Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from https://clang.llvm.org/doxygen/CStringChecker_8cpp_source.html below:

clang: lib/StaticAnalyzer/Checkers/CStringChecker.cpp Source File

;

std::placeholders;

ArgumentIndex;

SourceArgExpr : AnyArgExpr {};

DestinationArgExpr : AnyArgExpr {};

SizeArgExpr : AnyArgExpr {};

AccessKind { write, read };

ErrorMessage createOutOfBoundErrorMsg(StringRef FunctionDescription,

llvm::raw_svector_ostream Os(Message);

<< &FunctionDescription.data()[1];

(Access == AccessKind::write) {

Os <<

;

Os <<

;

ConcatFnKind { none = 0, strcat = 1, strlcat = 2 };

CharKind { Regular = 0,

};

CharKind CK_Regular = CharKind::Regular;

CharKind CK_Wide = CharKind::Wide;

CStringChecker :

< eval::Call,

check::PreStmt<DeclStmt>,

std::unique_ptr<BugType> BT_Null, BT_Bounds, BT_Overlap,

BT_NotCString, BT_AdditionOverflow, BT_UninitRead;

*CurrentFunctionDescription =

;

CStringChecksFilter {

CheckCStringNullArg =

;

CheckCStringOutOfBounds =

;

CheckCStringBufferOverlap =

;

CheckCStringNotNullTerm =

;

CheckCStringUninitializedRead =

;

CStringChecksFilter

;

*getTag() {

tag;

&tag; }

FnCheck = std::function<void(

CStringChecker *,

&,

{{CDM::CLibraryMaybeHardened, {

}, 3},

std::bind(&CStringChecker::evalMemcpy, _1,

, _3, CK_Regular)},

{{CDM::CLibraryMaybeHardened, {

}, 3},

std::bind(&CStringChecker::evalMemcpy, _1,

, _3, CK_Wide)},

{{CDM::CLibraryMaybeHardened, {

}, 3},

std::bind(&CStringChecker::evalMempcpy, _1,

, _3, CK_Regular)},

{{CDM::CLibraryMaybeHardened, {

}, 3},

std::bind(&CStringChecker::evalMempcpy, _1,

, _3, CK_Wide)},

{{CDM::CLibrary, {

}, 3},

std::bind(&CStringChecker::evalMemcmp, _1,

, _3, CK_Regular)},

{{CDM::CLibrary, {

}, 3},

std::bind(&CStringChecker::evalMemcmp, _1,

, _3, CK_Wide)},

{{CDM::CLibraryMaybeHardened, {

}, 3},

std::bind(&CStringChecker::evalMemmove, _1,

, _3, CK_Regular)},

{{CDM::CLibraryMaybeHardened, {

}, 3},

std::bind(&CStringChecker::evalMemmove, _1,

, _3, CK_Wide)},

{{CDM::CLibraryMaybeHardened, {

}, 3},

&CStringChecker::evalMemset},

{{CDM::CLibrary, {

}, 3}, &CStringChecker::evalMemset},

{{CDM::CLibraryMaybeHardened, {

}, 2},

&CStringChecker::evalStrcpy},

{{CDM::CLibraryMaybeHardened, {

}, 3},

&CStringChecker::evalStrncpy},

{{CDM::CLibraryMaybeHardened, {

}, 2},

&CStringChecker::evalStpcpy},

{{CDM::CLibraryMaybeHardened, {

}, 3},

&CStringChecker::evalStrlcpy},

{{CDM::CLibraryMaybeHardened, {

}, 2},

&CStringChecker::evalStrcat},

{{CDM::CLibraryMaybeHardened, {

}, 3},

&CStringChecker::evalStrncat},

{{CDM::CLibraryMaybeHardened, {

}, 3},

&CStringChecker::evalStrlcat},

{{CDM::CLibraryMaybeHardened, {

}, 1},

&CStringChecker::evalstrLength},

{{CDM::CLibrary, {

}, 1}, &CStringChecker::evalstrLength},

{{CDM::CLibraryMaybeHardened, {

}, 2},

&CStringChecker::evalstrnLength},

{{CDM::CLibrary, {

}, 2}, &CStringChecker::evalstrnLength},

{{CDM::CLibrary, {

}, 2}, &CStringChecker::evalStrcmp},

{{CDM::CLibrary, {

}, 3}, &CStringChecker::evalStrncmp},

{{CDM::CLibrary, {

}, 2}, &CStringChecker::evalStrcasecmp},

{{CDM::CLibrary, {

}, 3}, &CStringChecker::evalStrncasecmp},

{{CDM::CLibrary, {

}, 2}, &CStringChecker::evalStrsep},

{{CDM::CLibrary, {

}, 3}, &CStringChecker::evalBcopy},

{{CDM::CLibrary, {

}, 3},

std::bind(&CStringChecker::evalMemcmp, _1,

, _3, CK_Regular)},

{{CDM::CLibrary, {

}, 2}, &CStringChecker::evalBzero},

{{CDM::CLibraryMaybeHardened, {

}, 2},

&CStringChecker::evalBzero},

{{CDM::CLibraryMaybeHardened, {

}, std::nullopt, 2},

&CStringChecker::evalSprintf},

{{CDM::CLibraryMaybeHardened, {

}, std::nullopt, 3},

&CStringChecker::evalSnprintf},

StdCopyBackward{CDM::SimpleFunc, {

,

}, 3};

DestinationArgExpr Dest, SourceArgExpr Source,

Restricted,

IsMempcpy, CharKind CK)

;

IsStrnlen =

)

;

ReturnEnd,

IsBounded, ConcatFnKind appendK,

returnPtr =

)

;

IsBounded =

,

IgnoreCase =

)

;

IsBounded)

;

std::pair<ProgramStateRef , ProgramStateRef >

hypothetical =

)

;

invalidateDestinationBufferAlwaysEscapeSuperRegion(

InvalidationTraitOperations);

SummarizeRegion(raw_ostream &os,

&Ctx,

memsetAux(

*DstBuffer,

CharE,

AnyArgExpr Arg,

l)

;

AnyArgExpr Buffer,

Element,

Size)

;

AnyArgExpr Buffer,

Element,

CharKind CK = CharKind::Regular)

;

AnyArgExpr Buffer, SizeArgExpr Size,

CharKind CK = CharKind::Regular)

;

SizeArgExpr Size, AnyArgExpr

,

CharKind CK = CharKind::Regular)

;

*Second)

;

StringRef WarningMsg)

;

*S, StringRef WarningMsg)

;

*S, StringRef WarningMsg)

;

StringRef Msg)

;

std::pair<ProgramStateRef, ProgramStateRef>

std::optional<DefinedSVal> val =

.getAs<

>();

std::pair<ProgramStateRef, ProgramStateRef>(State, State);

State->assume(svalBuilder.

