This is an archive of the discontinued LLVM Phabricator instance.

Differential D92771

[analyzer][StdLibraryFunctionsChecker] Add more return value contraints
ClosedPublic

Authored by martong on Dec 7 2020, 9:37 AM.

Details

Reviewers
steakhal
Szelethus
Commits
rGfebe75032f6f: [analyzer][StdLibraryFunctionsChecker] Add more return value contraints
Summary

This time, we add contraints to functions that either return with [0, -1] or with a file descriptor.

Diff Detail

Event Timeline

martong created this revision.Dec 7 2020, 9:37 AM
Herald added a reviewer: Szelethus. · View Herald TranscriptDec 7 2020, 9:37 AM
Herald added subscribers: ASDenysPetrov, Charusso, gamesh411 and 10 others. · View Herald Transcript
martong requested review of this revision.Dec 7 2020, 9:37 AM
Herald added a project: Restricted Project. · View Herald TranscriptDec 7 2020, 9:37 AM
Herald added a subscriber: cfe-commits. · View Herald Transcript
Harbormaster completed remote builds in B81310: Diff 309940.Dec 7 2020, 10:17 AM
martong added subscribers: vsavchenko, NoQ.Dec 8 2020, 12:26 AM
steakhal accepted this revision.Dec 8 2020, 4:13 AM

It must have been a tedious task to collect all these - without any copy-paste errors, really impressive!

It's good to go, however, if you don't mind there would be some readability issues yet to solve in a later path in the inline comments.

clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp
1367–1368

I think you should hoist this ArgumentCondition construction with a lambda call. It would lead to more readable summaries.

const auto ValidFileDescriptorArgAt = [](unsigned ArgIdx) {
  return ArgumentCondition(ArgIdx, WithinRange, Range(0, IntMax))));
};

Probably the very same principle would apply for handling off_t arguments.

You can probably find a better name, but you get the idea.
If you agree on this, you could create a follow-up patch.

1888

The same principle applies here too.

1905

It's a sane overapproximation. Perfectly fine for us.

This revision is now accepted and ready to land.Dec 8 2020, 4:13 AM
steakhal added a comment.Dec 8 2020, 4:14 AM

One more thing.
Please reflow the path's summary, to keep the range constraint in a single line.

martong edited the summary of this revision. (Show Details)Dec 8 2020, 7:32 AM
martong marked 3 inline comments as done.Dec 8 2020, 8:03 AM

Thanks for the review!

clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp
1367–1368

Good idea, thanks! I am going to create another patch for this (and another for exec* functions).

This revision was landed with ongoing or failed builds.Dec 8 2020, 8:06 AM
Closed by commit rGfebe75032f6f: [analyzer][StdLibraryFunctionsChecker] Add more return value contraints (authored by martong). · Explain Why
This revision was automatically updated to reflect the committed changes.
martong marked an inline comment as done.
martong added a commit: rGfebe75032f6f: [analyzer][StdLibraryFunctionsChecker] Add more return value contraints.

Revision Contents

PathSize
clang/
lib/
StaticAnalyzer/
Checkers/
196 lines

Diff 310222

clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp

Show First 20 LinesShow All 1,316 Lines▼ Show 20 Lines if (ModelPOSIX) {
// char *l64a(long value); // char *l64a(long value);
addToFunctionSummaryMap("l64a", addToFunctionSummaryMap("l64a",
Signature(ArgTypes{LongTy}, RetType{CharPtrTy}), Signature(ArgTypes{LongTy}, RetType{CharPtrTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.ArgConstraint(ArgumentCondition( .ArgConstraint(ArgumentCondition(
0, WithinRange, Range(0, LongMax)))); 0, WithinRange, Range(0, LongMax))));
const auto ReturnsZeroOrMinusOne =
ConstraintSet{ReturnValueCondition(WithinRange, Range(-1, 0))};
const auto ReturnsFileDescriptor =
ConstraintSet{ReturnValueCondition(WithinRange, Range(-1, IntMax))};
// int access(const char *pathname, int amode); // int access(const char *pathname, int amode);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"access", Signature(ArgTypes{ConstCharPtrTy, IntTy}, RetType{IntTy}), "access", Signature(ArgTypes{ConstCharPtrTy, IntTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))));
// int faccessat(int dirfd, const char *pathname, int mode, int flags); // int faccessat(int dirfd, const char *pathname, int mode, int flags);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"faccessat", "faccessat",
Signature(ArgTypes{IntTy, ConstCharPtrTy, IntTy, IntTy}, Signature(ArgTypes{IntTy, ConstCharPtrTy, IntTy, IntTy},
RetType{IntTy}), RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(1)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(1))));
// int dup(int fildes); // int dup(int fildes);
addToFunctionSummaryMap("dup", Signature(ArgTypes{IntTy}, RetType{IntTy}), addToFunctionSummaryMap("dup", Signature(ArgTypes{IntTy}, RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsFileDescriptor)
.ArgConstraint(ArgumentCondition( .ArgConstraint(ArgumentCondition(
0, WithinRange, Range(0, IntMax)))); 0, WithinRange, Range(0, IntMax))));
// int dup2(int fildes1, int filedes2); // int dup2(int fildes1, int filedes2);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"dup2", Signature(ArgTypes{IntTy, IntTy}, RetType{IntTy}), "dup2", Signature(ArgTypes{IntTy, IntTy}, RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsFileDescriptor)
.ArgConstraint(ArgumentCondition(0, WithinRange, Range(0, IntMax))) .ArgConstraint(ArgumentCondition(0, WithinRange, Range(0, IntMax)))
.ArgConstraint( .ArgConstraint(
ArgumentCondition(1, WithinRange, Range(0, IntMax)))); ArgumentCondition(1, WithinRange, Range(0, IntMax))));
// int fdatasync(int fildes); // int fdatasync(int fildes);
addToFunctionSummaryMap("fdatasync", addToFunctionSummaryMap("fdatasync",
Signature(ArgTypes{IntTy}, RetType{IntTy}), Signature(ArgTypes{IntTy}, RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(ArgumentCondition( .ArgConstraint(ArgumentCondition(
0, WithinRange, Range(0, IntMax)))); 0, WithinRange, Range(0, IntMax))));
steakhalUnsubmitted
Done
ReplyInline Actions

I think you should hoist this ArgumentCondition construction with a lambda call. It would lead to more readable summaries.

const auto ValidFileDescriptorArgAt = [](unsigned ArgIdx) {
  return ArgumentCondition(ArgIdx, WithinRange, Range(0, IntMax))));
};

Probably the very same principle would apply for handling off_t arguments.

