if !code.IsCallToAnyAST(pass, sel.X, "text/template.New", "html/template.New") {
+ // TODO(dh): this is a cheap workaround for templates with
+ // different delims. A better solution with less false
+ // negatives would use data flow analysis to see where the
+ // template comes from and where it has been
+ return
+ }
+ s, ok := code.ExprToString(pass, call.Args[Arg("(*text/template.Template).Parse.text")])
+ if !ok {
+ return
+ }
+ var err error
+ switch kind {
+ case "text":
+ _, err = texttemplate.New("").Parse(s)
+ case "html":
+ _, err = htmltemplate.New("").Parse(s)
+ }
+ if err != nil {
+ // TODO(dominikh): whitelist other parse errors, if any
+ if strings.Contains(err.Error(), "unexpected") {
+ report.Report(pass, call.Args[Arg("(*text/template.Template).Parse.text")], err.Error())
+ }
+ }
+ }
+ code.Preorder(pass, fn, (*ast.CallExpr)(nil))
+ return nil, nil
+}
+
+var (
+ checkTimeSleepConstantPatternRns = pattern.MustParse(`(BinaryExpr duration "*" (SelectorExpr (Ident "time") (Ident "Nanosecond")))`)
+ checkTimeSleepConstantPatternRs = pattern.MustParse(`(BinaryExpr duration "*" (SelectorExpr (Ident "time") (Ident "Second")))`)
+)
+
+func CheckTimeSleepConstant(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ call := node.(*ast.CallExpr)
+ if !code.IsCallToAST(pass, call, "time.Sleep") {
+ return
+ }
+ lit, ok := call.Args[Arg("time.Sleep.d")].(*ast.BasicLit)
+ if !ok {
+ return
+ }
+ n, err := strconv.Atoi(lit.Value)
+ if err != nil {
+ return
+ }
+ if n == 0 || n > 120 {
+ // time.Sleep(0) is a seldom used pattern in concurrency
+ // tests. >120 might be intentional. 120 was chosen
+ // because the user could've meant 2 minutes.
+ return
+ }
+
+ report.Report(pass, lit,
+ fmt.Sprintf("sleeping for %d nanoseconds is probably a bug; be explicit if it isn't", n), report.Fixes(
+ edit.Fix("explicitly use nanoseconds", edit.ReplaceWithPattern(pass, checkTimeSleepConstantPatternRns, pattern.State{"duration": lit}, lit)),
+ edit.Fix("use seconds", edit.ReplaceWithPattern(pass, checkTimeSleepConstantPatternRs, pattern.State{"duration": lit}, lit))))
+ }
+ code.Preorder(pass, fn, (*ast.CallExpr)(nil))
+ return nil, nil
+}
+
+var checkWaitgroupAddQ = pattern.MustParse(`
+ (GoStmt
+ (CallExpr
+ (FuncLit
+ _
+ call@(CallExpr (Function "(*sync.WaitGroup).Add") _):_) _))`)
+
+func CheckWaitgroupAdd(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ if m, ok := Match(pass, checkWaitgroupAddQ, node); ok {
+ call := m.State["call"].(ast.Node)
+ report.Report(pass, call, fmt.Sprintf("should call %s before starting the goroutine to avoid a race", report.Render(pass, call)))
+ }
+ }
+ code.Preorder(pass, fn, (*ast.GoStmt)(nil))
+ return nil, nil
+}
+
+func CheckInfiniteEmptyLoop(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ loop := node.(*ast.ForStmt)
+ if len(loop.Body.List) != 0 || loop.Post != nil {
+ return
+ }
+
+ if loop.Init != nil {
+ // TODO(dh): this isn't strictly necessary, it just makes
+ // the check easier.
+ return
+ }
+ // An empty loop is bad news in two cases: 1) The loop has no
+ // condition. In that case, it's just a loop that spins
+ // forever and as fast as it can, keeping a core busy. 2) The
+ // loop condition only consists of variable or field reads and
+ // operators on those. The only way those could change their
+ // value is with unsynchronised access, which constitutes a
+ // data race.
+ //
+ // If the condition contains any function calls, its behaviour
+ // is dynamic and the loop might terminate. Similarly for
+ // channel receives.
+
+ if loop.Cond != nil {
+ if code.MayHaveSideEffects(pass, loop.Cond, nil) {
+ return
+ }
+ if ident, ok := loop.Cond.(*ast.Ident); ok {
+ if k, ok := pass.TypesInfo.ObjectOf(ident).(*types.Const); ok {
+ if !constant.BoolVal(k.Val()) {
+ // don't flag `for false {}` loops. They're a debug aid.
+ return
+ }
+ }
+ }
+ report.Report(pass, loop, "loop condition never changes or has a race condition")
+ }
+ report.Report(pass, loop, "this loop will spin, using 100%% CPU", report.ShortRange())
+ }
+ code.Preorder(pass, fn, (*ast.ForStmt)(nil))
+ return nil, nil
+}
+
+func CheckDeferInInfiniteLoop(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ mightExit := false
+ var defers []ast.Stmt
+ loop := node.(*ast.ForStmt)
+ if loop.Cond != nil {
+ return
+ }
+ fn2 := func(node ast.Node) bool {
+ switch stmt := node.(type) {
+ case *ast.ReturnStmt:
+ mightExit = true
+ return false
+ case *ast.BranchStmt:
+ // TODO(dominikh): if this sees a break in a switch or
+ // select, it doesn't check if it breaks the loop or
+ // just the select/switch. This causes some false
+ // negatives.
+ if stmt.Tok == token.BREAK {
+ mightExit = true
+ return false
+ }
+ case *ast.DeferStmt:
+ defers = append(defers, stmt)
+ case *ast.FuncLit:
+ // Don't look into function bodies
+ return false
+ }
+ return true
+ }
+ ast.Inspect(loop.Body, fn2)
+ if mightExit {
+ return
+ }
+ for _, stmt := range defers {
+ report.Report(pass, stmt, "defers in this infinite loop will never run")
+ }
+ }
+ code.Preorder(pass, fn, (*ast.ForStmt)(nil))
+ return nil, nil
+}
+
+func CheckDubiousDeferInChannelRangeLoop(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ loop := node.(*ast.RangeStmt)
+ typ := pass.TypesInfo.TypeOf(loop.X)
+ _, ok := typ.Underlying().(*types.Chan)
+ if !ok {
+ return
+ }
+ fn2 := func(node ast.Node) bool {
+ switch stmt := node.(type) {
+ case *ast.DeferStmt:
+ report.Report(pass, stmt, "defers in this range loop won't run unless the channel gets closed")
+ case *ast.FuncLit:
+ // Don't look into function bodies
+ return false
+ }
+ return true
+ }
+ ast.Inspect(loop.Body, fn2)
+ }
+ code.Preorder(pass, fn, (*ast.RangeStmt)(nil))
+ return nil, nil
+}
+
+func CheckTestMainExit(pass *analysis.Pass) (interface{}, error) {
+ var (
+ fnmain ast.Node
+ callsExit bool
+ callsRun bool
+ arg types.Object
+ )
+ fn := func(node ast.Node, push bool) bool {
+ if !push {
+ if fnmain != nil && node == fnmain {
+ if !callsExit && callsRun {
+ report.Report(pass, fnmain, "TestMain should call os.Exit to set exit code")
+ }
+ fnmain = nil
+ callsExit = false
+ callsRun = false
+ arg = nil
+ }
+ return true
+ }
+
+ switch node := node.(type) {
+ case *ast.FuncDecl:
+ if fnmain != nil {
+ return true
+ }
+ if !isTestMain(pass, node) {
+ return false
+ }
+ fnmain = node
+ arg = pass.TypesInfo.ObjectOf(node.Type.Params.List[0].Names[0])
+ return true
+ case *ast.CallExpr:
+ if code.IsCallToAST(pass, node, "os.Exit") {
+ callsExit = true
+ return false
+ }
+ sel, ok := node.Fun.(*ast.SelectorExpr)
+ if !ok {
+ return true
+ }
+ ident, ok := sel.X.(*ast.Ident)
+ if !ok {
+ return true
+ }
+ if arg != pass.TypesInfo.ObjectOf(ident) {
+ return true
+ }
+ if sel.Sel.Name == "Run" {
+ callsRun = true
+ return false
+ }
+ return true
+ default:
+ ExhaustiveTypeSwitch(node)
+ return true
+ }
+ }
+ pass.ResultOf[inspect.Analyzer].(*inspector.Inspector).Nodes([]ast.Node{(*ast.FuncDecl)(nil), (*ast.CallExpr)(nil)}, fn)
+ return nil, nil
+}
+
+func isTestMain(pass *analysis.Pass, decl *ast.FuncDecl) bool {
+ if decl.Name.Name != "TestMain" {
+ return false
+ }
+ if len(decl.Type.Params.List) != 1 {
+ return false
+ }
+ arg := decl.Type.Params.List[0]
+ if len(arg.Names) != 1 {
+ return false
+ }
+ return code.IsOfType(pass, arg.Type, "*testing.M")
+}
+
+func CheckExec(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ call := node.(*ast.CallExpr)
+ if !code.IsCallToAST(pass, call, "os/exec.Command") {
+ return
+ }
+ val, ok := code.ExprToString(pass, call.Args[Arg("os/exec.Command.name")])
+ if !ok {
+ return
+ }
+ if !strings.Contains(val, " ") || strings.Contains(val, `\`) || strings.Contains(val, "/") {
+ return
+ }
+ report.Report(pass, call.Args[Arg("os/exec.Command.name")],
+ "first argument to exec.Command looks like a shell command, but a program name or path are expected")
+ }
+ code.Preorder(pass, fn, (*ast.CallExpr)(nil))
+ return nil, nil
+}
+
+func CheckLoopEmptyDefault(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ loop := node.(*ast.ForStmt)
+ if len(loop.Body.List) != 1 || loop.Cond != nil || loop.Init != nil {
+ return
+ }
+ sel, ok := loop.Body.List[0].(*ast.SelectStmt)
+ if !ok {
+ return
+ }
+ for _, c := range sel.Body.List {
+ // FIXME this leaves behind an empty line, and possibly
+ // comments in the default branch. We can't easily fix
+ // either.
+ if comm, ok := c.(*ast.CommClause); ok && comm.Comm == nil && len(comm.Body) == 0 {
+ report.Report(pass, comm, "should not have an empty default case in a for+select loop; the loop will spin",
+ report.Fixes(edit.Fix("remove empty default branch", edit.Delete(comm))))
+ // there can only be one default case
+ break
+ }
+ }
+ }
+ code.Preorder(pass, fn, (*ast.ForStmt)(nil))
+ return nil, nil
+}
+
+func CheckLhsRhsIdentical(pass *analysis.Pass) (interface{}, error) {
+ var isFloat func(T types.Type) bool
+ isFloat = func(T types.Type) bool {
+ switch T := T.Underlying().(type) {
+ case *types.Basic:
+ kind := T.Kind()
+ return kind == types.Float32 || kind == types.Float64
+ case *types.Array:
+ return isFloat(T.Elem())
+ case *types.Struct:
+ for i := 0; i < T.NumFields(); i++ {
+ if !isFloat(T.Field(i).Type()) {
+ return false
+ }
+ }
+ return true
+ default:
+ return false
+ }
+ }
+
+ // TODO(dh): this check ignores the existence of side-effects and
+ // happily flags fn() == fn() – so far, we've had nobody complain
+ // about a false positive, and it's caught several bugs in real
+ // code.
