|
clang
14.0.0git
|
#include "clang/StaticAnalyzer/Core/BugReporter/BugReporterVisitors.h"#include "clang/AST/ASTContext.h"#include "clang/AST/Decl.h"#include "clang/AST/DeclBase.h"#include "clang/AST/DeclCXX.h"#include "clang/AST/Expr.h"#include "clang/AST/ExprCXX.h"#include "clang/AST/ExprObjC.h"#include "clang/AST/Stmt.h"#include "clang/AST/Type.h"#include "clang/ASTMatchers/ASTMatchFinder.h"#include "clang/Analysis/Analyses/Dominators.h"#include "clang/Analysis/AnalysisDeclContext.h"#include "clang/Analysis/CFG.h"#include "clang/Analysis/CFGStmtMap.h"#include "clang/Analysis/PathDiagnostic.h"#include "clang/Analysis/ProgramPoint.h"#include "clang/Basic/IdentifierTable.h"#include "clang/Basic/LLVM.h"#include "clang/Basic/SourceLocation.h"#include "clang/Basic/SourceManager.h"#include "clang/Lex/Lexer.h"#include "clang/StaticAnalyzer/Core/AnalyzerOptions.h"#include "clang/StaticAnalyzer/Core/BugReporter/BugReporter.h"#include "clang/StaticAnalyzer/Core/PathSensitive/AnalysisManager.h"#include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h"#include "clang/StaticAnalyzer/Core/PathSensitive/ExplodedGraph.h"#include "clang/StaticAnalyzer/Core/PathSensitive/ExprEngine.h"#include "clang/StaticAnalyzer/Core/PathSensitive/MemRegion.h"#include "clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h"#include "clang/StaticAnalyzer/Core/PathSensitive/ProgramState_Fwd.h"#include "clang/StaticAnalyzer/Core/PathSensitive/SMTConv.h"#include "clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h"#include "clang/StaticAnalyzer/Core/PathSensitive/SVals.h"#include "llvm/ADT/ArrayRef.h"#include "llvm/ADT/None.h"#include "llvm/ADT/Optional.h"#include "llvm/ADT/STLExtras.h"#include "llvm/ADT/SmallPtrSet.h"#include "llvm/ADT/SmallString.h"#include "llvm/ADT/SmallVector.h"#include "llvm/ADT/StringExtras.h"#include "llvm/ADT/StringRef.h"#include "llvm/Support/Casting.h"#include "llvm/Support/ErrorHandling.h"#include "llvm/Support/raw_ostream.h"#include <cassert>#include <deque>#include <memory>#include <string>#include <utility>Go to the source code of this file.
Classes | |
| class | StoreSiteFinder |
| Finds last store into the given region, which is different from a given symbolic value. More... | |
| class | DefaultStoreHandler |
| class | ControlDependencyHandler |
| class | NilReceiverHandler |
| class | ArrayIndexHandler |
| class | InterestingLValueHandler |
| class | InlinedFunctionCallHandler |
| Adds a ReturnVisitor if the given statement represents a call that was inlined. More... | |
| class | DefaultExpressionHandler |
| class | PRValueHandler |
| Attempts to add visitors to track an RValue expression back to its point of origin. More... | |
Functions | |
| static const Expr * | peelOffPointerArithmetic (const BinaryOperator *B) |
| static const MemRegion * | getLocationRegionIfReference (const Expr *E, const ExplodedNode *N, bool LookingForReference=true) |
| static bool | hasVisibleUpdate (const ExplodedNode *LeftNode, SVal LeftVal, const ExplodedNode *RightNode, SVal RightVal) |
| Comparing internal representations of symbolic values (via SVal::operator==()) is a valid way to check if the value was updated, unless it's a LazyCompoundVal that may have a different internal representation every time it is loaded from the state. More... | |
| static Optional< SVal > | getSValForVar (const Expr *CondVarExpr, const ExplodedNode *N) |
| static Optional< const llvm::APSInt * > | getConcreteIntegerValue (const Expr *CondVarExpr, const ExplodedNode *N) |
| static bool | isVarAnInterestingCondition (const Expr *CondVarExpr, const ExplodedNode *N, const PathSensitiveBugReport *B) |
| static bool | isInterestingExpr (const Expr *E, const ExplodedNode *N, const PathSensitiveBugReport *B) |
