ExprEngine.h revision 66c40400e7d6272b0cd675ada18dd62c1f0362c7
1d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis//===-- ExprEngine.h - Path-Sensitive Expression-Level Dataflow ---*- C++ -*-=// 277349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek// 377349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek// The LLVM Compiler Infrastructure 477349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek// 577349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek// This file is distributed under the University of Illinois Open Source 677349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek// License. See LICENSE.TXT for details. 777349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek// 877349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek//===----------------------------------------------------------------------===// 977349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek// 10b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek// This file defines a meta-engine for path-sensitive dataflow analysis that 11d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis// is built on CoreEngine, but provides the boilerplate to execute transfer 12b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek// functions and build the ExplodedGraph at the expression level. 1377349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek// 1477349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek//===----------------------------------------------------------------------===// 1577349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek 16d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis#ifndef LLVM_CLANG_GR_EXPRENGINE 17d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis#define LLVM_CLANG_GR_EXPRENGINE 18d065d6080f0620bb80b933f3f5d52d37bb2ea770Ted Kremenek 199b663716449b618ba0390b1dbebc54fa8e971124Ted Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/AnalysisManager.h" 209b663716449b618ba0390b1dbebc54fa8e971124Ted Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/SubEngine.h" 219b663716449b618ba0390b1dbebc54fa8e971124Ted Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/CoreEngine.h" 2218c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h" 239b663716449b618ba0390b1dbebc54fa8e971124Ted Kremenek#include "clang/StaticAnalyzer/Core/BugReporter/BugReporter.h" 24c35fb7d67d515659ad2325b4f6ec97c9fe64fb63Benjamin Kramer#include "clang/AST/Expr.h" 25c0c3f5dbc9e78aa53a86c7d5e3eeda23ddad93d6Ted Kremenek#include "clang/AST/Type.h" 2677349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek 271eb4433ac451dc16f4133a88af2d002ac26c58efMike Stumpnamespace clang { 285a4f98ff943e6a501b0fe47ade007c9bbf96cb88Argyrios Kyrtzidis 291d26f48dc2eea1c07431ca1519d7034a21b9bcffTed Kremenekclass AnalysisDeclContextManager; 30c35fb7d67d515659ad2325b4f6ec97c9fe64fb63Benjamin Kramerclass CXXConstructExpr; 31c35fb7d67d515659ad2325b4f6ec97c9fe64fb63Benjamin Kramerclass CXXDeleteExpr; 32c35fb7d67d515659ad2325b4f6ec97c9fe64fb63Benjamin Kramerclass CXXNewExpr; 33c35fb7d67d515659ad2325b4f6ec97c9fe64fb63Benjamin Kramerclass CXXTemporaryObjectExpr; 34c35fb7d67d515659ad2325b4f6ec97c9fe64fb63Benjamin Kramerclass CXXThisExpr; 35c35fb7d67d515659ad2325b4f6ec97c9fe64fb63Benjamin Kramerclass MaterializeTemporaryExpr; 36c35fb7d67d515659ad2325b4f6ec97c9fe64fb63Benjamin Kramerclass ObjCAtSynchronizedStmt; 375a4f98ff943e6a501b0fe47ade007c9bbf96cb88Argyrios Kyrtzidisclass ObjCForCollectionStmt; 38b1b5daf30d2597e066936772bd206500232d7d65Ted Kremenek 399ef6537a894c33003359b1f9b9676e9178e028b7Ted Kremeneknamespace ento { 405a4f98ff943e6a501b0fe47ade007c9bbf96cb88Argyrios Kyrtzidis 415e2d2c2ee3cf410643e0f9a5701708e51409d973Benjamin Kramerclass AnalysisManager; 42f5e39ece75b18c9ce19351929d4879ad9731e7f5Jordy Roseclass CallOrObjCMessage; 43f5e39ece75b18c9ce19351929d4879ad9731e7f5Jordy Roseclass ObjCMessage; 44f494b579b22f9950f5af021f0bf9879a91bb8b41Steve Naroff 45d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidisclass ExprEngine : public SubEngine { 4625e695b2d574d919cc1bbddf3a2efe073d449b1cZhongxing Xu AnalysisManager &AMgr; 47b1b5daf30d2597e066936772bd206500232d7d65Ted Kremenek 481d26f48dc2eea1c07431ca1519d7034a21b9bcffTed Kremenek AnalysisDeclContextManager &AnalysisDeclContexts; 4925e695b2d574d919cc1bbddf3a2efe073d449b1cZhongxing Xu 50d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis CoreEngine Engine; 511eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 52b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// G - the simulation graph. 53031ccc0555a82afc2e8afe29e19dd57ff204e2deZhongxing Xu ExplodedGraph& G; 541eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 55b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// StateMgr - Object that manages the data for all created states. 5618c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek ProgramStateManager StateMgr; 57cf118d41f7930a18dce97416ef7834a62642f587Ted Kremenek 58b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// SymMgr - Object that manages the symbol information. 59b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek SymbolManager& SymMgr; 601eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 61846eabd187be4bfe992e8bca131166b734d86e0dTed Kremenek /// svalBuilder - SValBuilder object that creates SVals from expressions. 