#include "clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h"

Public Member Functions
	CheckerContext (NodeBuilder &builder, ExprEngine &eng, ExplodedNode *pred, const ProgramPoint &loc, bool wasInlined=false)

AnalysisManager &	getAnalysisManager ()

ConstraintManager &	getConstraintManager ()

StoreManager &	getStoreManager ()

ExplodedNode *	getPredecessor ()
	Returns the previous node in the exploded graph, which includes the state of the program before the checker ran.

const ProgramStateRef &	getState () const

bool	isDifferent ()
	Check if the checker changed the state of the execution; ex: added a new transition or a bug report.

unsigned	blockCount () const
	Returns the number of times the current block has been visited along the analyzed path.

ASTContext &	getASTContext ()

const ASTContext &	getASTContext () const

const LangOptions &	getLangOpts () const

const LocationContext *	getLocationContext () const

const StackFrameContext *	getStackFrame () const

bool	inTopFrame () const
	Return true if the current LocationContext has no caller context.

BugReporter &	getBugReporter ()

const SourceManager &	getSourceManager ()

Preprocessor &	getPreprocessor ()

SValBuilder &	getSValBuilder ()

SymbolManager &	getSymbolManager ()

ProgramStateManager &	getStateManager ()

AnalysisDeclContext *	getCurrentAnalysisDeclContext () const

unsigned	getBlockID () const
	Get the blockID.

SVal	getSVal (const Stmt *S) const
	Get the value of arbitrary expressions at this point in the path.

bool	isGreaterOrEqual (const Expr *E, unsigned long long Val)
	Returns true if the value of `E` is greater than or equal to `Val` under unsigned comparison.

bool	isNegative (const Expr *E)
	Returns true if the value of `E` is negative.

ExplodedNode *	addTransition (ProgramStateRef State=nullptr, const ProgramPointTag *Tag=nullptr)
	Generates a new transition in the program state graph (ExplodedGraph).

ExplodedNode *	addTransition (ProgramStateRef State, ExplodedNode Pred, const ProgramPointTag Tag=nullptr)
	Generates a new transition with the given predecessor.

ExplodedNode *	generateSink (ProgramStateRef State, ExplodedNode Pred, const ProgramPointTag Tag=nullptr)
	Generate a sink node.

void	addSink (ProgramStateRef State=nullptr, const ProgramPointTag *Tag=nullptr)
	Add a sink node to the current path of execution, halting analysis.

ExplodedNode *	generateErrorNode (ProgramStateRef State=nullptr, const ProgramPointTag *Tag=nullptr)
	Generate a transition to a node that will be used to report an error.

ExplodedNode *	generateErrorNode (ProgramStateRef State, ExplodedNode Pred, const ProgramPointTag Tag=nullptr)
	Generate a transition to a node that will be used to report an error.

ExplodedNode *	generateNonFatalErrorNode (ProgramStateRef State=nullptr, const ProgramPointTag *Tag=nullptr)
	Generate a transition to a node that will be used to report an error.

ExplodedNode *	generateNonFatalErrorNode (ProgramStateRef State, ExplodedNode Pred, const ProgramPointTag Tag=nullptr)
	Generate a transition to a node that will be used to report an error.

void	emitReport (std::unique_ptr< BugReport > R)
	Emit the diagnostics report.

LLVM_ATTRIBUTE_RETURNS_NONNULL const NoteTag *	getNoteTag (NoteTag::Callback &&Cb, bool IsPrunable=false)
	Produce a program point tag that displays an additional path note to the user.

const NoteTag *	getNoteTag (std::function< std::string(PathSensitiveBugReport &)> &&Cb, bool IsPrunable=false)
	A shorthand version of getNoteTag that doesn't require you to accept the 'BugReporterContext' argument when you don't need it.

const NoteTag *	getNoteTag (std::function< std::string()> &&Cb, bool IsPrunable=false)
	A shorthand version of getNoteTag that doesn't require you to accept the arguments when you don't need it.

const NoteTag *	getNoteTag (StringRef Note, bool IsPrunable=false)
	A shorthand version of getNoteTag that accepts a plain note.

const NoteTag *	getNoteTag (std::function< void(PathSensitiveBugReport &BR, llvm::raw_ostream &OS)> &&Cb, bool IsPrunable=false)
	A shorthand version of getNoteTag that accepts a lambda with stream for note.

