clang 20.0.0git
RetainCountChecker.h
Go to the documentation of this file.
1//==--- RetainCountChecker.h - Checks for leaks and other issues -*- C++ -*--//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8//
9// This file defines the methods for RetainCountChecker, which implements
10// a reference count checker for Core Foundation and Cocoa on (Mac OS X).
11//
12//===----------------------------------------------------------------------===//
13
14#ifndef LLVM_CLANG_LIB_STATICANALYZER_CHECKERS_RETAINCOUNTCHECKER_H
15#define LLVM_CLANG_LIB_STATICANALYZER_CHECKERS_RETAINCOUNTCHECKER_H
16
17#include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h"
18#include "RetainCountDiagnostics.h"
19#include "clang/AST/Attr.h"
20#include "clang/AST/DeclCXX.h"
21#include "clang/AST/DeclObjC.h"
22#include "clang/AST/ParentMap.h"
23#include "clang/Analysis/DomainSpecific/CocoaConventions.h"
24#include "clang/Analysis/PathDiagnostic.h"
25#include "clang/Analysis/RetainSummaryManager.h"
26#include "clang/Basic/LangOptions.h"
27#include "clang/Basic/SourceManager.h"
28#include "clang/Analysis/SelectorExtras.h"
29#include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
30#include "clang/StaticAnalyzer/Core/Checker.h"
31#include "clang/StaticAnalyzer/Core/CheckerManager.h"
32#include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h"
33#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
34#include "clang/StaticAnalyzer/Core/PathSensitive/ProgramStateTrait.h"
35#include "clang/StaticAnalyzer/Core/PathSensitive/SymbolManager.h"
36#include "llvm/ADT/DenseMap.h"
37#include "llvm/ADT/FoldingSet.h"
38#include "llvm/ADT/ImmutableList.h"
39#include "llvm/ADT/STLExtras.h"
40#include "llvm/ADT/SmallString.h"
41#include "llvm/ADT/StringExtras.h"
42#include <cstdarg>
43#include <utility>
44
45namespace clang {
46namespace ento {
47namespace retaincountchecker {
48
49/// Metadata on reference.
50class RefVal {
51public:
52 enum Kind {
53 Owned = 0, // Owning reference.
54 NotOwned, // Reference is not owned by still valid (not freed).
55 Released, // Object has been released.
56 ReturnedOwned, // Returned object passes ownership to caller.
57 ReturnedNotOwned, // Return object does not pass ownership to caller.
58 ERROR_START,
59 ErrorDeallocNotOwned, // -dealloc called on non-owned object.
60 ErrorUseAfterRelease, // Object used after released.
61 ErrorReleaseNotOwned, // Release of an object that was not owned.
62 ERROR_LEAK_START,
63 ErrorLeak, // A memory leak due to excessive reference counts.
64 ErrorLeakReturned, // A memory leak due to the returning method not having
65 // the correct naming conventions.
66 ErrorOverAutorelease,
67 ErrorReturnedNotOwned
68 };
69
70 /// Tracks how an object referenced by an ivar has been used.
71 ///
72 /// This accounts for us not knowing if an arbitrary ivar is supposed to be
73 /// stored at +0 or +1.
74 enum class IvarAccessHistory {
75 None,
76 AccessedDirectly,
77 ReleasedAfterDirectAccess
78 };
79
80private:
81 /// The number of outstanding retains.
82 unsigned Cnt;
83 /// The number of outstanding autoreleases.
84 unsigned ACnt;
85 /// The (static) type of the object at the time we started tracking it.
86 QualType T;
87
88 /// The current state of the object.
89 ///
90 /// See the RefVal::Kind enum for possible values.
91 unsigned RawKind : 5;
92
93 /// The kind of object being tracked (CF or ObjC or OSObject), if known.
94 ///
95 /// See the ObjKind enum for possible values.
96 unsigned RawObjectKind : 3;
97
98 /// True if the current state and/or retain count may turn out to not be the
99 /// best possible approximation of the reference counting state.
100 ///
101 /// If true, the checker may decide to throw away ("override") this state
102 /// in favor of something else when it sees the object being used in new ways.
103 ///
104 /// This setting should not be propagated to state derived from this state.
