CallEvent.h revision 6bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89
1f540c54701e3eeb34cb619a3a4eb18f1ac70ef2dJordan Rose//===- CallEvent.h - Wrapper for all function and method calls ----*- C++ -*--// 2740d490593e0de8732a697c9f77b90ddd463863bJordan Rose// 3740d490593e0de8732a697c9f77b90ddd463863bJordan Rose// The LLVM Compiler Infrastructure 4740d490593e0de8732a697c9f77b90ddd463863bJordan Rose// 5740d490593e0de8732a697c9f77b90ddd463863bJordan Rose// This file is distributed under the University of Illinois Open Source 6740d490593e0de8732a697c9f77b90ddd463863bJordan Rose// License. See LICENSE.TXT for details. 7740d490593e0de8732a697c9f77b90ddd463863bJordan Rose// 8740d490593e0de8732a697c9f77b90ddd463863bJordan Rose//===----------------------------------------------------------------------===// 9740d490593e0de8732a697c9f77b90ddd463863bJordan Rose// 10740d490593e0de8732a697c9f77b90ddd463863bJordan Rose/// \file This file defines CallEvent and its subclasses, which represent path- 11740d490593e0de8732a697c9f77b90ddd463863bJordan Rose/// sensitive instances of different kinds of function and method calls 12740d490593e0de8732a697c9f77b90ddd463863bJordan Rose/// (C, C++, and Objective-C). 13740d490593e0de8732a697c9f77b90ddd463863bJordan Rose// 14740d490593e0de8732a697c9f77b90ddd463863bJordan Rose//===----------------------------------------------------------------------===// 15740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 16740d490593e0de8732a697c9f77b90ddd463863bJordan Rose#ifndef LLVM_CLANG_STATICANALYZER_PATHSENSITIVE_CALL 17740d490593e0de8732a697c9f77b90ddd463863bJordan Rose#define LLVM_CLANG_STATICANALYZER_PATHSENSITIVE_CALL 18740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 19740d490593e0de8732a697c9f77b90ddd463863bJordan Rose#include "clang/AST/DeclCXX.h" 20740d490593e0de8732a697c9f77b90ddd463863bJordan Rose#include "clang/AST/ExprCXX.h" 21740d490593e0de8732a697c9f77b90ddd463863bJordan Rose#include "clang/AST/ExprObjC.h" 22a43df9539644bf1c258e12710cd69d79b0b078cdTed Kremenek#include "clang/Analysis/AnalysisContext.h" 2330a2e16f6c27f888dd11eba6bbbae1e980078fcbChandler Carruth#include "clang/Basic/SourceManager.h" 24de507eaf3cb54d3cb234dc14499c10ab3373d15fJordan Rose#include "clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h" 25740d490593e0de8732a697c9f77b90ddd463863bJordan Rose#include "clang/StaticAnalyzer/Core/PathSensitive/SVals.h" 26b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose#include "llvm/ADT/PointerIntPair.h" 27740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 28740d490593e0de8732a697c9f77b90ddd463863bJordan Rosenamespace clang { 2928038f33aa2db4833881fea757a1f0daf85ac02bJordan Roseclass ProgramPoint; 3028038f33aa2db4833881fea757a1f0daf85ac02bJordan Roseclass ProgramPointTag; 3128038f33aa2db4833881fea757a1f0daf85ac02bJordan Rose 32740d490593e0de8732a697c9f77b90ddd463863bJordan Rosenamespace ento { 33740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 34740d490593e0de8732a697c9f77b90ddd463863bJordan Roseenum CallEventKind { 35740d490593e0de8732a697c9f77b90ddd463863bJordan Rose CE_Function, 36645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose CE_CXXMember, 37645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose CE_CXXMemberOperator, 388d276d38c258dfc572586daf6c0e8f8fce249c0eJordan Rose CE_CXXDestructor, 39645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose CE_BEG_CXX_INSTANCE_CALLS = CE_CXXMember, 40645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose CE_END_CXX_INSTANCE_CALLS = CE_CXXDestructor, 41645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose CE_CXXConstructor, 4270cbf3cc09eb21db1108396d30a414ea66d842ccJordan Rose CE_CXXAllocator, 43740d490593e0de8732a697c9f77b90ddd463863bJordan Rose CE_BEG_FUNCTION_CALLS = CE_Function, 4470cbf3cc09eb21db1108396d30a414ea66d842ccJordan Rose CE_END_FUNCTION_CALLS = CE_CXXAllocator, 45651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines CE_Block, 468919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose CE_ObjCMessage 47740d490593e0de8732a697c9f77b90ddd463863bJordan Rose}; 48740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 49972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Roseclass CallEvent; 50d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Roseclass CallEventManager; 51972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 52d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rosetemplate<typename T = CallEvent> 53d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Roseclass CallEventRef : public IntrusiveRefCntPtr<const T> { 54d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rosepublic: 55d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose CallEventRef(const T *Call) : IntrusiveRefCntPtr<const T>(Call) {} 56d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose CallEventRef(const CallEventRef &Orig) : IntrusiveRefCntPtr<const T>(Orig) {} 57d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 58d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose CallEventRef<T> cloneWithState(ProgramStateRef State) const { 59d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose return this->getPtr()->template cloneWithState<T>(State); 60d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose } 6157c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose 6257c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose // Allow implicit conversions to a superclass type, since CallEventRef 6357c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose // behaves like a pointer-to-const. 6457c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose template <typename SuperT> 6557c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose operator CallEventRef<SuperT> () const { 6657c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose return this->getPtr(); 6757c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose } 68d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose}; 69b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose 701becab2120142b1be87d684a68d3bea98f5abfb5Anna Zaks/// \class RuntimeDefinition 715960f4aeac9760198c80e05d70d8dadb1db0ff0eAnna Zaks/// \brief Defines the runtime definition of the called function. 721becab2120142b1be87d684a68d3bea98f5abfb5Anna Zaks/// 731becab2120142b1be87d684a68d3bea98f5abfb5Anna Zaks/// Encapsulates the information we have about which Decl will be used 741becab2120142b1be87d684a68d3bea98f5abfb5Anna Zaks/// when the call is executed on the given path. When dealing with dynamic 751becab2120142b1be87d684a68d3bea98f5abfb5Anna Zaks/// dispatch, the information is based on DynamicTypeInfo and might not be 761becab2120142b1be87d684a68d3bea98f5abfb5Anna Zaks/// precise. 77fc05decf08feefd2ffe8cc250219aee6eab3119cAnna Zaksclass RuntimeDefinition { 781becab2120142b1be87d684a68d3bea98f5abfb5Anna Zaks /// The Declaration of the function which could be called at runtime. 791becab2120142b1be87d684a68d3bea98f5abfb5Anna Zaks /// NULL if not available. 80fc05decf08feefd2ffe8cc250219aee6eab3119cAnna Zaks const Decl *D; 815960f4aeac9760198c80e05d70d8dadb1db0ff0eAnna Zaks 825960f4aeac9760198c80e05d70d8dadb1db0ff0eAnna Zaks /// The region representing an object (ObjC/C++) on which the method is 835960f4aeac9760198c80e05d70d8dadb1db0ff0eAnna Zaks /// called. With dynamic dispatch, the method definition depends on the 841becab2120142b1be87d684a68d3bea98f5abfb5Anna Zaks /// runtime type of this object. NULL when the DynamicTypeInfo is 851becab2120142b1be87d684a68d3bea98f5abfb5Anna Zaks /// precise. 86fc05decf08feefd2ffe8cc250219aee6eab3119cAnna Zaks const MemRegion *R; 875960f4aeac9760198c80e05d70d8dadb1db0ff0eAnna Zaks 88fc05decf08feefd2ffe8cc250219aee6eab3119cAnna Zakspublic: 896bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89Stephen Hines RuntimeDefinition(): D(nullptr), R(nullptr) {} 906bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89Stephen Hines RuntimeDefinition(const Decl *InD): D(InD), R(nullptr) {} 91fc05decf08feefd2ffe8cc250219aee6eab3119cAnna Zaks RuntimeDefinition(const Decl *InD, const MemRegion *InR): D(InD), R(InR) {} 925960f4aeac9760198c80e05d70d8dadb1db0ff0eAnna Zaks const Decl *getDecl() { return D; } 931becab2120142b1be87d684a68d3bea98f5abfb5Anna Zaks 941becab2120142b1be87d684a68d3bea98f5abfb5Anna Zaks /// \brief Check if the definition we have is precise. 951becab2120142b1be87d684a68d3bea98f5abfb5Anna Zaks /// If not, it is possible that the call dispatches to another definition at 961becab2120142b1be87d684a68d3bea98f5abfb5Anna Zaks /// execution time. 976bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89Stephen Hines bool mayHaveOtherDefinitions() { return R != nullptr; } 981becab2120142b1be87d684a68d3bea98f5abfb5Anna Zaks 991becab2120142b1be87d684a68d3bea98f5abfb5Anna Zaks /// When other definitions are possible, returns the region whose runtime type 1001becab2120142b1be87d684a68d3bea98f5abfb5Anna Zaks /// determines the method definition. 1011becab2120142b1be87d684a68d3bea98f5abfb5Anna Zaks const MemRegion *getDispatchRegion() { return R; } 102e90d3f847dcce76237078b67db8895eb7a24189eAnna Zaks}; 103e90d3f847dcce76237078b67db8895eb7a24189eAnna Zaks 104740d490593e0de8732a697c9f77b90ddd463863bJordan Rose/// \brief Represents an abstract call to a function or method along a 105740d490593e0de8732a697c9f77b90ddd463863bJordan Rose/// particular path. 106972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose/// 107972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose/// CallEvents are created through the factory methods of CallEventManager. 108972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose/// 109972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose/// CallEvents should always be cheap to create and destroy. In order for 110972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose/// CallEventManager to be able to re-use CallEvent-sized memory blocks, 111972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose/// subclasses of CallEvent may not add any data members to the base class. 112972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose/// Use the "Data" and "Location" fields instead. 113740d490593e0de8732a697c9f77b90ddd463863bJordan Roseclass CallEvent { 114740d490593e0de8732a697c9f77b90ddd463863bJordan Rosepublic: 115740d490593e0de8732a697c9f77b90ddd463863bJordan Rose typedef CallEventKind Kind; 116740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 117b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Roseprivate: 1187c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose ProgramStateRef State; 1197c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose const LocationContext *LCtx; 120b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose llvm::PointerUnion<const Expr *, const Decl *> Origin; 121b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose 122f56faa01936b9cf909623d7f06e3c2569ca4a78eDmitri Gribenko void operator=(const CallEvent &) LLVM_DELETED_FUNCTION; 1237c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose 124740d490593e0de8732a697c9f77b90ddd463863bJordan Roseprotected: 125b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose // This is user data for subclasses. 126b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose const void *Data; 127972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 128972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose // This is user data for subclasses. 129972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose // This should come right before RefCount, so that the two fields can be 130972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose // packed together on LP64 platforms. 