llvm/clang/include/clang/StaticAnalyzer/Checkers/Checkers.td

//===--- Checkers.td - Static Analyzer Checkers -===-----------------------===//
//
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
//
//===----------------------------------------------------------------------===//

include "CheckerBase.td"

//===----------------------------------------------------------------------===//
// Packages.
//===----------------------------------------------------------------------===//

// The Alpha package is for checkers that have too many false positives to be
// turned on by default. The hierarchy under Alpha should be organized in the
// hierarchy checkers would have had if they were truly at the top level.
// (For example, a Cocoa-specific checker that is alpha should be in
// alpha.osx.cocoa).
def Alpha : Package<"alpha">;

def Core : Package<"core">;
def CoreBuiltin : Package<"builtin">, ParentPackage<Core>, Hidden;
def CoreUninitialized  : Package<"uninitialized">, ParentPackage<Core>;
def CoreAlpha : Package<"core">, ParentPackage<Alpha>;

// The OptIn package is for checkers that are not alpha and that would normally
// be on by default but where the driver does not have enough information to
// determine when they are applicable. For example, localizability checkers fit
// this criterion because the driver cannot determine whether a project is
// localized or not -- this is best determined at the IDE or build-system level.
//
// The checker hierarchy under OptIn should mirror that in Alpha: checkers
// should be organized as if they were at the top level.
//
// Note: OptIn is *not* intended for checkers that are too noisy to be on by
// default. Such checkers belong in the alpha package.
def OptIn : Package<"optin">;

def CoreOptIn : Package<"core">, ParentPackage<OptIn>;

// In the Portability package reside checkers for finding code that relies on
// implementation-defined behavior. Such checks are wanted for cross-platform
// development, but unwanted for developers who target only a single platform.
def PortabilityOptIn : Package<"portability">, ParentPackage<OptIn>;

// Optional checkers related to taint security analysis.
def TaintOptIn : Package<"taint">, ParentPackage<OptIn>;

def Nullability : Package<"nullability">,
  PackageOptions<[
    CmdLineOption<Boolean,
                  "NoDiagnoseCallsToSystemHeaders",
                  "Suppresses warnings for violating nullability annotations "
                  "of system header functions. This is useful if you are "
                  "concerned with your custom nullability annotations more "
                  "than with following nullability specifications of system "
                  "header functions.",
                  "false",
                  Released>
  ]>;

def Cplusplus : Package<"cplusplus">;
def CplusplusAlpha : Package<"cplusplus">, ParentPackage<Alpha>;
def CplusplusOptIn : Package<"cplusplus">, ParentPackage<OptIn>;

def Valist : Package<"valist">;

def DeadCode : Package<"deadcode">;
def DeadCodeAlpha : Package<"deadcode">, ParentPackage<Alpha>;

def Performance : Package<"performance">, ParentPackage<OptIn>;

def Security : Package <"security">;
def InsecureAPI : Package<"insecureAPI">, ParentPackage<Security>;
def SecurityAlpha : Package<"security">, ParentPackage<Alpha>;
def Taint : Package<"taint">, ParentPackage<SecurityAlpha>;

def CERT : Package<"cert">, ParentPackage<Security>;
def ENV : Package<"env">, ParentPackage<CERT>;

def CERTAlpha : Package<"cert">, ParentPackage<SecurityAlpha>;
def POSAlpha : Package<"pos">, ParentPackage<CERTAlpha>;

def Unix : Package<"unix">;
def UnixAlpha : Package<"unix">, ParentPackage<Alpha>;
def CString : Package<"cstring">, ParentPackage<Unix>;
def CStringAlpha : Package<"cstring">, ParentPackage<UnixAlpha>;

def OSX : Package<"osx">;
def OSXAlpha : Package<"osx">, ParentPackage<Alpha>;
def OSXOptIn : Package<"osx">, ParentPackage<OptIn>;

def Cocoa : Package<"cocoa">, ParentPackage<OSX>;
def CocoaAlpha : Package<"cocoa">, ParentPackage<OSXAlpha>;
def CocoaOptIn : Package<"cocoa">, ParentPackage<OSXOptIn>;

def CoreFoundation : Package<"coreFoundation">, ParentPackage<OSX>;
def Containers : Package<"containers">, ParentPackage<CoreFoundation>;

def LocalizabilityAlpha : Package<"localizability">, ParentPackage<CocoaAlpha>;
def LocalizabilityOptIn : Package<"localizability">, ParentPackage<CocoaOptIn>;

def MPI : Package<"mpi">, ParentPackage<OptIn>;

def LLVM : Package<"llvm">;
def LLVMAlpha : Package<"llvm">, ParentPackage<Alpha>;

// The APIModeling package is for checkers that model APIs and don't perform
// any diagnostics. These checkers are always turned on; this package is
// intended for API modeling that is not controlled by the target triple.
def APIModeling : Package<"apiModeling">, Hidden;
def APIModelingAlpha : Package<"apiModeling">, ParentPackage<Alpha>, Hidden;

def GoogleAPIModeling : Package<"google">, ParentPackage<APIModeling>, Hidden;
def LLVMAPIModeling : Package<"llvm">, ParentPackage<APIModeling>, Hidden;

def Debug : Package<"debug">, Hidden;

def CloneDetectionAlpha : Package<"clone">, ParentPackage<Alpha>;

def NonDeterminismAlpha : Package<"nondeterminism">, ParentPackage<Alpha>;

def Fuchsia : Package<"fuchsia">;
def FuchsiaAlpha : Package<"fuchsia">, ParentPackage<Alpha>;

def WebKit : Package<"webkit">;
def WebKitAlpha : Package<"webkit">, ParentPackage<Alpha>;

//===----------------------------------------------------------------------===//
// Core Checkers.
//===----------------------------------------------------------------------===//

let ParentPackage = Core in {

def BitwiseShiftChecker : Checker<"BitwiseShift">,
  HelpText<"Finds cases where bitwise shift operation causes undefined behaviour.">,
  CheckerOptions<[
    CmdLineOption<Boolean,
                  "Pedantic",
                  "If set to true, the checker reports undefined behavior even "
                  "if it is supported by most compilers. (This flag has no "
                  "effect in C++20 where these constructs are legal.)",
                  "false",
                  Released>,
  ]>,
  Documentation<HasDocumentation>;

def CallAndMessageModeling : Checker<"CallAndMessageModeling">,
  HelpText<"Responsible for essential modeling and assumptions after a "
           "function/method call. For instance, if we can't reason about the "
           "nullability of the implicit this parameter after a method call, "
           "this checker conservatively assumes it to be non-null">,
  Documentation<HasDocumentation>,
  Hidden;

def CallAndMessageChecker : Checker<"CallAndMessage">,
  HelpText<"Check for logical errors for function calls and Objective-C "
           "message expressions (e.g., uninitialized arguments, null function "
           "pointers)">,
  CheckerOptions<[
    CmdLineOption<Boolean,
                  "FunctionPointer",
                  "Check whether a called function pointer is null or "
                  "undefined",
                  "true",
                  Released>,
    CmdLineOption<Boolean,
                  "ParameterCount",
                  "Check whether a function was called with the appropriate "
                  "number of arguments",
                  "true",
                  Released>,
    CmdLineOption<Boolean,
                  "CXXThisMethodCall",
                  "Check whether the implicit this parameter is null or "
                  "undefined upon a method call",
                  "true",
                  Released>,
    CmdLineOption<Boolean,
                  "CXXDeallocationArg",
                  "Check whether the argument of operator delete is undefined",
                  "true",
                  Released>,
    CmdLineOption<Boolean,
                  "ArgInitializedness",
                  "Check whether any of the pass-by-value parameters is "
                  "undefined",
                  "true",
                  Released>,
    CmdLineOption<Boolean,
                  "ArgPointeeInitializedness",
                  "Check whether the pointee of a pass-by-reference or "
                  "pass-by-pointer is undefined",
                  "false",
                  InAlpha>,
    CmdLineOption<Boolean,
                  "NilReceiver",
                  "Check whether the reciever in the message expression is nil",
                  "true",
                  Released>,
    CmdLineOption<Boolean,
                  "UndefReceiver",
                  "Check whether the reciever in the message expression is "
                  "undefined",
                  "true",
                  Released>,
  ]>,
  Documentation<HasDocumentation>,
  Dependencies<[CallAndMessageModeling]>;