105 /// Once we start deriving new states, it would be inconsistent to override
106 /// them.
107 unsigned RawIvarAccessHistory : 2;
108
109 RefVal(Kind k, ObjKind o, unsigned cnt, unsigned acnt, QualType t,
110 IvarAccessHistory IvarAccess)
111 : Cnt(cnt), ACnt(acnt), T(t), RawKind(static_cast<unsigned>(k)),
112 RawObjectKind(static_cast<unsigned>(o)),
113 RawIvarAccessHistory(static_cast<unsigned>(IvarAccess)) {
114 assert(getKind() == k && "not enough bits for the kind");
115 assert(getObjKind() == o && "not enough bits for the object kind");
116 assert(getIvarAccessHistory() == IvarAccess && "not enough bits");
117 }
118
119public:
120 Kind getKind() const { return static_cast<Kind>(RawKind); }
121
122 ObjKind getObjKind() const {
123 return static_cast<ObjKind>(RawObjectKind);
124 }
125
126 unsigned getCount() const { return Cnt; }
127 unsigned getAutoreleaseCount() const { return ACnt; }
128 unsigned getCombinedCounts() const { return Cnt + ACnt; }
129 void clearCounts() {
130 Cnt = 0;
131 ACnt = 0;
132 }
133 void setCount(unsigned i) {
134 Cnt = i;
135 }
136 void setAutoreleaseCount(unsigned i) {
137 ACnt = i;
138 }
139
140 QualType getType() const { return T; }
141
142 /// Returns what the analyzer knows about direct accesses to a particular
143 /// instance variable.
144 ///
145 /// If the object with this refcount wasn't originally from an Objective-C
146 /// ivar region, this should always return IvarAccessHistory::None.
147 IvarAccessHistory getIvarAccessHistory() const {
148 return static_cast<IvarAccessHistory>(RawIvarAccessHistory);
149 }
150
151 bool isOwned() const {
152 return getKind() == Owned;
153 }
154
155 bool isNotOwned() const {
156 return getKind() == NotOwned;
157 }
158
159 bool isReturnedOwned() const {
160 return getKind() == ReturnedOwned;
161 }
162
163 bool isReturnedNotOwned() const {
164 return getKind() == ReturnedNotOwned;
165 }
166
167 /// Create a state for an object whose lifetime is the responsibility of the
168 /// current function, at least partially.
169 ///
170 /// Most commonly, this is an owned object with a retain count of +1.
171 static RefVal makeOwned(ObjKind o, QualType t) {
172 return RefVal(Owned, o, /*Count=*/1, 0, t, IvarAccessHistory::None);
173 }
174
175 /// Create a state for an object whose lifetime is not the responsibility of
176 /// the current function.
177 ///
178 /// Most commonly, this is an unowned object with a retain count of +0.
179 static RefVal makeNotOwned(ObjKind o, QualType t) {
180 return RefVal(NotOwned, o, /*Count=*/0, 0, t, IvarAccessHistory::None);
181 }
182
183 RefVal operator-(size_t i) const {
184 return RefVal(getKind(), getObjKind(), getCount() - i,
185 getAutoreleaseCount(), getType(), getIvarAccessHistory());
186 }
187
188 RefVal operator+(size_t i) const {
189 return RefVal(getKind(), getObjKind(), getCount() + i,
190 getAutoreleaseCount(), getType(), getIvarAccessHistory());
191 }
192
193 RefVal operator^(Kind k) const {
194 return RefVal(k, getObjKind(), getCount(), getAutoreleaseCount(),
195 getType(), getIvarAccessHistory());
196 }
197
198 RefVal autorelease() const {
199 return RefVal(getKind(), getObjKind(), getCount(), getAutoreleaseCount()+1,
200 getType(), getIvarAccessHistory());
201 }
202
203 RefVal withIvarAccess() const {
204 assert(getIvarAccessHistory() == IvarAccessHistory::None);
205 return RefVal(getKind(), getObjKind(), getCount(), getAutoreleaseCount(),
206 getType(), IvarAccessHistory::AccessedDirectly);
207 }
208
209 RefVal releaseViaIvar() const {
210 assert(getIvarAccessHistory() == IvarAccessHistory::AccessedDirectly);
211 return RefVal(getKind(), getObjKind(), getCount(), getAutoreleaseCount(),
212 getType(), IvarAccessHistory::ReleasedAfterDirectAccess);
213 }
214
215 // Comparison, profiling, and pretty-printing.
