ExprEngine.h revision dbd658e139b3e0bf084f75feaea8d844af9e319f
1d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis//===-- ExprEngine.h - Path-Sensitive Expression-Level Dataflow ---*- C++ -*-=// 277349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek// 377349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek// The LLVM Compiler Infrastructure 477349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek// 577349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek// This file is distributed under the University of Illinois Open Source 677349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek// License. See LICENSE.TXT for details. 777349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek// 877349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek//===----------------------------------------------------------------------===// 977349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek// 10b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek// This file defines a meta-engine for path-sensitive dataflow analysis that 11d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis// is built on CoreEngine, but provides the boilerplate to execute transfer 12b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek// functions and build the ExplodedGraph at the expression level. 1377349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek// 1477349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek//===----------------------------------------------------------------------===// 1577349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek 16d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis#ifndef LLVM_CLANG_GR_EXPRENGINE 17d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis#define LLVM_CLANG_GR_EXPRENGINE 18d065d6080f0620bb80b933f3f5d52d37bb2ea770Ted Kremenek 199b663716449b618ba0390b1dbebc54fa8e971124Ted Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/AnalysisManager.h" 209b663716449b618ba0390b1dbebc54fa8e971124Ted Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/SubEngine.h" 219b663716449b618ba0390b1dbebc54fa8e971124Ted Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/CoreEngine.h" 2218c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h" 239b663716449b618ba0390b1dbebc54fa8e971124Ted Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/TransferFuncs.h" 24e5cfd52a3a5d4bb46f77323fa8fa0b973fcde7bcTed Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/ObjCMessage.h" 259b663716449b618ba0390b1dbebc54fa8e971124Ted Kremenek#include "clang/StaticAnalyzer/Core/BugReporter/BugReporter.h" 26c0c3f5dbc9e78aa53a86c7d5e3eeda23ddad93d6Ted Kremenek#include "clang/AST/Type.h" 27f494b579b22f9950f5af021f0bf9879a91bb8b41Steve Naroff#include "clang/AST/ExprObjC.h" 28bb141217871e93767aa3f2de1b9946fa6d37066aZhongxing Xu#include "clang/AST/ExprCXX.h" 294beaa9f51b2da57c64740cef2bd1c2fdb0c325d5Ted Kremenek#include "clang/AST/StmtObjC.h" 3077349cb20bfd7069d081f84c91975bfa8ef60a32Ted Kremenek 311eb4433ac451dc16f4133a88af2d002ac26c58efMike Stumpnamespace clang { 325a4f98ff943e6a501b0fe47ade007c9bbf96cb88Argyrios Kyrtzidis 335a4f98ff943e6a501b0fe47ade007c9bbf96cb88Argyrios Kyrtzidisclass ObjCForCollectionStmt; 345a4f98ff943e6a501b0fe47ade007c9bbf96cb88Argyrios Kyrtzidis 359ef6537a894c33003359b1f9b9676e9178e028b7Ted Kremeneknamespace ento { 365a4f98ff943e6a501b0fe47ade007c9bbf96cb88Argyrios Kyrtzidis 375e2d2c2ee3cf410643e0f9a5701708e51409d973Benjamin Kramerclass AnalysisManager; 38f494b579b22f9950f5af021f0bf9879a91bb8b41Steve Naroff 39d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidisclass ExprEngine : public SubEngine { 4025e695b2d574d919cc1bbddf3a2efe073d449b1cZhongxing Xu AnalysisManager &AMgr; 4125e695b2d574d919cc1bbddf3a2efe073d449b1cZhongxing Xu 42d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis CoreEngine Engine; 431eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 44b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// G - the simulation graph. 45031ccc0555a82afc2e8afe29e19dd57ff204e2deZhongxing Xu ExplodedGraph& G; 461eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 47d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis /// Builder - The current StmtNodeBuilder which is used when building the 48b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// nodes for a given statement. 49d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis StmtNodeBuilder* Builder; 501eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 51b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// StateMgr - Object that manages the data for all created states. 5218c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek ProgramStateManager StateMgr; 53cf118d41f7930a18dce97416ef7834a62642f587Ted Kremenek 54b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// SymMgr - Object that manages the symbol information. 55b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek SymbolManager& SymMgr; 561eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 57846eabd187be4bfe992e8bca131166b734d86e0dTed Kremenek /// svalBuilder - SValBuilder object that creates SVals from expressions. 