+ fn := func(node ast.Node) {
+ op := node.(*ast.BinaryExpr)
+ switch op.Op {
+ case token.EQL, token.NEQ:
+ if isFloat(pass.TypesInfo.TypeOf(op.X)) {
+ // f == f and f != f might be used to check for NaN
+ return
+ }
+ case token.SUB, token.QUO, token.AND, token.REM, token.OR, token.XOR, token.AND_NOT,
+ token.LAND, token.LOR, token.LSS, token.GTR, token.LEQ, token.GEQ:
+ default:
+ // For some ops, such as + and *, it can make sense to
+ // have identical operands
+ return
+ }
+
+ if reflect.TypeOf(op.X) != reflect.TypeOf(op.Y) {
+ return
+ }
+ if report.Render(pass, op.X) != report.Render(pass, op.Y) {
+ return
+ }
+ l1, ok1 := op.X.(*ast.BasicLit)
+ l2, ok2 := op.Y.(*ast.BasicLit)
+ if ok1 && ok2 && l1.Kind == token.INT && l2.Kind == l1.Kind && l1.Value == "0" && l2.Value == l1.Value && code.IsGenerated(pass, l1.Pos()) {
+ // cgo generates the following function call:
+ // _cgoCheckPointer(_cgoBase0, 0 == 0) – it uses 0 == 0
+ // instead of true in case the user shadowed the
+ // identifier. Ideally we'd restrict this exception to
+ // calls of _cgoCheckPointer, but it's not worth the
+ // hassle of keeping track of the stack. <lit> <op> <lit>
+ // are very rare to begin with, and we're mostly checking
+ // for them to catch typos such as 1 == 1 where the user
+ // meant to type i == 1. The odds of a false negative for
+ // 0 == 0 are slim.
+ return
+ }
+ report.Report(pass, op, fmt.Sprintf("identical expressions on the left and right side of the '%s' operator", op.Op))
+ }
+ code.Preorder(pass, fn, (*ast.BinaryExpr)(nil))
+ return nil, nil
+}
+
+func CheckScopedBreak(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ var body *ast.BlockStmt
+ switch node := node.(type) {
+ case *ast.ForStmt:
+ body = node.Body
+ case *ast.RangeStmt:
+ body = node.Body
+ default:
+ ExhaustiveTypeSwitch(node)
+ }
+ for _, stmt := range body.List {
+ var blocks [][]ast.Stmt
+ switch stmt := stmt.(type) {
+ case *ast.SwitchStmt:
+ for _, c := range stmt.Body.List {
+ blocks = append(blocks, c.(*ast.CaseClause).Body)
+ }
+ case *ast.SelectStmt:
+ for _, c := range stmt.Body.List {
+ blocks = append(blocks, c.(*ast.CommClause).Body)
+ }
+ default:
+ continue
+ }
+
+ for _, body := range blocks {
+ if len(body) == 0 {
+ continue
+ }
+ lasts := []ast.Stmt{body[len(body)-1]}
+ // TODO(dh): unfold all levels of nested block
+ // statements, not just a single level if statement
+ if ifs, ok := lasts[0].(*ast.IfStmt); ok {
+ if len(ifs.Body.List) == 0 {
+ continue
+ }
+ lasts[0] = ifs.Body.List[len(ifs.Body.List)-1]
+
+ if block, ok := ifs.Else.(*ast.BlockStmt); ok {
+ if len(block.List) != 0 {
+ lasts = append(lasts, block.List[len(block.List)-1])
+ }
+ }
+ }
+ for _, last := range lasts {
+ branch, ok := last.(*ast.BranchStmt)
+ if !ok || branch.Tok != token.BREAK || branch.Label != nil {
+ continue
+ }
+ report.Report(pass, branch, "ineffective break statement. Did you mean to break out of the outer loop?")
+ }
+ }
+ }
+ }
+ code.Preorder(pass, fn, (*ast.ForStmt)(nil), (*ast.RangeStmt)(nil))
+ return nil, nil
+}
+
+func CheckUnsafePrintf(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ call := node.(*ast.CallExpr)
+ name := code.CallNameAST(pass, call)
+ var arg int
+
+ switch name {
+ case "fmt.Printf", "fmt.Sprintf", "log.Printf":
+ arg = Arg("fmt.Printf.format")
+ case "fmt.Fprintf":
+ arg = Arg("fmt.Fprintf.format")
+ default:
+ return
+ }
+ if len(call.Args) != arg+1 {
+ return
+ }
+ switch call.Args[arg].(type) {
+ case *ast.CallExpr, *ast.Ident:
+ default:
+ return
+ }
+
+ alt := name[:len(name)-1]
+ report.Report(pass, call,
+ "printf-style function with dynamic format string and no further arguments should use print-style function instead",
+ report.Fixes(edit.Fix(fmt.Sprintf("use %s instead of %s", alt, name), edit.ReplaceWithString(pass.Fset, call.Fun, alt))))
+ }
+ code.Preorder(pass, fn, (*ast.CallExpr)(nil))
+ return nil, nil
+}
+
+func CheckEarlyDefer(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ block := node.(*ast.BlockStmt)
+ if len(block.List) < 2 {
+ return
+ }
+ for i, stmt := range block.List {
+ if i == len(block.List)-1 {
+ break
+ }
+ assign, ok := stmt.(*ast.AssignStmt)
+ if !ok {
+ continue
+ }
+ if len(assign.Rhs) != 1 {
+ continue
+ }
+ if len(assign.Lhs) < 2 {
+ continue
+ }
+ if lhs, ok := assign.Lhs[len(assign.Lhs)-1].(*ast.Ident); ok && lhs.Name == "_" {
+ continue
+ }
+ call, ok := assign.Rhs[0].(*ast.CallExpr)
+ if !ok {
+ continue
+ }
+ sig, ok := pass.TypesInfo.TypeOf(call.Fun).(*types.Signature)
+ if !ok {
+ continue
+ }
+ if sig.Results().Len() < 2 {
+ continue
+ }
+ last := sig.Results().At(sig.Results().Len() - 1)
+ // FIXME(dh): check that it's error from universe, not
+ // another type of the same name
+ if last.Type().String() != "error" {
+ continue
+ }
+ lhs, ok := assign.Lhs[0].(*ast.Ident)
+ if !ok {
+ continue
+ }
+ def, ok := block.List[i+1].(*ast.DeferStmt)
+ if !ok {
+ continue
+ }
+ sel, ok := def.Call.Fun.(*ast.SelectorExpr)
+ if !ok {
+ continue
+ }
+ ident, ok := selectorX(sel).(*ast.Ident)
+ if !ok {
+ continue
+ }
+ if ident.Obj != lhs.Obj {
+ continue
+ }
+ if sel.Sel.Name != "Close" {
+ continue
+ }
+ report.Report(pass, def, fmt.Sprintf("should check returned error before deferring %s", report.Render(pass, def.Call)))
+ }
+ }
+ code.Preorder(pass, fn, (*ast.BlockStmt)(nil))
+ return nil, nil
+}
+
+func selectorX(sel *ast.SelectorExpr) ast.Node {
+ switch x := sel.X.(type) {
+ case *ast.SelectorExpr:
+ return selectorX(x)
+ default:
+ return x
+ }
+}
+
+func CheckEmptyCriticalSection(pass *analysis.Pass) (interface{}, error) {
+ if pass.Pkg.Path() == "sync_test" {
+ // exception for the sync package's tests
+ return nil, nil
+ }
+
+ // Initially it might seem like this check would be easier to
+ // implement using IR. After all, we're only checking for two
+ // consecutive method calls. In reality, however, there may be any
+ // number of other instructions between the lock and unlock, while
+ // still constituting an empty critical section. For example,
+ // given `m.x().Lock(); m.x().Unlock()`, there will be a call to
+ // x(). In the AST-based approach, this has a tiny potential for a
+ // false positive (the second call to x might be doing work that
+ // is protected by the mutex). In an IR-based approach, however,
+ // it would miss a lot of real bugs.
+
+ mutexParams := func(s ast.Stmt) (x ast.Expr, funcName string, ok bool) {
+ expr, ok := s.(*ast.ExprStmt)
+ if !ok {
+ return nil, "", false
+ }
+ call, ok := expr.X.(*ast.CallExpr)
+ if !ok {
+ return nil, "", false
+ }
+ sel, ok := call.Fun.(*ast.SelectorExpr)
+ if !ok {
+ return nil, "", false
+ }
+
+ fn, ok := pass.TypesInfo.ObjectOf(sel.Sel).(*types.Func)
+ if !ok {
+ return nil, "", false
+ }
+ sig := fn.Type().(*types.Signature)
+ if sig.Params().Len() != 0 || sig.Results().Len() != 0 {
+ return nil, "", false
+ }
+
+ return sel.X, fn.Name(), true
+ }
+
+ fn := func(node ast.Node) {
+ block := node.(*ast.BlockStmt)
+ if len(block.List) < 2 {
+ return
+ }
+ for i := range block.List[:len(block.List)-1] {
+ sel1, method1, ok1 := mutexParams(block.List[i])
+ sel2, method2, ok2 := mutexParams(block.List[i+1])
+
+ if !ok1 || !ok2 || report.Render(pass, sel1) != report.Render(pass, sel2) {
+ continue
+ }
+ if (method1 == "Lock" && method2 == "Unlock") ||
+ (method1 == "RLock" && method2 == "RUnlock") {
+ report.Report(pass, block.List[i+1], "empty critical section")
+ }
+ }
+ }
+ code.Preorder(pass, fn, (*ast.BlockStmt)(nil))
+ return nil, nil
+}
+
+var (
+ // cgo produces code like fn(&*_Cvar_kSomeCallbacks) which we don't
+ // want to flag.
+ cgoIdent = regexp.MustCompile(`^_C(func|var)_.+$`)
+ checkIneffectiveCopyQ1 = pattern.MustParse(`(UnaryExpr "&" (StarExpr obj))`)
+ checkIneffectiveCopyQ2 = pattern.MustParse(`(StarExpr (UnaryExpr "&" _))`)
+)
+
+func CheckIneffectiveCopy(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ if m, ok := Match(pass, checkIneffectiveCopyQ1, node); ok {
+ if ident, ok := m.State["obj"].(*ast.Ident); !ok || !cgoIdent.MatchString(ident.Name) {
+ report.Report(pass, node, "&*x will be simplified to x. It will not copy x.")
+ }
+ } else if _, ok := Match(pass, checkIneffectiveCopyQ2, node); ok {
+ report.Report(pass, node, "*&x will be simplified to x. It will not copy x.")
+ }
+ }
+ code.Preorder(pass, fn, (*ast.UnaryExpr)(nil), (*ast.StarExpr)(nil))
+ return nil, nil
+}
+
+func CheckCanonicalHeaderKey(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node, push bool) bool {
+ if !push {
+ return false
+ }
+ assign, ok := node.(*ast.AssignStmt)
+ if ok {
+ // TODO(dh): This risks missing some Header reads, for
+ // example in `h1["foo"] = h2["foo"]` – these edge
+ // cases are probably rare enough to ignore for now.
+ for _, expr := range assign.Lhs {
+ op, ok := expr.(*ast.IndexExpr)
+ if !ok {
+ continue
+ }
+ if code.IsOfType(pass, op.X, "net/http.Header") {
+ return false
+ }
+ }
+ return true
+ }
+ op, ok := node.(*ast.IndexExpr)
+ if !ok {
+ return true
+ }
+ if !code.IsOfType(pass, op.X, "net/http.Header") {
+ return true
+ }
+ s, ok := code.ExprToString(pass, op.Index)
+ if !ok {
+ return true
+ }
+ canonical := http.CanonicalHeaderKey(s)
+ if s == canonical {
+ return true
+ }
+ var fix analysis.SuggestedFix
+ switch op.Index.(type) {
+ case *ast.BasicLit:
+ fix = edit.Fix("canonicalize header key", edit.ReplaceWithString(pass.Fset, op.Index, strconv.Quote(canonical)))
+ case *ast.Ident:
+ call := &ast.CallExpr{
+ Fun: Selector("http", "CanonicalHeaderKey"),
+ Args: []ast.Expr{op.Index},
+ }
+ fix = edit.Fix("wrap in http.CanonicalHeaderKey", edit.ReplaceWithNode(pass.Fset, op.Index, call))
+ }
+ msg := fmt.Sprintf("keys in http.Header are canonicalized, %q is not canonical; fix the constant or use http.CanonicalHeaderKey", s)
+ if fix.Message != "" {
+ report.Report(pass, op, msg, report.Fixes(fix))
+ } else {
+ report.Report(pass, op, msg)
+ }
+ return true
+ }
+ pass.ResultOf[inspect.Analyzer].(*inspector.Inspector).Nodes([]ast.Node{(*ast.AssignStmt)(nil), (*ast.IndexExpr)(nil)}, fn)
+ return nil, nil
+}
+
+func CheckBenchmarkN(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ assign := node.(*ast.AssignStmt)
+ if len(assign.Lhs) != 1 || len(assign.Rhs) != 1 {
+ return
+ }
+ sel, ok := assign.Lhs[0].(*ast.SelectorExpr)
+ if !ok {
+ return
+ }
+ if sel.Sel.Name != "N" {
+ return
+ }
+ if !code.IsOfType(pass, sel.X, "*testing.B") {
+ return
+ }
+ report.Report(pass, assign, fmt.Sprintf("should not assign to %s", report.Render(pass, sel)))
+ }
+ code.Preorder(pass, fn, (*ast.AssignStmt)(nil))
+ return nil, nil
+}
+
+func CheckUnreadVariableValues(pass *analysis.Pass) (interface{}, error) {
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ if code.IsExample(fn) {
+ continue
+ }
+ node := fn.Source()
+ if node == nil {
+ continue
+ }
+ if gen, ok := code.Generator(pass, node.Pos()); ok && gen == facts.Goyacc {
+ // Don't flag unused values in code generated by goyacc.