216 bool hasSameState(const RefVal &X) const {
217 return getKind() == X.getKind() && Cnt == X.Cnt && ACnt == X.ACnt &&
218 getIvarAccessHistory() == X.getIvarAccessHistory();
219 }
220
221 bool operator==(const RefVal& X) const {
222 return T == X.T && hasSameState(X) && getObjKind() == X.getObjKind();
223 }
224
225 void Profile(llvm::FoldingSetNodeID& ID) const {
226 ID.Add(T);
227 ID.AddInteger(RawKind);
228 ID.AddInteger(Cnt);
229 ID.AddInteger(ACnt);
230 ID.AddInteger(RawObjectKind);
231 ID.AddInteger(RawIvarAccessHistory);
232 }
233
234 void print(raw_ostream &Out) const;
235};
236
237class RetainCountChecker
238 : public Checker< check::Bind,
239 check::DeadSymbols,
240 check::BeginFunction,
241 check::EndFunction,
242 check::PostStmt<BlockExpr>,
243 check::PostStmt<CastExpr>,
244 check::PostStmt<ObjCArrayLiteral>,
245 check::PostStmt<ObjCDictionaryLiteral>,
246 check::PostStmt<ObjCBoxedExpr>,
247 check::PostStmt<ObjCIvarRefExpr>,
248 check::PostCall,
249 check::RegionChanges,
250 eval::Assume,
251 eval::Call > {
252
253public:
254 std::unique_ptr<RefCountBug> UseAfterRelease;
255 std::unique_ptr<RefCountBug> ReleaseNotOwned;
256 std::unique_ptr<RefCountBug> DeallocNotOwned;
257 std::unique_ptr<RefCountBug> FreeNotOwned;
258 std::unique_ptr<RefCountBug> OverAutorelease;
259 std::unique_ptr<RefCountBug> ReturnNotOwnedForOwned;
260 std::unique_ptr<RefCountBug> LeakWithinFunction;
261 std::unique_ptr<RefCountBug> LeakAtReturn;
262
263 mutable std::unique_ptr<RetainSummaryManager> Summaries;
264
265 static std::unique_ptr<CheckerProgramPointTag> DeallocSentTag;
266 static std::unique_ptr<CheckerProgramPointTag> CastFailTag;
267
268 /// Track Objective-C and CoreFoundation objects.
269 bool TrackObjCAndCFObjects = false;
270
271 /// Track sublcasses of OSObject.
272 bool TrackOSObjects = false;
273
274 /// Track initial parameters (for the entry point) for NS/CF objects.
275 bool TrackNSCFStartParam = false;
276
277 RetainCountChecker() {};
278
279 RetainSummaryManager &getSummaryManager(ASTContext &Ctx) const {
280 if (!Summaries)
281 Summaries.reset(
282 new RetainSummaryManager(Ctx, TrackObjCAndCFObjects, TrackOSObjects));
283 return *Summaries;
284 }
285
286 RetainSummaryManager &getSummaryManager(CheckerContext &C) const {
287 return getSummaryManager(C.getASTContext());
288 }
289
290 void printState(raw_ostream &Out, ProgramStateRef State,
291 const char *NL, const char *Sep) const override;
292
293 void checkBind(SVal loc, SVal val, const Stmt *S, CheckerContext &C) const;
294 void checkPostStmt(const BlockExpr *BE, CheckerContext &C) const;
295 void checkPostStmt(const CastExpr *CE, CheckerContext &C) const;
296
297 void checkPostStmt(const ObjCArrayLiteral *AL, CheckerContext &C) const;
298 void checkPostStmt(const ObjCDictionaryLiteral *DL, CheckerContext &C) const;
299 void checkPostStmt(const ObjCBoxedExpr *BE, CheckerContext &C) const;
300
301 void checkPostStmt(const ObjCIvarRefExpr *IRE, CheckerContext &C) const;
302
303 void checkPostCall(const CallEvent &Call, CheckerContext &C) const;
304
305 void checkSummary(const RetainSummary &Summ, const CallEvent &Call,
306 CheckerContext &C) const;
307
308 void processSummaryOfInlined(const RetainSummary &Summ,
309 const CallEvent &Call,
310 CheckerContext &C) const;
311
312 bool evalCall(const CallEvent &Call, CheckerContext &C) const;
313