You can probably find a better name, but you get the idea.
If you agree on this, you could create a follow-up patch.

steakhal: I think you should hoist this ArgumentCondition construction with a lambda call. It would lead…
martongAuthorUnsubmitted
Done
ReplyInline Actions

Good idea, thanks! I am going to create another patch for this (and another for exec* functions).

martong: Good idea, thanks! I am going to create another patch for this (and another for exec*…
// int fnmatch(const char *pattern, const char *string, int flags); // int fnmatch(const char *pattern, const char *string, int flags);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"fnmatch", "fnmatch",
Signature(ArgTypes{ConstCharPtrTy, ConstCharPtrTy, IntTy}, Signature(ArgTypes{ConstCharPtrTy, ConstCharPtrTy, IntTy},
RetType{IntTy}), RetType{IntTy}),
Summary(EvalCallAsPure) Summary(EvalCallAsPure)
.ArgConstraint(NotNull(ArgNo(0))) .ArgConstraint(NotNull(ArgNo(0)))
.ArgConstraint(NotNull(ArgNo(1)))); .ArgConstraint(NotNull(ArgNo(1))));
// int fsync(int fildes); // int fsync(int fildes);
addToFunctionSummaryMap("fsync", Signature(ArgTypes{IntTy}, RetType{IntTy}), addToFunctionSummaryMap("fsync", Signature(ArgTypes{IntTy}, RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(ArgumentCondition( .ArgConstraint(ArgumentCondition(
0, WithinRange, Range(0, IntMax)))); 0, WithinRange, Range(0, IntMax))));
Optional<QualType> Off_tTy = lookupTy("off_t"); Optional<QualType> Off_tTy = lookupTy("off_t");
// int truncate(const char *path, off_t length); // int truncate(const char *path, off_t length);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"truncate", "truncate",
Signature(ArgTypes{ConstCharPtrTy, Off_tTy}, RetType{IntTy}), Signature(ArgTypes{ConstCharPtrTy, Off_tTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))));
// int symlink(const char *oldpath, const char *newpath); // int symlink(const char *oldpath, const char *newpath);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"symlink", "symlink",
Signature(ArgTypes{ConstCharPtrTy, ConstCharPtrTy}, RetType{IntTy}), Signature(ArgTypes{ConstCharPtrTy, ConstCharPtrTy}, RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))) .ArgConstraint(NotNull(ArgNo(0)))
.ArgConstraint(NotNull(ArgNo(1)))); .ArgConstraint(NotNull(ArgNo(1))));
// int symlinkat(const char *oldpath, int newdirfd, const char *newpath); // int symlinkat(const char *oldpath, int newdirfd, const char *newpath);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"symlinkat", "symlinkat",
Signature(ArgTypes{ConstCharPtrTy, IntTy, ConstCharPtrTy}, Signature(ArgTypes{ConstCharPtrTy, IntTy, ConstCharPtrTy},
RetType{IntTy}), RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))) .ArgConstraint(NotNull(ArgNo(0)))
.ArgConstraint(ArgumentCondition(1, WithinRange, Range(0, IntMax))) .ArgConstraint(ArgumentCondition(1, WithinRange, Range(0, IntMax)))
.ArgConstraint(NotNull(ArgNo(2)))); .ArgConstraint(NotNull(ArgNo(2))));
// int lockf(int fd, int cmd, off_t len); // int lockf(int fd, int cmd, off_t len);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"lockf", Signature(ArgTypes{IntTy, IntTy, Off_tTy}, RetType{IntTy}), "lockf", Signature(ArgTypes{IntTy, IntTy, Off_tTy}, RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint( .ArgConstraint(
ArgumentCondition(0, WithinRange, Range(0, IntMax)))); ArgumentCondition(0, WithinRange, Range(0, IntMax))));
Optional<QualType> Mode_tTy = lookupTy("mode_t"); Optional<QualType> Mode_tTy = lookupTy("mode_t");
// int creat(const char *pathname, mode_t mode); // int creat(const char *pathname, mode_t mode);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"creat", Signature(ArgTypes{ConstCharPtrTy, Mode_tTy}, RetType{IntTy}), "creat", Signature(ArgTypes{ConstCharPtrTy, Mode_tTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsFileDescriptor)
.ArgConstraint(NotNull(ArgNo(0))));
// unsigned int sleep(unsigned int seconds); // unsigned int sleep(unsigned int seconds);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"sleep", Signature(ArgTypes{UnsignedIntTy}, RetType{UnsignedIntTy}), "sleep", Signature(ArgTypes{UnsignedIntTy}, RetType{UnsignedIntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.ArgConstraint( .ArgConstraint(
ArgumentCondition(0, WithinRange, Range(0, UnsignedIntMax)))); ArgumentCondition(0, WithinRange, Range(0, UnsignedIntMax))));
Optional<QualType> DirTy = lookupTy("DIR"); Optional<QualType> DirTy = lookupTy("DIR");
Optional<QualType> DirPtrTy = getPointerTy(DirTy); Optional<QualType> DirPtrTy = getPointerTy(DirTy);
// int dirfd(DIR *dirp); // int dirfd(DIR *dirp);
addToFunctionSummaryMap( addToFunctionSummaryMap("dirfd",
"dirfd", Signature(ArgTypes{DirPtrTy}, RetType{IntTy}), Signature(ArgTypes{DirPtrTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsFileDescriptor)
.ArgConstraint(NotNull(ArgNo(0))));
// unsigned int alarm(unsigned int seconds); // unsigned int alarm(unsigned int seconds);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"alarm", Signature(ArgTypes{UnsignedIntTy}, RetType{UnsignedIntTy}), "alarm", Signature(ArgTypes{UnsignedIntTy}, RetType{UnsignedIntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.ArgConstraint( .ArgConstraint(