def DereferenceChecker : Checker<"NullDereference">,
  HelpText<"Check for dereferences of null pointers">,
  CheckerOptions<[
    CmdLineOption<Boolean,
                  "SuppressAddressSpaces",
                  "Suppresses warning when pointer dereferences an address space",
                  "true",
                  Released>
  ]>,
  Documentation<HasDocumentation>;

def NonNullParamChecker : Checker<"NonNullParamChecker">,
  HelpText<"Check for null pointers passed as arguments to a function whose "
           "arguments are references or marked with the 'nonnull' attribute">,
  Documentation<HasDocumentation>;

def VLASizeChecker : Checker<"VLASize">,
  HelpText<"Check for declarations of VLA of undefined or zero size">,
  Documentation<HasDocumentation>;

def DivZeroChecker : Checker<"DivideZero">,
  HelpText<"Check for division by zero">,
  Documentation<HasDocumentation>;

def UndefResultChecker : Checker<"UndefinedBinaryOperatorResult">,
  HelpText<"Check for undefined results of binary operators">,
  Documentation<HasDocumentation>;

def StackAddrEscapeBase : Checker<"StackAddrEscapeBase">,
  HelpText<"Generate information about stack address escapes.">,
  Documentation<NotDocumented>,
  Hidden;

def StackAddrEscapeChecker : Checker<"StackAddressEscape">,
  HelpText<"Check that addresses to stack memory do not escape the function">,
  Dependencies<[StackAddrEscapeBase]>,
  Documentation<HasDocumentation>;

def DynamicTypePropagation : Checker<"DynamicTypePropagation">,
  HelpText<"Generate dynamic type information">,
  Documentation<NotDocumented>,
  Hidden;

def NonnullGlobalConstantsChecker: Checker<"NonnilStringConstants">,
  HelpText<"Assume that const string-like globals are non-null">,
  Documentation<NotDocumented>,
  Hidden;

} // end "core"

let ParentPackage = CoreAlpha in {

def BoolAssignmentChecker : Checker<"BoolAssignment">,
  HelpText<"Warn about assigning non-{0,1} values to Boolean variables">,
  Documentation<HasDocumentation>;

def CastSizeChecker : Checker<"CastSize">,
  HelpText<"Check when casting a malloc'ed type T, whether the size is a "
           "multiple of the size of T">,
  Documentation<HasDocumentation>;

def CastToStructChecker : Checker<"CastToStruct">,
  HelpText<"Check for cast from non-struct pointer to struct pointer">,
  Documentation<HasDocumentation>;

def ConversionChecker : Checker<"Conversion">,
  HelpText<"Loss of sign/precision in implicit conversions">,
  Documentation<HasDocumentation>;

def IdenticalExprChecker : Checker<"IdenticalExpr">,
  HelpText<"Warn about unintended use of identical expressions in operators">,
  Documentation<HasDocumentation>;

def FixedAddressChecker : Checker<"FixedAddr">,
  HelpText<"Check for assignment of a fixed address to a pointer">,
  Documentation<HasDocumentation>;

def PointerArithChecker : Checker<"PointerArithm">,
  HelpText<"Check for pointer arithmetic on locations other than array "
           "elements">,
  Documentation<HasDocumentation>;

def PointerSubChecker : Checker<"PointerSub">,
  HelpText<"Check for pointer subtractions on two pointers pointing to "
           "different memory chunks">,
  Documentation<HasDocumentation>;

def TestAfterDivZeroChecker : Checker<"TestAfterDivZero">,
  HelpText<"Check for division by variable that is later compared against 0. "
           "Either the comparison is useless or there is division by zero.">,
  Documentation<HasDocumentation>;

def DynamicTypeChecker : Checker<"DynamicTypeChecker">,
  HelpText<"Check for cases where the dynamic and the static type of an object "
           "are unrelated.">,
  Documentation<HasDocumentation>;

def StackAddrAsyncEscapeChecker : Checker<"StackAddressAsyncEscape">,
  HelpText<"Check that addresses to stack memory do not escape the function">,
  Dependencies<[StackAddrEscapeBase]>,
  Documentation<HasDocumentation>;

def PthreadLockBase : Checker<"PthreadLockBase">,
  HelpText<"Helper registering multiple checks.">,
  Documentation<NotDocumented>,
  Hidden;

def C11LockChecker : Checker<"C11Lock">,
  HelpText<"Simple lock -> unlock checker">,
  Dependencies<[PthreadLockBase]>,
  Documentation<HasDocumentation>;

def StdVariantChecker : Checker<"StdVariant">,
  HelpText<"Check for bad type access for std::variant.">,
  Documentation<HasDocumentation>;

} // end "alpha.core"

//===----------------------------------------------------------------------===//
// Nullability checkers.
//===----------------------------------------------------------------------===//

let ParentPackage = Nullability in {

def NullabilityBase : Checker<"NullabilityBase">,
  HelpText<"Stores information during the analysis about nullability.">,
  Documentation<NotDocumented>,
  Hidden;

def NullPassedToNonnullChecker : Checker<"NullPassedToNonnull">,
  HelpText<"Warns when a null pointer is passed to a pointer which has a "
           "_Nonnull type.">,
  Dependencies<[NullabilityBase]>,
  Documentation<HasDocumentation>;

def NullReturnedFromNonnullChecker : Checker<"NullReturnedFromNonnull">,
  HelpText<"Warns when a null pointer is returned from a function that has "
           "_Nonnull return type.">,
  Dependencies<[NullabilityBase]>,
  Documentation<HasDocumentation>;

def NullableDereferencedChecker : Checker<"NullableDereferenced">,
  HelpText<"Warns when a nullable pointer is dereferenced.">,
  Dependencies<[NullabilityBase]>,
  Documentation<HasDocumentation>;

def NullablePassedToNonnullChecker : Checker<"NullablePassedToNonnull">,
  HelpText<"Warns when a nullable pointer is passed to a pointer which has a "
           "_Nonnull type.">,
  Dependencies<[NullabilityBase]>,
  Documentation<HasDocumentation>;

def NullableReturnedFromNonnullChecker : Checker<"NullableReturnedFromNonnull">,
  HelpText<"Warns when a nullable pointer is returned from a function that has "
           "_Nonnull return type.">,
  Dependencies<[NullabilityBase]>,
  Documentation<NotDocumented>;

} // end "nullability"

//===----------------------------------------------------------------------===//
// APIModeling.
//===----------------------------------------------------------------------===//

let ParentPackage = APIModeling in {

def ErrnoModeling : Checker<"Errno">,
  HelpText<"Make the special value 'errno' available to other checkers.">,
  Documentation<NotDocumented>;

def TrustNonnullChecker : Checker<"TrustNonnull">,
  HelpText<"Trust that returns from framework methods annotated with _Nonnull "
           "are not null">,
  Documentation<NotDocumented>;

def TrustReturnsNonnullChecker : Checker<"TrustReturnsNonnull">,
  HelpText<"Trust that returns from methods annotated with returns_nonnull "
           "are not null">,
  Documentation<NotDocumented>;

} // end "apiModeling"