58846eabd187be4bfe992e8bca131166b734d86e0dTed Kremenek SValBuilder &svalBuilder; 591eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 60846d4e923bf11bcdc2816758aafa331795f29230Ted Kremenek /// EntryNode - The immediate predecessor node. 619c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *EntryNode; 62846d4e923bf11bcdc2816758aafa331795f29230Ted Kremenek 63846d4e923bf11bcdc2816758aafa331795f29230Ted Kremenek /// CleanedState - The state for EntryNode "cleaned" of all dead 640d093d3005dd583675a45a85bd688063572cc8afTed Kremenek /// variables and symbols (as determined by a liveness analysis). 6518c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek const ProgramState *CleanedState; 661eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 670a3ed3143b00f237decb1288c1ff574ae09eba4eTed Kremenek /// currentStmt - The current block-level statement. 689c378f705405d37f49795d5e915989de774fe11fTed Kremenek const Stmt *currentStmt; 691eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 70e448ab4f9dd162802f5d7cfea60f7830cc61c654Ted Kremenek // Obj-C Class Identifiers. 71e448ab4f9dd162802f5d7cfea60f7830cc61c654Ted Kremenek IdentifierInfo* NSExceptionII; 721eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 73e448ab4f9dd162802f5d7cfea60f7830cc61c654Ted Kremenek // Obj-C Selectors. 74e448ab4f9dd162802f5d7cfea60f7830cc61c654Ted Kremenek Selector* NSExceptionInstanceRaiseSelectors; 75e448ab4f9dd162802f5d7cfea60f7830cc61c654Ted Kremenek Selector RaiseSel; 761eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 779e9595b12e9b55586c4d50d370f429c7a3c92a90Ted Kremenek /// The BugReporter associated with this engine. It is important that 789e9595b12e9b55586c4d50d370f429c7a3c92a90Ted Kremenek /// this object be placed at the very end of member variables so that its 79d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis /// destructor is called before the rest of the ExprEngine is destroyed. 80cf118d41f7930a18dce97416ef7834a62642f587Ted Kremenek GRBugReporter BR; 8132a58084a4c53e6938dd81bfce224db25a5976d1Ted Kremenek 82d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis llvm::OwningPtr<TransferFuncs> TF; 831eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 84b22d589e2ccd09cada0bcea136f0966883a8bb11Ted Kremenekpublic: 85d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis ExprEngine(AnalysisManager &mgr, TransferFuncs *tf); 86cf118d41f7930a18dce97416ef7834a62642f587Ted Kremenek 87d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis ~ExprEngine(); 881eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 8925e695b2d574d919cc1bbddf3a2efe073d449b1cZhongxing Xu void ExecuteWorkList(const LocationContext *L, unsigned Steps = 150000) { 90d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis Engine.ExecuteWorkList(L, Steps, 0); 912ce43c8f43254a9edea53a20dc0e69195bc82ae0Zhongxing Xu } 922ce43c8f43254a9edea53a20dc0e69195bc82ae0Zhongxing Xu 932ce43c8f43254a9edea53a20dc0e69195bc82ae0Zhongxing Xu /// Execute the work list with an initial state. Nodes that reaches the exit 942ce43c8f43254a9edea53a20dc0e69195bc82ae0Zhongxing Xu /// of the function are added into the Dst set, which represent the exit 952ce43c8f43254a9edea53a20dc0e69195bc82ae0Zhongxing Xu /// state of the function call. 962ce43c8f43254a9edea53a20dc0e69195bc82ae0Zhongxing Xu void ExecuteWorkListWithInitialState(const LocationContext *L, unsigned Steps, 9718c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek const ProgramState *InitState, 982ce43c8f43254a9edea53a20dc0e69195bc82ae0Zhongxing Xu ExplodedNodeSet &Dst) { 99d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis Engine.ExecuteWorkListWithInitialState(L, Steps, InitState, Dst); 100b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek } 1011eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 102b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// getContext - Return the ASTContext associated with this analysis. 1039c378f705405d37f49795d5e915989de774fe11fTed Kremenek ASTContext &getContext() const { return AMgr.getASTContext(); } 1045032ffe4259e7d436f2eb19e5a29fdae559e7c12Zhongxing Xu 1052ce43c8f43254a9edea53a20dc0e69195bc82ae0Zhongxing Xu virtual AnalysisManager &getAnalysisManager() { return AMgr; } 1061eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 107769ce3e93ad35bd9ac28e4d8b8f035ae4fd9a5b5Argyrios Kyrtzidis CheckerManager &getCheckerManager() const { 108769ce3e93ad35bd9ac28e4d8b8f035ae4fd9a5b5Argyrios Kyrtzidis return *AMgr.getCheckerManager(); 109769ce3e93ad35bd9ac28e4d8b8f035ae4fd9a5b5Argyrios Kyrtzidis } 110769ce3e93ad35bd9ac28e4d8b8f035ae4fd9a5b5Argyrios Kyrtzidis 111846eabd187be4bfe992e8bca131166b734d86e0dTed Kremenek SValBuilder &getSValBuilder() { return svalBuilder; } 1121eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 113d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis TransferFuncs& getTF() { return *TF; } 1141eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 115cf118d41f7930a18dce97416ef7834a62642f587Ted Kremenek BugReporter& getBugReporter() { return BR; } 1161eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 117d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis StmtNodeBuilder &getBuilder() { assert(Builder); return *Builder; } 118ec9227fea66c3439991fc84b0d33b0a8b4b8875eZhongxing Xu 119d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis // FIXME: Remove once TransferFuncs is no longer referenced. 120d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis void setTransferFunction(TransferFuncs* tf); 1211eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 122e01c98767dfd7153c3c84637c36659e3bbe16ff7Ted Kremenek /// ViewGraph - Visualize the ExplodedGraph created by executing the 123e01c98767dfd7153c3c84637c36659e3bbe16ff7Ted Kremenek /// simulation. 