StringRef	getDeclDescription (const Decl *D)
	Returns the word that should be used to refer to the declaration in the report.

const FunctionDecl *	getCalleeDecl (const CallExpr *CE) const
	Get the declaration of the called function (path-sensitive).

StringRef	getCalleeName (const FunctionDecl *FunDecl) const
	Get the name of the called function (path-sensitive).

const IdentifierInfo *	getCalleeIdentifier (const CallExpr *CE) const
	Get the identifier of the called function (path-sensitive).

StringRef	getCalleeName (const CallExpr *CE) const
	Get the name of the called function (path-sensitive).

StringRef	getMacroNameOrSpelling (SourceLocation &Loc)
	Depending on wither the location corresponds to a macro, return either the macro name or the token spelling.

Static Public Member Functions
static const MemRegion *	getLocationRegionIfPostStore (const ExplodedNode *N)
	If the given node corresponds to a PostStore program point, retrieve the location region as it was uttered in the code.

static bool	isCLibraryFunction (const FunctionDecl *FD, StringRef Name=StringRef())
	Returns true if the given function is an externally-visible function in the top-level namespace, such as `malloc`.

static bool	isHardenedVariantOf (const FunctionDecl *FD, StringRef Name)
	In builds that use source hardening (-D_FORTIFY_SOURCE), many standard functions are implemented as macros that expand to calls of hardened functions that take additional arguments compared to the "usual" variant and perform additional input validation.

Public Attributes
const bool	wasInlined
	If we are post visiting a call, this flag will be set if the call was inlined.

Detailed Description

Definition at line 24 of file CheckerContext.h.

Constructor & Destructor Documentation

◆ CheckerContext()

clang::ento::CheckerContext::CheckerContext	(	NodeBuilder &	builder,
		ExprEngine &	eng,
		ExplodedNode *	pred,
		const ProgramPoint &	loc,
		bool	wasInlined = `false`
	)

inline

Definition at line 41 of file CheckerContext.h.

References clang::ento::ExplodedNode::getState().

Member Function Documentation

◆ addSink()

void clang::ento::CheckerContext::addSink	(	ProgramStateRef	State = `nullptr`,
		const ProgramPointTag *	Tag = `nullptr`
	)

inline

Add a sink node to the current path of execution, halting analysis.

Definition at line 195 of file CheckerContext.h.

References addTransition(), generateSink(), getPredecessor(), and getState().

◆ addTransition() [1/2]

ExplodedNode * clang::ento::CheckerContext::addTransition	(	ProgramStateRef	State,
		ExplodedNode *	Pred,
		const ProgramPointTag *	Tag = `nullptr`
	)

inline

Generates a new transition with the given predecessor.

Allows checkers to generate a chain of nodes.

Parameters

State	The state of the generated node.
Pred	The transition will be generated from the specified Pred node to the newly generated node.
Tag	The tag to uniquely identify the creation site.

Definition at line 181 of file CheckerContext.h.

◆ addTransition() [2/2]

ExplodedNode * clang::ento::CheckerContext::addTransition	(	ProgramStateRef	State = `nullptr`,
		const ProgramPointTag *	Tag = `nullptr`
	)

inline

Generates a new transition in the program state graph (ExplodedGraph).

Uses the default CheckerContext predecessor node.

Parameters

State	The state of the generated node. If not specified, the state will not be changed, but the new node will have the checker's tag.
Tag	The tag is used to uniquely identify the creation site. If no tag is specified, a default tag, unique to the given checker, will be used. Tags are used to prevent states generated at different sites from caching out.

Definition at line 169 of file CheckerContext.h.

References getState().

Referenced by addSink(), clang::ento::retaincountchecker::RetainCountChecker::checkBeginFunction(), clang::ento::mpi::MPIChecker::checkDoubleNonblocking(), clang::ento::mpi::MPIChecker::checkMissingWaits(), clang::ento::mpi::MPIChecker::checkUnmatchedWaits(), generateNonFatalErrorNode(), and clang::ento::retaincountchecker::RetainCountChecker::processLeaks().

◆ blockCount()

unsigned clang::ento::CheckerContext::blockCount ( ) const

inline

Returns the number of times the current block has been visited along the analyzed path.

Definition at line 80 of file CheckerContext.h.

