#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"

Public Member Functions
	CheckerContext (NodeBuilder &builder, ExprEngine &eng, ExplodedNode *pred, const ProgramPoint &loc, bool wasInlined=false)
AnalysisManager &	getAnalysisManager ()
const AnalysisManager &	getAnalysisManager () const
ConstraintManager &	getConstraintManager ()
const ConstraintManager &	getConstraintManager () const
StoreManager &	getStoreManager ()
const StoreManager &	getStoreManager () const
ExplodedNode *	getPredecessor ()
	Returns the previous node in the exploded graph, which includes the state of the program before the checker ran.
const ExplodedNode *	getPredecessor () const
const ProgramPoint	getLocation () const
const ProgramStateRef &	getState () const
bool	isDifferent ()
	Check if the checker changed the state of the execution; ex: added a new transition or a bug report.
bool	isDifferent () const
unsigned	blockCount () const
	Returns the number of times the current block has been visited along the analyzed path.
ASTContext &	getASTContext ()
const ASTContext &	getASTContext () const
const LangOptions &	getLangOpts () const
const LocationContext *	getLocationContext () const
const StackFrameContext *	getStackFrame () const
bool	inTopFrame () const
	Return true if the current LocationContext has no caller context.
BugReporter &	getBugReporter ()
const BugReporter &	getBugReporter () const
const SourceManager &	getSourceManager ()
const SourceManager &	getSourceManager () const
Preprocessor &	getPreprocessor ()
const Preprocessor &	getPreprocessor () const
SValBuilder &	getSValBuilder ()
const SValBuilder &	getSValBuilder () const
SymbolManager &	getSymbolManager ()
const SymbolManager &	getSymbolManager () const
ProgramStateManager &	getStateManager ()
const ProgramStateManager &	getStateManager () const
AnalysisDeclContext *	getCurrentAnalysisDeclContext () const
unsigned	getBlockID () const
	Get the blockID.
SVal	getSVal (const Stmt *S) const
	Get the value of arbitrary expressions at this point in the path.
ConstCFGElementRef	getCFGElementRef () const
bool	isGreaterOrEqual (const Expr *E, unsigned long long Val)
	Returns true if the value of `E` is greater than or equal to `Val` under unsigned comparison.
bool	isNegative (const Expr *E)
	Returns true if the value of `E` is negative.
ExplodedNode *	addTransition (ProgramStateRef State=nullptr, const ProgramPointTag *Tag=nullptr)
	Generates a new transition in the program state graph (ExplodedGraph).
ExplodedNode *	addTransition (ProgramStateRef State, ExplodedNode Pred, const ProgramPointTag Tag=nullptr)
	Generates a new transition with the given predecessor.
ExplodedNode *	generateSink (ProgramStateRef State, ExplodedNode Pred, const ProgramPointTag Tag=nullptr)
	Generate a sink node.
void	addSink (ProgramStateRef State=nullptr, const ProgramPointTag *Tag=nullptr)
	Add a sink node to the current path of execution, halting analysis.
ExplodedNode *	generateErrorNode (ProgramStateRef State=nullptr, const ProgramPointTag *Tag=nullptr)
	Generate a transition to a node that will be used to report an error.
ExplodedNode *	generateErrorNode (ProgramStateRef State, ExplodedNode Pred, const ProgramPointTag Tag=nullptr)
	Generate a transition to a node that will be used to report an error.
ExplodedNode *	generateNonFatalErrorNode (ProgramStateRef State=nullptr, const ProgramPointTag *Tag=nullptr)
	Generate a transition to a node that will be used to report an error.
ExplodedNode *	generateNonFatalErrorNode (ProgramStateRef State, ExplodedNode Pred, const ProgramPointTag Tag=nullptr)
	Generate a transition to a node that will be used to report an error.
void	emitReport (std::unique_ptr< BugReport > R)
	Emit the diagnostics report.
LLVM_ATTRIBUTE_RETURNS_NONNULL const NoteTag *	getNoteTag (NoteTag::Callback &&Cb, bool IsPrunable=false)
	Produce a program point tag that displays an additional path note to the user.
const NoteTag *	getNoteTag (std::function< std::string(PathSensitiveBugReport &)> &&Cb, bool IsPrunable=false)
	A shorthand version of getNoteTag that doesn't require you to accept the 'BugReporterContext' argument when you don't need it.
const NoteTag *	getNoteTag (std::function< std::string()> &&Cb, bool IsPrunable=false)
	A shorthand version of getNoteTag that doesn't require you to accept the arguments when you don't need it.
const NoteTag *	getNoteTag (StringRef Note, bool IsPrunable=false)
	A shorthand version of getNoteTag that accepts a plain note.
const NoteTag *	getNoteTag (std::function< void(PathSensitiveBugReport &BR, llvm::raw_ostream &OS)> &&Cb, bool IsPrunable=false)
	A shorthand version of getNoteTag that accepts a lambda with stream for note.
StringRef	getDeclDescription (const Decl *D)
	Returns the word that should be used to refer to the declaration in the report.
const FunctionDecl *	getCalleeDecl (const CallExpr *CE) const
	Get the declaration of the called function (path-sensitive).
StringRef	getCalleeName (const FunctionDecl *FunDecl) const
	Get the name of the called function (path-sensitive).
const IdentifierInfo *	getCalleeIdentifier (const CallExpr *CE) const
	Get the identifier of the called function (path-sensitive).
StringRef	getCalleeName (const CallExpr *CE) const
	Get the name of the called function (path-sensitive).
StringRef	getMacroNameOrSpelling (SourceLocation &Loc)
	Depending on whether the location corresponds to a macro, return either the macro name or the token spelling.