62846eabd187be4bfe992e8bca131166b734d86e0dTed Kremenek SValBuilder &svalBuilder; 631eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 64846d4e923bf11bcdc2816758aafa331795f29230Ted Kremenek /// EntryNode - The immediate predecessor node. 659c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *EntryNode; 66846d4e923bf11bcdc2816758aafa331795f29230Ted Kremenek 67846d4e923bf11bcdc2816758aafa331795f29230Ted Kremenek /// CleanedState - The state for EntryNode "cleaned" of all dead 680d093d3005dd583675a45a85bd688063572cc8afTed Kremenek /// variables and symbols (as determined by a liveness analysis). 698bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef CleanedState; 701eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 710a3ed3143b00f237decb1288c1ff574ae09eba4eTed Kremenek /// currentStmt - The current block-level statement. 729c378f705405d37f49795d5e915989de774fe11fTed Kremenek const Stmt *currentStmt; 738ad8c546372fe602708cb7ceeaf0ebbb866735c6Anna Zaks unsigned int currentStmtIdx; 748ad8c546372fe602708cb7ceeaf0ebbb866735c6Anna Zaks const NodeBuilderContext *currentBuilderContext; 751eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 76a81fffe678107d49a9f1c03d80adf85f18a9867fAnna Zaks /// Obj-C Class Identifiers. 77e448ab4f9dd162802f5d7cfea60f7830cc61c654Ted Kremenek IdentifierInfo* NSExceptionII; 781eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 79a81fffe678107d49a9f1c03d80adf85f18a9867fAnna Zaks /// Obj-C Selectors. 80e448ab4f9dd162802f5d7cfea60f7830cc61c654Ted Kremenek Selector* NSExceptionInstanceRaiseSelectors; 81e448ab4f9dd162802f5d7cfea60f7830cc61c654Ted Kremenek Selector RaiseSel; 8217a38e2636a8b1ce473fc6504c4b16cb09db29f4Jordy Rose 8317a38e2636a8b1ce473fc6504c4b16cb09db29f4Jordy Rose /// Whether or not GC is enabled in this analysis. 8417a38e2636a8b1ce473fc6504c4b16cb09db29f4Jordy Rose bool ObjCGCEnabled; 851eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 869e9595b12e9b55586c4d50d370f429c7a3c92a90Ted Kremenek /// The BugReporter associated with this engine. It is important that 879e9595b12e9b55586c4d50d370f429c7a3c92a90Ted Kremenek /// this object be placed at the very end of member variables so that its 88d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis /// destructor is called before the rest of the ExprEngine is destroyed. 89cf118d41f7930a18dce97416ef7834a62642f587Ted Kremenek GRBugReporter BR; 901eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 91b22d589e2ccd09cada0bcea136f0966883a8bb11Ted Kremenekpublic: 9217a38e2636a8b1ce473fc6504c4b16cb09db29f4Jordy Rose ExprEngine(AnalysisManager &mgr, bool gcEnabled); 93cf118d41f7930a18dce97416ef7834a62642f587Ted Kremenek 94d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis ~ExprEngine(); 951eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 9625e695b2d574d919cc1bbddf3a2efe073d449b1cZhongxing Xu void ExecuteWorkList(const LocationContext *L, unsigned Steps = 150000) { 97d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis Engine.ExecuteWorkList(L, Steps, 0); 982ce43c8f43254a9edea53a20dc0e69195bc82ae0Zhongxing Xu } 992ce43c8f43254a9edea53a20dc0e69195bc82ae0Zhongxing Xu 1002ce43c8f43254a9edea53a20dc0e69195bc82ae0Zhongxing Xu /// Execute the work list with an initial state. Nodes that reaches the exit 1012ce43c8f43254a9edea53a20dc0e69195bc82ae0Zhongxing Xu /// of the function are added into the Dst set, which represent the exit 1022ce43c8f43254a9edea53a20dc0e69195bc82ae0Zhongxing Xu /// state of the function call. 1032ce43c8f43254a9edea53a20dc0e69195bc82ae0Zhongxing Xu void ExecuteWorkListWithInitialState(const LocationContext *L, unsigned Steps, 1048bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef InitState, 1052ce43c8f43254a9edea53a20dc0e69195bc82ae0Zhongxing Xu ExplodedNodeSet &Dst) { 106d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis Engine.ExecuteWorkListWithInitialState(L, Steps, InitState, Dst); 107b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek } 1081eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 109b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// getContext - Return the ASTContext associated with this analysis. 1109c378f705405d37f49795d5e915989de774fe11fTed Kremenek ASTContext &getContext() const { return AMgr.getASTContext(); } 1115032ffe4259e7d436f2eb19e5a29fdae559e7c12Zhongxing Xu 1122ce43c8f43254a9edea53a20dc0e69195bc82ae0Zhongxing Xu virtual AnalysisManager &getAnalysisManager() { return AMgr; } 1131eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 114769ce3e93ad35bd9ac28e4d8b8f035ae4fd9a5b5Argyrios Kyrtzidis CheckerManager &getCheckerManager() const { 115769ce3e93ad35bd9ac28e4d8b8f035ae4fd9a5b5Argyrios Kyrtzidis return *AMgr.getCheckerManager(); 116769ce3e93ad35bd9ac28e4d8b8f035ae4fd9a5b5Argyrios Kyrtzidis } 117769ce3e93ad35bd9ac28e4d8b8f035ae4fd9a5b5Argyrios Kyrtzidis 118846eabd187be4bfe992e8bca131166b734d86e0dTed Kremenek SValBuilder &getSValBuilder() { return svalBuilder; } 1191eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 120cf118d41f7930a18dce97416ef7834a62642f587Ted Kremenek BugReporter& getBugReporter() { return BR; } 1211eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1221aae01a8308d2f8e31adab3f4d7ac35543aac680Anna Zaks const NodeBuilderContext &getBuilderContext() { 123ebae6d0209e1ec3d5ea14f9e63bd0d740218ed14Anna Zaks assert(currentBuilderContext); 124ebae6d0209e1ec3d5ea14f9e63bd0d740218ed14Anna Zaks return *currentBuilderContext; 1251aae01a8308d2f8e31adab3f4d7ac35543aac680Anna Zaks } 126ec9227fea66c3439991fc84b0d33b0a8b4b8875eZhongxing Xu 