124ffe0f43806d4823271c2406c1fccc2373115c36aTed Kremenek void ViewGraph(bool trim = false); 1251eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 126031ccc0555a82afc2e8afe29e19dd57ff204e2deZhongxing Xu void ViewGraph(ExplodedNode** Beg, ExplodedNode** End); 1271eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 128b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// getInitialState - Return the initial state used for the root vertex 129b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// in the ExplodedGraph. 13018c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek const ProgramState *getInitialState(const LocationContext *InitLoc); 1311eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 132031ccc0555a82afc2e8afe29e19dd57ff204e2deZhongxing Xu ExplodedGraph& getGraph() { return G; } 133031ccc0555a82afc2e8afe29e19dd57ff204e2deZhongxing Xu const ExplodedGraph& getGraph() const { return G; } 13450a6d0ce344c02782e0207574005c3b2aaa5077cTed Kremenek 135e36de1fe51c39d9161915dd3dbef880954af6476Ted Kremenek /// processCFGElement - Called by CoreEngine. Used to generate new successor 1369c6cd67ea416bace666d614c84d5531124287653Zhongxing Xu /// nodes by processing the 'effects' of a CFG element. 137e36de1fe51c39d9161915dd3dbef880954af6476Ted Kremenek void processCFGElement(const CFGElement E, StmtNodeBuilder& builder); 1389c6cd67ea416bace666d614c84d5531124287653Zhongxing Xu 139d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis void ProcessStmt(const CFGStmt S, StmtNodeBuilder &builder); 1409c6cd67ea416bace666d614c84d5531124287653Zhongxing Xu 141d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis void ProcessInitializer(const CFGInitializer I, StmtNodeBuilder &builder); 1429c6cd67ea416bace666d614c84d5531124287653Zhongxing Xu 143d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis void ProcessImplicitDtor(const CFGImplicitDtor D, StmtNodeBuilder &builder); 1441eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 1454ffcb9974c6b7142c4a1483abfcb1f88b6371c45Zhongxing Xu void ProcessAutomaticObjDtor(const CFGAutomaticObjDtor D, 146d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis StmtNodeBuilder &builder); 147d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis void ProcessBaseDtor(const CFGBaseDtor D, StmtNodeBuilder &builder); 148d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis void ProcessMemberDtor(const CFGMemberDtor D, StmtNodeBuilder &builder); 1494ffcb9974c6b7142c4a1483abfcb1f88b6371c45Zhongxing Xu void ProcessTemporaryDtor(const CFGTemporaryDtor D, 150d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis StmtNodeBuilder &builder); 1514ffcb9974c6b7142c4a1483abfcb1f88b6371c45Zhongxing Xu 15227c54e57c4a012dcdf2b40cf985b70d0b9caa69eTed Kremenek /// Called by CoreEngine when processing the entrance of a CFGBlock. 15327c54e57c4a012dcdf2b40cf985b70d0b9caa69eTed Kremenek virtual void processCFGBlockEntrance(ExplodedNodeSet &dstNodes, 15427c54e57c4a012dcdf2b40cf985b70d0b9caa69eTed Kremenek GenericNodeBuilder<BlockEntrance> &nodeBuilder); 15527c54e57c4a012dcdf2b40cf985b70d0b9caa69eTed Kremenek 156d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis /// ProcessBranch - Called by CoreEngine. Used to generate successor 157b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// nodes by processing the 'effects' of a branch condition. 1589c378f705405d37f49795d5e915989de774fe11fTed Kremenek void processBranch(const Stmt *Condition, const Stmt *Term, 159d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis BranchNodeBuilder& builder); 1601eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 161e36de1fe51c39d9161915dd3dbef880954af6476Ted Kremenek /// processIndirectGoto - Called by CoreEngine. Used to generate successor 162b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// nodes by processing the 'effects' of a computed goto jump. 163e36de1fe51c39d9161915dd3dbef880954af6476Ted Kremenek void processIndirectGoto(IndirectGotoNodeBuilder& builder); 1641eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 165d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis /// ProcessSwitch - Called by CoreEngine. Used to generate successor 166b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// nodes by processing the 'effects' of a switch statement. 167e36de1fe51c39d9161915dd3dbef880954af6476Ted Kremenek void processSwitch(SwitchNodeBuilder& builder); 1681eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 169d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis /// ProcessEndPath - Called by CoreEngine. Used to generate end-of-path 17011062b118476368fa5b294954713e5df97d8599fTed Kremenek /// nodes when the control reaches the end of a function. 171e36de1fe51c39d9161915dd3dbef880954af6476Ted Kremenek void processEndOfFunction(EndOfFunctionNodeBuilder& builder); 172102acd5369bbb17c0d6ab868af376671acff7a93Douglas Gregor 173ccc263b44c62ce3a02f797a3ddb3d6017cf0e5e4Ted Kremenek /// Generate the entry node of the callee. 