(State, *val, zero));

AnyArgExpr Arg,

l)

{

std::tie(stateNull, stateNonNull) =

assumeZero(

, State, l, Arg.Expression->getType());

(stateNull && !stateNonNull) {

(

.CheckCStringNullArg) {

llvm::raw_svector_ostream OS(buf);

assert(CurrentFunctionDescription);

OS <<

<< (Arg.ArgumentIndex + 1)

<< llvm::getOrdinalSuffix(Arg.ArgumentIndex + 1) <<

<< CurrentFunctionDescription;

emitNullArgBug(

, stateNull, Arg.Expression, OS.str());

assert(stateNonNull);

&SVB = State->getStateManager().getSValBuilder();

(CK == CharKind::Regular) {

(Offset.isUnknown())

Offset.castAs<

>();

Os << Idx << llvm::getOrdinalSuffix(Idx);

AnyArgExpr Buffer,

Element,

*R = Element.getAsRegion();

*ER = dyn_cast_or_null<ElementRegion>(R);

(!SuperR->getValueType()->isArrayType())

std::optional<Loc> FirstElementVal =

(!FirstElementVal)

(

.CheckCStringUninitializedRead &&

State->getSVal(*FirstElementVal).isUndef()) {

llvm::raw_svector_ostream OS(Buf);

OS <<

;

OS <<

;

emitUninitializedReadBug(

, State, Buffer.Expression,

FirstElementVal->getAsRegion(), OS.str());

std::optional<NonLoc> Offset =

LastElementVal =

(!isa<Loc>(LastElementVal))

(

.CheckCStringUninitializedRead &&

State->getSVal(LastElementVal.

<

>()).isUndef()) {

llvm::APSInt *IdxInt = LastIdx.getAsInteger();

llvm::raw_svector_ostream OS(Buf);

OS <<

;

OS << IdxInt->getExtValue();

OS <<

;

emitUninitializedReadBug(

, State, Buffer.Expression,

AnyArgExpr Buffer,

Element,

*R = Element.getAsRegion();

*ER = dyn_cast<ElementRegion>(R);

std::optional<NonLoc> Idx =

(state, ER, CK);

*superReg = cast<SubRegion>(ER->getSuperRegion());

[StInBound, StOutBound] = state->assumeInBoundDual(*Idx, Size);

(StOutBound && !StInBound) {

(!

.CheckCStringOutOfBounds)

ErrorMessage Message =

createOutOfBoundErrorMsg(CurrentFunctionDescription, Access);

emitOutOfBoundsBug(

, StOutBound, Buffer.Expression, Message);

AnyArgExpr Buffer, SizeArgExpr Size,

AccessKind Access, CharKind CK)

{

PtrTy = getCharPtrType(Ctx, CK);

BufVal =

.getSVal(Buffer.Expression);

State = checkNonNull(

, State, Buffer, BufVal);

(!

.CheckCStringOutOfBounds)

svalBuilder.

(BufVal, PtrTy, Buffer.Expression->getType());

State = CheckLocation(

, State, Buffer, BufStart, Access, CK);

LengthVal =

.getSVal(

.Expression);

std::optional<NonLoc> Length = LengthVal.

<

>();

Offset = svalBuilder.

(State, BO_Sub, *Length, One, SizeTy);

(Offset.isUnknown())

(std::optional<Loc> BufLoc = BufStart.

<

>()) {

svalBuilder.

(State, BO_Add, *BufLoc, LastOffset, PtrTy);

State = CheckLocation(

, State, Buffer, BufEnd, Access, CK);

(Access == AccessKind::read)

State = checkInit(

, State, Buffer, BufEnd, *Length);

SizeArgExpr Size, AnyArgExpr

,

(!

.CheckCStringBufferOverlap)

(

.Expression->getType()->getPointeeType().getAddressSpace() !=

Second.Expression->getType()->getPointeeType().getAddressSpace())

firstVal = state->getSVal(

.Expression, LCtx);

secondVal = state->getSVal(Second.Expression, LCtx);

std::optional<Loc> firstLoc = firstVal.

<

>();

std::optional<Loc> secondLoc = secondVal.

<

>();

std::tie(stateTrue, stateFalse) =

state->assume(svalBuilder.

(state, *firstLoc, *secondLoc));

(stateTrue && !stateFalse) {

emitOverlapBug(

, stateTrue,

.Expression, Second.Expression);

svalBuilder.

(state, BO_GT, *firstLoc, *secondLoc, cmpTy);

std::optional<DefinedOrUnknownSVal> reverseTest =

std::tie(stateTrue, stateFalse) = state->assume(*reverseTest);

std::swap(firstLoc, secondLoc);

std::swap(

, Second);

LengthVal = state->getSVal(

.Expression, LCtx);

std::optional<NonLoc> Length = LengthVal.

<

>();

CharPtrTy = getCharPtrType(Ctx, CK);

svalBuilder.

(*firstLoc, CharPtrTy,

.Expression->getType());

std::optional<Loc> FirstStartLoc = FirstStart.

<

>();

FirstEnd = svalBuilder.

(state, BO_Add, *FirstStartLoc,

std::optional<Loc> FirstEndLoc = FirstEnd.

<

>();

svalBuilder.

(state, BO_GT, *FirstEndLoc, *secondLoc, cmpTy);

std::optional<DefinedOrUnknownSVal> OverlapTest =

std::tie(stateTrue, stateFalse) = state->assume(*OverlapTest);

(stateTrue && !stateFalse) {

emitOverlapBug(

, stateTrue,

.Expression, Second.Expression);

BT_Overlap.reset(

(

.CheckNameCStringBufferOverlap,

report = std::make_unique<PathSensitiveBugReport>(

*BT_Overlap,

, N);

report->addRange(

->getSourceRange());

.emitReport(std::move(report));

*S, StringRef WarningMsg)

{

std::make_unique<PathSensitiveBugReport>(*BT_Null, WarningMsg, N);

->addRange(S->getSourceRange());

(

*Ex = dyn_cast<Expr>(S))

.emitReport(std::move(

));

StringRef Msg)

{

BT_UninitRead.reset(

(

.CheckNameCStringUninitializedRead,

));

std::make_unique<PathSensitiveBugReport>(*BT_UninitRead, Msg, N);

->addNote(

,

.emitReport(std::move(

));

StringRef WarningMsg)

{

BT_Bounds.reset(

(

.CheckCStringOutOfBounds

?