Static Public Member Functions
static const MemRegion *	getLocationRegionIfPostStore (const ExplodedNode *N)
	If the given node corresponds to a PostStore program point, retrieve the location region as it was uttered in the code.
static bool	isCLibraryFunction (const FunctionDecl *FD, StringRef Name=StringRef())
	Returns true if the given function is an externally-visible function in the top-level namespace, such as `malloc`.
static bool	isHardenedVariantOf (const FunctionDecl *FD, StringRef Name)
	In builds that use source hardening (-D_FORTIFY_SOURCE), many standard functions are implemented as macros that expand to calls of hardened functions that take additional arguments compared to the "usual" variant and perform additional input validation.

Public Attributes
const bool	wasInlined
	If we are post visiting a call, this flag will be set if the call was inlined.

Detailed Description

Definition at line 24 of file CheckerContext.h.

Constructor & Destructor Documentation

◆ CheckerContext()

clang::ento::CheckerContext::CheckerContext	(	NodeBuilder &	builder,
		ExprEngine &	eng,
		ExplodedNode *	pred,
		const ProgramPoint &	loc,
		bool	wasInlined = false )

inline

Definition at line 41 of file CheckerContext.h.

References false, and wasInlined.

Member Function Documentation

◆ addSink()

void clang::ento::CheckerContext::addSink	(	ProgramStateRef	State = nullptr,
		const ProgramPointTag *	Tag = nullptr )

inline

Add a sink node to the current path of execution, halting analysis.

Definition at line 229 of file CheckerContext.h.

References addTransition(), generateSink(), getPredecessor(), and getState().

◆ addTransition() [1/2]

ExplodedNode * clang::ento::CheckerContext::addTransition	(	ProgramStateRef	State,
		ExplodedNode *	Pred,
		const ProgramPointTag *	Tag = nullptr )

inline

Generates a new transition with the given predecessor.

Allows checkers to generate a chain of nodes.

Parameters

State	The state of the generated node.
Pred	The transition will be generated from the specified Pred node to the newly generated node.
Tag	The tag to uniquely identify the creation site. NOTE: If the State is unchanged and the Tag is nullptr, this may return a node which is not tagged (instead of using the default tag corresponding to the active checker). This is arguably a bug and should be fixed.

Definition at line 215 of file CheckerContext.h.

◆ addTransition() [2/2]

ExplodedNode * clang::ento::CheckerContext::addTransition	(	ProgramStateRef	State = nullptr,
		const ProgramPointTag *	Tag = nullptr )

inline

Generates a new transition in the program state graph (ExplodedGraph).

