1//===--- Checkers.td - Static Analyzer Checkers -===-----------------------===// 2// 3// The LLVM Compiler Infrastructure 4// 5// This file is distributed under the University of Illinois Open Source 6// License. See LICENSE.TXT for details. 7// 8//===----------------------------------------------------------------------===// 9 10include "clang/StaticAnalyzer/Checkers/CheckerBase.td" 11 12//===----------------------------------------------------------------------===// 13// Groups. 14//===----------------------------------------------------------------------===// 15 16def AllExperimental : CheckerGroup<"all-experimental">; 17 18//===----------------------------------------------------------------------===// 19// Packages. 20//===----------------------------------------------------------------------===// 21 22def Core : Package<"core">; 23def CoreBuiltin : Package<"builtin">, InPackage<Core>; 24def CoreUninitialized : Package<"uninitialized">, InPackage<Core>; 25def CoreExperimental : Package<"experimental">, InPackage<Core>, 26 InGroup<AllExperimental>, Hidden; 27 28def Cplusplus : Package<"cplusplus">; 29def CplusplusExperimental : Package<"experimental">, InPackage<Cplusplus>, 30 InGroup<AllExperimental>, Hidden; 31 32def DeadCode : Package<"deadcode">; 33def DeadCodeExperimental : Package<"experimental">, InPackage<DeadCode>, 34 InGroup<AllExperimental>, Hidden; 35 36def Security : Package <"security">; 37def SecurityExperimental : Package<"experimental">, InPackage<Security>, 38 InGroup<AllExperimental>, Hidden; 39 40def Unix : Package<"unix">; 41def UnixExperimental : Package<"experimental">, InPackage<Unix>, 42 InGroup<AllExperimental>, Hidden; 43 44def OSX : Package<"osx">; 45def Cocoa : Package<"cocoa">, InPackage<OSX>; 46def CocoaExperimental : Package<"experimental">, InPackage<Cocoa>, 47 InGroup<AllExperimental>, Hidden; 48def CoreFoundation : Package<"coreFoundation">, InPackage<OSX>; 49 50def LLVM : Package<"llvm">; 51def Debug : Package<"debug">; 52 53//===----------------------------------------------------------------------===// 54// Core Checkers. 55//===----------------------------------------------------------------------===// 56 57let ParentPackage = Core in { 58 59def DereferenceChecker : Checker<"NullDereference">, 60 HelpText<"Check for dereferences of null pointers">, 61 DescFile<"DereferenceChecker.cpp">; 62 63def CallAndMessageChecker : Checker<"CallAndMessage">, 64 HelpText<"Check for logical errors for function calls and Objective-C message expressions (e.g., uninitialized arguments, null function pointers)">, 65 DescFile<"CallAndMessageChecker.cpp">; 66 67def AdjustedReturnValueChecker : Checker<"AdjustedReturnValue">, 68 HelpText<"Check to see if the return value of a function call is different than the caller expects (e.g., from calls through function pointers)">, 69 DescFile<"AdjustedReturnValueChecker.cpp">; 70 71def AttrNonNullChecker : Checker<"AttributeNonNull">, 72 HelpText<"Check for null pointers passed as arguments to a function whose arguments are marked with the 'nonnull' attribute">, 73 DescFile<"AttrNonNullChecker.cpp">; 74 75def VLASizeChecker : Checker<"VLASize">, 76 HelpText<"Check for declarations of VLA of undefined or zero size">, 77 DescFile<"VLASizeChecker.cpp">; 78 79def DivZeroChecker : Checker<"DivideZero">, 80 HelpText<"Check for division by zero">, 81 DescFile<"DivZeroChecker.cpp">; 82 83def UndefResultChecker : Checker<"UndefinedBinaryOperatorResult">, 84 HelpText<"Check for undefined results of binary operators">, 85 DescFile<"UndefResultChecker.cpp">; 86 87def StackAddrEscapeChecker : Checker<"StackAddressEscape">, 88 HelpText<"Check