clang  8.0.0svn
SValBuilder.cpp
Go to the documentation of this file.
1 //===- SValBuilder.cpp - Basic class for all SValBuilder implementations --===//
2 //
3 // The LLVM Compiler Infrastructure
4 //
5 // This file is distributed under the University of Illinois Open Source
6 // License. See LICENSE.TXT for details.
7 //
8 //===----------------------------------------------------------------------===//
9 //
10 // This file defines SValBuilder, the base class for all (complete) SValBuilder
11 // implementations.
12 //
13 //===----------------------------------------------------------------------===//
14 
15 #include "clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h"
16 #include "clang/AST/ASTContext.h"
17 #include "clang/AST/Decl.h"
18 #include "clang/AST/DeclCXX.h"
19 #include "clang/AST/ExprCXX.h"
20 #include "clang/AST/ExprObjC.h"
21 #include "clang/AST/Stmt.h"
22 #include "clang/AST/Type.h"
23 #include "clang/Basic/LLVM.h"
24 #include "clang/Analysis/AnalysisDeclContext.h"
25 #include "clang/StaticAnalyzer/Core/PathSensitive/AnalysisManager.h"
26 #include "clang/StaticAnalyzer/Core/PathSensitive/APSIntType.h"
27 #include "clang/StaticAnalyzer/Core/PathSensitive/BasicValueFactory.h"
28 #include "clang/StaticAnalyzer/Core/PathSensitive/MemRegion.h"
29 #include "clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h"
30 #include "clang/StaticAnalyzer/Core/PathSensitive/ProgramState_Fwd.h"
31 #include "clang/StaticAnalyzer/Core/PathSensitive/SVals.h"
32 #include "clang/StaticAnalyzer/Core/PathSensitive/Store.h"
33 #include "clang/StaticAnalyzer/Core/PathSensitive/SubEngine.h"
34 #include "clang/StaticAnalyzer/Core/PathSensitive/SymExpr.h"
35 #include "clang/StaticAnalyzer/Core/PathSensitive/SymbolManager.h"
36 #include "llvm/ADT/APSInt.h"
37 #include "llvm/ADT/None.h"
38 #include "llvm/ADT/Optional.h"
39 #include "llvm/Support/Casting.h"
40 #include "llvm/Support/Compiler.h"
41 #include <cassert>
42 #include <tuple>
43 
44 using namespace clang;
45 using namespace ento;
46 
47 //===----------------------------------------------------------------------===//
48 // Basic SVal creation.
49 //===----------------------------------------------------------------------===//
50 
51 void SValBuilder::anchor() {}
52 
53 DefinedOrUnknownSVal SValBuilder::makeZeroVal(QualType type) {
54  if (Loc::isLocType(type))
55  return makeNull();
56 
57  if (type->isIntegralOrEnumerationType())
58  return makeIntVal(0, type);
59 
60  if (type->isArrayType() || type->isRecordType() || type->isVectorType() ||
61  type->isAnyComplexType())
62  return makeCompoundVal(type, BasicVals.getEmptySValList());
63 
64  // FIXME: Handle floats.
65  return UnknownVal();
66 }
67 
68 NonLoc SValBuilder::makeNonLoc(const SymExpr *lhs, BinaryOperator::Opcode op,
69  const llvm::APSInt& rhs, QualType type) {
70  // The Environment ensures we always get a persistent APSInt in
71  // BasicValueFactory, so we don't need to get the APSInt from
72  // BasicValueFactory again.
73  assert(lhs);
74  assert(!Loc::isLocType(type));
75  return nonloc::SymbolVal(SymMgr.getSymIntExpr(lhs, op, rhs, type));
76 }
77 
78 NonLoc SValBuilder::makeNonLoc(const llvm::APSInt& lhs,
79  BinaryOperator::Opcode op, const SymExpr *rhs,
80  QualType type) {
81  assert(rhs);
82  assert(!Loc::isLocType(type));
83  return nonloc::SymbolVal(SymMgr.getIntSymExpr(lhs, op, rhs, type));
84 }
85 
86 NonLoc SValBuilder::makeNonLoc(const SymExpr *lhs, BinaryOperator::Opcode op,
87  const SymExpr *rhs, QualType type) {
88  assert(lhs && rhs);
89  assert(!Loc::isLocType(type));
90  return nonloc::SymbolVal(SymMgr.getSymSymExpr(lhs, op, rhs, type));
91 }
92 
93 NonLoc SValBuilder::makeNonLoc(const SymExpr *operand,
94  QualType fromTy, QualType toTy) {
95  assert(operand);
96  assert(!Loc::isLocType(toTy));
97  return nonloc::SymbolVal(SymMgr.getCastSymbol(operand, fromTy, toTy));
98 }
99 
100 SVal SValBuilder::convertToArrayIndex(SVal val) {
101  if (val.isUnknownOrUndef())
102  return val;
103 
104  // Common case: we have an appropriately sized integer.
105  if (Optional<nonloc::ConcreteInt> CI = val.getAs<nonloc::ConcreteInt>()) {
106  const llvm::APSInt& I = CI->getValue();
107  if (I.getBitWidth() == ArrayIndexWidth && I.isSigned())
108  return val;
109  }
110 
111  return evalCastFromNonLoc(val.castAs<NonLoc>(), ArrayIndexTy);
112 }
113 
114 nonloc::ConcreteInt SValBuilder::makeBoolVal(const CXXBoolLiteralExpr *boolean){
115  return makeTruthVal(boolean->getValue());
116 }
117 
118 DefinedOrUnknownSVal
119 SValBuilder::getRegionValueSymbolVal(const TypedValueRegion *region) {
120  QualType T = region->getValueType();
121 
122  if (T->isNullPtrType())
123  return makeZeroVal(T);
124 
125  if (!SymbolManager::canSymbolicate(T))
126  return UnknownVal();
127 
128  SymbolRef sym = SymMgr.getRegionValueSymbol(region);
129 
130  if (Loc::isLocType(T))
131  return loc::MemRegionVal(MemMgr.getSymbolicRegion(sym));
132 
133  return nonloc::SymbolVal(sym);
134 }
135 
136 DefinedOrUnknownSVal SValBuilder::conjureSymbolVal(const void *SymbolTag,
137  const Expr *Ex,
138  const LocationContext *LCtx,
139  unsigned Count) {
140  QualType T = Ex->getType();
141 
142  if (T->isNullPtrType())
143  return makeZeroVal(T);
144 
145  // Compute the type of the result. If the expression is not an R-value, the
146  // result should be a location.