174e36de1fe51c39d9161915dd3dbef880954af6476Ted Kremenek void processCallEnter(CallEnterNodeBuilder &builder); 175102acd5369bbb17c0d6ab868af376671acff7a93Douglas Gregor 176ccc263b44c62ce3a02f797a3ddb3d6017cf0e5e4Ted Kremenek /// Generate the first post callsite node. 177e36de1fe51c39d9161915dd3dbef880954af6476Ted Kremenek void processCallExit(CallExitNodeBuilder &builder); 178102acd5369bbb17c0d6ab868af376671acff7a93Douglas Gregor 179d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis /// Called by CoreEngine when the analysis worklist has terminated. 180e36de1fe51c39d9161915dd3dbef880954af6476Ted Kremenek void processEndWorklist(bool hasWorkRemaining); 181ccc263b44c62ce3a02f797a3ddb3d6017cf0e5e4Ted Kremenek 1829c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek /// evalAssume - Callback function invoked by the ConstraintManager when 18332a58084a4c53e6938dd81bfce224db25a5976d1Ted Kremenek /// making assumptions about state values. 18418c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek const ProgramState *processAssume(const ProgramState *state, SVal cond,bool assumption); 1851eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 18618c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek /// wantsRegionChangeUpdate - Called by ProgramStateManager to determine if a 187e36de1fe51c39d9161915dd3dbef880954af6476Ted Kremenek /// region change should trigger a processRegionChanges update. 18818c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek bool wantsRegionChangeUpdate(const ProgramState *state); 189c2b7dfaad674587cfd220ff447b3710d252130c3Jordy Rose 19018c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek /// processRegionChanges - Called by ProgramStateManager whenever a change is made 191c2b7dfaad674587cfd220ff447b3710d252130c3Jordy Rose /// to the store. Used to update checkers that track region values. 19218c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek const ProgramState * 19318c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek processRegionChanges(const ProgramState *state, 19435bdbf40624beba3fc00cb72ab444659939c1a6bTed Kremenek const StoreManager::InvalidatedSymbols *invalidated, 195537716ad8dd10f984b6cfe6985afade1185c5e3cJordy Rose ArrayRef<const MemRegion *> ExplicitRegions, 196537716ad8dd10f984b6cfe6985afade1185c5e3cJordy Rose ArrayRef<const MemRegion *> Regions); 197c2b7dfaad674587cfd220ff447b3710d252130c3Jordy Rose 198dbd658e139b3e0bf084f75feaea8d844af9e319fJordy Rose /// printState - Called by ProgramStateManager to print checker-specific data. 199dbd658e139b3e0bf084f75feaea8d844af9e319fJordy Rose void printState(raw_ostream &Out, const ProgramState *State, 200dbd658e139b3e0bf084f75feaea8d844af9e319fJordy Rose const char *NL, const char *Sep); 201dbd658e139b3e0bf084f75feaea8d844af9e319fJordy Rose 20218c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek virtual ProgramStateManager& getStateManager() { return StateMgr; } 20390e72e4106a0c3efa7575e9f9cba0c775bb54552Zhongxing Xu 20490e72e4106a0c3efa7575e9f9cba0c775bb54552Zhongxing Xu StoreManager& getStoreManager() { return StateMgr.getStoreManager(); } 2051eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 206a516ce16b472e61924f5dd10d181c3e8330979afTed Kremenek ConstraintManager& getConstraintManager() { 207a516ce16b472e61924f5dd10d181c3e8330979afTed Kremenek return StateMgr.getConstraintManager(); 208a516ce16b472e61924f5dd10d181c3e8330979afTed Kremenek } 2091eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 210c8413fd03f73084a5c93028f8b4db619fc388087Ted Kremenek // FIXME: Remove when we migrate over to just using SValBuilder. 2116297a8ec313c722db50f686fd190842b7ea91118Ted Kremenek BasicValueFactory& getBasicVals() { 2126297a8ec313c722db50f686fd190842b7ea91118Ted Kremenek return StateMgr.getBasicVals(); 2136297a8ec313c722db50f686fd190842b7ea91118Ted Kremenek } 2146297a8ec313c722db50f686fd190842b7ea91118Ted Kremenek const BasicValueFactory& getBasicVals() const { 2156297a8ec313c722db50f686fd190842b7ea91118Ted Kremenek return StateMgr.getBasicVals(); 2166297a8ec313c722db50f686fd190842b7ea91118Ted Kremenek } 2171eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 218044b6f0417cb98741f277602fabf5f07ec9a02c0Ted Kremenek // FIXME: Remove when we migrate over to just using ValueManager. 21900a3a5f024ac54088ab887712b292171188064f0Ted Kremenek SymbolManager& getSymbolManager() { return SymMgr; } 22000a3a5f024ac54088ab887712b292171188064f0Ted Kremenek const SymbolManager& getSymbolManager() const { return SymMgr; } 2211eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 222bc42c533e7d3d946704a49e242939dd232f33072Tom Care // Functions for external checking of whether we have unfinished work 223422ab7a49a9a4252dbc6350e49d7a5708337b9c7Ted Kremenek bool wasBlocksExhausted() const { return Engine.wasBlocksExhausted(); } 224d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis bool hasEmptyWorkList() const { return !Engine.getWorkList()->hasWork(); } 225422ab7a49a9a4252dbc6350e49d7a5708337b9c7Ted Kremenek bool hasWorkRemaining() const { return Engine.hasWorkRemaining(); } 226bc42c533e7d3d946704a49e242939dd232f33072Tom Care 227d2592a34a059e7cbb2b11dc53649ac4912422909Argyrios Kyrtzidis const CoreEngine &getCoreEngine() const { return Engine; } 228bc42c533e7d3d946704a49e242939dd232f33072Tom Care 2291670e403c48f3af4fceff3f6773a0e1cfc6c4eb3Ted Kremenekpublic: 2309c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *MakeNode(ExplodedNodeSet &Dst, const Stmt *S, 23118c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek ExplodedNode *Pred, const ProgramState *St, 232bb141217871e93767aa3f2de1b9946fa6d37066aZhongxing Xu ProgramPoint::Kind K = ProgramPoint::PostStmtKind, 233ca804539d908d3a0e8c72a0df5f1f571d29490bbTed Kremenek const ProgramPointTag *tag = 0); 2347b71c1977cccafa23f9ecb3b0b22199e61ae634cZhongxing Xu 235b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// Visit - Transfer function logic for all statements. Dispatches to 236b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// other functions that handle specific kinds of statements. 