//===----------------------------------------------------------------------===//
// Evaluate "builtin" functions.
//===----------------------------------------------------------------------===//

let ParentPackage = CoreBuiltin in {

def NoReturnFunctionChecker : Checker<"NoReturnFunctions">,
  HelpText<"Evaluate \"panic\" functions that are known to not return to the "
           "caller">,
  Documentation<NotDocumented>;

def BuiltinFunctionChecker : Checker<"BuiltinFunctions">,
  HelpText<"Evaluate compiler builtin functions (e.g., alloca())">,
  Documentation<NotDocumented>;

} // end "core.builtin"

//===----------------------------------------------------------------------===//
// Uninitialized values checkers.
//===----------------------------------------------------------------------===//

let ParentPackage = CoreUninitialized in {

def UndefinedArraySubscriptChecker : Checker<"ArraySubscript">,
  HelpText<"Check for uninitialized values used as array subscripts">,
  Documentation<HasDocumentation>;

def UndefinedAssignmentChecker : Checker<"Assign">,
  HelpText<"Check for assigning uninitialized values">,
  Documentation<HasDocumentation>;

def UndefBranchChecker : Checker<"Branch">,
  HelpText<"Check for uninitialized values used as branch conditions">,
  Documentation<HasDocumentation>;

def UndefCapturedBlockVarChecker : Checker<"CapturedBlockVariable">,
  HelpText<"Check for blocks that capture uninitialized values">,
  Documentation<NotDocumented>;

def ReturnUndefChecker : Checker<"UndefReturn">,
  HelpText<"Check for uninitialized values being returned to the caller">,
  Documentation<HasDocumentation>;

def UndefinedNewArraySizeChecker : Checker<"NewArraySize">,
  HelpText<"Check if the size of the array in a new[] expression is undefined">,
  Documentation<HasDocumentation>;

} // end "core.uninitialized"

//===----------------------------------------------------------------------===//
// Optin checkers for core language features
//===----------------------------------------------------------------------===//

let ParentPackage = CoreOptIn in {

def EnumCastOutOfRangeChecker : Checker<"EnumCastOutOfRange">,
  HelpText<"Check integer to enumeration casts for out of range values">,
  Documentation<HasDocumentation>;

} // end "optin.core"

//===----------------------------------------------------------------------===//
// Unix API checkers.
//===----------------------------------------------------------------------===//

let ParentPackage = CString in {

def CStringModeling : Checker<"CStringModeling">,
  HelpText<"The base of several CString related checkers. On it's own it emits "
           "no reports, but adds valuable information to the analysis when "
           "enabled.">,
  Documentation<NotDocumented>,
  Hidden;

def CStringNullArg : Checker<"NullArg">,
  HelpText<"Check for null pointers being passed as arguments to C string "
           "functions">,
  Dependencies<[CStringModeling]>,
  Documentation<HasDocumentation>;

def CStringSyntaxChecker : Checker<"BadSizeArg">,
  HelpText<"Check the size argument passed into C string functions for common "
           "erroneous patterns">,
  Dependencies<[CStringModeling]>,
  Documentation<HasDocumentation>;

} // end "unix.cstring"

let ParentPackage = CStringAlpha in {

def CStringOutOfBounds : Checker<"OutOfBounds">,
  HelpText<"Check for out-of-bounds access in string functions">,
  Dependencies<[CStringModeling]>,
  Documentation<HasDocumentation>;

def CStringBufferOverlap : Checker<"BufferOverlap">,
  HelpText<"Checks for overlap in two buffer arguments">,
  Dependencies<[CStringModeling]>,
  Documentation<HasDocumentation>;

def CStringNotNullTerm : Checker<"NotNullTerminated">,
  HelpText<"Check for arguments which are not null-terminating strings">,
  Dependencies<[CStringModeling]>,
  Documentation<HasDocumentation>;

def CStringUninitializedRead : Checker<"UninitializedRead">,
  HelpText<"Checks if the string manipulation function would read uninitialized bytes">,
  Dependencies<[CStringModeling]>,
  Documentation<HasDocumentation>;

} // end "alpha.unix.cstring"

let ParentPackage = Unix in {

def UnixAPIMisuseChecker : Checker<"API">,
  HelpText<"Check calls to various UNIX/Posix functions">,
  Documentation<HasDocumentation>;

def BlockInCriticalSectionChecker : Checker<"BlockInCriticalSection">,
  HelpText<"Check for calls to blocking functions inside a critical section">,
  Documentation<HasDocumentation>;

def DynamicMemoryModeling: Checker<"DynamicMemoryModeling">,
  HelpText<"The base of several malloc() related checkers. On it's own it "
           "emits no reports, but adds valuable information to the analysis "
           "when enabled.">,
  CheckerOptions<[
    CmdLineOption<Boolean,
                  "Optimistic",
                  "If set to true, the checker assumes that all the "
                  "allocating and deallocating functions are annotated with "
                  "ownership_holds, ownership_takes and ownership_returns.",
                  "false",
                  InAlpha>,
    CmdLineOption<Boolean,
                  "AddNoOwnershipChangeNotes",
                  "Add an additional note to the bug report for leak-like "
                  "bugs. Dynamically allocated objects passed to functions "
                  "that neither deallocated it, or have taken responsibility "
                  "of the ownership are noted, similarly to "
                  "NoStoreFuncVisitor.",
                  "true",
                  Released,
                  Hide>
  ]>,
  Dependencies<[CStringModeling]>,
  Documentation<NotDocumented>,
  Hidden;

def ErrnoChecker : Checker<"Errno">,
  HelpText<"Check for improper use of 'errno'">,
  Dependencies<[ErrnoModeling]>,
  CheckerOptions<[
    CmdLineOption<Boolean,
                  "AllowErrnoReadOutsideConditionExpressions",
                  "Allow read of undefined value from errno outside of conditions",
                  "true",
                  InAlpha>,
  ]>,
  Documentation<HasDocumentation>;

def MallocChecker: Checker<"Malloc">,
  HelpText<"Check for memory leaks, double free, and use-after-free problems. "
           "Traces memory managed by malloc()/free().">,
  Dependencies<[DynamicMemoryModeling]>,
  Documentation<HasDocumentation>;

def MallocSizeofChecker : Checker<"MallocSizeof">,
  HelpText<"Check for dubious malloc arguments involving sizeof">,
  Documentation<HasDocumentation>;

def MismatchedDeallocatorChecker : Checker<"MismatchedDeallocator">,
  HelpText<"Check for mismatched deallocators.">,
  Dependencies<[DynamicMemoryModeling]>,
  Documentation<HasDocumentation>;

// This must appear before StdCLibraryFunctionsChecker because a dependency.
def StreamChecker : Checker<"Stream">,
  HelpText<"Check stream handling functions">,
  WeakDependencies<[NonNullParamChecker]>,
  CheckerOptions<[
    CmdLineOption<Boolean,
                  "Pedantic",
                  "If false, assume that stream operations which are often not "
                  "checked for error do not fail.",
                  "false",
                  InAlpha>
  ]>,
  Documentation<HasDocumentation>;

def StdCLibraryFunctionsChecker : Checker<"StdCLibraryFunctions">,
  HelpText<"Check for invalid arguments of C standard library functions, "
           "and apply relations between arguments and return value">,
  CheckerOptions<[
    CmdLineOption<Boolean,
                  "DisplayLoadedSummaries",
                  "If set to true, the checker displays the found summaries "
                  "for the given translation unit.",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "ModelPOSIX",
                  "If set to true, the checker models additional functions "
                  "from the POSIX standard.",
                  "true",
                  InAlpha>
  ]>,
  WeakDependencies<[CallAndMessageChecker, NonNullParamChecker, StreamChecker]>,
  Documentation<HasDocumentation>;

def VforkChecker : Checker<"Vfork">,
  HelpText<"Check for proper usage of vfork">,
  Documentation<HasDocumentation>;