147  QualType ExType = Ex->getType();
148  if (Ex->isGLValue())
149  T = LCtx->getAnalysisDeclContext()->getASTContext().getPointerType(ExType);
150 
151  return conjureSymbolVal(SymbolTag, Ex, LCtx, T, Count);
152 }
153 
154 DefinedOrUnknownSVal SValBuilder::conjureSymbolVal(const void *symbolTag,
155  const Expr *expr,
156  const LocationContext *LCtx,
157  QualType type,
158  unsigned count) {
159  if (type->isNullPtrType())
160  return makeZeroVal(type);
161 
162  if (!SymbolManager::canSymbolicate(type))
163  return UnknownVal();
164 
165  SymbolRef sym = SymMgr.conjureSymbol(expr, LCtx, type, count, symbolTag);
166 
167  if (Loc::isLocType(type))
168  return loc::MemRegionVal(MemMgr.getSymbolicRegion(sym));
169 
170  return nonloc::SymbolVal(sym);
171 }
172 
173 DefinedOrUnknownSVal SValBuilder::conjureSymbolVal(const Stmt *stmt,
174  const LocationContext *LCtx,
175  QualType type,
176  unsigned visitCount) {
177  if (type->isNullPtrType())
178  return makeZeroVal(type);
179 
180  if (!SymbolManager::canSymbolicate(type))
181  return UnknownVal();
182 
183  SymbolRef sym = SymMgr.conjureSymbol(stmt, LCtx, type, visitCount);
184 
185  if (Loc::isLocType(type))
186  return loc::MemRegionVal(MemMgr.getSymbolicRegion(sym));
187 
188  return nonloc::SymbolVal(sym);
189 }
190 
191 DefinedOrUnknownSVal
192 SValBuilder::getConjuredHeapSymbolVal(const Expr *E,
193  const LocationContext *LCtx,
194  unsigned VisitCount) {
195  QualType T = E->getType();
196  assert(Loc::isLocType(T));
197  assert(SymbolManager::canSymbolicate(T));
198  if (T->isNullPtrType())
199  return makeZeroVal(T);
200 
201  SymbolRef sym = SymMgr.conjureSymbol(E, LCtx, T, VisitCount);
202  return loc::MemRegionVal(MemMgr.getSymbolicHeapRegion(sym));
203 }
204 
205 DefinedSVal SValBuilder::getMetadataSymbolVal(const void *symbolTag,
206  const MemRegion *region,
207  const Expr *expr, QualType type,
208  const LocationContext *LCtx,
209  unsigned count) {
210  assert(SymbolManager::canSymbolicate(type) && "Invalid metadata symbol type");
211 
212  SymbolRef sym =
213  SymMgr.getMetadataSymbol(region, expr, type, LCtx, count, symbolTag);
214 
215  if (Loc::isLocType(type))
216  return loc::MemRegionVal(MemMgr.getSymbolicRegion(sym));
217 
218  return nonloc::SymbolVal(sym);
219 }
220 
221 DefinedOrUnknownSVal
222 SValBuilder::getDerivedRegionValueSymbolVal(SymbolRef parentSymbol,
223  const TypedValueRegion *region) {
224  QualType T = region->getValueType();
225 
226  if (T->isNullPtrType())
227  return makeZeroVal(T);
228 
229  if (!SymbolManager::canSymbolicate(T))
230  return UnknownVal();
231 
232  SymbolRef sym = SymMgr.getDerivedSymbol(parentSymbol, region);
233 
234  if (Loc::isLocType(T))
235  return loc::MemRegionVal(MemMgr.getSymbolicRegion(sym));
236 
237  return nonloc::SymbolVal(sym);
238 }
239 
240 DefinedSVal SValBuilder::getMemberPointer(const DeclaratorDecl *DD) {
241  assert(!DD || isa<CXXMethodDecl>(DD) || isa<FieldDecl>(DD));
242 
243  if (const auto *MD = dyn_cast_or_null<CXXMethodDecl>(DD)) {
244  // Sema treats pointers to static member functions as have function pointer
245  // type, so return a function pointer for the method.
246  // We don't need to play a similar trick for static member fields
247  // because these are represented as plain VarDecls and not FieldDecls
248  // in the AST.
249  if (MD->isStatic())
250  return getFunctionPointer(MD);
251  }
252 
253  return nonloc::PointerToMember(DD);
254 }
255 
256 DefinedSVal SValBuilder::getFunctionPointer(const FunctionDecl *func) {
257  return loc::MemRegionVal(MemMgr.getFunctionCodeRegion(func));
258 }
259 
260 DefinedSVal SValBuilder::getBlockPointer(const BlockDecl *block,
261  CanQualType locTy,
262  const LocationContext *locContext,
263  unsigned blockCount) {
264  const BlockCodeRegion *BC =
265  MemMgr.getBlockCodeRegion(block, locTy, locContext->getAnalysisDeclContext());
266  const BlockDataRegion *BD = MemMgr.getBlockDataRegion(BC, locContext,
267  blockCount);
268  return loc::MemRegionVal(BD);
269 }
270 
271 /// Return a memory region for the 'this' object reference.
272 loc::MemRegionVal SValBuilder::getCXXThis(const CXXMethodDecl *D,
273  const StackFrameContext *SFC) {
274  return loc::MemRegionVal(getRegionManager().
275  getCXXThisRegion(D->getThisType(getContext()), SFC));
276 }
277 
278 /// Return a memory region for the 'this' object reference.
279 loc::MemRegionVal SValBuilder::getCXXThis(const CXXRecordDecl *D,
280  const StackFrameContext *SFC) {
281  const Type *T = D->getTypeForDecl();
282  QualType PT = getContext().getPointerType(QualType(T, 0));
283  return loc::MemRegionVal(getRegionManager().getCXXThisRegion(PT, SFC));
284 }
285 
286 Optional<SVal> SValBuilder::getConstantVal(const Expr *E) {
287  E = E->IgnoreParens();
288 
289  switch (E->getStmtClass()) {
290  // Handle expressions that we treat differently from the AST's constant
291  // evaluator.