Uses the default CheckerContext predecessor node.

Parameters

State The state of the generated node. If not specified, the state will not be changed, but the new node will have the checker's tag.

Tag The tag is used to uniquely identify the creation site. If no tag is specified, a default tag, unique to the given checker, will be used. Tags are used to prevent states generated at different sites from caching out. NOTE: If the State is unchanged and the Tag is nullptr, this may return a node which is not tagged (instead of using the default tag corresponding to the active checker). This is arguably a bug and should be fixed.

Definition at line 200 of file CheckerContext.h.

References getState().

Referenced by addSink(), clang::ento::retaincountchecker::RetainCountChecker::checkBeginFunction(), clang::ento::mpi::MPIChecker::checkDoubleNonblocking(), clang::ento::mpi::MPIChecker::checkMissingWaits(), clang::ento::mpi::MPIChecker::checkUnmatchedWaits(), generateNonFatalErrorNode(), generateNonFatalErrorNode(), and clang::ento::retaincountchecker::RetainCountChecker::processLeaks().

◆ blockCount()

unsigned clang::ento::CheckerContext::blockCount ( ) const

inline

Returns the number of times the current block has been visited along the analyzed path.

Definition at line 92 of file CheckerContext.h.

◆ emitReport()

void clang::ento::CheckerContext::emitReport ( std::unique_ptr< BugReport > R )

inline

Emit the diagnostics report.

Definition at line 295 of file CheckerContext.h.

Referenced by clang::ento::retaincountchecker::RetainCountChecker::handleAutoreleaseCounts(), and clang::ento::retaincountchecker::RetainCountChecker::processLeaks().

◆ generateErrorNode() [1/2]

ExplodedNode * clang::ento::CheckerContext::generateErrorNode	(	ProgramStateRef	State,
		ExplodedNode *	Pred,
		const ProgramPointTag *	Tag = nullptr )

inline

Generate a transition to a node that will be used to report an error.

This node will be a sink. That is, it will stop exploration of the given path.

Parameters

State	The state of the generated node.
Pred	The transition will be generated from the specified Pred node to the newly generated node.
Tag	The tag to uniquely identify the creation site. If null, the default tag for the checker will be used.

Definition at line 258 of file CheckerContext.h.

References generateSink().

◆ generateErrorNode() [2/2]

ExplodedNode * clang::ento::CheckerContext::generateErrorNode	(	ProgramStateRef	State = nullptr,
		const ProgramPointTag *	Tag = nullptr )

inline

Generate a transition to a node that will be used to report an error.

This node will be a sink. That is, it will stop exploration of the given path.

Parameters

State	The state of the generated node.
Tag	The tag to uniquely identify the creation site. If null, the default tag for the checker will be used.

Definition at line 243 of file CheckerContext.h.

References generateSink().

◆ generateNonFatalErrorNode() [1/2]

ExplodedNode * clang::ento::CheckerContext::generateNonFatalErrorNode	(	ProgramStateRef	State,
		ExplodedNode *	Pred,
		const ProgramPointTag *	Tag = nullptr )

inline

Generate a transition to a node that will be used to report an error.

This node will not be a sink. That is, exploration will continue along this path.

Parameters

State	The state of the generated node.
Pred	The transition will be generated from the specified Pred node to the newly generated node.
Tag	The tag to uniquely identify the creation site. If null, the default tag for the checker will be used.

Definition at line 288 of file CheckerContext.h.

References addTransition().

◆ generateNonFatalErrorNode() [2/2]

ExplodedNode * clang::ento::CheckerContext::generateNonFatalErrorNode	(	ProgramStateRef	State = nullptr,
		const ProgramPointTag *	Tag = nullptr )

inline

Generate a transition to a node that will be used to report an error.

This node will not be a sink. That is, exploration will continue along this path.

Parameters

State	The state of the generated node.
Tag	The tag to uniquely identify the creation site. If null, the default tag for the checker will be used.

Definition at line 273 of file CheckerContext.h.

References addTransition().