2379c378f705405d37f49795d5e915989de774fe11fTed Kremenek void Visit(const Stmt *S, ExplodedNode *Pred, ExplodedNodeSet &Dst); 2381eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 239c5b1bf10133a8ecbfe9e6b3ec92bae84e3d927e8Ted Kremenek /// VisitArraySubscriptExpr - Transfer function for array accesses. 2409c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitLvalArraySubscriptExpr(const ArraySubscriptExpr *Ex, 2419c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *Pred, 2429c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 2431eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 244ef44bfb9d0f15ba0391f8346c9f01355fb450a09Ted Kremenek /// VisitAsmStmt - Transfer function logic for inline asm. 2459c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitAsmStmt(const AsmStmt *A, ExplodedNode *Pred, ExplodedNodeSet &Dst); 2461eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 2479c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitAsmStmtHelperOutputs(const AsmStmt *A, 24803509aea098772644bf4662dc1c88634818ceeccZhongxing Xu AsmStmt::const_outputs_iterator I, 24903509aea098772644bf4662dc1c88634818ceeccZhongxing Xu AsmStmt::const_outputs_iterator E, 2509c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst); 2511eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 2529c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitAsmStmtHelperInputs(const AsmStmt *A, 25303509aea098772644bf4662dc1c88634818ceeccZhongxing Xu AsmStmt::const_inputs_iterator I, 25403509aea098772644bf4662dc1c88634818ceeccZhongxing Xu AsmStmt::const_inputs_iterator E, 2559c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst); 256c95ad9ff6e574aecdd759542d5578bc65d586d93Ted Kremenek 257c95ad9ff6e574aecdd759542d5578bc65d586d93Ted Kremenek /// VisitBlockExpr - Transfer function logic for BlockExprs. 25803509aea098772644bf4662dc1c88634818ceeccZhongxing Xu void VisitBlockExpr(const BlockExpr *BE, ExplodedNode *Pred, 25903509aea098772644bf4662dc1c88634818ceeccZhongxing Xu ExplodedNodeSet &Dst); 2601eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 261b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// VisitBinaryOperator - Transfer function logic for binary operators. 2629c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitBinaryOperator(const BinaryOperator* B, ExplodedNode *Pred, 2639c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 264469ecbded3616416ef938ed94a67f86149faf226Ted Kremenek 2651eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 266de43424560f1a744de6214dab6bbee28ad8437f5Ted Kremenek /// VisitCall - Transfer function for function calls. 2679c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitCallExpr(const CallExpr *CE, ExplodedNode *Pred, 2689c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 2691eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 270b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// VisitCast - Transfer function logic for all casts (implicit and explicit). 27103509aea098772644bf4662dc1c88634818ceeccZhongxing Xu void VisitCast(const CastExpr *CastE, const Expr *Ex, ExplodedNode *Pred, 272892697dd2287caf7c29aaaa82909b0e90b8b63feTed Kremenek ExplodedNodeSet &Dst); 273e1c2a675e0c089e1f53cbd55d2197a8beaa852aeTed Kremenek 2744f09027385466f1f4c382c80ca77157e2aef97d9Ted Kremenek /// VisitCompoundLiteralExpr - Transfer function logic for compound literals. 2759c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitCompoundLiteralExpr(const CompoundLiteralExpr *CL, 2769c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst); 2771eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 278892697dd2287caf7c29aaaa82909b0e90b8b63feTed Kremenek /// Transfer function logic for DeclRefExprs and BlockDeclRefExprs. 2799c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitCommonDeclRefExpr(const Expr *DR, const NamedDecl *D, 2809c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst); 28167d1287035767f4f6c8ca0c2bb755990012a44caTed Kremenek 282b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// VisitDeclStmt - Transfer function logic for DeclStmts. 2839c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitDeclStmt(const DeclStmt *DS, ExplodedNode *Pred, 2849c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 2851eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 286b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// VisitGuardedExpr - Transfer function logic for ?, __builtin_choose 2879c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitGuardedExpr(const Expr *Ex, const Expr *L, const Expr *R, 2889c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst); 28961dfbecd8e6181b2ba42ffb5feede27a2bab3b8aTed Kremenek 2909c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitInitListExpr(const InitListExpr *E, ExplodedNode *Pred, 2919c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 292c4f8706b6539e06a5de153bd72850bb2e0a71456Zhongxing Xu 293b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// VisitLogicalExpr - Transfer function logic for '&&', '||' 2949c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitLogicalExpr(const BinaryOperator* B, ExplodedNode *Pred, 2959c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 2961eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 297469ecbded3616416ef938ed94a67f86149faf226Ted Kremenek /// VisitMemberExpr - Transfer function for member expressions. 