ProgramState.h revision 6bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89
1ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//== ProgramState.h - Path-sensitive "State" for tracking values -*- C++ -*--=// 2ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// 3ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// The LLVM Compiler Infrastructure 4ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// 5ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// This file is distributed under the University of Illinois Open Source 6ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// License. See LICENSE.TXT for details. 7ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// 8ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 9ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// 1053b890ba226e8c84a157ab5e757b93666cc6859dAnna Zaks// This file defines the state of the program along the analysisa path. 11ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// 12ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 13ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 14ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#ifndef LLVM_CLANG_GR_VALUESTATE_H 15ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#define LLVM_CLANG_GR_VALUESTATE_H 16ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 17ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#include "clang/Basic/LLVM.h" 18ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/ConstraintManager.h" 19e54778d77d4f2b2d006bdb7e16f49271e1e9d13dAnna Zaks#include "clang/StaticAnalyzer/Core/PathSensitive/DynamicTypeInfo.h" 20ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/Environment.h" 218bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/ProgramState_Fwd.h" 2230a2e16f6c27f888dd11eba6bbbae1e980078fcbChandler Carruth#include "clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h" 2330a2e16f6c27f888dd11eba6bbbae1e980078fcbChandler Carruth#include "clang/StaticAnalyzer/Core/PathSensitive/Store.h" 24ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks#include "clang/StaticAnalyzer/Core/PathSensitive/TaintTag.h" 25ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#include "llvm/ADT/FoldingSet.h" 26ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#include "llvm/ADT/ImmutableMap.h" 2730a2e16f6c27f888dd11eba6bbbae1e980078fcbChandler Carruth#include "llvm/ADT/PointerIntPair.h" 28651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines#include "llvm/Support/Allocator.h" 29ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 30ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremeneknamespace llvm { 31ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekclass APSInt; 32ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 33ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 34ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremeneknamespace clang { 35ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekclass ASTContext; 36ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 37ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremeneknamespace ento { 38ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 39740d490593e0de8732a697c9f77b90ddd463863bJordan Roseclass CallEvent; 40972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Roseclass CallEventManager; 418bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek 42ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektypedef ConstraintManager* (*ConstraintManagerCreator)(ProgramStateManager&, 43ca5d78d0bc3010164f2f9682967d64d7e305a167Jordan Rose SubEngine*); 44ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektypedef StoreManager* (*StoreManagerCreator)(ProgramStateManager&); 45ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 46ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 47ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// ProgramStateTrait - Traits used by the Generic Data Map of a ProgramState. 48ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 49ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 50ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename T> struct ProgramStatePartialTrait; 51ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 52ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename T> struct ProgramStateTrait { 53ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typedef typename T::data_type data_type; 54ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek static inline void *MakeVoidPtr(data_type D) { return (void*) D; } 55ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek static inline data_type MakeData(void *const* P) { 56ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return P ? (data_type) *P : (data_type) 0; 57ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 58ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek}; 59ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 605f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks/// \class ProgramState 61ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// ProgramState - This class encapsulates: 62ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// 63ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// 1. A mapping from expressions to values (Environment) 64ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// 2. A mapping from locations to values (Store) 65ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// 3. Constraints on symbolic values (GenericDataMap) 66ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// 67ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// Together these represent the "abstract state" of a program. 68ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// 69ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// ProgramState is intended to be used as a functional object; that is, 70ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// once it is created and made "persistent" in a FoldingSet, its 71ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// values will never change. 72ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekclass ProgramState : public llvm::FoldingSetNode { 73ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekpublic: 74ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typedef llvm::ImmutableSet<llvm::APSInt*> IntSetTy; 75ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typedef llvm::ImmutableMap<void*, void*> GenericDataMap; 76ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 77ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekprivate: 78be2fa7ebf01259b63dc52fe46c8d101c18e72269Craig Topper void operator=(const ProgramState& R) LLVM_DELETED_FUNCTION; 79ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 80ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek friend class ProgramStateManager; 81ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek friend class ExplodedGraph; 82ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek friend class ExplodedNode; 83ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 84ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateManager *stateMgr; 85ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Environment Env; // Maps a Stmt to its current SVal. 86ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Store store; // Maps a location to its current value. 87ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek GenericDataMap GDM; // Custom data stored by a client of this class. 88ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek unsigned refCount; 89ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 90ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// makeWithStore - Return a ProgramState with the same values as the current 91ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// state with the exception of using the specified Store. 928bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef makeWithStore(const StoreRef &store) const; 93ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 94ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void setStore(const StoreRef &storeRef); 95ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 96ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekpublic: 97ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// This ctor is used when creating the first ProgramState object. 98ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramState(ProgramStateManager *mgr, const Environment& env, 99ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek StoreRef st, GenericDataMap gdm); 100ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 101ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Copy ctor - We must explicitly define this or else the "Next" ptr 102ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// in FoldingSetNode will also get copied. 103ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramState(const ProgramState &RHS); 104ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 105ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ~ProgramState(); 106ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 107ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Return the ProgramStateManager associated with this state. 10847cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek ProgramStateManager &getStateManager() const { 10947cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek return *stateMgr; 11047cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek } 11147cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek 11247cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek /// Return the ConstraintManager. 11347cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek ConstraintManager &getConstraintManager() const; 114ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 115ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// getEnvironment - Return the environment associated with this state. 116ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// The environment is the mapping from expressions to values. 117ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const Environment& getEnvironment() const { return Env; } 118ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 119ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Return the store associated with this state. The store 120ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// is a mapping from locations to values. 121ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Store getStore() const { return store; } 122ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 123ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 124ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// getGDM - Return the generic data map associated with this state. 125ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek GenericDataMap getGDM() const { return GDM; } 126ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 127ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void setGDM(GenericDataMap gdm) { GDM = gdm; } 128ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 129ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Profile - Profile the contents of a ProgramState object for use in a 130ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// FoldingSet. Two ProgramState objects are considered equal if they 131ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// have the same Environment, Store, and GenericDataMap. 132a5888f61be9f8d76e9b48a453dbced50523bd2e0Argyrios Kyrtzidis static void Profile(llvm::FoldingSetNodeID& ID, const ProgramState *V) { 133ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek V->Env.Profile(ID); 134ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ID.AddPointer(V->store); 135ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek V->GDM.Profile(ID); 136ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 137ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 138ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Profile - Used to profile the contents of this object for inclusion 139ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// in a FoldingSet. 140ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void Profile(llvm::FoldingSetNodeID& ID) const { 141ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Profile(ID, this); 142ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 143ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 144ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek BasicValueFactory &getBasicVals() const; 145ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SymbolManager &getSymbolManager() const; 146ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 147ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 148ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Constraints on values. 149ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 150ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 151ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Each ProgramState records constraints on symbolic values. These constraints 152ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // are managed using the ConstraintManager associated with a ProgramStateManager. 153ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // As constraints gradually accrue on symbolic values, added constraints 154ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // may conflict and indicate that a state is infeasible (as no real values 155ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // could satisfy all the constraints). This is the principal mechanism 156ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // for modeling path-sensitivity in ExprEngine/ProgramState. 157ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 158ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Various "assume" methods form the interface for adding constraints to 159ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // symbolic values. A call to 'assume' indicates an assumption being placed 160ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // on one or symbolic values. 'assume' methods take the following inputs: 161ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 162ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // (1) A ProgramState object representing the current state. 163ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 164ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // (2) The assumed constraint (which is specific to a given "assume" method). 165ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 166ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // (3) A binary value "Assumption" that indicates whether the constraint is 167ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // assumed to be true or false. 168ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 169ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // The output of "assume*" is a new ProgramState object with the added constraints. 170ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // If no new state is feasible, NULL is returned. 171ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 172ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 173962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// Assumes that the value of \p cond is zero (if \p assumption is "false") 174962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// or non-zero (if \p assumption is "true"). 175962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// 176962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// This returns a new state with the added constraint on \p cond. 177962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// If no new state is feasible, NULL is returned. 1788bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef assume(DefinedOrUnknownSVal cond, bool assumption) const; 179ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 180962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// Assumes both "true" and "false" for \p cond, and returns both 181962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// corresponding states (respectively). 182962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// 183962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// This is more efficient than calling assume() twice. Note that one (but not 184962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// both) of the returned states may be NULL. 185962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose std::pair<ProgramStateRef, ProgramStateRef> 186ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek assume(DefinedOrUnknownSVal cond) const; 187ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 1888bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef assumeInBound(DefinedOrUnknownSVal idx, 189ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek DefinedOrUnknownSVal upperBound, 190af5f550de34525b27f0ff31dafce792caf8158b6Anna Zaks bool assumption, 191af5f550de34525b27f0ff31dafce792caf8158b6Anna Zaks QualType IndexType = QualType()) const; 192cc5dbdae70c6eb2423921f52a35ba4686d2969cfAnna Zaks 193cc5dbdae70c6eb2423921f52a35ba4686d2969cfAnna Zaks /// \brief Check if the given SVal is constrained to zero or is a zero 194cc5dbdae70c6eb2423921f52a35ba4686d2969cfAnna Zaks /// constant. 195cc5dbdae70c6eb2423921f52a35ba4686d2969cfAnna Zaks ConditionTruthVal isNull(SVal V) const; 196cc5dbdae70c6eb2423921f52a35ba4686d2969cfAnna Zaks 1975f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// Utility method for getting regions. 198ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const VarRegion* getRegion(const VarDecl *D, const LocationContext *LC) const; 199ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 200ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 201ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Binding and retrieving values to/from the environment and symbolic store. 202ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 203ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 204ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Create a new state by binding the value 'V' to the statement 'S' in the 205ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// state's environment. 2068bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef BindExpr(const Stmt *S, const LocationContext *LCtx, 2075eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek SVal V, bool Invalidate = true) const; 208ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 20932a549a64922af0903bdb777613ae7ae4490b70fTed Kremenek ProgramStateRef bindLoc(Loc location, 21032a549a64922af0903bdb777613ae7ae4490b70fTed Kremenek SVal V, 21132a549a64922af0903bdb777613ae7ae4490b70fTed Kremenek bool notifyChanges = true) const; 212ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2138bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef bindLoc(SVal location, SVal V) const; 214ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2158bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef bindDefault(SVal loc, SVal V) const; 216ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 21756a46b51df691f857f7120aaf2d4deeff0b014deTed Kremenek ProgramStateRef killBinding(Loc LV) const; 218ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 219bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// \brief Returns the state with bindings for the given regions 220bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// cleared from the store. 221bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// 222bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// Optionally invalidates global regions as well. 223bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// 224bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// \param Regions the set of regions to be invalidated. 225bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// \param E the expression that caused the invalidation. 2261655bcd052a67a3050fc55df8ecce57342352e68Anna Zaks /// \param BlockCount The number of times the current basic block has been 2271655bcd052a67a3050fc55df8ecce57342352e68Anna Zaks // visited. 22864eb070234bc4cd4fd2debf3a91c6e2d8f0d32d8Anna Zaks /// \param CausesPointerEscape the flag is set to true when 22964eb070234bc4cd4fd2debf3a91c6e2d8f0d32d8Anna Zaks /// the invalidation entails escape of a symbol (representing a 2301655bcd052a67a3050fc55df8ecce57342352e68Anna Zaks /// pointer). For example, due to it being passed as an argument in a 2311655bcd052a67a3050fc55df8ecce57342352e68Anna Zaks /// call. 232bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// \param IS the set of invalidated symbols. 2331655bcd052a67a3050fc55df8ecce57342352e68Anna Zaks /// \param Call if non-null, the invalidated regions represent parameters to 2341655bcd052a67a3050fc55df8ecce57342352e68Anna Zaks /// the call and should be considered directly invalidated. 235b7a747b0c271faeeb8d0f886f0e691eb25f637d9Anton Yartsev /// \param ITraits information about special handling for a particular 236da8d37ce42d2db4e1e76ee6f7f38f10f6b0ef0f8Anton Yartsev /// region/symbol. 237f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose ProgramStateRef 238f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose invalidateRegions(ArrayRef<const MemRegion *> Regions, const Expr *E, 239f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose unsigned BlockCount, const LocationContext *LCtx, 2406bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89Stephen Hines bool CausesPointerEscape, InvalidatedSymbols *IS = nullptr, 2416bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89Stephen Hines const CallEvent *Call = nullptr, 2426bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89Stephen Hines RegionAndSymbolInvalidationTraits *ITraits = nullptr) const; 243ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 244658a28479dd775f6ff2c07fa5699a7ea01e04127Anna Zaks ProgramStateRef 245658a28479dd775f6ff2c07fa5699a7ea01e04127Anna Zaks invalidateRegions(ArrayRef<SVal> Regions, const Expr *E, 246658a28479dd775f6ff2c07fa5699a7ea01e04127Anna Zaks unsigned BlockCount, const LocationContext *LCtx, 2476bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89Stephen Hines bool CausesPointerEscape, InvalidatedSymbols *IS = nullptr, 2486bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89Stephen Hines const CallEvent *Call = nullptr, 2496bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89Stephen Hines RegionAndSymbolInvalidationTraits *ITraits = nullptr) const; 250658a28479dd775f6ff2c07fa5699a7ea01e04127Anna Zaks 251ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// enterStackFrame - Returns the state for entry to the given stack frame, 252ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// preserving the current state. 253e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose ProgramStateRef enterStackFrame(const CallEvent &Call, 254e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose const StackFrameContext *CalleeCtx) const; 255ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 256ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Get the lvalue for a variable reference. 257ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Loc getLValue(const VarDecl *D, const LocationContext *LC) const; 258ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 259ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Loc getLValue(const CompoundLiteralExpr *literal, 260ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const LocationContext *LC) const; 261ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 262ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Get the lvalue for an ivar reference. 263ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getLValue(const ObjCIvarDecl *decl, SVal base) const; 264ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 265ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Get the lvalue for a field reference. 266ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getLValue(const FieldDecl *decl, SVal Base) const; 267ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2683a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose /// Get the lvalue for an indirect field reference. 2693a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose SVal getLValue(const IndirectFieldDecl *decl, SVal Base) const; 2703a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose 271ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Get the lvalue for an array index. 272ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getLValue(QualType ElementType, SVal Idx, SVal Base) const; 273ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 274ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Returns the SVal bound to the statement 'S' in the state's environment. 275e5a934d3c840872d58724383a83443ed38f1d831Jordan Rose SVal getSVal(const Stmt *S, const LocationContext *LCtx) const; 276ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2775eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek SVal getSValAsScalarOrLoc(const Stmt *Ex, const LocationContext *LCtx) const; 278ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2794335a48214dcbb258e08c8867c45648e25edb2ecAnna Zaks /// \brief Return the value bound to the specified location. 2804335a48214dcbb258e08c8867c45648e25edb2ecAnna Zaks /// Returns UnknownVal() if none found. 281ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getSVal(Loc LV, QualType T = QualType()) const; 282ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 283ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Returns the "raw" SVal bound to LV before any value simplfication. 284ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getRawSVal(Loc LV, QualType T= QualType()) const; 285ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2864335a48214dcbb258e08c8867c45648e25edb2ecAnna Zaks /// \brief Return the value bound to the specified location. 2874335a48214dcbb258e08c8867c45648e25edb2ecAnna Zaks /// Returns UnknownVal() if none found. 288ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getSVal(const MemRegion* R) const; 289ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 290ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getSValAsScalarOrLoc(const MemRegion *R) const; 291ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2925f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// \brief Visits the symbols reachable from the given SVal using the provided 2935f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// SymbolVisitor. 