+ // There may be hundreds of those due to the way the state
+ // machine is constructed.
+ continue
+ }
+
+ switchTags := map[ir.Value]struct{}{}
+ ast.Inspect(node, func(node ast.Node) bool {
+ s, ok := node.(*ast.SwitchStmt)
+ if !ok {
+ return true
+ }
+ v, _ := fn.ValueForExpr(s.Tag)
+ switchTags[v] = struct{}{}
+ return true
+ })
+
+ // OPT(dh): don't use a map, possibly use a bitset
+ var hasUse func(v ir.Value, seen map[ir.Value]struct{}) bool
+ hasUse = func(v ir.Value, seen map[ir.Value]struct{}) bool {
+ if _, ok := seen[v]; ok {
+ return false
+ }
+ if _, ok := switchTags[v]; ok {
+ return true
+ }
+ refs := v.Referrers()
+ if refs == nil {
+ // TODO investigate why refs can be nil
+ return true
+ }
+ for _, ref := range *refs {
+ switch ref := ref.(type) {
+ case *ir.DebugRef:
+ case *ir.Sigma:
+ if seen == nil {
+ seen = map[ir.Value]struct{}{}
+ }
+ seen[v] = struct{}{}
+ if hasUse(ref, seen) {
+ return true
+ }
+ case *ir.Phi:
+ if seen == nil {
+ seen = map[ir.Value]struct{}{}
+ }
+ seen[v] = struct{}{}
+ if hasUse(ref, seen) {
+ return true
+ }
+ default:
+ return true
+ }
+ }
+ return false
+ }
+
+ ast.Inspect(node, func(node ast.Node) bool {
+ assign, ok := node.(*ast.AssignStmt)
+ if !ok {
+ return true
+ }
+ if len(assign.Lhs) > 1 && len(assign.Rhs) == 1 {
+ // Either a function call with multiple return values,
+ // or a comma-ok assignment
+
+ val, _ := fn.ValueForExpr(assign.Rhs[0])
+ if val == nil {
+ return true
+ }
+ refs := val.Referrers()
+ if refs == nil {
+ return true
+ }
+ for _, ref := range *refs {
+ ex, ok := ref.(*ir.Extract)
+ if !ok {
+ continue
+ }
+ if !hasUse(ex, nil) {
+ lhs := assign.Lhs[ex.Index]
+ if ident, ok := lhs.(*ast.Ident); !ok || ok && ident.Name == "_" {
+ continue
+ }
+ report.Report(pass, assign, fmt.Sprintf("this value of %s is never used", lhs))
+ }
+ }
+ return true
+ }
+ for i, lhs := range assign.Lhs {
+ rhs := assign.Rhs[i]
+ if ident, ok := lhs.(*ast.Ident); !ok || ok && ident.Name == "_" {
+ continue
+ }
+ val, _ := fn.ValueForExpr(rhs)
+ if val == nil {
+ continue
+ }
+
+ if _, ok := val.(*ir.Const); ok {
+ // a zero-valued constant, for example in 'foo := []string(nil)'
+ continue
+ }
+ if !hasUse(val, nil) {
+ report.Report(pass, assign, fmt.Sprintf("this value of %s is never used", lhs))
+ }
+ }
+ return true
+ })
+ }
+ return nil, nil
+}
+
+func CheckPredeterminedBooleanExprs(pass *analysis.Pass) (interface{}, error) {
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ for _, block := range fn.Blocks {
+ for _, ins := range block.Instrs {
+ binop, ok := ins.(*ir.BinOp)
+ if !ok {
+ continue
+ }
+ switch binop.Op {
+ case token.GTR, token.LSS, token.EQL, token.NEQ, token.LEQ, token.GEQ:
+ default:
+ continue
+ }
+
+ xs, ok1 := consts(binop.X, nil, nil)
+ ys, ok2 := consts(binop.Y, nil, nil)
+ if !ok1 || !ok2 || len(xs) == 0 || len(ys) == 0 {
+ continue
+ }
+
+ trues := 0
+ for _, x := range xs {
+ for _, y := range ys {
+ if x.Value == nil {
+ if y.Value == nil {
+ trues++
+ }
+ continue
+ }
+ if constant.Compare(x.Value, binop.Op, y.Value) {
+ trues++
+ }
+ }
+ }
+ b := trues != 0
+ if trues == 0 || trues == len(xs)*len(ys) {
+ report.Report(pass, binop, fmt.Sprintf("binary expression is always %t for all possible values (%s %s %s)", b, xs, binop.Op, ys))
+ }
+ }
+ }
+ }
+ return nil, nil
+}
+
+func CheckNilMaps(pass *analysis.Pass) (interface{}, error) {
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ for _, block := range fn.Blocks {
+ for _, ins := range block.Instrs {
+ mu, ok := ins.(*ir.MapUpdate)
+ if !ok {
+ continue
+ }
+ c, ok := mu.Map.(*ir.Const)
+ if !ok {
+ continue
+ }
+ if c.Value != nil {
+ continue
+ }
+ report.Report(pass, mu, "assignment to nil map")
+ }
+ }
+ }
+ return nil, nil
+}
+
+func CheckExtremeComparison(pass *analysis.Pass) (interface{}, error) {
+ isobj := func(expr ast.Expr, name string) bool {
+ sel, ok := expr.(*ast.SelectorExpr)
+ if !ok {
+ return false
+ }
+ return code.IsObject(pass.TypesInfo.ObjectOf(sel.Sel), name)
+ }
+
+ fn := func(node ast.Node) {
+ expr := node.(*ast.BinaryExpr)
+ tx := pass.TypesInfo.TypeOf(expr.X)
+ basic, ok := tx.Underlying().(*types.Basic)
+ if !ok {
+ return
+ }
+
+ var max string
+ var min string
+
+ switch basic.Kind() {
+ case types.Uint8:
+ max = "math.MaxUint8"
+ case types.Uint16:
+ max = "math.MaxUint16"
+ case types.Uint32:
+ max = "math.MaxUint32"
+ case types.Uint64:
+ max = "math.MaxUint64"
+ case types.Uint:
+ max = "math.MaxUint64"
+
+ case types.Int8:
+ min = "math.MinInt8"
+ max = "math.MaxInt8"
+ case types.Int16:
+ min = "math.MinInt16"
+ max = "math.MaxInt16"
+ case types.Int32:
+ min = "math.MinInt32"
+ max = "math.MaxInt32"
+ case types.Int64:
+ min = "math.MinInt64"
+ max = "math.MaxInt64"
+ case types.Int:
+ min = "math.MinInt64"
+ max = "math.MaxInt64"
+ }
+
+ if (expr.Op == token.GTR || expr.Op == token.GEQ) && isobj(expr.Y, max) ||
+ (expr.Op == token.LSS || expr.Op == token.LEQ) && isobj(expr.X, max) {
+ report.Report(pass, expr, fmt.Sprintf("no value of type %s is greater than %s", basic, max))
+ }
+ if expr.Op == token.LEQ && isobj(expr.Y, max) ||
+ expr.Op == token.GEQ && isobj(expr.X, max) {
+ report.Report(pass, expr, fmt.Sprintf("every value of type %s is <= %s", basic, max))
+ }
+
+ if (basic.Info() & types.IsUnsigned) != 0 {
+ if (expr.Op == token.LSS && code.IsIntLiteral(expr.Y, "0")) ||
+ (expr.Op == token.GTR && code.IsIntLiteral(expr.X, "0")) {
+ report.Report(pass, expr, fmt.Sprintf("no value of type %s is less than 0", basic))
+ }
+ if expr.Op == token.GEQ && code.IsIntLiteral(expr.Y, "0") ||
+ expr.Op == token.LEQ && code.IsIntLiteral(expr.X, "0") {
+ report.Report(pass, expr, fmt.Sprintf("every value of type %s is >= 0", basic))
+ }
+ } else {
+ if (expr.Op == token.LSS || expr.Op == token.LEQ) && isobj(expr.Y, min) ||
+ (expr.Op == token.GTR || expr.Op == token.GEQ) && isobj(expr.X, min) {
+ report.Report(pass, expr, fmt.Sprintf("no value of type %s is less than %s", basic, min))
+ }
+ if expr.Op == token.GEQ && isobj(expr.Y, min) ||
+ expr.Op == token.LEQ && isobj(expr.X, min) {
+ report.Report(pass, expr, fmt.Sprintf("every value of type %s is >= %s", basic, min))
+ }
+ }
+
+ }
+ code.Preorder(pass, fn, (*ast.BinaryExpr)(nil))
+ return nil, nil
+}
+
+func consts(val ir.Value, out []*ir.Const, visitedPhis map[string]bool) ([]*ir.Const, bool) {
+ if visitedPhis == nil {
+ visitedPhis = map[string]bool{}
+ }
+ var ok bool
+ switch val := val.(type) {
+ case *ir.Phi:
+ if visitedPhis[val.Name()] {
+ break
+ }
+ visitedPhis[val.Name()] = true
+ vals := val.Operands(nil)
+ for _, phival := range vals {
+ out, ok = consts(*phival, out, visitedPhis)
+ if !ok {
+ return nil, false
+ }
+ }
+ case *ir.Const:
+ out = append(out, val)
+ case *ir.Convert:
+ out, ok = consts(val.X, out, visitedPhis)
+ if !ok {
+ return nil, false
+ }
+ default:
+ return nil, false
+ }
+ if len(out) < 2 {
+ return out, true
+ }
+ uniq := []*ir.Const{out[0]}
+ for _, val := range out[1:] {
+ if val.Value == uniq[len(uniq)-1].Value {
+ continue
+ }
+ uniq = append(uniq, val)
+ }
+ return uniq, true
+}
+
+func CheckLoopCondition(pass *analysis.Pass) (interface{}, error) {
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ cb := func(node ast.Node) bool {
+ loop, ok := node.(*ast.ForStmt)
+ if !ok {
+ return true
+ }
+ if loop.Init == nil || loop.Cond == nil || loop.Post == nil {
+ return true
+ }
+ init, ok := loop.Init.(*ast.AssignStmt)
+ if !ok || len(init.Lhs) != 1 || len(init.Rhs) != 1 {
+ return true
+ }
+ cond, ok := loop.Cond.(*ast.BinaryExpr)
+ if !ok {
+ return true
+ }
+ x, ok := cond.X.(*ast.Ident)
+ if !ok {
+ return true
+ }
+ lhs, ok := init.Lhs[0].(*ast.Ident)
+ if !ok {
+ return true
+ }
+ if x.Obj != lhs.Obj {
+ return true
+ }
+ if _, ok := loop.Post.(*ast.IncDecStmt); !ok {
+ return true
+ }
+
+ v, isAddr := fn.ValueForExpr(cond.X)
+ if v == nil || isAddr {
+ return true
+ }
+ switch v := v.(type) {
+ case *ir.Phi:
+ ops := v.Operands(nil)
+ if len(ops) != 2 {
+ return true
+ }
+ _, ok := (*ops[0]).(*ir.Const)
+ if !ok {
+ return true
+ }
+ sigma, ok := (*ops[1]).(*ir.Sigma)
+ if !ok {
+ return true
+ }
+ if sigma.X != v {
+ return true
+ }
+ case *ir.Load:
+ return true
+ }
+ report.Report(pass, cond, "variable in loop condition never changes")
+
+ return true
+ }
+ Inspect(fn.Source(), cb)
+ }
+ return nil, nil
+}
+
+func CheckArgOverwritten(pass *analysis.Pass) (interface{}, error) {
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ cb := func(node ast.Node) bool {
+ var typ *ast.FuncType
+ var body *ast.BlockStmt
+ switch fn := node.(type) {
+ case *ast.FuncDecl:
+ typ = fn.Type
+ body = fn.Body
+ case *ast.FuncLit:
+ typ = fn.Type
+ body = fn.Body
+ }
+ if body == nil {
+ return true
+ }
+ if len(typ.Params.List) == 0 {
+ return true
+ }
+ for _, field := range typ.Params.List {
+ for _, arg := range field.Names {
+ obj := pass.TypesInfo.ObjectOf(arg)
+ var irobj *ir.Parameter
+ for _, param := range fn.Params {
+ if param.Object() == obj {
+ irobj = param
+ break
+ }
+ }
+ if irobj == nil {
+ continue
+ }
+ refs := irobj.Referrers()
+ if refs == nil {
+ continue
+ }
+ if len(code.FilterDebug(*refs)) != 0 {
+ continue
+ }
+
+ var assignment ast.Node
+ ast.Inspect(body, func(node ast.Node) bool {
+ if assignment != nil {
+ return false
+ }
+ assign, ok := node.(*ast.AssignStmt)
+ if !ok {
+ return true
+ }
+ for _, lhs := range assign.Lhs {
+ ident, ok := lhs.(*ast.Ident)
+ if !ok {
+ continue
+ }
+ if pass.TypesInfo.ObjectOf(ident) == obj {
+ assignment = assign
+ return false
+ }
+ }
+ return true
+ })
+ if assignment != nil {
+ report.Report(pass, arg, fmt.Sprintf("argument %s is overwritten before first use", arg),
+ report.Related(assignment, fmt.Sprintf("assignment to %s", arg)))
+ }
+ }
+ }
+ return true
+ }
+ Inspect(fn.Source(), cb)
+ }
+ return nil, nil
+}
+
+func CheckIneffectiveLoop(pass *analysis.Pass) (interface{}, error) {
+ // This check detects some, but not all unconditional loop exits.
