ProgramState.h revision 7f1fd2f182717d5ce6cde60398128910c90f98be
1ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//== ProgramState.h - Path-sensitive "State" for tracking values -*- C++ -*--=// 2ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// 3ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// The LLVM Compiler Infrastructure 4ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// 5ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// This file is distributed under the University of Illinois Open Source 6ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// License. See LICENSE.TXT for details. 7ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// 8ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 9ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// 1053b890ba226e8c84a157ab5e757b93666cc6859dAnna Zaks// This file defines the state of the program along the analysisa path. 11ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// 12ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 13ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 14ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#ifndef LLVM_CLANG_GR_VALUESTATE_H 15ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#define LLVM_CLANG_GR_VALUESTATE_H 16ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 17ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#include "clang/Basic/LLVM.h" 18ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/ConstraintManager.h" 19e54778d77d4f2b2d006bdb7e16f49271e1e9d13dAnna Zaks#include "clang/StaticAnalyzer/Core/PathSensitive/DynamicTypeInfo.h" 20ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/Environment.h" 218bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/ProgramState_Fwd.h" 2230a2e16f6c27f888dd11eba6bbbae1e980078fcbChandler Carruth#include "clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h" 2330a2e16f6c27f888dd11eba6bbbae1e980078fcbChandler Carruth#include "clang/StaticAnalyzer/Core/PathSensitive/Store.h" 24ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks#include "clang/StaticAnalyzer/Core/PathSensitive/TaintTag.h" 25ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#include "llvm/ADT/FoldingSet.h" 26ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#include "llvm/ADT/ImmutableMap.h" 2730a2e16f6c27f888dd11eba6bbbae1e980078fcbChandler Carruth#include "llvm/ADT/PointerIntPair.h" 28ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 29ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremeneknamespace llvm { 30ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekclass APSInt; 31ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekclass BumpPtrAllocator; 32ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 33ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 34ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremeneknamespace clang { 35ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekclass ASTContext; 36ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 37ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremeneknamespace ento { 38ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 39740d490593e0de8732a697c9f77b90ddd463863bJordan Roseclass CallEvent; 40972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Roseclass CallEventManager; 418bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek 42ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektypedef ConstraintManager* (*ConstraintManagerCreator)(ProgramStateManager&, 43ca5d78d0bc3010164f2f9682967d64d7e305a167Jordan Rose SubEngine*); 44ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektypedef StoreManager* (*StoreManagerCreator)(ProgramStateManager&); 45ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 46ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 47ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// ProgramStateTrait - Traits used by the Generic Data Map of a ProgramState. 48ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 49ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 50ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename T> struct ProgramStatePartialTrait; 51ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 52ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename T> struct ProgramStateTrait { 53ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typedef typename T::data_type data_type; 54ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek static inline void *MakeVoidPtr(data_type D) { return (void*) D; } 55ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek static inline data_type MakeData(void *const* P) { 56ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return P ? (data_type) *P : (data_type) 0; 57ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 58ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek}; 59ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 605f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks/// \class ProgramState 61ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// ProgramState - This class encapsulates: 62ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// 63ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// 1. A mapping from expressions to values (Environment) 64ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// 2. A mapping from locations to values (Store) 65ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// 3. Constraints on symbolic values (GenericDataMap) 66ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// 67ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// Together these represent the "abstract state" of a program. 68ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// 69ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// ProgramState is intended to be used as a functional object; that is, 70ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// once it is created and made "persistent" in a FoldingSet, its 71ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// values will never change. 72ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekclass ProgramState : public llvm::FoldingSetNode { 73ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekpublic: 74ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typedef llvm::ImmutableSet<llvm::APSInt*> IntSetTy; 75ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typedef llvm::ImmutableMap<void*, void*> GenericDataMap; 76ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 77ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekprivate: 78be2fa7ebf01259b63dc52fe46c8d101c18e72269Craig Topper void operator=(const ProgramState& R) LLVM_DELETED_FUNCTION; 79ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 80ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek friend class ProgramStateManager; 81ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek friend class ExplodedGraph; 82ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek friend class ExplodedNode; 83ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 84ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateManager *stateMgr; 85ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Environment Env; // Maps a Stmt to its current SVal. 86ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Store store; // Maps a location to its current value. 87ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek GenericDataMap GDM; // Custom data stored by a client of this class. 88ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek unsigned refCount; 89ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 90ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// makeWithStore - Return a ProgramState with the same values as the current 91ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// state with the exception of using the specified Store. 928bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef makeWithStore(const StoreRef &store) const; 93ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 94ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void setStore(const StoreRef &storeRef); 95ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 96ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekpublic: 97ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// This ctor is used when creating the first ProgramState object. 98ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramState(ProgramStateManager *mgr, const Environment& env, 99ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek StoreRef st, GenericDataMap gdm); 100ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 101ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Copy ctor - We must explicitly define this or else the "Next" ptr 102ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// in FoldingSetNode will also get copied. 103ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramState(const ProgramState &RHS); 104ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 105ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ~ProgramState(); 106ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 107ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Return the ProgramStateManager associated with this state. 10847cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek ProgramStateManager &getStateManager() const { 10947cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek return *stateMgr; 11047cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek } 11147cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek 11247cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek /// Return the ConstraintManager. 11347cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek ConstraintManager &getConstraintManager() const; 114ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 115ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// getEnvironment - Return the environment associated with this state. 116ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// The environment is the mapping from expressions to values. 117ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const Environment& getEnvironment() const { return Env; } 118ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 119ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Return the store associated with this state. The store 120ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// is a mapping from locations to values. 121ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Store getStore() const { return store; } 122ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 123ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 124ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// getGDM - Return the generic data map associated with this state. 125ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek GenericDataMap getGDM() const { return GDM; } 126ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 127ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void setGDM(GenericDataMap gdm) { GDM = gdm; } 128ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 129ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Profile - Profile the contents of a ProgramState object for use in a 130ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// FoldingSet. Two ProgramState objects are considered equal if they 131ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// have the same Environment, Store, and GenericDataMap. 132a5888f61be9f8d76e9b48a453dbced50523bd2e0Argyrios Kyrtzidis static void Profile(llvm::FoldingSetNodeID& ID, const ProgramState *V) { 133ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek V->Env.Profile(ID); 134ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ID.AddPointer(V->store); 135ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek V->GDM.Profile(ID); 136ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 137ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 138ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Profile - Used to profile the contents of this object for inclusion 139ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// in a FoldingSet. 140ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void Profile(llvm::FoldingSetNodeID& ID) const { 141ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Profile(ID, this); 142ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 143ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 144ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek BasicValueFactory &getBasicVals() const; 145ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SymbolManager &getSymbolManager() const; 146ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 147ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 148ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Constraints on values. 149ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 150ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 151ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Each ProgramState records constraints on symbolic values. These constraints 152ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // are managed using the ConstraintManager associated with a ProgramStateManager. 153ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // As constraints gradually accrue on symbolic values, added constraints 154ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // may conflict and indicate that a state is infeasible (as no real values 155ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // could satisfy all the constraints). This is the principal mechanism 156ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // for modeling path-sensitivity in ExprEngine/ProgramState. 157ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 158ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Various "assume" methods form the interface for adding constraints to 159ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // symbolic values. A call to 'assume' indicates an assumption being placed 160ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // on one or symbolic values. 'assume' methods take the following inputs: 161ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 162ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // (1) A ProgramState object representing the current state. 163ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 164ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // (2) The assumed constraint (which is specific to a given "assume" method). 165ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 166ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // (3) A binary value "Assumption" that indicates whether the constraint is 167ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // assumed to be true or false. 168ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 169ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // The output of "assume*" is a new ProgramState object with the added constraints. 170ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // If no new state is feasible, NULL is returned. 171ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 172ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 173962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// Assumes that the value of \p cond is zero (if \p assumption is "false") 174962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// or non-zero (if \p assumption is "true"). 175962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// 176962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// This returns a new state with the added constraint on \p cond. 177962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// If no new state is feasible, NULL is returned. 1788bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef assume(DefinedOrUnknownSVal cond, bool assumption) const; 179ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 180962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// Assumes both "true" and "false" for \p cond, and returns both 181962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// corresponding states (respectively). 182962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// 183962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// This is more efficient than calling assume() twice. Note that one (but not 184962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose /// both) of the returned states may be NULL. 185962fbc46664f2486d6805549130fa6b310de6d60Jordan Rose std::pair<ProgramStateRef, ProgramStateRef> 186ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek assume(DefinedOrUnknownSVal cond) const; 187ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 1888bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef assumeInBound(DefinedOrUnknownSVal idx, 189ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek DefinedOrUnknownSVal upperBound, 190af5f550de34525b27f0ff31dafce792caf8158b6Anna Zaks bool assumption, 191af5f550de34525b27f0ff31dafce792caf8158b6Anna Zaks QualType IndexType = QualType()) const; 192cc5dbdae70c6eb2423921f52a35ba4686d2969cfAnna Zaks 193cc5dbdae70c6eb2423921f52a35ba4686d2969cfAnna Zaks /// \brief Check if the given SVal is constrained to zero or is a zero 194cc5dbdae70c6eb2423921f52a35ba4686d2969cfAnna Zaks /// constant. 195cc5dbdae70c6eb2423921f52a35ba4686d2969cfAnna Zaks ConditionTruthVal isNull(SVal V) const; 196cc5dbdae70c6eb2423921f52a35ba4686d2969cfAnna Zaks 1975f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// Utility method for getting regions. 198ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const VarRegion* getRegion(const VarDecl *D, const LocationContext *LC) const; 199ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 200ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 201ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Binding and retrieving values to/from the environment and symbolic store. 202ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 203ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 204ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Create a new state by binding the value 'V' to the statement 'S' in the 205ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// state's environment. 2068bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef BindExpr(const Stmt *S, const LocationContext *LCtx, 2075eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek SVal V, bool Invalidate = true) const; 208ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 20932a549a64922af0903bdb777613ae7ae4490b70fTed Kremenek ProgramStateRef bindLoc(Loc location, 21032a549a64922af0903bdb777613ae7ae4490b70fTed Kremenek SVal V, 21132a549a64922af0903bdb777613ae7ae4490b70fTed Kremenek bool notifyChanges = true) const; 212ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2138bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef bindLoc(SVal location, SVal V) const; 214ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2158bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef bindDefault(SVal loc, SVal V) const; 216ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 21756a46b51df691f857f7120aaf2d4deeff0b014deTed Kremenek ProgramStateRef killBinding(Loc LV) const; 218ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 219bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// \brief Returns the state with bindings for the given regions 220bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// cleared from the store. 221bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// 222bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// Optionally invalidates global regions as well. 223bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// 224bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// \param Regions the set of regions to be invalidated. 225bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// \param E the expression that caused the invalidation. 2261655bcd052a67a3050fc55df8ecce57342352e68Anna Zaks /// \param BlockCount The number of times the current basic block has been 2271655bcd052a67a3050fc55df8ecce57342352e68Anna Zaks // visited. 22864eb070234bc4cd4fd2debf3a91c6e2d8f0d32d8Anna Zaks /// \param CausesPointerEscape the flag is set to true when 22964eb070234bc4cd4fd2debf3a91c6e2d8f0d32d8Anna Zaks /// the invalidation entails escape of a symbol (representing a 2301655bcd052a67a3050fc55df8ecce57342352e68Anna Zaks /// pointer). For example, due to it being passed as an argument in a 2311655bcd052a67a3050fc55df8ecce57342352e68Anna Zaks /// call. 232bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// \param IS the set of invalidated symbols. 2331655bcd052a67a3050fc55df8ecce57342352e68Anna Zaks /// \param Call if non-null, the invalidated regions represent parameters to 2341655bcd052a67a3050fc55df8ecce57342352e68Anna Zaks /// the call and should be considered directly invalidated. 235f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose /// \param ConstRegions the set of regions whose contents are accessible, 236f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose /// even though the regions themselves should not be invalidated. 237f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose ProgramStateRef 238f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose invalidateRegions(ArrayRef<const MemRegion *> Regions, const Expr *E, 239f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose unsigned BlockCount, const LocationContext *LCtx, 240f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose bool CausesPointerEscape, InvalidatedSymbols *IS = 0, 241f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose const CallEvent *Call = 0, 242f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose ArrayRef<const MemRegion *> ConstRegions = 243f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose ArrayRef<const MemRegion *>()) const; 244ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 245658a28479dd775f6ff2c07fa5699a7ea01e04127Anna Zaks ProgramStateRef 246658a28479dd775f6ff2c07fa5699a7ea01e04127Anna Zaks invalidateRegions(ArrayRef<SVal> Regions, const Expr *E, 247658a28479dd775f6ff2c07fa5699a7ea01e04127Anna Zaks unsigned BlockCount, const LocationContext *LCtx, 248658a28479dd775f6ff2c07fa5699a7ea01e04127Anna Zaks bool CausesPointerEscape, InvalidatedSymbols *IS = 0, 249658a28479dd775f6ff2c07fa5699a7ea01e04127Anna Zaks const CallEvent *Call = 0, 250658a28479dd775f6ff2c07fa5699a7ea01e04127Anna Zaks ArrayRef<SVal> ConstRegions = ArrayRef<SVal>()) const; 251658a28479dd775f6ff2c07fa5699a7ea01e04127Anna Zaks 252ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// enterStackFrame - Returns the state for entry to the given stack frame, 253ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// preserving the current state. 254e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose ProgramStateRef enterStackFrame(const CallEvent &Call, 255e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose const StackFrameContext *CalleeCtx) const; 256ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 257ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Get the lvalue for a variable reference. 258ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Loc getLValue(const VarDecl *D, const LocationContext *LC) const; 259ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 260ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Loc getLValue(const CompoundLiteralExpr *literal, 261ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const LocationContext *LC) const; 262ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 263ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Get the lvalue for an ivar reference. 264ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getLValue(const ObjCIvarDecl *decl, SVal base) const; 265ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 266ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Get the lvalue for a field reference. 267ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getLValue(const FieldDecl *decl, SVal Base) const; 268ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2693a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose /// Get the lvalue for an indirect field reference. 2703a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose SVal getLValue(const IndirectFieldDecl *decl, SVal Base) const; 2713a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose 272ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Get the lvalue for an array index. 273ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getLValue(QualType ElementType, SVal Idx, SVal Base) const; 274ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 275ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Returns the SVal bound to the statement 'S' in the state's environment. 276e5a934d3c840872d58724383a83443ed38f1d831Jordan Rose SVal getSVal(const Stmt *S, const LocationContext *LCtx) const; 277ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2785eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek SVal getSValAsScalarOrLoc(const Stmt *Ex, const LocationContext *LCtx) const; 279ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2804335a48214dcbb258e08c8867c45648e25edb2ecAnna Zaks /// \brief Return the value bound to the specified location. 2814335a48214dcbb258e08c8867c45648e25edb2ecAnna Zaks /// Returns UnknownVal() if none found. 282ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getSVal(Loc LV, QualType T = QualType()) const; 283ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 284ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Returns the "raw" SVal bound to LV before any value simplfication. 285ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getRawSVal(Loc LV, QualType T= QualType()) const; 286ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2874335a48214dcbb258e08c8867c45648e25edb2ecAnna Zaks /// \brief Return the value bound to the specified location. 2884335a48214dcbb258e08c8867c45648e25edb2ecAnna Zaks /// Returns UnknownVal() if none found. 289ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getSVal(const MemRegion* R) const; 290ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 291ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getSValAsScalarOrLoc(const MemRegion *R) const; 292ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2935f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// \brief Visits the symbols reachable from the given SVal using the provided 2945f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// SymbolVisitor. 