.CheckNameCStringOutOfBounds

:

.CheckNameCStringNullArg,

));

std::make_unique<PathSensitiveBugReport>(*BT_Bounds, WarningMsg, N);

->addRange(S->getSourceRange());

.emitReport(std::move(

));

StringRef WarningMsg)

{

(

*N =

.generateNonFatalErrorNode(State)) {

(!BT_NotCString) {

std::make_unique<PathSensitiveBugReport>(*BT_NotCString, WarningMsg, N);

->addRange(S->getSourceRange());

.emitReport(std::move(

));

(!BT_AdditionOverflow) {

BT_AdditionOverflow.reset(

*WarningMsg =

;

= std::make_unique<PathSensitiveBugReport>(*BT_AdditionOverflow,

.emitReport(std::move(

));

(!

.CheckCStringOutOfBounds)

llvm::APSInt &maxValInt = BVF.

(sizeTy);

(isa<nonloc::ConcreteInt>(right)) {

maxMinusRight = svalBuilder.

(state, BO_Sub, maxVal, right,

maxMinusRight = svalBuilder.

(state, BO_Sub, maxVal, left,

(std::optional<NonLoc> maxMinusRightNL = maxMinusRight.

<

>()) {

*maxMinusRightNL, cmpTy);

std::tie(stateOverflow, stateOkay) =

(stateOverflow && !stateOkay) {

emitAdditionOverflowBug(

, stateOverflow);

assert(!strLength.

() &&

);

MemRegion::StringRegionKind:

MemRegion::SymbolicRegionKind:

MemRegion::AllocaRegionKind:

MemRegion::NonParamVarRegionKind:

MemRegion::ParamVarRegionKind:

MemRegion::FieldRegionKind:

MemRegion::ObjCIvarRegionKind:

MemRegion::ElementRegionKind:

state->remove<CStringLength>(MR);

state->set<CStringLength>(MR, strLength);

hypothetical) {

(!hypothetical) {

*Recorded = state->get<CStringLength>(MR);

.getLocationContext(),

(!hypothetical) {

(std::optional<NonLoc> strLn = strLength.

<

>()) {

llvm::APSInt &maxValInt = BVF.

(sizeTy);

std::optional<APSIntPtr> maxLengthInt =

BVF.

(BO_Div, maxValInt, fourInt);

evalLength = svalBuilder.

(state, BO_LE, *strLn, maxLength,

state = state->set<CStringLength>(MR, strLength);

hypothetical)

{

(

.CheckCStringNotNullTerm) {

llvm::raw_svector_ostream os(buf);

assert(CurrentFunctionDescription);

os <<

<< CurrentFunctionDescription

<<

<<

->getLabel()->getName()

<<

;

emitNotCStringBug(

, state, Ex, os.str());

MemRegion::StringRegionKind: {

*strLit = cast<StringRegion>(MR)->getStringLiteral();

MemRegion::NonParamVarRegionKind: {

*

= cast<NonParamVarRegion>(MR)->getDecl();

(

->getType().isConstQualified() &&

->hasGlobalStorage()) {

(

*StrLit = dyn_cast<StringLiteral>(

)) {

SvalBuilder.

(StrLit->getLength(), SizeTy);

MemRegion::SymbolicRegionKind:

MemRegion::AllocaRegionKind:

MemRegion::ParamVarRegionKind:

MemRegion::FieldRegionKind:

MemRegion::ObjCIvarRegionKind:

getCStringLengthForRegion(

, state, Ex, MR, hypothetical);

MemRegion::CompoundLiteralRegionKind:

MemRegion::ElementRegionKind:

(

.CheckCStringNotNullTerm) {

llvm::raw_svector_ostream os(buf);

assert(CurrentFunctionDescription);

os <<

<< CurrentFunctionDescription <<

;

(SummarizeRegion(os,

.getASTContext(), MR))

os <<

;

os <<

;

emitNotCStringBug(

, state, Ex, os.str());

*strRegion= dyn_cast<StringRegion>(bufRegion);

std::optional<NonLoc> Length = LengthVal.

<

>();

Offset = SB.

(State, BO_Sub, *Length, One, LengthTy);

(Offset.isUnknown())

std::optional<Loc> BufLoc = BufStart.

<

>();

BufEnd = SB.

(State, BO_Add, *BufLoc, LastOffset, PtrTy);

);

(StInBound);

InvalidationTraitOperations =

[&

, S, BufTy = BufE->

(), BufV, SizeV,

(MemRegion::FieldRegionKind == R->

() &&

isFirstBufInBound(

, S, BufV, BufTy, SizeV, SizeTy)) {

invalidateBufferAux(

, S, BufE, BufV, InvalidationTraitOperations);

CStringChecker::invalidateDestinationBufferAlwaysEscapeSuperRegion(

isa<FieldRegion>(R);

invalidateBufferAux(

, S, BufE, BufV, InvalidationTraitOperations);

CStringChecker::invalidateDestinationBufferNeverOverflows(

InvalidationTraitOperations =

(MemRegion::FieldRegionKind == R->

())

invalidateBufferAux(

, S, BufE, BufV, InvalidationTraitOperations);

InvalidationTraitOperations =

invalidateBufferAux(

, S, BufE, BufV, InvalidationTraitOperations);

InvalidationTraitOperations) {

std::optional<Loc> L =

.getAs<

>();

(

*ER = dyn_cast<ElementRegion>(R)) {

CausesPointerEscape = InvalidationTraitOperations(ITraits, R);

State->invalidateRegions(R,

,

.blockCount(), LCtx,

CausesPointerEscape,

,

,

State->killBinding(*L);

CStringChecker::SummarizeRegion(raw_ostream &os,

&Ctx,

MemRegion::FunctionCodeRegionKind: {

(

*FD = cast<FunctionCodeRegion>(MR)->getDecl())

os <<

<< *FD <<

;

os <<

;

MemRegion::BlockCodeRegionKind:

os <<

;

MemRegion::BlockDataRegionKind:

MemRegion::CXXThisRegionKind:

MemRegion::CXXTempObjectRegionKind:

os <<

<< cast<TypedValueRegion>(MR)->getValueType();

MemRegion::NonParamVarRegionKind:

os <<

<< cast<TypedValueRegion>(MR)->getValueType();

MemRegion::ParamVarRegionKind:

os <<

<< cast<TypedValueRegion>(MR)->getValueType();

MemRegion::FieldRegionKind:

os <<

<< cast<TypedValueRegion>(MR)->getValueType();

MemRegion::ObjCIvarRegionKind:

os <<

<< cast<TypedValueRegion>(MR)->getValueType();

CStringChecker::memsetAux(

*DstBuffer,

CharVal,

MemVal =

.getSVal(DstBuffer);

SizeVal =

.getSVal(Size);

*BR = Offset.getRegion();

std::optional<NonLoc> SizeNL = SizeVal.