+ // We give up in the following cases:
+ //
+ // - a goto anywhere in the loop. The goto might skip over our
+ // return, and we don't check that it doesn't.
+ //
+ // - any nested, unlabelled continue, even if it is in another
+ // loop or closure.
+ fn := func(node ast.Node) {
+ var body *ast.BlockStmt
+ switch fn := node.(type) {
+ case *ast.FuncDecl:
+ body = fn.Body
+ case *ast.FuncLit:
+ body = fn.Body
+ default:
+ ExhaustiveTypeSwitch(node)
+ }
+ if body == nil {
+ return
+ }
+ labels := map[*ast.Object]ast.Stmt{}
+ ast.Inspect(body, func(node ast.Node) bool {
+ label, ok := node.(*ast.LabeledStmt)
+ if !ok {
+ return true
+ }
+ labels[label.Label.Obj] = label.Stmt
+ return true
+ })
+
+ ast.Inspect(body, func(node ast.Node) bool {
+ var loop ast.Node
+ var body *ast.BlockStmt
+ switch node := node.(type) {
+ case *ast.ForStmt:
+ body = node.Body
+ loop = node
+ case *ast.RangeStmt:
+ typ := pass.TypesInfo.TypeOf(node.X)
+ if _, ok := typ.Underlying().(*types.Map); ok {
+ // looping once over a map is a valid pattern for
+ // getting an arbitrary element.
+ return true
+ }
+ body = node.Body
+ loop = node
+ default:
+ return true
+ }
+ if len(body.List) < 2 {
+ // avoid flagging the somewhat common pattern of using
+ // a range loop to get the first element in a slice,
+ // or the first rune in a string.
+ return true
+ }
+ var unconditionalExit ast.Node
+ hasBranching := false
+ for _, stmt := range body.List {
+ switch stmt := stmt.(type) {
+ case *ast.BranchStmt:
+ switch stmt.Tok {
+ case token.BREAK:
+ if stmt.Label == nil || labels[stmt.Label.Obj] == loop {
+ unconditionalExit = stmt
+ }
+ case token.CONTINUE:
+ if stmt.Label == nil || labels[stmt.Label.Obj] == loop {
+ unconditionalExit = nil
+ return false
+ }
+ }
+ case *ast.ReturnStmt:
+ unconditionalExit = stmt
+ case *ast.IfStmt, *ast.ForStmt, *ast.RangeStmt, *ast.SwitchStmt, *ast.SelectStmt:
+ hasBranching = true
+ }
+ }
+ if unconditionalExit == nil || !hasBranching {
+ return false
+ }
+ ast.Inspect(body, func(node ast.Node) bool {
+ if branch, ok := node.(*ast.BranchStmt); ok {
+
+ switch branch.Tok {
+ case token.GOTO:
+ unconditionalExit = nil
+ return false
+ case token.CONTINUE:
+ if branch.Label != nil && labels[branch.Label.Obj] != loop {
+ return true
+ }
+ unconditionalExit = nil
+ return false
+ }
+ }
+ return true
+ })
+ if unconditionalExit != nil {
+ report.Report(pass, unconditionalExit, "the surrounding loop is unconditionally terminated")
+ }
+ return true
+ })
+ }
+ code.Preorder(pass, fn, (*ast.FuncDecl)(nil), (*ast.FuncLit)(nil))
+ return nil, nil
+}
+
+var checkNilContextQ = pattern.MustParse(`(CallExpr fun@(Function _) (Builtin "nil"):_)`)
+
+func CheckNilContext(pass *analysis.Pass) (interface{}, error) {
+ todo := &ast.CallExpr{
+ Fun: Selector("context", "TODO"),
+ }
+ bg := &ast.CallExpr{
+ Fun: Selector("context", "Background"),
+ }
+ fn := func(node ast.Node) {
+ m, ok := Match(pass, checkNilContextQ, node)
+ if !ok {
+ return
+ }
+
+ call := node.(*ast.CallExpr)
+ fun, ok := m.State["fun"].(*types.Func)
+ if !ok {
+ // it might also be a builtin
+ return
+ }
+ sig := fun.Type().(*types.Signature)
+ if sig.Params().Len() == 0 {
+ // Our CallExpr might've matched a method expression, like
+ // (*T).Foo(nil) – here, nil isn't the first argument of
+ // the Foo method, but the method receiver.
+ return
+ }
+ if !code.IsType(sig.Params().At(0).Type(), "context.Context") {
+ return
+ }
+ report.Report(pass, call.Args[0],
+ "do not pass a nil Context, even if a function permits it; pass context.TODO if you are unsure about which Context to use", report.Fixes(
+ edit.Fix("use context.TODO", edit.ReplaceWithNode(pass.Fset, call.Args[0], todo)),
+ edit.Fix("use context.Background", edit.ReplaceWithNode(pass.Fset, call.Args[0], bg))))
+ }
+ code.Preorder(pass, fn, (*ast.CallExpr)(nil))
+ return nil, nil
+}
+
+var (
+ checkSeekerQ = pattern.MustParse(`(CallExpr fun@(SelectorExpr _ (Ident "Seek")) [arg1@(SelectorExpr (Ident "io") (Ident (Or "SeekStart" "SeekCurrent" "SeekEnd"))) arg2])`)
+ checkSeekerR = pattern.MustParse(`(CallExpr fun [arg2 arg1])`)
+)
+
+func CheckSeeker(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ if _, edits, ok := MatchAndEdit(pass, checkSeekerQ, checkSeekerR, node); ok {
+ report.Report(pass, node, "the first argument of io.Seeker is the offset, but an io.Seek* constant is being used instead",
+ report.Fixes(edit.Fix("swap arguments", edits...)))
+ }
+ }
+ code.Preorder(pass, fn, (*ast.CallExpr)(nil))
+ return nil, nil
+}
+
+func CheckIneffectiveAppend(pass *analysis.Pass) (interface{}, error) {
+ isAppend := func(ins ir.Value) bool {
+ call, ok := ins.(*ir.Call)
+ if !ok {
+ return false
+ }
+ if call.Call.IsInvoke() {
+ return false
+ }
+ if builtin, ok := call.Call.Value.(*ir.Builtin); !ok || builtin.Name() != "append" {
+ return false
+ }
+ return true
+ }
+
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ for _, block := range fn.Blocks {
+ for _, ins := range block.Instrs {
+ val, ok := ins.(ir.Value)
+ if !ok || !isAppend(val) {
+ continue
+ }
+
+ isUsed := false
+ visited := map[ir.Instruction]bool{}
+ var walkRefs func(refs []ir.Instruction)
+ walkRefs = func(refs []ir.Instruction) {
+ loop:
+ for _, ref := range refs {
+ if visited[ref] {
+ continue
+ }
+ visited[ref] = true
+ if _, ok := ref.(*ir.DebugRef); ok {
+ continue
+ }
+ switch ref := ref.(type) {
+ case *ir.Phi:
+ walkRefs(*ref.Referrers())
+ case *ir.Sigma:
+ walkRefs(*ref.Referrers())
+ case ir.Value:
+ if !isAppend(ref) {
+ isUsed = true
+ } else {
+ walkRefs(*ref.Referrers())
+ }
+ case ir.Instruction:
+ isUsed = true
+ break loop
+ }
+ }
+ }
+
+ refs := val.Referrers()
+ if refs == nil {
+ continue
+ }
+ walkRefs(*refs)
+
+ if !isUsed {
+ report.Report(pass, ins, "this result of append is never used, except maybe in other appends")
+ }
+ }
+ }
+ }
+ return nil, nil
+}
+
+func CheckConcurrentTesting(pass *analysis.Pass) (interface{}, error) {
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ for _, block := range fn.Blocks {
+ for _, ins := range block.Instrs {
+ gostmt, ok := ins.(*ir.Go)
+ if !ok {
+ continue
+ }
+ var fn *ir.Function
+ switch val := gostmt.Call.Value.(type) {
+ case *ir.Function:
+ fn = val
+ case *ir.MakeClosure:
+ fn = val.Fn.(*ir.Function)
+ default:
+ continue
+ }
+ if fn.Blocks == nil {
+ continue
+ }
+ for _, block := range fn.Blocks {
+ for _, ins := range block.Instrs {
+ call, ok := ins.(*ir.Call)
+ if !ok {
+ continue
+ }
+ if call.Call.IsInvoke() {
+ continue
+ }
+ callee := call.Call.StaticCallee()
+ if callee == nil {
+ continue
+ }
+ recv := callee.Signature.Recv()
+ if recv == nil {
+ continue
+ }
+ if !code.IsType(recv.Type(), "*testing.common") {
+ continue
+ }
+ fn, ok := call.Call.StaticCallee().Object().(*types.Func)
+ if !ok {
+ continue
+ }
+ name := fn.Name()
+ switch name {
+ case "FailNow", "Fatal", "Fatalf", "SkipNow", "Skip", "Skipf":
+ default:
+ continue
+ }
+ // TODO(dh): don't report multiple diagnostics
+ // for multiple calls to T.Fatal, but do
+ // collect all of them as related information
+ report.Report(pass, gostmt, fmt.Sprintf("the goroutine calls T.%s, which must be called in the same goroutine as the test", name),
+ report.Related(call, fmt.Sprintf("call to T.%s", name)))
+ }
+ }
+ }
+ }
+ }
+ return nil, nil
+}
+
+func eachCall(fn *ir.Function, cb func(caller *ir.Function, site ir.CallInstruction, callee *ir.Function)) {
+ for _, b := range fn.Blocks {
+ for _, instr := range b.Instrs {
+ if site, ok := instr.(ir.CallInstruction); ok {
+ if g := site.Common().StaticCallee(); g != nil {
+ cb(fn, site, g)
+ }
+ }
+ }
+ }
+}
+
+func CheckCyclicFinalizer(pass *analysis.Pass) (interface{}, error) {
+ cb := func(caller *ir.Function, site ir.CallInstruction, callee *ir.Function) {
+ if callee.RelString(nil) != "runtime.SetFinalizer" {
+ return
+ }
+ arg0 := site.Common().Args[Arg("runtime.SetFinalizer.obj")]
+ if iface, ok := arg0.(*ir.MakeInterface); ok {
+ arg0 = iface.X
+ }
+ load, ok := arg0.(*ir.Load)
+ if !ok {
+ return
+ }
+ v, ok := load.X.(*ir.Alloc)
+ if !ok {
+ return
+ }