292  case Stmt::AddrLabelExprClass:
293  return makeLoc(cast<AddrLabelExpr>(E));
294 
295  case Stmt::CXXScalarValueInitExprClass:
296  case Stmt::ImplicitValueInitExprClass:
297  return makeZeroVal(E->getType());
298 
299  case Stmt::ObjCStringLiteralClass: {
300  const auto *SL = cast<ObjCStringLiteral>(E);
301  return makeLoc(getRegionManager().getObjCStringRegion(SL));
302  }
303 
304  case Stmt::StringLiteralClass: {
305  const auto *SL = cast<StringLiteral>(E);
306  return makeLoc(getRegionManager().getStringRegion(SL));
307  }
308 
309  // Fast-path some expressions to avoid the overhead of going through the AST's
310  // constant evaluator
311  case Stmt::CharacterLiteralClass: {
312  const auto *C = cast<CharacterLiteral>(E);
313  return makeIntVal(C->getValue(), C->getType());
314  }
315 
316  case Stmt::CXXBoolLiteralExprClass:
317  return makeBoolVal(cast<CXXBoolLiteralExpr>(E));
318 
319  case Stmt::TypeTraitExprClass: {
320  const auto *TE = cast<TypeTraitExpr>(E);
321  return makeTruthVal(TE->getValue(), TE->getType());
322  }
323 
324  case Stmt::IntegerLiteralClass:
325  return makeIntVal(cast<IntegerLiteral>(E));
326 
327  case Stmt::ObjCBoolLiteralExprClass:
328  return makeBoolVal(cast<ObjCBoolLiteralExpr>(E));
329 
330  case Stmt::CXXNullPtrLiteralExprClass:
331  return makeNull();
332 
333  case Stmt::CStyleCastExprClass:
334  case Stmt::CXXFunctionalCastExprClass:
335  case Stmt::CXXConstCastExprClass:
336  case Stmt::CXXReinterpretCastExprClass:
337  case Stmt::CXXStaticCastExprClass:
338  case Stmt::ImplicitCastExprClass: {
339  const auto *CE = cast<CastExpr>(E);
340  switch (CE->getCastKind()) {
341  default:
342  break;
343  case CK_ArrayToPointerDecay:
344  case CK_IntegralToPointer:
345  case CK_NoOp:
346  case CK_BitCast: {
347  const Expr *SE = CE->getSubExpr();
348  Optional<SVal> Val = getConstantVal(SE);
349  if (!Val)
350  return None;
351  return evalCast(*Val, CE->getType(), SE->getType());
352  }
353  }
354  // FALLTHROUGH
355  LLVM_FALLTHROUGH;
356  }
357 
358  // If we don't have a special case, fall back to the AST's constant evaluator.
359  default: {
360  // Don't try to come up with a value for materialized temporaries.
361  if (E->isGLValue())
362  return None;
363 
364  ASTContext &Ctx = getContext();
365  Expr::EvalResult Result;
366  if (E->EvaluateAsInt(Result, Ctx))
367  return makeIntVal(Result.Val.getInt());
368 
369  if (Loc::isLocType(E->getType()))
370  if (E->isNullPointerConstant(Ctx, Expr::NPC_ValueDependentIsNotNull))
371  return makeNull();
372 
373  return None;
374  }
375  }
376 }
377 
378 SVal SValBuilder::makeSymExprValNN(BinaryOperator::Opcode Op,
379  NonLoc LHS, NonLoc RHS,
380  QualType ResultTy) {
381  const SymExpr *symLHS = LHS.getAsSymExpr();
382  const SymExpr *symRHS = RHS.getAsSymExpr();
383 
384  // TODO: When the Max Complexity is reached, we should conjure a symbol
385  // instead of generating an Unknown value and propagate the taint info to it.
386  const unsigned MaxComp = StateMgr.getOwningEngine()
387  ->getAnalysisManager()
388  .options.MaxSymbolComplexity;
389 
390  if (symLHS && symRHS &&
391  (symLHS->computeComplexity() + symRHS->computeComplexity()) < MaxComp)
392  return makeNonLoc(symLHS, Op, symRHS, ResultTy);
393 
394  if (symLHS && symLHS->computeComplexity() < MaxComp)
395  if (Optional<nonloc::ConcreteInt> rInt = RHS.getAs<nonloc::ConcreteInt>())
396  return makeNonLoc(symLHS, Op, rInt->getValue(), ResultTy);
397 
398  if (symRHS && symRHS->computeComplexity() < MaxComp)
399  if (Optional<nonloc::ConcreteInt> lInt = LHS.getAs<nonloc::ConcreteInt>())
400  return makeNonLoc(lInt->getValue(), Op, symRHS, ResultTy);
401 
402  return UnknownVal();
403 }
404 
405 SVal SValBuilder::evalBinOp(ProgramStateRef state, BinaryOperator::Opcode op,
406  SVal lhs, SVal rhs, QualType type) {
407  if (lhs.isUndef() || rhs.isUndef())
408  return UndefinedVal();
409 
410  if (lhs.isUnknown() || rhs.isUnknown())
411  return UnknownVal();
412 
413  if (lhs.getAs<nonloc::LazyCompoundVal>() ||
414  rhs.getAs<nonloc::LazyCompoundVal>()) {
415  return UnknownVal();
416  }
417 
418  if (Optional<Loc> LV = lhs.getAs<Loc>()) {
419  if (Optional<Loc> RV = rhs.getAs<Loc>())
420  return evalBinOpLL(state, op, *LV, *RV, type);
421 
422  return evalBinOpLN(state, op, *LV, rhs.castAs<NonLoc>(), type);
423  }
424 
425  if (Optional<Loc> RV = rhs.getAs<Loc>()) {
426  // Support pointer arithmetic where the addend is on the left
427  // and the pointer on the right.
428  assert(op == BO_Add);
429 
430  // Commute the operands.
431  return evalBinOpLN(state, op, *RV, lhs.castAs<NonLoc>(), type);
432  }
433 
434  return evalBinOpNN(state, op, lhs.castAs<NonLoc>(), rhs.castAs<NonLoc>(),
435  type);
436 }
437 
438 ConditionTruthVal SValBuilder::areEqual(ProgramStateRef state, SVal lhs,
439  SVal rhs) {
440  return state->isNonNull(evalEQ(state, lhs, rhs));
441 }
442 
443 SVal SValBuilder::evalEQ(ProgramStateRef state, SVal lhs, SVal rhs) {
444  return evalBinOp(state, BO_EQ, lhs, rhs, getConditionType());
445 }
446 
447 DefinedOrUnknownSVal SValBuilder::evalEQ(ProgramStateRef state,
448  DefinedOrUnknownSVal lhs,
449  DefinedOrUnknownSVal rhs) {
450  return evalEQ(state, static_cast<SVal>(lhs), static_cast<SVal>(rhs))
451  .castAs<DefinedOrUnknownSVal>();
452 }
453 
454 /// Recursively check if the pointer types are equal modulo const, volatile,
455 /// and restrict qualifiers. Also, assume that all types are similar to 'void'.