131b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose SourceLocation Location; 132b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose 133972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Roseprivate: 134972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose mutable unsigned RefCount; 135972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 136972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose template <typename T> friend struct llvm::IntrusiveRefCntPtrInfo; 137972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose void Retain() const { ++RefCount; } 138972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose void Release() const; 139972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 140972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Roseprotected: 141d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose friend class CallEventManager; 142d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 1435204d9e2fe0ea4e4b9c85087e355021c93221764Jordan Rose CallEvent(const Expr *E, ProgramStateRef state, const LocationContext *lctx) 144972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose : State(state), LCtx(lctx), Origin(E), RefCount(0) {} 145b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose 1465204d9e2fe0ea4e4b9c85087e355021c93221764Jordan Rose CallEvent(const Decl *D, ProgramStateRef state, const LocationContext *lctx) 147972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose : State(state), LCtx(lctx), Origin(D), RefCount(0) {} 148972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 149972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose // DO NOT MAKE PUBLIC 150972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose CallEvent(const CallEvent &Original) 151972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose : State(Original.State), LCtx(Original.LCtx), Origin(Original.Origin), 152972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose Data(Original.Data), Location(Original.Location), RefCount(0) {} 153b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose 154972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose /// Copies this CallEvent, with vtable intact, into a new block of memory. 155972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose virtual void cloneTo(void *Dest) const = 0; 156972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 157740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// \brief Get the value of arbitrary expressions at this point in the path. 158740d490593e0de8732a697c9f77b90ddd463863bJordan Rose SVal getSVal(const Stmt *S) const { 159b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose return getState()->getSVal(S, getLocationContext()); 160740d490593e0de8732a697c9f77b90ddd463863bJordan Rose } 161740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 162972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 163658a28479dd775f6ff2c07fa5699a7ea01e04127Anna Zaks typedef SmallVectorImpl<SVal> ValueList; 164740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 165740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// \brief Used to specify non-argument regions that will be invalidated as a 166740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// result of this call. 167658a28479dd775f6ff2c07fa5699a7ea01e04127Anna Zaks virtual void getExtraInvalidatedValues(ValueList &Values) const {} 168740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 169740d490593e0de8732a697c9f77b90ddd463863bJordan Rosepublic: 1707c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose virtual ~CallEvent() {} 1717c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose 172b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose /// \brief Returns the kind of call this is. 1737c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose virtual Kind getKind() const = 0; 174b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose 175740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// \brief Returns the declaration of the function or method that will be 176740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// called. May be null. 1777c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose virtual const Decl *getDecl() const { 1787c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose return Origin.dyn_cast<const Decl *>(); 1797c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose } 180740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 1815a90193ad825656d4a03099cd5e9c928d1782b5eAnna Zaks /// \brief The state in which the call is being evaluated. 1820a6e09f67c719c318856be19d57e19972101f62cJordan Rose const ProgramStateRef &getState() const { 1835a90193ad825656d4a03099cd5e9c928d1782b5eAnna Zaks return State; 1845a90193ad825656d4a03099cd5e9c928d1782b5eAnna Zaks } 1855a90193ad825656d4a03099cd5e9c928d1782b5eAnna Zaks 1865a90193ad825656d4a03099cd5e9c928d1782b5eAnna Zaks /// \brief The context in which the call is being evaluated. 1875a90193ad825656d4a03099cd5e9c928d1782b5eAnna Zaks const LocationContext *getLocationContext() const { 1885a90193ad825656d4a03099cd5e9c928d1782b5eAnna Zaks return LCtx; 1895a90193ad825656d4a03099cd5e9c928d1782b5eAnna Zaks } 1905a90193ad825656d4a03099cd5e9c928d1782b5eAnna Zaks 191ee158bc29bc12ce544996f7cdfde14aba63acf4dJordan Rose /// \brief Returns the definition of the function or method that will be 1925960f4aeac9760198c80e05d70d8dadb1db0ff0eAnna Zaks /// called. 193ddc0c4814788dda4ef224cd4d22d07154a6ede49Ted Kremenek virtual RuntimeDefinition getRuntimeDefinition() const = 0; 194ee158bc29bc12ce544996f7cdfde14aba63acf4dJordan Rose 195740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// \brief Returns the expression whose value will be the result of this call. 196740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// May be null. 197b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose const Expr *getOriginExpr() const { 198b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose return Origin.dyn_cast<const Expr *>(); 199b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose } 200740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 201740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// \brief Returns the number of arguments (explicit and implicit). 202740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// 203740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// Note that this may be greater than the number of parameters in the 204740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// callee's declaration, and that it may include arguments not written in 205740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// the source. 2067c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose virtual unsigned getNumArgs() const = 0; 207740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 208740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// \brief Returns true if the callee is known to be from a system header. 209740d490593e0de8732a697c9f77b90ddd463863bJordan Rose bool isInSystemHeader() const { 210740d490593e0de8732a697c9f77b90ddd463863bJordan Rose const Decl *D = getDecl(); 211740d490593e0de8732a697c9f77b90ddd463863bJordan Rose if (!D) 212740d490593e0de8732a697c9f77b90ddd463863bJordan Rose return false; 213740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 214740d490593e0de8732a697c9f77b90ddd463863bJordan Rose SourceLocation Loc = D->getLocation(); 215740d490593e0de8732a697c9f77b90ddd463863bJordan Rose if (Loc.isValid()) { 216740d490593e0de8732a697c9f77b90ddd463863bJordan Rose const SourceManager &SM = 217b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose getState()->getStateManager().getContext().getSourceManager(); 218740d490593e0de8732a697c9f77b90ddd463863bJordan Rose return SM.isInSystemHeader(D->getLocation()); 219740d490593e0de8732a697c9f77b90ddd463863bJordan Rose } 220740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 221740d490593e0de8732a697c9f77b90ddd463863bJordan Rose // Special case for implicitly-declared global operator new/delete. 222740d490593e0de8732a697c9f77b90ddd463863bJordan Rose // These should be considered system functions. 223740d490593e0de8732a697c9f77b90ddd463863bJordan Rose if (const FunctionDecl *FD = dyn_cast<FunctionDecl>(D)) 224740d490593e0de8732a697c9f77b90ddd463863bJordan Rose return FD->isOverloadedOperator() && FD->isImplicit() && FD->isGlobal(); 225740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 226740d490593e0de8732a697c9f77b90ddd463863bJordan Rose return false; 227740d490593e0de8732a697c9f77b90ddd463863bJordan Rose } 228740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 229de507eaf3cb54d3cb234dc14499c10ab3373d15fJordan Rose /// \brief Returns a source range for the entire call, suitable for 230de507eaf3cb54d3cb234dc14499c10ab3373d15fJordan Rose /// outputting in diagnostics. 2317c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose virtual SourceRange getSourceRange() const { 2327c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose return getOriginExpr()->getSourceRange(); 2337c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose } 234de507eaf3cb54d3cb234dc14499c10ab3373d15fJordan Rose 235740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// \brief Returns the value of a given argument at the time of the call. 2367c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose virtual SVal getArgSVal(unsigned Index) const; 237740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 238740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// \brief Returns the expression associated with a given argument. 239740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// May be null if this expression does not appear in the source. 2406bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89Stephen Hines virtual const Expr *getArgExpr(unsigned Index) const { return nullptr; } 241740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 242740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// \brief Returns the source range for errors associated with this argument. 2437c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose /// 244740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// May be invalid if the argument is not written in the source. 2457c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose virtual SourceRange getArgSourceRange(unsigned Index) const; 246740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 247740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// \brief Returns the result type, adjusted for references. 248740d490593e0de8732a697c9f77b90ddd463863bJordan Rose QualType getResultType() const; 249740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 2502f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// \brief Returns the return value of the call. 2512f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// 2522f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// This should only be called if the CallEvent was created using a state in 2532f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// which the return value has already been bound to the origin expression. 2542f3017f9cbd3774f690c979410bfec38423d03afJordan Rose SVal getReturnValue() const; 2552f3017f9cbd3774f690c979410bfec38423d03afJordan Rose 256740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// \brief Returns true if any of the arguments appear to represent callbacks. 