+ arg1 := site.Common().Args[Arg("runtime.SetFinalizer.finalizer")]
+ if iface, ok := arg1.(*ir.MakeInterface); ok {
+ arg1 = iface.X
+ }
+ mc, ok := arg1.(*ir.MakeClosure)
+ if !ok {
+ return
+ }
+ for _, b := range mc.Bindings {
+ if b == v {
+ pos := lint.DisplayPosition(pass.Fset, mc.Fn.Pos())
+ report.Report(pass, site, fmt.Sprintf("the finalizer closes over the object, preventing the finalizer from ever running (at %s)", pos))
+ }
+ }
+ }
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ eachCall(fn, cb)
+ }
+ return nil, nil
+}
+
+/*
+func CheckSliceOutOfBounds(pass *analysis.Pass) (interface{}, error) {
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ for _, block := range fn.Blocks {
+ for _, ins := range block.Instrs {
+ ia, ok := ins.(*ir.IndexAddr)
+ if !ok {
+ continue
+ }
+ if _, ok := ia.X.Type().Underlying().(*types.Slice); !ok {
+ continue
+ }
+ sr, ok1 := c.funcDescs.Get(fn).Ranges[ia.X].(vrp.SliceInterval)
+ idxr, ok2 := c.funcDescs.Get(fn).Ranges[ia.Index].(vrp.IntInterval)
+ if !ok1 || !ok2 || !sr.IsKnown() || !idxr.IsKnown() || sr.Length.Empty() || idxr.Empty() {
+ continue
+ }
+ if idxr.Lower.Cmp(sr.Length.Upper) >= 0 {
+ report.Nodef(pass, ia, "index out of bounds")
+ }
+ }
+ }
+ }
+ return nil, nil
+}
+*/
+
+func CheckDeferLock(pass *analysis.Pass) (interface{}, error) {
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ for _, block := range fn.Blocks {
+ instrs := code.FilterDebug(block.Instrs)
+ if len(instrs) < 2 {
+ continue
+ }
+ for i, ins := range instrs[:len(instrs)-1] {
+ call, ok := ins.(*ir.Call)
+ if !ok {
+ continue
+ }
+ if !code.IsCallToAny(call.Common(), "(*sync.Mutex).Lock", "(*sync.RWMutex).RLock") {
+ continue
+ }
+ nins, ok := instrs[i+1].(*ir.Defer)
+ if !ok {
+ continue
+ }
+ if !code.IsCallToAny(&nins.Call, "(*sync.Mutex).Lock", "(*sync.RWMutex).RLock") {
+ continue
+ }
+ if call.Common().Args[0] != nins.Call.Args[0] {
+ continue
+ }
+ name := shortCallName(call.Common())
+ alt := ""
+ switch name {
+ case "Lock":
+ alt = "Unlock"
+ case "RLock":
+ alt = "RUnlock"
+ }
+ report.Report(pass, nins, fmt.Sprintf("deferring %s right after having locked already; did you mean to defer %s?", name, alt))
+ }
+ }
+ }
+ return nil, nil
+}
+
+func CheckNaNComparison(pass *analysis.Pass) (interface{}, error) {
+ isNaN := func(v ir.Value) bool {
+ call, ok := v.(*ir.Call)
+ if !ok {
+ return false
+ }
+ return code.IsCallTo(call.Common(), "math.NaN")
+ }
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ for _, block := range fn.Blocks {
+ for _, ins := range block.Instrs {
+ ins, ok := ins.(*ir.BinOp)
+ if !ok {
+ continue
+ }
+ if isNaN(ins.X) || isNaN(ins.Y) {
+ report.Report(pass, ins, "no value is equal to NaN, not even NaN itself")
+ }
+ }
+ }
+ }
+ return nil, nil
+}
+
+func CheckInfiniteRecursion(pass *analysis.Pass) (interface{}, error) {
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ eachCall(fn, func(caller *ir.Function, site ir.CallInstruction, callee *ir.Function) {
+ if callee != fn {
+ return
+ }
+ if _, ok := site.(*ir.Go); ok {
+ // Recursively spawning goroutines doesn't consume
+ // stack space infinitely, so don't flag it.
+ return
+ }
+
+ block := site.Block()
+ canReturn := false
+ for _, b := range fn.Blocks {
+ if block.Dominates(b) {
+ continue
+ }
+ if len(b.Instrs) == 0 {
+ continue
+ }
+ if _, ok := b.Control().(*ir.Return); ok {
+ canReturn = true
+ break
+ }
+ }
+ if canReturn {
+ return
+ }
+ report.Report(pass, site, "infinite recursive call")
+ })
+ }
+ return nil, nil
+}
+
+func objectName(obj types.Object) string {
+ if obj == nil {
+ return "<nil>"
+ }
+ var name string
+ if obj.Pkg() != nil && obj.Pkg().Scope().Lookup(obj.Name()) == obj {
+ s := obj.Pkg().Path()
+ if s != "" {
+ name += s + "."
+ }
+ }
+ name += obj.Name()
+ return name
+}
+
+func isName(pass *analysis.Pass, expr ast.Expr, name string) bool {
+ var obj types.Object
+ switch expr := expr.(type) {
+ case *ast.Ident:
+ obj = pass.TypesInfo.ObjectOf(expr)
+ case *ast.SelectorExpr:
+ obj = pass.TypesInfo.ObjectOf(expr.Sel)
+ }
+ return objectName(obj) == name
+}
+
+func CheckLeakyTimeTick(pass *analysis.Pass) (interface{}, error) {
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ if code.IsMainLike(pass) || code.IsInTest(pass, fn) {
+ continue
+ }
+ for _, block := range fn.Blocks {
+ for _, ins := range block.Instrs {
+ call, ok := ins.(*ir.Call)
+ if !ok || !code.IsCallTo(call.Common(), "time.Tick") {
+ continue
+ }
+ if !functions.Terminates(call.Parent()) {
+ continue
+ }
+ report.Report(pass, call, "using time.Tick leaks the underlying ticker, consider using it only in endless functions, tests and the main package, and use time.NewTicker here")
+ }
+ }
+ }
+ return nil, nil
+}
+
+var checkDoubleNegationQ = pattern.MustParse(`(UnaryExpr "!" single@(UnaryExpr "!" x))`)
+
+func CheckDoubleNegation(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ if m, ok := Match(pass, checkDoubleNegationQ, node); ok {
+ report.Report(pass, node, "negating a boolean twice has no effect; is this a typo?", report.Fixes(
+ edit.Fix("turn into single negation", edit.ReplaceWithNode(pass.Fset, node, m.State["single"].(ast.Node))),
+ edit.Fix("remove double negation", edit.ReplaceWithNode(pass.Fset, node, m.State["x"].(ast.Node)))))
+ }
+ }
+ code.Preorder(pass, fn, (*ast.UnaryExpr)(nil))
+ return nil, nil
+}
+
+func CheckRepeatedIfElse(pass *analysis.Pass) (interface{}, error) {
+ seen := map[ast.Node]bool{}
+
+ var collectConds func(ifstmt *ast.IfStmt, conds []ast.Expr) ([]ast.Expr, bool)
+ collectConds = func(ifstmt *ast.IfStmt, conds []ast.Expr) ([]ast.Expr, bool) {
+ seen[ifstmt] = true
+ // Bail if any if-statement has an Init statement or side effects in its condition
+ if ifstmt.Init != nil {
+ return nil, false
+ }
+ if code.MayHaveSideEffects(pass, ifstmt.Cond, nil) {
+ return nil, false
+ }
+
+ conds = append(conds, ifstmt.Cond)
+ if elsestmt, ok := ifstmt.Else.(*ast.IfStmt); ok {
+ return collectConds(elsestmt, conds)
+ }
+ return conds, true
+ }
+ fn := func(node ast.Node) {
+ ifstmt := node.(*ast.IfStmt)
+ if seen[ifstmt] {
+ // this if-statement is part of an if/else-if chain that we've already processed
+ return
+ }
+ if ifstmt.Else == nil {
+ // there can be at most one condition
+ return
+ }
+ conds, ok := collectConds(ifstmt, nil)
+ if !ok {
+ return
+ }
+ if len(conds) < 2 {
+ return
+ }
+ counts := map[string]int{}
+ for _, cond := range conds {
+ s := report.Render(pass, cond)
+ counts[s]++
+ if counts[s] == 2 {
+ report.Report(pass, cond, "this condition occurs multiple times in this if/else if chain")
+ }
+ }
+ }
+ code.Preorder(pass, fn, (*ast.IfStmt)(nil))
+ return nil, nil
+}
+
+func CheckSillyBitwiseOps(pass *analysis.Pass) (interface{}, error) {
+ // FIXME(dh): what happened here?
+ if false {
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ for _, block := range fn.Blocks {
+ for _, ins := range block.Instrs {
+ ins, ok := ins.(*ir.BinOp)
+ if !ok {
+ continue
+ }
+
+ if c, ok := ins.Y.(*ir.Const); !ok || c.Value == nil || c.Value.Kind() != constant.Int || c.Uint64() != 0 {
+ continue
+ }
+ switch ins.Op {
+ case token.AND, token.OR, token.XOR:
+ default:
+ // we do not flag shifts because too often, x<<0 is part
+ // of a pattern, x<<0, x<<8, x<<16, ...
+ continue
+ }
+ path, _ := astutil.PathEnclosingInterval(code.File(pass, ins), ins.Pos(), ins.Pos())
+ if len(path) == 0 {
+ continue
+ }
+
+ if node, ok := path[0].(*ast.BinaryExpr); !ok || !code.IsIntLiteral(node.Y, "0") {
+ continue
+ }
+
+ switch ins.Op {
+ case token.AND:
+ report.Report(pass, ins, "x & 0 always equals 0")
+ case token.OR, token.XOR:
+ report.Report(pass, ins, fmt.Sprintf("x %s 0 always equals x", ins.Op))
+ }
+ }
+ }
+ }
+ }
+ fn := func(node ast.Node) {
+ binop := node.(*ast.BinaryExpr)
+ b, ok := pass.TypesInfo.TypeOf(binop).Underlying().(*types.Basic)
+ if !ok {
+ return
+ }
+ if (b.Info() & types.IsInteger) == 0 {
+ return
+ }
+ switch binop.Op {
+ case token.AND, token.OR, token.XOR:
+ default:
+ // we do not flag shifts because too often, x<<0 is part
+ // of a pattern, x<<0, x<<8, x<<16, ...