References clang::ento::NodeBuilderContext::blockCount(), and clang::ento::NodeBuilder::getContext().

◆ emitReport()

void clang::ento::CheckerContext::emitReport ( std::unique_ptr< BugReport > R )

inline

Emit the diagnostics report.

Definition at line 261 of file CheckerContext.h.

References clang::ento::BugReporter::emitReport(), and clang::ento::ExprEngine::getBugReporter().

Referenced by clang::ento::retaincountchecker::RetainCountChecker::handleAutoreleaseCounts(), and clang::ento::retaincountchecker::RetainCountChecker::processLeaks().

◆ generateErrorNode() [1/2]

ExplodedNode * clang::ento::CheckerContext::generateErrorNode	(	ProgramStateRef	State,
		ExplodedNode *	Pred,
		const ProgramPointTag *	Tag = `nullptr`
	)

inline

Generate a transition to a node that will be used to report an error.

This node will be a sink. That is, it will stop exploration of the given path.

Parameters

State	The state of the generated node.
Pred	The transition will be generated from the specified Pred node to the newly generated node.
Tag	The tag to uniquely identify the creation site. If null, the default tag for the checker will be used.

Definition at line 224 of file CheckerContext.h.

References generateSink(), and clang::ProgramPoint::getTag().

◆ generateErrorNode() [2/2]

ExplodedNode * clang::ento::CheckerContext::generateErrorNode	(	ProgramStateRef	State = `nullptr`,
		const ProgramPointTag *	Tag = `nullptr`
	)

inline

Generate a transition to a node that will be used to report an error.

This node will be a sink. That is, it will stop exploration of the given path.

Parameters

State	The state of the generated node.
Tag	The tag to uniquely identify the creation site. If null, the default tag for the checker will be used.

Definition at line 209 of file CheckerContext.h.

References generateSink(), and clang::ProgramPoint::getTag().

◆ generateNonFatalErrorNode() [1/2]

ExplodedNode * clang::ento::CheckerContext::generateNonFatalErrorNode	(	ProgramStateRef	State,
		ExplodedNode *	Pred,
		const ProgramPointTag *	Tag = `nullptr`
	)

inline

Generate a transition to a node that will be used to report an error.

This node will not be a sink. That is, exploration will continue along this path.

Parameters

State	The state of the generated node.
Pred	The transition will be generated from the specified Pred node to the newly generated node.
Tag	The tag to uniquely identify the creation site. If null, the default tag for the checker will be used.

Definition at line 254 of file CheckerContext.h.

References addTransition(), and clang::ProgramPoint::getTag().

◆ generateNonFatalErrorNode() [2/2]

ExplodedNode * clang::ento::CheckerContext::generateNonFatalErrorNode	(	ProgramStateRef	State = `nullptr`,
		const ProgramPointTag *	Tag = `nullptr`
	)

inline

Generate a transition to a node that will be used to report an error.

This node will not be a sink. That is, exploration will continue along this path.

Parameters

State	The state of the generated node.
Tag	The tag to uniquely identify the creation site. If null, the default tag for the checker will be used.

Definition at line 239 of file CheckerContext.h.

References addTransition(), and clang::ProgramPoint::getTag().

Referenced by clang::ento::mpi::MPIChecker::checkDoubleNonblocking(), clang::ento::mpi::MPIChecker::checkMissingWaits(), and clang::ento::mpi::MPIChecker::checkUnmatchedWaits().

◆ generateSink()

ExplodedNode * clang::ento::CheckerContext::generateSink	(	ProgramStateRef	State,
		ExplodedNode *	Pred,
		const ProgramPointTag *	Tag = `nullptr`
	)

inline

Generate a sink node.

Generating a sink stops exploration of the given path. To create a sink node for the purpose of reporting an error, checkers should use generateErrorNode() instead.

Definition at line 189 of file CheckerContext.h.

References getState().

Referenced by addSink(), generateErrorNode(), and clang::ento::retaincountchecker::RetainCountChecker::handleAutoreleaseCounts().

◆ getAnalysisManager()

AnalysisManager & clang::ento::CheckerContext::getAnalysisManager ( )

inline

Definition at line 56 of file CheckerContext.h.

References clang::ento::ExprEngine::getAnalysisManager().