2955f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// 2965f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// This is a convenience API. Consider using ScanReachableSymbols class 2975f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// directly when making multiple scans on the same state with the same 2985f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// visitor to avoid repeated initialization cost. 2995f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// \sa ScanReachableSymbols 300ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek bool scanReachableSymbols(SVal val, SymbolVisitor& visitor) const; 301ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 3025f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// \brief Visits the symbols reachable from the SVals in the given range 3035f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// using the provided SymbolVisitor. 304ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek bool scanReachableSymbols(const SVal *I, const SVal *E, 305ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SymbolVisitor &visitor) const; 306ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 3075f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// \brief Visits the symbols reachable from the regions in the given 3085f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// MemRegions range using the provided SymbolVisitor. 309ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek bool scanReachableSymbols(const MemRegion * const *I, 310ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const MemRegion * const *E, 311ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SymbolVisitor &visitor) const; 312ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 313ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename CB> CB scanReachableSymbols(SVal val) const; 314ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename CB> CB scanReachableSymbols(const SVal *beg, 315ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const SVal *end) const; 316ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 317ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename CB> CB 318ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek scanReachableSymbols(const MemRegion * const *beg, 319ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const MemRegion * const *end) const; 320ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 321ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks /// Create a new state in which the statement is marked as tainted. 3228bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef addTaint(const Stmt *S, const LocationContext *LCtx, 323ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks TaintTagType Kind = TaintTagGeneric) const; 324ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks 325ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks /// Create a new state in which the symbol is marked as tainted. 3268bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef addTaint(SymbolRef S, 327ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks TaintTagType Kind = TaintTagGeneric) const; 328ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks 32928fd98d66dab4569316de2b5881d91b534a42461Anna Zaks /// Create a new state in which the region symbol is marked as tainted. 3308bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef addTaint(const MemRegion *R, 33128fd98d66dab4569316de2b5881d91b534a42461Anna Zaks TaintTagType Kind = TaintTagGeneric) const; 33228fd98d66dab4569316de2b5881d91b534a42461Anna Zaks 333ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks /// Check if the statement is tainted in the current state. 3345eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek bool isTainted(const Stmt *S, const LocationContext *LCtx, 3355eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek TaintTagType Kind = TaintTagGeneric) const; 336ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks bool isTainted(SVal V, TaintTagType Kind = TaintTagGeneric) const; 3379f03b62036a7abc0a227b17f4a49b9eefced9450Anna Zaks bool isTainted(SymbolRef Sym, TaintTagType Kind = TaintTagGeneric) const; 338dcf06fa1fbb9c018e152629ef3f3fa7b1acffe7aAnna Zaks bool isTainted(const MemRegion *Reg, TaintTagType Kind=TaintTagGeneric) const; 339ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks 340c7ecc43c33a21b82c49664910b19fcc1f555aa51Anna Zaks /// \brief Get dynamic type information for a region. 3412d18419a7c8f9a2975d4ed74a202de6467308ad1Anna Zaks DynamicTypeInfo getDynamicTypeInfo(const MemRegion *Reg) const; 342c7ecc43c33a21b82c49664910b19fcc1f555aa51Anna Zaks 343d4fe57f7f7a8793227effc1274d70ec44cee9a4fAnna Zaks /// \brief Set dynamic type information of the region; return the new state. 344d4fe57f7f7a8793227effc1274d70ec44cee9a4fAnna Zaks ProgramStateRef setDynamicTypeInfo(const MemRegion *Reg, 345c7ecc43c33a21b82c49664910b19fcc1f555aa51Anna Zaks DynamicTypeInfo NewTy) const; 346c7ecc43c33a21b82c49664910b19fcc1f555aa51Anna Zaks 347d4fe57f7f7a8793227effc1274d70ec44cee9a4fAnna Zaks /// \brief Set dynamic type information of the region; return the new state. 348d4fe57f7f7a8793227effc1274d70ec44cee9a4fAnna Zaks ProgramStateRef setDynamicTypeInfo(const MemRegion *Reg, 34954918ba02ba900c0e0bb4fd3d749b6b1ac4e50a9Anna Zaks QualType NewTy, 35054918ba02ba900c0e0bb4fd3d749b6b1ac4e50a9Anna Zaks bool CanBeSubClassed = true) const { 35154918ba02ba900c0e0bb4fd3d749b6b1ac4e50a9Anna Zaks return setDynamicTypeInfo(Reg, DynamicTypeInfo(NewTy, CanBeSubClassed)); 352c7ecc43c33a21b82c49664910b19fcc1f555aa51Anna Zaks } 3532d18419a7c8f9a2975d4ed74a202de6467308ad1Anna Zaks 354ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 355ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Accessing the Generic Data Map (GDM). 356ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 357ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 358ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void *const* FindGDM(void *K) const; 359ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 360ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 3618bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef add(typename ProgramStateTrait<T>::key_type K) const; 362ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 363ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 364ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::data_type 365ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek get() const { 366ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return ProgramStateTrait<T>::MakeData(FindGDM(ProgramStateTrait<T>::GDMIndex())); 367ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 368ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 369ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 370ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::lookup_type 371ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek get(typename ProgramStateTrait<T>::key_type key) const { 372ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void *const* d = FindGDM(ProgramStateTrait<T>::GDMIndex()); 373ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return ProgramStateTrait<T>::Lookup(ProgramStateTrait<T>::MakeData(d), key); 374ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 375ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 376ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 377ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type get_context() const; 378ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 379ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 380ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 3818bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef remove(typename ProgramStateTrait<T>::key_type K) const; 382ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 383ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 3848bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef remove(typename ProgramStateTrait<T>::key_type K, 385ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) const; 386ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 3878bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef remove() const; 388ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 389ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 3908bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef set(typename ProgramStateTrait<T>::data_type D) const; 391ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 392ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 3938bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef set(typename ProgramStateTrait<T>::key_type K, 394ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::value_type E) const; 395ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 396ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 3978bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef set(typename ProgramStateTrait<T>::key_type K, 398ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::value_type E, 399ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) const; 400ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 401ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 402ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek bool contains(typename ProgramStateTrait<T>::key_type key) const { 403ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void *const* d = FindGDM(ProgramStateTrait<T>::GDMIndex()); 404ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return ProgramStateTrait<T>::Contains(ProgramStateTrait<T>::MakeData(d), key); 405ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 406ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 407ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Pretty-printing. 