456 /// Assumes the input types are canonical.
457 static bool shouldBeModeledWithNoOp(ASTContext &Context, QualType ToTy,
458  QualType FromTy) {
459  while (Context.UnwrapSimilarTypes(ToTy, FromTy)) {
460  Qualifiers Quals1, Quals2;
461  ToTy = Context.getUnqualifiedArrayType(ToTy, Quals1);
462  FromTy = Context.getUnqualifiedArrayType(FromTy, Quals2);
463 
464  // Make sure that non-cvr-qualifiers the other qualifiers (e.g., address
465  // spaces) are identical.
466  Quals1.removeCVRQualifiers();
467  Quals2.removeCVRQualifiers();
468  if (Quals1 != Quals2)
469  return false;
470  }
471 
472  // If we are casting to void, the 'From' value can be used to represent the
473  // 'To' value.
474  //
475  // FIXME: Doing this after unwrapping the types doesn't make any sense. A
476  // cast from 'int**' to 'void**' is not special in the way that a cast from
477  // 'int*' to 'void*' is.
478  if (ToTy->isVoidType())
479  return true;
480 
481  if (ToTy != FromTy)
482  return false;
483 
484  return true;
485 }
486 
487 // Handles casts of type CK_IntegralCast.
488 // At the moment, this function will redirect to evalCast, except when the range
489 // of the original value is known to be greater than the max of the target type.
490 SVal SValBuilder::evalIntegralCast(ProgramStateRef state, SVal val,
491  QualType castTy, QualType originalTy) {
492  // No truncations if target type is big enough.
493  if (getContext().getTypeSize(castTy) >= getContext().getTypeSize(originalTy))
494  return evalCast(val, castTy, originalTy);
495 
496  const SymExpr *se = val.getAsSymbolicExpression();
497  if (!se) // Let evalCast handle non symbolic expressions.
498  return evalCast(val, castTy, originalTy);
499 
500  // Find the maximum value of the target type.
501  APSIntType ToType(getContext().getTypeSize(castTy),
502  castTy->isUnsignedIntegerType());
503  llvm::APSInt ToTypeMax = ToType.getMaxValue();
504  NonLoc ToTypeMaxVal =
505  makeIntVal(ToTypeMax.isUnsigned() ? ToTypeMax.getZExtValue()
506  : ToTypeMax.getSExtValue(),
507  castTy)
508  .castAs<NonLoc>();
509  // Check the range of the symbol being casted against the maximum value of the
510  // target type.
511  NonLoc FromVal = val.castAs<NonLoc>();
512  QualType CmpTy = getConditionType();
513  NonLoc CompVal =
514  evalBinOpNN(state, BO_LE, FromVal, ToTypeMaxVal, CmpTy).castAs<NonLoc>();
515  ProgramStateRef IsNotTruncated, IsTruncated;
516  std::tie(IsNotTruncated, IsTruncated) = state->assume(CompVal);
517  if (!IsNotTruncated && IsTruncated) {
518  // Symbol is truncated so we evaluate it as a cast.
519  NonLoc CastVal = makeNonLoc(se, originalTy, castTy);
520  return CastVal;
521  }
522  return evalCast(val, castTy, originalTy);
523 }
524 
525 // FIXME: should rewrite according to the cast kind.
526 SVal SValBuilder::evalCast(SVal val, QualType castTy, QualType originalTy) {
527  castTy = Context.getCanonicalType(castTy);
528  originalTy = Context.getCanonicalType(originalTy);
529  if (val.isUnknownOrUndef() || castTy == originalTy)
530  return val;
531 
532  if (castTy->isBooleanType()) {
533  if (val.isUnknownOrUndef())
534  return val;
535  if (val.isConstant())
536  return makeTruthVal(!val.isZeroConstant(), castTy);
537  if (!Loc::isLocType(originalTy) &&
538  !originalTy->isIntegralOrEnumerationType() &&
539  !originalTy->isMemberPointerType())
540  return UnknownVal();
541  if (SymbolRef Sym = val.getAsSymbol(true)) {
542  BasicValueFactory &BVF = getBasicValueFactory();
543  // FIXME: If we had a state here, we could see if the symbol is known to
544  // be zero, but we don't.
545  return makeNonLoc(Sym, BO_NE, BVF.getValue(0, Sym->getType()), castTy);
546  }
547  // Loc values are not always true, they could be weakly linked functions.
548  if (Optional<Loc> L = val.getAs<Loc>())
549  return evalCastFromLoc(*L, castTy);
550 
551  Loc L = val.castAs<nonloc::LocAsInteger>().getLoc();
552  return evalCastFromLoc(L, castTy);
553  }
554 
555  // For const casts, casts to void, just propagate the value.
556  if (!castTy->isVariableArrayType() && !originalTy->isVariableArrayType())
557  if (shouldBeModeledWithNoOp(Context, Context.getPointerType(castTy),
558  Context.getPointerType(originalTy)))
559  return val;
560 
561  // Check for casts from pointers to integers.
562  if (castTy->isIntegralOrEnumerationType() && Loc::isLocType(originalTy))
563  return evalCastFromLoc(val.castAs<Loc>(), castTy);
564 
565  // Check for casts from integers to pointers.
566  if (Loc::isLocType(castTy) && originalTy->isIntegralOrEnumerationType()) {
567  if (Optional<nonloc::LocAsInteger> LV = val.getAs<nonloc::LocAsInteger>()) {
568  if (const MemRegion *R = LV->getLoc().getAsRegion()) {
569  StoreManager &storeMgr = StateMgr.getStoreManager();
570  R = storeMgr.castRegion(R, castTy);
571  return R ? SVal(loc::MemRegionVal(R)) : UnknownVal();
572  }
573  return LV->getLoc();
574  }
575  return dispatchCast(val, castTy);
576  }
577 
578  // Just pass through function and block pointers.
579  if (originalTy->isBlockPointerType() || originalTy->isFunctionPointerType()) {
580  assert(Loc::isLocType(castTy));
581  return val;
582  }
583 
584  // Check for casts from array type to another type.