257740d490593e0de8732a697c9f77b90ddd463863bJordan Rose bool hasNonZeroCallbackArg() const; 258740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 25985d7e01cf639b257d70f8a129709a2d7594d7b22Jordan Rose /// \brief Returns true if any of the arguments are known to escape to long- 26085d7e01cf639b257d70f8a129709a2d7594d7b22Jordan Rose /// term storage, even if this method will not modify them. 26185d7e01cf639b257d70f8a129709a2d7594d7b22Jordan Rose // NOTE: The exact semantics of this are still being defined! 26285d7e01cf639b257d70f8a129709a2d7594d7b22Jordan Rose // We don't really want a list of hardcoded exceptions in the long run, 26385d7e01cf639b257d70f8a129709a2d7594d7b22Jordan Rose // but we don't want duplicated lists of known APIs in the short term either. 2647c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose virtual bool argumentsMayEscape() const { 2657c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose return hasNonZeroCallbackArg(); 2667c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose } 26785d7e01cf639b257d70f8a129709a2d7594d7b22Jordan Rose 2682f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// \brief Returns true if the callee is an externally-visible function in the 2692f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// top-level namespace, such as \c malloc. 2702f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// 2712f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// You can use this call to determine that a particular function really is 2722f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// a library function and not, say, a C++ member function with the same name. 2732f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// 2742f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// If a name is provided, the function must additionally match the given 2752f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// name. 2762f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// 2772f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// Note that this deliberately excludes C++ library functions in the \c std 2782f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// namespace, but will include C library functions accessed through the 2792f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// \c std namespace. This also does not check if the function is declared 2802f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// as 'extern "C"', or if it uses C++ name mangling. 2812f3017f9cbd3774f690c979410bfec38423d03afJordan Rose // FIXME: Add a helper for checking namespaces. 2822f3017f9cbd3774f690c979410bfec38423d03afJordan Rose // FIXME: Move this down to AnyFunctionCall once checkers have more 2832f3017f9cbd3774f690c979410bfec38423d03afJordan Rose // precise callbacks. 2842f3017f9cbd3774f690c979410bfec38423d03afJordan Rose bool isGlobalCFunction(StringRef SpecificName = StringRef()) const; 2852f3017f9cbd3774f690c979410bfec38423d03afJordan Rose 2862f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// \brief Returns the name of the callee, if its name is a simple identifier. 2872f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// 2882f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// Note that this will fail for Objective-C methods, blocks, and C++ 2892f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// overloaded operators. The former is named by a Selector rather than a 2902f3017f9cbd3774f690c979410bfec38423d03afJordan Rose /// simple identifier, and the latter two do not have names. 2912f3017f9cbd3774f690c979410bfec38423d03afJordan Rose // FIXME: Move this down to AnyFunctionCall once checkers have more 2922f3017f9cbd3774f690c979410bfec38423d03afJordan Rose // precise callbacks. 2932f3017f9cbd3774f690c979410bfec38423d03afJordan Rose const IdentifierInfo *getCalleeIdentifier() const { 2942f3017f9cbd3774f690c979410bfec38423d03afJordan Rose const NamedDecl *ND = dyn_cast_or_null<NamedDecl>(getDecl()); 2952f3017f9cbd3774f690c979410bfec38423d03afJordan Rose if (!ND) 2966bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89Stephen Hines return nullptr; 2972f3017f9cbd3774f690c979410bfec38423d03afJordan Rose return ND->getIdentifier(); 2982f3017f9cbd3774f690c979410bfec38423d03afJordan Rose } 2992f3017f9cbd3774f690c979410bfec38423d03afJordan Rose 30028038f33aa2db4833881fea757a1f0daf85ac02bJordan Rose /// \brief Returns an appropriate ProgramPoint for this call. 3018d276d38c258dfc572586daf6c0e8f8fce249c0eJordan Rose ProgramPoint getProgramPoint(bool IsPreVisit = false, 3026bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89Stephen Hines const ProgramPointTag *Tag = nullptr) const; 30328038f33aa2db4833881fea757a1f0daf85ac02bJordan Rose 304740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// \brief Returns a new state with all argument regions invalidated. 305740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// 306740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// This accepts an alternate state in case some processing has already 307740d490593e0de8732a697c9f77b90ddd463863bJordan Rose /// occurred. 308740d490593e0de8732a697c9f77b90ddd463863bJordan Rose ProgramStateRef invalidateRegions(unsigned BlockCount, 3096bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89Stephen Hines ProgramStateRef Orig = nullptr) const; 310740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 311ef15831780b705475e7b237ac16418e9b53cb7a6Jordan Rose typedef std::pair<Loc, SVal> FrameBindingTy; 312ef15831780b705475e7b237ac16418e9b53cb7a6Jordan Rose typedef SmallVectorImpl<FrameBindingTy> BindingsTy; 313ef15831780b705475e7b237ac16418e9b53cb7a6Jordan Rose 314ef15831780b705475e7b237ac16418e9b53cb7a6Jordan Rose /// Populates the given SmallVector with the bindings in the callee's stack 315ef15831780b705475e7b237ac16418e9b53cb7a6Jordan Rose /// frame at the start of this call. 316ef15831780b705475e7b237ac16418e9b53cb7a6Jordan Rose virtual void getInitialStackFrameContents(const StackFrameContext *CalleeCtx, 317ef15831780b705475e7b237ac16418e9b53cb7a6Jordan Rose BindingsTy &Bindings) const = 0; 318ef15831780b705475e7b237ac16418e9b53cb7a6Jordan Rose 319972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose /// Returns a copy of this CallEvent, but using the given state. 320972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose template <typename T> 321d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose CallEventRef<T> cloneWithState(ProgramStateRef NewState) const; 322972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 323972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose /// Returns a copy of this CallEvent, but using the given state. 324d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose CallEventRef<> cloneWithState(ProgramStateRef NewState) const { 325972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose return cloneWithState<CallEvent>(NewState); 326972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose } 327972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 3286062334cc388bce69fb3978c4ecb26c6485a5c2bJordan Rose /// \brief Returns true if this is a statement is a function or method call 3296062334cc388bce69fb3978c4ecb26c6485a5c2bJordan Rose /// of some kind. 3306062334cc388bce69fb3978c4ecb26c6485a5c2bJordan Rose static bool isCallStmt(const Stmt *S); 33185d7e01cf639b257d70f8a129709a2d7594d7b22Jordan Rose 332962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// \brief Returns the result type of a function or method declaration. 333962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// 334962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// This will return a null QualType if the result type cannot be determined. 33516e6a7cb41319459ded69b4d47f405c1035dd347Anna Zaks static QualType getDeclaredResultType(const Decl *D); 33616e6a7cb41319459ded69b4d47f405c1035dd347Anna Zaks 3379b072b31ee2f41b8e30d1d22142c9ab72ac5ff1fJordan Rose /// \brief Returns true if the given decl is known to be variadic. 3389b072b31ee2f41b8e30d1d22142c9ab72ac5ff1fJordan Rose /// 3399b072b31ee2f41b8e30d1d22142c9ab72ac5ff1fJordan Rose /// \p D must not be null. 3409b072b31ee2f41b8e30d1d22142c9ab72ac5ff1fJordan Rose static bool isVariadic(const Decl *D); 3419b072b31ee2f41b8e30d1d22142c9ab72ac5ff1fJordan Rose 342e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose // Iterator access to formal parameters and their types. 343740d490593e0de8732a697c9f77b90ddd463863bJordan Roseprivate: 344740d490593e0de8732a697c9f77b90ddd463863bJordan Rose typedef std::const_mem_fun_t<QualType, ParmVarDecl> get_type_fun; 345e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose 346651f13cea278ec967336033dd032faef0e9fc2ecStephen Hinespublic: 347651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines /// Return call's formal parameters. 348e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose /// 349e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose /// Remember that the number of formal parameters may not match the number 350e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose /// of arguments for all calls. However, the first parameter will always 351e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose /// correspond with the argument value returned by \c getArgSVal(0). 352651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines virtual ArrayRef<ParmVarDecl*> parameters() const = 0; 353e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose 354651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines typedef llvm::mapped_iterator<ArrayRef<ParmVarDecl*>::iterator, get_type_fun> 355740d490593e0de8732a697c9f77b90ddd463863bJordan Rose param_type_iterator; 356740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 357e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose /// Returns an iterator over the types of the call's formal parameters. 358e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose /// 359e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose /// This uses the callee decl found by default name lookup rather than the 360e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose /// definition because it represents a public interface, and probably has 361e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose /// more annotations. 362740d490593e0de8732a697c9f77b90ddd463863bJordan Rose param_type_iterator param_type_begin() const { 363651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines return llvm::map_iterator(parameters().begin(), 364740d490593e0de8732a697c9f77b90ddd463863bJordan Rose get_type_fun(&ParmVarDecl::getType)); 365740d490593e0de8732a697c9f77b90ddd463863bJordan Rose } 366e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose /// \sa param_type_begin() 367740d490593e0de8732a697c9f77b90ddd463863bJordan Rose param_type_iterator param_type_end() const { 368651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines return llvm::map_iterator(parameters().end(), 369651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines get_type_fun(&ParmVarDecl::getType)); 370740d490593e0de8732a697c9f77b90ddd463863bJordan Rose } 371740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 3720ffbfd1a7f80f9a3c07317cb8f44c562f2ba1ba5Jordan Rose // For debugging purposes only 373b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose void dump(raw_ostream &Out) const; 374651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines void dump() const; 375740d490593e0de8732a697c9f77b90ddd463863bJordan Rose}; 376740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 377b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose 378740d490593e0de8732a697c9f77b90ddd463863bJordan Rose/// \brief Represents a call to any sort of function that might have a 379740d490593e0de8732a697c9f77b90ddd463863bJordan Rose/// FunctionDecl. 