2989c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitMemberExpr(const MemberExpr *M, ExplodedNode *Pred, 2999c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 3001eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3014beaa9f51b2da57c64740cef2bd1c2fdb0c325d5Ted Kremenek /// Transfer function logic for ObjCAtSynchronizedStmts. 3024beaa9f51b2da57c64740cef2bd1c2fdb0c325d5Ted Kremenek void VisitObjCAtSynchronizedStmt(const ObjCAtSynchronizedStmt *S, 3034beaa9f51b2da57c64740cef2bd1c2fdb0c325d5Ted Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst); 3044beaa9f51b2da57c64740cef2bd1c2fdb0c325d5Ted Kremenek 305892697dd2287caf7c29aaaa82909b0e90b8b63feTed Kremenek /// Transfer function logic for computing the lvalue of an Objective-C ivar. 3069c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitLvalObjCIvarRefExpr(const ObjCIvarRefExpr *DR, ExplodedNode *Pred, 3079c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 308af3374187c47acea45706eab6744be6b1c66a856Ted Kremenek 309af3374187c47acea45706eab6744be6b1c66a856Ted Kremenek /// VisitObjCForCollectionStmt - Transfer function logic for 310af3374187c47acea45706eab6744be6b1c66a856Ted Kremenek /// ObjCForCollectionStmt. 3119c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitObjCForCollectionStmt(const ObjCForCollectionStmt *S, 3129c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst); 3131eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3144410a935e8d8ee3c903b858bbf74ca24fce629b5Ted Kremenek void VisitObjCMessage(const ObjCMessage &msg, ExplodedNode *Pred, 3159c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 3161eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 31702737ed29d7fff2206f7c7ee958cdf0665e35542Ted Kremenek /// VisitReturnStmt - Transfer function logic for return statements. 3189c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitReturnStmt(const ReturnStmt *R, ExplodedNode *Pred, 3199c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 3208ecdb65716cd7914ffb2eeee993fa9039fcd31e8Douglas Gregor 3218ecdb65716cd7914ffb2eeee993fa9039fcd31e8Douglas Gregor /// VisitOffsetOfExpr - Transfer function for offsetof. 3229c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitOffsetOfExpr(const OffsetOfExpr *Ex, ExplodedNode *Pred, 3239c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 3241eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 325f4e3cfbe8abd124be6341ef5d714819b4fbd9082Peter Collingbourne /// VisitUnaryExprOrTypeTraitExpr - Transfer function for sizeof. 3269c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitUnaryExprOrTypeTraitExpr(const UnaryExprOrTypeTraitExpr *Ex, 3279c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst); 3281eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 329b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek /// VisitUnaryOperator - Transfer function logic for unary operators. 3309c378f705405d37f49795d5e915989de774fe11fTed Kremenek void VisitUnaryOperator(const UnaryOperator* B, ExplodedNode *Pred, 3319c378f705405d37f49795d5e915989de774fe11fTed Kremenek ExplodedNodeSet &Dst); 332bb141217871e93767aa3f2de1b9946fa6d37066aZhongxing Xu 33303509aea098772644bf4662dc1c88634818ceeccZhongxing Xu void VisitCXXThisExpr(const CXXThisExpr *TE, ExplodedNode *Pred, 334bb141217871e93767aa3f2de1b9946fa6d37066aZhongxing Xu ExplodedNodeSet & Dst); 335d706434b0231c76fd9acf30060646a7aa8f69aefZhongxing Xu 336d706434b0231c76fd9acf30060646a7aa8f69aefZhongxing Xu void VisitCXXTemporaryObjectExpr(const CXXTemporaryObjectExpr *expr, 337892697dd2287caf7c29aaaa82909b0e90b8b63feTed Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst) { 338892697dd2287caf7c29aaaa82909b0e90b8b63feTed Kremenek VisitCXXConstructExpr(expr, 0, Pred, Dst); 339d706434b0231c76fd9acf30060646a7aa8f69aefZhongxing Xu } 340d706434b0231c76fd9acf30060646a7aa8f69aefZhongxing Xu 3417ce351db56fbce162a3b650518ce05b5c61ebf36Zhongxing Xu void VisitCXXConstructExpr(const CXXConstructExpr *E, const MemRegion *Dest, 342892697dd2287caf7c29aaaa82909b0e90b8b63feTed Kremenek ExplodedNode *Pred, ExplodedNodeSet &Dst); 343950db87e5efe2ff0c7234116929f8637aaf7ae7aZhongxing Xu 344b13453bd8a91f331d0910ca95ad52aa41b52f648Zhongxing Xu void VisitCXXDestructor(const CXXDestructorDecl *DD, 345b13453bd8a91f331d0910ca95ad52aa41b52f648Zhongxing Xu const MemRegion *Dest, const Stmt *S, 346b13453bd8a91f331d0910ca95ad52aa41b52f648Zhongxing Xu ExplodedNode *Pred, ExplodedNodeSet &Dst); 347b13453bd8a91f331d0910ca95ad52aa41b52f648Zhongxing Xu 34803509aea098772644bf4662dc1c88634818ceeccZhongxing Xu void VisitCXXNewExpr(const CXXNewExpr *CNE, ExplodedNode *Pred, 349856c6bcaea56e05255e9f3997ddd56b5c18a14f0Zhongxing Xu ExplodedNodeSet &Dst); 350856c6bcaea56e05255e9f3997ddd56b5c18a14f0Zhongxing Xu 35103509aea098772644bf4662dc1c88634818ceeccZhongxing Xu void VisitCXXDeleteExpr(const CXXDeleteExpr *CDE, ExplodedNode *Pred, 3526b8513829895e56a7b97e787ea74520bc626512eZhongxing Xu ExplodedNodeSet &Dst); 3536b8513829895e56a7b97e787ea74520bc626512eZhongxing Xu 3547ce351db56fbce162a3b650518ce05b5c61ebf36Zhongxing Xu void VisitAggExpr(const Expr *E, const MemRegion *Dest, ExplodedNode *Pred, 3557b71c1977cccafa23f9ecb3b0b22199e61ae634cZhongxing Xu ExplodedNodeSet &Dst); 3567b71c1977cccafa23f9ecb3b0b22199e61ae634cZhongxing Xu 357bc37b8dd9914e02580f531fa6e5e72be34d9675eZhongxing Xu /// Create a C++ temporary object for an rvalue. 