+ return
+ }
+ switch y := binop.Y.(type) {
+ case *ast.Ident:
+ obj, ok := pass.TypesInfo.ObjectOf(y).(*types.Const)
+ if !ok {
+ return
+ }
+ if v, _ := constant.Int64Val(obj.Val()); v != 0 {
+ return
+ }
+ path, _ := astutil.PathEnclosingInterval(code.File(pass, obj), obj.Pos(), obj.Pos())
+ if len(path) < 2 {
+ return
+ }
+ spec, ok := path[1].(*ast.ValueSpec)
+ if !ok {
+ return
+ }
+ if len(spec.Names) != 1 || len(spec.Values) != 1 {
+ // TODO(dh): we could support this
+ return
+ }
+ ident, ok := spec.Values[0].(*ast.Ident)
+ if !ok {
+ return
+ }
+ if !isIota(pass.TypesInfo.ObjectOf(ident)) {
+ return
+ }
+ switch binop.Op {
+ case token.AND:
+ report.Report(pass, node,
+ fmt.Sprintf("%s always equals 0; %s is defined as iota and has value 0, maybe %s is meant to be 1 << iota?", report.Render(pass, binop), report.Render(pass, binop.Y), report.Render(pass, binop.Y)))
+ case token.OR, token.XOR:
+ report.Report(pass, node,
+ fmt.Sprintf("%s always equals %s; %s is defined as iota and has value 0, maybe %s is meant to be 1 << iota?", report.Render(pass, binop), report.Render(pass, binop.X), report.Render(pass, binop.Y), report.Render(pass, binop.Y)))
+ }
+ case *ast.BasicLit:
+ if !code.IsIntLiteral(binop.Y, "0") {
+ return
+ }
+ switch binop.Op {
+ case token.AND:
+ report.Report(pass, node, fmt.Sprintf("%s always equals 0", report.Render(pass, binop)))
+ case token.OR, token.XOR:
+ report.Report(pass, node, fmt.Sprintf("%s always equals %s", report.Render(pass, binop), report.Render(pass, binop.X)))
+ }
+ default:
+ return
+ }
+ }
+ code.Preorder(pass, fn, (*ast.BinaryExpr)(nil))
+ return nil, nil
+}
+
+func isIota(obj types.Object) bool {
+ if obj.Name() != "iota" {
+ return false
+ }
+ c, ok := obj.(*types.Const)
+ if !ok {
+ return false
+ }
+ return c.Pkg() == nil
+}
+
+func CheckNonOctalFileMode(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ call := node.(*ast.CallExpr)
+ sig, ok := pass.TypesInfo.TypeOf(call.Fun).(*types.Signature)
+ if !ok {
+ return
+ }
+ n := sig.Params().Len()
+ for i := 0; i < n; i++ {
+ typ := sig.Params().At(i).Type()
+ if !code.IsType(typ, "os.FileMode") {
+ continue
+ }
+
+ lit, ok := call.Args[i].(*ast.BasicLit)
+ if !ok {
+ continue
+ }
+ if len(lit.Value) == 3 &&
+ lit.Value[0] != '0' &&
+ lit.Value[0] >= '0' && lit.Value[0] <= '7' &&
+ lit.Value[1] >= '0' && lit.Value[1] <= '7' &&
+ lit.Value[2] >= '0' && lit.Value[2] <= '7' {
+
+ v, err := strconv.ParseInt(lit.Value, 10, 64)
+ if err != nil {
+ continue
+ }
+ report.Report(pass, call.Args[i], fmt.Sprintf("file mode '%s' evaluates to %#o; did you mean '0%s'?", lit.Value, v, lit.Value),
+ report.Fixes(edit.Fix("fix octal literal", edit.ReplaceWithString(pass.Fset, call.Args[i], "0"+lit.Value))))
+ }
+ }
+ }
+ code.Preorder(pass, fn, (*ast.CallExpr)(nil))
+ return nil, nil
+}
+
+func CheckPureFunctions(pass *analysis.Pass) (interface{}, error) {
+ pure := pass.ResultOf[facts.Purity].(facts.PurityResult)
+
+fnLoop:
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ if code.IsInTest(pass, fn) {
+ params := fn.Signature.Params()
+ for i := 0; i < params.Len(); i++ {
+ param := params.At(i)
+ if code.IsType(param.Type(), "*testing.B") {
+ // Ignore discarded pure functions in code related
+ // to benchmarks. Instead of matching BenchmarkFoo
+ // functions, we match any function accepting a
+ // *testing.B. Benchmarks sometimes call generic
+ // functions for doing the actual work, and
+ // checking for the parameter is a lot easier and
+ // faster than analyzing call trees.
+ continue fnLoop
+ }
+ }
+ }
+
+ for _, b := range fn.Blocks {
+ for _, ins := range b.Instrs {
+ ins, ok := ins.(*ir.Call)
+ if !ok {
+ continue
+ }
+ refs := ins.Referrers()
+ if refs == nil || len(code.FilterDebug(*refs)) > 0 {
+ continue
+ }
+
+ callee := ins.Common().StaticCallee()
+ if callee == nil {
+ continue
+ }
+ if callee.Object() == nil {
+ // TODO(dh): support anonymous functions
+ continue
+ }
+ if _, ok := pure[callee.Object().(*types.Func)]; ok {
+ if pass.Pkg.Path() == "fmt_test" && callee.Object().(*types.Func).FullName() == "fmt.Sprintf" {
+ // special case for benchmarks in the fmt package
+ continue
+ }
+ report.Report(pass, ins, fmt.Sprintf("%s is a pure function but its return value is ignored", callee.Name()))
+ }
+ }
+ }
+ }
+ return nil, nil
+}
+
+func CheckDeprecated(pass *analysis.Pass) (interface{}, error) {
+ deprs := pass.ResultOf[facts.Deprecated].(facts.DeprecatedResult)
+
+ // Selectors can appear outside of function literals, e.g. when
+ // declaring package level variables.
+
+ var tfn types.Object
+ stack := 0
+ fn := func(node ast.Node, push bool) bool {
+ if !push {
+ stack--
+ return false
+ }
+ stack++
+ if stack == 1 {
+ tfn = nil
+ }
+ if fn, ok := node.(*ast.FuncDecl); ok {
+ tfn = pass.TypesInfo.ObjectOf(fn.Name)
+ }
+ sel, ok := node.(*ast.SelectorExpr)
+ if !ok {
+ return true
+ }
+
+ obj := pass.TypesInfo.ObjectOf(sel.Sel)
+ if obj.Pkg() == nil {
+ return true
+ }
+ if pass.Pkg == obj.Pkg() || obj.Pkg().Path()+"_test" == pass.Pkg.Path() {
+ // Don't flag stuff in our own package
+ return true
+ }
+ if depr, ok := deprs.Objects[obj]; ok {
+ // Look for the first available alternative, not the first
+ // version something was deprecated in. If a function was
+ // deprecated in Go 1.6, an alternative has been available
+ // already in 1.0, and we're targeting 1.2, it still
+ // makes sense to use the alternative from 1.0, to be
+ // future-proof.
+ minVersion := deprecated.Stdlib[code.SelectorName(pass, sel)].AlternativeAvailableSince
+ if !code.IsGoVersion(pass, minVersion) {
+ return true
+ }
+
+ if tfn != nil {
+ if _, ok := deprs.Objects[tfn]; ok {
+ // functions that are deprecated may use deprecated
+ // symbols
+ return true
+ }
+ }
+ report.Report(pass, sel, fmt.Sprintf("%s is deprecated: %s", report.Render(pass, sel), depr.Msg))
+ return true
+ }
+ return true
+ }
+
+ fn2 := func(node ast.Node) {
+ spec := node.(*ast.ImportSpec)
+ var imp *types.Package
+ if spec.Name != nil {
+ imp = pass.TypesInfo.ObjectOf(spec.Name).(*types.PkgName).Imported()
+ } else {
+ imp = pass.TypesInfo.Implicits[spec].(*types.PkgName).Imported()
+ }
+
+ p := spec.Path.Value
+ path := p[1 : len(p)-1]
+ if depr, ok := deprs.Packages[imp]; ok {
+ if path == "github.com/golang/protobuf/proto" {
+ gen, ok := code.Generator(pass, spec.Path.Pos())
+ if ok && gen == facts.ProtocGenGo {
+ return
+ }
+ }
+ report.Report(pass, spec, fmt.Sprintf("package %s is deprecated: %s", path, depr.Msg))
+ }
+ }
+ pass.ResultOf[inspect.Analyzer].(*inspector.Inspector).Nodes(nil, fn)
+ code.Preorder(pass, fn2, (*ast.ImportSpec)(nil))
+ return nil, nil
+}
+
+func callChecker(rules map[string]CallCheck) func(pass *analysis.Pass) (interface{}, error) {
+ return func(pass *analysis.Pass) (interface{}, error) {
+ return checkCalls(pass, rules)
+ }
+}
+
+func checkCalls(pass *analysis.Pass, rules map[string]CallCheck) (interface{}, error) {
+ cb := func(caller *ir.Function, site ir.CallInstruction, callee *ir.Function) {
+ obj, ok := callee.Object().(*types.Func)
+ if !ok {
+ return
+ }
+
+ r, ok := rules[lint.FuncName(obj)]
+ if !ok {
+ return
+ }
+ var args []*Argument
+ irargs := site.Common().Args
+ if callee.Signature.Recv() != nil {
+ irargs = irargs[1:]
+ }
+ for _, arg := range irargs {
+ if iarg, ok := arg.(*ir.MakeInterface); ok {
+ arg = iarg.X
+ }
+ args = append(args, &Argument{Value: Value{arg}})
+ }
+ call := &Call{
+ Pass: pass,
+ Instr: site,
+ Args: args,
+ Parent: site.Parent(),
+ }
+ r(call)
+ path, _ := astutil.PathEnclosingInterval(code.File(pass, site), site.Pos(), site.Pos())
+ var astcall *ast.CallExpr
+ for _, el := range path {
+ if expr, ok := el.(*ast.CallExpr); ok {
+ astcall = expr
+ break
+ }
+ }
+ for idx, arg := range call.Args {
+ for _, e := range arg.invalids {
+ if astcall != nil {
+ report.Report(pass, astcall.Args[idx], e)
+ } else {
+ report.Report(pass, site, e)
+ }
+ }
+ }
+ for _, e := range call.invalids {
+ report.Report(pass, call.Instr, e)
+ }
+ }
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ eachCall(fn, cb)
+ }
+ return nil, nil
+}
+
+func shortCallName(call *ir.CallCommon) string {
+ if call.IsInvoke() {
+ return ""
+ }
+ switch v := call.Value.(type) {
+ case *ir.Function:
+ fn, ok := v.Object().(*types.Func)
+ if !ok {
+ return ""
+ }
+ return fn.Name()
+ case *ir.Builtin:
+ return v.Name()
+ }
+ return ""
+}
+
+func CheckWriterBufferModified(pass *analysis.Pass) (interface{}, error) {
+ // TODO(dh): this might be a good candidate for taint analysis.