380740d490593e0de8732a697c9f77b90ddd463863bJordan Roseclass AnyFunctionCall : public CallEvent { 381740d490593e0de8732a697c9f77b90ddd463863bJordan Roseprotected: 382b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose AnyFunctionCall(const Expr *E, ProgramStateRef St, 3837c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose const LocationContext *LCtx) 3847c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose : CallEvent(E, St, LCtx) {} 385b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose AnyFunctionCall(const Decl *D, ProgramStateRef St, 3867c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose const LocationContext *LCtx) 3877c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose : CallEvent(D, St, LCtx) {} 388972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose AnyFunctionCall(const AnyFunctionCall &Other) : CallEvent(Other) {} 389740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 390740d490593e0de8732a697c9f77b90ddd463863bJordan Rosepublic: 391b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose // This function is overridden by subclasses, but they must return 392b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose // a FunctionDecl. 393651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines const FunctionDecl *getDecl() const override { 3947c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose return cast<FunctionDecl>(CallEvent::getDecl()); 395b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose } 396740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 397651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines RuntimeDefinition getRuntimeDefinition() const override { 398ee158bc29bc12ce544996f7cdfde14aba63acf4dJordan Rose const FunctionDecl *FD = getDecl(); 399a43df9539644bf1c258e12710cd69d79b0b078cdTed Kremenek // Note that the AnalysisDeclContext will have the FunctionDecl with 400a43df9539644bf1c258e12710cd69d79b0b078cdTed Kremenek // the definition (if one exists). 401a43df9539644bf1c258e12710cd69d79b0b078cdTed Kremenek if (FD) { 402ddc0c4814788dda4ef224cd4d22d07154a6ede49Ted Kremenek AnalysisDeclContext *AD = 403ddc0c4814788dda4ef224cd4d22d07154a6ede49Ted Kremenek getLocationContext()->getAnalysisDeclContext()-> 404ddc0c4814788dda4ef224cd4d22d07154a6ede49Ted Kremenek getManager()->getContext(FD); 405a43df9539644bf1c258e12710cd69d79b0b078cdTed Kremenek if (AD->getBody()) 406a43df9539644bf1c258e12710cd69d79b0b078cdTed Kremenek return RuntimeDefinition(AD->getDecl()); 407a43df9539644bf1c258e12710cd69d79b0b078cdTed Kremenek } 408a43df9539644bf1c258e12710cd69d79b0b078cdTed Kremenek 409e90d3f847dcce76237078b67db8895eb7a24189eAnna Zaks return RuntimeDefinition(); 410ee158bc29bc12ce544996f7cdfde14aba63acf4dJordan Rose } 411ee158bc29bc12ce544996f7cdfde14aba63acf4dJordan Rose 412651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines bool argumentsMayEscape() const override; 413b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose 414651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines void getInitialStackFrameContents(const StackFrameContext *CalleeCtx, 415651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines BindingsTy &Bindings) const override; 416ef15831780b705475e7b237ac16418e9b53cb7a6Jordan Rose 417651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines ArrayRef<ParmVarDecl *> parameters() const override; 418b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose 419740d490593e0de8732a697c9f77b90ddd463863bJordan Rose static bool classof(const CallEvent *CA) { 420740d490593e0de8732a697c9f77b90ddd463863bJordan Rose return CA->getKind() >= CE_BEG_FUNCTION_CALLS && 421740d490593e0de8732a697c9f77b90ddd463863bJordan Rose CA->getKind() <= CE_END_FUNCTION_CALLS; 422740d490593e0de8732a697c9f77b90ddd463863bJordan Rose } 423740d490593e0de8732a697c9f77b90ddd463863bJordan Rose}; 424740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 425651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines/// \brief Represents a C function or static C++ member function call. 426651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines/// 427651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines/// Example: \c fun() 428651f13cea278ec967336033dd032faef0e9fc2ecStephen Hinesclass SimpleFunctionCall : public AnyFunctionCall { 429651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines friend class CallEventManager; 430651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines 431740d490593e0de8732a697c9f77b90ddd463863bJordan Roseprotected: 432651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines SimpleFunctionCall(const CallExpr *CE, ProgramStateRef St, 433651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines const LocationContext *LCtx) 434972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose : AnyFunctionCall(CE, St, LCtx) {} 435651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines SimpleFunctionCall(const SimpleFunctionCall &Other) 436651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines : AnyFunctionCall(Other) {} 437651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines void cloneTo(void *Dest) const override { 438651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines new (Dest) SimpleFunctionCall(*this); 439651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines } 440740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 441740d490593e0de8732a697c9f77b90ddd463863bJordan Rosepublic: 4427c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose virtual const CallExpr *getOriginExpr() const { 443b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose return cast<CallExpr>(AnyFunctionCall::getOriginExpr()); 444b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose } 445740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 446651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines const FunctionDecl *getDecl() const override; 447740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 448651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines unsigned getNumArgs() const override { return getOriginExpr()->getNumArgs(); } 4497c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose 450651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines const Expr *getArgExpr(unsigned Index) const override { 451b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose return getOriginExpr()->getArg(Index); 452740d490593e0de8732a697c9f77b90ddd463863bJordan Rose } 453740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 454651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines Kind getKind() const override { return CE_Function; } 455b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose 456740d490593e0de8732a697c9f77b90ddd463863bJordan Rose static bool classof(const CallEvent *CA) { 457740d490593e0de8732a697c9f77b90ddd463863bJordan Rose return CA->getKind() == CE_Function; 458740d490593e0de8732a697c9f77b90ddd463863bJordan Rose } 459740d490593e0de8732a697c9f77b90ddd463863bJordan Rose}; 460740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 461645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose/// \brief Represents a call to a block. 462645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose/// 463645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose/// Example: <tt>^{ /* ... */ }()</tt> 464651f13cea278ec967336033dd032faef0e9fc2ecStephen Hinesclass BlockCall : public CallEvent { 465645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose friend class CallEventManager; 466645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose 467645baeed6800f952e9ad1d5666e01080385531a2Jordan Roseprotected: 468645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose BlockCall(const CallExpr *CE, ProgramStateRef St, 469645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose const LocationContext *LCtx) 470651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines : CallEvent(CE, St, LCtx) {} 471645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose 472651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines BlockCall(const BlockCall &Other) : CallEvent(Other) {} 473651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines void cloneTo(void *Dest) const override { new (Dest) BlockCall(*this); } 474645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose 475651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines void getExtraInvalidatedValues(ValueList &Values) const override; 476645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose 477645baeed6800f952e9ad1d5666e01080385531a2Jordan Rosepublic: 478651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines virtual const CallExpr *getOriginExpr() const { 479651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines return cast<CallExpr>(CallEvent::getOriginExpr()); 480651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines } 481651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines 482651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines unsigned getNumArgs() const override { return getOriginExpr()->getNumArgs(); } 483651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines 484651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines const Expr *getArgExpr(unsigned Index) const override { 485651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines return getOriginExpr()->getArg(Index); 486651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines } 487651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines 488645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose /// \brief Returns the region associated with this instance of the block. 489645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose /// 490645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose /// This may be NULL if the block's origin is unknown. 491645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose const BlockDataRegion *getBlockRegion() const; 492645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose 493651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines const BlockDecl *getDecl() const override { 494645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose const BlockDataRegion *BR = getBlockRegion(); 495645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose if (!BR) 4966bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89Stephen Hines return nullptr; 497645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose return BR->getDecl(); 498645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose } 499645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose 500651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines RuntimeDefinition getRuntimeDefinition() const override { 501651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines return RuntimeDefinition(getDecl()); 502645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose } 503645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose 504651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines bool argumentsMayEscape() const override { 505651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines return true; 506651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines } 507645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose 508651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines void getInitialStackFrameContents(const StackFrameContext *CalleeCtx, 509651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines BindingsTy &Bindings) const override; 510645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose 511651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines ArrayRef<ParmVarDecl*> parameters() const override; 512651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines 513651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines Kind getKind() const override { return CE_Block; } 514645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose 515645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose static bool classof(const CallEvent *CA) { 516645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose return CA->getKind() == CE_Block; 517645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose } 518645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose}; 519645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose 520c36b30c92c78b95fd29fb5d9d6214d737b3bcb02Jordan Rose/// \brief Represents a non-static C++ member function call, no matter how 521c36b30c92c78b95fd29fb5d9d6214d737b3bcb02Jordan Rose/// it is written. 