that addresses to stack memory do not escape the function">, 89 DescFile<"StackAddrEscapeChecker.cpp">; 90 91} // end "core" 92 93let ParentPackage = CoreExperimental in { 94 95def CastSizeChecker : Checker<"CastSize">, 96 HelpText<"Check when casting a malloc'ed type T, whether the size is a multiple of the size of T">, 97 DescFile<"CastSizeChecker.cpp">; 98 99def CastToStructChecker : Checker<"CastToStruct">, 100 HelpText<"Check for cast from non-struct pointer to struct pointer">, 101 DescFile<"CastToStructChecker.cpp">; 102 103def FixedAddressChecker : Checker<"FixedAddr">, 104 HelpText<"Check for assignment of a fixed address to a pointer">, 105 DescFile<"FixedAddressChecker.cpp">; 106 107def PointerArithChecker : Checker<"PointerArithm">, 108 HelpText<"Check for pointer arithmetic on locations other than array elements">, 109 DescFile<"PointerArithChecker">; 110 111def PointerSubChecker : Checker<"PointerSub">, 112 HelpText<"Check for pointer subtractions on two pointers pointing to different memory chunks">, 113 DescFile<"PointerSubChecker">; 114 115def SizeofPointerChecker : Checker<"SizeofPtr">, 116 HelpText<"Warn about unintended use of sizeof() on pointer expressions">, 117 DescFile<"CheckSizeofPointer.cpp">; 118 119} // end "core.experimental" 120 121//===----------------------------------------------------------------------===// 122// Evaluate "builtin" functions. 123//===----------------------------------------------------------------------===// 124 125let ParentPackage = CoreBuiltin in { 126 127def NoReturnFunctionChecker : Checker<"NoReturnFunctions">, 128 HelpText<"Evaluate \"panic\" functions that are known to not return to the caller">, 129 DescFile<"NoReturnFunctionChecker.cpp">; 130 131def BuiltinFunctionChecker : Checker<"BuiltinFunctions">, 132 HelpText<"Evaluate compiler builtin functions (e.g., alloca())">, 133 DescFile<"BuiltinFunctionChecker.cpp">; 134 135} // end "core.builtin" 136 137//===----------------------------------------------------------------------===// 138// Uninitialized values checkers. 139//===----------------------------------------------------------------------===// 140 141let ParentPackage = CoreUninitialized in { 142 143def UndefinedArraySubscriptChecker : Checker<"ArraySubscript">, 144 HelpText<"Check for uninitialized values used as array subscripts">, 145 DescFile<"UndefinedArraySubscriptChecker.cpp">; 146 147def UndefinedAssignmentChecker : Checker<"Assign">, 148 HelpText<"Check for assigning uninitialized values">, 149 DescFile<"UndefinedAssignmentChecker.cpp">; 150 151def UndefBranchChecker : Checker<"Branch">, 152 HelpText<"Check for uninitialized values used as branch conditions">, 153 DescFile<"UndefBranchChecker.cpp">; 154 155def UndefCapturedBlockVarChecker : Checker<"CapturedBlockVariable">, 156 HelpText<"Check for blocks that capture uninitialized values">, 157 DescFile<"UndefCapturedBlockVarChecker.cpp">; 158 159def ReturnUndefChecker : Checker<"UndefReturn">, 160 HelpText<"Check for uninitialized values being returned to the caller">, 161 DescFile<"ReturnUndefChecker.cpp">; 162 163} // end "core.uninitialized" 164 165//===----------------------------------------------------------------------===// 166// C++ checkers. 167//===----------------------------------------------------------------------===// 168 169let ParentPackage = CplusplusExperimental in { 170 171def IteratorsChecker : Checker<"Iterators">, 172 HelpText<"Check improper uses of STL vector iterators">, 173 DescFile<"IteratorsChecker.cpp">; 174 175} // end: "cplusplus.experimental" 176 177//===----------------------------------------------------------------------===// 178// Deadcode checkers. 