12717a38e2636a8b1ce473fc6504c4b16cb09db29f4Jordy Rose bool isObjCGCEnabled() { return ObjCGCEnabled; } 1281eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 129ebae6d0209e1ec3d5ea14f9e63bd0d740218ed14Anna Zaks const Stmt *getStmt() const; 130ebae6d0209e1ec3d5ea14f9e63bd0d740218ed14Anna Zaks 131ebae6d0209e1ec3d5ea14f9e63bd0d740218ed14Anna Zaks void GenerateAutoTransition(ExplodedNode *N); 132af498a28797c075c48d7e943df5f5a8e78ed8eb0Anna Zaks void enqueueEndOfPath(ExplodedNodeSet &S); 133af498a28797c075c48d7e943df5f5a8e78ed8eb0Anna Zaks void GenerateCallExitNode(ExplodedNode *N); 134ebae6d0209e1ec3d5ea14f9e63bd0d740218ed14Anna Zaks 135e01c98767dfd7153c3c84637c36659e3bbe16ff7Ted Kremenek /// ViewGraph - Visualize the ExplodedGraph created by executing the 136e01c98767dfd7153c3c84637c36659e3bbe16ff7Ted Kremenek /// simulation. 137ffe0f43806d4823271c2406c1fccc2373115c36aTed Kremenek void ViewGraph(bool trim = false); 1381eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 139031ccc0555a82afc2e8afe29e19dd57ff204e2deZhongxing Xu void ViewGraph(ExplodedNode** Beg, ExplodedNode** End); 1401eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 141b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// getInitialState - Return the initial state used for the root vertex 142b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// in the ExplodedGraph. 1438bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef getInitialState(const LocationContext *InitLoc); 1441eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 145031ccc0555a82afc2e8afe29e19dd57ff204e2deZhongxing Xu ExplodedGraph& getGraph() { return G; } 146031ccc0555a82afc2e8afe29e19dd57ff204e2deZhongxing Xu const ExplodedGraph& getGraph() const { return G; } 14750a6d0ce344c02782e0207574005c3b2aaa5077cTed Kremenek 148e36de1fe51c39d9161915dd3dbef880954af6476Ted Kremenek /// processCFGElement - Called by CoreEngine. Used to generate new successor 1499c6cd67ea416bace666d614c84d5531124287653Zhongxing Xu /// nodes by processing the 'effects' of a CFG element. 150ebae6d0209e1ec3d5ea14f9e63bd0d740218ed14Anna Zaks void processCFGElement(const CFGElement E, ExplodedNode *Pred, 151ebae6d0209e1ec3d5ea14f9e63bd0d740218ed14Anna Zaks unsigned StmtIdx, NodeBuilderContext *Ctx); 1529c6cd67ea416bace666d614c84d5531124287653Zhongxing Xu 153ebae6d0209e1ec3d5ea14f9e63bd0d740218ed14Anna Zaks void ProcessStmt(const CFGStmt S, ExplodedNode *Pred); 1549c6cd67ea416bace666d614c84d5531124287653Zhongxing Xu 155ebae6d0209e1ec3d5ea14f9e63bd0d740218ed14Anna Zaks void ProcessInitializer(const CFGInitializer I, ExplodedNode *Pred); 1569c6cd67ea416bace666d614c84d5531124287653Zhongxing Xu 157ebae6d0209e1ec3d5ea14f9e63bd0d740218ed14Anna Zaks void ProcessImplicitDtor(const CFGImplicitDtor D, ExplodedNode *Pred); 1581eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1594ffcb9974c6b7142c4a1483abfcb1f88b6371c45Zhongxing Xu void ProcessAutomaticObjDtor(const CFGAutomaticObjDtor D, 160056c4b46335a3bd2612414735d5749ee159c0165Anna Zaks ExplodedNode *Pred, ExplodedNodeSet &Dst); 161056c4b46335a3bd2612414735d5749ee159c0165Anna Zaks void ProcessBaseDtor(const CFGBaseDtor D, 162056c4b46335a3bd2612414735d5749ee159c0165Anna Zaks ExplodedNode *Pred, ExplodedNodeSet &Dst); 163056c4b46335a3bd2612414735d5749ee159c0165Anna Zaks void ProcessMemberDtor(const CFGMemberDtor D, 164056c4b46335a3bd2612414735d5749ee159c0165Anna Zaks ExplodedNode *Pred, ExplodedNodeSet &Dst); 1654ffcb9974c6b7142c4a1483abfcb1f88b6371c45Zhongxing Xu void ProcessTemporaryDtor(const CFGTemporaryDtor D, 166056c4b46335a3bd2612414735d5749ee159c0165Anna Zaks ExplodedNode *Pred, ExplodedNodeSet &Dst); 1674ffcb9974c6b7142c4a1483abfcb1f88b6371c45Zhongxing Xu 16827c54e57c4a012dcdf2b40cf985b70d0b9caa69eTed Kremenek /// Called by CoreEngine when processing the entrance of a CFGBlock. 169c03a39e16762627b421247b12a2658be630a3300Anna Zaks virtual void processCFGBlockEntrance(NodeBuilderWithSinks &nodeBuilder); 17027c54e57c4a012dcdf2b40cf985b70d0b9caa69eTed Kremenek 171d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis /// ProcessBranch - Called by CoreEngine. Used to generate successor 172b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// nodes by processing the 'effects' of a branch condition. 1739c378f705405d37f49795d5e915989de774fe11fTed Kremenek void processBranch(const Stmt *Condition, const Stmt *Term, 174a19f4af7a94835ce4693bfe12d6270754e79eb56Anna Zaks NodeBuilderContext& BuilderCtx, 175ad62deeb70e97da6bd514dd390ea1ce6af6ad81dAnna Zaks ExplodedNode *Pred, 1761aae01a8308d2f8e31adab3f4d7ac35543aac680Anna Zaks ExplodedNodeSet &Dst, 177a19f4af7a94835ce4693bfe12d6270754e79eb56Anna Zaks const CFGBlock *DstT, 178a19f4af7a94835ce4693bfe12d6270754e79eb56Anna Zaks const CFGBlock *DstF); 1791eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 180e36de1fe51c39d9161915dd3dbef880954af6476Ted Kremenek /// processIndirectGoto - Called by CoreEngine. Used to generate successor 181b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// nodes by processing the 'effects' of a computed goto jump. 182e36de1fe51c39d9161915dd3dbef880954af6476Ted Kremenek void processIndirectGoto(IndirectGotoNodeBuilder& builder); 1831eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 184d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis /// ProcessSwitch - Called by CoreEngine. Used to generate successor 185b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// nodes by processing the 'effects' of a switch statement. 