| static StringRef | getMacroName (SourceLocation Loc, BugReporterContext &BRC) |
| static bool | isFunctionMacroExpansion (SourceLocation Loc, const SourceManager &SM) |
| static bool | wasRegionOfInterestModifiedAt (const SubRegion *RegionOfInterest, const ExplodedNode *N, SVal ValueAfter) |
| static const ExplodedNode * | getMatchingCallExitEnd (const ExplodedNode *N) |
| static bool | potentiallyWritesIntoIvar (const Decl *Parent, const ObjCIvarDecl *Ivar) |
| static bool | isPointerToConst (QualType Ty) |
| static bool | isInitializationOfVar (const ExplodedNode *N, const VarRegion *VR) |
Returns true if N represents the DeclStmt declaring and initializing VR. More... | |
| static bool | isObjCPointer (const MemRegion *R) |
| static bool | isObjCPointer (const ValueDecl *D) |
| static void | showBRDiagnostics (llvm::raw_svector_ostream &OS, StoreInfo SI) |
Show diagnostics for initializing or declaring a region R with a bad value. More... | |
| static void | showBRParamDiagnostics (llvm::raw_svector_ostream &OS, StoreInfo SI) |
| Display diagnostics for passing bad region as a parameter. More... | |
| static void | showBRDefaultDiagnostics (llvm::raw_svector_ostream &OS, StoreInfo SI) |
| Show default diagnostics for storing bad region. More... | |
| static std::shared_ptr< PathDiagnosticEventPiece > | constructDebugPieceForTrackedCondition (const Expr *Cond, const ExplodedNode *N, BugReporterContext &BRC) |
| static bool | isAssertlikeBlock (const CFGBlock *B, ASTContext &Context) |
| static const Expr * | peelOffOuterExpr (const Expr *Ex, const ExplodedNode *N) |
| static const ExplodedNode * | findNodeForExpression (const ExplodedNode *N, const Expr *Inner) |
| Find the ExplodedNode where the lvalue (the value of 'Ex') was computed. More... | |
Variables | |
| static llvm::StringLiteral | WillBeUsedForACondition |
|
static |
Definition at line 1842 of file BugReporterVisitors.cpp.
References clang::ento::PathDiagnosticLocation::createBegin(), clang::Stmt::getSourceRange(), clang::Lexer::getSourceText(), clang::CharSourceRange::getTokenRange(), clang::PD_NONE, and string().
|
static |
Find the ExplodedNode where the lvalue (the value of 'Ex') was computed.
Definition at line 2009 of file BugReporterVisitors.cpp.
|
static |
Definition at line 230 of file BugReporterVisitors.cpp.
References getSValForVar(), and V.
Referenced by clang::ento::ConditionBRVisitor::printValue().
|
static |
Definition at line 158 of file BugReporterVisitors.cpp.
|
static |
Loc. Definition at line 262 of file BugReporterVisitors.cpp.
References clang::Lexer::getImmediateMacroName().
Referenced by clang::ento::SuppressInlineDefensiveChecksVisitor::VisitNode().
|
static |
Definition at line 369 of file BugReporterVisitors.cpp.
References clang::LocationContext::getStackFrame().
Definition at line 205 of file BugReporterVisitors.cpp.
References clang::Expr::IgnoreImpCasts(), and State.
Referenced by getConcreteIntegerValue(), isInterestingExpr(), and isVarAnInterestingCondition().
|
static |
Comparing internal representations of symbolic values (via SVal::operator==()) is a valid way to check if the value was updated, unless it's a LazyCompoundVal that may have a different internal representation every time it is loaded from the state.
In this function we do an approximate comparison for lazy compound values, checking that they are the immediate snapshots of the tracked region's bindings within the node's respective states but not really checking that these snapshots actually contain the same set of bindings.
Definition at line 187 of file BugReporterVisitors.cpp.
Referenced by StoreSiteFinder::VisitNode().
|
static |
Definition at line 1860 of file BugReporterVisitors.cpp.