314 ProgramStateRef evalAssume(ProgramStateRef state, SVal Cond,
315 bool Assumption) const;
316
317 ProgramStateRef
318 checkRegionChanges(ProgramStateRef state,
319 const InvalidatedSymbols *invalidated,
320 ArrayRef<const MemRegion *> ExplicitRegions,
321 ArrayRef<const MemRegion *> Regions,
322 const LocationContext* LCtx,
323 const CallEvent *Call) const;
324
325 ExplodedNode* checkReturnWithRetEffect(const ReturnStmt *S, CheckerContext &C,
326 ExplodedNode *Pred, RetEffect RE, RefVal X,
327 SymbolRef Sym, ProgramStateRef state) const;
328
329 void checkDeadSymbols(SymbolReaper &SymReaper, CheckerContext &C) const;
330 void checkBeginFunction(CheckerContext &C) const;
331 void checkEndFunction(const ReturnStmt *RS, CheckerContext &C) const;
332
333 ProgramStateRef updateSymbol(ProgramStateRef state, SymbolRef sym,
334 RefVal V, ArgEffect E, RefVal::Kind &hasErr,
335 CheckerContext &C) const;
336
337 const RefCountBug &errorKindToBugKind(RefVal::Kind ErrorKind,
338 SymbolRef Sym) const;
339
340 void processNonLeakError(ProgramStateRef St, SourceRange ErrorRange,
341 RefVal::Kind ErrorKind, SymbolRef Sym,
342 CheckerContext &C) const;
343
344 void processObjCLiterals(CheckerContext &C, const Expr *Ex) const;
345
346 ProgramStateRef handleSymbolDeath(ProgramStateRef state,
347 SymbolRef sid, RefVal V,
348 SmallVectorImpl<SymbolRef> &Leaked) const;
349
350 ProgramStateRef
351 handleAutoreleaseCounts(ProgramStateRef state, ExplodedNode *Pred,
352 const ProgramPointTag *Tag, CheckerContext &Ctx,
353 SymbolRef Sym,
354 RefVal V,
355 const ReturnStmt *S=nullptr) const;
356
357 ExplodedNode *processLeaks(ProgramStateRef state,
358 SmallVectorImpl<SymbolRef> &Leaked,
359 CheckerContext &Ctx,
360 ExplodedNode *Pred = nullptr) const;
361
362 static const CheckerProgramPointTag &getDeallocSentTag() {
363 return *DeallocSentTag;
364 }
365
366 static const CheckerProgramPointTag &getCastFailTag() { return *CastFailTag; }
367
368private:
369 /// Perform the necessary checks and state adjustments at the end of the
370 /// function.
371 /// \p S Return statement, may be null.
372 ExplodedNode * processReturn(const ReturnStmt *S, CheckerContext &C) const;
373};
374
375//===----------------------------------------------------------------------===//
376// RefBindings - State used to track object reference counts.
377//===----------------------------------------------------------------------===//
378
379const RefVal *getRefBinding(ProgramStateRef State, SymbolRef Sym);
380
381/// Returns true if this stack frame is for an Objective-C method that is a
382/// property getter or setter whose body has been synthesized by the analyzer.
383inline bool isSynthesizedAccessor(const StackFrameContext *SFC) {
384 auto Method = dyn_cast_or_null<ObjCMethodDecl>(SFC->getDecl());
385 if (!Method || !Method->isPropertyAccessor())
386 return false;
387
388 return SFC->getAnalysisDeclContext()->isBodyAutosynthesized();
389}
390
391} // end namespace retaincountchecker
392} // end namespace ento
393} // end namespace clang
394
395#endif
V
#define V(N, I)
Definition: ASTContext.h:3460
E
Expr * E
Definition: CheckExprLifetime.cpp:210
DeclCXX.h
Defines the C++ Decl subclasses, other than those for templates (found in DeclTemplate....
X
#define X(type, name)
Definition: Value.h:144
LangOptions.h
Defines the clang::LangOptions interface.