<

>();

(Offset.isValid() && !Offset.hasSymbolicOffset() &&

Offset.getOffset() == 0) {

std::tie(StateWholeReg, StateNotWholeReg) =

State->assume(svalBuilder.

(State, SizeDV, *SizeNL));

std::tie(StateNullChar, StateNonNullChar) =

(StateWholeReg && !StateNotWholeReg && StateNullChar &&

!StateNonNullChar) {

State = State->bindDefaultZero(svalBuilder.

(BR),

.getLocationContext());

State = invalidateDestinationBufferBySize(

, State, DstBuffer, MemVal,

SizeVal,

->getType());

(StateNullChar && !StateNonNullChar) {

State = setCStringLength(State, MR,

}

(!StateNullChar && StateNonNullChar) {

CStringChecker::getTag(), MR, DstBuffer, Ctx.

(),

.getLocationContext(),

.blockCount());

State = setCStringLength(

State = invalidateDestinationBufferBySize(

, State, DstBuffer, MemVal,

SizeVal,

->getType());

DestinationArgExpr Dest,

SourceArgExpr Source,

Restricted,

IsMempcpy, CharKind CK)

{

CurrentFunctionDescription =

;

sizeVal = state->getSVal(

.Expression, LCtx);

std::tie(stateZeroSize, stateNonZeroSize) =

assumeZero(

, state, sizeVal, sizeTy);

destVal = state->getSVal(Dest.Expression, LCtx);

(stateZeroSize && !stateNonZeroSize) {

stateZeroSize->BindExpr(

.getOriginExpr(), LCtx, destVal);

.addTransition(stateZeroSize);

(stateNonZeroSize) {

state = stateNonZeroSize;

state = checkNonNull(

, state, Dest, destVal);

srcVal = state->getSVal(Source.Expression, LCtx);

state = checkNonNull(

, state, Source, srcVal);

state = CheckBufferAccess(

, state, Dest, Size, AccessKind::write, CK);

state = CheckBufferAccess(

, state, Source, Size, AccessKind::read, CK);

state = CheckOverlap(

, state, Size, Dest, Source, CK);

CharPtrTy = getCharPtrType(Ctx, CK);

DestRegCharVal =

SvalBuilder.

(destVal, CharPtrTy, Dest.Expression->getType());

lastElement =

.getSValBuilder().evalBinOp(

state, BO_Add, DestRegCharVal, sizeVal, Dest.Expression->getType());

lastElement =

.getSValBuilder().conjureSymbolVal(

,

.getOriginExpr(), LCtx,

.blockCount());

state = state->BindExpr(

.getOriginExpr(), LCtx, lastElement);

state = state->BindExpr(

.getOriginExpr(), LCtx, destVal);

state = invalidateDestinationBufferBySize(

, state, Dest.Expression,

.getSVal(Dest.Expression), sizeVal,

.Expression->getType());

state = invalidateSourceBuffer(

, state, Source.Expression,

.getSVal(Source.Expression));

.addTransition(state);

CharKind CK)

{

DestinationArgExpr Dest = {{

.getArgExpr(0), 0}};

SourceArgExpr Src = {{

.getArgExpr(1), 1}};

SizeArgExpr

= {{

.getArgExpr(2), 2}};

IsRestricted =

;

IsMempcpy =

;

evalCopyCommon(

,

, State, Size, Dest, Src, IsRestricted, IsMempcpy, CK);

CharKind CK)

{

DestinationArgExpr Dest = {{

.getArgExpr(0), 0}};

SourceArgExpr Src = {{

.getArgExpr(1), 1}};

SizeArgExpr

= {{

.getArgExpr(2), 2}};

IsRestricted =

;

IsMempcpy =

;

evalCopyCommon(

,

,

.getState(), Size, Dest, Src, IsRestricted,

CharKind CK)

{

DestinationArgExpr Dest = {{

.getArgExpr(0), 0}};

SourceArgExpr Src = {{

.getArgExpr(1), 1}};

SizeArgExpr

= {{

.getArgExpr(2), 2}};

IsRestricted =

;

IsMempcpy =

;

evalCopyCommon(

,

,

.getState(), Size, Dest, Src, IsRestricted,

SourceArgExpr Src{{

.getArgExpr(0), 0}};

DestinationArgExpr Dest = {{

.getArgExpr(1), 1}};

SizeArgExpr

= {{

.getArgExpr(2), 2}};

IsRestricted =

;

IsMempcpy =

;

evalCopyCommon(

,

,

.getState(), Size, Dest, Src, IsRestricted,

IsMempcpy, CharKind::Regular);

CharKind CK)

{

CurrentFunctionDescription =

;

AnyArgExpr

= {

.getArgExpr(0), 0};

AnyArgExpr

= {

.getArgExpr(1), 1};

SizeArgExpr

= {{

.getArgExpr(2), 2}};

sizeVal = State->getSVal(

.Expression, LCtx);

std::tie(stateZeroSize, stateNonZeroSize) =

assumeZero(

, State, sizeVal, sizeTy);

(stateZeroSize) {

State = stateZeroSize;

State = State->BindExpr(

.getOriginExpr(), LCtx,

Builder.makeZeroVal(

.getResultType()));

.addTransition(State);

(stateNonZeroSize) {

State = stateNonZeroSize;

std::tie(SameBuffer, NotSameBuffer) =

State->assume(Builder.evalEQ(State, LV, RV));

(SameBuffer && !NotSameBuffer) {

State = CheckBufferAccess(

, State, Left, Size, AccessKind::read);

State = SameBuffer->BindExpr(

.getOriginExpr(), LCtx,

Builder.makeZeroVal(

.getResultType()));

.addTransition(State);

assert(NotSameBuffer);

State = CheckBufferAccess(

, State, Right, Size, AccessKind::read, CK);

State = CheckBufferAccess(

, State, Left, Size, AccessKind::read, CK);

CmpV = Builder.conjureSymbolVal(

,

.getOriginExpr(), LCtx,

State = State->BindExpr(

.getOriginExpr(), LCtx, CmpV);

.addTransition(State);

evalstrLengthCommon(

,

,

);

evalstrLengthCommon(

,

,

);

IsStrnlen)

{

CurrentFunctionDescription =

;

*maxlenExpr =

.getArgExpr(1);

maxlenVal = state->getSVal(maxlenExpr, LCtx);

std::tie(stateZeroSize, stateNonZeroSize) =

assumeZero(

, state, maxlenVal, maxlenExpr->

());

(stateZeroSize) {

zero =

.getSValBuilder().makeZeroVal(

.getResultType());

stateZeroSize = stateZeroSize->BindExpr(

.getOriginExpr(), LCtx, zero);

.addTransition(stateZeroSize);

(!stateNonZeroSize)

state = stateNonZeroSize;

AnyArgExpr Arg = {

.getArgExpr(0), 0};

ArgVal = state->getSVal(Arg.Expression, LCtx);

state = checkNonNull(

, state, Arg, ArgVal);

strLength = getCStringLength(

, state, Arg.Expression, ArgVal);

cmpTy =

.getSValBuilder().getConditionType();

*maxlenExpr =

.getArgExpr(1);

maxlenVal = state->getSVal(maxlenExpr, LCtx);

std::optional<NonLoc> strLengthNL = strLength.