ArgumentCondition(0, WithinRange, Range(0, UnsignedIntMax)))); ArgumentCondition(0, WithinRange, Range(0, UnsignedIntMax))));
// int closedir(DIR *dir); // int closedir(DIR *dir);
addToFunctionSummaryMap( addToFunctionSummaryMap("closedir",
"closedir", Signature(ArgTypes{DirPtrTy}, RetType{IntTy}), Signature(ArgTypes{DirPtrTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))));
// char *strdup(const char *s); // char *strdup(const char *s);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"strdup", Signature(ArgTypes{ConstCharPtrTy}, RetType{CharPtrTy}), "strdup", Signature(ArgTypes{ConstCharPtrTy}, RetType{CharPtrTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0))));
// char *strndup(const char *s, size_t n); // char *strndup(const char *s, size_t n);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"strndup", "strndup",
Signature(ArgTypes{ConstCharPtrTy, SizeTy}, RetType{CharPtrTy}), Signature(ArgTypes{ConstCharPtrTy, SizeTy}, RetType{CharPtrTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.ArgConstraint(NotNull(ArgNo(0))) .ArgConstraint(NotNull(ArgNo(0)))
.ArgConstraint( .ArgConstraint(
ArgumentCondition(1, WithinRange, Range(0, SizeMax)))); ArgumentCondition(1, WithinRange, Range(0, SizeMax))));
// wchar_t *wcsdup(const wchar_t *s); // wchar_t *wcsdup(const wchar_t *s);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"wcsdup", Signature(ArgTypes{ConstWchar_tPtrTy}, RetType{Wchar_tPtrTy}), "wcsdup", Signature(ArgTypes{ConstWchar_tPtrTy}, RetType{Wchar_tPtrTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0))));
// int mkstemp(char *template); // int mkstemp(char *template);
addToFunctionSummaryMap( addToFunctionSummaryMap("mkstemp",
"mkstemp", Signature(ArgTypes{CharPtrTy}, RetType{IntTy}), Signature(ArgTypes{CharPtrTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsFileDescriptor)
.ArgConstraint(NotNull(ArgNo(0))));
// char *mkdtemp(char *template); // char *mkdtemp(char *template);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"mkdtemp", Signature(ArgTypes{CharPtrTy}, RetType{CharPtrTy}), "mkdtemp", Signature(ArgTypes{CharPtrTy}, RetType{CharPtrTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0))));
// char *getcwd(char *buf, size_t size); // char *getcwd(char *buf, size_t size);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"getcwd", Signature(ArgTypes{CharPtrTy, SizeTy}, RetType{CharPtrTy}), "getcwd", Signature(ArgTypes{CharPtrTy, SizeTy}, RetType{CharPtrTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.ArgConstraint( .ArgConstraint(
ArgumentCondition(1, WithinRange, Range(0, SizeMax)))); ArgumentCondition(1, WithinRange, Range(0, SizeMax))));
// int mkdir(const char *pathname, mode_t mode); // int mkdir(const char *pathname, mode_t mode);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"mkdir", Signature(ArgTypes{ConstCharPtrTy, Mode_tTy}, RetType{IntTy}), "mkdir", Signature(ArgTypes{ConstCharPtrTy, Mode_tTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))));
// int mkdirat(int dirfd, const char *pathname, mode_t mode); // int mkdirat(int dirfd, const char *pathname, mode_t mode);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"mkdirat", "mkdirat",
Signature(ArgTypes{IntTy, ConstCharPtrTy, Mode_tTy}, RetType{IntTy}), Signature(ArgTypes{IntTy, ConstCharPtrTy, Mode_tTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(1)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(1))));
Optional<QualType> Dev_tTy = lookupTy("dev_t"); Optional<QualType> Dev_tTy = lookupTy("dev_t");
// int mknod(const char *pathname, mode_t mode, dev_t dev); // int mknod(const char *pathname, mode_t mode, dev_t dev);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"mknod", "mknod",
Signature(ArgTypes{ConstCharPtrTy, Mode_tTy, Dev_tTy}, RetType{IntTy}), Signature(ArgTypes{ConstCharPtrTy, Mode_tTy, Dev_tTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))));
// int mknodat(int dirfd, const char *pathname, mode_t mode, dev_t dev); // int mknodat(int dirfd, const char *pathname, mode_t mode, dev_t dev);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"mknodat", "mknodat",
Signature(ArgTypes{IntTy, ConstCharPtrTy, Mode_tTy, Dev_tTy}, Signature(ArgTypes{IntTy, ConstCharPtrTy, Mode_tTy, Dev_tTy},
RetType{IntTy}), RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(1)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(1))));
// int chmod(const char *path, mode_t mode); // int chmod(const char *path, mode_t mode);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"chmod", Signature(ArgTypes{ConstCharPtrTy, Mode_tTy}, RetType{IntTy}), "chmod", Signature(ArgTypes{ConstCharPtrTy, Mode_tTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))));
// int fchmodat(int dirfd, const char *pathname, mode_t mode, int flags); // int fchmodat(int dirfd, const char *pathname, mode_t mode, int flags);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"fchmodat", "fchmodat",
Signature(ArgTypes{IntTy, ConstCharPtrTy, Mode_tTy, IntTy}, Signature(ArgTypes{IntTy, ConstCharPtrTy, Mode_tTy, IntTy},