585  if (const auto *arrayT =
586  dyn_cast<ArrayType>(originalTy.getCanonicalType())) {
587  // We will always decay to a pointer.
588  QualType elemTy = arrayT->getElementType();
589  val = StateMgr.ArrayToPointer(val.castAs<Loc>(), elemTy);
590 
591  // Are we casting from an array to a pointer? If so just pass on
592  // the decayed value.
593  if (castTy->isPointerType() || castTy->isReferenceType())
594  return val;
595 
596  // Are we casting from an array to an integer? If so, cast the decayed
597  // pointer value to an integer.
598  assert(castTy->isIntegralOrEnumerationType());
599 
600  // FIXME: Keep these here for now in case we decide soon that we
601  // need the original decayed type.
602  // QualType elemTy = cast<ArrayType>(originalTy)->getElementType();
603  // QualType pointerTy = C.getPointerType(elemTy);
604  return evalCastFromLoc(val.castAs<Loc>(), castTy);
605  }
606 
607  // Check for casts from a region to a specific type.
608  if (const MemRegion *R = val.getAsRegion()) {
609  // Handle other casts of locations to integers.
610  if (castTy->isIntegralOrEnumerationType())
611  return evalCastFromLoc(loc::MemRegionVal(R), castTy);
612 
613  // FIXME: We should handle the case where we strip off view layers to get
614  // to a desugared type.
615  if (!Loc::isLocType(castTy)) {
616  // FIXME: There can be gross cases where one casts the result of a function
617  // (that returns a pointer) to some other value that happens to fit
618  // within that pointer value. We currently have no good way to
619  // model such operations. When this happens, the underlying operation
620  // is that the caller is reasoning about bits. Conceptually we are
621  // layering a "view" of a location on top of those bits. Perhaps
622  // we need to be more lazy about mutual possible views, even on an
623  // SVal? This may be necessary for bit-level reasoning as well.
624  return UnknownVal();
625  }
626 
627  // We get a symbolic function pointer for a dereference of a function
628  // pointer, but it is of function type. Example:
629 
630  // struct FPRec {
631  // void (*my_func)(int * x);
632  // };
633  //
634  // int bar(int x);
635  //
636  // int f1_a(struct FPRec* foo) {
637  // int x;
638  // (*foo->my_func)(&x);
639  // return bar(x)+1; // no-warning
640  // }
641 
642  assert(Loc::isLocType(originalTy) || originalTy->isFunctionType() ||
643  originalTy->isBlockPointerType() || castTy->isReferenceType());
644 
645  StoreManager &storeMgr = StateMgr.getStoreManager();
646 
647  // Delegate to store manager to get the result of casting a region to a
648  // different type. If the MemRegion* returned is NULL, this expression
649  // Evaluates to UnknownVal.
650  R = storeMgr.castRegion(R, castTy);
651  return R ? SVal(loc::MemRegionVal(R)) : UnknownVal();
652  }
653 
654  return dispatchCast(val, castTy);
655 }
ASTContext.h
Defines the clang::ASTContext interface.
clang::FunctionDecl
Represents a function declaration or definition.
Definition: Decl.h:1739
clang::ento::SymbolManager::conjureSymbol
const SymbolConjured * conjureSymbol(const Stmt *E, const LocationContext *LCtx, QualType T, unsigned VisitCount, const void *SymbolTag=nullptr)
clang::ento::TypedValueRegion
TypedValueRegion - An abstract class representing regions having a typed value.
Definition: MemRegion.h:529
clang::ento::SValBuilder::makeIntVal
nonloc::ConcreteInt makeIntVal(const IntegerLiteral *integer)
Definition: SValBuilder.h:279
clang::ento::SValBuilder::getBlockPointer
DefinedSVal getBlockPointer(const BlockDecl *block, CanQualType locTy, const LocationContext *locContext, unsigned blockCount)
Definition: SValBuilder.cpp:260
clang::QualType
A (possibly-)qualified type.
Definition: Type.h:642
clang::ento::MemRegion
MemRegion - The root abstract class for all memory regions.
Definition: MemRegion.h:94
clang::Type::isBlockPointerType
bool isBlockPointerType() const
Definition: Type.h:6290
clang::Type::isArrayType
bool isArrayType() const
Definition: Type.h:6331
clang::Type::isMemberPointerType
bool isMemberPointerType() const
Definition: Type.h:6313
clang::ast_matchers::stmt
const internal::VariadicAllOfMatcher< Stmt > stmt
Matches statements.
Definition: ASTMatchersInternal.cpp:613
clang::Expr::EvaluateAsInt
bool EvaluateAsInt(EvalResult &Result, const ASTContext &Ctx, SideEffectsKind AllowSideEffects=SE_NoSideEffects) const
EvaluateAsInt - Return true if this is a constant which we can fold and convert to an integer...
Definition: ExprConstant.cpp:10827
clang::Stmt
Stmt - This represents one statement.
Definition: Stmt.h:66
clang::ento::SymbolManager::getIntSymExpr
const IntSymExpr * getIntSymExpr(const llvm::APSInt &lhs, BinaryOperator::Opcode op, const SymExpr *rhs, QualType t)
Definition: SymbolManager.cpp:288
Type.h
C Language Family Type Representation.
clang::Type::isRecordType
bool isRecordType() const
Definition: Type.h:6355
clang::ento::BlockCodeRegion
BlockCodeRegion - A region that represents code texts of blocks (closures).
Definition: MemRegion.h:627
clang::TypeDecl::getTypeForDecl
const Type * getTypeForDecl() const
Definition: Decl.h:2907
clang::ento::TypedValueRegion::getValueType
virtual QualType getValueType() const =0
clang::ento::SValBuilder::StateMgr
ProgramStateManager & StateMgr
Definition: SValBuilder.h:68
clang::Type
The base class of the type hierarchy.
Definition: Type.h:1415
clang::ento::SymExpr::computeComplexity
virtual unsigned computeComplexity() const =0
clang::ento::SValBuilder::evalCast
SVal evalCast(SVal val, QualType castTy, QualType originalType)
Definition: SValBuilder.cpp:526
clang::ento::nonloc::ConcreteInt
Value representing integer constant.
Definition: SVals.h:377
clang::ento::SValBuilder::MemMgr
MemRegionManager MemMgr
Manages the creation of memory regions.
