StackAddrEscapeChecker.cpp - OpenGrok cross reference for /freebsd-src/contrib/llvm-project/clang/lib/StaticAnalyzer/Checkers/StackAddrEscapeChecker.cpp

Lines Matching +full:local +full:- +full:bd +full:- +full:address
1 //=== StackAddrEscapeChecker.cpp ----------------------------------*- C++ -*--//
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
7 //===----------------------------------------------------------------------===//
9 // This file defines stack address leak checker, which checks if an invalid
10 // stack address is stored into a global or heap location. See CERT DCL30-C.
12 //===----------------------------------------------------------------------===//
71   R = R->getBaseRegion();  in genName()
74   os << "Address of ";  in genName()
78     const CompoundLiteralExpr *CL = CR->getLiteralExpr();  in genName()
81        << SM.getExpansionLineNumber(CL->getBeginLoc()) << " returned to caller";  in genName()
82     range = CL->getSourceRange();  in genName()
84     const Expr *ARE = AR->getExpr();  in genName()
85     SourceLocation L = ARE->getBeginLoc();  in genName()
86     range = ARE->getSourceRange();  in genName()
90     const BlockDecl *BD = BR->getCodeRegion()->getDecl();  in genName()  local
91     SourceLocation L = BD->getBeginLoc();  in genName()
92     range = BD->getSourceRange();  in genName()
93     os << "stack-allocated block declared on line "  in genName()
96     os << "stack memory associated with local variable '" << VR->getString()  in genName()
98     range = VR->getDecl()->getSourceRange();  in genName()
100     QualType Ty = LER->getValueType().getLocalUnqualifiedType();  in genName()
103     os << "' lifetime extended by local variable";  in genName()
104     if (const IdentifierInfo *ID = LER->getExtendingDecl()->getIdentifier())  in genName()
105       os << " '" << ID->getName() << '\'';  in genName()
106     range = LER->getExpr()->getSourceRange();  in genName()
108     QualType Ty = TOR->getValueType().getLocalUnqualifiedType();  in genName()
112     range = TOR->getExpr()->getSourceRange();  in genName()
122   const StackSpaceRegion *S = cast<StackSpaceRegion>(R->getMemorySpace());  in isNotInCurrentFrame()
123   return S->getStackFrame() != C.getStackFrame();  in isNotInCurrentFrame()
130     const auto *T = C.getVariable()->getType()->getAs<TypedefType>();  in isSemaphoreCaptured()
131     if (T && T->getDecl()->getIdentifier() == dispatch_semaphore_tII)  in isSemaphoreCaptured()
142     SVal Val = C.getState()->getSVal(Var.getCapturedRegion());  in getCapturedStackRegions()
144     if (Region && isa<StackSpaceRegion>(Region->getMemorySpace()))  in getCapturedStackRegions()
159         "Return of address to stack-allocated memory");  in EmitStackError()
167   report->addRange(RetE->getSourceRange());  in EmitStackError()
169     report->addRange(range);  in EmitStackError()
175   // There is a not-too-uncommon idiom  in checkAsyncExecutedBlockCaptures()
179   // via dispatch_semaphore_wait. To avoid false-positives (for now)  in checkAsyncExecutedBlockCaptures()
199           "Address of stack-allocated memory is captured");  in checkAsyncExecutedBlockCaptures()
203     Out << " is captured by an asynchronously-executed block";  in checkAsyncExecutedBlockCaptures()
207       Report->addRange(Range);  in checkAsyncExecutedBlockCaptures()
223           "Address of stack-allocated memory is captured");  in checkReturnedBlockCaptures()
231       Report->addRange(Range);  in checkReturnedBlockCaptures()
255   const Expr *RetE = RS->getRetValue();  in checkPreStmt()
258   RetE = RetE->IgnoreParens();  in checkPreStmt()
268   if (!isa<StackSpaceRegion>(R->getMemorySpace()) || isNotInCurrentFrame(R, C))  in checkPreStmt()
272   // expression will be a copy-constructor, possibly wrapped in an  in checkPreStmt()
275     RetE = Cleanup->getSubExpr();  in checkPreStmt()
276   if (isa<CXXConstructExpr>(RetE) && RetE->getType()->isRecordType())  in checkPreStmt()
280   // so the stack address is not escaping here.  in checkPreStmt()
283         ICE->getCastKind() == CK_CopyAndAutoreleaseBlockObject) {  in checkPreStmt()
311           Referrer->getMemorySpace()->getAs<StackSpaceRegion>();  in checkEndFunction()
313           Referred->getMemorySpace()->getAs<StackSpaceRegion>();  in checkEndFunction()
318       const auto *ReferrerFrame = ReferrerMemSpace->getStackFrame();  in checkEndFunction()
319       const auto *ReferredFrame = ReferredMemSpace->getStackFrame();  in checkEndFunction()
323             ReferrerFrame->isParentOf(PoppedFrame)) {  in checkEndFunction()
346       if (!isa<GlobalsSpaceRegion>(Region->getMemorySpace()))  in checkEndFunction()
348       if (VR && VR->hasStackStorage() && !isNotInCurrentFrame(VR, Ctx))  in checkEndFunction()
355   State->getStateManager().getStoreManager().iterBindings(State->getStore(),  in checkEndFunction()
369                                   "Stack address stored into global variable");  in checkEndFunction()
372     const MemRegion *Referrer = P.first->getBaseRegion();  in checkEndFunction()
388         Report->addRange(Range);  in checkEndFunction()
400     }(Referrer->getMemorySpace());  in checkEndFunction()
411         ReferrerVar->getDecl()->getDeclName().getAsString();  in checkEndFunction()
418       Report->addRange(Range);  in checkEndFunction()
435     Chk->ChecksEnabled[StackAddrEscapeChecker::CK_##name] = true;              \
436     Chk->CheckNames[StackAddrEscapeChecker::CK_##name] =                       \