Referenced by clang::ento::mpi::MPIChecker::checkDoubleNonblocking(), clang::ento::mpi::MPIChecker::checkMissingWaits(), and clang::ento::mpi::MPIChecker::checkUnmatchedWaits().

◆ generateSink()

ExplodedNode * clang::ento::CheckerContext::generateSink	(	ProgramStateRef	State,
		ExplodedNode *	Pred,
		const ProgramPointTag *	Tag = nullptr )

inline

Generate a sink node.

Generating a sink stops exploration of the given path. To create a sink node for the purpose of reporting an error, checkers should use generateErrorNode() instead.

Definition at line 223 of file CheckerContext.h.

References getState().

Referenced by addSink(), generateErrorNode(), generateErrorNode(), and clang::ento::retaincountchecker::RetainCountChecker::handleAutoreleaseCounts().

◆ getAnalysisManager() [1/2]

AnalysisManager & clang::ento::CheckerContext::getAnalysisManager ( )

inline

Definition at line 58 of file CheckerContext.h.

◆ getAnalysisManager() [2/2]

const AnalysisManager & clang::ento::CheckerContext::getAnalysisManager ( ) const

inline

Definition at line 61 of file CheckerContext.h.

◆ getASTContext() [1/2]

ASTContext & clang::ento::CheckerContext::getASTContext ( )

inline

Definition at line 96 of file CheckerContext.h.

Referenced by clang::ento::mpi::MPIChecker::dynamicInit(), clang::ento::retaincountchecker::RetainCountChecker::handleAutoreleaseCounts(), isGreaterOrEqual(), and clang::ento::retaincountchecker::RetainCountChecker::processLeaks().

◆ getASTContext() [2/2]

const ASTContext & clang::ento::CheckerContext::getASTContext ( ) const

inline

Definition at line 100 of file CheckerContext.h.

◆ getBlockID()

unsigned clang::ento::CheckerContext::getBlockID ( ) const

inline

Get the blockID.

Definition at line 158 of file CheckerContext.h.

◆ getBugReporter() [1/2]

BugReporter & clang::ento::CheckerContext::getBugReporter ( )

inline

Definition at line 117 of file CheckerContext.h.

Referenced by clang::ento::mpi::MPIChecker::checkDoubleNonblocking(), clang::ento::mpi::MPIChecker::checkMissingWaits(), clang::ento::mpi::MPIChecker::checkUnmatchedWaits(), getPreprocessor(), getPreprocessor(), getSourceManager(), and getSourceManager().

◆ getBugReporter() [2/2]

const BugReporter & clang::ento::CheckerContext::getBugReporter ( ) const

inline

Definition at line 120 of file CheckerContext.h.

◆ getCalleeDecl()

const FunctionDecl * CheckerContext::getCalleeDecl ( const CallExpr * CE ) const

Get the declaration of the called function (path-sensitive).

Definition at line 22 of file CheckerContext.cpp.

References clang::ento::SVal::getAsFunctionDecl(), clang::CallExpr::getCallee(), and clang::CallExpr::getDirectCallee().

Referenced by getCalleeIdentifier(), and getCalleeName().

◆ getCalleeIdentifier()

const IdentifierInfo * clang::ento::CheckerContext::getCalleeIdentifier ( const CallExpr * CE ) const

inline

Get the identifier of the called function (path-sensitive).

Definition at line 389 of file CheckerContext.h.

References getCalleeDecl(), and clang::NamedDecl::getIdentifier().

◆ getCalleeName() [1/2]

StringRef clang::ento::CheckerContext::getCalleeName ( const CallExpr * CE ) const

inline

Get the name of the called function (path-sensitive).

Definition at line 398 of file CheckerContext.h.

References getCalleeDecl(), and getCalleeName().

◆ getCalleeName() [2/2]

StringRef CheckerContext::getCalleeName ( const FunctionDecl * FunDecl ) const

Get the name of the called function (path-sensitive).

Definition at line 32 of file CheckerContext.cpp.

References clang::NamedDecl::getIdentifier(), and clang::IdentifierInfo::getName().

Referenced by getCalleeName().

◆ getCFGElementRef()

ConstCFGElementRef clang::ento::CheckerContext::getCFGElementRef ( ) const

inline

Definition at line 179 of file CheckerContext.h.