186e36de1fe51c39d9161915dd3dbef880954af6476Ted Kremenek void processSwitch(SwitchNodeBuilder& builder); 1871eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 188d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis /// ProcessEndPath - Called by CoreEngine. Used to generate end-of-path 18911062b118476368fa5b294954713e5df97d8599fTed Kremenek /// nodes when the control reaches the end of a function. 190af498a28797c075c48d7e943df5f5a8e78ed8eb0Anna Zaks void processEndOfFunction(NodeBuilderContext& BC); 191102acd5369bbb17c0d6ab868af376671acff7a93Douglas Gregor 192ccc263b44c62ce3a02f797a3ddb3d6017cf0e5e4Ted Kremenek /// Generate the entry node of the callee. 1933070e13dca5bbefa32acb80ce4a7b217a6220983Ted Kremenek void processCallEnter(CallEnter CE, ExplodedNode *Pred); 194102acd5369bbb17c0d6ab868af376671acff7a93Douglas Gregor 195ccc263b44c62ce3a02f797a3ddb3d6017cf0e5e4Ted Kremenek /// Generate the first post callsite node. 196894212e9510299abb203801e014fec76b7926a05Ted Kremenek void processCallExit(ExplodedNode *Pred); 197102acd5369bbb17c0d6ab868af376671acff7a93Douglas Gregor 198d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis /// Called by CoreEngine when the analysis worklist has terminated. 199e36de1fe51c39d9161915dd3dbef880954af6476Ted Kremenek void processEndWorklist(bool hasWorkRemaining); 200ccc263b44c62ce3a02f797a3ddb3d6017cf0e5e4Ted Kremenek 2019c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek /// evalAssume - Callback function invoked by the ConstraintManager when 20232a58084a4c53e6938dd81bfce224db25a5976d1Ted Kremenek /// making assumptions about state values. 2038bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef processAssume(ProgramStateRef state, SVal cond,bool assumption); 2041eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 20518c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek /// wantsRegionChangeUpdate - Called by ProgramStateManager to determine if a 206e36de1fe51c39d9161915dd3dbef880954af6476Ted Kremenek /// region change should trigger a processRegionChanges update. 2078bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek bool wantsRegionChangeUpdate(ProgramStateRef state); 208c2b7dfaad674587cfd220ff447b3710d252130c3Jordy Rose 20918c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek /// processRegionChanges - Called by ProgramStateManager whenever a change is made 210c2b7dfaad674587cfd220ff447b3710d252130c3Jordy Rose /// to the store. Used to update checkers that track region values. 2118bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef 2128bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek processRegionChanges(ProgramStateRef state, 21335bdbf40624beba3fc00cb72ab444659939c1a6bTed Kremenek const StoreManager::InvalidatedSymbols *invalidated, 214537716ad8dd10f984b6cfe6985afade1185c5e3cJordy Rose ArrayRef<const MemRegion *> ExplicitRegions, 21566c40400e7d6272b0cd675ada18dd62c1f0362c7Anna Zaks ArrayRef<const MemRegion *> Regions, 21666c40400e7d6272b0cd675ada18dd62c1f0362c7Anna Zaks const CallOrObjCMessage *Call); 217c2b7dfaad674587cfd220ff447b3710d252130c3Jordy Rose 218dbd658e139b3e0bf084f75feaea8d844af9e319fJordy Rose /// printState - Called by ProgramStateManager to print checker-specific data. 2198bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek void printState(raw_ostream &Out, ProgramStateRef State, 220dbd658e139b3e0bf084f75feaea8d844af9e319fJordy Rose const char *NL, const char *Sep); 221dbd658e139b3e0bf084f75feaea8d844af9e319fJordy Rose 22218c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek virtual ProgramStateManager& getStateManager() { return StateMgr; } 22390e72e4106a0c3efa7575e9f9cba0c775bb54552Zhongxing Xu 22490e72e4106a0c3efa7575e9f9cba0c775bb54552Zhongxing Xu StoreManager& getStoreManager() { return StateMgr.getStoreManager(); } 2251eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 226a516ce16b472e61924f5dd10d181c3e8330979afTed Kremenek ConstraintManager& getConstraintManager() { 227a516ce16b472e61924f5dd10d181c3e8330979afTed Kremenek return StateMgr.getConstraintManager(); 228a516ce16b472e61924f5dd10d181c3e8330979afTed Kremenek } 2291eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 230c8413fd03f73084a5c93028f8b4db619fc388087Ted Kremenek // FIXME: Remove when we migrate over to just using SValBuilder. 2316297a8ec313c722db50f686fd190842b7ea91118Ted Kremenek BasicValueFactory& getBasicVals() { 2326297a8ec313c722db50f686fd190842b7ea91118Ted Kremenek return StateMgr.getBasicVals(); 2336297a8ec313c722db50f686fd190842b7ea91118Ted Kremenek } 2346297a8ec313c722db50f686fd190842b7ea91118Ted Kremenek const BasicValueFactory& getBasicVals() const { 2356297a8ec313c722db50f686fd190842b7ea91118Ted Kremenek return StateMgr.getBasicVals(); 2366297a8ec313c722db50f686fd190842b7ea91118Ted Kremenek } 2371eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 238044b6f0417cb98741f277602fabf5f07ec9a02c0Ted Kremenek // FIXME: Remove when we migrate over to just using ValueManager. 