◆ getASTContext() [1/2]

ASTContext & clang::ento::CheckerContext::getASTContext ( )

inline

Definition at line 84 of file CheckerContext.h.

References clang::ento::ExprEngine::getContext().

Referenced by clang::ento::mpi::MPIChecker::dynamicInit(), clang::ento::retaincountchecker::RetainCountChecker::handleAutoreleaseCounts(), isGreaterOrEqual(), and clang::ento::retaincountchecker::RetainCountChecker::processLeaks().

◆ getASTContext() [2/2]

const ASTContext & clang::ento::CheckerContext::getASTContext ( ) const

inline

Definition at line 88 of file CheckerContext.h.

References clang::ento::ExprEngine::getContext().

◆ getBlockID()

unsigned clang::ento::CheckerContext::getBlockID ( ) const

inline

Get the blockID.

Definition at line 132 of file CheckerContext.h.

References clang::ento::NodeBuilderContext::getBlock(), clang::CFGBlock::getBlockID(), and clang::ento::NodeBuilder::getContext().

◆ getBugReporter()

BugReporter & clang::ento::CheckerContext::getBugReporter ( )

inline

Definition at line 105 of file CheckerContext.h.

References clang::ento::ExprEngine::getBugReporter().

Referenced by clang::ento::mpi::MPIChecker::checkDoubleNonblocking(), clang::ento::mpi::MPIChecker::checkMissingWaits(), clang::ento::mpi::MPIChecker::checkUnmatchedWaits(), getPreprocessor(), and getSourceManager().

◆ getCalleeDecl()

const FunctionDecl * CheckerContext::getCalleeDecl ( const CallExpr * CE ) const

Get the declaration of the called function (path-sensitive).

Definition at line 22 of file CheckerContext.cpp.

References D, clang::ento::SVal::getAsFunctionDecl(), clang::CallExpr::getCallee(), clang::CallExpr::getDirectCallee(), and clang::ento::ExplodedNode::getSVal().

Referenced by getCalleeIdentifier(), and getCalleeName().

◆ getCalleeIdentifier()

const IdentifierInfo * clang::ento::CheckerContext::getCalleeIdentifier ( const CallExpr * CE ) const

inline

Get the identifier of the called function (path-sensitive).

Definition at line 355 of file CheckerContext.h.

References getCalleeDecl(), and clang::NamedDecl::getIdentifier().

◆ getCalleeName() [1/2]

StringRef clang::ento::CheckerContext::getCalleeName ( const CallExpr * CE ) const

inline

Get the name of the called function (path-sensitive).

Definition at line 364 of file CheckerContext.h.

References getCalleeDecl(), and getCalleeName().

◆ getCalleeName() [2/2]

StringRef CheckerContext::getCalleeName ( const FunctionDecl * FunDecl ) const

Get the name of the called function (path-sensitive).

Definition at line 32 of file CheckerContext.cpp.

References clang::NamedDecl::getIdentifier(), and clang::IdentifierInfo::getName().

Referenced by getCalleeName().

◆ getConstraintManager()

ConstraintManager & clang::ento::CheckerContext::getConstraintManager ( )

inline

Definition at line 60 of file CheckerContext.h.

References clang::ento::ExprEngine::getConstraintManager().

◆ getCurrentAnalysisDeclContext()

AnalysisDeclContext * clang::ento::CheckerContext::getCurrentAnalysisDeclContext ( ) const

inline

Definition at line 127 of file CheckerContext.h.

References clang::LocationContext::getAnalysisDeclContext(), and clang::ento::ExplodedNode::getLocationContext().

◆ getDeclDescription()

StringRef CheckerContext::getDeclDescription ( const Decl * D )

Returns the word that should be used to refer to the declaration in the report.

Definition at line 41 of file CheckerContext.cpp.

References D.

◆ getLangOpts()

const LangOptions & clang::ento::CheckerContext::getLangOpts ( ) const

inline

Definition at line 90 of file CheckerContext.h.

References clang::ento::ExprEngine::getContext(), and clang::ASTContext::getLangOpts().

Referenced by getMacroNameOrSpelling().

◆ getLocationContext()

const LocationContext * clang::ento::CheckerContext::getLocationContext ( ) const

inline

Definition at line 94 of file CheckerContext.h.

References clang::ento::ExplodedNode::getLocationContext().