◆ getConstraintManager() [1/2]

ConstraintManager & clang::ento::CheckerContext::getConstraintManager ( )

inline

Definition at line 65 of file CheckerContext.h.

◆ getConstraintManager() [2/2]

const ConstraintManager & clang::ento::CheckerContext::getConstraintManager ( ) const

inline

Definition at line 68 of file CheckerContext.h.

◆ getCurrentAnalysisDeclContext()

AnalysisDeclContext * clang::ento::CheckerContext::getCurrentAnalysisDeclContext ( ) const

inline

Definition at line 153 of file CheckerContext.h.

◆ getDeclDescription()

StringRef CheckerContext::getDeclDescription ( const Decl * D )

Returns the word that should be used to refer to the declaration in the report.

Definition at line 41 of file CheckerContext.cpp.

References clang::isa().

◆ getLangOpts()

const LangOptions & clang::ento::CheckerContext::getLangOpts ( ) const

inline

Definition at line 102 of file CheckerContext.h.

Referenced by getMacroNameOrSpelling().

◆ getLocation()

const ProgramPoint clang::ento::CheckerContext::getLocation ( ) const

inline

Definition at line 82 of file CheckerContext.h.

◆ getLocationContext()

const LocationContext * clang::ento::CheckerContext::getLocationContext ( ) const

inline

Definition at line 106 of file CheckerContext.h.

Referenced by clang::ento::retaincountchecker::RetainCountChecker::checkBeginFunction(), and inTopFrame().

◆ getLocationRegionIfPostStore()

const MemRegion * clang::ento::CheckerContext::getLocationRegionIfPostStore ( const ExplodedNode * N )

inlinestatic

If the given node corresponds to a PostStore program point, retrieve the location region as it was uttered in the code.

This utility can be useful for generating extensive diagnostics, for example, for finding variables that the given symbol was assigned to.

Definition at line 167 of file CheckerContext.h.

References clang::ProgramPoint::getAs(), and clang::ento::ExplodedNode::getLocation().

◆ getMacroNameOrSpelling()

StringRef CheckerContext::getMacroNameOrSpelling ( SourceLocation & Loc )

Depending on whether the location corresponds to a macro, return either the macro name or the token spelling.

This could be useful when checkers' logic depends on whether a function is called with a given macro argument. For example: s = socket(AF_INET,..) If AF_INET is a macro, the result should be treated as a source of taint.

See also: clang::Lexer::getSpelling(), clang::Lexer::getImmediateMacroName().

Definition at line 131 of file CheckerContext.cpp.

References clang::Lexer::getImmediateMacroName(), getLangOpts(), getSourceManager(), and clang::Lexer::getSpelling().

◆ getNoteTag() [1/5]

LLVM_ATTRIBUTE_RETURNS_NONNULL const NoteTag * clang::ento::CheckerContext::getNoteTag	(	NoteTag::Callback &&	Cb,
		bool	IsPrunable = false )

inline

Produce a program point tag that displays an additional path note to the user.

This is a lightweight alternative to the BugReporterVisitor mechanism: instead of visiting the bug report node-by-node to restore the sequence of events that led to discovering a bug, you can add notes as you add your transitions.

Parameters

Cb	Callback with 'BugReporterContext &, BugReport &' parameters.
IsPrunable	Whether the note is prunable. It allows BugReporter to omit the note from the report if it would make the displayed bug path significantly shorter.

Definition at line 311 of file CheckerContext.h.

Referenced by getNoteTag(), getNoteTag(), getNoteTag(), and getNoteTag().

◆ getNoteTag() [2/5]

const NoteTag * clang::ento::CheckerContext::getNoteTag	(	std::function< std::string()> &&	Cb,
		bool	IsPrunable = false )

inline

A shorthand version of getNoteTag that doesn't require you to accept the arguments when you don't need it.

Parameters

Cb	Callback without parameters.
IsPrunable	Whether the note is prunable. It allows BugReporter to omit the note from the report if it would make the displayed bug path significantly shorter.

Definition at line 338 of file CheckerContext.h.

References std::function, and getNoteTag().