2945f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// 2955f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// This is a convenience API. Consider using ScanReachableSymbols class 2965f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// directly when making multiple scans on the same state with the same 2975f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// visitor to avoid repeated initialization cost. 2985f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// \sa ScanReachableSymbols 299ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek bool scanReachableSymbols(SVal val, SymbolVisitor& visitor) const; 300ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 3015f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// \brief Visits the symbols reachable from the SVals in the given range 3025f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// using the provided SymbolVisitor. 303ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek bool scanReachableSymbols(const SVal *I, const SVal *E, 304ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SymbolVisitor &visitor) const; 305ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 3065f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// \brief Visits the symbols reachable from the regions in the given 3075f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// MemRegions range using the provided SymbolVisitor. 308ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek bool scanReachableSymbols(const MemRegion * const *I, 309ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const MemRegion * const *E, 310ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SymbolVisitor &visitor) const; 311ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 312ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename CB> CB scanReachableSymbols(SVal val) const; 313ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename CB> CB scanReachableSymbols(const SVal *beg, 314ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const SVal *end) const; 315ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 316ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename CB> CB 317ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek scanReachableSymbols(const MemRegion * const *beg, 318ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const MemRegion * const *end) const; 319ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 320ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks /// Create a new state in which the statement is marked as tainted. 3218bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef addTaint(const Stmt *S, const LocationContext *LCtx, 322ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks TaintTagType Kind = TaintTagGeneric) const; 323ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks 324ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks /// Create a new state in which the symbol is marked as tainted. 3258bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef addTaint(SymbolRef S, 326ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks TaintTagType Kind = TaintTagGeneric) const; 327ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks 32828fd98d66dab4569316de2b5881d91b534a42461Anna Zaks /// Create a new state in which the region symbol is marked as tainted. 3298bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef addTaint(const MemRegion *R, 33028fd98d66dab4569316de2b5881d91b534a42461Anna Zaks TaintTagType Kind = TaintTagGeneric) const; 33128fd98d66dab4569316de2b5881d91b534a42461Anna Zaks 332ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks /// Check if the statement is tainted in the current state. 3335eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek bool isTainted(const Stmt *S, const LocationContext *LCtx, 3345eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek TaintTagType Kind = TaintTagGeneric) const; 335ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks bool isTainted(SVal V, TaintTagType Kind = TaintTagGeneric) const; 3369f03b62036a7abc0a227b17f4a49b9eefced9450Anna Zaks bool isTainted(SymbolRef Sym, TaintTagType Kind = TaintTagGeneric) const; 337dcf06fa1fbb9c018e152629ef3f3fa7b1acffe7aAnna Zaks bool isTainted(const MemRegion *Reg, TaintTagType Kind=TaintTagGeneric) const; 338ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks 339c7ecc43c33a21b82c49664910b19fcc1f555aa51Anna Zaks /// \brief Get dynamic type information for a region. 3402d18419a7c8f9a2975d4ed74a202de6467308ad1Anna Zaks DynamicTypeInfo getDynamicTypeInfo(const MemRegion *Reg) const; 341c7ecc43c33a21b82c49664910b19fcc1f555aa51Anna Zaks 342d4fe57f7f7a8793227effc1274d70ec44cee9a4fAnna Zaks /// \brief Set dynamic type information of the region; return the new state. 343d4fe57f7f7a8793227effc1274d70ec44cee9a4fAnna Zaks ProgramStateRef setDynamicTypeInfo(const MemRegion *Reg, 344c7ecc43c33a21b82c49664910b19fcc1f555aa51Anna Zaks DynamicTypeInfo NewTy) const; 345c7ecc43c33a21b82c49664910b19fcc1f555aa51Anna Zaks 346d4fe57f7f7a8793227effc1274d70ec44cee9a4fAnna Zaks /// \brief Set dynamic type information of the region; return the new state. 347d4fe57f7f7a8793227effc1274d70ec44cee9a4fAnna Zaks ProgramStateRef setDynamicTypeInfo(const MemRegion *Reg, 34854918ba02ba900c0e0bb4fd3d749b6b1ac4e50a9Anna Zaks QualType NewTy, 34954918ba02ba900c0e0bb4fd3d749b6b1ac4e50a9Anna Zaks bool CanBeSubClassed = true) const { 35054918ba02ba900c0e0bb4fd3d749b6b1ac4e50a9Anna Zaks return setDynamicTypeInfo(Reg, DynamicTypeInfo(NewTy, CanBeSubClassed)); 351c7ecc43c33a21b82c49664910b19fcc1f555aa51Anna Zaks } 3522d18419a7c8f9a2975d4ed74a202de6467308ad1Anna Zaks 353ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 354ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Accessing the Generic Data Map (GDM). 355ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 356ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 357ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void *const* FindGDM(void *K) const; 358ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 359ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 3608bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef add(typename ProgramStateTrait<T>::key_type K) const; 361ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 362ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 363ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::data_type 364ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek get() const { 365ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return ProgramStateTrait<T>::MakeData(FindGDM(ProgramStateTrait<T>::GDMIndex())); 366ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 367ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 368ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 369ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::lookup_type 370ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek get(typename ProgramStateTrait<T>::key_type key) const { 371ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void *const* d = FindGDM(ProgramStateTrait<T>::GDMIndex()); 372ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return ProgramStateTrait<T>::Lookup(ProgramStateTrait<T>::MakeData(d), key); 373ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 374ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 375ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 376ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type get_context() const; 377ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 378ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 379ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 3808bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef remove(typename ProgramStateTrait<T>::key_type K) const; 381ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 382ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 3838bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef remove(typename ProgramStateTrait<T>::key_type K, 384ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) const; 385ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 3868bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef remove() const; 387ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 388ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 3898bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef set(typename ProgramStateTrait<T>::data_type D) const; 390ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 391ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 3928bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef set(typename ProgramStateTrait<T>::key_type K, 393ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::value_type E) const; 394ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 395ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 3968bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef set(typename ProgramStateTrait<T>::key_type K, 397ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::value_type E, 398ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) const; 399ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 400ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 401ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek bool contains(typename ProgramStateTrait<T>::key_type key) const { 402ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void *const* d = FindGDM(ProgramStateTrait<T>::GDMIndex()); 403ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return ProgramStateTrait<T>::Contains(ProgramStateTrait<T>::MakeData(d), key); 404ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 405ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 406ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Pretty-printing. 