Definition: SValBuilder.h:66
clang::Type::isUnsignedIntegerType
bool isUnsignedIntegerType() const
Return true if this is an integer type that is unsigned, according to C99 6.2.5p6 [which returns true...
Definition: Type.cpp:1884
clang::AnalysisDeclContext::getASTContext
ASTContext & getASTContext() const
Definition: AnalysisDeclContext.h:104
clang::ast_matchers::expr
const internal::VariadicDynCastAllOfMatcher< Stmt, Expr > expr
Matches expressions.
Definition: ASTMatchersInternal.cpp:688
clang::ento::SValBuilder::dispatchCast
virtual SVal dispatchCast(SVal val, QualType castTy)=0
clang::ento::SValBuilder::getCXXThis
loc::MemRegionVal getCXXThis(const CXXMethodDecl *D, const StackFrameContext *SFC)
Return a memory region for the &#39;this&#39; object reference.
Definition: SValBuilder.cpp:272
clang::ento::SValBuilder::makeNonLoc
NonLoc makeNonLoc(const SymExpr *lhs, BinaryOperator::Opcode op, const llvm::APSInt &rhs, QualType type)
Definition: SValBuilder.cpp:68
clang::ento::SValBuilder::BasicVals
BasicValueFactory BasicVals
Manager of APSInt values.
Definition: SValBuilder.h:60
ExprCXX.h
Defines the clang::Expr interface and subclasses for C++ expressions.
clang::Qualifiers
The collection of all-type qualifiers we support.
Definition: Type.h:141
clang::ento::StoreManager::castRegion
const MemRegion * castRegion(const MemRegion *region, QualType CastToTy)
castRegion - Used by ExprEngine::VisitCast to handle casts from a MemRegion* to a specific location t...
Definition: Store.cpp:75
clang::Type::isVariableArrayType
bool isVariableArrayType() const
Definition: Type.h:6343
clang::ASTContext::UnwrapSimilarTypes
bool UnwrapSimilarTypes(QualType &T1, QualType &T2)
Attempt to unwrap two types that may be similar (C++ [conv.qual]).
Definition: ASTContext.cpp:5137
clang::ento::SymExpr
Symbolic value.
Definition: SymExpr.h:30
clang::ento::SymbolManager::getDerivedSymbol
const SymbolDerived * getDerivedSymbol(SymbolRef parentSymbol, const TypedValueRegion *R)
Definition: SymbolManager.cpp:204
clang::ento::SValBuilder::evalCastFromNonLoc
virtual SVal evalCastFromNonLoc(NonLoc val, QualType castTy)=0
clang::ento::SValBuilder::evalBinOpLN
virtual SVal evalBinOpLN(ProgramStateRef state, BinaryOperator::Opcode op, Loc lhs, NonLoc rhs, QualType resultTy)=0
Create a new value which represents a binary expression with a memory location and non-location opera...
clang::ento::SValBuilder::getRegionManager
MemRegionManager & getRegionManager()
Definition: SValBuilder.h:175
clang::ASTContext
Holds long-lived AST nodes (such as types and decls) that can be referred to throughout the semantic ...
Definition: ASTContext.h:154
clang::ento::SValBuilder::evalIntegralCast
SVal evalIntegralCast(ProgramStateRef state, SVal val, QualType castTy, QualType originalType)
Definition: SValBuilder.cpp:490
ProgramState_Fwd.h
clang::ento::SymbolManager::canSymbolicate
static bool canSymbolicate(QualType T)
Definition: SymbolManager.cpp:349
clang::Type::isReferenceType
bool isReferenceType() const
Definition: Type.h:6294
clang::ento::SValBuilder::getDerivedRegionValueSymbolVal
DefinedOrUnknownSVal getDerivedRegionValueSymbolVal(SymbolRef parentSymbol, const TypedValueRegion *region)
Definition: SValBuilder.cpp:222
clang::CodeGen::state
i32 captured_struct **param SharedsTy A type which contains references the shared variables *param Shareds Context with the list of shared variables from the p *TaskFunction *param Data Additional data for task generation like final * state
Definition: CGOpenMPRuntime.h:747
clang::ento::SVal::getAsSymbolicExpression
const SymExpr * getAsSymbolicExpression() const
getAsSymbolicExpression - If this Sval wraps a symbolic expression then return that expression...
Definition: SVals.cpp:137
clang::Type::isIntegralOrEnumerationType
bool isIntegralOrEnumerationType() const
Determine whether this type is an integral or enumeration type.
Definition: Type.h:6630
clang::ento::MemRegionManager::getSymbolicRegion
const SymbolicRegion * getSymbolicRegion(SymbolRef Sym)
Retrieve or create a "symbolic" memory region.
Definition: MemRegion.cpp:1021
clang::Expr::isGLValue
bool isGLValue() const
Definition: Expr.h:252
clang::ento::Loc::isLocType
static bool isLocType(QualType T)
Definition: SVals.h:327
clang::BinaryOperatorKind
BinaryOperatorKind
Definition: OperationKinds.h:26
clang::ento::BlockDataRegion
BlockDataRegion - A region that represents a block instance.
Definition: MemRegion.h:672
clang::CXXMethodDecl::getThisType
QualType getThisType(ASTContext &C) const
Returns the type of the this pointer.
Definition: DeclCXX.cpp:2176
clang::Expr::EvalResult::Val
APValue Val
Val - This is the value the expression can be folded to.
Definition: Expr.h:573
LLVM.h
Forward-declares and imports various common LLVM datatypes that clang wants to use unqualified...
clang::ento::SValBuilder::makeSymExprValNN
SVal makeSymExprValNN(BinaryOperator::Opcode op, NonLoc lhs, NonLoc rhs, QualType resultTy)
Constructs a symbolic expression for two non-location values.
Definition: SValBuilder.cpp:378
clang::ento::SVal::isUnknown
bool isUnknown() const
Definition: SVals.h:137
clang::ento::SValBuilder::getRegionValueSymbolVal
DefinedOrUnknownSVal getRegionValueSymbolVal(const TypedValueRegion *region)
Make a unique symbol for value of region.
Definition: SValBuilder.cpp:119
clang::ento::APSIntType
A record of the "type" of an APSInt, used for conversions.