} // end "unix"

let ParentPackage = UnixAlpha in {

def ChrootChecker : Checker<"Chroot">,
  HelpText<"Check improper use of chroot">,
  Documentation<HasDocumentation>;

def PthreadLockChecker : Checker<"PthreadLock">,
  HelpText<"Simple lock -> unlock checker">,
  Dependencies<[PthreadLockBase]>,
  Documentation<HasDocumentation>;

def SimpleStreamChecker : Checker<"SimpleStream">,
  HelpText<"Check for misuses of stream APIs">,
  Documentation<HasDocumentation>;

} // end "alpha.unix"

//===----------------------------------------------------------------------===//
// C++ checkers.
//===----------------------------------------------------------------------===//

let ParentPackage = Cplusplus in {

def ArrayDeleteChecker : Checker<"ArrayDelete">,
  HelpText<"Reports destructions of arrays of polymorphic objects that are "
           "destructed as their base class.">,
  Documentation<HasDocumentation>;

def InnerPointerChecker : Checker<"InnerPointer">,
  HelpText<"Check for inner pointers of C++ containers used after "
           "re/deallocation">,
  Dependencies<[DynamicMemoryModeling]>,
  Documentation<NotDocumented>;

def NewDeleteChecker : Checker<"NewDelete">,
  HelpText<"Check for double-free and use-after-free problems. Traces memory "
           "managed by new/delete.">,
  Dependencies<[DynamicMemoryModeling]>,
  Documentation<HasDocumentation>;

def NewDeleteLeaksChecker : Checker<"NewDeleteLeaks">,
  HelpText<"Check for memory leaks. Traces memory managed by new/delete.">,
  Dependencies<[DynamicMemoryModeling]>,
  Documentation<HasDocumentation>;

def PlacementNewChecker : Checker<"PlacementNew">,
  HelpText<"Check if default placement new is provided with pointers to "
           "sufficient storage capacity">,
  Dependencies<[DynamicMemoryModeling]>,
  Documentation<HasDocumentation>;

def CXXSelfAssignmentChecker : Checker<"SelfAssignment">,
  HelpText<"Checks C++ copy and move assignment operators for self assignment">,
  Documentation<NotDocumented>,
  Hidden;

def SmartPtrModeling: Checker<"SmartPtrModeling">,
  HelpText<"Model behavior of C++ smart pointers">,
  Documentation<NotDocumented>,
    CheckerOptions<[
    CmdLineOption<Boolean,
                  "ModelSmartPtrDereference",
                  "Enable modeling for SmartPtr null dereferences",
                  "false",
                  InAlpha,
                  Hide>,
  ]>,
  Hidden;

def StringChecker: Checker<"StringChecker">,
  HelpText<"Checks C++ std::string bugs">,
  Documentation<HasDocumentation>;

def MoveChecker: Checker<"Move">,
  HelpText<"Find use-after-move bugs in C++">,
  CheckerOptions<[
    CmdLineOption<String,
                  "WarnOn",
                  "With setting \"KnownsOnly\" warn only on objects with known "
                  "move semantics like smart pointers and other STL objects. "
                  "With setting \"KnownsAndLocals\" warn additionally on local "
                  "variables (or rvalue references). With setting \"All\" warn "
                  "on all variables (excluding global variables).",
                  "KnownsAndLocals",
                  Released>
  ]>,
  Documentation<HasDocumentation>;

def VirtualCallModeling : Checker<"VirtualCallModeling">,
  HelpText<"Auxiliary modeling for the virtual method call checkers">,
  Documentation<NotDocumented>,
  Hidden;

def PureVirtualCallChecker : Checker<"PureVirtualCall">,
  HelpText<"Check pure virtual function calls during construction/destruction">,
  Dependencies<[VirtualCallModeling]>,
  Documentation<HasDocumentation>;
} // end: "cplusplus"

let ParentPackage = CplusplusOptIn in {

def UninitializedObjectChecker: Checker<"UninitializedObject">,
  HelpText<"Reports uninitialized fields after object construction">,
  CheckerOptions<[
    CmdLineOption<Boolean,
                  "Pedantic",
                  "If set to false, the checker won't emit warnings "
                  "for objects that don't have at least one initialized "
                  "field.",
                  "false",
                  Released>,
    CmdLineOption<Boolean,
                  "NotesAsWarnings",
                  "If set to true, the checker will emit a warning "
                  "for each uninitalized field, as opposed to emitting one "
                  "warning per constructor call, and listing the uninitialized "
                  "fields that belongs to it in notes.",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "CheckPointeeInitialization",
                  "If set to false, the checker will not analyze "
                  "the pointee of pointer/reference fields, and will only "
                  "check whether the object itself is initialized.",
                  "false",
                  InAlpha>,
    CmdLineOption<String,
                  "IgnoreRecordsWithField",
                  "If supplied, the checker will not analyze "
                  "structures that have a field with a name or type name that "
                  "matches the given pattern.",
                  "\"\"",
                  Released>,
    CmdLineOption<Boolean,
                  "IgnoreGuardedFields",
                  "If set to true, the checker will analyze _syntactically_ "
                  "whether the found uninitialized object is used without a "
                  "preceding assert call. Defaults to false.",
                  "false",
                  InAlpha>
  ]>,
  Documentation<HasDocumentation>;

def VirtualCallChecker : Checker<"VirtualCall">,
  HelpText<"Check virtual function calls during construction/destruction">,
  CheckerOptions<[
    CmdLineOption<Boolean,
                  "ShowFixIts",
                  "Enable fix-it hints for this checker",
                  "false",
                  InAlpha>,
    CmdLineOption<Boolean,
                  "PureOnly",
                  "Disables the checker. Keeps cplusplus.PureVirtualCall "
                  "enabled. This option is only provided for backwards "
                  "compatibility.",
                  "false",
                  InAlpha>
  ]>,
  Dependencies<[VirtualCallModeling]>,
  Documentation<HasDocumentation>;

} // end: "optin.cplusplus"

let ParentPackage = CplusplusAlpha in {

def ContainerModeling : Checker<"ContainerModeling">,
  HelpText<"Models C++ containers">,
  Documentation<NotDocumented>,
  Hidden;

def DeleteWithNonVirtualDtorChecker : Checker<"DeleteWithNonVirtualDtor">,
  HelpText<"Reports destructions of polymorphic objects with a non-virtual "
           "destructor in their base class">,
  Documentation<HasDocumentation>;

def IteratorModeling : Checker<"IteratorModeling">,
  HelpText<"Models iterators of C++ containers">,
  Dependencies<[ContainerModeling]>,
  Documentation<NotDocumented>,
  Hidden;

def STLAlgorithmModeling : Checker<"STLAlgorithmModeling">,
  HelpText<"Models the algorithm library of the C++ STL.">,
  CheckerOptions<[
    CmdLineOption<Boolean,
                  "AggressiveStdFindModeling",
                  "Enables exploration of the failure branch in std::find-like "
                  "functions.",
                  "false",
                  Released>
  ]>,
  Dependencies<[ContainerModeling]>,
  Documentation<NotDocumented>;

def InvalidatedIteratorChecker : Checker<"InvalidatedIterator">,
  HelpText<"Check for use of invalidated iterators">,
  Dependencies<[IteratorModeling]>,
  Documentation<HasDocumentation>;

def IteratorRangeChecker : Checker<"IteratorRange">,
  HelpText<"Check for iterators used outside their valid ranges">,
  Dependencies<[IteratorModeling]>,
  Documentation<HasDocumentation>;

def MismatchedIteratorChecker : Checker<"MismatchedIterator">,
  HelpText<"Check for use of iterators of different containers where iterators "
           "of the same container are expected">,
  Dependencies<[IteratorModeling]>,
  Documentation<HasDocumentation>;

def SmartPtrChecker: Checker<"SmartPtr">,
  HelpText<"Find the dereference of null SmrtPtr">,
  Dependencies<[SmartPtrModeling]>,
  Documentation<HasDocumentation>;