Referenced by clang::ento::retaincountchecker::RetainCountChecker::checkBeginFunction(), and inTopFrame().

◆ getLocationRegionIfPostStore()

static const MemRegion * clang::ento::CheckerContext::getLocationRegionIfPostStore ( const ExplodedNode * N )

inlinestatic

If the given node corresponds to a PostStore program point, retrieve the location region as it was uttered in the code.

This utility can be useful for generating extensive diagnostics, for example, for finding variables that the given symbol was assigned to.

Definition at line 141 of file CheckerContext.h.

References clang::ProgramPoint::getAs(), and clang::ento::ExplodedNode::getLocation().

◆ getMacroNameOrSpelling()

StringRef CheckerContext::getMacroNameOrSpelling ( SourceLocation & Loc )

Depending on wither the location corresponds to a macro, return either the macro name or the token spelling.

This could be useful when checkers' logic depends on whether a function is called with a given macro argument. For example: s = socket(AF_INET,..) If AF_INET is a macro, the result should be treated as a source of taint.

See also: clang::Lexer::getSpelling(), clang::Lexer::getImmediateMacroName().

Definition at line 131 of file CheckerContext.cpp.

References clang::Lexer::getImmediateMacroName(), getLangOpts(), getSourceManager(), and clang::Lexer::getSpelling().

◆ getNoteTag() [1/5]

LLVM_ATTRIBUTE_RETURNS_NONNULL const NoteTag * clang::ento::CheckerContext::getNoteTag	(	NoteTag::Callback &&	Cb,
		bool	IsPrunable = `false`
	)

inline

Produce a program point tag that displays an additional path note to the user.

This is a lightweight alternative to the BugReporterVisitor mechanism: instead of visiting the bug report node-by-node to restore the sequence of events that led to discovering a bug, you can add notes as you add your transitions.

Parameters

Cb	Callback with 'BugReporterContext &, BugReport &' parameters.
IsPrunable	Whether the note is prunable. It allows BugReporter to omit the note from the report if it would make the displayed bug path significantly shorter.

Definition at line 277 of file CheckerContext.h.

References clang::ento::ExprEngine::getDataTags(), and clang::ento::DataTag::Factory::make().

Referenced by getNoteTag().

◆ getNoteTag() [2/5]

const NoteTag * clang::ento::CheckerContext::getNoteTag	(	std::function< std::string()> &&	Cb,
		bool	IsPrunable = `false`
	)

inline

A shorthand version of getNoteTag that doesn't require you to accept the arguments when you don't need it.

Parameters

Cb	Callback without parameters.
IsPrunable	Whether the note is prunable. It allows BugReporter to omit the note from the report if it would make the displayed bug path significantly shorter.

Definition at line 304 of file CheckerContext.h.

References getNoteTag().

◆ getNoteTag() [3/5]

const NoteTag * clang::ento::CheckerContext::getNoteTag	(	std::function< std::string(PathSensitiveBugReport &)> &&	Cb,
		bool	IsPrunable = `false`
	)

inline

A shorthand version of getNoteTag that doesn't require you to accept the 'BugReporterContext' argument when you don't need it.

Parameters

Cb	Callback only with 'BugReport &' parameter.
IsPrunable	Whether the note is prunable. It allows BugReporter to omit the note from the report if it would make the displayed bug path significantly shorter.

Definition at line 289 of file CheckerContext.h.

References getNoteTag().

◆ getNoteTag() [4/5]

const NoteTag * clang::ento::CheckerContext::getNoteTag	(	std::function< void(PathSensitiveBugReport &BR, llvm::raw_ostream &OS)> &&	Cb,
		bool	IsPrunable = `false`
	)

inline

A shorthand version of getNoteTag that accepts a lambda with stream for note.

Parameters

Cb	Callback with 'BugReport &' and 'llvm::raw_ostream &'.
IsPrunable	Whether the note is prunable. It allows BugReporter to omit the note from the report if it would make the displayed bug path significantly shorter.

Definition at line 331 of file CheckerContext.h.

References getNoteTag(), and clang::ento::OS.

◆ getNoteTag() [5/5]

const NoteTag * clang::ento::CheckerContext::getNoteTag	(	StringRef	Note,
		bool	IsPrunable = `false`
	)

inline

A shorthand version of getNoteTag that accepts a plain note.