522645baeed6800f952e9ad1d5666e01080385531a2Jordan Roseclass CXXInstanceCall : public AnyFunctionCall { 523740d490593e0de8732a697c9f77b90ddd463863bJordan Roseprotected: 524651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines void getExtraInvalidatedValues(ValueList &Values) const override; 525740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 526c36b30c92c78b95fd29fb5d9d6214d737b3bcb02Jordan Rose CXXInstanceCall(const CallExpr *CE, ProgramStateRef St, 5277c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose const LocationContext *LCtx) 528645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose : AnyFunctionCall(CE, St, LCtx) {} 529645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose CXXInstanceCall(const FunctionDecl *D, ProgramStateRef St, 530645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose const LocationContext *LCtx) 531645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose : AnyFunctionCall(D, St, LCtx) {} 532645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose 533c36b30c92c78b95fd29fb5d9d6214d737b3bcb02Jordan Rose 534645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose CXXInstanceCall(const CXXInstanceCall &Other) : AnyFunctionCall(Other) {} 535972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 536c36b30c92c78b95fd29fb5d9d6214d737b3bcb02Jordan Rosepublic: 5379da59a67a27a4d3fc9d59552f07808a32f85e9d3Jordan Rose /// \brief Returns the expression representing the implicit 'this' object. 5386bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89Stephen Hines virtual const Expr *getCXXThisExpr() const { return nullptr; } 5399da59a67a27a4d3fc9d59552f07808a32f85e9d3Jordan Rose 540ef15831780b705475e7b237ac16418e9b53cb7a6Jordan Rose /// \brief Returns the value of the implicit 'this' object. 5416ebea89be233eaba5e29de8cf3524ad150c860bbJordan Rose virtual SVal getCXXThisVal() const; 542ef15831780b705475e7b237ac16418e9b53cb7a6Jordan Rose 543651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines const FunctionDecl *getDecl() const override; 544645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose 545651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines RuntimeDefinition getRuntimeDefinition() const override; 546c36b30c92c78b95fd29fb5d9d6214d737b3bcb02Jordan Rose 547651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines void getInitialStackFrameContents(const StackFrameContext *CalleeCtx, 548651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines BindingsTy &Bindings) const override; 549ef15831780b705475e7b237ac16418e9b53cb7a6Jordan Rose 550c36b30c92c78b95fd29fb5d9d6214d737b3bcb02Jordan Rose static bool classof(const CallEvent *CA) { 551c36b30c92c78b95fd29fb5d9d6214d737b3bcb02Jordan Rose return CA->getKind() >= CE_BEG_CXX_INSTANCE_CALLS && 552c36b30c92c78b95fd29fb5d9d6214d737b3bcb02Jordan Rose CA->getKind() <= CE_END_CXX_INSTANCE_CALLS; 553c36b30c92c78b95fd29fb5d9d6214d737b3bcb02Jordan Rose } 554c36b30c92c78b95fd29fb5d9d6214d737b3bcb02Jordan Rose}; 555c36b30c92c78b95fd29fb5d9d6214d737b3bcb02Jordan Rose 556c36b30c92c78b95fd29fb5d9d6214d737b3bcb02Jordan Rose/// \brief Represents a non-static C++ member function call. 557c36b30c92c78b95fd29fb5d9d6214d737b3bcb02Jordan Rose/// 558c36b30c92c78b95fd29fb5d9d6214d737b3bcb02Jordan Rose/// Example: \c obj.fun() 559c36b30c92c78b95fd29fb5d9d6214d737b3bcb02Jordan Roseclass CXXMemberCall : public CXXInstanceCall { 560d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose friend class CallEventManager; 561972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 562d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Roseprotected: 563740d490593e0de8732a697c9f77b90ddd463863bJordan Rose CXXMemberCall(const CXXMemberCallExpr *CE, ProgramStateRef St, 564c36b30c92c78b95fd29fb5d9d6214d737b3bcb02Jordan Rose const LocationContext *LCtx) 5657c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose : CXXInstanceCall(CE, St, LCtx) {} 566740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 567d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose CXXMemberCall(const CXXMemberCall &Other) : CXXInstanceCall(Other) {} 568651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines void cloneTo(void *Dest) const override { new (Dest) CXXMemberCall(*this); } 569d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 570d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rosepublic: 5717c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose virtual const CXXMemberCallExpr *getOriginExpr() const { 572645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose return cast<CXXMemberCallExpr>(CXXInstanceCall::getOriginExpr()); 573645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose } 574645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose 575651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines unsigned getNumArgs() const override { 576645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose if (const CallExpr *CE = getOriginExpr()) 577645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose return CE->getNumArgs(); 578645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose return 0; 579645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose } 580645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose 581651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines const Expr *getArgExpr(unsigned Index) const override { 582645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose return getOriginExpr()->getArg(Index); 583740d490593e0de8732a697c9f77b90ddd463863bJordan Rose } 584740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 585651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines const Expr *getCXXThisExpr() const override; 5867c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose 587651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines RuntimeDefinition getRuntimeDefinition() const override; 588651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines 589651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines Kind getKind() const override { return CE_CXXMember; } 590e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose 591740d490593e0de8732a697c9f77b90ddd463863bJordan Rose static bool classof(const CallEvent *CA) { 592740d490593e0de8732a697c9f77b90ddd463863bJordan Rose return CA->getKind() == CE_CXXMember; 593740d490593e0de8732a697c9f77b90ddd463863bJordan Rose } 594740d490593e0de8732a697c9f77b90ddd463863bJordan Rose}; 595740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 596fdaa33818cf9bad8d092136e73bd2e489cb821baJordan Rose/// \brief Represents a C++ overloaded operator call where the operator is 597fdaa33818cf9bad8d092136e73bd2e489cb821baJordan Rose/// implemented as a non-static member function. 598fdaa33818cf9bad8d092136e73bd2e489cb821baJordan Rose/// 599fdaa33818cf9bad8d092136e73bd2e489cb821baJordan Rose/// Example: <tt>iter + 1</tt> 600c36b30c92c78b95fd29fb5d9d6214d737b3bcb02Jordan Roseclass CXXMemberOperatorCall : public CXXInstanceCall { 601d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose friend class CallEventManager; 602d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 603972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Roseprotected: 604d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose CXXMemberOperatorCall(const CXXOperatorCallExpr *CE, ProgramStateRef St, 605d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose const LocationContext *LCtx) 606d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose : CXXInstanceCall(CE, St, LCtx) {} 607d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 608972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose CXXMemberOperatorCall(const CXXMemberOperatorCall &Other) 609972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose : CXXInstanceCall(Other) {} 610651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines void cloneTo(void *Dest) const override { 611972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose new (Dest) CXXMemberOperatorCall(*this); 612972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose } 613972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 614fdaa33818cf9bad8d092136e73bd2e489cb821baJordan Rosepublic: 6157c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose virtual const CXXOperatorCallExpr *getOriginExpr() const { 616645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose return cast<CXXOperatorCallExpr>(CXXInstanceCall::getOriginExpr()); 617fdaa33818cf9bad8d092136e73bd2e489cb821baJordan Rose } 618fdaa33818cf9bad8d092136e73bd2e489cb821baJordan Rose 619651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines unsigned getNumArgs() const override { 6207c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose return getOriginExpr()->getNumArgs() - 1; 6217c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose } 622651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines const Expr *getArgExpr(unsigned Index) const override { 623fdaa33818cf9bad8d092136e73bd2e489cb821baJordan Rose return getOriginExpr()->getArg(Index + 1); 624fdaa33818cf9bad8d092136e73bd2e489cb821baJordan Rose } 625fdaa33818cf9bad8d092136e73bd2e489cb821baJordan Rose 626651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines const Expr *getCXXThisExpr() const override; 6277c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose 628651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines Kind getKind() const override { return CE_CXXMemberOperator; } 629e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose 630fdaa33818cf9bad8d092136e73bd2e489cb821baJordan Rose static bool classof(const CallEvent *CA) { 631fdaa33818cf9bad8d092136e73bd2e489cb821baJordan Rose return CA->getKind() == CE_CXXMemberOperator; 632fdaa33818cf9bad8d092136e73bd2e489cb821baJordan Rose } 633fdaa33818cf9bad8d092136e73bd2e489cb821baJordan Rose}; 634fdaa33818cf9bad8d092136e73bd2e489cb821baJordan Rose 635645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose/// \brief Represents an implicit call to a C++ destructor. 636740d490593e0de8732a697c9f77b90ddd463863bJordan Rose/// 637645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose/// This can occur at the end of a scope (for automatic objects), at the end 638645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose/// of a full-expression (for temporaries), or as part of a delete. 639645baeed6800f952e9ad1d5666e01080385531a2Jordan Roseclass CXXDestructorCall : public CXXInstanceCall { 640d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose friend class CallEventManager; 641d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 642740d490593e0de8732a697c9f77b90ddd463863bJordan Roseprotected: 643200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose typedef llvm::PointerIntPair<const MemRegion *, 1, bool> DtorDataTy; 644200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose 645645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose /// Creates an implicit destructor. 