} // end: "alpha.cplusplus"


//===----------------------------------------------------------------------===//
// Valist checkers.
//===----------------------------------------------------------------------===//

let ParentPackage = Valist in {

def ValistBase : Checker<"ValistBase">,
  HelpText<"Gathers information about va_lists.">,
  Documentation<NotDocumented>,
  Hidden;

def UninitializedChecker : Checker<"Uninitialized">,
  HelpText<"Check for usages of uninitialized (or already released) va_lists.">,
  Dependencies<[ValistBase]>,
  Documentation<NotDocumented>;

def UnterminatedChecker : Checker<"Unterminated">,
  HelpText<"Check for va_lists which are not released by a va_end call.">,
  Dependencies<[ValistBase]>,
  Documentation<NotDocumented>;

def CopyToSelfChecker : Checker<"CopyToSelf">,
  HelpText<"Check for va_lists which are copied onto itself.">,
  Dependencies<[ValistBase]>,
  Documentation<NotDocumented>;

} // end : "valist"

//===----------------------------------------------------------------------===//
// Deadcode checkers.
//===----------------------------------------------------------------------===//

let ParentPackage = DeadCode in {

def DeadStoresChecker : Checker<"DeadStores">,
  HelpText<"Check for values stored to variables that are never read "
           "afterwards">,
  CheckerOptions<[
    CmdLineOption<Boolean,
                  "WarnForDeadNestedAssignments",
                  "Warns for deadstores in nested assignments."
                  "E.g.: if ((P = f())) where P is unused.",
                  "true",
                  Released>,
    CmdLineOption<Boolean,
                  "ShowFixIts",
                  "Enable fix-it hints for this checker",
                  "false",
                  InAlpha>
  ]>,
  Documentation<HasDocumentation>;

} // end DeadCode

let ParentPackage = DeadCodeAlpha in {

def UnreachableCodeChecker : Checker<"UnreachableCode">,
  HelpText<"Check unreachable code">,
  Documentation<HasDocumentation>;

} // end "alpha.deadcode"

//===----------------------------------------------------------------------===//
// Performance checkers.
//===----------------------------------------------------------------------===//

let ParentPackage = Performance in {

def PaddingChecker : Checker<"Padding">,
  HelpText<"Check for excessively padded structs.">,
  CheckerOptions<[
    CmdLineOption<Integer,
                  "AllowedPad",
                  "Reports are only generated if the excessive padding exceeds "
                  "'AllowedPad' in bytes.",
                  "24",
                  Released>
  ]>,
  Documentation<HasDocumentation>;

} // end: "padding"

//===----------------------------------------------------------------------===//
// Security checkers.
//===----------------------------------------------------------------------===//

let ParentPackage = InsecureAPI in {

def SecuritySyntaxChecker : Checker<"SecuritySyntaxChecker">,
  HelpText<"Base of various security function related checkers">,
  Documentation<NotDocumented>,
  Hidden;

def bcmp : Checker<"bcmp">,
  HelpText<"Warn on uses of the 'bcmp' function">,
  Dependencies<[SecuritySyntaxChecker]>,
  Documentation<HasDocumentation>;

def bcopy : Checker<"bcopy">,
  HelpText<"Warn on uses of the 'bcopy' function">,
  Dependencies<[SecuritySyntaxChecker]>,
  Documentation<HasDocumentation>;

def bzero : Checker<"bzero">,
  HelpText<"Warn on uses of the 'bzero' function">,
  Dependencies<[SecuritySyntaxChecker]>,
  Documentation<HasDocumentation>;

def gets : Checker<"gets">,
  HelpText<"Warn on uses of the 'gets' function">,
  Dependencies<[SecuritySyntaxChecker]>,
  Documentation<HasDocumentation>;

def getpw : Checker<"getpw">,
  HelpText<"Warn on uses of the 'getpw' function">,
  Dependencies<[SecuritySyntaxChecker]>,
  Documentation<HasDocumentation>;

def mktemp : Checker<"mktemp">,
  HelpText<"Warn on uses of the 'mktemp' function">,
  Dependencies<[SecuritySyntaxChecker]>,
  Documentation<HasDocumentation>;

def mkstemp : Checker<"mkstemp">,
  HelpText<"Warn when 'mkstemp' is passed fewer than 6 X's in the format "
           "string">,
  Dependencies<[SecuritySyntaxChecker]>,
  Documentation<HasDocumentation>;

def rand : Checker<"rand">,
  HelpText<"Warn on uses of the 'rand', 'random', and related functions">,
  Dependencies<[SecuritySyntaxChecker]>,
  Documentation<HasDocumentation>;

def strcpy : Checker<"strcpy">,
  HelpText<"Warn on uses of the 'strcpy' and 'strcat' functions">,
  Dependencies<[SecuritySyntaxChecker]>,
  Documentation<HasDocumentation>;

def vfork : Checker<"vfork">,
  HelpText<"Warn on uses of the 'vfork' function">,
  Dependencies<[SecuritySyntaxChecker]>,
  Documentation<HasDocumentation>;

def UncheckedReturn : Checker<"UncheckedReturn">,
  HelpText<"Warn on uses of functions whose return values must be always "
           "checked">,
  Dependencies<[SecuritySyntaxChecker]>,
  Documentation<HasDocumentation>;

def DeprecatedOrUnsafeBufferHandling :
  Checker<"DeprecatedOrUnsafeBufferHandling">,
  HelpText<"Warn on uses of unsecure or deprecated buffer manipulating "
           "functions">,
  Dependencies<[SecuritySyntaxChecker]>,
  Documentation<HasDocumentation>;

def decodeValueOfObjCType : Checker<"decodeValueOfObjCType">,
  HelpText<"Warn on uses of the '-decodeValueOfObjCType:at:' method">,
  Dependencies<[SecuritySyntaxChecker]>,
  Documentation<HasDocumentation>;

} // end "security.insecureAPI"

let ParentPackage = Security in {

def FloatLoopCounter : Checker<"FloatLoopCounter">,
  HelpText<"Warn on using a floating point value as a loop counter (CERT: "
           "FLP30-C, FLP30-CPP)">,
  Dependencies<[SecuritySyntaxChecker]>,
  Documentation<HasDocumentation>;

def PutenvStackArray : Checker<"PutenvStackArray">,
  HelpText<"Finds calls to the function 'putenv' which pass a pointer to "
           "an automatic (stack-allocated) array as the argument.">,
  Documentation<HasDocumentation>;

def SetgidSetuidOrderChecker : Checker<"SetgidSetuidOrder">,
  HelpText<"Warn on possible reversed order of 'setgid(getgid()))' and "
           "'setuid(getuid())' (CERT: POS36-C)">,
  Documentation<HasDocumentation>;

} // end "security"

let ParentPackage = ENV in {

  def InvalidPtrChecker : Checker<"InvalidPtr">,
  HelpText<"Finds usages of possibly invalidated pointers">,
  CheckerOptions<[
    CmdLineOption<Boolean,
                  "InvalidatingGetEnv",
                  "Regard getenv as an invalidating call (as per POSIX "
                  "standard), which can lead to false positives depending on "
                  "implementation.",
                  "false",
                  Released>,
  ]>,
  Documentation<HasDocumentation>;