179//===----------------------------------------------------------------------===// 180 181let ParentPackage = DeadCode in { 182 183def DeadStoresChecker : Checker<"DeadStores">, 184 HelpText<"Check for values stored to variables that are never read afterwards">, 185 DescFile<"DeadStoresChecker.cpp">; 186 187def IdempotentOperationChecker : Checker<"IdempotentOperations">, 188 HelpText<"Warn about idempotent operations">, 189 DescFile<"IdempotentOperationChecker.cpp">; 190 191} // end DeadCode 192 193let ParentPackage = DeadCodeExperimental in { 194 195def UnreachableCodeChecker : Checker<"UnreachableCode">, 196 HelpText<"Check unreachable code">, 197 DescFile<"UnreachableCodeChecker.cpp">; 198 199} // end "deadcode.experimental" 200 201//===----------------------------------------------------------------------===// 202// Security checkers. 203//===----------------------------------------------------------------------===// 204 205let ParentPackage = SecurityExperimental in { 206 207def SecuritySyntaxChecker : Checker<"SecuritySyntactic">, 208 HelpText<"Perform quick security API checks that require no data flow">, 209 DescFile<"CheckSecuritySyntaxOnly.cpp">; 210 211def ArrayBoundChecker : Checker<"ArrayBound">, 212 HelpText<"Warn about buffer overflows (older checker)">, 213 DescFile<"ArrayBoundChecker.cpp">; 214 215def ArrayBoundCheckerV2 : Checker<"ArrayBoundV2">, 216 HelpText<"Warn about buffer overflows (newer checker)">, 217 DescFile<"ArrayBoundCheckerV2.cpp">; 218 219def ReturnPointerRangeChecker : Checker<"ReturnPtrRange">, 220 HelpText<"Check for an out-of-bound pointer being returned to callers">, 221 DescFile<"ReturnPointerRangeChecker.cpp">; 222 223} // end "security.experimental" 224 225//===----------------------------------------------------------------------===// 226// Unix API checkers. 227//===----------------------------------------------------------------------===// 228 229let ParentPackage = Unix in { 230 231def UnixAPIChecker : Checker<"API">, 232 HelpText<"Check calls to various UNIX/Posix functions">, 233 DescFile<"UnixAPIChecker.cpp">; 234 235} // end "unix" 236 237let ParentPackage = UnixExperimental in { 238 239def ChrootChecker : Checker<"Chroot">, 240 HelpText<"Check improper use of chroot">, 241 DescFile<"ChrootChecker.cpp">; 242 243def CStringChecker : Checker<"CString">, 244 HelpText<"Check calls to functions in <string.h>">, 245 DescFile<"CStringChecker.cpp">; 246 247def MallocChecker : Checker<"Malloc">, 248 HelpText<"Check for potential memory leaks, double free, and use-after-free problems">, 249 DescFile<"MallocChecker.cpp">; 250 251def PthreadLockChecker : Checker<"PthreadLock">, 252 HelpText<"Simple lock -> unlock checker">, 253 DescFile<"PthreadLockChecker.cpp">; 254 255def StreamChecker : Checker<"Stream">, 256 HelpText<"Check stream handling functions">, 257 DescFile<"StreamChecker.cpp">; 258 259} // end "unix.experimental" 260 261//===----------------------------------------------------------------------===// 262// Mac OS X, Cocoa, and Core Foundation checkers. 263//===----------------------------------------------------------------------===// 264 265let ParentPackage = OSX in { 266 267def MacOSXAPIChecker : Checker<"API">, 268 InPackage<OSX>, 269 HelpText<"Check for proper uses of various Mac OS X APIs">, 270 DescFile<"MacOSXAPIChecker.cpp">; 271 272def OSAtomicChecker : Checker<"AtomicCAS">, 273 InPackage<OSX>, 274 HelpText<"Evaluate calls to OSAtomic functions">, 275 DescFile<"OSAtomicChecker.cpp">; 276 277} // end "macosx" 278 279let ParentPackage = Cocoa in { 280 281def ObjCAtSyncChecker : Checker<"AtSync">, 282 