64669f87c956b3ac2b80124fd9604af012e1061473aJordan Rose /// 647645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose /// \param DD The destructor that will be called. 648645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose /// \param Trigger The statement whose completion causes this destructor call. 649645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose /// \param Target The object region to be destructed. 650645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose /// \param St The path-sensitive state at this point in the program. 651645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose /// \param LCtx The location context at this point in the program. 652645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose CXXDestructorCall(const CXXDestructorDecl *DD, const Stmt *Trigger, 653200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose const MemRegion *Target, bool IsBaseDestructor, 654200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose ProgramStateRef St, const LocationContext *LCtx) 655645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose : CXXInstanceCall(DD, St, LCtx) { 656200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose Data = DtorDataTy(Target, IsBaseDestructor).getOpaqueValue(); 657645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose Location = Trigger->getLocEnd(); 658740d490593e0de8732a697c9f77b90ddd463863bJordan Rose } 659740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 660645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose CXXDestructorCall(const CXXDestructorCall &Other) : CXXInstanceCall(Other) {} 661651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines void cloneTo(void *Dest) const override {new (Dest) CXXDestructorCall(*this);} 662ee158bc29bc12ce544996f7cdfde14aba63acf4dJordan Rose 663645baeed6800f952e9ad1d5666e01080385531a2Jordan Rosepublic: 664651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines SourceRange getSourceRange() const override { return Location; } 665651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines unsigned getNumArgs() const override { return 0; } 666ef15831780b705475e7b237ac16418e9b53cb7a6Jordan Rose 667651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines RuntimeDefinition getRuntimeDefinition() const override; 668200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose 669645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose /// \brief Returns the value of the implicit 'this' object. 670651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines SVal getCXXThisVal() const override; 671b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose 672200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose /// Returns true if this is a call to a base class destructor. 673200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose bool isBaseDestructor() const { 674200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose return DtorDataTy::getFromOpaqueValue(Data).getInt(); 675200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose } 676200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose 677651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines Kind getKind() const override { return CE_CXXDestructor; } 678b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose 679740d490593e0de8732a697c9f77b90ddd463863bJordan Rose static bool classof(const CallEvent *CA) { 680645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose return CA->getKind() == CE_CXXDestructor; 681740d490593e0de8732a697c9f77b90ddd463863bJordan Rose } 682740d490593e0de8732a697c9f77b90ddd463863bJordan Rose}; 683740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 684740d490593e0de8732a697c9f77b90ddd463863bJordan Rose/// \brief Represents a call to a C++ constructor. 685740d490593e0de8732a697c9f77b90ddd463863bJordan Rose/// 686740d490593e0de8732a697c9f77b90ddd463863bJordan Rose/// Example: \c T(1) 687740d490593e0de8732a697c9f77b90ddd463863bJordan Roseclass CXXConstructorCall : public AnyFunctionCall { 688d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose friend class CallEventManager; 689b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose 690d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Roseprotected: 691d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose /// Creates a constructor call. 692d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose /// 693d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose /// \param CE The constructor expression as written in the source. 694d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose /// \param Target The region where the object should be constructed. If NULL, 695d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose /// a new symbolic region will be used. 696d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose /// \param St The path-sensitive state at this point in the program. 697d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose /// \param LCtx The location context at this point in the program. 69870517ca5c07c4b41ff8662b94ee22047b0299f8cDmitri Gribenko CXXConstructorCall(const CXXConstructExpr *CE, const MemRegion *Target, 699740d490593e0de8732a697c9f77b90ddd463863bJordan Rose ProgramStateRef St, const LocationContext *LCtx) 7007c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose : AnyFunctionCall(CE, St, LCtx) { 70170517ca5c07c4b41ff8662b94ee22047b0299f8cDmitri Gribenko Data = Target; 702b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose } 703740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 704d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose CXXConstructorCall(const CXXConstructorCall &Other) : AnyFunctionCall(Other){} 705651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines void cloneTo(void *Dest) const override { new (Dest) CXXConstructorCall(*this); } 706d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 707651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines void getExtraInvalidatedValues(ValueList &Values) const override; 708d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 709d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rosepublic: 7107c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose virtual const CXXConstructExpr *getOriginExpr() const { 711b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose return cast<CXXConstructExpr>(AnyFunctionCall::getOriginExpr()); 712b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose } 713b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose 714651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines const CXXConstructorDecl *getDecl() const override { 715b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose return getOriginExpr()->getConstructor(); 716740d490593e0de8732a697c9f77b90ddd463863bJordan Rose } 717740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 718651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines unsigned getNumArgs() const override { return getOriginExpr()->getNumArgs(); } 719740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 720651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines const Expr *getArgExpr(unsigned Index) const override { 721b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose return getOriginExpr()->getArg(Index); 722740d490593e0de8732a697c9f77b90ddd463863bJordan Rose } 723740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 724ef15831780b705475e7b237ac16418e9b53cb7a6Jordan Rose /// \brief Returns the value of the implicit 'this' object. 725645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose SVal getCXXThisVal() const; 7267c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose 727651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines void getInitialStackFrameContents(const StackFrameContext *CalleeCtx, 728651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines BindingsTy &Bindings) const override; 729ef15831780b705475e7b237ac16418e9b53cb7a6Jordan Rose 730651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines Kind getKind() const override { return CE_CXXConstructor; } 731e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose 732740d490593e0de8732a697c9f77b90ddd463863bJordan Rose static bool classof(const CallEvent *CA) { 733740d490593e0de8732a697c9f77b90ddd463863bJordan Rose return CA->getKind() == CE_CXXConstructor; 734740d490593e0de8732a697c9f77b90ddd463863bJordan Rose } 735740d490593e0de8732a697c9f77b90ddd463863bJordan Rose}; 736740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 7370e020adcb69e91826f4ee14a0c1d381f7b624a34Jordan Rose/// \brief Represents the memory allocation call in a C++ new-expression. 7380e020adcb69e91826f4ee14a0c1d381f7b624a34Jordan Rose/// 7390e020adcb69e91826f4ee14a0c1d381f7b624a34Jordan Rose/// This is a call to "operator new". 74070cbf3cc09eb21db1108396d30a414ea66d842ccJordan Roseclass CXXAllocatorCall : public AnyFunctionCall { 741d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose friend class CallEventManager; 742972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 743d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Roseprotected: 744b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose CXXAllocatorCall(const CXXNewExpr *E, ProgramStateRef St, 74570cbf3cc09eb21db1108396d30a414ea66d842ccJordan Rose const LocationContext *LCtx) 7467c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose : AnyFunctionCall(E, St, LCtx) {} 74770cbf3cc09eb21db1108396d30a414ea66d842ccJordan Rose 748d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose CXXAllocatorCall(const CXXAllocatorCall &Other) : AnyFunctionCall(Other) {} 749651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines void cloneTo(void *Dest) const override { new (Dest) CXXAllocatorCall(*this); } 750d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 751d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rosepublic: 7527c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose virtual const CXXNewExpr *getOriginExpr() const { 753b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose return cast<CXXNewExpr>(AnyFunctionCall::getOriginExpr()); 754b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose } 755b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose 756651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines const FunctionDecl *getDecl() const override { 757b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose return getOriginExpr()->getOperatorNew(); 75870cbf3cc09eb21db1108396d30a414ea66d842ccJordan Rose } 75970cbf3cc09eb21db1108396d30a414ea66d842ccJordan Rose 760651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines unsigned getNumArgs() const override { 761b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose return getOriginExpr()->getNumPlacementArgs() + 1; 762b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose } 76370cbf3cc09eb21db1108396d30a414ea66d842ccJordan Rose 764651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines const Expr *getArgExpr(unsigned Index) const override { 76570cbf3cc09eb21db1108396d30a414ea66d842ccJordan Rose // The first argument of an allocator call is the size of the allocation. 76670cbf3cc09eb21db1108396d30a414ea66d842ccJordan Rose if (Index == 0) 7676bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89Stephen Hines return nullptr; 768b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose return getOriginExpr()->getPlacementArg(Index - 1); 76970cbf3cc09eb21db1108396d30a414ea66d842ccJordan Rose } 77070cbf3cc09eb21db1108396d30a414ea66d842ccJordan Rose 771651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines Kind getKind() const override { return CE_CXXAllocator; } 772b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose 77370cbf3cc09eb21db1108396d30a414ea66d842ccJordan Rose static bool classof(const CallEvent *CE) { 77470cbf3cc09eb21db1108396d30a414ea66d842ccJordan Rose return CE->getKind() == CE_CXXAllocator; 77570cbf3cc09eb21db1108396d30a414ea66d842ccJordan Rose } 77670cbf3cc09eb21db1108396d30a414ea66d842ccJordan Rose}; 77770cbf3cc09eb21db1108396d30a414ea66d842ccJordan Rose 7788919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose/// \brief Represents the ways an Objective-C message send can occur. 