SourceManager.h
Defines the SourceManager interface.
clang::ASTContext
Holds long-lived AST nodes (such as types and decls) that can be referred to throughout the semantic ...
Definition: ASTContext.h:188
clang::BlockExpr
BlockExpr - Adaptor class for mixing a BlockDecl with expressions.
Definition: Expr.h:6414
clang::CastExpr
CastExpr - Base class for type casts, including both implicit casts (ImplicitCastExpr) and explicit c...
Definition: Expr.h:3547
clang::Expr
This represents one expression.
Definition: Expr.h:110
clang::LocationContext
It wraps the AnalysisDeclContext to represent both the call stack with the help of StackFrameContext ...
Definition: AnalysisDeclContext.h:215
clang::LocationContext::getDecl
const Decl * getDecl() const
Definition: AnalysisDeclContext.h:251
clang::LocationContext::getAnalysisDeclContext
LLVM_ATTRIBUTE_RETURNS_NONNULL AnalysisDeclContext * getAnalysisDeclContext() const
Definition: AnalysisDeclContext.h:244
clang::ObjCArrayLiteral
ObjCArrayLiteral - used for objective-c array containers; as in: @["Hello", NSApp,...
Definition: ExprObjC.h:191
clang::ObjCBoxedExpr
ObjCBoxedExpr - used for generalized expression boxing.
Definition: ExprObjC.h:127
clang::ObjCDictionaryLiteral
ObjCDictionaryLiteral - AST node to represent objective-c dictionary literals; as in:"name" : NSUserN...
Definition: ExprObjC.h:309
clang::ObjCIvarRefExpr
ObjCIvarRefExpr - A reference to an ObjC instance variable.
Definition: ExprObjC.h:549
clang::ProgramPointTag
ProgramPoints can be "tagged" as representing points specific to a given analysis entity.
Definition: ProgramPoint.h:38
clang::QualType
A (possibly-)qualified type.
Definition: Type.h:929
clang::ReturnStmt
ReturnStmt - This represents a return, optionally of an expression: return; return 4;.
Definition: Stmt.h:3046
clang::SourceRange
A trivial tuple used to represent a source range.
Definition: SourceLocation.h:213
clang::StackFrameContext
It represents a stack frame of the call stack (based on CallEvent).
Definition: AnalysisDeclContext.h:299
clang::Stmt
Stmt - This represents one statement.
Definition: Stmt.h:84
clang::ento::ArgEffect
An ArgEffect summarizes the retain count behavior on an argument or receiver to a function or method.
Definition: RetainSummaryManager.h:119
clang::ento::CallEvent
Represents an abstract call to a function or method along a particular path.
Definition: CallEvent.h:153
clang::ento::CheckerProgramPointTag
Tag that can use a checker name as a message provider (see SimpleProgramPointTag).
Definition: Checker.h:505
clang::ento::RetEffect
RetEffect summarizes a call's retain/release behavior with respect to its return value.
Definition: RetainSummaryManager.h:140
clang::ento::RetainSummary
Summary for a function with respect to ownership changes.
Definition: RetainSummaryManager.h:283
clang::ento::SVal
SVal - This represents a symbolic expression, which can be either an L-value or an R-value.
Definition: SVals.h:56
clang::ento::SymExpr
Symbolic value.
Definition: SymExpr.h:32
clang::ento::SymbolReaper
A class responsible for cleaning up unused symbols.
Definition: SymbolManager.h:566
clang::ento::retaincountchecker::RefVal::operator==
bool operator==(const RefVal &X) const
Definition: RetainCountChecker.h:221
clang::ento::retaincountchecker::RefVal::IvarAccessHistory
IvarAccessHistory
Tracks how an object referenced by an ivar has been used.
Definition: RetainCountChecker.h:74
clang::ento::retaincountchecker::RefVal::getIvarAccessHistory
IvarAccessHistory getIvarAccessHistory() const
Returns what the analyzer knows about direct accesses to a particular instance variable.
Definition: RetainCountChecker.h:147
clang::ento::retaincountchecker::RefVal::hasSameState
bool hasSameState(const RefVal &X) const
Definition: RetainCountChecker.h:216
clang::ento::retaincountchecker::RefVal::makeOwned
static RefVal makeOwned(ObjKind o, QualType t)
Create a state for an object whose lifetime is the responsibility of the current function,...