◆ getNoteTag() [3/5]

const NoteTag * clang::ento::CheckerContext::getNoteTag	(	std::function< std::string(PathSensitiveBugReport &)> &&	Cb,
		bool	IsPrunable = false )

inline

A shorthand version of getNoteTag that doesn't require you to accept the 'BugReporterContext' argument when you don't need it.

Parameters

Cb	Callback only with 'BugReport &' parameter.
IsPrunable	Whether the note is prunable. It allows BugReporter to omit the note from the report if it would make the displayed bug path significantly shorter.

Definition at line 323 of file CheckerContext.h.

References std::function, and getNoteTag().

◆ getNoteTag() [4/5]

const NoteTag * clang::ento::CheckerContext::getNoteTag	(	std::function< void(PathSensitiveBugReport &BR, llvm::raw_ostream &OS)> &&	Cb,
		bool	IsPrunable = false )

inline

A shorthand version of getNoteTag that accepts a lambda with stream for note.

Parameters

Cb	Callback with 'BugReport &' and 'llvm::raw_ostream &'.
IsPrunable	Whether the note is prunable. It allows BugReporter to omit the note from the report if it would make the displayed bug path significantly shorter.

Definition at line 365 of file CheckerContext.h.

References std::function, getNoteTag(), and clang::ento::OS.

◆ getNoteTag() [5/5]

const NoteTag * clang::ento::CheckerContext::getNoteTag	(	StringRef	Note,
		bool	IsPrunable = false )

inline

A shorthand version of getNoteTag that accepts a plain note.

Parameters

Note	The note.
IsPrunable	Whether the note is prunable. It allows BugReporter to omit the note from the report if it would make the displayed bug path significantly shorter.

Definition at line 351 of file CheckerContext.h.

References getNoteTag(), and clang::Note.

◆ getPredecessor() [1/2]

ExplodedNode * clang::ento::CheckerContext::getPredecessor ( )

inline

Returns the previous node in the exploded graph, which includes the state of the program before the checker ran.

Note, checkers should not retain the node in their state since the nodes might get invalidated.

Definition at line 80 of file CheckerContext.h.

Referenced by addSink().

◆ getPredecessor() [2/2]

const ExplodedNode * clang::ento::CheckerContext::getPredecessor ( ) const

inline

Definition at line 81 of file CheckerContext.h.

◆ getPreprocessor() [1/2]

Preprocessor & clang::ento::CheckerContext::getPreprocessor ( )

inline

Definition at line 129 of file CheckerContext.h.

References getBugReporter(), and clang::ento::BugReporter::getPreprocessor().

◆ getPreprocessor() [2/2]

const Preprocessor & clang::ento::CheckerContext::getPreprocessor ( ) const

inline

Definition at line 130 of file CheckerContext.h.

References getBugReporter(), and clang::ento::BugReporter::getPreprocessor().

◆ getSourceManager() [1/2]

const SourceManager & clang::ento::CheckerContext::getSourceManager ( )

inline

Definition at line 122 of file CheckerContext.h.

References getBugReporter(), and clang::ento::BugReporter::getSourceManager().

Referenced by getMacroNameOrSpelling().

◆ getSourceManager() [2/2]

const SourceManager & clang::ento::CheckerContext::getSourceManager ( ) const

inline

Definition at line 125 of file CheckerContext.h.

References getBugReporter(), and clang::ento::BugReporter::getSourceManager().

◆ getStackFrame()

const StackFrameContext * clang::ento::CheckerContext::getStackFrame ( ) const

inline

Definition at line 110 of file CheckerContext.h.

References clang::LocationContext::getStackFrame().

◆ getState()

const ProgramStateRef & clang::ento::CheckerContext::getState ( ) const

inline

Definition at line 83 of file CheckerContext.h.

Referenced by addSink(), addTransition(), clang::ento::retaincountchecker::RetainCountChecker::checkBeginFunction(), clang::ento::mpi::MPIChecker::checkDoubleNonblocking(), clang::ento::mpi::MPIChecker::checkMissingWaits(), clang::ento::mpi::MPIChecker::checkUnmatchedWaits(), generateSink(), isGreaterOrEqual(), and isNegative().