+ // Taint the argument as MUST_NOT_MODIFY, then propagate that
+ // through functions like bytes.Split
+
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ sig := fn.Signature
+ if fn.Name() != "Write" || sig.Recv() == nil || sig.Params().Len() != 1 || sig.Results().Len() != 2 {
+ continue
+ }
+ tArg, ok := sig.Params().At(0).Type().(*types.Slice)
+ if !ok {
+ continue
+ }
+ if basic, ok := tArg.Elem().(*types.Basic); !ok || basic.Kind() != types.Byte {
+ continue
+ }
+ if basic, ok := sig.Results().At(0).Type().(*types.Basic); !ok || basic.Kind() != types.Int {
+ continue
+ }
+ if named, ok := sig.Results().At(1).Type().(*types.Named); !ok || !code.IsType(named, "error") {
+ continue
+ }
+
+ for _, block := range fn.Blocks {
+ for _, ins := range block.Instrs {
+ switch ins := ins.(type) {
+ case *ir.Store:
+ addr, ok := ins.Addr.(*ir.IndexAddr)
+ if !ok {
+ continue
+ }
+ if addr.X != fn.Params[1] {
+ continue
+ }
+ report.Report(pass, ins, "io.Writer.Write must not modify the provided buffer, not even temporarily")
+ case *ir.Call:
+ if !code.IsCallTo(ins.Common(), "append") {
+ continue
+ }
+ if ins.Common().Args[0] != fn.Params[1] {
+ continue
+ }
+ report.Report(pass, ins, "io.Writer.Write must not modify the provided buffer, not even temporarily")
+ }
+ }
+ }
+ }
+ return nil, nil
+}
+
+func loopedRegexp(name string) CallCheck {
+ return func(call *Call) {
+ if len(extractConsts(call.Args[0].Value.Value)) == 0 {
+ return
+ }
+ if !isInLoop(call.Instr.Block()) {
+ return
+ }
+ call.Invalid(fmt.Sprintf("calling %s in a loop has poor performance, consider using regexp.Compile", name))
+ }
+}
+
+func CheckEmptyBranch(pass *analysis.Pass) (interface{}, error) {
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ if fn.Source() == nil {
+ continue
+ }
+ if code.IsExample(fn) {
+ continue
+ }
+ cb := func(node ast.Node) bool {
+ ifstmt, ok := node.(*ast.IfStmt)
+ if !ok {
+ return true
+ }
+ if ifstmt.Else != nil {
+ b, ok := ifstmt.Else.(*ast.BlockStmt)
+ if !ok || len(b.List) != 0 {
+ return true
+ }
+ report.Report(pass, ifstmt.Else, "empty branch", report.FilterGenerated(), report.ShortRange())
+ }
+ if len(ifstmt.Body.List) != 0 {
+ return true
+ }
+ report.Report(pass, ifstmt, "empty branch", report.FilterGenerated(), report.ShortRange())
+ return true
+ }
+ Inspect(fn.Source(), cb)
+ }
+ return nil, nil
+}
+
+func CheckMapBytesKey(pass *analysis.Pass) (interface{}, error) {
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ for _, b := range fn.Blocks {
+ insLoop:
+ for _, ins := range b.Instrs {
+ // find []byte -> string conversions
+ conv, ok := ins.(*ir.Convert)
+ if !ok || conv.Type() != types.Universe.Lookup("string").Type() {
+ continue
+ }
+ if s, ok := conv.X.Type().(*types.Slice); !ok || s.Elem() != types.Universe.Lookup("byte").Type() {
+ continue
+ }
+ refs := conv.Referrers()
+ // need at least two (DebugRef) references: the
+ // conversion and the *ast.Ident
+ if refs == nil || len(*refs) < 2 {
+ continue
+ }
+ ident := false
+ // skip first reference, that's the conversion itself
+ for _, ref := range (*refs)[1:] {
+ switch ref := ref.(type) {
+ case *ir.DebugRef:
+ if _, ok := ref.Expr.(*ast.Ident); !ok {
+ // the string seems to be used somewhere
+ // unexpected; the default branch should
+ // catch this already, but be safe
+ continue insLoop
+ } else {
+ ident = true
+ }
+ case *ir.MapLookup:
+ default:
+ // the string is used somewhere else than a
+ // map lookup
+ continue insLoop
+ }
+ }
+
+ // the result of the conversion wasn't assigned to an
+ // identifier
+ if !ident {
+ continue
+ }
+ report.Report(pass, conv, "m[string(key)] would be more efficient than k := string(key); m[k]")
+ }
+ }
+ }
+ return nil, nil
+}
+
+func CheckRangeStringRunes(pass *analysis.Pass) (interface{}, error) {
+ return sharedcheck.CheckRangeStringRunes(pass)
+}
+
+func CheckSelfAssignment(pass *analysis.Pass) (interface{}, error) {
+ pure := pass.ResultOf[facts.Purity].(facts.PurityResult)
+
+ fn := func(node ast.Node) {
+ assign := node.(*ast.AssignStmt)
+ if assign.Tok != token.ASSIGN || len(assign.Lhs) != len(assign.Rhs) {
+ return
+ }
+ for i, lhs := range assign.Lhs {
+ rhs := assign.Rhs[i]
+ if reflect.TypeOf(lhs) != reflect.TypeOf(rhs) {
+ continue
+ }
+ if code.MayHaveSideEffects(pass, lhs, pure) || code.MayHaveSideEffects(pass, rhs, pure) {
+ continue
+ }
+
+ rlh := report.Render(pass, lhs)
+ rrh := report.Render(pass, rhs)
+ if rlh == rrh {
+ report.Report(pass, assign, fmt.Sprintf("self-assignment of %s to %s", rrh, rlh), report.FilterGenerated())
+ }
+ }
+ }
+ code.Preorder(pass, fn, (*ast.AssignStmt)(nil))
+ return nil, nil
+}
+
+func buildTagsIdentical(s1, s2 []string) bool {
+ if len(s1) != len(s2) {
+ return false
+ }
+ s1s := make([]string, len(s1))
+ copy(s1s, s1)
+ sort.Strings(s1s)
+ s2s := make([]string, len(s2))
+ copy(s2s, s2)
+ sort.Strings(s2s)
+ for i, s := range s1s {
+ if s != s2s[i] {
+ return false
+ }
+ }
+ return true
+}
+
+func CheckDuplicateBuildConstraints(pass *analysis.Pass) (interface{}, error) {
+ for _, f := range pass.Files {
+ constraints := buildTags(f)
+ for i, constraint1 := range constraints {
+ for j, constraint2 := range constraints {
+ if i >= j {
+ continue
+ }
+ if buildTagsIdentical(constraint1, constraint2) {
+ msg := fmt.Sprintf("identical build constraints %q and %q",
+ strings.Join(constraint1, " "),
+ strings.Join(constraint2, " "))
+ report.Report(pass, f, msg, report.FilterGenerated(), report.ShortRange())
+ }
+ }
+ }
+ }
+ return nil, nil
+}
+
+func CheckSillyRegexp(pass *analysis.Pass) (interface{}, error) {
+ // We could use the rule checking engine for this, but the
+ // arguments aren't really invalid.
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ for _, b := range fn.Blocks {
+ for _, ins := range b.Instrs {
+ call, ok := ins.(*ir.Call)
+ if !ok {
+ continue
+ }
+ if !code.IsCallToAny(call.Common(), "regexp.MustCompile", "regexp.Compile", "regexp.Match", "regexp.MatchReader", "regexp.MatchString") {
+ continue
+ }
+ c, ok := call.Common().Args[0].(*ir.Const)
+ if !ok {
+ continue
+ }
+ s := constant.StringVal(c.Value)
+ re, err := syntax.Parse(s, 0)
+ if err != nil {
+ continue
+ }
+ if re.Op != syntax.OpLiteral && re.Op != syntax.OpEmptyMatch {
+ continue
+ }
+ report.Report(pass, call, "regular expression does not contain any meta characters")
+ }
+ }
+ }
+ return nil, nil
+}
+
+func CheckMissingEnumTypesInDeclaration(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ decl := node.(*ast.GenDecl)
+ if !decl.Lparen.IsValid() {
+ return
+ }
+ if decl.Tok != token.CONST {
+ return
+ }
+
+ groups := code.GroupSpecs(pass.Fset, decl.Specs)
+ groupLoop:
+ for _, group := range groups {
+ if len(group) < 2 {
+ continue
+ }
+ if group[0].(*ast.ValueSpec).Type == nil {
+ // first constant doesn't have a type
+ continue groupLoop
+ }
+ for i, spec := range group {
+ spec := spec.(*ast.ValueSpec)
+ if len(spec.Names) != 1 || len(spec.Values) != 1 {
+ continue groupLoop
+ }
+ switch v := spec.Values[0].(type) {
+ case *ast.BasicLit:
+ case *ast.UnaryExpr:
+ if _, ok := v.X.(*ast.BasicLit); !ok {
+ continue groupLoop
+ }
+ default:
+ // if it's not a literal it might be typed, such as
+ // time.Microsecond = 1000 * Nanosecond
+ continue groupLoop
+ }
+ if i == 0 {
+ continue
+ }
+ if spec.Type != nil {
+ continue groupLoop
+ }
+ }
+ var edits []analysis.TextEdit
+ typ := group[0].(*ast.ValueSpec).Type
+ for _, spec := range group[1:] {
+ nspec := *spec.(*ast.ValueSpec)
+ nspec.Type = typ
+ edits = append(edits, edit.ReplaceWithNode(pass.Fset, spec, &nspec))
+ }
+ report.Report(pass, group[0], "only the first constant in this group has an explicit type", report.Fixes(edit.Fix("add type to all constants in group", edits...)))
+ }
+ }
+ code.Preorder(pass, fn, (*ast.GenDecl)(nil))
+ return nil, nil
+}
+
+func CheckTimerResetReturnValue(pass *analysis.Pass) (interface{}, error) {
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ for _, block := range fn.Blocks {
+ for _, ins := range block.Instrs {
+ call, ok := ins.(*ir.Call)
+ if !ok {
+ continue
+ }
+ if !code.IsCallTo(call.Common(), "(*time.Timer).Reset") {
+ continue
+ }
+ refs := call.Referrers()
+ if refs == nil {
+ continue
+ }
+ for _, ref := range code.FilterDebug(*refs) {
+ ifstmt, ok := ref.(*ir.If)
+ if !ok {
+ continue
+ }
+
+ found := false
+ for _, succ := range ifstmt.Block().Succs {
+ if len(succ.Preds) != 1 {
+ // Merge point, not a branch in the
+ // syntactical sense.
+
+ // FIXME(dh): this is broken for if
+ // statements a la "if x || y"
+ continue
+ }
+ irutil.Walk(succ, func(b *ir.BasicBlock) bool {
+ if !succ.Dominates(b) {
+ // We've reached the end of the branch
+ return false
+ }
+ for _, ins := range b.Instrs {
+ // TODO(dh): we should check that
+ // we're receiving from the channel of
+ // a time.Timer to further reduce
+ // false positives. Not a key
+ // priority, considering the rarity of
+ // Reset and the tiny likeliness of a
+ // false positive
+ if ins, ok := ins.(*ir.Recv); ok && code.IsType(ins.Chan.Type(), "<-chan time.Time") {
+ found = true
+ return false
+ }
+ }
+ return true
+ })
+ }
+
+ if found {
+ report.Report(pass, call, "it is not possible to use Reset's return value correctly, as there is a race condition between draining the channel and the new timer expiring")
+ }
+ }
+ }
+ }
+ }
+ return nil, nil
+}
+
+var (
+ checkToLowerToUpperComparisonQ = pattern.MustParse(`
+ (BinaryExpr
+ (CallExpr fun@(Function (Or "strings.ToLower" "strings.ToUpper")) [a])
+ tok@(Or "==" "!=")
+ (CallExpr fun [b]))`)
+ checkToLowerToUpperComparisonR = pattern.MustParse(`(CallExpr (SelectorExpr (Ident "strings") (Ident "EqualFold")) [a b])`)
+)
+
+func CheckToLowerToUpperComparison(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ m, ok := Match(pass, checkToLowerToUpperComparisonQ, node)
+ if !ok {
+ return
+ }
+ rn := pattern.NodeToAST(checkToLowerToUpperComparisonR.Root, m.State).(ast.Expr)
+ if m.State["tok"].(token.Token) == token.NEQ {
+ rn = &ast.UnaryExpr{
+ Op: token.NOT,
+ X: rn,
+ }
+ }
+
+ report.Report(pass, node, "should use strings.EqualFold instead", report.Fixes(edit.Fix("replace with strings.EqualFold", edit.ReplaceWithNode(pass.Fset, node, rn))))
+ }
+
+ code.Preorder(pass, fn, (*ast.BinaryExpr)(nil))
+ return nil, nil
+}
+
+func CheckUnreachableTypeCases(pass *analysis.Pass) (interface{}, error) {
+ // Check if T subsumes V in a type switch. T subsumes V if T is an interface and T's method set is a subset of V's method set.
+ subsumes := func(T, V types.Type) bool {
+ tIface, ok := T.Underlying().(*types.Interface)
+ if !ok {
+ return false
+ }
+
+ return types.Implements(V, tIface)
+ }
+
+ subsumesAny := func(Ts, Vs []types.Type) (types.Type, types.Type, bool) {
+ for _, T := range Ts {
+ for _, V := range Vs {
+ if subsumes(T, V) {
+ return T, V, true
+ }
+ }
+ }
+
+ return nil, nil, false
+ }
+
+ fn := func(node ast.Node) {
+ tsStmt := node.(*ast.TypeSwitchStmt)
+
+ type ccAndTypes struct {
+ cc *ast.CaseClause
+ types []types.Type
+ }
+
+ // All asserted types in the order of case clauses.
+ ccs := make([]ccAndTypes, 0, len(tsStmt.Body.List))
+ for _, stmt := range tsStmt.Body.List {
+ cc, _ := stmt.(*ast.CaseClause)
+
+ // Exclude the 'default' case.
+ if len(cc.List) == 0 {
+ continue
+ }
+
+ Ts := make([]types.Type, len(cc.List))
+ for i, expr := range cc.List {
+ Ts[i] = pass.TypesInfo.TypeOf(expr)
+ }
+
+ ccs = append(ccs, ccAndTypes{cc: cc, types: Ts})
+ }
+
+ if len(ccs) <= 1 {
+ // Zero or one case clauses, nothing to check.
+ return
+ }
+
+ // Check if case clauses following cc have types that are subsumed by cc.