7798919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose// 7808919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose// Note to maintainers: OCM_Message should always be last, since it does not 7818919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose// need to fit in the Data field's low bits. 7828919e688dc610d1f632a4d43f7f1489f67255476Jordan Roseenum ObjCMessageKind { 7838919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose OCM_PropertyAccess, 7848919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose OCM_Subscript, 7858919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose OCM_Message 7868919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose}; 7878919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose 788cde8cdbd6a662c636164465ad309b5f17ff01064Jordan Rose/// \brief Represents any expression that calls an Objective-C method. 7898919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose/// 7908919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose/// This includes all of the kinds listed in ObjCMessageKind. 791cde8cdbd6a662c636164465ad309b5f17ff01064Jordan Roseclass ObjCMethodCall : public CallEvent { 792d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose friend class CallEventManager; 793d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 7948919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose const PseudoObjectExpr *getContainingPseudoObjectExpr() const; 795cde8cdbd6a662c636164465ad309b5f17ff01064Jordan Rose 7968919e688dc610d1f632a4d43f7f1489f67255476Jordan Roseprotected: 797d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose ObjCMethodCall(const ObjCMessageExpr *Msg, ProgramStateRef St, 798d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose const LocationContext *LCtx) 799d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose : CallEvent(Msg, St, LCtx) { 8006bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89Stephen Hines Data = nullptr; 801d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose } 802d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 803972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose ObjCMethodCall(const ObjCMethodCall &Other) : CallEvent(Other) {} 804651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines void cloneTo(void *Dest) const override { new (Dest) ObjCMethodCall(*this); } 805972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 806651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines void getExtraInvalidatedValues(ValueList &Values) const override; 807740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 8083f558af01643787d209a133215b0abec81b5fe30Anna Zaks /// Check if the selector may have multiple definitions (may have overrides). 8093f558af01643787d209a133215b0abec81b5fe30Anna Zaks virtual bool canBeOverridenInSubclass(ObjCInterfaceDecl *IDecl, 8103f558af01643787d209a133215b0abec81b5fe30Anna Zaks Selector Sel) const; 8113f558af01643787d209a133215b0abec81b5fe30Anna Zaks 812740d490593e0de8732a697c9f77b90ddd463863bJordan Rosepublic: 8137c99aa385178c630e29f671299cdd9c104f1c885Jordan Rose virtual const ObjCMessageExpr *getOriginExpr() const { 8148919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose return cast<ObjCMessageExpr>(CallEvent::getOriginExpr()); 815cde8cdbd6a662c636164465ad309b5f17ff01064Jordan Rose } 816651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines const ObjCMethodDecl *getDecl() const override { 817b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose return getOriginExpr()->getMethodDecl(); 818b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose } 819651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines unsigned getNumArgs() const override { 820b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose return getOriginExpr()->getNumArgs(); 821b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose } 822651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines const Expr *getArgExpr(unsigned Index) const override { 823b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose return getOriginExpr()->getArg(Index); 824b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose } 825740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 8268919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose bool isInstanceMessage() const { 8278919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose return getOriginExpr()->isInstanceMessage(); 8288919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose } 8298919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose ObjCMethodFamily getMethodFamily() const { 8308919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose return getOriginExpr()->getMethodFamily(); 8318919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose } 8328919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose Selector getSelector() const { 8338919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose return getOriginExpr()->getSelector(); 8348919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose } 8358919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose 836651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines SourceRange getSourceRange() const override; 8378919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose 8380e020adcb69e91826f4ee14a0c1d381f7b624a34Jordan Rose /// \brief Returns the value of the receiver at the time of this call. 839740d490593e0de8732a697c9f77b90ddd463863bJordan Rose SVal getReceiverSVal() const; 840740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 8415a90193ad825656d4a03099cd5e9c928d1782b5eAnna Zaks /// \brief Return the value of 'self' if available. 8425a90193ad825656d4a03099cd5e9c928d1782b5eAnna Zaks SVal getSelfSVal() const; 8435a90193ad825656d4a03099cd5e9c928d1782b5eAnna Zaks 8440e020adcb69e91826f4ee14a0c1d381f7b624a34Jordan Rose /// \brief Get the interface for the receiver. 8450e020adcb69e91826f4ee14a0c1d381f7b624a34Jordan Rose /// 8460e020adcb69e91826f4ee14a0c1d381f7b624a34Jordan Rose /// This works whether this is an instance message or a class message. 8470e020adcb69e91826f4ee14a0c1d381f7b624a34Jordan Rose /// However, it currently just uses the static type of the receiver. 848cde8cdbd6a662c636164465ad309b5f17ff01064Jordan Rose const ObjCInterfaceDecl *getReceiverInterface() const { 849b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose return getOriginExpr()->getReceiverInterface(); 850cde8cdbd6a662c636164465ad309b5f17ff01064Jordan Rose } 851cde8cdbd6a662c636164465ad309b5f17ff01064Jordan Rose 8525a90193ad825656d4a03099cd5e9c928d1782b5eAnna Zaks /// \brief Checks if the receiver refers to 'self' or 'super'. 8535a90193ad825656d4a03099cd5e9c928d1782b5eAnna Zaks bool isReceiverSelfOrSuper() const; 8545a90193ad825656d4a03099cd5e9c928d1782b5eAnna Zaks 85509647f28d7955d0c948ebbbb376a46844056f11aJordan Rose /// Returns how the message was written in the source (property access, 85609647f28d7955d0c948ebbbb376a46844056f11aJordan Rose /// subscript, or explicit message send). 8578919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose ObjCMessageKind getMessageKind() const; 8588919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose 85909647f28d7955d0c948ebbbb376a46844056f11aJordan Rose /// Returns true if this property access or subscript is a setter (has the 86009647f28d7955d0c948ebbbb376a46844056f11aJordan Rose /// form of an assignment). 8618919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose bool isSetter() const { 8628919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose switch (getMessageKind()) { 8638919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose case OCM_Message: 8648919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose llvm_unreachable("This is not a pseudo-object access!"); 8658919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose case OCM_PropertyAccess: 8668919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose return getNumArgs() > 0; 8678919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose case OCM_Subscript: 8688919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose return getNumArgs() > 1; 8698919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose } 8708919e688dc610d1f632a4d43f7f1489f67255476Jordan Rose llvm_unreachable("Unknown message kind"); 871740d490593e0de8732a697c9f77b90ddd463863bJordan Rose } 872740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 873651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines RuntimeDefinition getRuntimeDefinition() const override; 874ee158bc29bc12ce544996f7cdfde14aba63acf4dJordan Rose 875651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines bool argumentsMayEscape() const override; 876651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines 877651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines void getInitialStackFrameContents(const StackFrameContext *CalleeCtx, 878651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines BindingsTy &Bindings) const override; 879ef15831780b705475e7b237ac16418e9b53cb7a6Jordan Rose 880651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines ArrayRef<ParmVarDecl*> parameters() const override; 881b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose 882651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines Kind getKind() const override { return CE_ObjCMessage; } 883b7a23e05d1d8f07f2a6edce5c88c728fe894c2c7Jordan Rose 884740d490593e0de8732a697c9f77b90ddd463863bJordan Rose static bool classof(const CallEvent *CA) { 885740d490593e0de8732a697c9f77b90ddd463863bJordan Rose return CA->getKind() == CE_ObjCMessage; 886740d490593e0de8732a697c9f77b90ddd463863bJordan Rose } 887740d490593e0de8732a697c9f77b90ddd463863bJordan Rose}; 888740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 889972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 890972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose/// \brief Manages the lifetime of CallEvent objects. 891972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose/// 892972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose/// CallEventManager provides a way to create arbitrary CallEvents "on the 893972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose/// stack" as if they were value objects by keeping a cache of CallEvent-sized 894972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose/// memory blocks. The CallEvents created by CallEventManager are only valid 895972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose/// for the lifetime of the OwnedCallEvent that holds them; right now these 896972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose/// objects cannot be copied and ownership cannot be transferred. 