<

>();

std::optional<NonLoc> maxlenValNL = maxlenVal.

<

>();

(strLengthNL && maxlenValNL) {

std::tie(stateStringTooLong, stateStringNotTooLong) = state->assume(

.evalBinOpNN(state, BO_GT, *strLengthNL, *maxlenValNL, cmpTy)

(stateStringTooLong && !stateStringNotTooLong) {

result = *maxlenValNL;

}

(stateStringNotTooLong && !stateStringTooLong) {

result = *strLengthNL;

result =

.getSValBuilder().conjureSymbolVal(

,

.getOriginExpr(), LCtx,

.blockCount());

state = state->assume(

.getSValBuilder().evalBinOpNN(

state, BO_LE, resultNL, *strLengthNL, cmpTy)

state = state->assume(

.getSValBuilder().evalBinOpNN(

state, BO_LE, resultNL, *maxlenValNL, cmpTy)

result =

.getSValBuilder().conjureSymbolVal(

,

.getOriginExpr(), LCtx,

.blockCount());

assert(!result.

() &&

);

state = state->BindExpr(

.getOriginExpr(), LCtx, result);

.addTransition(state);

evalStrcpyCommon(

,

,

ConcatFnKind::none);

evalStrcpyCommon(

,

,

ConcatFnKind::none);

evalStrcpyCommon(

,

,

ConcatFnKind::none);

evalStrcpyCommon(

,

,

evalStrcpyCommon(

,

,

ConcatFnKind::strcat);

evalStrcpyCommon(

,

,

ConcatFnKind::strcat);

evalStrcpyCommon(

,

,

ConcatFnKind::strlcat,

ReturnEnd,

IsBounded,

ConcatFnKind appendK,

returnPtr)

{

(appendK == ConcatFnKind::none)

CurrentFunctionDescription =

;

CurrentFunctionDescription =

;

DestinationArgExpr Dst = {{

.getArgExpr(0), 0}};

DstVal = state->getSVal(Dst.Expression, LCtx);

state = checkNonNull(

, state, Dst, DstVal);

SourceArgExpr srcExpr = {{

.getArgExpr(1), 1}};

srcVal = state->getSVal(srcExpr.Expression, LCtx);

state = checkNonNull(

, state, srcExpr, srcVal);

strLength = getCStringLength(

, state, srcExpr.Expression, srcVal);

std::optional<NonLoc> strLengthNL = strLength.

<

>();

dstStrLength = getCStringLength(

, state, Dst.Expression, DstVal);

std::optional<NonLoc> dstStrLengthNL = dstStrLength.getAs<

>();

*boundWarning =

;

SizeArgExpr SrcExprAsSizeDummy = {

{srcExpr.Expression, srcExpr.ArgumentIndex}};

state = CheckOverlap(

(IsBounded ? SizeArgExpr{{

.getArgExpr(2), 2}} : SrcExprAsSizeDummy),

SizeArgExpr lenExpr = {{

.getArgExpr(2), 2}};

lenVal = state->getSVal(lenExpr.Expression, LCtx);

svalBuilder.

(lenVal, sizeTy, lenExpr.Expression->getType());

std::optional<NonLoc> lenValNL = lenVal.

<

>();

(strLengthNL && lenValNL) {

ConcatFnKind::none:

ConcatFnKind::strcat: {

std::tie(stateSourceTooLong, stateSourceNotTooLong) = state->assume(

.evalBinOpNN(state, BO_GE, *strLengthNL, *lenValNL, cmpTy)

.castAs<DefinedOrUnknownSVal>());

(stateSourceTooLong && !stateSourceNotTooLong) {

state = stateSourceTooLong;

amountCopied = lenVal;

}

(!stateSourceTooLong && stateSourceNotTooLong) {

state = stateSourceNotTooLong;

amountCopied = strLength;

ConcatFnKind::strlcat:

(!dstStrLengthNL)

*dstStrLengthNL, sizeTy);

(!isa<NonLoc>(freeSpace))

svalBuilder.

(state, BO_Sub, freeSpace,

svalBuilder.

(1, sizeTy), sizeTy);

std::optional<NonLoc> freeSpaceNL = freeSpace.

<

>();

state, BO_LE, *strLengthNL, *freeSpaceNL, cmpTy);

std::tie(TrueState, FalseState) =

(TrueState && !FalseState) {

amountCopied = strLength;

(!TrueState && FalseState) {

amountCopied = freeSpace;

(TrueState && FalseState)

ConcatFnKind::strcat:

(dstStrLength.isUndef())

(dstStrLengthNL) {

state, BO_Add, *lenValNL, *dstStrLengthNL, sizeTy);

boundWarning =

;

ConcatFnKind::none:

ConcatFnKind::strlcat:

std::tie(StateZeroSize, StateNonZeroSize) =

assumeZero(

, state, *lenValNL, sizeTy);

(StateZeroSize && !StateNonZeroSize) {

StateZeroSize->BindExpr(

.getOriginExpr(), LCtx, DstVal);

(appendK == ConcatFnKind::none) {

StateZeroSize = StateZeroSize->BindExpr(

.getOriginExpr(),

state, BO_Add, strLength, dstStrLength, sizeTy);

StateZeroSize->BindExpr(

.getOriginExpr(), LCtx, retSize);

.addTransition(StateZeroSize);

maxLastElementIndex =

svalBuilder.

(state, BO_Sub, *lenValNL, one, sizeTy);

boundWarning =

;

amountCopied = strLength;

(appendK == ConcatFnKind::none && !returnPtr) {

strlRetVal = strLength;

(appendK != ConcatFnKind::none) {

(dstStrLength.isUndef())

(appendK == ConcatFnKind::strlcat && dstStrLengthNL && strLengthNL) {

strlRetVal = svalBuilder.

