[Analyzer] Model STL Algoirthms to improve the iterator checkers (b198f16e) · Commits · llvm-doe / llvm-project

clang/include/clang/StaticAnalyzer/Checkers/Checkers.td

+13 −0

Original line number	Diff line number	Diff line
		@@ -622,6 +622,19 @@ def IteratorModeling : Checker<"IteratorModeling">,
		Documentation<NotDocumented>,
		Hidden;

		def STLAlgorithmModeling : Checker<"STLAlgorithmModeling">,
		HelpText<"Models the algorithm library of the C++ STL.">,
		CheckerOptions<[
		CmdLineOption<Boolean,
		"AggressiveStdFindModeling",
		"Enables exploration of the failure branch in std::find-like "
		"functions.",
		"false",
		Released>
		]>,
		Dependencies<[ContainerModeling]>,
		Documentation<NotDocumented>;

		def InvalidatedIteratorChecker : Checker<"InvalidatedIterator">,
		HelpText<"Check for use of invalidated iterators">,
		Dependencies<[IteratorModeling]>,

+1 −0

Original line number	Diff line number	Diff line
		@@ -99,6 +99,7 @@ add_clang_library(clangStaticAnalyzerCheckers
		SmartPtrModeling.cpp
		StackAddrEscapeChecker.cpp
		StdLibraryFunctionsChecker.cpp
		STLAlgorithmModeling.cpp
		StreamChecker.cpp
		Taint.cpp
		TaintTesterChecker.cpp

+14 −0

Original line number	Diff line number	Diff line
		@@ -177,6 +177,20 @@ ProgramStateRef setIteratorPosition(ProgramStateRef State, const SVal &Val,
		return nullptr;
		}

		ProgramStateRef createIteratorPosition(ProgramStateRef State, const SVal &Val,
		const MemRegion Cont, const Stmt S,
		const LocationContext *LCtx,
		unsigned blockCount) {
		auto &StateMgr = State->getStateManager();
		auto &SymMgr = StateMgr.getSymbolManager();
		auto &ACtx = StateMgr.getContext();

		auto Sym = SymMgr.conjureSymbol(S, LCtx, ACtx.LongTy, blockCount);
		State = assumeNoOverflow(State, Sym, 4);
		return setIteratorPosition(State, Val,
		IteratorPosition::getPosition(Cont, Sym));
		}

		ProgramStateRef advancePosition(ProgramStateRef State, const SVal &Iter,
		OverloadedOperatorKind Op,
		const SVal &Distance) {

+4 −0

Original line number	Diff line number	Diff line
		@@ -159,6 +159,10 @@ const IteratorPosition *getIteratorPosition(ProgramStateRef State,
		const SVal &Val);
		ProgramStateRef setIteratorPosition(ProgramStateRef State, const SVal &Val,
		const IteratorPosition &Pos);
		ProgramStateRef createIteratorPosition(ProgramStateRef State, const SVal &Val,
		const MemRegion Cont, const Stmt S,
		const LocationContext *LCtx,
		unsigned blockCount);
		ProgramStateRef advancePosition(ProgramStateRef State,
		const SVal &Iter,
		OverloadedOperatorKind Op,

+3 −6

Original line number	Diff line number	Diff line
		@@ -487,12 +487,9 @@ void IteratorModeling::assignToContainer(CheckerContext &C, const Expr *CE,
		Cont = Cont->getMostDerivedObjectRegion();

		auto State = C.getState();
		auto &SymMgr = C.getSymbolManager();
		auto Sym = SymMgr.conjureSymbol(CE, C.getLocationContext(),
		C.getASTContext().LongTy, C.blockCount());
		State = assumeNoOverflow(State, Sym, 4);
		State = setIteratorPosition(State, RetVal,
		IteratorPosition::getPosition(Cont, Sym));
		const auto *LCtx = C.getLocationContext();
		State = createIteratorPosition(State, RetVal, Cont, CE, LCtx, C.blockCount());

		C.addTransition(State);
		}