897972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Roseclass CallEventManager { 898972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose friend class CallEvent; 899972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 900972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose llvm::BumpPtrAllocator &Alloc; 901d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose SmallVector<void *, 8> Cache; 902651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines typedef SimpleFunctionCall CallEventTemplateTy; 903972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 904972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose void reclaim(const void *Memory) { 905972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose Cache.push_back(const_cast<void *>(Memory)); 906972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose } 907972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 908972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose /// Returns memory that can be initialized as a CallEvent. 909972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose void *allocate() { 910972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose if (Cache.empty()) 911651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines return Alloc.Allocate<CallEventTemplateTy>(); 912972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose else 913972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose return Cache.pop_back_val(); 914972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose } 915972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 916d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose template <typename T, typename Arg> 917d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose T *create(Arg A, ProgramStateRef St, const LocationContext *LCtx) { 918651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines static_assert(sizeof(T) == sizeof(CallEventTemplateTy), 919651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines "CallEvent subclasses are not all the same size"); 920d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose return new (allocate()) T(A, St, LCtx); 921d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose } 922d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 923d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose template <typename T, typename Arg1, typename Arg2> 924d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose T *create(Arg1 A1, Arg2 A2, ProgramStateRef St, const LocationContext *LCtx) { 925651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines static_assert(sizeof(T) == sizeof(CallEventTemplateTy), 926651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines "CallEvent subclasses are not all the same size"); 927d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose return new (allocate()) T(A1, A2, St, LCtx); 928d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose } 929d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 930d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose template <typename T, typename Arg1, typename Arg2, typename Arg3> 931d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose T *create(Arg1 A1, Arg2 A2, Arg3 A3, ProgramStateRef St, 932d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose const LocationContext *LCtx) { 933651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines static_assert(sizeof(T) == sizeof(CallEventTemplateTy), 934651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines "CallEvent subclasses are not all the same size"); 935d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose return new (allocate()) T(A1, A2, A3, St, LCtx); 936d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose } 937d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 938200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose template <typename T, typename Arg1, typename Arg2, typename Arg3, 939200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose typename Arg4> 940200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose T *create(Arg1 A1, Arg2 A2, Arg3 A3, Arg4 A4, ProgramStateRef St, 941200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose const LocationContext *LCtx) { 942651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines static_assert(sizeof(T) == sizeof(CallEventTemplateTy), 943651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines "CallEvent subclasses are not all the same size"); 944200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose return new (allocate()) T(A1, A2, A3, A4, St, LCtx); 945200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose } 946200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose 947972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rosepublic: 948972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose CallEventManager(llvm::BumpPtrAllocator &alloc) : Alloc(alloc) {} 949d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 95057c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose 95157c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose CallEventRef<> 95257c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose getCaller(const StackFrameContext *CalleeCtx, ProgramStateRef State); 95357c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose 95457c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose 955645baeed6800f952e9ad1d5666e01080385531a2Jordan Rose CallEventRef<> 956d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose getSimpleCall(const CallExpr *E, ProgramStateRef State, 957d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose const LocationContext *LCtx); 958d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 959d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose CallEventRef<ObjCMethodCall> 960d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose getObjCMethodCall(const ObjCMessageExpr *E, ProgramStateRef State, 961d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose const LocationContext *LCtx) { 962d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose return create<ObjCMethodCall>(E, State, LCtx); 963d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose } 964d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 965d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose CallEventRef<CXXConstructorCall> 966d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose getCXXConstructorCall(const CXXConstructExpr *E, const MemRegion *Target, 967d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose ProgramStateRef State, const LocationContext *LCtx) { 968d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose return create<CXXConstructorCall>(E, Target, State, LCtx); 969d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose } 970d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 971d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose CallEventRef<CXXDestructorCall> 972d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose getCXXDestructorCall(const CXXDestructorDecl *DD, const Stmt *Trigger, 973200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose const MemRegion *Target, bool IsBase, 974200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose ProgramStateRef State, const LocationContext *LCtx) { 975200fa2e70d52ae6d620e81cd45536071fdde70c0Jordan Rose return create<CXXDestructorCall>(DD, Trigger, Target, IsBase, State, LCtx); 976d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose } 977d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 978d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose CallEventRef<CXXAllocatorCall> 979d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose getCXXAllocatorCall(const CXXNewExpr *E, ProgramStateRef State, 980d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose const LocationContext *LCtx) { 981d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose return create<CXXAllocatorCall>(E, State, LCtx); 982d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose } 983972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose}; 984972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 985972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 986972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rosetemplate <typename T> 987d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan RoseCallEventRef<T> CallEvent::cloneWithState(ProgramStateRef NewState) const { 988972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose assert(isa<T>(*this) && "Cloning to unrelated type"); 989651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines static_assert(sizeof(T) == sizeof(CallEvent), 990651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines "Subclasses may not add fields"); 991972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 992d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose if (NewState == State) 993d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose return cast<T>(this); 994d563d3fb73879df7147b8a5302c3bf0e1402ba18Jordan Rose 995972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose CallEventManager &Mgr = State->getStateManager().getCallEventManager(); 996972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose T *Copy = static_cast<T *>(Mgr.allocate()); 997972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose cloneTo(Copy); 998972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose assert(Copy->getKind() == this->getKind() && "Bad copy"); 999972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 1000972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose Copy->State = NewState; 1001972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose return Copy; 1002972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose} 1003972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 1004972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Roseinline void CallEvent::Release() const { 1005972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose assert(RefCount > 0 && "Reference count is already zero."); 1006972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose --RefCount; 1007972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 1008972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose if (RefCount > 0) 1009972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose return; 1010972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 1011972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose CallEventManager &Mgr = State->getStateManager().getCallEventManager(); 1012972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose Mgr.reclaim(this); 1013972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 1014972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose this->~CallEvent(); 1015972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose} 1016972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 1017740d490593e0de8732a697c9f77b90ddd463863bJordan Rose} // end namespace ento 1018740d490593e0de8732a697c9f77b90ddd463863bJordan Rose} // end namespace clang 1019740d490593e0de8732a697c9f77b90ddd463863bJordan Rose 102057c033621dacd8720ac9ff65a09025f14f70e22fJordan Rosenamespace llvm { 102157c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose // Support isa<>, cast<>, and dyn_cast<> for CallEventRef. 102257c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose template<class T> struct simplify_type< clang::ento::CallEventRef<T> > { 102357c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose typedef const T *SimpleType; 102457c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose 102557c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose static SimpleType 102694cf910ac2d1719c1dfc163bbec3953f12efdf6fRafael Espindola getSimplifiedValue(clang::ento::CallEventRef<T> Val) { 102757c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose return Val.getPtr(); 102857c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose } 102957c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose }; 103057c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose} 103157c033621dacd8720ac9ff65a09025f14f70e22fJordan Rose 1032740d490593e0de8732a697c9f77b90ddd463863bJordan Rose#endif 1033