358eea72a925f294225391ecec876a342771c09b635Ted Kremenek void CreateCXXTemporaryObject(const MaterializeTemporaryExpr *ME, 359eea72a925f294225391ecec876a342771c09b635Ted Kremenek ExplodedNode *Pred, 360bc37b8dd9914e02580f531fa6e5e72be34d9675eZhongxing Xu ExplodedNodeSet &Dst); 361bc37b8dd9914e02580f531fa6e5e72be34d9675eZhongxing Xu 3628e18c1b840882d26039503629d7e4ad4822f3bdaZhongxing Xu /// Synthesize CXXThisRegion. 3639dc84c9455df2a77195147d0210c915dc1775a88Zhongxing Xu const CXXThisRegion *getCXXThisRegion(const CXXRecordDecl *RD, 3648e18c1b840882d26039503629d7e4ad4822f3bdaZhongxing Xu const StackFrameContext *SFC); 3658e18c1b840882d26039503629d7e4ad4822f3bdaZhongxing Xu 36632303020d0f1a21cbcab65ae0c69a4218dc8f0fbZhongxing Xu const CXXThisRegion *getCXXThisRegion(const CXXMethodDecl *decl, 36732303020d0f1a21cbcab65ae0c69a4218dc8f0fbZhongxing Xu const StackFrameContext *frameCtx); 36832303020d0f1a21cbcab65ae0c69a4218dc8f0fbZhongxing Xu 369b17b1b3cc2b0d4d3b263b9384571bbc7f3995771Zhongxing Xu /// Evaluate arguments with a work list algorithm. 3709c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek void evalArguments(ConstExprIterator AI, ConstExprIterator AE, 371b17b1b3cc2b0d4d3b263b9384571bbc7f3995771Zhongxing Xu const FunctionProtoType *FnType, 37282c63bfa0c5130e0cf274c1974b6157ebefc04feMarcin Swiderski ExplodedNode *Pred, ExplodedNodeSet &Dst, 37382c63bfa0c5130e0cf274c1974b6157ebefc04feMarcin Swiderski bool FstArgAsLValue = false); 374b277159055933e610bbc80262b600d3ad7e0595cTed Kremenek 375b277159055933e610bbc80262b600d3ad7e0595cTed Kremenek /// Evaluate callee expression (for a function call). 376b277159055933e610bbc80262b600d3ad7e0595cTed Kremenek void evalCallee(const CallExpr *callExpr, const ExplodedNodeSet &src, 377b277159055933e610bbc80262b600d3ad7e0595cTed Kremenek ExplodedNodeSet &dest); 3786a02b609c2e23b28d24f9db4c8006137c6b55ae4Marcin Swiderski 3799c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek /// evalEagerlyAssume - Given the nodes in 'Src', eagerly assume symbolic 38048af2a9c1ed3259512f2d1431720add1fbe8fb5fTed Kremenek /// expressions of the form 'x != 0' and generate new nodes (stored in Dst) 38148af2a9c1ed3259512f2d1431720add1fbe8fb5fTed Kremenek /// with those assumptions. 3829c378f705405d37f49795d5e915989de774fe11fTed Kremenek void evalEagerlyAssume(ExplodedNodeSet &Dst, ExplodedNodeSet &Src, 38303509aea098772644bf4662dc1c88634818ceeccZhongxing Xu const Expr *Ex); 3846c7511db998817e64f2e124013e7d7c9a430c580Ted Kremenek 3856c7511db998817e64f2e124013e7d7c9a430c580Ted Kremenek std::pair<const ProgramPointTag *, const ProgramPointTag*> 3866c7511db998817e64f2e124013e7d7c9a430c580Ted Kremenek getEagerlyAssumeTags(); 3871eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3889c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek SVal evalMinus(SVal X) { 3899c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek return X.isValid() ? svalBuilder.evalMinus(cast<NonLoc>(X)) : X; 390b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek } 3911eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 3929c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek SVal evalComplement(SVal X) { 3939c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek return X.isValid() ? svalBuilder.evalComplement(cast<NonLoc>(X)) : X; 39490e420321f60860f4c4e7a68ca9f7567824b46ecTed Kremenek } 395248072a8b9cd956c4ac63172fc2af09790f7c6a9Zhongxing Xu 3961670e403c48f3af4fceff3f6773a0e1cfc6c4eb3Ted Kremenekpublic: 3971eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 39818c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek SVal evalBinOp(const ProgramState *state, BinaryOperator::Opcode op, 399cd8f6ac9b613e1fe962ebf9c87d822ce765275e6Ted Kremenek NonLoc L, NonLoc R, QualType T) { 4009c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek return svalBuilder.evalBinOpNN(state, op, L, R, T); 4016297a8ec313c722db50f686fd190842b7ea91118Ted Kremenek } 40210c16657eec144def180ee53d1e0249c9ed2b3b5Ted Kremenek 40318c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek SVal evalBinOp(const ProgramState *state, BinaryOperator::Opcode op, 404cd8f6ac9b613e1fe962ebf9c87d822ce765275e6Ted Kremenek NonLoc L, SVal R, QualType T) { 4059c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek return R.isValid() ? svalBuilder.evalBinOpNN(state,op,L, cast<NonLoc>(R), T) : R; 406b640b3b5dfccaf259967cb2cb6755c9aa20d4423Ted Kremenek } 4071eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 40818c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek SVal evalBinOp(const ProgramState *ST, BinaryOperator::Opcode Op, 409ff4264dae31cf42807b64ecc114906b0b835690aTed Kremenek SVal LHS, SVal RHS, QualType T) { 4109c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek return svalBuilder.evalBinOp(ST, Op, LHS, RHS, T); 411ff4264dae31cf42807b64ecc114906b0b835690aTed Kremenek } 4125b9bd2137ebef350af803c634e3fdf5d74678100Ted Kremenek 