(state, BO_Add, *strLengthNL,

*dstStrLengthNL, sizeTy);

std::optional<NonLoc> amountCopiedNL = amountCopied.

<

>();

(amountCopiedNL && dstStrLengthNL) {

state = checkAdditionOverflow(

, state, *amountCopiedNL, *dstStrLengthNL);

finalStrLength = svalBuilder.

(state, BO_Add, *amountCopiedNL,

*dstStrLengthNL, sizeTy);

getCStringLength(

, state,

.getOriginExpr(), DstVal,

);

assert(!finalStrLength.

());

(std::optional<NonLoc> finalStrLengthNL =

(amountCopiedNL && appendK == ConcatFnKind::none) {

state, BO_GE, *finalStrLengthNL, *amountCopiedNL, cmpTy);

(dstStrLengthNL && appendK != ConcatFnKind::none) {

finalStrLength = amountCopied;

Result = (ReturnEnd ?

() : DstVal);

(appendK == ConcatFnKind::strlcat || appendK == ConcatFnKind::none)

Result = strlRetVal;

Result = finalStrLength;

(std::optional<loc::MemRegionVal> dstRegVal =

ptrTy = Dst.Expression->getType();

(std::optional<NonLoc> maxLastNL = maxLastElementIndex.

<

>()) {

maxLastElement =

svalBuilder.

(state, BO_Add, *dstRegVal, *maxLastNL, ptrTy);

state = CheckLocation(

, state, Dst, DstVal, AccessKind::write);

state = CheckLocation(

, state, Dst, maxLastElement, AccessKind::write);

(std::optional<NonLoc> knownStrLength = finalStrLength.

<

>()) {

lastElement = svalBuilder.

(state, BO_Add, *dstRegVal,

*knownStrLength, ptrTy);

(!boundWarning) {

state = CheckLocation(

, state, Dst, DstVal, AccessKind::write);

state = CheckLocation(

, state, Dst, lastElement, AccessKind::write);

(returnPtr && ReturnEnd)

Result = lastElement;

state = invalidateDestinationBufferBySize(

, state, Dst.Expression,

*dstRegVal, amountCopied,

.getASTContext().getSizeType());

state = invalidateSourceBuffer(

, state, srcExpr.Expression, srcVal);

(IsBounded && (appendK == ConcatFnKind::none)) {

(amountCopied != strLength)

state = setCStringLength(state, dstRegVal->getRegion(), finalStrLength);

(ReturnEnd && Result.isUnknown()) {

state = state->BindExpr(

.getOriginExpr(), LCtx, Result);

.addTransition(state);

evalStrcmpCommon(

,

,

,

);

evalStrcmpCommon(

,

,

,

);

evalStrcmpCommon(

,

,

,

);

evalStrcmpCommon(

,

,

,

);

IsBounded,

IgnoreCase)

{

CurrentFunctionDescription =

;

AnyArgExpr

= {

.getArgExpr(0), 0};

LeftVal = state->getSVal(

.Expression, LCtx);

state = checkNonNull(

, state, Left, LeftVal);

AnyArgExpr

= {

.getArgExpr(1), 1};

RightVal = state->getSVal(

.Expression, LCtx);

state = checkNonNull(

, state, Right, RightVal);

LeftLength = getCStringLength(

, state,

.Expression, LeftVal);

RightLength = getCStringLength(

, state,

.Expression, RightVal);

std::tie(StSameBuf, StNotSameBuf) = state->assume(SameBuf);

StSameBuf->BindExpr(

.getOriginExpr(), LCtx,

svalBuilder.makeZeroVal(

.getResultType()));

.addTransition(StSameBuf);

assert(StNotSameBuf);

state = StNotSameBuf;

getCStringLiteral(

, state,

.Expression, LeftVal);

getCStringLiteral(

, state,

.Expression, RightVal);

canComputeResult =

;

resultVal = svalBuilder.conjureSymbolVal(

,

.getOriginExpr(),

LCtx,

.blockCount());

(LeftStrLiteral && RightStrLiteral) {

StringRef LeftStrRef = LeftStrLiteral->

();

StringRef RightStrRef = RightStrLiteral->

();

*lenExpr =

.getArgExpr(2);

lenVal = state->getSVal(lenExpr, LCtx);

(

llvm::APSInt *len = svalBuilder.getKnownValue(state, lenVal)) {

LeftStrRef = LeftStrRef.substr(0, (

)len->getZExtValue());

RightStrRef = RightStrRef.substr(0, (

)len->getZExtValue());

canComputeResult =

;

canComputeResult =

;

(canComputeResult) {

s1Term = LeftStrRef.find(

);

(s1Term != StringRef::npos)

LeftStrRef = LeftStrRef.substr(0, s1Term);

s2Term = RightStrRef.find(

);

(s2Term != StringRef::npos)

RightStrRef = RightStrRef.substr(0, s2Term);

compareRes = IgnoreCase ? LeftStrRef.compare_insensitive(RightStrRef)

: LeftStrRef.compare(RightStrRef);

(compareRes == 0) {

resultVal = svalBuilder.makeIntVal(compareRes,

.getResultType());

zeroVal = svalBuilder.makeIntVal(0,

.getResultType());

compareWithZero =

svalBuilder.evalBinOp(state, op, resultVal, zeroVal,

svalBuilder.getConditionType());

state = state->assume(compareWithZeroVal,

);

state = state->BindExpr(

.getOriginExpr(), LCtx, resultVal);

.addTransition(state);

SourceArgExpr SearchStrPtr = {{

.getArgExpr(0), 0}};

(CharPtrTy.

() ||

.getResultType().getUnqualifiedType() !=

CurrentFunctionDescription =

;

SearchStrVal = State->getSVal(SearchStrPtr.Expression, LCtx);

State = checkNonNull(

, State, SearchStrPtr, SearchStrVal);

AnyArgExpr DelimStr = {

.getArgExpr(1), 1};

DelimStrVal = State->getSVal(DelimStr.Expression, LCtx);

State = checkNonNull(

, State, DelimStr, DelimStrVal);

(std::optional<Loc> SearchStrLoc = SearchStrVal.

<

>()) {

Result = State->getSVal(*SearchStrLoc, CharPtrTy);

State = invalidateDestinationBufferNeverOverflows(

, State, SearchStrPtr.Expression, Result);

State->bindLoc(*SearchStrLoc,

LCtx, CharPtrTy,

.blockCount()),

State = State->BindExpr(

.getOriginExpr(), LCtx, Result);

.addTransition(State);

evalStdCopyCommon(

,

);

evalStdCopyCommon(

,

);

(!