◆ getStateManager() [1/2]

ProgramStateManager & clang::ento::CheckerContext::getStateManager ( )

inline

Definition at line 146 of file CheckerContext.h.

◆ getStateManager() [2/2]

const ProgramStateManager & clang::ento::CheckerContext::getStateManager ( ) const

inline

Definition at line 149 of file CheckerContext.h.

◆ getStoreManager() [1/2]

StoreManager & clang::ento::CheckerContext::getStoreManager ( )

inline

Definition at line 72 of file CheckerContext.h.

◆ getStoreManager() [2/2]

const StoreManager & clang::ento::CheckerContext::getStoreManager ( ) const

inline

Definition at line 75 of file CheckerContext.h.

◆ getSVal()

SVal clang::ento::CheckerContext::getSVal ( const Stmt * S ) const

inline

Get the value of arbitrary expressions at this point in the path.

Definition at line 175 of file CheckerContext.h.

Referenced by isGreaterOrEqual(), and isNegative().

◆ getSValBuilder() [1/2]

SValBuilder & clang::ento::CheckerContext::getSValBuilder ( )

inline

Definition at line 134 of file CheckerContext.h.

Referenced by getSymbolManager(), getSymbolManager(), isGreaterOrEqual(), and isNegative().

◆ getSValBuilder() [2/2]

const SValBuilder & clang::ento::CheckerContext::getSValBuilder ( ) const

inline

Definition at line 137 of file CheckerContext.h.

◆ getSymbolManager() [1/2]

SymbolManager & clang::ento::CheckerContext::getSymbolManager ( )

inline

Definition at line 139 of file CheckerContext.h.

References getSValBuilder(), and clang::ento::SValBuilder::getSymbolManager().

◆ getSymbolManager() [2/2]

const SymbolManager & clang::ento::CheckerContext::getSymbolManager ( ) const

inline

Definition at line 142 of file CheckerContext.h.

References getSValBuilder(), and clang::ento::SValBuilder::getSymbolManager().

◆ inTopFrame()

bool clang::ento::CheckerContext::inTopFrame ( ) const

inline

Return true if the current LocationContext has no caller context.

Definition at line 115 of file CheckerContext.h.

References getLocationContext(), and clang::LocationContext::inTopFrame().

Referenced by clang::ento::retaincountchecker::RetainCountChecker::checkBeginFunction().

◆ isCLibraryFunction()

bool CheckerContext::isCLibraryFunction	(	const FunctionDecl *	FD,
		StringRef	Name = StringRef() )

static

Returns true if the given function is an externally-visible function in the top-level namespace, such as malloc.

If a name is provided, the function must additionally match the given name.

Note that this also accepts functions from the std namespace (because headers like <cstdlib> declare them there) and does not check if the function is declared as 'extern "C"' or if it uses C++ name mangling.

Definition at line 49 of file CheckerContext.cpp.

References clang::ASTContext::BuiltinInfo, clang::Decl::getASTContext(), clang::FunctionDecl::getBuiltinID(), clang::Decl::getDeclContext(), clang::NamedDecl::getIdentifier(), clang::Builtin::Context::getName(), clang::IdentifierInfo::getName(), clang::DeclContext::getRedeclContext(), clang::NamedDecl::isExternallyVisible(), clang::FunctionDecl::isInlined(), clang::DeclContext::isStdNamespace(), and clang::DeclContext::isTranslationUnit().

Referenced by clang::ento::CallEvent::isGlobalCFunction().

◆ isDifferent() [1/2]

bool clang::ento::CheckerContext::isDifferent ( )

inline

Check if the checker changed the state of the execution; ex: added a new transition or a bug report.

Definition at line 87 of file CheckerContext.h.

◆ isDifferent() [2/2]

bool clang::ento::CheckerContext::isDifferent ( ) const

inline

Definition at line 88 of file CheckerContext.h.

◆ isGreaterOrEqual()

bool CheckerContext::isGreaterOrEqual	(	const Expr *	E,
		unsigned long long	Val )

Returns true if the value of E is greater than or equal to Val under unsigned comparison.