4085eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek void print(raw_ostream &Out, const char *nl = "\n", 409ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const char *sep = "") const; 4105eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek void printDOT(raw_ostream &Out) const; 411be97b7edb112520d764c24e8b9a159cdc692bcb6Anna Zaks void printTaint(raw_ostream &Out, const char *nl = "\n", 412be97b7edb112520d764c24e8b9a159cdc692bcb6Anna Zaks const char *sep = "") const; 413ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 414d0167853f46cc78787b06255a44f9dcedd04a8ecAnna Zaks void dump() const; 415be97b7edb112520d764c24e8b9a159cdc692bcb6Anna Zaks void dumpTaint() const; 416d0167853f46cc78787b06255a44f9dcedd04a8ecAnna Zaks 417ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekprivate: 418a5888f61be9f8d76e9b48a453dbced50523bd2e0Argyrios Kyrtzidis friend void ProgramStateRetain(const ProgramState *state); 419a5888f61be9f8d76e9b48a453dbced50523bd2e0Argyrios Kyrtzidis friend void ProgramStateRelease(const ProgramState *state); 420f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose 421658a28479dd775f6ff2c07fa5699a7ea01e04127Anna Zaks /// \sa invalidateValues() 422f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose /// \sa invalidateRegions() 423f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose ProgramStateRef 424658a28479dd775f6ff2c07fa5699a7ea01e04127Anna Zaks invalidateRegionsImpl(ArrayRef<SVal> Values, 425537716ad8dd10f984b6cfe6985afade1185c5e3cJordy Rose const Expr *E, unsigned BlockCount, 4263133f79cf451e6302dd05262b4bb53a3e4fd6300Ted Kremenek const LocationContext *LCtx, 427bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks bool ResultsInSymbolEscape, 428bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks InvalidatedSymbols &IS, 429f8ddc098981d4d85cad4e72fc6dfcfe83b842b66Jordan Rose const CallEvent *Call, 430658a28479dd775f6ff2c07fa5699a7ea01e04127Anna Zaks ArrayRef<SVal> ConstValues) const; 431ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek}; 432ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 433ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 434ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// ProgramStateManager - Factory object for ProgramStates. 435ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 436ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 437ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekclass ProgramStateManager { 438ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek friend class ProgramState; 439a5888f61be9f8d76e9b48a453dbced50523bd2e0Argyrios Kyrtzidis friend void ProgramStateRelease(const ProgramState *state); 440ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekprivate: 441ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Eng - The SubEngine that owns this state manager. 442ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SubEngine *Eng; /* Can be null. */ 443ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 444ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek EnvironmentManager EnvMgr; 4456f42b62b6194f53bcbc349f5d17388e1936535d7Dylan Noblesmith OwningPtr<StoreManager> StoreMgr; 4466f42b62b6194f53bcbc349f5d17388e1936535d7Dylan Noblesmith OwningPtr<ConstraintManager> ConstraintMgr; 447ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 448ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramState::GenericDataMap::Factory GDMFactory; 449ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 450ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typedef llvm::DenseMap<void*,std::pair<void*,void (*)(void*)> > GDMContextsTy; 451ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek GDMContextsTy GDMContexts; 452ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 453ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// StateSet - FoldingSet containing all the states created for analyzing 454ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// a particular function. This is used to unique states. 455ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek llvm::FoldingSet<ProgramState> StateSet; 456ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 457ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Object that manages the data for all created SVals. 4586f42b62b6194f53bcbc349f5d17388e1936535d7Dylan Noblesmith OwningPtr<SValBuilder> svalBuilder; 459ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 460972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose /// Manages memory for created CallEvents. 461972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose OwningPtr<CallEventManager> CallEventMgr; 462972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 463ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// A BumpPtrAllocator to allocate states. 464ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek llvm::BumpPtrAllocator &Alloc; 465ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 466ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// A vector of ProgramStates that we can reuse. 467ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek std::vector<ProgramState *> freeStates; 468ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 469ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekpublic: 470ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateManager(ASTContext &Ctx, 471ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek StoreManagerCreator CreateStoreManager, 472ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ConstraintManagerCreator CreateConstraintManager, 473ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek llvm::BumpPtrAllocator& alloc, 474ca5d78d0bc3010164f2f9682967d64d7e305a167Jordan Rose SubEngine *subeng); 475ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 476ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ~ProgramStateManager(); 477ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 4788bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef getInitialState(const LocationContext *InitLoc); 479ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 480ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ASTContext &getContext() { return svalBuilder->getContext(); } 481ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const ASTContext &getContext() const { return svalBuilder->getContext(); } 482ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 483ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek BasicValueFactory &getBasicVals() { 484ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return svalBuilder->getBasicValueFactory(); 485ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 486ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 487ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SValBuilder &getSValBuilder() { 488ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return *svalBuilder; 489ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 490ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 491ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SymbolManager &getSymbolManager() { 492ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return svalBuilder->getSymbolManager(); 493ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 494ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const SymbolManager &getSymbolManager() const { 495ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return svalBuilder->getSymbolManager(); 496ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 497ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 498ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek llvm::BumpPtrAllocator& getAllocator() { return Alloc; } 499ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 500ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek MemRegionManager& getRegionManager() { 501ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return svalBuilder->getRegionManager(); 502ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 503ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const MemRegionManager& getRegionManager() const { 504ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return svalBuilder->getRegionManager(); 505ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 506ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 507972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose CallEventManager &getCallEventManager() { return *CallEventMgr; } 508972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 509ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek StoreManager& getStoreManager() { return *StoreMgr; } 510ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ConstraintManager& getConstraintManager() { return *ConstraintMgr; } 511ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SubEngine* getOwningEngine() { return Eng; } 512ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 5138bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef removeDeadBindings(ProgramStateRef St, 514ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const StackFrameContext *LCtx, 515ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SymbolReaper& SymReaper); 516ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 517ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekpublic: 518ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 5197f1fd2f182717d5ce6cde60398128910c90f98beAnna Zaks SVal ArrayToPointer(Loc Array, QualType ElementTy) { 5207f1fd2f182717d5ce6cde60398128910c90f98beAnna Zaks return StoreMgr->ArrayToPointer(Array, ElementTy); 521ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 522ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 523ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Methods that manipulate the GDM. 5248bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef addGDM(ProgramStateRef St, void *Key, void *Data); 5258bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef removeGDM(ProgramStateRef state, void *Key); 526ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 527ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Methods that query & manipulate the Store. 528ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 5298bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek void iterBindings(ProgramStateRef state, StoreManager::BindingsHandler& F) { 530ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek StoreMgr->iterBindings(state->getStore(), F); 531ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 532ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 5338bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef getPersistentState(ProgramState &Impl); 5348bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef getPersistentStateWithGDM(ProgramStateRef FromState, 5358bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef GDMState); 536ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 5378bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek bool haveEqualEnvironments(ProgramStateRef S1, ProgramStateRef S2) { 538ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return S1->Env == S2->Env; 539ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 540ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 5418bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek bool haveEqualStores(ProgramStateRef S1, ProgramStateRef S2) { 542ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return S1->store == S2->store; 543ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 544ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 545ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 546ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Generic Data Map methods. 547ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 548ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 549ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // ProgramStateManager and ProgramState support a "generic data map" that allows 550ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // different clients of ProgramState objects to embed arbitrary data within a 551ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // ProgramState object. The generic data map is essentially an immutable map 552ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // from a "tag" (that acts as the "key" for a client) and opaque values. 553ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Tags/keys and values are simply void* values. The typical way that clients 554ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // generate unique tags are by taking the address of a static variable. 555ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Clients are responsible for ensuring that data values referred to by a 556ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // the data pointer are immutable (and thus are essentially purely functional 557ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // data). 558ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 559ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // The templated methods below use the ProgramStateTrait<T> class 560ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // to resolve keys into the GDM and to return data values to clients. 561ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 562ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 563ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Trait based GDM dispatch. 564ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 5658bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef set(ProgramStateRef st, typename ProgramStateTrait<T>::data_type D) { 566ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return addGDM(st, ProgramStateTrait<T>::GDMIndex(), 567ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateTrait<T>::MakeVoidPtr(D)); 568ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 569ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 570ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 5718bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef set(ProgramStateRef st, 572ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::key_type K, 573ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::value_type V, 574ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) { 575ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 576ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return addGDM(st, ProgramStateTrait<T>::GDMIndex(), 577ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateTrait<T>::MakeVoidPtr(ProgramStateTrait<T>::Set(st->get<T>(), K, V, C))); 578ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 579ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 580ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 5818bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef add(ProgramStateRef st, 582ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::key_type K, 583ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) { 584ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return addGDM(st, ProgramStateTrait<T>::GDMIndex(), 585ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateTrait<T>::MakeVoidPtr(ProgramStateTrait<T>::Add(st->get<T>(), K, C))); 586ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 587ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 588ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 5898bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef remove(ProgramStateRef st, 590ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::key_type K, 591ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) { 592ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 593ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return addGDM(st, ProgramStateTrait<T>::GDMIndex(), 594ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateTrait<T>::MakeVoidPtr(ProgramStateTrait<T>::Remove(st->get<T>(), K, C))); 595ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 596ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 597ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 5988bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef remove(ProgramStateRef st) { 599ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return removeGDM(st, ProgramStateTrait<T>::GDMIndex()); 600ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 601ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 602ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void *FindGDMContext(void *index, 603ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void *(*CreateContext)(llvm::BumpPtrAllocator&), 604ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void (*DeleteContext)(void*)); 605ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 606ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 607ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type get_context() { 608ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void *p = FindGDMContext(ProgramStateTrait<T>::GDMIndex(), 609ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateTrait<T>::CreateContext, 610ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateTrait<T>::DeleteContext); 611ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 612ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return ProgramStateTrait<T>::MakeContext(p); 613ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 614ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 6158bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek void EndPath(ProgramStateRef St) { 616ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ConstraintMgr->EndPath(St); 617ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 618ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek}; 619ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 620ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 621ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 622ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// Out-of-line method definitions for ProgramState. 623ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 624ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 62547cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenekinline ConstraintManager &ProgramState::getConstraintManager() const { 62647cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek return stateMgr->getConstraintManager(); 62747cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek} 62847cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek 629ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline const VarRegion* ProgramState::getRegion(const VarDecl *D, 6305eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek const LocationContext *LC) const 6315eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek{ 632ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().getRegionManager().getVarRegion(D, LC); 633ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 634ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 6358bef8238181a30e52dea380789a7e2d760eac532Ted Kremenekinline ProgramStateRef ProgramState::assume(DefinedOrUnknownSVal Cond, 636ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek bool Assumption) const { 637ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek if (Cond.isUnknown()) 638ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return this; 6395251abea41b446c26e3239c8dd6c7edea6fc335dDavid Blaikie 6405251abea41b446c26e3239c8dd6c7edea6fc335dDavid Blaikie return getStateManager().ConstraintMgr 6415251abea41b446c26e3239c8dd6c7edea6fc335dDavid Blaikie ->assume(this, Cond.castAs<DefinedSVal>(), Assumption); 642ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 643ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 6448bef8238181a30e52dea380789a7e2d760eac532Ted Kremenekinline std::pair<ProgramStateRef , ProgramStateRef > 645ae160f880d183ab938fd7ce3b891694ae2f569c0Ted KremenekProgramState::assume(DefinedOrUnknownSVal Cond) const { 646ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek if (Cond.isUnknown()) 647ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return std::make_pair(this, this); 6485251abea41b446c26e3239c8dd6c7edea6fc335dDavid Blaikie 6495251abea41b446c26e3239c8dd6c7edea6fc335dDavid Blaikie return getStateManager().ConstraintMgr 6505251abea41b446c26e3239c8dd6c7edea6fc335dDavid Blaikie ->assumeDual(this, Cond.castAs<DefinedSVal>()); 651ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 652ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 6538bef8238181a30e52dea380789a7e2d760eac532Ted Kremenekinline ProgramStateRef ProgramState::bindLoc(SVal LV, SVal V) const { 654dc84cd5efdd3430efb22546b4ac656aa0540b210David Blaikie if (Optional<Loc> L = LV.getAs<Loc>()) 6555251abea41b446c26e3239c8dd6c7edea6fc335dDavid Blaikie return bindLoc(*L, V); 6565251abea41b446c26e3239c8dd6c7edea6fc335dDavid Blaikie return this; 657ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 658ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 659ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline Loc ProgramState::getLValue(const VarDecl *VD, 660ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const LocationContext *LC) const { 661ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().StoreMgr->getLValueVar(VD, LC); 662ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 663ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 664ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline Loc ProgramState::getLValue(const CompoundLiteralExpr *literal, 665ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const LocationContext *LC) const { 666ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().StoreMgr->getLValueCompoundLiteral(literal, LC); 667ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 668ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 669ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline SVal ProgramState::getLValue(const ObjCIvarDecl *D, SVal Base) const { 670ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().StoreMgr->getLValueIvar(D, Base); 671ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 672ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 673ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline SVal ProgramState::getLValue(const FieldDecl *D, SVal Base) const { 674ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().StoreMgr->getLValueField(D, Base); 675ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 676ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 6773a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Roseinline SVal ProgramState::getLValue(const IndirectFieldDecl *D, 6783a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose SVal Base) const { 6793a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose StoreManager &SM = *getStateManager().StoreMgr; 6803a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose for (IndirectFieldDecl::chain_iterator I = D->chain_begin(), 6813a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose E = D->chain_end(); 6823a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose I != E; ++I) { 6833a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose Base = SM.getLValueField(cast<FieldDecl>(*I), Base); 6843a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose } 6853a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose 6863a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose return Base; 6873a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose} 6883a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose 689ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline SVal ProgramState::getLValue(QualType ElementType, SVal Idx, SVal Base) const{ 690dc84cd5efdd3430efb22546b4ac656aa0540b210David Blaikie if (Optional<NonLoc> N = Idx.getAs<NonLoc>()) 691ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().StoreMgr->getLValueElement(ElementType, *N, Base); 692ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return UnknownVal(); 693ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 694ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 695e5a934d3c840872d58724383a83443ed38f1d831Jordan Roseinline SVal ProgramState::getSVal(const Stmt *Ex, 696e5a934d3c840872d58724383a83443ed38f1d831Jordan Rose const LocationContext *LCtx) const{ 6975eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek return Env.getSVal(EnvironmentEntry(Ex, LCtx), 698e5a934d3c840872d58724383a83443ed38f1d831Jordan Rose *getStateManager().svalBuilder); 699ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 700ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 7015eca482fe895ea57bc82410222e6426c09e63284Ted Kremenekinline SVal 7025eca482fe895ea57bc82410222e6426c09e63284Ted KremenekProgramState::getSValAsScalarOrLoc(const Stmt *S, 7035eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek const LocationContext *LCtx) const { 704ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek if (const Expr *Ex = dyn_cast<Expr>(S)) { 705ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek QualType T = Ex->getType(); 706a5796f87229b4aeebca71fa6ee1790ae7a5a0382Jordan Rose if (Ex->isGLValue() || Loc::isLocType(T) || 707a5796f87229b4aeebca71fa6ee1790ae7a5a0382Jordan Rose T->isIntegralOrEnumerationType()) 7085eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek return getSVal(S, LCtx); 709ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 710ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 711ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return UnknownVal(); 712ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 713ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 714ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline SVal ProgramState::getRawSVal(Loc LV, QualType T) const { 7151437425a62dbf7bdb0a855d3ed3b05ed2019ec1eAnna Zaks return getStateManager().StoreMgr->getBinding(getStore(), LV, T); 716ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 717ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 718ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline SVal ProgramState::getSVal(const MemRegion* R) const { 7191437425a62dbf7bdb0a855d3ed3b05ed2019ec1eAnna Zaks return getStateManager().StoreMgr->getBinding(getStore(), 7201437425a62dbf7bdb0a855d3ed3b05ed2019ec1eAnna Zaks loc::MemRegionVal(R)); 721ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 722ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 723ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline BasicValueFactory &ProgramState::getBasicVals() const { 724ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().getBasicVals(); 725ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 726ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 727ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline SymbolManager &ProgramState::getSymbolManager() const { 728ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().getSymbolManager(); 729ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 730ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 731ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate<typename T> 7328bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::add(typename ProgramStateTrait<T>::key_type K) const { 733ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().add<T>(this, K, get_context<T>()); 734ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 735ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 736ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename T> 737ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektypename ProgramStateTrait<T>::context_type ProgramState::get_context() const { 738ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().get_context<T>(); 739ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 740ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 741ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate<typename T> 7428bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::remove(typename ProgramStateTrait<T>::key_type K) const { 743ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().remove<T>(this, K, get_context<T>()); 744ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 745ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 746ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate<typename T> 7478bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::remove(typename ProgramStateTrait<T>::key_type K, 748ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) const { 749ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().remove<T>(this, K, C); 750ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 751ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 752ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename T> 7538bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::remove() const { 754ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().remove<T>(this); 755ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 756ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 757ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate<typename T> 7588bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::set(typename ProgramStateTrait<T>::data_type D) const { 759ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().set<T>(this, D); 760ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 761ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 762ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate<typename T> 7638bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::set(typename ProgramStateTrait<T>::key_type K, 764ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::value_type E) const { 765ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().set<T>(this, K, E, get_context<T>()); 766ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 767ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 768ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate<typename T> 7698bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::set(typename ProgramStateTrait<T>::key_type K, 770ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::value_type E, 771ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) const { 772ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().set<T>(this, K, E, C); 773ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 774ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 775ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename CB> 776ae160f880d183ab938fd7ce3b891694ae2f569c0Ted KremenekCB ProgramState::scanReachableSymbols(SVal val) const { 777ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek CB cb(this); 778ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek scanReachableSymbols(val, cb); 779ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return cb; 780ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 781ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 782ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename CB> 783ae160f880d183ab938fd7ce3b891694ae2f569c0Ted KremenekCB ProgramState::scanReachableSymbols(const SVal *beg, const SVal *end) const { 784ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek CB cb(this); 785ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek scanReachableSymbols(beg, end, cb); 786ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return cb; 787ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 788ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 789ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename CB> 790ae160f880d183ab938fd7ce3b891694ae2f569c0Ted KremenekCB ProgramState::scanReachableSymbols(const MemRegion * const *beg, 791ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const MemRegion * const *end) const { 792ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek CB cb(this); 793ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek scanReachableSymbols(beg, end, cb); 794ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return cb; 795ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 796ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 7975f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks/// \class ScanReachableSymbols 7985f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks/// A Utility class that allows to visit the reachable symbols using a custom 7995f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks/// SymbolVisitor. 800e0d24eb1060a213ec9820dc02c45f26b2d5b348bJordan Roseclass ScanReachableSymbols { 8015f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks typedef llvm::DenseMap<const void*, unsigned> VisitedItems; 8025f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks 8035f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks VisitedItems visited; 8048bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef state; 8055f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks SymbolVisitor &visitor; 8065f625712f622f6e57de17b6f7eec242956b993eeAnna Zakspublic: 8075f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks 8088bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ScanReachableSymbols(ProgramStateRef st, SymbolVisitor& v) 8095f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks : state(st), visitor(v) {} 8105f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks 8115f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks bool scan(nonloc::CompoundVal val); 8125f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks bool scan(SVal val); 8135f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks bool scan(const MemRegion *R); 8145f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks bool scan(const SymExpr *sym); 8155f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks}; 8165f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks 817e54778d77d4f2b2d006bdb7e16f49271e1e9d13dAnna Zaks} // end ento namespace 818ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 819ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} // end clang namespace 820ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 821ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#endif 822