HelpText<"Check for null pointers used as mutexes for @synchronized">, 283 DescFile<"ObjCAtSyncChecker.cpp">; 284 285def NilArgChecker : Checker<"NilArg">, 286 HelpText<"Check for prohibited nil arguments to ObjC method calls">, 287 DescFile<"BasicObjCFoundationChecks.cpp">; 288 289def ClassReleaseChecker : Checker<"ClassRelease">, 290 HelpText<"Check for sending 'retain', 'release', or 'autorelease' directly to a Class">, 291 DescFile<"BasicObjCFoundationChecks.cpp">; 292 293def VariadicMethodTypeChecker : Checker<"VariadicMethodTypes">, 294 HelpText<"Check for passing non-Objective-C types to variadic methods that expect" 295 "only Objective-C types">, 296 DescFile<"BasicObjCFoundationChecks.cpp">; 297 298def NSAutoreleasePoolChecker : Checker<"NSAutoreleasePool">, 299 HelpText<"Warn for suboptimal uses of NSAutoreleasePool in Objective-C GC mode">, 300 DescFile<"NSAutoreleasePoolChecker.cpp">; 301 302def ObjCMethSigsChecker : Checker<"IncompatibleMethodTypes">, 303 HelpText<"Warn about Objective-C method signatures with type incompatibilities">, 304 DescFile<"CheckObjCInstMethSignature.cpp">; 305 306def ObjCUnusedIvarsChecker : Checker<"UnusedIvars">, 307 HelpText<"Warn about private ivars that are never used">, 308 DescFile<"ObjCUnusedIVarsChecker.cpp">; 309 310def NSErrorChecker : Checker<"NSError">, 311 HelpText<"Check usage of NSError** parameters">, 312 DescFile<"NSErrorChecker.cpp">; 313 314} // end "cocoa" 315 316let ParentPackage = CocoaExperimental in { 317 318def ObjCSelfInitChecker : Checker<"SelfInit">, 319 HelpText<"Check that 'self' is properly initialized inside an initializer method">, 320 DescFile<"ObjCSelfInitChecker.cpp">; 321 322def ObjCDeallocChecker : Checker<"Dealloc">, 323 HelpText<"Warn about Objective-C classes that lack a correct implementation of -dealloc">, 324 DescFile<"CheckObjCDealloc.cpp">; 325 326} // end "cocoa.experimental" 327 328let ParentPackage = CoreFoundation in { 329 330def CFNumberCreateChecker : Checker<"CFNumber">, 331 HelpText<"Check for proper uses of CFNumberCreate">, 332 DescFile<"BasicObjCFoundationChecks.cpp">; 333 334def CFRetainReleaseChecker : Checker<"CFRetainRelease">, 335 HelpText<"Check for null arguments to CFRetain/CFRelease">, 336 DescFile<"BasicObjCFoundationChecks.cpp">; 337 338def CFErrorChecker : Checker<"CFError">, 339 HelpText<"Check usage of CFErrorRef* parameters">, 340 DescFile<"NSErrorChecker.cpp">; 341} 342 343//===----------------------------------------------------------------------===// 344// Checkers for LLVM development. 345//===----------------------------------------------------------------------===// 346 347def LLVMConventionsChecker : Checker<"Conventions">, 348 InPackage<LLVM>, 349 HelpText<"Check code for LLVM codebase conventions">, 350 DescFile<"LLVMConventionsChecker.cpp">; 351 352//===----------------------------------------------------------------------===// 353// Debugging checkers (for analyzer development). 354//===----------------------------------------------------------------------===// 355 356let ParentPackage = Debug in { 357 358def LiveVariablesDumper : Checker<"DumpLiveVars">, 359 HelpText<"Print results of live variable analysis">, 360 DescFile<"DebugCheckers.cpp">; 361 362def CFGViewer : Checker<"ViewCFG">, 363 HelpText<"View Control-Flow Graphs using GraphViz">, 364 DescFile<"DebugCheckers.cpp">; 365 366def CFGDumper : Checker<"DumpCFG">, 367 HelpText<"Display Control-Flow Graphs">, 368 DescFile<"DebugCheckers.cpp">; 369 370def AnalyzerStatsChecker : Checker<"Stats">, 371 HelpText<"Emit warnings with analyzer statistics">, 372 DescFile<"AnalyzerStatsChecker.cpp">; 373 374} // end "debug" 375 376