4075eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek void print(raw_ostream &Out, const char *nl = "\n", 408ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const char *sep = "") const; 4095eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek void printDOT(raw_ostream &Out) const; 410be97b7edb112520d764c24e8b9a159cdc692bcb6Anna Zaks void printTaint(raw_ostream &Out, const char *nl = "\n", 411be97b7edb112520d764c24e8b9a159cdc692bcb6Anna Zaks const char *sep = "") const; 412ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 413d0167853f46cc78787b06255a44f9dcedd04a8ecAnna Zaks void dump() const; 414be97b7edb112520d764c24e8b9a159cdc692bcb6Anna Zaks void dumpTaint() const; 415d0167853f46cc78787b06255a44f9dcedd04a8ecAnna Zaks 416ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekprivate: 417a5888f61be9f8d76e9b48a453dbced50523bd2e0Argyrios Kyrtzidis friend void ProgramStateRetain(const ProgramState *state); 418a5888f61be9f8d76e9b48a453dbced50523bd2e0Argyrios Kyrtzidis friend void ProgramStateRelease(const ProgramState *state); 419f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose 420658a28479dd775f6ff2c07fa5699a7ea01e04127Anna Zaks /// \sa invalidateValues() 421f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose /// \sa invalidateRegions() 422f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose ProgramStateRef 423658a28479dd775f6ff2c07fa5699a7ea01e04127Anna Zaks invalidateRegionsImpl(ArrayRef<SVal> Values, 424537716ad8dd10f984b6cfe6985afade1185c5e3cJordy Rose const Expr *E, unsigned BlockCount, 4253133f79cf451e6302dd05262b4bb53a3e4fd6300Ted Kremenek const LocationContext *LCtx, 426bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks bool ResultsInSymbolEscape, 427da8d37ce42d2db4e1e76ee6f7f38f10f6b0ef0f8Anton Yartsev InvalidatedSymbols *IS, 428da8d37ce42d2db4e1e76ee6f7f38f10f6b0ef0f8Anton Yartsev RegionAndSymbolInvalidationTraits *HTraits, 429da8d37ce42d2db4e1e76ee6f7f38f10f6b0ef0f8Anton Yartsev const CallEvent *Call) const; 430ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek}; 431ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 432ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 433ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// ProgramStateManager - Factory object for ProgramStates. 434ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 435ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 436ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekclass ProgramStateManager { 437ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek friend class ProgramState; 438a5888f61be9f8d76e9b48a453dbced50523bd2e0Argyrios Kyrtzidis friend void ProgramStateRelease(const ProgramState *state); 439ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekprivate: 440ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Eng - The SubEngine that owns this state manager. 441ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SubEngine *Eng; /* Can be null. */ 442ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 443ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek EnvironmentManager EnvMgr; 444651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines std::unique_ptr<StoreManager> StoreMgr; 445651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines std::unique_ptr<ConstraintManager> ConstraintMgr; 446ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 447ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramState::GenericDataMap::Factory GDMFactory; 448ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 449ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typedef llvm::DenseMap<void*,std::pair<void*,void (*)(void*)> > GDMContextsTy; 450ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek GDMContextsTy GDMContexts; 451ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 452ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// StateSet - FoldingSet containing all the states created for analyzing 453ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// a particular function. This is used to unique states. 454ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek llvm::FoldingSet<ProgramState> StateSet; 455ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 456ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Object that manages the data for all created SVals. 457651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines std::unique_ptr<SValBuilder> svalBuilder; 458ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 459972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose /// Manages memory for created CallEvents. 460651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines std::unique_ptr<CallEventManager> CallEventMgr; 461972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 462ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// A BumpPtrAllocator to allocate states. 463ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek llvm::BumpPtrAllocator &Alloc; 464ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 465ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// A vector of ProgramStates that we can reuse. 466ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek std::vector<ProgramState *> freeStates; 467ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 468ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekpublic: 469ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateManager(ASTContext &Ctx, 470ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek StoreManagerCreator CreateStoreManager, 471ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ConstraintManagerCreator CreateConstraintManager, 472ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek llvm::BumpPtrAllocator& alloc, 473ca5d78d0bc3010164f2f9682967d64d7e305a167Jordan Rose SubEngine *subeng); 474ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 475ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ~ProgramStateManager(); 476ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 4778bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef getInitialState(const LocationContext *InitLoc); 478ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 479ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ASTContext &getContext() { return svalBuilder->getContext(); } 480ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const ASTContext &getContext() const { return svalBuilder->getContext(); } 481ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 482ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek BasicValueFactory &getBasicVals() { 483ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return svalBuilder->getBasicValueFactory(); 484ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 485ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 486ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SValBuilder &getSValBuilder() { 487ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return *svalBuilder; 488ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 489ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 490ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SymbolManager &getSymbolManager() { 491ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return svalBuilder->getSymbolManager(); 492ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 493ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const SymbolManager &getSymbolManager() const { 494ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return svalBuilder->getSymbolManager(); 495ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 496ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 497ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek llvm::BumpPtrAllocator& getAllocator() { return Alloc; } 498ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 499ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek MemRegionManager& getRegionManager() { 500ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return svalBuilder->getRegionManager(); 501ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 502ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const MemRegionManager& getRegionManager() const { 503ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return svalBuilder->getRegionManager(); 504ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 505ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 506972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose CallEventManager &getCallEventManager() { return *CallEventMgr; } 507972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 508ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek StoreManager& getStoreManager() { return *StoreMgr; } 509ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ConstraintManager& getConstraintManager() { return *ConstraintMgr; } 510ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SubEngine* getOwningEngine() { return Eng; } 511ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 5128bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef removeDeadBindings(ProgramStateRef St, 513ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const StackFrameContext *LCtx, 514ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SymbolReaper& SymReaper); 515ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 516ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekpublic: 517ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 5187f1fd2f182717d5ce6cde60398128910c90f98beAnna Zaks SVal ArrayToPointer(Loc Array, QualType ElementTy) { 5197f1fd2f182717d5ce6cde60398128910c90f98beAnna Zaks return StoreMgr->ArrayToPointer(Array, ElementTy); 520ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 521ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 522ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Methods that manipulate the GDM. 5238bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef addGDM(ProgramStateRef St, void *Key, void *Data); 5248bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef removeGDM(ProgramStateRef state, void *Key); 525ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 526ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Methods that query & manipulate the Store. 527ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 5288bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek void iterBindings(ProgramStateRef state, StoreManager::BindingsHandler& F) { 529ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek StoreMgr->iterBindings(state->getStore(), F); 530ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 531ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 5328bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef getPersistentState(ProgramState &Impl); 5338bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef getPersistentStateWithGDM(ProgramStateRef FromState, 5348bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef GDMState); 535ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 5368bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek bool haveEqualEnvironments(ProgramStateRef S1, ProgramStateRef S2) { 537ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return S1->Env == S2->Env; 538ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 539ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 5408bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek bool haveEqualStores(ProgramStateRef S1, ProgramStateRef S2) { 541ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return S1->store == S2->store; 542ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 543ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 544ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 545ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Generic Data Map methods. 546ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 547ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 548ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // ProgramStateManager and ProgramState support a "generic data map" that allows 549ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // different clients of ProgramState objects to embed arbitrary data within a 550ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // ProgramState object. The generic data map is essentially an immutable map 551ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // from a "tag" (that acts as the "key" for a client) and opaque values. 552ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Tags/keys and values are simply void* values. The typical way that clients 553ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // generate unique tags are by taking the address of a static variable. 554ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Clients are responsible for ensuring that data values referred to by a 555ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // the data pointer are immutable (and thus are essentially purely functional 556ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // data). 557ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 558ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // The templated methods below use the ProgramStateTrait<T> class 559ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // to resolve keys into the GDM and to return data values to clients. 560ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 561ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 562ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Trait based GDM dispatch. 563ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 5648bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef set(ProgramStateRef st, typename ProgramStateTrait<T>::data_type D) { 565ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return addGDM(st, ProgramStateTrait<T>::GDMIndex(), 566ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateTrait<T>::MakeVoidPtr(D)); 567ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 568ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 569ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 5708bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef set(ProgramStateRef st, 571ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::key_type K, 572ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::value_type V, 573ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) { 574ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 575ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return addGDM(st, ProgramStateTrait<T>::GDMIndex(), 576ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateTrait<T>::MakeVoidPtr(ProgramStateTrait<T>::Set(st->get<T>(), K, V, C))); 577ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 578ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 579ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 5808bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef add(ProgramStateRef st, 581ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::key_type K, 582ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) { 583ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return addGDM(st, ProgramStateTrait<T>::GDMIndex(), 584ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateTrait<T>::MakeVoidPtr(ProgramStateTrait<T>::Add(st->get<T>(), K, C))); 585ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 586ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 587ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 5888bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef remove(ProgramStateRef st, 589ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::key_type K, 590ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) { 591ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 592ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return addGDM(st, ProgramStateTrait<T>::GDMIndex(), 593ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateTrait<T>::MakeVoidPtr(ProgramStateTrait<T>::Remove(st->get<T>(), K, C))); 594ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 595ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 596ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 5978bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef remove(ProgramStateRef st) { 598ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return removeGDM(st, ProgramStateTrait<T>::GDMIndex()); 599ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 600ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 601ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void *FindGDMContext(void *index, 602ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void *(*CreateContext)(llvm::BumpPtrAllocator&), 603ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void (*DeleteContext)(void*)); 604ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 605ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 606ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type get_context() { 607ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void *p = FindGDMContext(ProgramStateTrait<T>::GDMIndex(), 608ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateTrait<T>::CreateContext, 609ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateTrait<T>::DeleteContext); 610ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 611ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return ProgramStateTrait<T>::MakeContext(p); 612ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 613ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 6148bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek void EndPath(ProgramStateRef St) { 615ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ConstraintMgr->EndPath(St); 616ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 617ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek}; 618ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 619ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 620ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 621ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// Out-of-line method definitions for ProgramState. 622ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 623ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 62447cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenekinline ConstraintManager &ProgramState::getConstraintManager() const { 62547cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek return stateMgr->getConstraintManager(); 62647cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek} 62747cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek 628ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline const VarRegion* ProgramState::getRegion(const VarDecl *D, 6295eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek const LocationContext *LC) const 6305eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek{ 631ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().getRegionManager().getVarRegion(D, LC); 632ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 633ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 6348bef8238181a30e52dea380789a7e2d760eac532Ted Kremenekinline ProgramStateRef ProgramState::assume(DefinedOrUnknownSVal Cond, 635ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek bool Assumption) const { 636ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek if (Cond.isUnknown()) 637ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return this; 6385251abea41b446c26e3239c8dd6c7edea6fc335dDavid Blaikie 6395251abea41b446c26e3239c8dd6c7edea6fc335dDavid Blaikie return getStateManager().ConstraintMgr 6405251abea41b446c26e3239c8dd6c7edea6fc335dDavid Blaikie ->assume(this, Cond.castAs<DefinedSVal>(), Assumption); 641ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 642ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 6438bef8238181a30e52dea380789a7e2d760eac532Ted Kremenekinline std::pair<ProgramStateRef , ProgramStateRef > 644ae160f880d183ab938fd7ce3b891694ae2f569c0Ted KremenekProgramState::assume(DefinedOrUnknownSVal Cond) const { 645ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek if (Cond.isUnknown()) 646ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return std::make_pair(this, this); 6475251abea41b446c26e3239c8dd6c7edea6fc335dDavid Blaikie 6485251abea41b446c26e3239c8dd6c7edea6fc335dDavid Blaikie return getStateManager().ConstraintMgr 6495251abea41b446c26e3239c8dd6c7edea6fc335dDavid Blaikie ->assumeDual(this, Cond.castAs<DefinedSVal>()); 650ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 651ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 6528bef8238181a30e52dea380789a7e2d760eac532Ted Kremenekinline ProgramStateRef ProgramState::bindLoc(SVal LV, SVal V) const { 653dc84cd5efdd3430efb22546b4ac656aa0540b210David Blaikie if (Optional<Loc> L = LV.getAs<Loc>()) 6545251abea41b446c26e3239c8dd6c7edea6fc335dDavid Blaikie return bindLoc(*L, V); 6555251abea41b446c26e3239c8dd6c7edea6fc335dDavid Blaikie return this; 656ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 657ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 658ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline Loc ProgramState::getLValue(const VarDecl *VD, 659ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const LocationContext *LC) const { 660ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().StoreMgr->getLValueVar(VD, LC); 661ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 662ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 663ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline Loc ProgramState::getLValue(const CompoundLiteralExpr *literal, 664ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const LocationContext *LC) const { 665ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().StoreMgr->getLValueCompoundLiteral(literal, LC); 666ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 667ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 668ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline SVal ProgramState::getLValue(const ObjCIvarDecl *D, SVal Base) const { 669ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().StoreMgr->getLValueIvar(D, Base); 670ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 671ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 672ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline SVal ProgramState::getLValue(const FieldDecl *D, SVal Base) const { 673ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().StoreMgr->getLValueField(D, Base); 674ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 675ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 6763a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Roseinline SVal ProgramState::getLValue(const IndirectFieldDecl *D, 6773a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose SVal Base) const { 6783a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose StoreManager &SM = *getStateManager().StoreMgr; 679651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines for (const auto *I : D->chain()) { 680651f13cea278ec967336033dd032faef0e9fc2ecStephen Hines Base = SM.getLValueField(cast<FieldDecl>(I), Base); 6813a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose } 6823a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose 6833a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose return Base; 6843a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose} 6853a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose 686ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline SVal ProgramState::getLValue(QualType ElementType, SVal Idx, SVal Base) const{ 687dc84cd5efdd3430efb22546b4ac656aa0540b210David Blaikie if (Optional<NonLoc> N = Idx.getAs<NonLoc>()) 688ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().StoreMgr->getLValueElement(ElementType, *N, Base); 689ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return UnknownVal(); 690ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 691ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 692e5a934d3c840872d58724383a83443ed38f1d831Jordan Roseinline SVal ProgramState::getSVal(const Stmt *Ex, 693e5a934d3c840872d58724383a83443ed38f1d831Jordan Rose const LocationContext *LCtx) const{ 6945eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek return Env.getSVal(EnvironmentEntry(Ex, LCtx), 695e5a934d3c840872d58724383a83443ed38f1d831Jordan Rose *getStateManager().svalBuilder); 696ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 697ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 6985eca482fe895ea57bc82410222e6426c09e63284Ted Kremenekinline SVal 6995eca482fe895ea57bc82410222e6426c09e63284Ted KremenekProgramState::getSValAsScalarOrLoc(const Stmt *S, 7005eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek const LocationContext *LCtx) const { 701ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek if (const Expr *Ex = dyn_cast<Expr>(S)) { 702ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek QualType T = Ex->getType(); 703a5796f87229b4aeebca71fa6ee1790ae7a5a0382Jordan Rose if (Ex->isGLValue() || Loc::isLocType(T) || 704a5796f87229b4aeebca71fa6ee1790ae7a5a0382Jordan Rose T->isIntegralOrEnumerationType()) 7055eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek return getSVal(S, LCtx); 706ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 707ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 708ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return UnknownVal(); 709ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 710ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 711ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline SVal ProgramState::getRawSVal(Loc LV, QualType T) const { 7121437425a62dbf7bdb0a855d3ed3b05ed2019ec1eAnna Zaks return getStateManager().StoreMgr->getBinding(getStore(), LV, T); 713ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 714ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 715ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline SVal ProgramState::getSVal(const MemRegion* R) const { 7161437425a62dbf7bdb0a855d3ed3b05ed2019ec1eAnna Zaks return getStateManager().StoreMgr->getBinding(getStore(), 7171437425a62dbf7bdb0a855d3ed3b05ed2019ec1eAnna Zaks loc::MemRegionVal(R)); 718ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 719ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 720ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline BasicValueFactory &ProgramState::getBasicVals() const { 721ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().getBasicVals(); 722ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 723ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 724ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline SymbolManager &ProgramState::getSymbolManager() const { 725ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().getSymbolManager(); 726ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 727ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 728ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate<typename T> 7298bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::add(typename ProgramStateTrait<T>::key_type K) const { 730ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().add<T>(this, K, get_context<T>()); 731ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 732ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 733ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename T> 734ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektypename ProgramStateTrait<T>::context_type ProgramState::get_context() const { 735ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().get_context<T>(); 736ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 737ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 738ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate<typename T> 7398bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::remove(typename ProgramStateTrait<T>::key_type K) const { 740ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().remove<T>(this, K, get_context<T>()); 741ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 742ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 743ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate<typename T> 7448bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::remove(typename ProgramStateTrait<T>::key_type K, 745ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) const { 746ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().remove<T>(this, K, C); 747ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 748ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 749ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename T> 7508bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::remove() const { 751ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().remove<T>(this); 752ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 753ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 754ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate<typename T> 7558bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::set(typename ProgramStateTrait<T>::data_type D) const { 756ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().set<T>(this, D); 757ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 758ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 759ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate<typename T> 7608bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::set(typename ProgramStateTrait<T>::key_type K, 761ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::value_type E) const { 762ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().set<T>(this, K, E, get_context<T>()); 763ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 764ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 765ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate<typename T> 7668bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::set(typename ProgramStateTrait<T>::key_type K, 767ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::value_type E, 768ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) const { 769ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().set<T>(this, K, E, C); 770ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 771ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 772ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename CB> 773ae160f880d183ab938fd7ce3b891694ae2f569c0Ted KremenekCB ProgramState::scanReachableSymbols(SVal val) const { 774ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek CB cb(this); 775ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek scanReachableSymbols(val, cb); 776ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return cb; 777ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 778ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 779ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename CB> 780ae160f880d183ab938fd7ce3b891694ae2f569c0Ted KremenekCB ProgramState::scanReachableSymbols(const SVal *beg, const SVal *end) const { 781ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek CB cb(this); 782ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek scanReachableSymbols(beg, end, cb); 783ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return cb; 784ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 785ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 786ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename CB> 787ae160f880d183ab938fd7ce3b891694ae2f569c0Ted KremenekCB ProgramState::scanReachableSymbols(const MemRegion * const *beg, 788ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const MemRegion * const *end) const { 789ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek CB cb(this); 790ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek scanReachableSymbols(beg, end, cb); 791ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return cb; 792ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 793ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 7945f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks/// \class ScanReachableSymbols 7955f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks/// A Utility class that allows to visit the reachable symbols using a custom 7965f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks/// SymbolVisitor. 797e0d24eb1060a213ec9820dc02c45f26b2d5b348bJordan Roseclass ScanReachableSymbols { 798d207f55cd58054aab77edca35b3e7f645738dfe2Pavel Labath typedef llvm::DenseSet<const void*> VisitedItems; 7995f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks 8005f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks VisitedItems visited; 8018bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef state; 8025f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks SymbolVisitor &visitor; 8035f625712f622f6e57de17b6f7eec242956b993eeAnna Zakspublic: 8045f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks 8058bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ScanReachableSymbols(ProgramStateRef st, SymbolVisitor& v) 8065f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks : state(st), visitor(v) {} 8075f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks 808d207f55cd58054aab77edca35b3e7f645738dfe2Pavel Labath bool scan(nonloc::LazyCompoundVal val); 8095f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks bool scan(nonloc::CompoundVal val); 8105f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks bool scan(SVal val); 8115f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks bool scan(const MemRegion *R); 8125f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks bool scan(const SymExpr *sym); 8135f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks}; 8145f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks 815e54778d77d4f2b2d006bdb7e16f49271e1e9d13dAnna Zaks} // end ento namespace 816ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 817ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} // end clang namespace 818ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 819ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#endif 820