.getArgExpr(2)->getType()->isPointerType())

*Dst =

.getArgExpr(2);

DstVal = State->getSVal(Dst, LCtx);

invalidateDestinationBufferAlwaysEscapeSuperRegion(

, State, Dst, DstVal);

State = State->BindExpr(

.getOriginExpr(), LCtx, ResultVal);

.addTransition(State);

CurrentFunctionDescription =

;

DestinationArgExpr Buffer = {{

.getArgExpr(0), 0}};

AnyArgExpr CharE = {

.getArgExpr(1), 1};

SizeArgExpr

= {{

.getArgExpr(2), 2}};

SizeVal =

.getSVal(

.Expression);

std::tie(ZeroSize, NonZeroSize) = assumeZero(

, State, SizeVal, SizeTy);

BufferPtrVal =

.getSVal(Buffer.Expression);

(ZeroSize && !NonZeroSize) {

ZeroSize = ZeroSize->BindExpr(

.getOriginExpr(), LCtx, BufferPtrVal);

.addTransition(ZeroSize);

State = checkNonNull(

, NonZeroSize, Buffer, BufferPtrVal);

State = CheckBufferAccess(

, State, Buffer, Size, AccessKind::write);

(!memsetAux(Buffer.Expression,

.getSVal(CharE.Expression),

.Expression,

, State))

State = State->BindExpr(

.getOriginExpr(), LCtx, BufferPtrVal);

.addTransition(State);

CurrentFunctionDescription =

;

DestinationArgExpr Buffer = {{

.getArgExpr(0), 0}};

SizeArgExpr

= {{

.getArgExpr(1), 1}};

=

.getSValBuilder().makeZeroVal(

.getASTContext().IntTy);

SizeVal =

.getSVal(

.Expression);

std::tie(StateZeroSize, StateNonZeroSize) =

assumeZero(

, State, SizeVal, SizeTy);

(StateZeroSize && !StateNonZeroSize) {

.addTransition(StateZeroSize);

MemVal =

.getSVal(Buffer.Expression);

State = checkNonNull(

, StateNonZeroSize, Buffer, MemVal);

State = CheckBufferAccess(

, State, Buffer, Size, AccessKind::write);

(!memsetAux(Buffer.Expression, Zero,

.Expression,

, State))

.addTransition(State);

CurrentFunctionDescription =

;

evalSprintfCommon(

,

,

);

CurrentFunctionDescription =

;

evalSprintfCommon(

,

,

);

IsBounded)

{

*CE = cast<CallExpr>(

.getOriginExpr());

DestinationArgExpr Dest = {{

.getArgExpr(0), 0}};

NumParams =

.parameters().size();

(CE->getNumArgs() < NumParams) {

AllArguments =

llvm::make_range(CE->getArgs(), CE->getArgs() + CE->getNumArgs());

VariadicArguments = drop_begin(enumerate(AllArguments), NumParams);

(

&[ArgIdx, ArgExpr] : VariadicArguments) {

!

->isAnyPointerType() ||

!

->getPointeeType()->isAnyCharacterType())

SourceArgExpr Source = {{ArgExpr,

(ArgIdx)}};

SizeArgExpr SrcExprAsSizeDummy = {

{Source.Expression, Source.ArgumentIndex}};

State = CheckOverlap(

(IsBounded ? SizeArgExpr{{

.getArgExpr(1), 1}} : SrcExprAsSizeDummy),

.addTransition(State);

CStringChecker::FnCheck CStringChecker::identifyCall(

&

,

*CE = dyn_cast_or_null<CallExpr>(

.getOriginExpr());

(StdCopy.matches(

))

&CStringChecker::evalStdCopy;

(StdCopyBackward.matches(

))

&CStringChecker::evalStdCopyBackward;

(

I : CE->arguments()) {

FnCheck *Callback = Callbacks.lookup(

);

FnCheck Callback = identifyCall(

,

);

assert(isa<CallExpr>(

.getOriginExpr()));

Callback(

,

,

);

.isDifferent();

(

*I : DS->

()) {

*

= dyn_cast<VarDecl>(I);

(!

->getType()->isArrayType())

(!isa<StringLiteral>(

))

VarLoc = state->getLValue(

,

.getLocationContext());

assert(StrVal.

() &&

);

state = state->set<CStringLength>(MR, strLength);

.addTransition(state);

CStringLengthTy Entries = state->get<CStringLength>();

(Entries.isEmpty())

Invalidated.insert(MR);

SuperRegions.insert(MR);

(

*SR = dyn_cast<SubRegion>(MR)) {

MR = SR->getSuperRegion();

SuperRegions.insert(MR);

CStringLengthTy::Factory &F = state->get_context<CStringLength>();

(

*MR : llvm::make_first_range(Entries)) {

(SuperRegions.count(MR)) {

Entries = F.remove(Entries, MR);

(

*SR = dyn_cast<SubRegion>(Super)) {

Super = SR->getSuperRegion();

(Invalidated.count(Super)) {

Entries = F.remove(Entries, MR);

state->set<CStringLength>(Entries);

CStringLengthTy Entries = state->get<CStringLength>();

(

Len : llvm::make_second_range(Entries)) {

CStringChecker::checkDeadSymbols(

&SR,

CStringLengthTy Entries = state->get<CStringLength>();

(Entries.isEmpty())

CStringLengthTy::Factory &F = state->get_context<CStringLength>();

(

[Reg, Len] : Entries) {

(

Sym = Len.getAsSymbol()) {

Entries = F.remove(Entries, Reg);

state = state->set<CStringLength>(Entries);

.addTransition(state);

ento::shouldRegisterCStringModeling(

&mgr) {

Defines enum values for all the target-independent builtin functions.

static std::optional< NonLoc > getIndex(ProgramStateRef State, const ElementRegion *ER, CharKind CK)

#define REGISTER_CHECKER(name)

static void printIdxWithOrdinalSuffix(llvm::raw_ostream &Os, unsigned Idx)

#define REGISTER_MAP_WITH_PROGRAMSTATE(Name, Key, Value)

Declares an immutable map of type NameTy, suitable for placement into the ProgramState.

Holds long-lived AST nodes (such as types and decls) that can be referred to throughout the semantic ...

QualType getPointerType(QualType T) const

Return the uniqued reference to the type for a pointer to the specified type.

QualType getBaseElementType(const ArrayType *VAT) const

Return the innermost element type of an array type.

CanQualType getSizeType() const

Return the unique type for "size_t" (C99 7.17), defined in <stddef.h>.

