clang 22.0.0git
Classes | Macros | Functions
StackAddrEscapeChecker.cpp File Reference
#include "clang/AST/ExprCXX.h"
#include "clang/Basic/SourceManager.h"
#include "clang/StaticAnalyzer/Checkers/BuiltinCheckerRegistration.h"
#include "clang/StaticAnalyzer/Core/BugReporter/BugType.h"
#include "clang/StaticAnalyzer/Core/Checker.h"
#include "clang/StaticAnalyzer/Core/CheckerManager.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/CallEvent.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/MemRegion.h"
#include "clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h"
#include "llvm/ADT/STLExtras.h"
#include "llvm/ADT/SmallPtrSet.h"
#include "llvm/Support/raw_ostream.h"

Go to the source code of this file.

Classes

class  FindStackRegionsSymbolVisitor
 A visitor made for use with a ScanReachableSymbols scanner, used for finding stack regions within an SVal that live on the current stack frame of the given checker context. More...

Macros

#define REGISTER_CHECKER(NAME)

Functions

static void EmitReturnedAsPartOfError (llvm::raw_ostream &OS, SVal ReturnedVal, const MemRegion *LeakedRegion)
static SmallVector< const MemRegion * > FilterReturnExpressionLeaks (const SmallVectorImpl< const MemRegion * > &MaybeEscaped, CheckerContext &C, const Expr *RetE, SVal &RetVal)
 Given some memory regions that are flagged by FindStackRegionsSymbolVisitor, this function filters out memory regions that are being returned that are likely not true leaks:
static SmallVector< const MemRegion * > FindEscapingStackRegions (CheckerContext &C, const Expr *RetE, SVal RetVal)
 For use in finding regions that live on the checker context's current stack frame, deep in the SVal representing the return value.
static const MemSpaceRegiongetStackOrGlobalSpaceRegion (ProgramStateRef State, const MemRegion *R)
static const MemRegiongetOriginBaseRegion (const MemRegion *Reg)
static std::optional< std::string > printReferrer (ProgramStateRef State, const MemRegion *Referrer)
static bool isInvalidatedSymbolRegion (const MemRegion *Region)
 Check whether Region refers to a freshly minted symbol after an opaque function call.

Macro Definition Documentation

◆ REGISTER_CHECKER

#define REGISTER_CHECKER ( NAME)
Value:
void ento::register##NAME##Checker(CheckerManager &Mgr) { \
Mgr.getChecker<StackAddrEscapeChecker>()->NAME.enable(Mgr); \
} \
\
bool ento::shouldRegister##NAME##Checker(const CheckerManager &) { \
return true; \
}
clang::ento::CheckerManager::getChecker
CHECKER * getChecker(AT &&...Args)
If the the singleton instance of a checker class is not yet constructed, then construct it (with the ...
Definition CheckerManager.h:199
clang::ento::Checker
Simple checker classes that implement one frontend (i.e.
Definition Checker.h:553

Definition at line 620 of file StackAddrEscapeChecker.cpp.

Function Documentation

◆ EmitReturnedAsPartOfError()

void EmitReturnedAsPartOfError ( llvm::raw_ostream & OS,
SVal ReturnedVal,
const MemRegion * LeakedRegion )
static

Definition at line 154 of file StackAddrEscapeChecker.cpp.

References clang::ento::SVal::getAsRegion(), clang::isa(), and clang::ento::OS.

◆ FilterReturnExpressionLeaks()

SmallVector< const MemRegion * > FilterReturnExpressionLeaks ( const SmallVectorImpl< const MemRegion * > & MaybeEscaped,
CheckerContext & C,
const Expr * RetE,
SVal & RetVal )
static

Given some memory regions that are flagged by FindStackRegionsSymbolVisitor, this function filters out memory regions that are being returned that are likely not true leaks:

  1. If returning a block data region that has stack memory space
  2. If returning a constructed object that has stack memory space

Definition at line 306 of file StackAddrEscapeChecker.cpp.

References clang::C, clang::ento::SVal::getAsRegion(), clang::Expr::getType(), clang::isa(), and clang::Type::isRecordType().

Referenced by FindEscapingStackRegions().

◆ FindEscapingStackRegions()

SmallVector< const MemRegion * > FindEscapingStackRegions ( CheckerContext & C,
const Expr * RetE,
SVal RetVal )
static

For use in finding regions that live on the checker context's current stack frame, deep in the SVal representing the return value.

Definition at line 344 of file StackAddrEscapeChecker.cpp.

References clang::C, and FilterReturnExpressionLeaks().

◆ getOriginBaseRegion()

const MemRegion * getOriginBaseRegion ( const MemRegion * Reg)
static

Definition at line 389 of file StackAddrEscapeChecker.cpp.

References clang::ento::MemRegion::getBaseRegion().

◆ getStackOrGlobalSpaceRegion()

const MemSpaceRegion * getStackOrGlobalSpaceRegion ( ProgramStateRef State,
const MemRegion * R )
static

Definition at line 373 of file StackAddrEscapeChecker.cpp.

References clang::ento::MemRegion::getAs(), clang::ento::MemRegion::getBaseRegion(), clang::ento::MemRegion::getMemorySpace(), getStackOrGlobalSpaceRegion(), and clang::isa().

Referenced by getStackOrGlobalSpaceRegion(), and printReferrer().

◆ isInvalidatedSymbolRegion()

bool isInvalidatedSymbolRegion ( const MemRegion * Region)
static

Check whether Region refers to a freshly minted symbol after an opaque function call.

Definition at line 443 of file StackAddrEscapeChecker.cpp.

References clang::ento::MemRegion::getAs().

◆ printReferrer()

std::optional< std::string > printReferrer ( ProgramStateRef State,
const MemRegion * Referrer )
static

Definition at line 400 of file StackAddrEscapeChecker.cpp.

References clang::ento::MemRegion::canPrintPretty(), clang::ento::MemRegion::getBaseRegion(), getStackOrGlobalSpaceRegion(), clang::isa(), and clang::ento::MemRegion::printPretty().

Generated on for clang by doxygen 1.14.0