} // end "security.cert.env"

let ParentPackage = SecurityAlpha in {

def ArrayBoundChecker : Checker<"ArrayBound">,
  HelpText<"Warn about buffer overflows (older checker)">,
  Documentation<HasDocumentation>;

def ArrayBoundCheckerV2 : Checker<"ArrayBoundV2">,
  HelpText<"Warn about buffer overflows (newer checker)">,
  Documentation<HasDocumentation>;

def MmapWriteExecChecker : Checker<"MmapWriteExec">,
  HelpText<"Warn on mmap() calls that are both writable and executable">,
  Documentation<HasDocumentation>;

def ReturnPointerRangeChecker : Checker<"ReturnPtrRange">,
  HelpText<"Check for an out-of-bound pointer being returned to callers">,
  Documentation<HasDocumentation>;

} // end "alpha.security"

//===----------------------------------------------------------------------===//
// Taint checkers.
//===----------------------------------------------------------------------===//

let ParentPackage = Taint in {

def TaintPropagationChecker : Checker<"TaintPropagation">, // Modelling checker
  HelpText<"Generate taint information used by other checkers">,
  CheckerOptions<[
    CmdLineOption<String,
                  "Config",
                  "Specifies the name of the configuration file.",
                  "",
                  InAlpha>,
  ]>,
  Documentation<NotDocumented>,
  Hidden;

def GenericTaintChecker : Checker<"GenericTaint">,
  HelpText<"Reports potential injection vulnerabilities">,
  Dependencies<[TaintPropagationChecker]>,
  Documentation<HasDocumentation>;

} // end "alpha.security.taint"

//===----------------------------------------------------------------------===//
// Mac OS X, Cocoa, and Core Foundation checkers.
//===----------------------------------------------------------------------===//

let ParentPackage = Cocoa in {

def RetainCountBase : Checker<"RetainCountBase">,
  HelpText<"Common base of various retain count related checkers">,
  Documentation<NotDocumented>,
  Hidden;

} // end "osx.cocoa"

let ParentPackage = OSX in {

def NSOrCFErrorDerefChecker : Checker<"NSOrCFErrorDerefChecker">,
  HelpText<"Implementation checker for NSErrorChecker and CFErrorChecker">,
  Documentation<NotDocumented>,
  Hidden;

def NumberObjectConversionChecker : Checker<"NumberObjectConversion">,
  HelpText<"Check for erroneous conversions of objects representing numbers "
           "into numbers">,
  CheckerOptions<[
    CmdLineOption<Boolean,
                  "Pedantic",
                  "Enables detection of more conversion patterns (which are "
                  "most likely more harmless, and therefore are more likely to "
                  "produce false positives).",
                  "false",
                  Released>
  ]>,
  Documentation<NotDocumented>;

def MacOSXAPIChecker : Checker<"API">,
  HelpText<"Check for proper uses of various Apple APIs">,
  Documentation<HasDocumentation>;

def MacOSKeychainAPIChecker : Checker<"SecKeychainAPI">,
  HelpText<"Check for proper uses of Secure Keychain APIs">,
  Documentation<HasDocumentation>;

def MIGChecker : Checker<"MIG">,
  HelpText<"Find violations of the Mach Interface Generator "
           "calling convention">,
  Documentation<NotDocumented>;

def ObjCPropertyChecker : Checker<"ObjCProperty">,
  HelpText<"Check for proper uses of Objective-C properties">,
  Documentation<NotDocumented>;

def OSObjectRetainCountChecker : Checker<"OSObjectRetainCount">,
  HelpText<"Check for leaks and improper reference count management for "
           "OSObject">,
  Dependencies<[RetainCountBase]>,
  Documentation<NotDocumented>;

} // end "osx"

let ParentPackage = Cocoa in {

def RunLoopAutoreleaseLeakChecker : Checker<"RunLoopAutoreleaseLeak">,
  HelpText<"Check for leaked memory in autorelease pools that will never be "
           "drained">,
  Documentation<NotDocumented>;

def ObjCAtSyncChecker : Checker<"AtSync">,
  HelpText<"Check for nil pointers used as mutexes for @synchronized">,
  Documentation<HasDocumentation>;

def NilArgChecker : Checker<"NilArg">,
  HelpText<"Check for prohibited nil arguments to ObjC method calls">,
  Documentation<HasDocumentation>;

def ClassReleaseChecker : Checker<"ClassRelease">,
  HelpText<"Check for sending 'retain', 'release', or 'autorelease' directly "
           "to a Class">,
  Documentation<HasDocumentation>;

def VariadicMethodTypeChecker : Checker<"VariadicMethodTypes">,
  HelpText<"Check for passing non-Objective-C types to variadic collection "
           "initialization methods that expect only Objective-C types">,
  Documentation<HasDocumentation>;

def NSAutoreleasePoolChecker : Checker<"NSAutoreleasePool">,
  HelpText<"Warn for suboptimal uses of NSAutoreleasePool in Objective-C GC "
           "mode">,
  Documentation<HasDocumentation>;

def ObjCMethSigsChecker : Checker<"IncompatibleMethodTypes">,
  HelpText<"Warn about Objective-C method signatures with type "
           "incompatibilities">,
  Documentation<HasDocumentation>;

def ObjCUnusedIvarsChecker : Checker<"UnusedIvars">,
  HelpText<"Warn about private ivars that are never used">,
  Documentation<HasDocumentation>;

def ObjCSelfInitChecker : Checker<"SelfInit">,
  HelpText<"Check that 'self' is properly initialized inside an initializer "
           "method">,
  Documentation<HasDocumentation>;

def ObjCLoopChecker : Checker<"Loops">,
  HelpText<"Improved modeling of loops using Cocoa collection types">,
  Documentation<NotDocumented>;

def ObjCNonNilReturnValueChecker : Checker<"NonNilReturnValue">,
  HelpText<"Model the APIs that are guaranteed to return a non-nil value">,
  Documentation<NotDocumented>;

def ObjCSuperCallChecker : Checker<"MissingSuperCall">,
  HelpText<"Warn about Objective-C methods that lack a necessary call to "
           "super">,
  Documentation<NotDocumented>;

def NSErrorChecker : Checker<"NSError">,
  HelpText<"Check usage of NSError** parameters">,
  Dependencies<[NSOrCFErrorDerefChecker]>,
  Documentation<HasDocumentation>;

def RetainCountChecker : Checker<"RetainCount">,
  HelpText<"Check for leaks and improper reference count management">,
  CheckerOptions<[
    CmdLineOption<Boolean,
                  "TrackNSCFStartParam",
                  "Check not only that the code follows retain-release rules "
                  "with respect to objects it allocates or borrows from "
                  "elsewhere, but also that it fulfills its own retain count "
                  "specification with respect to objects that it receives as "
                  "arguments.",
                  "false",
                  Released>
  ]>,
  Dependencies<[RetainCountBase]>,
  Documentation<HasDocumentation>;

def ObjCGenericsChecker : Checker<"ObjCGenerics">,
  HelpText<"Check for type errors when using Objective-C generics">,
  Dependencies<[DynamicTypePropagation]>,
  Documentation<HasDocumentation>;

def ObjCDeallocChecker : Checker<"Dealloc">,
  HelpText<"Warn about Objective-C classes that lack a correct implementation "
           "of -dealloc">,
  Documentation<HasDocumentation>;

def ObjCSuperDeallocChecker : Checker<"SuperDealloc">,
  HelpText<"Warn about improper use of '[super dealloc]' in Objective-C">,
  Documentation<HasDocumentation>;

def AutoreleaseWriteChecker : Checker<"AutoreleaseWrite">,
  HelpText<"Warn about potentially crashing writes to autoreleasing objects "
           "from different autoreleasing pools in Objective-C">,
  Documentation<NotDocumented>;

} // end "osx.cocoa"

let ParentPackage = Performance in {

def GCDAntipattern : Checker<"GCDAntipattern">,
  HelpText<"Check for performance anti-patterns when using Grand Central "
           "Dispatch">,
  Documentation<NotDocumented>;
} // end "optin.performance"

let ParentPackage = OSXOptIn in {

def OSObjectCStyleCast : Checker<"OSObjectCStyleCast">,
  HelpText<"Checker for C-style casts of OSObjects">,
  Documentation<NotDocumented>;