23900a3a5f024ac54088ab887712b292171188064f0Ted Kremenek SymbolManager& getSymbolManager() { return SymMgr; } 24000a3a5f024ac54088ab887712b292171188064f0Ted Kremenek const SymbolManager& getSymbolManager() const { return SymMgr; } 2411eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 242bc42c533e7d3d946704a49e242939dd232f33072Tom Care // Functions for external checking of whether we have unfinished work 243422ab7a49a9a4252dbc6350e49d7a5708337b9c7Ted Kremenek bool wasBlocksExhausted() const { return Engine.wasBlocksExhausted(); } 244d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis bool hasEmptyWorkList() const { return !Engine.getWorkList()->hasWork(); } 245422ab7a49a9a4252dbc6350e49d7a5708337b9c7Ted Kremenek bool hasWorkRemaining() const { return Engine.hasWorkRemaining(); } 246bc42c533e7d3d946704a49e242939dd232f33072Tom Care 247d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis const CoreEngine &getCoreEngine() const { return Engine; } 248bc42c533e7d3d946704a49e242939dd232f33072Tom Care 2491670e403c48f3af4fceff3f6773a0e1cfc6c4eb3Ted Kremenekpublic: 250b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// Visit - Transfer function logic for all statements. Dispatches to 251b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// other functions that handle specific kinds of statements. 2529c378f705405d37f49795d5e915989de774fe11fTed Kremenek void Visit(const Stmt *S, ExplodedNode *Pred, ExplodedNodeSet &Dst); 2531eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 254c5b1bf10133a8ecbfe9e6b3ec92bae84e3d927e8Ted Kremenek /// VisitArraySubscriptExpr - Transfer function for array accesses. 2559c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitLvalArraySubscriptExpr(const ArraySubscriptExpr *Ex, 2569c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *Pred, 2579c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 2581eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 259ef44bfb9d0f15ba0391f8346c9f01355fb450a09Ted Kremenek /// VisitAsmStmt - Transfer function logic for inline asm. 2609c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitAsmStmt(const AsmStmt *A, ExplodedNode *Pred, ExplodedNodeSet &Dst); 2611eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 2629c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitAsmStmtHelperOutputs(const AsmStmt *A, 26303509aea098772644bf4662dc1c88634818ceeccZhongxing Xu AsmStmt::const_outputs_iterator I, 26403509aea098772644bf4662dc1c88634818ceeccZhongxing Xu AsmStmt::const_outputs_iterator E, 2659c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst); 2661eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 2679c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitAsmStmtHelperInputs(const AsmStmt *A, 26803509aea098772644bf4662dc1c88634818ceeccZhongxing Xu AsmStmt::const_inputs_iterator I, 26903509aea098772644bf4662dc1c88634818ceeccZhongxing Xu AsmStmt::const_inputs_iterator E, 2709c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst); 271c95ad9ff6e574aecdd759542d5578bc65d586d93Ted Kremenek 272c95ad9ff6e574aecdd759542d5578bc65d586d93Ted Kremenek /// VisitBlockExpr - Transfer function logic for BlockExprs. 27303509aea098772644bf4662dc1c88634818ceeccZhongxing Xu void VisitBlockExpr(const BlockExpr *BE, ExplodedNode *Pred, 27403509aea098772644bf4662dc1c88634818ceeccZhongxing Xu ExplodedNodeSet &Dst); 2751eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 276b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// VisitBinaryOperator - Transfer function logic for binary operators. 2779c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitBinaryOperator(const BinaryOperator* B, ExplodedNode *Pred, 2789c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 279469ecbded3616416ef938ed94a67f86149faf226Ted Kremenek 2801eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 281de43424560f1a744de6214dab6bbee28ad8437f5Ted Kremenek /// VisitCall - Transfer function for function calls. 2829c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitCallExpr(const CallExpr *CE, ExplodedNode *Pred, 2839c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 2841eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 285b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// VisitCast - Transfer function logic for all casts (implicit and explicit). 28603509aea098772644bf4662dc1c88634818ceeccZhongxing Xu void VisitCast(const CastExpr *CastE, const Expr *Ex, ExplodedNode *Pred, 287892697dd2287caf7c29aaaa82909b0e90b8b63feTed Kremenek ExplodedNodeSet &Dst); 288e1c2a675e0c089e1f53cbd55d2197a8beaa852aeTed Kremenek 2894f09027385466f1f4c382c80ca77157e2aef97d9Ted Kremenek /// VisitCompoundLiteralExpr - Transfer function logic for compound literals. 2909c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitCompoundLiteralExpr(const CompoundLiteralExpr *CL, 2919c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst); 2921eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 293892697dd2287caf7c29aaaa82909b0e90b8b63feTed Kremenek /// Transfer function logic for DeclRefExprs and BlockDeclRefExprs. 2949c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitCommonDeclRefExpr(const Expr *DR, const NamedDecl *D, 2959c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst); 29667d1287035767f4f6c8ca0c2bb755990012a44caTed Kremenek 297b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// VisitDeclStmt - Transfer function logic for DeclStmts. 