Definition: RetainCountChecker.h:171
clang::ento::retaincountchecker::RefVal::Profile
void Profile(llvm::FoldingSetNodeID &ID) const
Definition: RetainCountChecker.h:225
clang::ento::retaincountchecker::RefVal::makeNotOwned
static RefVal makeNotOwned(ObjKind o, QualType t)
Create a state for an object whose lifetime is not the responsibility of the current function.
Definition: RetainCountChecker.h:179
clang::ento::retaincountchecker::RetainCountChecker::checkPostStmt
void checkPostStmt(const BlockExpr *BE, CheckerContext &C) const
Definition: RetainCountChecker.cpp:147
clang::ento::retaincountchecker::RetainCountChecker::checkSummary
void checkSummary(const RetainSummary &Summ, const CallEvent &Call, CheckerContext &C) const
Definition: RetainCountChecker.cpp:604
clang::ento::retaincountchecker::RetainCountChecker::handleSymbolDeath
ProgramStateRef handleSymbolDeath(ProgramStateRef state, SymbolRef sid, RefVal V, SmallVectorImpl< SymbolRef > &Leaked) const
Definition: RetainCountChecker.cpp:1285
clang::ento::retaincountchecker::RetainCountChecker::CastFailTag
static std::unique_ptr< CheckerProgramPointTag > CastFailTag
Definition: RetainCountChecker.h:266
clang::ento::retaincountchecker::RetainCountChecker::TrackObjCAndCFObjects
bool TrackObjCAndCFObjects
Track Objective-C and CoreFoundation objects.
Definition: RetainCountChecker.h:269
clang::ento::retaincountchecker::RetainCountChecker::evalAssume
ProgramStateRef evalAssume(ProgramStateRef state, SVal Cond, bool Assumption) const
Definition: RetainCountChecker.cpp:1150
clang::ento::retaincountchecker::RetainCountChecker::DeallocSentTag
static std::unique_ptr< CheckerProgramPointTag > DeallocSentTag
Definition: RetainCountChecker.h:265
clang::ento::retaincountchecker::RetainCountChecker::getCastFailTag
static const CheckerProgramPointTag & getCastFailTag()
Definition: RetainCountChecker.h:366
clang::ento::retaincountchecker::RetainCountChecker::processNonLeakError
void processNonLeakError(ProgramStateRef St, SourceRange ErrorRange, RefVal::Kind ErrorKind, SymbolRef Sym, CheckerContext &C) const
Definition: RetainCountChecker.cpp:858
clang::ento::retaincountchecker::RetainCountChecker::errorKindToBugKind
const RefCountBug & errorKindToBugKind(RefVal::Kind ErrorKind, SymbolRef Sym) const
Definition: RetainCountChecker.cpp:842
clang::ento::retaincountchecker::RetainCountChecker::checkBind
void checkBind(SVal loc, SVal val, const Stmt *S, CheckerContext &C) const
Definition: RetainCountChecker.cpp:1137
clang::ento::retaincountchecker::RetainCountChecker::checkReturnWithRetEffect
ExplodedNode * checkReturnWithRetEffect(const ReturnStmt *S, CheckerContext &C, ExplodedNode *Pred, RetEffect RE, RefVal X, SymbolRef Sym, ProgramStateRef state) const
Definition: RetainCountChecker.cpp:1066
clang::ento::retaincountchecker::RetainCountChecker::handleAutoreleaseCounts
ProgramStateRef handleAutoreleaseCounts(ProgramStateRef state, ExplodedNode *Pred, const ProgramPointTag *Tag, CheckerContext &Ctx, SymbolRef Sym, RefVal V, const ReturnStmt *S=nullptr) const
Definition: RetainCountChecker.cpp:1207
clang::ento::retaincountchecker::RetainCountChecker::processLeaks
ExplodedNode * processLeaks(ProgramStateRef state, SmallVectorImpl< SymbolRef > &Leaked, CheckerContext &Ctx, ExplodedNode *Pred=nullptr) const
Definition: RetainCountChecker.cpp:1313
clang::ento::retaincountchecker::RetainCountChecker::updateSymbol
ProgramStateRef updateSymbol(ProgramStateRef state, SymbolRef sym, RefVal V, ArgEffect E, RefVal::Kind &hasErr, CheckerContext &C) const
Definition: RetainCountChecker.cpp:710
clang::ento::retaincountchecker::RetainCountChecker::checkDeadSymbols
void checkDeadSymbols(SymbolReaper &SymReaper, CheckerContext &C) const
Definition: RetainCountChecker.cpp:1409
clang::ento::retaincountchecker::RetainCountChecker::getDeallocSentTag
static const CheckerProgramPointTag & getDeallocSentTag()
Definition: RetainCountChecker.h:362
clang::ento::retaincountchecker::RetainCountChecker::Summaries
std::unique_ptr< RetainSummaryManager > Summaries
Definition: RetainCountChecker.h:263
clang::ento::retaincountchecker::RetainCountChecker::printState
void printState(raw_ostream &Out, ProgramStateRef State, const char *NL, const char *Sep) const override
See CheckerManager::runCheckersForPrintState.