} // end "optin.osx"

let ParentPackage = CocoaAlpha in {

def IvarInvalidationModeling : Checker<"IvarInvalidationModeling">,
  HelpText<"Gathers information for annotation driven invalidation checking "
           "for classes that contains a method annotated with "
           "'objc_instance_variable_invalidator'">,
  Documentation<NotDocumented>,
  Hidden;

def InstanceVariableInvalidation : Checker<"InstanceVariableInvalidation">,
  HelpText<"Check that the invalidatable instance variables are invalidated in "
           "the methods annotated with objc_instance_variable_invalidator">,
  Dependencies<[IvarInvalidationModeling]>,
  Documentation<HasDocumentation>;

def MissingInvalidationMethod : Checker<"MissingInvalidationMethod">,
  HelpText<"Check that the invalidation methods are present in classes that "
           "contain invalidatable instance variables">,
  Dependencies<[IvarInvalidationModeling]>,
  Documentation<HasDocumentation>;

def DirectIvarAssignment : Checker<"DirectIvarAssignment">,
  HelpText<"Check for direct assignments to instance variables">,
  CheckerOptions<[
    CmdLineOption<Boolean,
                  "AnnotatedFunctions",
                  "Check for direct assignments to instance variables in the "
                  "methods annotated with "
                  "objc_no_direct_instance_variable_assignment",
                  "false",
                  InAlpha>
  ]>,
  Documentation<HasDocumentation>;

} // end "alpha.osx.cocoa"

let ParentPackage = CoreFoundation in {

def CFNumberChecker : Checker<"CFNumber">,
  HelpText<"Check for proper uses of CFNumber APIs">,
  Documentation<HasDocumentation>;

def CFRetainReleaseChecker : Checker<"CFRetainRelease">,
  HelpText<"Check for null arguments to CFRetain/CFRelease/CFMakeCollectable">,
  Documentation<HasDocumentation>;

def CFErrorChecker : Checker<"CFError">,
  HelpText<"Check usage of CFErrorRef* parameters">,
  Dependencies<[NSOrCFErrorDerefChecker]>,
  Documentation<HasDocumentation>;

} // end "osx.coreFoundation"

let ParentPackage = Containers in {

def ObjCContainersASTChecker : Checker<"PointerSizedValues">,
  HelpText<"Warns if 'CFArray', 'CFDictionary', 'CFSet' are created with "
           "non-pointer-size values">,
  Documentation<HasDocumentation>;

def ObjCContainersChecker : Checker<"OutOfBounds">,
  HelpText<"Checks for index out-of-bounds when using 'CFArray' API">,
  Documentation<HasDocumentation>;

} // end "osx.coreFoundation.containers"

let ParentPackage = LocalizabilityOptIn in {

def NonLocalizedStringChecker : Checker<"NonLocalizedStringChecker">,
  HelpText<"Warns about uses of non-localized NSStrings passed to UI methods "
           "expecting localized NSStrings">,
  CheckerOptions<[
    CmdLineOption<Boolean,
                  "AggressiveReport",
                  "Marks a string being returned by any call as localized if "
                  "it is in LocStringFunctions (LSF) or the function is "
                  "annotated. Otherwise, we mark it as NonLocalized "
                  "(Aggressive) or NonLocalized only if it is not backed by a "
                  "SymRegion (Non-Aggressive), basically leaving only string "
                  "literals as NonLocalized.",
                  "false",
                  InAlpha,
                  Hide>
  ]>,
  Documentation<HasDocumentation>;

def EmptyLocalizationContextChecker :
  Checker<"EmptyLocalizationContextChecker">,
  HelpText<"Check that NSLocalizedString macros include a comment for context">,
  Documentation<HasDocumentation>;

} // end "optin.osx.cocoa.localizability"

let ParentPackage = LocalizabilityAlpha in {

def PluralMisuseChecker : Checker<"PluralMisuseChecker">,
  HelpText<"Warns against using one vs. many plural pattern in code when "
           "generating localized strings.">,
  Documentation<HasDocumentation>;

} // end "alpha.osx.cocoa.localizability"

let ParentPackage = MPI in {

def MPIChecker : Checker<"MPI-Checker">,
  HelpText<"Checks MPI code">,
  Documentation<HasDocumentation>;

} // end "optin.mpi"

//===----------------------------------------------------------------------===//
// Checkers for LLVM development.
//===----------------------------------------------------------------------===//

let ParentPackage = LLVMAlpha in {

def LLVMConventionsChecker : Checker<"Conventions">,
  HelpText<"Check code for LLVM codebase conventions">,
  Documentation<HasDocumentation>;

} // end "llvm"

let ParentPackage = LLVMAPIModeling in {

def CastValueChecker : Checker<"CastValue">,
  HelpText<"Model implementation of custom RTTIs">,
  Documentation<NotDocumented>;

def ReturnValueChecker : Checker<"ReturnValue">,
  HelpText<"Model certain Error() methods that always return true by convention">,
  Documentation<NotDocumented>;

} // end "apiModeling.llvm"

//===----------------------------------------------------------------------===//
// Checkers modeling Google APIs.
//===----------------------------------------------------------------------===//

let ParentPackage = GoogleAPIModeling in {

def GTestChecker : Checker<"GTest">,
  HelpText<"Model gtest assertion APIs">,
  Documentation<NotDocumented>;

} // end "apiModeling.google"

//===----------------------------------------------------------------------===//
// Debugging checkers (for analyzer development).
//===----------------------------------------------------------------------===//

let ParentPackage = Debug in {

def AnalysisOrderChecker : Checker<"AnalysisOrder">,
  HelpText<"Print callbacks that are called during analysis in order">,
  CheckerOptions<[
    CmdLineOption<Boolean,
                  "PreStmtCastExpr",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "PostStmtCastExpr",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "PreStmtArraySubscriptExpr",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "PostStmtArraySubscriptExpr",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "PreStmtCXXNewExpr",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "PostStmtCXXNewExpr",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "PreStmtCXXDeleteExpr",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "PostStmtCXXDeleteExpr",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "PreStmtCXXConstructExpr",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "PostStmtCXXConstructExpr",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "PreStmtOffsetOfExpr",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "PostStmtOffsetOfExpr",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "EvalCall",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "PreCall",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "PostCall",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "EndFunction",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "EndAnalysis",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "NewAllocator",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "Bind",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "LiveSymbols",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "RegionChanges",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "PointerEscape",
                  "",
                  "false",
                  Released,
                  Hide>,
    CmdLineOption<Boolean,
                  "*",
                  "Enables all callbacks.",
                  "false",
                  Released,
                  Hide>
  ]>,
  Documentation<NotDocumented>;

def DominatorsTreeDumper : Checker<"DumpDominators">,
  HelpText<"Print the dominance tree for a given CFG">,
  Documentation<NotDocumented>;

def PostDominatorsTreeDumper : Checker<"DumpPostDominators">,
  HelpText<"Print the post dominance tree for a given CFG">,
  Documentation<NotDocumented>;

def ControlDependencyTreeDumper : Checker<"DumpControlDependencies">,
  HelpText<"Print the post control dependency tree for a given CFG">,
  Documentation<NotDocumented>;

def LiveVariablesDumper : Checker<"DumpLiveVars">,
  HelpText<"Print results of live variable analysis">,
  Documentation<NotDocumented>;

def LiveExpressionsDumper : Checker<"DumpLiveExprs">,
  HelpText<"Print results of live expression analysis">,
  Documentation<NotDocumented>;

def CFGViewer : Checker<"ViewCFG">,
  HelpText<"View Control-Flow Graphs using GraphViz">,
  Documentation<NotDocumented>;