Definition: APSIntType.h:20
clang::ento::SValBuilder::makeCompoundVal
NonLoc makeCompoundVal(QualType type, llvm::ImmutableList< SVal > vals)
Definition: SValBuilder.h:251
clang::ento::SValBuilder::getFunctionPointer
DefinedSVal getFunctionPointer(const FunctionDecl *func)
Definition: SValBuilder.cpp:256
clang::ento::SVal::isConstant
bool isConstant() const
Definition: SVals.cpp:218
clang::ento::MemRegionManager::getBlockCodeRegion
const BlockCodeRegion * getBlockCodeRegion(const BlockDecl *BD, CanQualType locTy, AnalysisDeclContext *AC)
Definition: MemRegion.cpp:1015
clang::ento::SVal::getAsSymbol
SymbolRef getAsSymbol(bool IncludeBaseRegions=false) const
If this SVal wraps a symbol return that SymbolRef.
Definition: SVals.cpp:127
clang::DeclaratorDecl
Represents a ValueDecl that came out of a declarator.
Definition: Decl.h:688
clang::ento::SValBuilder::makeBoolVal
nonloc::ConcreteInt makeBoolVal(const ObjCBoolLiteralExpr *boolean)
Definition: SValBuilder.h:285
clang::ento::SValBuilder::areEqual
ConditionTruthVal areEqual(ProgramStateRef state, SVal lhs, SVal rhs)
Definition: SValBuilder.cpp:438
clang::ento::SValBuilder::makeLoc
Loc makeLoc(SymbolRef sym)
Definition: SValBuilder.h:354
clang::ento::SValBuilder::makeZeroVal
DefinedOrUnknownSVal makeZeroVal(QualType type)
Construct an SVal representing &#39;0&#39; for the specified type.
Definition: SValBuilder.cpp:53
clang::BlockDecl
Pepresents a block literal declaration, which is like an unnamed FunctionDecl.
Definition: Decl.h:3867
clang::Expr
This represents one expression.
Definition: Expr.h:106
clang::ento::SymbolManager::getSymIntExpr
const SymIntExpr * getSymIntExpr(const SymExpr *lhs, BinaryOperator::Opcode op, const llvm::APSInt &rhs, QualType t)
clang::Type::isNullPtrType
bool isNullPtrType() const
Definition: Type.h:6555
clang::ento::SValBuilder::ArrayIndexTy
const QualType ArrayIndexTy
The scalar type to use for array indices.
Definition: SValBuilder.h:71
clang::ento::SValBuilder::getConditionType
QualType getConditionType() const
Definition: SValBuilder.h:161
clang::Type::isAnyComplexType
bool isAnyComplexType() const
Definition: Type.h:6363
clang::Expr::getType
QualType getType() const
Definition: Expr.h:128
clang::ento::SValBuilder::evalBinOpLL
virtual SVal evalBinOpLL(ProgramStateRef state, BinaryOperator::Opcode op, Loc lhs, Loc rhs, QualType resultTy)=0
Create a new value which represents a binary expression with two memory location operands.
clang::ento::SValBuilder::evalBinOp
SVal evalBinOp(ProgramStateRef state, BinaryOperator::Opcode op, SVal lhs, SVal rhs, QualType type)
Definition: SValBuilder.cpp:405
clang::Qualifiers::removeCVRQualifiers
void removeCVRQualifiers(unsigned mask)
Definition: Type.h:285
clang::CXXBoolLiteralExpr::getValue
bool getValue() const
Definition: ExprCXX.h:569
clang::ento::SVal::getAs
Optional< T > getAs() const
Convert to the specified SVal type, returning None if this SVal is not of the desired type...
Definition: SVals.h:112
clang::ento::SymbolManager::getCastSymbol
const SymbolCast * getCastSymbol(const SymExpr *Operand, QualType From, QualType To)
Definition: SymbolManager.cpp:255
clang::ento::APSIntType::getMaxValue
llvm::APSInt getMaxValue() const LLVM_READONLY
Returns the maximum value for this type.
Definition: APSIntType.h:66
clang::ento::SymbolManager::getSymSymExpr
const SymSymExpr * getSymSymExpr(const SymExpr *lhs, BinaryOperator::Opcode op, const SymExpr *rhs, QualType t)
Definition: SymbolManager.cpp:306
clang::QualType::getCanonicalType
QualType getCanonicalType() const
Definition: Type.h:6097
clang::ento::SValBuilder::conjureSymbolVal
DefinedOrUnknownSVal conjureSymbolVal(const void *symbolTag, const Expr *expr, const LocationContext *LCtx, unsigned count)
Create a new symbol with a unique &#39;name&#39;.
clang::Expr::isNullPointerConstant
NullPointerConstantKind isNullPointerConstant(ASTContext &Ctx, NullPointerConstantValueDependence NPC) const
isNullPointerConstant - C99 6.3.2.3p3 - Test if this reduces down to a Null pointer constant...
Definition: Expr.cpp:3401
clang::ento::SValBuilder::SymMgr
SymbolManager SymMgr
Manages the creation of symbols.
Definition: SValBuilder.h:63
clang::ento::SValBuilder::evalCastFromLoc
virtual SVal evalCastFromLoc(Loc val, QualType castTy)=0
clang::ento::SymbolManager::getMetadataSymbol
const SymbolMetadata * getMetadataSymbol(const MemRegion *R, const Stmt *S, QualType T, const LocationContext *LCtx, unsigned VisitCount, const void *SymbolTag=nullptr)
Creates a metadata symbol associated with a specific region.
Definition: SymbolManager.cpp:237
clang::ento::SVal::getAsRegion
const MemRegion * getAsRegion() const
Definition: SVals.cpp:151
clang::CXXMethodDecl
Represents a static or instance method of a struct/union/class.
Definition: DeclCXX.h:2041
clang::ento::SValBuilder::getContext
ASTContext & getContext()
Definition: SValBuilder.h:156
clang::ento::SymbolManager::getRegionValueSymbol
const SymbolRegionValue * getRegionValueSymbol(const TypedValueRegion *R)
Make a unique symbol for MemRegion R according to its kind.
Definition: SymbolManager.cpp:169
clang::ento::SVal
SVal - This represents a symbolic expression, which can be either an L-value or an R-value...
Definition: SVals.h:76
clang::Expr::NPC_ValueDependentIsNotNull
Specifies that a value-dependent expression should be considered to never be a null pointer constant...
Definition: Expr.h:719
shouldBeModeledWithNoOp
static bool shouldBeModeledWithNoOp(ASTContext &Context, QualType ToTy, QualType FromTy)
Recursively check if the pointer types are equal modulo const, volatile, and restrict qualifiers...