RetType{IntTy}), RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(ArgumentCondition(0, WithinRange, Range(0, IntMax))) .ArgConstraint(ArgumentCondition(0, WithinRange, Range(0, IntMax)))
.ArgConstraint(NotNull(ArgNo(1)))); .ArgConstraint(NotNull(ArgNo(1))));
// int fchmod(int fildes, mode_t mode); // int fchmod(int fildes, mode_t mode);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"fchmod", Signature(ArgTypes{IntTy, Mode_tTy}, RetType{IntTy}), "fchmod", Signature(ArgTypes{IntTy, Mode_tTy}, RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint( .ArgConstraint(
ArgumentCondition(0, WithinRange, Range(0, IntMax)))); ArgumentCondition(0, WithinRange, Range(0, IntMax))));
Optional<QualType> Uid_tTy = lookupTy("uid_t"); Optional<QualType> Uid_tTy = lookupTy("uid_t");
Optional<QualType> Gid_tTy = lookupTy("gid_t"); Optional<QualType> Gid_tTy = lookupTy("gid_t");
// int fchownat(int dirfd, const char *pathname, uid_t owner, gid_t group, // int fchownat(int dirfd, const char *pathname, uid_t owner, gid_t group,
// int flags); // int flags);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"fchownat", "fchownat",
Signature(ArgTypes{IntTy, ConstCharPtrTy, Uid_tTy, Gid_tTy, IntTy}, Signature(ArgTypes{IntTy, ConstCharPtrTy, Uid_tTy, Gid_tTy, IntTy},
RetType{IntTy}), RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(ArgumentCondition(0, WithinRange, Range(0, IntMax))) .ArgConstraint(ArgumentCondition(0, WithinRange, Range(0, IntMax)))
.ArgConstraint(NotNull(ArgNo(1)))); .ArgConstraint(NotNull(ArgNo(1))));
// int chown(const char *path, uid_t owner, gid_t group); // int chown(const char *path, uid_t owner, gid_t group);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"chown", "chown",
Signature(ArgTypes{ConstCharPtrTy, Uid_tTy, Gid_tTy}, RetType{IntTy}), Signature(ArgTypes{ConstCharPtrTy, Uid_tTy, Gid_tTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))));
// int lchown(const char *path, uid_t owner, gid_t group); // int lchown(const char *path, uid_t owner, gid_t group);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"lchown", "lchown",
Signature(ArgTypes{ConstCharPtrTy, Uid_tTy, Gid_tTy}, RetType{IntTy}), Signature(ArgTypes{ConstCharPtrTy, Uid_tTy, Gid_tTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))));
// int fchown(int fildes, uid_t owner, gid_t group); // int fchown(int fildes, uid_t owner, gid_t group);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"fchown", Signature(ArgTypes{IntTy, Uid_tTy, Gid_tTy}, RetType{IntTy}), "fchown", Signature(ArgTypes{IntTy, Uid_tTy, Gid_tTy}, RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint( .ArgConstraint(
ArgumentCondition(0, WithinRange, Range(0, IntMax)))); ArgumentCondition(0, WithinRange, Range(0, IntMax))));
// int rmdir(const char *pathname); // int rmdir(const char *pathname);
addToFunctionSummaryMap( addToFunctionSummaryMap("rmdir",
"rmdir", Signature(ArgTypes{ConstCharPtrTy}, RetType{IntTy}), Signature(ArgTypes{ConstCharPtrTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))));
// int chdir(const char *path); // int chdir(const char *path);
addToFunctionSummaryMap( addToFunctionSummaryMap("chdir",
"chdir", Signature(ArgTypes{ConstCharPtrTy}, RetType{IntTy}), Signature(ArgTypes{ConstCharPtrTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))));
// int link(const char *oldpath, const char *newpath); // int link(const char *oldpath, const char *newpath);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"link", "link",
Signature(ArgTypes{ConstCharPtrTy, ConstCharPtrTy}, RetType{IntTy}), Signature(ArgTypes{ConstCharPtrTy, ConstCharPtrTy}, RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))) .ArgConstraint(NotNull(ArgNo(0)))
.ArgConstraint(NotNull(ArgNo(1)))); .ArgConstraint(NotNull(ArgNo(1))));
// int linkat(int fd1, const char *path1, int fd2, const char *path2, // int linkat(int fd1, const char *path1, int fd2, const char *path2,
// int flag); // int flag);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"linkat", "linkat",
Signature(ArgTypes{IntTy, ConstCharPtrTy, IntTy, ConstCharPtrTy, IntTy}, Signature(ArgTypes{IntTy, ConstCharPtrTy, IntTy, ConstCharPtrTy, IntTy},
RetType{IntTy}), RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(ArgumentCondition(0, WithinRange, Range(0, IntMax))) .ArgConstraint(ArgumentCondition(0, WithinRange, Range(0, IntMax)))
.ArgConstraint(NotNull(ArgNo(1))) .ArgConstraint(NotNull(ArgNo(1)))
.ArgConstraint(ArgumentCondition(2, WithinRange, Range(0, IntMax))) .ArgConstraint(ArgumentCondition(2, WithinRange, Range(0, IntMax)))
.ArgConstraint(NotNull(ArgNo(3)))); .ArgConstraint(NotNull(ArgNo(3))));
// int unlink(const char *pathname); // int unlink(const char *pathname);
addToFunctionSummaryMap( addToFunctionSummaryMap("unlink",
"unlink", Signature(ArgTypes{ConstCharPtrTy}, RetType{IntTy}), Signature(ArgTypes{ConstCharPtrTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))));
// int unlinkat(int fd, const char *path, int flag); // int unlinkat(int fd, const char *path, int flag);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"unlinkat", "unlinkat",