4131670e403c48f3af4fceff3f6773a0e1cfc6c4eb3Ted Kremenekprotected: 4149c378f705405d37f49795d5e915989de774fe11fTed Kremenek void evalObjCMessage(ExplodedNodeSet &Dst, const ObjCMessage &msg, 415500abad7edfcc2409b18dd616cdbc28a094926f5Jordy Rose ExplodedNode *Pred, const ProgramState *state); 4161670e403c48f3af4fceff3f6773a0e1cfc6c4eb3Ted Kremenek 417e38dd95dddb8f1b38469c8d0e28aa1c660489324Jordy Rose const ProgramState *invalidateArguments(const ProgramState *State, 418e38dd95dddb8f1b38469c8d0e28aa1c660489324Jordy Rose const CallOrObjCMessage &Call, 419e38dd95dddb8f1b38469c8d0e28aa1c660489324Jordy Rose const LocationContext *LC); 420e38dd95dddb8f1b38469c8d0e28aa1c660489324Jordy Rose 42118c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek const ProgramState *MarkBranch(const ProgramState *St, const Stmt *Terminator, 4221670e403c48f3af4fceff3f6773a0e1cfc6c4eb3Ted Kremenek bool branchTaken); 4231eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4249c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek /// evalBind - Handle the semantics of binding a value to a specific location. 4259c14953d0c84f7cf5adfb4cd3c0f05a9b1723c1cTed Kremenek /// This method is used by evalStore, VisitDeclStmt, and others. 4269c378f705405d37f49795d5e915989de774fe11fTed Kremenek void evalBind(ExplodedNodeSet &Dst, const Stmt *StoreE, ExplodedNode *Pred, 42793bd5ca766c4d7906878f4ffe76ce1b2080e540bJordy Rose SVal location, SVal Val, bool atDeclInit = false); 4281eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 4291670e403c48f3af4fceff3f6773a0e1cfc6c4eb3Ted Kremenekpublic: 430b4b817d704287836b52b34369009e682f208aa2bTed Kremenek // FIXME: 'tag' should be removed, and a LocationContext should be used 431b4b817d704287836b52b34369009e682f208aa2bTed Kremenek // instead. 432834f9de3d3d76986d09f41725a70ba45a3e2aecdZhanyong Wan // FIXME: Comment on the meaning of the arguments, when 'St' may not 433834f9de3d3d76986d09f41725a70ba45a3e2aecdZhanyong Wan // be the same as Pred->state, and when 'location' may not be the 434834f9de3d3d76986d09f41725a70ba45a3e2aecdZhanyong Wan // same as state->getLValue(Ex). 435834f9de3d3d76986d09f41725a70ba45a3e2aecdZhanyong Wan /// Simulate a read of the result of Ex. 4369c378f705405d37f49795d5e915989de774fe11fTed Kremenek void evalLoad(ExplodedNodeSet &Dst, const Expr *Ex, ExplodedNode *Pred, 43718c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek const ProgramState *St, SVal location, const ProgramPointTag *tag = 0, 438652be346f74feba027bcbdeb6a3e3f4755a0e62cZhongxing Xu QualType LoadTy = QualType()); 4391eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 440b4b817d704287836b52b34369009e682f208aa2bTed Kremenek // FIXME: 'tag' should be removed, and a LocationContext should be used 441b4b817d704287836b52b34369009e682f208aa2bTed Kremenek // instead. 4429c378f705405d37f49795d5e915989de774fe11fTed Kremenek void evalStore(ExplodedNodeSet &Dst, const Expr *AssignE, const Expr *StoreE, 44318c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek ExplodedNode *Pred, const ProgramState *St, SVal TargetLV, SVal Val, 444ca804539d908d3a0e8c72a0df5f1f571d29490bbTed Kremenek const ProgramPointTag *tag = 0); 445834f9de3d3d76986d09f41725a70ba45a3e2aecdZhanyong Wanprivate: 4469c378f705405d37f49795d5e915989de774fe11fTed Kremenek void evalLoadCommon(ExplodedNodeSet &Dst, const Expr *Ex, ExplodedNode *Pred, 44718c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek const ProgramState *St, SVal location, const ProgramPointTag *tag, 448852274d4257134906995cb252fb3dfd2d71deae8Ted Kremenek QualType LoadTy); 449852274d4257134906995cb252fb3dfd2d71deae8Ted Kremenek 450852274d4257134906995cb252fb3dfd2d71deae8Ted Kremenek // FIXME: 'tag' should be removed, and a LocationContext should be used 451852274d4257134906995cb252fb3dfd2d71deae8Ted Kremenek // instead. 4529c378f705405d37f49795d5e915989de774fe11fTed Kremenek void evalLocation(ExplodedNodeSet &Dst, const Stmt *S, ExplodedNode *Pred, 45318c66fdc3c4008d335885695fe36fb5353c5f672Ted Kremenek const ProgramState *St, SVal location, 454ca804539d908d3a0e8c72a0df5f1f571d29490bbTed Kremenek const ProgramPointTag *tag, bool isLoad); 4551c625f25055331bf76ab5479a8060d2b0f61e8b8Zhongxing Xu 4561c625f25055331bf76ab5479a8060d2b0f61e8b8Zhongxing Xu bool InlineCall(ExplodedNodeSet &Dst, const CallExpr *CE, ExplodedNode *Pred); 457e5cfd52a3a5d4bb46f77323fa8fa0b973fcde7bcTed Kremenek 458e5cfd52a3a5d4bb46f77323fa8fa0b973fcde7bcTed Kremenek 459e5cfd52a3a5d4bb46f77323fa8fa0b973fcde7bcTed Kremenekpublic: 460e5cfd52a3a5d4bb46f77323fa8fa0b973fcde7bcTed Kremenek /// Returns true if calling the specific function or method would possibly 461e5cfd52a3a5d4bb46f77323fa8fa0b973fcde7bcTed Kremenek /// cause global variables to be invalidated. 462e5cfd52a3a5d4bb46f77323fa8fa0b973fcde7bcTed Kremenek bool doesInvalidateGlobals(const CallOrObjCMessage &callOrMessage) const; 463e5cfd52a3a5d4bb46f77323fa8fa0b973fcde7bcTed Kremenek 464b387a3f23e423d62c053be86294b703da1d1a222Ted Kremenek}; 4651eb4433ac451dc16f4133a88af2d002ac26c58efMike Stump 46665423aeb996a296cf2964f136ce4a4a937bd1687Zhongxing Xu} // end ento namespace 4675a4f98ff943e6a501b0fe47ade007c9bbf96cb88Argyrios Kyrtzidis 468c0c3f5dbc9e78aa53a86c7d5e3eeda23ddad93d6Ted Kremenek} // end clang namespace 469c0c3f5dbc9e78aa53a86c7d5e3eeda23ddad93d6Ted Kremenek 470d065d6080f0620bb80b933f3f5d52d37bb2ea770Ted Kremenek#endif 471