2989c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitDeclStmt(const DeclStmt *DS, ExplodedNode *Pred, 2999c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 3001eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 301b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// VisitGuardedExpr - Transfer function logic for ?, __builtin_choose 3029c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitGuardedExpr(const Expr *Ex, const Expr *L, const Expr *R, 3039c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst); 30461dfbecd8e6181b2ba42ffb5feede27a2bab3b8aTed Kremenek 3059c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitInitListExpr(const InitListExpr *E, ExplodedNode *Pred, 3069c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 307c4f8706b6539e06a5de153bd72850bb2e0a71456Zhongxing Xu 308b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// VisitLogicalExpr - Transfer function logic for '&&', '||' 3099c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitLogicalExpr(const BinaryOperator* B, ExplodedNode *Pred, 3109c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 3111eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 312469ecbded3616416ef938ed94a67f86149faf226Ted Kremenek /// VisitMemberExpr - Transfer function for member expressions. 3139c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitMemberExpr(const MemberExpr *M, ExplodedNode *Pred, 3149c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 3151eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3164beaa9f51b2da57c64740cef2bd1c2fdb0c325d5Ted Kremenek /// Transfer function logic for ObjCAtSynchronizedStmts. 3174beaa9f51b2da57c64740cef2bd1c2fdb0c325d5Ted Kremenek void VisitObjCAtSynchronizedStmt(const ObjCAtSynchronizedStmt *S, 3184beaa9f51b2da57c64740cef2bd1c2fdb0c325d5Ted Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst); 3194beaa9f51b2da57c64740cef2bd1c2fdb0c325d5Ted Kremenek 320892697dd2287caf7c29aaaa82909b0e90b8b63feTed Kremenek /// Transfer function logic for computing the lvalue of an Objective-C ivar. 3219c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitLvalObjCIvarRefExpr(const ObjCIvarRefExpr *DR, ExplodedNode *Pred, 3229c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 323af3374187c47acea45706eab6744be6b1c66a856Ted Kremenek 324af3374187c47acea45706eab6744be6b1c66a856Ted Kremenek /// VisitObjCForCollectionStmt - Transfer function logic for 325af3374187c47acea45706eab6744be6b1c66a856Ted Kremenek /// ObjCForCollectionStmt. 3269c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitObjCForCollectionStmt(const ObjCForCollectionStmt *S, 3279c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst); 3281eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3294410a935e8d8ee3c903b858bbf74ca24fce629b5Ted Kremenek void VisitObjCMessage(const ObjCMessage &msg, ExplodedNode *Pred, 3309c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 3311eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 33202737ed29d7fff2206f7c7ee958cdf0665e35542Ted Kremenek /// VisitReturnStmt - Transfer function logic for return statements. 3339c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitReturnStmt(const ReturnStmt *R, ExplodedNode *Pred, 3349c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 3358ecdb65716cd7914ffb2eeee993fa9039fcd31e8Douglas Gregor 3368ecdb65716cd7914ffb2eeee993fa9039fcd31e8Douglas Gregor /// VisitOffsetOfExpr - Transfer function for offsetof. 3379c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitOffsetOfExpr(const OffsetOfExpr *Ex, ExplodedNode *Pred, 3389c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 3391eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 340f4e3cfbe8abd124be6341ef5d714819b4fbd9082Peter Collingbourne /// VisitUnaryExprOrTypeTraitExpr - Transfer function for sizeof. 3419c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitUnaryExprOrTypeTraitExpr(const UnaryExprOrTypeTraitExpr *Ex, 3429c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst); 3431eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 344b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// VisitUnaryOperator - Transfer function logic for unary operators. 3459c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitUnaryOperator(const UnaryOperator* B, ExplodedNode *Pred, 3469c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 347bb141217871e93767aa3f2de1b9946fa6d37066aZhongxing Xu 3488ad8c546372fe602708cb7ceeaf0ebbb866735c6Anna Zaks /// Handle ++ and -- (both pre- and post-increment). 3498ad8c546372fe602708cb7ceeaf0ebbb866735c6Anna Zaks void VisitIncrementDecrementOperator(const UnaryOperator* U, 3508ad8c546372fe602708cb7ceeaf0ebbb866735c6Anna Zaks ExplodedNode *Pred, 3518ad8c546372fe602708cb7ceeaf0ebbb866735c6Anna Zaks ExplodedNodeSet &Dst); 3528ad8c546372fe602708cb7ceeaf0ebbb866735c6Anna Zaks 35303509aea098772644bf4662dc1c88634818ceeccZhongxing Xu void VisitCXXThisExpr(const CXXThisExpr *TE, ExplodedNode *Pred, 354bb141217871e93767aa3f2de1b9946fa6d37066aZhongxing Xu ExplodedNodeSet & Dst); 355d706434b0231c76fd9acf30060646a7aa8f69aefZhongxing Xu 356d706434b0231c76fd9acf30060646a7aa8f69aefZhongxing Xu void VisitCXXTemporaryObjectExpr(const CXXTemporaryObjectExpr *expr, 357c35fb7d67d515659ad2325b4f6ec97c9fe64fb63Benjamin Kramer ExplodedNode *Pred, ExplodedNodeSet &Dst); 358d706434b0231c76fd9acf30060646a7aa8f69aefZhongxing Xu 3597ce351db56fbce162a3b650518ce05b5c61ebf36Zhongxing Xu void VisitCXXConstructExpr(const CXXConstructExpr *E, const MemRegion *Dest, 360892697dd2287caf7c29aaaa82909b0e90b8b63feTed Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst); 361950db87e5efe2ff0c7234116929f8637aaf7ae7aZhongxing Xu 362b13453bd8a91f331d0910ca95ad52aa41b52f648Zhongxing Xu void VisitCXXDestructor(const CXXDestructorDecl *DD, 363b13453bd8a91f331d0910ca95ad52aa41b52f648Zhongxing Xu const MemRegion *Dest, const Stmt *S, 364b13453bd8a91f331d0910ca95ad52aa41b52f648Zhongxing Xu ExplodedNode *Pred, ExplodedNodeSet &Dst); 365b13453bd8a91f331d0910ca95ad52aa41b52f648Zhongxing Xu 36603509aea098772644bf4662dc1c88634818ceeccZhongxing Xu void VisitCXXNewExpr(const CXXNewExpr *CNE, ExplodedNode *Pred, 367856c6bcaea56e05255e9f3997ddd56b5c18a14f0Zhongxing Xu ExplodedNodeSet &Dst); 368856c6bcaea56e05255e9f3997ddd56b5c18a14f0Zhongxing Xu 36903509aea098772644bf4662dc1c88634818ceeccZhongxing Xu void VisitCXXDeleteExpr(const CXXDeleteExpr *CDE, ExplodedNode *Pred, 3706b8513829895e56a7b97e787ea74520bc626512eZhongxing Xu ExplodedNodeSet &Dst); 3716b8513829895e56a7b97e787ea74520bc626512eZhongxing Xu 3727ce351db56fbce162a3b650518ce05b5c61ebf36Zhongxing Xu void VisitAggExpr(const Expr *E, const MemRegion *Dest, ExplodedNode *Pred, 3737b71c1977cccafa23f9ecb3b0b22199e61ae634cZhongxing Xu ExplodedNodeSet &Dst); 3747b71c1977cccafa23f9ecb3b0b22199e61ae634cZhongxing Xu 375bc37b8dd9914e02580f531fa6e5e72be34d9675eZhongxing Xu /// Create a C++ temporary object for an rvalue. 376eea72a925f294225391ecec876a342771c09b635Ted Kremenek void CreateCXXTemporaryObject(const MaterializeTemporaryExpr *ME, 377eea72a925f294225391ecec876a342771c09b635Ted Kremenek ExplodedNode *Pred, 378bc37b8dd9914e02580f531fa6e5e72be34d9675eZhongxing Xu ExplodedNodeSet &Dst); 379bc37b8dd9914e02580f531fa6e5e72be34d9675eZhongxing Xu 3808e18c1b840882d26039503629d7e4ad4822f3bdaZhongxing Xu /// Synthesize CXXThisRegion. 3819dc84c9455df2a77195147d0210c915dc1775a88Zhongxing Xu const CXXThisRegion *getCXXThisRegion(const CXXRecordDecl *RD, 3828e18c1b840882d26039503629d7e4ad4822f3bdaZhongxing Xu const StackFrameContext *SFC); 3838e18c1b840882d26039503629d7e4ad4822f3bdaZhongxing Xu 38432303020d0f1a21cbcab65ae0c69a4218dc8f0fbZhongxing Xu const CXXThisRegion *getCXXThisRegion(const CXXMethodDecl *decl, 38532303020d0f1a21cbcab65ae0c69a4218dc8f0fbZhongxing Xu const StackFrameContext *frameCtx); 38632303020d0f1a21cbcab65ae0c69a4218dc8f0fbZhongxing Xu 387b17b1b3cc2b0d4d3b263b9384571bbc7f3995771Zhongxing Xu /// Evaluate arguments with a work list algorithm. 3889c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek void evalArguments(ConstExprIterator AI, ConstExprIterator AE, 389b17b1b3cc2b0d4d3b263b9384571bbc7f3995771Zhongxing Xu const FunctionProtoType *FnType, 39082c63bfa0c5130e0cf274c1974b6157ebefc04feMarcin Swiderski ExplodedNode *Pred, ExplodedNodeSet &Dst, 39182c63bfa0c5130e0cf274c1974b6157ebefc04feMarcin Swiderski bool FstArgAsLValue = false); 392b277159055933e610bbc80262b600d3ad7e0595cTed Kremenek 393b277159055933e610bbc80262b600d3ad7e0595cTed Kremenek /// Evaluate callee expression (for a function call). 394b277159055933e610bbc80262b600d3ad7e0595cTed Kremenek void evalCallee(const CallExpr *callExpr, const ExplodedNodeSet &src, 395b277159055933e610bbc80262b600d3ad7e0595cTed Kremenek ExplodedNodeSet &dest); 3966a02b609c2e23b28d24f9db4c8006137c6b55ae4Marcin Swiderski 3979c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek /// evalEagerlyAssume - Given the nodes in 'Src', eagerly assume symbolic 39848af2a9c1ed3259512f2d1431720add1fbe8fb5fTed Kremenek /// expressions of the form 'x != 0' and generate new nodes (stored in Dst) 39948af2a9c1ed3259512f2d1431720add1fbe8fb5fTed Kremenek /// with those assumptions. 4009c378f705405d37f49795d5e915989de774fe11fTed Kremenek void evalEagerlyAssume(ExplodedNodeSet &Dst, ExplodedNodeSet &Src, 40103509aea098772644bf4662dc1c88634818ceeccZhongxing Xu const Expr *Ex); 4026c7511db998817e64f2e124013e7d7c9a430c580Ted Kremenek 4036c7511db998817e64f2e124013e7d7c9a430c580Ted Kremenek std::pair<const ProgramPointTag *, const ProgramPointTag*> 4046c7511db998817e64f2e124013e7d7c9a430c580Ted Kremenek getEagerlyAssumeTags(); 4051eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4069c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek SVal evalMinus(SVal X) { 4079c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek return X.isValid() ? svalBuilder.evalMinus(cast<NonLoc>(X)) : X; 408b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek } 4091eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4109c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek SVal evalComplement(SVal X) { 4119c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek return X.isValid() ? svalBuilder.evalComplement(cast<NonLoc>(X)) : X; 41290e420321f60860f4c4e7a68ca9f7567824b46ecTed Kremenek } 413248072a8b9cd956c4ac63172fc2af09790f7c6a9Zhongxing Xu 4141670e403c48f3af4fceff3f6773a0e1cfc6c4eb3Ted Kremenekpublic: 4151eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4168bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek SVal evalBinOp(ProgramStateRef state, BinaryOperator::Opcode op, 417cd8f6ac9b613e1fe962ebf9c87d822ce765275e6Ted Kremenek NonLoc L, NonLoc R, QualType T) { 4189c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek return svalBuilder.evalBinOpNN(state, op, L, R, T); 4196297a8ec313c722db50f686fd190842b7ea91118Ted Kremenek } 42010c16657eec144def180ee53d1e0249c9ed2b3b5Ted Kremenek 4218bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek SVal evalBinOp(ProgramStateRef state, BinaryOperator::Opcode op, 422cd8f6ac9b613e1fe962ebf9c87d822ce765275e6Ted Kremenek NonLoc L, SVal R, QualType T) { 4239c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek return R.isValid() ? svalBuilder.evalBinOpNN(state,op,L, cast<NonLoc>(R), T) : R; 424b640b3b5dfccaf259967cb2cb6755c9aa20d4423Ted Kremenek } 4251eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4268bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek SVal evalBinOp(ProgramStateRef ST, BinaryOperator::Opcode Op, 427ff4264dae31cf42807b64ecc114906b0b835690aTed Kremenek SVal LHS, SVal RHS, QualType T) { 4289c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek return svalBuilder.evalBinOp(ST, Op, LHS, RHS, T); 429ff4264dae31cf42807b64ecc114906b0b835690aTed Kremenek } 4305b9bd2137ebef350af803c634e3fdf5d74678100Ted Kremenek 4311670e403c48f3af4fceff3f6773a0e1cfc6c4eb3Ted Kremenekprotected: 432aa0aeb1cbe117db68d35700cb3a34aace0f99b99Anna Zaks void evalObjCMessage(StmtNodeBuilder &Bldr, const ObjCMessage &msg, 4338bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ExplodedNode *Pred, ProgramStateRef state, 434ebae6d0209e1ec3d5ea14f9e63bd0d740218ed14Anna Zaks bool GenSink); 4351670e403c48f3af4fceff3f6773a0e1cfc6c4eb3Ted Kremenek 4368bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef invalidateArguments(ProgramStateRef State, 437e38dd95dddb8f1b38469c8d0e28aa1c660489324Jordy Rose const CallOrObjCMessage &Call, 438e38dd95dddb8f1b38469c8d0e28aa1c660489324Jordy Rose const LocationContext *LC); 439e38dd95dddb8f1b38469c8d0e28aa1c660489324Jordy Rose 4408bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef MarkBranch(ProgramStateRef state, 4415eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek const Stmt *Terminator, 4425eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek const LocationContext *LCtx, 4435eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek bool branchTaken); 4441eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4459c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek /// evalBind - Handle the semantics of binding a value to a specific location. 4469c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek /// This method is used by evalStore, VisitDeclStmt, and others. 4479c378f705405d37f49795d5e915989de774fe11fTed Kremenek void evalBind(ExplodedNodeSet &Dst, const Stmt *StoreE, ExplodedNode *Pred, 448ebae6d0209e1ec3d5ea14f9e63bd0d740218ed14Anna Zaks SVal location, SVal Val, bool atDeclInit = false, 449ebae6d0209e1ec3d5ea14f9e63bd0d740218ed14Anna Zaks ProgramPoint::Kind PP = ProgramPoint::PostStmtKind); 4501eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4511670e403c48f3af4fceff3f6773a0e1cfc6c4eb3Ted Kremenekpublic: 452b4b817d704287836b52b34369009e682f208aa2bTed Kremenek // FIXME: 'tag' should be removed, and a LocationContext should be used 453b4b817d704287836b52b34369009e682f208aa2bTed Kremenek // instead. 454834f9de3d3d76986d09f41725a70ba45a3e2aecdZhanyong Wan // FIXME: Comment on the meaning of the arguments, when 'St' may not 455834f9de3d3d76986d09f41725a70ba45a3e2aecdZhanyong Wan // be the same as Pred->state, and when 'location' may not be the 456834f9de3d3d76986d09f41725a70ba45a3e2aecdZhanyong Wan // same as state->getLValue(Ex). 457834f9de3d3d76986d09f41725a70ba45a3e2aecdZhanyong Wan /// Simulate a read of the result of Ex. 4589c378f705405d37f49795d5e915989de774fe11fTed Kremenek void evalLoad(ExplodedNodeSet &Dst, const Expr *Ex, ExplodedNode *Pred, 4598bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef St, SVal location, const ProgramPointTag *tag = 0, 460652be346f74feba027bcbdeb6a3e3f4755a0e62cZhongxing Xu QualType LoadTy = QualType()); 4611eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 462b4b817d704287836b52b34369009e682f208aa2bTed Kremenek // FIXME: 'tag' should be removed, and a LocationContext should be used 463b4b817d704287836b52b34369009e682f208aa2bTed Kremenek // instead. 4649c378f705405d37f49795d5e915989de774fe11fTed Kremenek void evalStore(ExplodedNodeSet &Dst, const Expr *AssignE, const Expr *StoreE, 4658bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ExplodedNode *Pred, ProgramStateRef St, SVal TargetLV, SVal Val, 466ca804539d908d3a0e8c72a0df5f1f571d29490bbTed Kremenek const ProgramPointTag *tag = 0); 467834f9de3d3d76986d09f41725a70ba45a3e2aecdZhanyong Wanprivate: 4689c378f705405d37f49795d5e915989de774fe11fTed Kremenek void evalLoadCommon(ExplodedNodeSet &Dst, const Expr *Ex, ExplodedNode *Pred, 4698bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef St, SVal location, const ProgramPointTag *tag, 470852274d4257134906995cb252fb3dfd2d71deae8Ted Kremenek QualType LoadTy); 471852274d4257134906995cb252fb3dfd2d71deae8Ted Kremenek 472852274d4257134906995cb252fb3dfd2d71deae8Ted Kremenek // FIXME: 'tag' should be removed, and a LocationContext should be used 473852274d4257134906995cb252fb3dfd2d71deae8Ted Kremenek // instead. 4749c378f705405d37f49795d5e915989de774fe11fTed Kremenek void evalLocation(ExplodedNodeSet &Dst, const Stmt *S, ExplodedNode *Pred, 4758bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef St, SVal location, 476ca804539d908d3a0e8c72a0df5f1f571d29490bbTed Kremenek const ProgramPointTag *tag, bool isLoad); 4771c625f25055331bf76ab5479a8060d2b0f61e8b8Zhongxing Xu 4781c625f25055331bf76ab5479a8060d2b0f61e8b8Zhongxing Xu bool InlineCall(ExplodedNodeSet &Dst, const CallExpr *CE, ExplodedNode *Pred); 479b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek}; 4801eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 48165423aeb996a296cf2964f136ce4a4a937bd1687Zhongxing Xu} // end ento namespace 4825a4f98ff943e6a501b0fe47ade007c9bbf96cb88Argyrios Kyrtzidis 483c0c3f5dbc9e78aa53a86c7d5e3eeda23ddad93d6Ted Kremenek} // end clang namespace 484c0c3f5dbc9e78aa53a86c7d5e3eeda23ddad93d6Ted Kremenek 485d065d6080f0620bb80b933f3f5d52d37bb2ea770Ted Kremenek#endif 486