Definition at line 162 of file CheckerContext.cpp.

References evalComparison(), getASTContext(), getState(), getSVal(), getSValBuilder(), clang::ento::SValBuilder::makeIntVal(), and V.

◆ isHardenedVariantOf()

bool CheckerContext::isHardenedVariantOf	(	const FunctionDecl *	FD,
		StringRef	Name )

static

In builds that use source hardening (-D_FORTIFY_SOURCE), many standard functions are implemented as macros that expand to calls of hardened functions that take additional arguments compared to the "usual" variant and perform additional input validation.

For example, a memcpy call may expand to __memcpy_chk() or __builtin___memcpy_chk().

This method returns true if FD declares a fortified variant of the standard library function Name.

NOTE: This method relies on heuristics; extend it if you need to handle a hardened variant that's not yet covered by it.

Definition at line 116 of file CheckerContext.cpp.

References clang::NamedDecl::getIdentifier(), and clang::IdentifierInfo::getName().

◆ isNegative()

bool CheckerContext::isNegative ( const Expr * E )

Returns true if the value of E is negative.

Definition at line 167 of file CheckerContext.cpp.

References evalComparison(), getState(), getSVal(), getSValBuilder(), clang::ento::SValBuilder::makeIntVal(), and V.

Member Data Documentation

◆ wasInlined

const bool clang::ento::CheckerContext::wasInlined

If we are post visiting a call, this flag will be set if the call was inlined.

In all other cases it will be false.

Definition at line 39 of file CheckerContext.h.

Referenced by CheckerContext().

The documentation for this class was generated from the following files:

include/clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h
lib/StaticAnalyzer/Core/CheckerContext.cpp

Public Member Functions

Static Public Member Functions

Public Attributes

Detailed Description

Constructor & Destructor Documentation

◆ CheckerContext()

Member Function Documentation

◆ addSink()

◆ addTransition() [1/2]

◆ addTransition() [2/2]

◆ blockCount()

◆ emitReport()

◆ generateErrorNode() [1/2]

◆ generateErrorNode() [2/2]

◆ generateNonFatalErrorNode() [1/2]

◆ generateNonFatalErrorNode() [2/2]

◆ generateSink()

◆ getAnalysisManager() [1/2]

◆ getAnalysisManager() [2/2]

◆ getASTContext() [1/2]

◆ getASTContext() [2/2]

◆ getBlockID()

◆ getBugReporter() [1/2]

◆ getBugReporter() [2/2]

◆ getCalleeDecl()

◆ getCalleeIdentifier()

◆ getCalleeName() [1/2]

◆ getCalleeName() [2/2]

◆ getCFGElementRef()

◆ getConstraintManager() [1/2]

◆ getConstraintManager() [2/2]

◆ getCurrentAnalysisDeclContext()

◆ getDeclDescription()

◆ getLangOpts()

◆ getLocation()

◆ getLocationContext()

◆ getLocationRegionIfPostStore()

◆ getMacroNameOrSpelling()

◆ getNoteTag() [1/5]

◆ getNoteTag() [2/5]

◆ getNoteTag() [3/5]

◆ getNoteTag() [4/5]

◆ getNoteTag() [5/5]

◆ getPredecessor() [1/2]

◆ getPredecessor() [2/2]

◆ getPreprocessor() [1/2]

◆ getPreprocessor() [2/2]

◆ getSourceManager() [1/2]

◆ getSourceManager() [2/2]

◆ getStackFrame()

◆ getState()

◆ getStateManager() [1/2]

◆ getStateManager() [2/2]

◆ getStoreManager() [1/2]

◆ getStoreManager() [2/2]

◆ getSVal()

◆ getSValBuilder() [1/2]

◆ getSValBuilder() [2/2]

◆ getSymbolManager() [1/2]

◆ getSymbolManager() [2/2]

◆ inTopFrame()

◆ isCLibraryFunction()

◆ isDifferent() [1/2]

◆ isDifferent() [2/2]

◆ isGreaterOrEqual()

◆ isHardenedVariantOf()

◆ isNegative()

Member Data Documentation

◆ wasInlined