Signature(ArgTypes{IntTy, ConstCharPtrTy, IntTy}, RetType{IntTy}), Signature(ArgTypes{IntTy, ConstCharPtrTy, IntTy}, RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(ArgumentCondition(0, WithinRange, Range(0, IntMax))) .ArgConstraint(ArgumentCondition(0, WithinRange, Range(0, IntMax)))
.ArgConstraint(NotNull(ArgNo(1)))); .ArgConstraint(NotNull(ArgNo(1))));
Optional<QualType> StructStatTy = lookupTy("stat"); Optional<QualType> StructStatTy = lookupTy("stat");
Optional<QualType> StructStatPtrTy = getPointerTy(StructStatTy); Optional<QualType> StructStatPtrTy = getPointerTy(StructStatTy);
Optional<QualType> StructStatPtrRestrictTy = getRestrictTy(StructStatPtrTy); Optional<QualType> StructStatPtrRestrictTy = getRestrictTy(StructStatPtrTy);
// int fstat(int fd, struct stat *statbuf); // int fstat(int fd, struct stat *statbuf);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"fstat", Signature(ArgTypes{IntTy, StructStatPtrTy}, RetType{IntTy}), "fstat", Signature(ArgTypes{IntTy, StructStatPtrTy}, RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(ArgumentCondition(0, WithinRange, Range(0, IntMax))) .ArgConstraint(ArgumentCondition(0, WithinRange, Range(0, IntMax)))
.ArgConstraint(NotNull(ArgNo(1)))); .ArgConstraint(NotNull(ArgNo(1))));
// int stat(const char *restrict path, struct stat *restrict buf); // int stat(const char *restrict path, struct stat *restrict buf);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"stat", "stat",
Signature(ArgTypes{ConstCharPtrRestrictTy, StructStatPtrRestrictTy}, Signature(ArgTypes{ConstCharPtrRestrictTy, StructStatPtrRestrictTy},
RetType{IntTy}), RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))) .ArgConstraint(NotNull(ArgNo(0)))
.ArgConstraint(NotNull(ArgNo(1)))); .ArgConstraint(NotNull(ArgNo(1))));
// int lstat(const char *restrict path, struct stat *restrict buf); // int lstat(const char *restrict path, struct stat *restrict buf);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"lstat", "lstat",
Signature(ArgTypes{ConstCharPtrRestrictTy, StructStatPtrRestrictTy}, Signature(ArgTypes{ConstCharPtrRestrictTy, StructStatPtrRestrictTy},
RetType{IntTy}), RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))) .ArgConstraint(NotNull(ArgNo(0)))
.ArgConstraint(NotNull(ArgNo(1)))); .ArgConstraint(NotNull(ArgNo(1))));
// int fstatat(int fd, const char *restrict path, // int fstatat(int fd, const char *restrict path,
// struct stat *restrict buf, int flag); // struct stat *restrict buf, int flag);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"fstatat", "fstatat",
Signature(ArgTypes{IntTy, ConstCharPtrRestrictTy, Signature(ArgTypes{IntTy, ConstCharPtrRestrictTy,
StructStatPtrRestrictTy, IntTy}, StructStatPtrRestrictTy, IntTy},
RetType{IntTy}), RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(ArgumentCondition(0, WithinRange, Range(0, IntMax))) .ArgConstraint(ArgumentCondition(0, WithinRange, Range(0, IntMax)))
.ArgConstraint(NotNull(ArgNo(1))) .ArgConstraint(NotNull(ArgNo(1)))
.ArgConstraint(NotNull(ArgNo(2)))); .ArgConstraint(NotNull(ArgNo(2))));
// DIR *opendir(const char *name); // DIR *opendir(const char *name);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"opendir", Signature(ArgTypes{ConstCharPtrTy}, RetType{DirPtrTy}), "opendir", Signature(ArgTypes{ConstCharPtrTy}, RetType{DirPtrTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0))));
// DIR *fdopendir(int fd); // DIR *fdopendir(int fd);
addToFunctionSummaryMap("fdopendir", addToFunctionSummaryMap("fdopendir",
Signature(ArgTypes{IntTy}, RetType{DirPtrTy}), Signature(ArgTypes{IntTy}, RetType{DirPtrTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.ArgConstraint(ArgumentCondition( .ArgConstraint(ArgumentCondition(
0, WithinRange, Range(0, IntMax)))); 0, WithinRange, Range(0, IntMax))));
// int isatty(int fildes); // int isatty(int fildes);
addToFunctionSummaryMap("isatty", addToFunctionSummaryMap(
Signature(ArgTypes{IntTy}, RetType{IntTy}), "isatty", Signature(ArgTypes{IntTy}, RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.ArgConstraint(ArgumentCondition( .Case({ReturnValueCondition(WithinRange, Range(0, 1))})
0, WithinRange, Range(0, IntMax)))); .ArgConstraint(
ArgumentCondition(0, WithinRange, Range(0, IntMax))));
// FILE *popen(const char *command, const char *type); // FILE *popen(const char *command, const char *type);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"popen", "popen",
Signature(ArgTypes{ConstCharPtrTy, ConstCharPtrTy}, RetType{FilePtrTy}), Signature(ArgTypes{ConstCharPtrTy, ConstCharPtrTy}, RetType{FilePtrTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.ArgConstraint(NotNull(ArgNo(0))) .ArgConstraint(NotNull(ArgNo(0)))
.ArgConstraint(NotNull(ArgNo(1)))); .ArgConstraint(NotNull(ArgNo(1))));
// int pclose(FILE *stream); // int pclose(FILE *stream);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"pclose", Signature(ArgTypes{FilePtrTy}, RetType{IntTy}), "pclose", Signature(ArgTypes{FilePtrTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0))));
// int close(int fildes); // int close(int fildes);