Definition: RetainCountChecker.cpp:1455
clang::ento::retaincountchecker::RetainCountChecker::evalCall
bool evalCall(const CallEvent &Call, CheckerContext &C) const
Definition: RetainCountChecker.cpp:888
clang::ento::retaincountchecker::RetainCountChecker::checkPostCall
void checkPostCall(const CallEvent &Call, CheckerContext &C) const
Definition: RetainCountChecker.cpp:362
clang::ento::retaincountchecker::RetainCountChecker::checkRegionChanges
ProgramStateRef checkRegionChanges(ProgramStateRef state, const InvalidatedSymbols *invalidated, ArrayRef< const MemRegion * > ExplicitRegions, ArrayRef< const MemRegion * > Regions, const LocationContext *LCtx, const CallEvent *Call) const
Definition: RetainCountChecker.cpp:1183
clang::ento::retaincountchecker::RetainCountChecker::processObjCLiterals
void processObjCLiterals(CheckerContext &C, const Expr *Ex) const
Definition: RetainCountChecker.cpp:228
clang::ento::retaincountchecker::RetainCountChecker::checkEndFunction
void checkEndFunction(const ReturnStmt *RS, CheckerContext &C) const
Definition: RetainCountChecker.cpp:1367
clang::ento::retaincountchecker::RetainCountChecker::getSummaryManager
RetainSummaryManager & getSummaryManager(CheckerContext &C) const
Definition: RetainCountChecker.h:286
clang::ento::retaincountchecker::RetainCountChecker::processSummaryOfInlined
void processSummaryOfInlined(const RetainSummary &Summ, const CallEvent &Call, CheckerContext &C) const
Definition: RetainCountChecker.cpp:447
clang::ento::retaincountchecker::RetainCountChecker::getSummaryManager
RetainSummaryManager & getSummaryManager(ASTContext &Ctx) const
Definition: RetainCountChecker.h:279
clang::ento::retaincountchecker::RetainCountChecker::TrackNSCFStartParam
bool TrackNSCFStartParam
Track initial parameters (for the entry point) for NS/CF objects.
Definition: RetainCountChecker.h:275
clang::ento::retaincountchecker::getRefBinding
const RefVal * getRefBinding(ProgramStateRef State, SymbolRef Sym)
Definition: RetainCountChecker.cpp:29
clang::ento::retaincountchecker::isSynthesizedAccessor
bool isSynthesizedAccessor(const StackFrameContext *SFC)
Returns true if this stack frame is for an Objective-C method that is a property getter or setter who...
Definition: RetainCountChecker.h:383
clang::ento::ObjKind
ObjKind
Determines the object kind of a tracked object.
Definition: RetainSummaryManager.h:36
clang::ento::InvalidatedSymbols
llvm::DenseSet< SymbolRef > InvalidatedSymbols
Definition: Store.h:51
clang
The JSON file list parser is used to communicate input to InstallAPI.
Definition: CalledOnceCheck.h:17
clang::T
const FunctionProtoType * T
Definition: RecursiveASTVisitor.h:1365
Generated on Fri Jul 11 2025 10:29:15 for clang by doxygen 1.9.6