Definition: SValBuilder.cpp:457
clang::ento::SValBuilder::getConjuredHeapSymbolVal
DefinedOrUnknownSVal getConjuredHeapSymbolVal(const Expr *E, const LocationContext *LCtx, unsigned Count)
Conjure a symbol representing heap allocated memory region.
Definition: SValBuilder.cpp:192
clang::Type::isVectorType
bool isVectorType() const
Definition: Type.h:6367
clang::ento::SValBuilder::evalBinOpNN
virtual SVal evalBinOpNN(ProgramStateRef state, BinaryOperator::Opcode op, NonLoc lhs, NonLoc rhs, QualType resultTy)=0
Create a new value which represents a binary expression with two non- location operands.
clang::ento::SValBuilder::ArrayIndexWidth
const unsigned ArrayIndexWidth
The width of the scalar type used for array indices.
Definition: SValBuilder.h:74
clang::ento::MemRegionManager::getSymbolicHeapRegion
const SymbolicRegion * getSymbolicHeapRegion(SymbolRef sym)
Return a unique symbolic region belonging to heap memory space.
Definition: MemRegion.cpp:1025
clang
Dataflow Directional Tag Classes.
Definition: CFGReachabilityAnalysis.h:22
clang::ento::ProgramStateManager::ArrayToPointer
SVal ArrayToPointer(Loc Array, QualType ElementTy)
Definition: ProgramState.h:574
clang::Expr::EvalResult
EvalResult is a struct with detailed info about an evaluated expression.
Definition: Expr.h:571
clang::ento::SVal::isZeroConstant
bool isZeroConstant() const
Definition: SVals.cpp:230
clang::Stmt::getStmtClass
StmtClass getStmtClass() const
Definition: Stmt.h:809
clang::Type::isBooleanType
bool isBooleanType() const
Definition: Type.h:6643
clang::ento::SValBuilder::evalEQ
SVal evalEQ(ProgramStateRef state, SVal lhs, SVal rhs)
Definition: SValBuilder.cpp:443
clang::ento::nonloc::SymbolVal
Represents symbolic expression that isn&#39;t a location.
Definition: SVals.h:347
clang::ento::SValBuilder::convertToArrayIndex
SVal convertToArrayIndex(SVal val)
Definition: SValBuilder.cpp:100
clang::ento::MemRegionManager::getFunctionCodeRegion
const FunctionCodeRegion * getFunctionCodeRegion(const NamedDecl *FD)
Definition: MemRegion.cpp:1010
clang::ento::SValBuilder::getMetadataSymbolVal
DefinedSVal getMetadataSymbolVal(const void *symbolTag, const MemRegion *region, const Expr *expr, QualType type, const LocationContext *LCtx, unsigned count)
Definition: SValBuilder.cpp:205
clang::ento::SVal::castAs
T castAs() const
Convert to the specified SVal type, asserting that this SVal is of the desired type.
Definition: SVals.h:104
clang::ento::SValBuilder::getBasicValueFactory
BasicValueFactory & getBasicValueFactory()
Definition: SValBuilder.h:169
clang::ento::SValBuilder::getMemberPointer
DefinedSVal getMemberPointer(const DeclaratorDecl *DD)
Definition: SValBuilder.cpp:240
clang::Type::isFunctionType
bool isFunctionType() const
Definition: Type.h:6278
clang::ento::SVal::getAsSymExpr
const SymExpr * getAsSymExpr() const
Definition: SVals.cpp:144
clang::ento::MemRegionManager::getBlockDataRegion
const BlockDataRegion * getBlockDataRegion(const BlockCodeRegion *bc, const LocationContext *lc, unsigned blockCount)
getBlockDataRegion - Get the memory region associated with an instance of a block.
Definition: MemRegion.cpp:938
clang::ASTContext::getCanonicalType
CanQualType getCanonicalType(QualType T) const
Return the canonical (structural) type corresponding to the specified potentially non-canonical type ...
Definition: ASTContext.h:2252
DeclCXX.h
Defines the C++ Decl subclasses, other than those for templates (found in DeclTemplate.h) and friends (in DeclFriend.h).
clang::CXXRecordDecl
Represents a C++ struct/union/class.
Definition: DeclCXX.h:300
clang::Type::isVoidType
bool isVoidType() const
Definition: Type.h:6530
clang::ento::SValBuilder::getConstantVal
Optional< SVal > getConstantVal(const Expr *E)
Returns the value of E, if it can be determined in a non-path-sensitive manner.
Definition: SValBuilder.cpp:286
clang::ASTContext::getPointerType
QualType getPointerType(QualType T) const
Return the uniqued reference to the type for a pointer to the specified type.
Definition: ASTContext.cpp:2847
clang::ento::SVal::isUndef
bool isUndef() const
Definition: SVals.h:141
clang::Type::isPointerType
bool isPointerType() const
Definition: Type.h:6282
clang::ento::SValBuilder::makeTruthVal
nonloc::ConcreteInt makeTruthVal(bool b, QualType type)
Definition: SValBuilder.h:335
clang::CXXBoolLiteralExpr
A boolean literal, per ([C++ lex.bool] Boolean literals).
Definition: ExprCXX.h:557
clang::APValue::getInt
APSInt & getInt()
Definition: APValue.h:252
clang::LocationContext::getAnalysisDeclContext
AnalysisDeclContext * getAnalysisDeclContext() const
Definition: AnalysisDeclContext.h:247
clang::Type::isFunctionPointerType
bool isFunctionPointerType() const
Definition: Type.h:6306
clang::ASTContext::getUnqualifiedArrayType
QualType getUnqualifiedArrayType(QualType T, Qualifiers &Quals)
Return this type as a completely-unqualified array type, capturing the qualifiers in Quals...
Definition: ASTContext.cpp:5040
clang::ento::SVal::isUnknownOrUndef
bool isUnknownOrUndef() const
Definition: SVals.h:145
clang::ento::BasicValueFactory::getEmptySValList
llvm::ImmutableList< SVal > getEmptySValList()
Definition: BasicValueFactory.h:232
clang::Expr::IgnoreParens
Expr * IgnoreParens() LLVM_READONLY
IgnoreParens - Ignore parentheses.
Definition: Expr.cpp:2523
clang::ento::SubEngine::getAnalysisManager
virtual AnalysisManager & getAnalysisManager()=0
Generated on Wed Dec 12 2018 00:59:41 for clang by   doxygen 1.8.13