addToFunctionSummaryMap("close", Signature(ArgTypes{IntTy}, RetType{IntTy}), addToFunctionSummaryMap("close", Signature(ArgTypes{IntTy}, RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(ArgumentCondition( .ArgConstraint(ArgumentCondition(
0, WithinRange, Range(-1, IntMax)))); 0, WithinRange, Range(-1, IntMax))));
// long fpathconf(int fildes, int name); // long fpathconf(int fildes, int name);
addToFunctionSummaryMap("fpathconf", addToFunctionSummaryMap("fpathconf",
Signature(ArgTypes{IntTy, IntTy}, RetType{LongTy}), Signature(ArgTypes{IntTy, IntTy}, RetType{LongTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.ArgConstraint(ArgumentCondition( .ArgConstraint(ArgumentCondition(
Show All 23 Lines addToFunctionSummaryMap(
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0))));
// int rand_r(unsigned int *seedp); // int rand_r(unsigned int *seedp);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"rand_r", Signature(ArgTypes{UnsignedIntPtrTy}, RetType{IntTy}), "rand_r", Signature(ArgTypes{UnsignedIntPtrTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0))));
// int fileno(FILE *stream); // int fileno(FILE *stream);
addToFunctionSummaryMap( addToFunctionSummaryMap("fileno",
"fileno", Signature(ArgTypes{FilePtrTy}, RetType{IntTy}), Signature(ArgTypes{FilePtrTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsFileDescriptor)
.ArgConstraint(NotNull(ArgNo(0))));
// int fseeko(FILE *stream, off_t offset, int whence); // int fseeko(FILE *stream, off_t offset, int whence);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"fseeko", "fseeko",
Signature(ArgTypes{FilePtrTy, Off_tTy, IntTy}, RetType{IntTy}), Signature(ArgTypes{FilePtrTy, Off_tTy, IntTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))));
// off_t ftello(FILE *stream); // off_t ftello(FILE *stream);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"ftello", Signature(ArgTypes{FilePtrTy}, RetType{Off_tTy}), "ftello", Signature(ArgTypes{FilePtrTy}, RetType{Off_tTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0))));
// void *mmap(void *addr, size_t length, int prot, int flags, int fd, // void *mmap(void *addr, size_t length, int prot, int flags, int fd,
// off_t offset); // off_t offset);
Show All 14 Lines addToFunctionSummaryMap(
Signature(ArgTypes{VoidPtrTy, SizeTy, IntTy, IntTy, IntTy, Off64_tTy}, Signature(ArgTypes{VoidPtrTy, SizeTy, IntTy, IntTy, IntTy, Off64_tTy},
RetType{VoidPtrTy}), RetType{VoidPtrTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.ArgConstraint(ArgumentCondition(1, WithinRange, Range(1, SizeMax))) .ArgConstraint(ArgumentCondition(1, WithinRange, Range(1, SizeMax)))
.ArgConstraint( .ArgConstraint(
ArgumentCondition(4, WithinRange, Range(-1, IntMax)))); ArgumentCondition(4, WithinRange, Range(-1, IntMax))));
// int pipe(int fildes[2]); // int pipe(int fildes[2]);
addToFunctionSummaryMap( addToFunctionSummaryMap("pipe",
"pipe", Signature(ArgTypes{IntPtrTy}, RetType{IntTy}), Signature(ArgTypes{IntPtrTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))));
// off_t lseek(int fildes, off_t offset, int whence); // off_t lseek(int fildes, off_t offset, int whence);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"lseek", Signature(ArgTypes{IntTy, Off_tTy, IntTy}, RetType{Off_tTy}), "lseek", Signature(ArgTypes{IntTy, Off_tTy, IntTy}, RetType{Off_tTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.ArgConstraint( .ArgConstraint(
ArgumentCondition(0, WithinRange, Range(0, IntMax)))); ArgumentCondition(0, WithinRange, Range(0, IntMax))));
Show All 33 Lines if (ModelPOSIX) {
// int renameat(int olddirfd, const char *oldpath, int newdirfd, const char // int renameat(int olddirfd, const char *oldpath, int newdirfd, const char
// *newpath); // *newpath);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"renameat", "renameat",
Signature(ArgTypes{IntTy, ConstCharPtrTy, IntTy, ConstCharPtrTy}, Signature(ArgTypes{IntTy, ConstCharPtrTy, IntTy, ConstCharPtrTy},
RetType{IntTy}), RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(1))) .ArgConstraint(NotNull(ArgNo(1)))
.ArgConstraint(NotNull(ArgNo(3)))); .ArgConstraint(NotNull(ArgNo(3))));
// char *realpath(const char *restrict file_name, // char *realpath(const char *restrict file_name,
// char *restrict resolved_name); // char *restrict resolved_name);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"realpath", "realpath",
Signature(ArgTypes{ConstCharPtrRestrictTy, CharPtrRestrictTy}, Signature(ArgTypes{ConstCharPtrRestrictTy, CharPtrRestrictTy},
RetType{CharPtrTy}), RetType{CharPtrTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0))));
QualType CharPtrConstPtr = getPointerTy(getConstTy(CharPtrTy)); QualType CharPtrConstPtr = getPointerTy(getConstTy(CharPtrTy));
// int execv(const char *path, char *const argv[]); // int execv(const char *path, char *const argv[]);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"execv", "execv",
Signature(ArgTypes{ConstCharPtrTy, CharPtrConstPtr}, RetType{IntTy}), Signature(ArgTypes{ConstCharPtrTy, CharPtrConstPtr}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case({ReturnValueCondition(WithinRange, SingleValue(-1))})
steakhalUnsubmitted
Done
ReplyInline Actions