Parameters

Note	The note.
IsPrunable	Whether the note is prunable. It allows BugReporter to omit the note from the report if it would make the displayed bug path significantly shorter.

Definition at line 317 of file CheckerContext.h.

References getNoteTag(), and clang::Note.

◆ getPredecessor()

ExplodedNode * clang::ento::CheckerContext::getPredecessor ( )

inline

Returns the previous node in the exploded graph, which includes the state of the program before the checker ran.

Note, checkers should not retain the node in their state since the nodes might get invalidated.

Definition at line 71 of file CheckerContext.h.

Referenced by addSink().

◆ getPreprocessor()

Preprocessor & clang::ento::CheckerContext::getPreprocessor ( )

inline

Definition at line 113 of file CheckerContext.h.

References getBugReporter(), and clang::ento::BugReporter::getPreprocessor().

◆ getSourceManager()

const SourceManager & clang::ento::CheckerContext::getSourceManager ( )

inline

Definition at line 109 of file CheckerContext.h.

References getBugReporter(), and clang::ento::BugReporter::getSourceManager().

Referenced by getMacroNameOrSpelling().

◆ getStackFrame()

const StackFrameContext * clang::ento::CheckerContext::getStackFrame ( ) const

inline

Definition at line 98 of file CheckerContext.h.

References clang::ento::ExplodedNode::getStackFrame().

◆ getState()

const ProgramStateRef & clang::ento::CheckerContext::getState ( ) const

inline

Definition at line 72 of file CheckerContext.h.

References clang::ento::ExplodedNode::getState().

Referenced by addSink(), addTransition(), clang::ento::retaincountchecker::RetainCountChecker::checkBeginFunction(), clang::ento::mpi::MPIChecker::checkDoubleNonblocking(), clang::ento::mpi::MPIChecker::checkMissingWaits(), clang::ento::mpi::MPIChecker::checkUnmatchedWaits(), generateSink(), isGreaterOrEqual(), and isNegative().

◆ getStateManager()

ProgramStateManager & clang::ento::CheckerContext::getStateManager ( )

inline

Definition at line 123 of file CheckerContext.h.

References clang::ento::ExprEngine::getStateManager().

◆ getStoreManager()

StoreManager & clang::ento::CheckerContext::getStoreManager ( )

inline

Definition at line 64 of file CheckerContext.h.

References clang::ento::ExprEngine::getStoreManager().

◆ getSVal()

SVal clang::ento::CheckerContext::getSVal ( const Stmt * S ) const

inline

Get the value of arbitrary expressions at this point in the path.

Definition at line 149 of file CheckerContext.h.

References clang::ento::ExplodedNode::getSVal().

Referenced by isGreaterOrEqual(), and isNegative().

◆ getSValBuilder()

SValBuilder & clang::ento::CheckerContext::getSValBuilder ( )

inline

Definition at line 115 of file CheckerContext.h.

References clang::ento::ExprEngine::getSValBuilder().

Referenced by getSymbolManager(), isGreaterOrEqual(), and isNegative().

◆ getSymbolManager()

SymbolManager & clang::ento::CheckerContext::getSymbolManager ( )

inline

Definition at line 119 of file CheckerContext.h.

References getSValBuilder(), and clang::ento::SValBuilder::getSymbolManager().

◆ inTopFrame()

bool clang::ento::CheckerContext::inTopFrame ( ) const

inline

Return true if the current LocationContext has no caller context.

Definition at line 103 of file CheckerContext.h.

References getLocationContext(), and clang::LocationContext::inTopFrame().

Referenced by clang::ento::retaincountchecker::RetainCountChecker::checkBeginFunction().

◆ isCLibraryFunction()

bool CheckerContext::isCLibraryFunction	(	const FunctionDecl *	FD,
		StringRef	Name = `StringRef()`
	)

static

Returns true if the given function is an externally-visible function in the top-level namespace, such as malloc.

If a name is provided, the function must additionally match the given name.

Note that this also accepts functions from the std namespace (because headers like <cstdlib> declare them there) and does not check if the function is declared as 'extern "C"' or if it uses C++ name mangling.

Definition at line 49 of file CheckerContext.cpp.