CharUnits getTypeSizeInChars(QualType T) const

Return the size of the specified (complete) type T, in characters.

CanQualType UnsignedCharTy

QuantityType getQuantity() const

getQuantity - Get the raw integer representation of this quantity.

DeclStmt - Adaptor class for mixing declarations with statements and expressions.

Decl - This represents one declaration (or definition), e.g.

This represents one expression.

Represents a function declaration or definition.

It wraps the AnalysisDeclContext to represent both the call stack with the help of StackFrameContext ...

A (possibly-)qualified type.

bool isNull() const

Return true if this QualType doesn't point to a type yet.

QualType getUnqualifiedType() const

Retrieve the unqualified variant of the given type, removing as little sugar as possible.

Stmt - This represents one statement.

SourceRange getSourceRange() const LLVM_READONLY

SourceLocation tokens are not useful in isolation - they are low level value objects created/interpre...

StringLiteral - This represents a string literal expression, e.g.

unsigned getLength() const

StringRef getString() const

bool isPointerType() const

QualType getPointeeType() const

If this is a pointer, ObjC object pointer, or block pointer, this returns the respective pointee.

bool isIntegralOrEnumerationType() const

Determine whether this type is an integral or enumeration type.

Represents a variable declaration or definition.

A record of the "type" of an APSInt, used for conversions.

llvm::APSInt getValue(uint64_t RawValue) const LLVM_READONLY

APSIntPtr getMaxValue(const llvm::APSInt &v)

std::optional< APSIntPtr > evalAPSInt(BinaryOperator::Opcode Op, const llvm::APSInt &V1, const llvm::APSInt &V2)

An immutable map from CallDescriptions to arbitrary data.

A CallDescription is a pattern that can be used to match calls based on the qualified name and the ar...

Represents an abstract call to a function or method along a particular path.

CHECKER * registerChecker(AT &&... Args)

Used to register checkers.

This wrapper is used to ensure that only StringRefs originating from the CheckerRegistry are used as ...

ElementRegion is used to represent both array elements and casts.

QualType getValueType() const override

MemRegion - The root abstract class for all memory regions.

LLVM_ATTRIBUTE_RETURNS_NONNULL const RegionTy * castAs() const

RegionOffset getAsOffset() const

Compute the offset within the top level memory object.

LLVM_ATTRIBUTE_RETURNS_NONNULL const MemRegion * StripCasts(bool StripBaseAndDerivedCasts=true) const

LLVM_ATTRIBUTE_RETURNS_NONNULL const MemRegion * getBaseRegion() const

Put a diagnostic on return statement of all inlined functions for which the region of interest Region...

Information about invalidation for a particular region/symbol.

@ TK_PreserveContents

Tells that a region's contents is not changed.

@ TK_DoNotInvalidateSuperRegion

@ TK_SuppressEscape

Suppress pointer-escaping of a region.

void setTrait(SymbolRef Sym, InvalidationKinds IK)

Represent a region's offset within the top level base region.

DefinedOrUnknownSVal makeZeroVal(QualType type)

Construct an SVal representing '0' for the specified type.

BasicValueFactory & getBasicValueFactory()

virtual SVal evalBinOpLN(ProgramStateRef state, BinaryOperator::Opcode op, Loc lhs, NonLoc rhs, QualType resultTy)=0

Create a new value which represents a binary expression with a memory location and non-location opera...

DefinedSVal getMetadataSymbolVal(const void *symbolTag, const MemRegion *region, const Expr *expr, QualType type, const LocationContext *LCtx, unsigned count)

virtual SVal evalBinOpLL(ProgramStateRef state, BinaryOperator::Opcode op, Loc lhs, Loc rhs, QualType resultTy)=0

Create a new value which represents a binary expression with two memory location operands.

ASTContext & getContext()

nonloc::ConcreteInt makeIntVal(const IntegerLiteral *integer)

QualType getArrayIndexType() const

loc::MemRegionVal makeLoc(SymbolRef sym)

virtual SVal evalBinOpNN(ProgramStateRef state, BinaryOperator::Opcode op, NonLoc lhs, NonLoc rhs, QualType resultTy)=0

Create a new value which represents a binary expression with two non- location operands.

SVal evalCast(SVal V, QualType CastTy, QualType OriginalTy)

Cast a given SVal to another SVal using given QualType's.

DefinedOrUnknownSVal conjureSymbolVal(const void *symbolTag, const Expr *expr, const LocationContext *LCtx, unsigned count)

Create a new symbol with a unique 'name'.

QualType getConditionType() const

SVal evalEQ(ProgramStateRef state, SVal lhs, SVal rhs)

NonLoc makeZeroArrayIndex()

SVal evalBinOp(ProgramStateRef state, BinaryOperator::Opcode op, SVal lhs, SVal rhs, QualType type)

SVal - This represents a symbolic expression, which can be either an L-value or an R-value.

std::optional< T > getAs() const

Convert to the specified SVal type, returning std::nullopt if this SVal is not of the desired type.

const MemRegion * getAsRegion() const

T castAs() const

Convert to the specified SVal type, asserting that this SVal is of the desired type.

StringRegion - Region associated with a StringLiteral.

LLVM_ATTRIBUTE_RETURNS_NONNULL const StringLiteral * getStringLiteral() const

SubRegion - A region that subsets another larger region.

LLVM_ATTRIBUTE_RETURNS_NONNULL const MemRegion * getSuperRegion() const

llvm::iterator_range< symbol_iterator > symbols() const

A class responsible for cleaning up unused symbols.

bool isDead(SymbolRef sym)

Returns whether or not a symbol has been confirmed dead.

void markInUse(SymbolRef sym)

Marks a symbol as important to a checker.

TypedValueRegion - An abstract class representing regions having a typed value.

__inline void unsigned int _2

const internal::VariadicAllOfMatcher< Type > type

Matches Types in the clang AST.

const internal::VariadicDynCastAllOfMatcher< Stmt, Expr > expr

Matches expressions.

bool trackExpressionValue(const ExplodedNode *N, const Expr *E, PathSensitiveBugReport &R, TrackingOptions Opts={})

Attempts to add visitors to track expression value back to its point of origin.

const char *const UnixAPI

DefinedOrUnknownSVal getDynamicExtent(ProgramStateRef State, const MemRegion *MR, SValBuilder &SVB)

llvm::DenseSet< SymbolRef > InvalidatedSymbols

bool Zero(InterpState &S, CodePtr OpPC)

The JSON file list parser is used to communicate input to InstallAPI.

LLVM_READONLY char toUppercase(char c)

Converts the given ASCII character to its uppercase equivalent.

const FunctionProtoType * T

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4