The same principle applies here too.

steakhal: The same principle applies here too.
.ArgConstraint(NotNull(ArgNo(0))));
// int execvp(const char *file, char *const argv[]); // int execvp(const char *file, char *const argv[]);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"execvp", "execvp",
Signature(ArgTypes{ConstCharPtrTy, CharPtrConstPtr}, RetType{IntTy}), Signature(ArgTypes{ConstCharPtrTy, CharPtrConstPtr}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case({ReturnValueCondition(WithinRange, SingleValue(-1))})
.ArgConstraint(NotNull(ArgNo(0))));
// int getopt(int argc, char * const argv[], const char *optstring); // int getopt(int argc, char * const argv[], const char *optstring);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"getopt", "getopt",
Signature(ArgTypes{IntTy, CharPtrConstPtr, ConstCharPtrTy}, Signature(ArgTypes{IntTy, CharPtrConstPtr, ConstCharPtrTy},
RetType{IntTy}), RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case({ReturnValueCondition(WithinRange, Range(-1, UCharRangeMax))})
steakhalUnsubmitted
Done
ReplyInline Actions

It's a sane overapproximation. Perfectly fine for us.

steakhal: It's a sane overapproximation. Perfectly fine for us.
.ArgConstraint(ArgumentCondition(0, WithinRange, Range(0, IntMax))) .ArgConstraint(ArgumentCondition(0, WithinRange, Range(0, IntMax)))
.ArgConstraint(NotNull(ArgNo(1))) .ArgConstraint(NotNull(ArgNo(1)))
.ArgConstraint(NotNull(ArgNo(2)))); .ArgConstraint(NotNull(ArgNo(2))));
Optional<QualType> StructSockaddrTy = lookupTy("sockaddr"); Optional<QualType> StructSockaddrTy = lookupTy("sockaddr");
Optional<QualType> StructSockaddrPtrTy = getPointerTy(StructSockaddrTy); Optional<QualType> StructSockaddrPtrTy = getPointerTy(StructSockaddrTy);
Optional<QualType> ConstStructSockaddrPtrTy = Optional<QualType> ConstStructSockaddrPtrTy =
getPointerTy(getConstTy(StructSockaddrTy)); getPointerTy(getConstTy(StructSockaddrTy));
Optional<QualType> StructSockaddrPtrRestrictTy = Optional<QualType> StructSockaddrPtrRestrictTy =
getRestrictTy(StructSockaddrPtrTy); getRestrictTy(StructSockaddrPtrTy);
Optional<QualType> ConstStructSockaddrPtrRestrictTy = Optional<QualType> ConstStructSockaddrPtrRestrictTy =
getRestrictTy(ConstStructSockaddrPtrTy); getRestrictTy(ConstStructSockaddrPtrTy);
Optional<QualType> Socklen_tTy = lookupTy("socklen_t"); Optional<QualType> Socklen_tTy = lookupTy("socklen_t");
Optional<QualType> Socklen_tPtrTy = getPointerTy(Socklen_tTy); Optional<QualType> Socklen_tPtrTy = getPointerTy(Socklen_tTy);
Optional<QualType> Socklen_tPtrRestrictTy = getRestrictTy(Socklen_tPtrTy); Optional<QualType> Socklen_tPtrRestrictTy = getRestrictTy(Socklen_tPtrTy);
Optional<RangeInt> Socklen_tMax = getMaxValue(Socklen_tTy); Optional<RangeInt> Socklen_tMax = getMaxValue(Socklen_tTy);
const auto ReturnsZeroOrMinusOne =
ConstraintSet{ReturnValueCondition(WithinRange, Range(-1, 0))};
// In 'socket.h' of some libc implementations with C99, sockaddr parameter // In 'socket.h' of some libc implementations with C99, sockaddr parameter
// is a transparent union of the underlying sockaddr_ family of pointers // is a transparent union of the underlying sockaddr_ family of pointers
// instead of being a pointer to struct sockaddr. In these cases, the // instead of being a pointer to struct sockaddr. In these cases, the
// standardized signature will not match, thus we try to match with another // standardized signature will not match, thus we try to match with another
// signature that has the joker Irrelevant type. We also remove those // signature that has the joker Irrelevant type. We also remove those
// constraints which require pointer types for the sockaddr param. // constraints which require pointer types for the sockaddr param.
auto Accept = auto Accept =
Summary(NoEvalCall) Summary(NoEvalCall)
.Case({ReturnValueCondition(WithinRange, Range(-1, IntMax))}) .Case(ReturnsFileDescriptor)
.ArgConstraint(ArgumentCondition(0, WithinRange, Range(0, IntMax))); .ArgConstraint(ArgumentCondition(0, WithinRange, Range(0, IntMax)));
if (!addToFunctionSummaryMap( if (!addToFunctionSummaryMap(
"accept", "accept",
// int accept(int socket, struct sockaddr *restrict address, // int accept(int socket, struct sockaddr *restrict address,
// socklen_t *restrict address_len); // socklen_t *restrict address_len);
Signature(ArgTypes{IntTy, StructSockaddrPtrRestrictTy, Signature(ArgTypes{IntTy, StructSockaddrPtrRestrictTy,
Socklen_tPtrRestrictTy}, Socklen_tPtrRestrictTy},
RetType{IntTy}), RetType{IntTy}),
▲ Show 20 LinesShow All 262 Lines▼ Show 20 Lines if (ModelPOSIX) {
Optional<QualType> StructUtimbufTy = lookupTy("utimbuf"); Optional<QualType> StructUtimbufTy = lookupTy("utimbuf");
Optional<QualType> StructUtimbufPtrTy = getPointerTy(StructUtimbufTy); Optional<QualType> StructUtimbufPtrTy = getPointerTy(StructUtimbufTy);
// int utime(const char *filename, struct utimbuf *buf); // int utime(const char *filename, struct utimbuf *buf);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"utime", "utime",
Signature(ArgTypes{ConstCharPtrTy, StructUtimbufPtrTy}, RetType{IntTy}), Signature(ArgTypes{ConstCharPtrTy, StructUtimbufPtrTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))));
Optional<QualType> StructTimespecTy = lookupTy("timespec"); Optional<QualType> StructTimespecTy = lookupTy("timespec");
Optional<QualType> StructTimespecPtrTy = getPointerTy(StructTimespecTy); Optional<QualType> StructTimespecPtrTy = getPointerTy(StructTimespecTy);