def CFGDumper : Checker<"DumpCFG">,
  HelpText<"Display Control-Flow Graphs">,
  Documentation<NotDocumented>;

def CallGraphViewer : Checker<"ViewCallGraph">,
  HelpText<"View Call Graph using GraphViz">,
  Documentation<NotDocumented>;

def CallGraphDumper : Checker<"DumpCallGraph">,
  HelpText<"Display Call Graph">,
  Documentation<NotDocumented>;

def ConfigDumper : Checker<"ConfigDumper">,
  HelpText<"Dump config table">,
  Documentation<NotDocumented>;

def TraversalDumper : Checker<"DumpTraversal">,
  HelpText<"Print branch conditions as they are traversed by the engine">,
  Documentation<NotDocumented>;

def CallDumper : Checker<"DumpCalls">,
  HelpText<"Print calls as they are traversed by the engine">,
  Documentation<NotDocumented>;

def AnalyzerStatsChecker : Checker<"Stats">,
  HelpText<"Emit warnings with analyzer statistics">,
  Documentation<NotDocumented>;

def TaintTesterChecker : Checker<"TaintTest">,
  HelpText<"Mark tainted symbols as such.">,
  Documentation<NotDocumented>;

// This checker *technically* depends on SteamChecker, but we don't allow
// dependency checkers to emit diagnostics, and a debug checker isn't worth
// the chore needed to create a modeling portion on its own. Since this checker
// is for development purposes only anyways, make sure that StreamChecker is
// also enabled, at least for the time being.
def StreamTesterChecker : Checker<"StreamTester">,
  HelpText<"Add test functions to StreamChecker for test and debugging "
           "purposes.">,
  WeakDependencies<[StreamChecker]>,
  Documentation<NotDocumented>;

def ErrnoTesterChecker : Checker<"ErrnoTest">,
  HelpText<"Check modeling aspects of 'errno'.">,
  Dependencies<[ErrnoModeling]>,
  Documentation<NotDocumented>;

def ExprInspectionChecker : Checker<"ExprInspection">,
  HelpText<"Check the analyzer's understanding of expressions">,
  Documentation<NotDocumented>;

def ExplodedGraphViewer : Checker<"ViewExplodedGraph">,
  HelpText<"View Exploded Graphs using GraphViz">,
  Documentation<NotDocumented>;

def ReportStmts : Checker<"ReportStmts">,
  HelpText<"Emits a warning for every statement.">,
  Documentation<NotDocumented>;

def DebugContainerModeling : Checker<"DebugContainerModeling">,
  HelpText<"Check the analyzer's understanding of C++ containers">,
  Dependencies<[ContainerModeling]>,
  Documentation<NotDocumented>;

def DebugIteratorModeling : Checker<"DebugIteratorModeling">,
  HelpText<"Check the analyzer's understanding of C++ iterators">,
  Dependencies<[DebugContainerModeling, IteratorModeling]>,
  Documentation<NotDocumented>;

def StdCLibraryFunctionsTesterChecker : Checker<"StdCLibraryFunctionsTester">,
  HelpText<"Add test functions to the summary map, so testing of individual "
           "summary constituents becomes possible.">,
  WeakDependencies<[StdCLibraryFunctionsChecker]>,
  Documentation<NotDocumented>;

def CheckerDocumentationChecker : Checker<"CheckerDocumentation">,
  HelpText<"Defines an empty checker callback for all possible handlers.">,
  Documentation<NotDocumented>;

} // end "debug"


//===----------------------------------------------------------------------===//
// Clone Detection
//===----------------------------------------------------------------------===//

let ParentPackage = CloneDetectionAlpha in {

def CloneChecker : Checker<"CloneChecker">,
  HelpText<"Reports similar pieces of code.">,
  CheckerOptions<[
    CmdLineOption<Integer,
                  "MinimumCloneComplexity",
                  "Ensures that every clone has at least the given complexity. "
                  "Complexity is here defined as the total amount of children "
                  "of a statement. This constraint assumes the first statement "
                  "in the group is representative for all other statements in "
                  "the group in terms of complexity.",
                  "50",
                  Released>,
    CmdLineOption<Boolean,
                  "ReportNormalClones",
                  "Report all clones, even less suspicious ones.",
                  "true",
                  Released>,
    CmdLineOption<String,
                  "IgnoredFilesPattern",
                  "If supplied, the checker wont analyze files with a filename "
                  "that matches the given pattern.",
                  "\"\"",
                  Released>
  ]>,
  Documentation<HasDocumentation>;

} // end "clone"

//===----------------------------------------------------------------------===//
// Portability checkers.
//===----------------------------------------------------------------------===//

let ParentPackage = PortabilityOptIn in {

def UnixAPIPortabilityChecker : Checker<"UnixAPI">,
  HelpText<"Finds implementation-defined behavior in UNIX/Posix functions">,
  Documentation<NotDocumented>;

} // end optin.portability


//===----------------------------------------------------------------------===//
// Taint checkers.
//===----------------------------------------------------------------------===//

let ParentPackage = TaintOptIn in {

def TaintedAllocChecker: Checker<"TaintedAlloc">,
  HelpText<"Check for memory allocations, where the size parameter "
           "might be a tainted (attacker controlled) value.">,
  Dependencies<[DynamicMemoryModeling, TaintPropagationChecker]>,
  Documentation<HasDocumentation>;

} // end "optin.taint"

//===----------------------------------------------------------------------===//
// NonDeterminism checkers.
//===----------------------------------------------------------------------===//

let ParentPackage = NonDeterminismAlpha in {

def PointerIterationChecker : Checker<"PointerIteration">,
  HelpText<"Checks for non-determinism caused by iteration of unordered containers of pointers">,
  Documentation<HasDocumentation>;

def PointerSortingChecker : Checker<"PointerSorting">,
  HelpText<"Check for non-determinism caused by sorting of pointers">,
  Documentation<HasDocumentation>;

} // end alpha.nondeterminism

//===----------------------------------------------------------------------===//
// Fuchsia checkers.
//===----------------------------------------------------------------------===//

let ParentPackage = Fuchsia in {

def FuchsiaHandleChecker : Checker<"HandleChecker">,
  HelpText<"A Checker that detect leaks related to Fuchsia handles">,
  Documentation<HasDocumentation>;

}

let ParentPackage = FuchsiaAlpha in {

def FuchsiaLockChecker : Checker<"Lock">,
  HelpText<"Check for the correct usage of locking APIs.">,
  Dependencies<[PthreadLockBase]>,
  Documentation<HasDocumentation>;

} // end fuchsia

//===----------------------------------------------------------------------===//
// WebKit checkers.
//===----------------------------------------------------------------------===//

let ParentPackage = WebKit in {

def RefCntblBaseVirtualDtorChecker : Checker<"RefCntblBaseVirtualDtor">,
  HelpText<"Check for any ref-countable base class having virtual destructor.">,
  Documentation<HasDocumentation>;

def NoUncountedMemberChecker : Checker<"NoUncountedMemberChecker">,
  HelpText<"Check for no uncounted member variables.">,
  Documentation<HasDocumentation>;

def UncountedLambdaCapturesChecker : Checker<"UncountedLambdaCapturesChecker">,
  HelpText<"Check uncounted lambda captures.">,
  Documentation<HasDocumentation>;

} // end webkit

let ParentPackage = WebKitAlpha in {

def UncountedCallArgsChecker : Checker<"UncountedCallArgsChecker">,
  HelpText<"Check uncounted call arguments.">,
  Documentation<HasDocumentation>;

def UncountedLocalVarsChecker : Checker<"UncountedLocalVarsChecker">,
  HelpText<"Check uncounted local variables.">,
  Documentation<HasDocumentation>;

} // end alpha.webkit