+ for i, cc := range ccs[:len(ccs)-1] {
+ for _, next := range ccs[i+1:] {
+ if T, V, yes := subsumesAny(cc.types, next.types); yes {
+ report.Report(pass, next.cc, fmt.Sprintf("unreachable case clause: %s will always match before %s", T.String(), V.String()),
+ report.ShortRange())
+ }
+ }
+ }
+ }
+
+ code.Preorder(pass, fn, (*ast.TypeSwitchStmt)(nil))
+ return nil, nil
+}
+
+var checkSingleArgAppendQ = pattern.MustParse(`(CallExpr (Builtin "append") [_])`)
+
+func CheckSingleArgAppend(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ _, ok := Match(pass, checkSingleArgAppendQ, node)
+ if !ok {
+ return
+ }
+ report.Report(pass, node, "x = append(y) is equivalent to x = y", report.FilterGenerated())
+ }
+ code.Preorder(pass, fn, (*ast.CallExpr)(nil))
+ return nil, nil
+}
+
+func CheckStructTags(pass *analysis.Pass) (interface{}, error) {
+ importsGoFlags := false
+
+ // we use the AST instead of (*types.Package).Imports to work
+ // around vendored packages in GOPATH mode. A vendored package's
+ // path will include the vendoring subtree as a prefix.
+ for _, f := range pass.Files {
+ for _, imp := range f.Imports {
+ v := imp.Path.Value
+ if v[1:len(v)-1] == "github.com/jessevdk/go-flags" {
+ importsGoFlags = true
+ break
+ }
+ }
+ }
+
+ fn := func(node ast.Node) {
+ for _, field := range node.(*ast.StructType).Fields.List {
+ if field.Tag == nil {
+ continue
+ }
+ tags, err := parseStructTag(field.Tag.Value[1 : len(field.Tag.Value)-1])
+ if err != nil {
+ report.Report(pass, field.Tag, fmt.Sprintf("unparseable struct tag: %s", err))
+ continue
+ }
+ for k, v := range tags {
+ if len(v) > 1 {
+ isGoFlagsTag := importsGoFlags &&
+ (k == "choice" || k == "optional-value" || k == "default")
+ if !isGoFlagsTag {
+ report.Report(pass, field.Tag, fmt.Sprintf("duplicate struct tag %q", k))
+ }
+ }
+
+ switch k {
+ case "json":
+ checkJSONTag(pass, field, v[0])
+ case "xml":
+ checkXMLTag(pass, field, v[0])
+ }
+ }
+ }
+ }
+ code.Preorder(pass, fn, (*ast.StructType)(nil))
+ return nil, nil
+}
+
+func checkJSONTag(pass *analysis.Pass, field *ast.Field, tag string) {
+ if pass.Pkg.Path() == "encoding/json" || pass.Pkg.Path() == "encoding/json_test" {
+ // don't flag malformed JSON tags in the encoding/json
+ // package; it knows what it is doing, and it is testing
+ // itself.
+ return
+ }
+ //lint:ignore SA9003 TODO(dh): should we flag empty tags?
+ if len(tag) == 0 {
+ }
+ fields := strings.Split(tag, ",")
+ for _, r := range fields[0] {
+ if !unicode.IsLetter(r) && !unicode.IsDigit(r) && !strings.ContainsRune("!#$%&()*+-./:<=>?@[]^_{|}~ ", r) {
+ report.Report(pass, field.Tag, fmt.Sprintf("invalid JSON field name %q", fields[0]))
+ }
+ }
+ var co, cs, ci int
+ for _, s := range fields[1:] {
+ switch s {
+ case "omitempty":
+ co++
+ case "":
+ // allow stuff like "-,"
+ case "string":
+ cs++
+ // only for string, floating point, integer and bool
+ T := code.Dereference(pass.TypesInfo.TypeOf(field.Type).Underlying()).Underlying()
+ basic, ok := T.(*types.Basic)
+ if !ok || (basic.Info()&(types.IsBoolean|types.IsInteger|types.IsFloat|types.IsString)) == 0 {
+ report.Report(pass, field.Tag, "the JSON string option only applies to fields of type string, floating point, integer or bool, or pointers to those")
+ }
+ case "inline":
+ ci++
+ default:
+ report.Report(pass, field.Tag, fmt.Sprintf("unknown JSON option %q", s))
+ }
+ }
+ if co > 1 {
+ report.Report(pass, field.Tag, `duplicate JSON option "omitempty"`)
+ }
+ if cs > 1 {
+ report.Report(pass, field.Tag, `duplicate JSON option "string"`)
+ }
+ if ci > 1 {
+ report.Report(pass, field.Tag, `duplicate JSON option "inline"`)
+ }
+}
+
+func checkXMLTag(pass *analysis.Pass, field *ast.Field, tag string) {
+ //lint:ignore SA9003 TODO(dh): should we flag empty tags?
+ if len(tag) == 0 {
+ }
+ fields := strings.Split(tag, ",")
+ counts := map[string]int{}
+ var exclusives []string
+ for _, s := range fields[1:] {
+ switch s {
+ case "attr", "chardata", "cdata", "innerxml", "comment":
+ counts[s]++
+ if counts[s] == 1 {
+ exclusives = append(exclusives, s)
+ }
+ case "omitempty", "any":
+ counts[s]++
+ case "":
+ default:
+ report.Report(pass, field.Tag, fmt.Sprintf("unknown XML option %q", s))
+ }
+ }
+ for k, v := range counts {
+ if v > 1 {
+ report.Report(pass, field.Tag, fmt.Sprintf("duplicate XML option %q", k))
+ }
+ }
+ if len(exclusives) > 1 {
+ report.Report(pass, field.Tag, fmt.Sprintf("XML options %s are mutually exclusive", strings.Join(exclusives, " and ")))
+ }
+}
+
+func CheckImpossibleTypeAssertion(pass *analysis.Pass) (interface{}, error) {
+ type entry struct {
+ l, r *types.Func
+ }
+
+ msc := &pass.ResultOf[buildir.Analyzer].(*buildir.IR).Pkg.Prog.MethodSets
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ for _, b := range fn.Blocks {
+ for _, instr := range b.Instrs {
+ assert, ok := instr.(*ir.TypeAssert)
+ if !ok {
+ continue
+ }
+ var wrong []entry
+ left := assert.X.Type()
+ right := assert.AssertedType
+ righti, ok := right.Underlying().(*types.Interface)
+
+ if !ok {
+ // We only care about interface->interface
+ // assertions. The Go compiler already catches
+ // impossible interface->concrete assertions.
+ continue
+ }
+
+ ms := msc.MethodSet(left)
+ for i := 0; i < righti.NumMethods(); i++ {
+ mr := righti.Method(i)
+ sel := ms.Lookup(mr.Pkg(), mr.Name())
+ if sel == nil {
+ continue
+ }
+ ml := sel.Obj().(*types.Func)
+ if types.AssignableTo(ml.Type(), mr.Type()) {
+ continue
+ }
+
+ wrong = append(wrong, entry{ml, mr})
+ }
+
+ if len(wrong) != 0 {
+ s := fmt.Sprintf("impossible type assertion; %s and %s contradict each other:",
+ types.TypeString(left, types.RelativeTo(pass.Pkg)),
+ types.TypeString(right, types.RelativeTo(pass.Pkg)))
+ for _, e := range wrong {
+ s += fmt.Sprintf("\n\twrong type for %s method", e.l.Name())
+ s += fmt.Sprintf("\n\t\thave %s", e.l.Type())
+ s += fmt.Sprintf("\n\t\twant %s", e.r.Type())
+ }
+ report.Report(pass, assert, s)
+ }
+ }
+ }
+ }
+ return nil, nil
+}
+
+func checkWithValueKey(call *Call) {
+ arg := call.Args[1]
+ T := arg.Value.Value.Type()
+ if T, ok := T.(*types.Basic); ok {
+ arg.Invalid(
+ fmt.Sprintf("should not use built-in type %s as key for value; define your own type to avoid collisions", T))
+ }
+ if !types.Comparable(T) {
+ arg.Invalid(fmt.Sprintf("keys used with context.WithValue must be comparable, but type %s is not comparable", T))
+ }
+}
+
+func CheckMaybeNil(pass *analysis.Pass) (interface{}, error) {
+ // This is an extremely trivial check that doesn't try to reason
+ // about control flow. That is, phis and sigmas do not propagate
+ // any information. As such, we can flag this:
+ //
+ // _ = *x
+ // if x == nil { return }
+ //
+ // but we cannot flag this:
+ //
+ // if x == nil { println(x) }
+ // _ = *x
+ //
+ // nor many other variations of conditional uses of or assignments to x.
+ //
+ // However, even this trivial implementation finds plenty of
+ // real-world bugs, such as dereference before nil pointer check,
+ // or using t.Error instead of t.Fatal when encountering nil
+ // pointers.
+ //
+ // On the flip side, our naive implementation avoids false positives in branches, such as
+ //
+ // if x != nil { _ = *x }
+ //
+ // due to the same lack of propagating information through sigma
+ // nodes. x inside the branch will be independent of the x in the
+ // nil pointer check.
+ //
+ //
+ // We could implement a more powerful check, but then we'd be
+ // getting false positives instead of false negatives because
+ // we're incapable of deducing relationships between variables.
+ // For example, a function might return a pointer and an error,
+ // and the error being nil guarantees that the pointer is not nil.
+ // Depending on the surrounding code, the pointer may still end up
+ // being checked against nil in one place, and guarded by a check
+ // on the error in another, which would lead to us marking some
+ // loads as unsafe.
+ //
+ // Unfortunately, simply hard-coding the relationship between
+ // return values wouldn't eliminate all false positives, either.
+ // Many other more subtle relationships exist. An abridged example
+ // from real code:
+ //
+ // if a == nil && b == nil { return }
+ // c := fn(a)
+ // if c != "" { _ = *a }
+ //
+ // where `fn` is guaranteed to return a non-empty string if a
+ // isn't nil.
+ //
+ // We choose to err on the side of false negatives.
+
+ isNilConst := func(v ir.Value) bool {
+ if code.IsPointerLike(v.Type()) {
+ if k, ok := v.(*ir.Const); ok {
+ return k.IsNil()
+ }
+ }
+ return false
+ }
+
+ for _, fn := range pass.ResultOf[buildir.Analyzer].(*buildir.IR).SrcFuncs {
+ maybeNil := map[ir.Value]ir.Instruction{}
+ for _, b := range fn.Blocks {
+ for _, instr := range b.Instrs {
+ if instr, ok := instr.(*ir.BinOp); ok {
+ var ptr ir.Value
+ if isNilConst(instr.X) {
+ ptr = instr.Y
+ } else if isNilConst(instr.Y) {
+ ptr = instr.X
+ }
+ maybeNil[ptr] = instr
+ }
+ }
+ }
+
+ for _, b := range fn.Blocks {
+ for _, instr := range b.Instrs {
+ var ptr ir.Value
+ switch instr := instr.(type) {
+ case *ir.Load:
+ ptr = instr.X
+ case *ir.Store:
+ ptr = instr.Addr
+ case *ir.IndexAddr:
+ ptr = instr.X
+ case *ir.FieldAddr:
+ ptr = instr.X
+ }
+ if ptr != nil {
+ switch ptr.(type) {
+ case *ir.Alloc, *ir.FieldAddr, *ir.IndexAddr:
+ // these cannot be nil
+ continue
+ }
+ if r, ok := maybeNil[ptr]; ok {
+ report.Report(pass, instr, "possible nil pointer dereference",
+ report.Related(r, "this check suggests that the pointer can be nil"))
+ }
+ }
+ }
+ }
+ }
+
+ return nil, nil
+}
+
+var checkAddressIsNilQ = pattern.MustParse(
+ `(BinaryExpr
+ (UnaryExpr "&" _)
+ (Or "==" "!=")
+ (Builtin "nil"))`)
+
+func CheckAddressIsNil(pass *analysis.Pass) (interface{}, error) {
+ fn := func(node ast.Node) {
+ _, ok := Match(pass, checkAddressIsNilQ, node)
+ if !ok {
+ return
+ }
+ report.Report(pass, node, "the address of a variable cannot be nil")
+ }
+ code.Preorder(pass, fn, (*ast.BinaryExpr)(nil))
+ return nil, nil
+}