Optional<QualType> ConstStructTimespecPtrTy = Optional<QualType> ConstStructTimespecPtrTy =
getPointerTy(getConstTy(StructTimespecTy)); getPointerTy(getConstTy(StructTimespecTy));
// int futimens(int fd, const struct timespec times[2]); // int futimens(int fd, const struct timespec times[2]);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"futimens", "futimens",
Signature(ArgTypes{IntTy, ConstStructTimespecPtrTy}, RetType{IntTy}), Signature(ArgTypes{IntTy, ConstStructTimespecPtrTy}, RetType{IntTy}),
Summary(NoEvalCall) Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint( .ArgConstraint(
ArgumentCondition(0, WithinRange, Range(0, IntMax)))); ArgumentCondition(0, WithinRange, Range(0, IntMax))));
// int utimensat(int dirfd, const char *pathname, // int utimensat(int dirfd, const char *pathname,
// const struct timespec times[2], int flags); // const struct timespec times[2], int flags);
addToFunctionSummaryMap( addToFunctionSummaryMap("utimensat",
"utimensat", Signature(ArgTypes{IntTy, ConstCharPtrTy,
Signature( ConstStructTimespecPtrTy, IntTy},
ArgTypes{IntTy, ConstCharPtrTy, ConstStructTimespecPtrTy, IntTy},
RetType{IntTy}), RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(1)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(1))));
Optional<QualType> StructTimevalTy = lookupTy("timeval"); Optional<QualType> StructTimevalTy = lookupTy("timeval");
Optional<QualType> ConstStructTimevalPtrTy = Optional<QualType> ConstStructTimevalPtrTy =
getPointerTy(getConstTy(StructTimevalTy)); getPointerTy(getConstTy(StructTimevalTy));
// int utimes(const char *filename, const struct timeval times[2]); // int utimes(const char *filename, const struct timeval times[2]);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"utimes", "utimes",
Signature(ArgTypes{ConstCharPtrTy, ConstStructTimevalPtrTy}, Signature(ArgTypes{ConstCharPtrTy, ConstStructTimevalPtrTy},
RetType{IntTy}), RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))));
// int nanosleep(const struct timespec *rqtp, struct timespec *rmtp); // int nanosleep(const struct timespec *rqtp, struct timespec *rmtp);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"nanosleep", "nanosleep",
Signature(ArgTypes{ConstStructTimespecPtrTy, StructTimespecPtrTy}, Signature(ArgTypes{ConstStructTimespecPtrTy, StructTimespecPtrTy},
RetType{IntTy}), RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(0))));
Optional<QualType> Time_tTy = lookupTy("time_t"); Optional<QualType> Time_tTy = lookupTy("time_t");
Optional<QualType> ConstTime_tPtrTy = getPointerTy(getConstTy(Time_tTy)); Optional<QualType> ConstTime_tPtrTy = getPointerTy(getConstTy(Time_tTy));
Optional<QualType> ConstTime_tPtrRestrictTy = Optional<QualType> ConstTime_tPtrRestrictTy =
getRestrictTy(ConstTime_tPtrTy); getRestrictTy(ConstTime_tPtrTy);
Optional<QualType> StructTmTy = lookupTy("tm"); Optional<QualType> StructTmTy = lookupTy("tm");
Optional<QualType> StructTmPtrTy = getPointerTy(StructTmTy); Optional<QualType> StructTmPtrTy = getPointerTy(StructTmTy);
▲ Show 20 LinesShow All 57 Lines▼ Show 20 Lines addToFunctionSummaryMap(
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0)))); Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(0))));
Optional<QualType> Clockid_tTy = lookupTy("clockid_t"); Optional<QualType> Clockid_tTy = lookupTy("clockid_t");
// int clock_gettime(clockid_t clock_id, struct timespec *tp); // int clock_gettime(clockid_t clock_id, struct timespec *tp);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"clock_gettime", "clock_gettime",
Signature(ArgTypes{Clockid_tTy, StructTimespecPtrTy}, RetType{IntTy}), Signature(ArgTypes{Clockid_tTy, StructTimespecPtrTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(1)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(1))));
Optional<QualType> StructItimervalTy = lookupTy("itimerval"); Optional<QualType> StructItimervalTy = lookupTy("itimerval");
Optional<QualType> StructItimervalPtrTy = getPointerTy(StructItimervalTy); Optional<QualType> StructItimervalPtrTy = getPointerTy(StructItimervalTy);
// int getitimer(int which, struct itimerval *curr_value); // int getitimer(int which, struct itimerval *curr_value);
addToFunctionSummaryMap( addToFunctionSummaryMap(
"getitimer", "getitimer",
Signature(ArgTypes{IntTy, StructItimervalPtrTy}, RetType{IntTy}), Signature(ArgTypes{IntTy, StructItimervalPtrTy}, RetType{IntTy}),
Summary(NoEvalCall).ArgConstraint(NotNull(ArgNo(1)))); Summary(NoEvalCall)
.Case(ReturnsZeroOrMinusOne)
.ArgConstraint(NotNull(ArgNo(1))));
Optional<QualType> Pthread_cond_tTy = lookupTy("pthread_cond_t"); Optional<QualType> Pthread_cond_tTy = lookupTy("pthread_cond_t");
Optional<QualType> Pthread_cond_tPtrTy = getPointerTy(Pthread_cond_tTy); Optional<QualType> Pthread_cond_tPtrTy = getPointerTy(Pthread_cond_tTy);
Optional<QualType> Pthread_tTy = lookupTy("pthread_t"); Optional<QualType> Pthread_tTy = lookupTy("pthread_t");
Optional<QualType> Pthread_tPtrTy = getPointerTy(Pthread_tTy); Optional<QualType> Pthread_tPtrTy = getPointerTy(Pthread_tTy);
Optional<QualType> Pthread_tPtrRestrictTy = getRestrictTy(Pthread_tPtrTy); Optional<QualType> Pthread_tPtrRestrictTy = getRestrictTy(Pthread_tPtrTy);
Optional<QualType> Pthread_mutex_tTy = lookupTy("pthread_mutex_t"); Optional<QualType> Pthread_mutex_tTy = lookupTy("pthread_mutex_t");
Optional<QualType> Pthread_mutex_tPtrTy = getPointerTy(Pthread_mutex_tTy); Optional<QualType> Pthread_mutex_tPtrTy = getPointerTy(Pthread_mutex_tTy);
▲ Show 20 LinesShow All 163 LinesShow Last 20 Lines