References clang::ASTContext::BuiltinInfo, clang::Decl::getASTContext(), clang::FunctionDecl::getBuiltinID(), clang::Decl::getDeclContext(), clang::NamedDecl::getIdentifier(), clang::IdentifierInfo::getName(), clang::Builtin::Context::getName(), clang::DeclContext::getRedeclContext(), clang::NamedDecl::isExternallyVisible(), clang::FunctionDecl::isInlined(), clang::DeclContext::isStdNamespace(), and clang::DeclContext::isTranslationUnit().

Referenced by clang::ento::CallEvent::isGlobalCFunction().

◆ isDifferent()

bool clang::ento::CheckerContext::isDifferent ( )

inline

Check if the checker changed the state of the execution; ex: added a new transition or a bug report.

Definition at line 76 of file CheckerContext.h.

◆ isGreaterOrEqual()

bool CheckerContext::isGreaterOrEqual	(	const Expr *	E,
		unsigned long long	Val
	)

Returns true if the value of E is greater than or equal to Val under unsigned comparison.

Definition at line 162 of file CheckerContext.cpp.

References E, evalComparison(), getASTContext(), getState(), getSVal(), getSValBuilder(), clang::ento::SValBuilder::makeIntVal(), and V.

◆ isHardenedVariantOf()

bool CheckerContext::isHardenedVariantOf	(	const FunctionDecl *	FD,
		StringRef	Name
	)

static

In builds that use source hardening (-D_FORTIFY_SOURCE), many standard functions are implemented as macros that expand to calls of hardened functions that take additional arguments compared to the "usual" variant and perform additional input validation.

For example, a memcpy call may expand to __memcpy_chk() or __builtin___memcpy_chk().

This method returns true if FD declares a fortified variant of the standard library function Name.

NOTE: This method relies on heuristics; extend it if you need to handle a hardened variant that's not yet covered by it.

Definition at line 116 of file CheckerContext.cpp.

References clang::NamedDecl::getIdentifier(), and clang::IdentifierInfo::getName().

◆ isNegative()

bool CheckerContext::isNegative ( const Expr * E )

Returns true if the value of E is negative.

Definition at line 167 of file CheckerContext.cpp.

References E, evalComparison(), getState(), getSVal(), getSValBuilder(), clang::ento::SValBuilder::makeIntVal(), and V.

Member Data Documentation

◆ wasInlined

const bool clang::ento::CheckerContext::wasInlined

If we are post visiting a call, this flag will be set if the call was inlined.

In all other cases it will be false.

Definition at line 39 of file CheckerContext.h.

The documentation for this class was generated from the following files:

include/clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h
lib/StaticAnalyzer/Core/CheckerContext.cpp

Public Member Functions

Static Public Member Functions

Public Attributes

Detailed Description

Constructor & Destructor Documentation

◆ CheckerContext()

Member Function Documentation

◆ addSink()

◆ addTransition() [1/2]

◆ addTransition() [2/2]

◆ blockCount()

◆ emitReport()

◆ generateErrorNode() [1/2]

◆ generateErrorNode() [2/2]

◆ generateNonFatalErrorNode() [1/2]

◆ generateNonFatalErrorNode() [2/2]

◆ generateSink()

◆ getAnalysisManager()

◆ getASTContext() [1/2]

◆ getASTContext() [2/2]

◆ getBlockID()

◆ getBugReporter()

◆ getCalleeDecl()

◆ getCalleeIdentifier()

◆ getCalleeName() [1/2]

◆ getCalleeName() [2/2]

◆ getConstraintManager()

◆ getCurrentAnalysisDeclContext()

◆ getDeclDescription()

◆ getLangOpts()

◆ getLocationContext()

◆ getLocationRegionIfPostStore()

◆ getMacroNameOrSpelling()

◆ getNoteTag() [1/5]

◆ getNoteTag() [2/5]

◆ getNoteTag() [3/5]

◆ getNoteTag() [4/5]

◆ getNoteTag() [5/5]

◆ getPredecessor()

◆ getPreprocessor()

◆ getSourceManager()

◆ getStackFrame()

◆ getState()

◆ getStateManager()

◆ getStoreManager()

◆ getSVal()

◆ getSValBuilder()

◆ getSymbolManager()

◆ inTopFrame()

◆ isCLibraryFunction()

◆ isDifferent()

◆ isGreaterOrEqual()

◆ isHardenedVariantOf()

◆ isNegative()

Member Data Documentation

◆ wasInlined