[cfe-dev] Static Checker: getting svals for a struct field value
McDowell, Raymond C. via cfe-dev
cfe-dev at lists.llvm.org
Fri May 13 10:14:16 PDT 2016
Thanks, Alexey, for your help.
Here’s a more detailed explanation of what I’m trying to do. In our project we’ve created a struct type containing a pointer to a buffer and the size of the buffer (in bytes), so that we can pass these around together and not lose track of the buffer size. I’m trying to write a checker that will make sure that any buffer access is in bounds by checking that 0 <= offset and offset + chunk_size < buffer_size, where chunk_size is the size of the data being read from / written to the buffer.
Your suggestions have helped a lot, but I’m still stuck getting from the Buffer (struct) SVal to its RecordType. You said to use SVal::getAsRegion() method to get the MemRegion. The next step would seem to be using the getValueType() and getAsStructureType() methods, but first I need to convert the MemRegion to a VarRegion or a TypedValueRegion. I tried each of these (using MemRegion::getAs), but both resulted in the checker crashing.
From: Alexey Sidorin [mailto:alexey.v.sidorin at ya.ru]
Sent: Monday, May 09, 2016 5:16 PM
To: McDowell, Raymond C.; cfe-dev at lists.llvm.org
Subject: Re: [cfe-dev] Static Checker: getting svals for a struct field value
Hello Raymond,
1. You can get the Store with ProgramState::getStore() method().
2. To process an SVal representing a region, you may use SVal::getAsRegion() method. But I'm not sure what you really need here, could you explain more detailedly?
3. Your approach for FieldRegion will work, but it is better to search for a FieldDecl in your RecordDecl first and only then get its FieldRegion. FieldDecl has getName() method allowing doing this, so your code will look like:
for (const auto *F : structRD->fields()) {
if (F->getName == "fieldName") {
FieldRegion *FR = MRMgr.getFieldRegion(F, structReg);
size = State->getSVal(FR);
}
}
where State is of ProgramStateRef type.
09.05.2016 21:55, McDowell, Raymond C. via cfe-dev пишет:
I am new to building Clang static checkers and need some help. I am implementing a PreCall callback function that checks calls to a certain family of functions (from a local library) that takes a struct as an argument. I see how to get the SVal and Expr for the argument using CallEvent::getArgSVal() and CallEvent::getArgExpr(). What I’m struggling with is how to go from the SVal for the struct to an SVal for one of its fields. In particular, how do I get the memory region associated with the struct value? Once I have that, I think I know how to go from there, e.g.:
RecordType *structTy = structReg->getValueType()->getAsStructureType();
assert(structTy && “Value is not a structure”);
RecordDecl *structRD = structTy ->getDecl()->getDefinition();
assert(structRD && “structure has no definition”);
for (const auto *F : structRD->fields()) {
FieldRegion *FR = MRMgr.getFieldRegion(F, structReg);
if (FR->getDec()->getName() == “fieldName”)
size = StoreMgr.getBinding(store, loc::MemRegionVal(FR));
}
But how do I get the memory region structReg? And how do I get the Store store?
Thanks!
_______________________________________________
cfe-dev mailing list
cfe-dev at lists.llvm.org<mailto:cfe-dev at lists.llvm.org>
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20160513/0ba7cdeb/attachment.html>
More information about the cfe-dev
mailing list