References clang::CFGBlock::getTerminatorCondition(), clang::CFGBlock::isInevitablySinking(), clang::CFGBlock::succ_begin(), and clang::CFGBlock::succ_size().
|
static |
Definition at line 272 of file BugReporterVisitors.cpp.
References clang::SrcMgr::SLocEntry::getExpansion(), clang::SrcMgr::ExpansionInfo::isFunctionMacroExpansion(), clang::SourceLocation::isMacroID(), and SM.
|
static |
Returns true if N represents the DeclStmt declaring and initializing VR.
Definition at line 1251 of file BugReporterVisitors.cpp.
References clang::DeclStmt::getSingleDecl(), clang::LocationContext::getStackFrame(), and P.
Referenced by StoreSiteFinder::VisitNode().
|
static |
Definition at line 254 of file BugReporterVisitors.cpp.
References getSValForVar(), and V.
Referenced by clang::ento::ConditionBRVisitor::VisitConditionVariable().
|
static |
Definition at line 1278 of file BugReporterVisitors.cpp.
Referenced by clang::Sema::CheckAdditionOperands(), showBRDefaultDiagnostics(), showBRDiagnostics(), and showBRParamDiagnostics().
Definition at line 1286 of file BugReporterVisitors.cpp.
References clang::ValueDecl::getType(), and clang::Type::isObjCObjectPointerType().
Ty points to a const type, or is a const reference. Definition at line 709 of file BugReporterVisitors.cpp.
References clang::QualType::getCanonicalType(), clang::Type::getPointeeType(), clang::QualType::isConstQualified(), and clang::QualType::isNull().
|
static |
Definition at line 238 of file BugReporterVisitors.cpp.
References clang::ento::bugreporter::Condition, getSValForVar(), and V.
Referenced by clang::ento::ConditionBRVisitor::VisitConditionVariable(), and clang::ento::ConditionBRVisitor::VisitTrueTest().
Ex which represents the expression-of-interest. Definition at line 1943 of file BugReporterVisitors.cpp.
References clang::ProgramPoint::getAs(), clang::ento::bugreporter::getDerefExpr(), clang::CFGBlock::getTerminatorStmt(), clang::Expr::IgnoreParenCasts(), peelOffPointerArithmetic(), and clang::CFGBlock::succ_begin().
|
static |
Definition at line 74 of file BugReporterVisitors.cpp.
References clang::BinaryOperator::getLHS(), clang::BinaryOperator::getRHS(), clang::Expr::getType(), clang::BinaryOperator::isAdditiveOp(), and clang::Type::isPointerType().
Referenced by peelOffOuterExpr().
|
static |
Parent syntactically has a binary operation writing into the ivar Ivar. Definition at line 590 of file BugReporterVisitors.cpp.
References clang::ast_matchers::binaryOperator, clang::ast_matchers::hasDeclaration(), clang::ast_matchers::hasDescendant, clang::ast_matchers::objcIvarRefExpr, Parent, and clang::ast_matchers::stmt.
|
static |
Show default diagnostics for storing bad region.
Definition at line 1382 of file BugReporterVisitors.cpp.
References isObjCPointer().
Referenced by DefaultStoreHandler::handle().
|
static |
Show diagnostics for initializing or declaring a region R with a bad value.
Definition at line 1291 of file BugReporterVisitors.cpp.
References clang::ento::bugreporter::StoreInfo::BlockCapture, clang::StmtPoint::getStmt(), clang::ento::bugreporter::StoreInfo::Initialization, and isObjCPointer().
Referenced by DefaultStoreHandler::handle().
|
static |
Display diagnostics for passing bad region as a parameter.
Definition at line 1348 of file BugReporterVisitors.cpp.
References isObjCPointer().
Referenced by DefaultStoreHandler::handle().
|
static |
RegionOfInterest was modified at N, where ValueAfter is RegionOfInterest's value at the end of the stack frame. Definition at line 287 of file BugReporterVisitors.cpp.
References State.
|
static |
Definition at line 758 of file BugReporterVisitors.cpp.
Referenced by DefaultStoreHandler::handle(), clang::ento::ConditionBRVisitor::VisitConditionVariable(), and clang::ento::ConditionBRVisitor::VisitTrueTest().
1.8.17