ProgramState.h revision bf53dfac8195835028bd6347433f7dbebcc29fc1
1ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//== ProgramState.h - Path-sensitive "State" for tracking values -*- C++ -*--=// 2ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// 3ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// The LLVM Compiler Infrastructure 4ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// 5ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// This file is distributed under the University of Illinois Open Source 6ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// License. See LICENSE.TXT for details. 7ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// 8ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 9ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// 1053b890ba226e8c84a157ab5e757b93666cc6859dAnna Zaks// This file defines the state of the program along the analysisa path. 11ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// 12ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 13ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 14ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#ifndef LLVM_CLANG_GR_VALUESTATE_H 15ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#define LLVM_CLANG_GR_VALUESTATE_H 16ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 17ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#include "clang/Basic/LLVM.h" 18ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/ConstraintManager.h" 19e54778d77d4f2b2d006bdb7e16f49271e1e9d13dAnna Zaks#include "clang/StaticAnalyzer/Core/PathSensitive/DynamicTypeInfo.h" 20ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/Environment.h" 218bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek#include "clang/StaticAnalyzer/Core/PathSensitive/ProgramState_Fwd.h" 2230a2e16f6c27f888dd11eba6bbbae1e980078fcbChandler Carruth#include "clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h" 2330a2e16f6c27f888dd11eba6bbbae1e980078fcbChandler Carruth#include "clang/StaticAnalyzer/Core/PathSensitive/Store.h" 24ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks#include "clang/StaticAnalyzer/Core/PathSensitive/TaintTag.h" 25ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#include "llvm/ADT/FoldingSet.h" 26ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#include "llvm/ADT/ImmutableMap.h" 2730a2e16f6c27f888dd11eba6bbbae1e980078fcbChandler Carruth#include "llvm/ADT/PointerIntPair.h" 28ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 29ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremeneknamespace llvm { 30ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekclass APSInt; 31ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekclass BumpPtrAllocator; 32ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 33ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 34ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremeneknamespace clang { 35ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekclass ASTContext; 36ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 37ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremeneknamespace ento { 38ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 39740d490593e0de8732a697c9f77b90ddd463863bJordan Roseclass CallEvent; 40972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Roseclass CallEventManager; 418bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek 42ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektypedef ConstraintManager* (*ConstraintManagerCreator)(ProgramStateManager&, 43ca5d78d0bc3010164f2f9682967d64d7e305a167Jordan Rose SubEngine*); 44ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektypedef StoreManager* (*StoreManagerCreator)(ProgramStateManager&); 45ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 46ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 47ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// ProgramStateTrait - Traits used by the Generic Data Map of a ProgramState. 48ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 49ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 50ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename T> struct ProgramStatePartialTrait; 51ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 52ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename T> struct ProgramStateTrait { 53ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typedef typename T::data_type data_type; 54ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek static inline void *MakeVoidPtr(data_type D) { return (void*) D; } 55ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek static inline data_type MakeData(void *const* P) { 56ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return P ? (data_type) *P : (data_type) 0; 57ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 58ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek}; 59ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 605f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks/// \class ProgramState 61ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// ProgramState - This class encapsulates: 62ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// 63ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// 1. A mapping from expressions to values (Environment) 64ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// 2. A mapping from locations to values (Store) 65ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// 3. Constraints on symbolic values (GenericDataMap) 66ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// 67ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// Together these represent the "abstract state" of a program. 68ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// 69ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// ProgramState is intended to be used as a functional object; that is, 70ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// once it is created and made "persistent" in a FoldingSet, its 71ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek/// values will never change. 72ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekclass ProgramState : public llvm::FoldingSetNode { 73ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekpublic: 74ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typedef llvm::ImmutableSet<llvm::APSInt*> IntSetTy; 75ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typedef llvm::ImmutableMap<void*, void*> GenericDataMap; 76ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 77ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekprivate: 78be2fa7ebf01259b63dc52fe46c8d101c18e72269Craig Topper void operator=(const ProgramState& R) LLVM_DELETED_FUNCTION; 79ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 80ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek friend class ProgramStateManager; 81ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek friend class ExplodedGraph; 82ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek friend class ExplodedNode; 83ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 84ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateManager *stateMgr; 85ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Environment Env; // Maps a Stmt to its current SVal. 86ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Store store; // Maps a location to its current value. 87ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek GenericDataMap GDM; // Custom data stored by a client of this class. 88ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek unsigned refCount; 89ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 90ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// makeWithStore - Return a ProgramState with the same values as the current 91ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// state with the exception of using the specified Store. 928bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef makeWithStore(const StoreRef &store) const; 93ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 94ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void setStore(const StoreRef &storeRef); 95ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 96ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekpublic: 97ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// This ctor is used when creating the first ProgramState object. 98ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramState(ProgramStateManager *mgr, const Environment& env, 99ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek StoreRef st, GenericDataMap gdm); 100ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 101ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Copy ctor - We must explicitly define this or else the "Next" ptr 102ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// in FoldingSetNode will also get copied. 103ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramState(const ProgramState &RHS); 104ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 105ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ~ProgramState(); 106ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 107ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Return the ProgramStateManager associated with this state. 10847cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek ProgramStateManager &getStateManager() const { 10947cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek return *stateMgr; 11047cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek } 11147cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek 11247cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek /// Return the ConstraintManager. 11347cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek ConstraintManager &getConstraintManager() const; 114ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 115ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// getEnvironment - Return the environment associated with this state. 116ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// The environment is the mapping from expressions to values. 117ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const Environment& getEnvironment() const { return Env; } 118ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 119ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Return the store associated with this state. The store 120ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// is a mapping from locations to values. 121ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Store getStore() const { return store; } 122ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 123ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 124ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// getGDM - Return the generic data map associated with this state. 125ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek GenericDataMap getGDM() const { return GDM; } 126ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 127ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void setGDM(GenericDataMap gdm) { GDM = gdm; } 128ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 129ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Profile - Profile the contents of a ProgramState object for use in a 130ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// FoldingSet. Two ProgramState objects are considered equal if they 131ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// have the same Environment, Store, and GenericDataMap. 132a5888f61be9f8d76e9b48a453dbced50523bd2e0Argyrios Kyrtzidis static void Profile(llvm::FoldingSetNodeID& ID, const ProgramState *V) { 133ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek V->Env.Profile(ID); 134ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ID.AddPointer(V->store); 135ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek V->GDM.Profile(ID); 136ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 137ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 138ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Profile - Used to profile the contents of this object for inclusion 139ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// in a FoldingSet. 140ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void Profile(llvm::FoldingSetNodeID& ID) const { 141ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Profile(ID, this); 142ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 143ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 144ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek BasicValueFactory &getBasicVals() const; 145ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SymbolManager &getSymbolManager() const; 146ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 147ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 148ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Constraints on values. 149ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 150ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 151ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Each ProgramState records constraints on symbolic values. These constraints 152ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // are managed using the ConstraintManager associated with a ProgramStateManager. 153ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // As constraints gradually accrue on symbolic values, added constraints 154ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // may conflict and indicate that a state is infeasible (as no real values 155ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // could satisfy all the constraints). This is the principal mechanism 156ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // for modeling path-sensitivity in ExprEngine/ProgramState. 157ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 158ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Various "assume" methods form the interface for adding constraints to 159ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // symbolic values. A call to 'assume' indicates an assumption being placed 160ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // on one or symbolic values. 'assume' methods take the following inputs: 161ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 162ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // (1) A ProgramState object representing the current state. 163ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 164ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // (2) The assumed constraint (which is specific to a given "assume" method). 165ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 166ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // (3) A binary value "Assumption" that indicates whether the constraint is 167ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // assumed to be true or false. 168ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 169ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // The output of "assume*" is a new ProgramState object with the added constraints. 170ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // If no new state is feasible, NULL is returned. 171ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 172ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 1738bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef assume(DefinedOrUnknownSVal cond, bool assumption) const; 174ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 175ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// This method assumes both "true" and "false" for 'cond', and 176ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// returns both corresponding states. It's shorthand for doing 177ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// 'assume' twice. 1788bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek std::pair<ProgramStateRef , ProgramStateRef > 179ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek assume(DefinedOrUnknownSVal cond) const; 180ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 1818bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef assumeInBound(DefinedOrUnknownSVal idx, 182ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek DefinedOrUnknownSVal upperBound, 183af5f550de34525b27f0ff31dafce792caf8158b6Anna Zaks bool assumption, 184af5f550de34525b27f0ff31dafce792caf8158b6Anna Zaks QualType IndexType = QualType()) const; 185ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 1865f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// Utility method for getting regions. 187ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const VarRegion* getRegion(const VarDecl *D, const LocationContext *LC) const; 188ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 189ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 190ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Binding and retrieving values to/from the environment and symbolic store. 191ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 192ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 1935be88dc79d2768d67371103b6535fb8c4a6f27a1Ted Kremenek /// \brief Create a new state with the specified CompoundLiteral binding. 1945be88dc79d2768d67371103b6535fb8c4a6f27a1Ted Kremenek /// \param CL the compound literal expression (the binding key) 1955be88dc79d2768d67371103b6535fb8c4a6f27a1Ted Kremenek /// \param LC the LocationContext of the binding 1965be88dc79d2768d67371103b6535fb8c4a6f27a1Ted Kremenek /// \param V the value to bind. 1978bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef bindCompoundLiteral(const CompoundLiteralExpr *CL, 1985be88dc79d2768d67371103b6535fb8c4a6f27a1Ted Kremenek const LocationContext *LC, 1995be88dc79d2768d67371103b6535fb8c4a6f27a1Ted Kremenek SVal V) const; 200ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 201ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Create a new state by binding the value 'V' to the statement 'S' in the 202ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// state's environment. 2038bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef BindExpr(const Stmt *S, const LocationContext *LCtx, 2045eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek SVal V, bool Invalidate = true) const; 205ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 20632a549a64922af0903bdb777613ae7ae4490b70fTed Kremenek ProgramStateRef bindLoc(Loc location, 20732a549a64922af0903bdb777613ae7ae4490b70fTed Kremenek SVal V, 20832a549a64922af0903bdb777613ae7ae4490b70fTed Kremenek bool notifyChanges = true) const; 209ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2108bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef bindLoc(SVal location, SVal V) const; 211ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2128bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef bindDefault(SVal loc, SVal V) const; 213ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 21456a46b51df691f857f7120aaf2d4deeff0b014deTed Kremenek ProgramStateRef killBinding(Loc LV) const; 215ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 216bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// \brief Returns the state with bindings for the given regions 217bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// cleared from the store. 218bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// 219bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// Optionally invalidates global regions as well. 220bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// 221bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// \param Regions the set of regions to be invalidated. 222bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// \param E the expression that caused the invalidation. 223bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// \param BlockCount the current basic block count. 224bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// \param ResultsInPointerEscape the flag is set to true when 225bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// the invalidation is due to escape of a symbol (representing a pointer). 226bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// For example, due to it being passed as an argument in a call. 227bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// \param IS the set of invalidated symbols. 228bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// \param If Call is non-null, the invalidated regions were directly 229bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks /// invalidated by the call - as parameters. 2308bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef invalidateRegions(ArrayRef<const MemRegion *> Regions, 231eb31a76d1cdaaf8874c549dc6bd964ff270d3822Anna Zaks const Expr *E, unsigned BlockCount, 2323133f79cf451e6302dd05262b4bb53a3e4fd6300Ted Kremenek const LocationContext *LCtx, 233bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks bool ResultsInPointerEscape, 234bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks InvalidatedSymbols *IS = 0, 235740d490593e0de8732a697c9f77b90ddd463863bJordan Rose const CallEvent *Call = 0) const; 236ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 237ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// enterStackFrame - Returns the state for entry to the given stack frame, 238ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// preserving the current state. 239e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose ProgramStateRef enterStackFrame(const CallEvent &Call, 240e54cfc7b9990acffd0a8a4ba381717b4bb9f3011Jordan Rose const StackFrameContext *CalleeCtx) const; 241ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 242ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Get the lvalue for a variable reference. 243ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Loc getLValue(const VarDecl *D, const LocationContext *LC) const; 244ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 245ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Loc getLValue(const CompoundLiteralExpr *literal, 246ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const LocationContext *LC) const; 247ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 248ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Get the lvalue for an ivar reference. 249ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getLValue(const ObjCIvarDecl *decl, SVal base) const; 250ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 251ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Get the lvalue for a field reference. 252ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getLValue(const FieldDecl *decl, SVal Base) const; 253ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2543a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose /// Get the lvalue for an indirect field reference. 2553a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose SVal getLValue(const IndirectFieldDecl *decl, SVal Base) const; 2563a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose 257ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Get the lvalue for an array index. 258ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getLValue(QualType ElementType, SVal Idx, SVal Base) const; 259ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 260ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Returns the SVal bound to the statement 'S' in the state's environment. 261e5a934d3c840872d58724383a83443ed38f1d831Jordan Rose SVal getSVal(const Stmt *S, const LocationContext *LCtx) const; 262ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2635eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek SVal getSValAsScalarOrLoc(const Stmt *Ex, const LocationContext *LCtx) const; 264ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2654335a48214dcbb258e08c8867c45648e25edb2ecAnna Zaks /// \brief Return the value bound to the specified location. 2664335a48214dcbb258e08c8867c45648e25edb2ecAnna Zaks /// Returns UnknownVal() if none found. 267ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getSVal(Loc LV, QualType T = QualType()) const; 268ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 269ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Returns the "raw" SVal bound to LV before any value simplfication. 270ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getRawSVal(Loc LV, QualType T= QualType()) const; 271ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2724335a48214dcbb258e08c8867c45648e25edb2ecAnna Zaks /// \brief Return the value bound to the specified location. 2734335a48214dcbb258e08c8867c45648e25edb2ecAnna Zaks /// Returns UnknownVal() if none found. 274ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getSVal(const MemRegion* R) const; 275ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 276ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal getSValAsScalarOrLoc(const MemRegion *R) const; 277ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2785f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// \brief Visits the symbols reachable from the given SVal using the provided 2795f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// SymbolVisitor. 2805f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// 2815f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// This is a convenience API. Consider using ScanReachableSymbols class 2825f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// directly when making multiple scans on the same state with the same 2835f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// visitor to avoid repeated initialization cost. 2845f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// \sa ScanReachableSymbols 285ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek bool scanReachableSymbols(SVal val, SymbolVisitor& visitor) const; 286ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2875f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// \brief Visits the symbols reachable from the SVals in the given range 2885f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// using the provided SymbolVisitor. 289ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek bool scanReachableSymbols(const SVal *I, const SVal *E, 290ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SymbolVisitor &visitor) const; 291ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 2925f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// \brief Visits the symbols reachable from the regions in the given 2935f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks /// MemRegions range using the provided SymbolVisitor. 294ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek bool scanReachableSymbols(const MemRegion * const *I, 295ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const MemRegion * const *E, 296ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SymbolVisitor &visitor) const; 297ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 298ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename CB> CB scanReachableSymbols(SVal val) const; 299ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename CB> CB scanReachableSymbols(const SVal *beg, 300ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const SVal *end) const; 301ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 302ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename CB> CB 303ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek scanReachableSymbols(const MemRegion * const *beg, 304ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const MemRegion * const *end) const; 305ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 306ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks /// Create a new state in which the statement is marked as tainted. 3078bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef addTaint(const Stmt *S, const LocationContext *LCtx, 308ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks TaintTagType Kind = TaintTagGeneric) const; 309ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks 310ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks /// Create a new state in which the symbol is marked as tainted. 3118bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef addTaint(SymbolRef S, 312ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks TaintTagType Kind = TaintTagGeneric) const; 313ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks 31428fd98d66dab4569316de2b5881d91b534a42461Anna Zaks /// Create a new state in which the region symbol is marked as tainted. 3158bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef addTaint(const MemRegion *R, 31628fd98d66dab4569316de2b5881d91b534a42461Anna Zaks TaintTagType Kind = TaintTagGeneric) const; 31728fd98d66dab4569316de2b5881d91b534a42461Anna Zaks 318ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks /// Check if the statement is tainted in the current state. 3195eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek bool isTainted(const Stmt *S, const LocationContext *LCtx, 3205eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek TaintTagType Kind = TaintTagGeneric) const; 321ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks bool isTainted(SVal V, TaintTagType Kind = TaintTagGeneric) const; 3229f03b62036a7abc0a227b17f4a49b9eefced9450Anna Zaks bool isTainted(SymbolRef Sym, TaintTagType Kind = TaintTagGeneric) const; 323dcf06fa1fbb9c018e152629ef3f3fa7b1acffe7aAnna Zaks bool isTainted(const MemRegion *Reg, TaintTagType Kind=TaintTagGeneric) const; 324ceac1d6e0521161adf7ac9834b1a7ad79d73fea4Anna Zaks 325c7ecc43c33a21b82c49664910b19fcc1f555aa51Anna Zaks /// \brief Get dynamic type information for a region. 3262d18419a7c8f9a2975d4ed74a202de6467308ad1Anna Zaks DynamicTypeInfo getDynamicTypeInfo(const MemRegion *Reg) const; 327c7ecc43c33a21b82c49664910b19fcc1f555aa51Anna Zaks 328d4fe57f7f7a8793227effc1274d70ec44cee9a4fAnna Zaks /// \brief Set dynamic type information of the region; return the new state. 329d4fe57f7f7a8793227effc1274d70ec44cee9a4fAnna Zaks ProgramStateRef setDynamicTypeInfo(const MemRegion *Reg, 330c7ecc43c33a21b82c49664910b19fcc1f555aa51Anna Zaks DynamicTypeInfo NewTy) const; 331c7ecc43c33a21b82c49664910b19fcc1f555aa51Anna Zaks 332d4fe57f7f7a8793227effc1274d70ec44cee9a4fAnna Zaks /// \brief Set dynamic type information of the region; return the new state. 333d4fe57f7f7a8793227effc1274d70ec44cee9a4fAnna Zaks ProgramStateRef setDynamicTypeInfo(const MemRegion *Reg, 33454918ba02ba900c0e0bb4fd3d749b6b1ac4e50a9Anna Zaks QualType NewTy, 33554918ba02ba900c0e0bb4fd3d749b6b1ac4e50a9Anna Zaks bool CanBeSubClassed = true) const { 33654918ba02ba900c0e0bb4fd3d749b6b1ac4e50a9Anna Zaks return setDynamicTypeInfo(Reg, DynamicTypeInfo(NewTy, CanBeSubClassed)); 337c7ecc43c33a21b82c49664910b19fcc1f555aa51Anna Zaks } 3382d18419a7c8f9a2975d4ed74a202de6467308ad1Anna Zaks 339ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 340ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Accessing the Generic Data Map (GDM). 341ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 342ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 343ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void *const* FindGDM(void *K) const; 344ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 345ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 3468bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef add(typename ProgramStateTrait<T>::key_type K) const; 347ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 348ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 349ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::data_type 350ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek get() const { 351ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return ProgramStateTrait<T>::MakeData(FindGDM(ProgramStateTrait<T>::GDMIndex())); 352ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 353ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 354ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 355ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::lookup_type 356ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek get(typename ProgramStateTrait<T>::key_type key) const { 357ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void *const* d = FindGDM(ProgramStateTrait<T>::GDMIndex()); 358ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return ProgramStateTrait<T>::Lookup(ProgramStateTrait<T>::MakeData(d), key); 359ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 360ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 361ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 362ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type get_context() const; 363ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 364ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 365ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 3668bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef remove(typename ProgramStateTrait<T>::key_type K) const; 367ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 368ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 3698bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef remove(typename ProgramStateTrait<T>::key_type K, 370ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) const; 371ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 3728bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef remove() const; 373ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 374ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 3758bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef set(typename ProgramStateTrait<T>::data_type D) const; 376ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 377ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 3788bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef set(typename ProgramStateTrait<T>::key_type K, 379ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::value_type E) const; 380ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 381ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 3828bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef set(typename ProgramStateTrait<T>::key_type K, 383ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::value_type E, 384ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) const; 385ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 386ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 387ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek bool contains(typename ProgramStateTrait<T>::key_type key) const { 388ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void *const* d = FindGDM(ProgramStateTrait<T>::GDMIndex()); 389ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return ProgramStateTrait<T>::Contains(ProgramStateTrait<T>::MakeData(d), key); 390ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 391ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 392ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Pretty-printing. 3935eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek void print(raw_ostream &Out, const char *nl = "\n", 394ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const char *sep = "") const; 3955eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek void printDOT(raw_ostream &Out) const; 396be97b7edb112520d764c24e8b9a159cdc692bcb6Anna Zaks void printTaint(raw_ostream &Out, const char *nl = "\n", 397be97b7edb112520d764c24e8b9a159cdc692bcb6Anna Zaks const char *sep = "") const; 398ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 399d0167853f46cc78787b06255a44f9dcedd04a8ecAnna Zaks void dump() const; 400be97b7edb112520d764c24e8b9a159cdc692bcb6Anna Zaks void dumpTaint() const; 401d0167853f46cc78787b06255a44f9dcedd04a8ecAnna Zaks 402ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekprivate: 403a5888f61be9f8d76e9b48a453dbced50523bd2e0Argyrios Kyrtzidis friend void ProgramStateRetain(const ProgramState *state); 404a5888f61be9f8d76e9b48a453dbced50523bd2e0Argyrios Kyrtzidis friend void ProgramStateRelease(const ProgramState *state); 405ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 4068bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef 407537716ad8dd10f984b6cfe6985afade1185c5e3cJordy Rose invalidateRegionsImpl(ArrayRef<const MemRegion *> Regions, 408537716ad8dd10f984b6cfe6985afade1185c5e3cJordy Rose const Expr *E, unsigned BlockCount, 4093133f79cf451e6302dd05262b4bb53a3e4fd6300Ted Kremenek const LocationContext *LCtx, 410bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks bool ResultsInSymbolEscape, 411bf53dfac8195835028bd6347433f7dbebcc29fc1Anna Zaks InvalidatedSymbols &IS, 412740d490593e0de8732a697c9f77b90ddd463863bJordan Rose const CallEvent *Call) const; 413ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek}; 414ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 415ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 416ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// ProgramStateManager - Factory object for ProgramStates. 417ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 418ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 419ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekclass ProgramStateManager { 420ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek friend class ProgramState; 421a5888f61be9f8d76e9b48a453dbced50523bd2e0Argyrios Kyrtzidis friend void ProgramStateRelease(const ProgramState *state); 422ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekprivate: 423ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Eng - The SubEngine that owns this state manager. 424ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SubEngine *Eng; /* Can be null. */ 425ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 426ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek EnvironmentManager EnvMgr; 4276f42b62b6194f53bcbc349f5d17388e1936535d7Dylan Noblesmith OwningPtr<StoreManager> StoreMgr; 4286f42b62b6194f53bcbc349f5d17388e1936535d7Dylan Noblesmith OwningPtr<ConstraintManager> ConstraintMgr; 429ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 430ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramState::GenericDataMap::Factory GDMFactory; 431ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 432ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typedef llvm::DenseMap<void*,std::pair<void*,void (*)(void*)> > GDMContextsTy; 433ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek GDMContextsTy GDMContexts; 434ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 435ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// StateSet - FoldingSet containing all the states created for analyzing 436ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// a particular function. This is used to unique states. 437ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek llvm::FoldingSet<ProgramState> StateSet; 438ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 439ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// Object that manages the data for all created SVals. 4406f42b62b6194f53bcbc349f5d17388e1936535d7Dylan Noblesmith OwningPtr<SValBuilder> svalBuilder; 441ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 442972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose /// Manages memory for created CallEvents. 443972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose OwningPtr<CallEventManager> CallEventMgr; 444972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 445ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// A BumpPtrAllocator to allocate states. 446ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek llvm::BumpPtrAllocator &Alloc; 447ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 448ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek /// A vector of ProgramStates that we can reuse. 449ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek std::vector<ProgramState *> freeStates; 450ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 451ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekpublic: 452ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateManager(ASTContext &Ctx, 453ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek StoreManagerCreator CreateStoreManager, 454ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ConstraintManagerCreator CreateConstraintManager, 455ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek llvm::BumpPtrAllocator& alloc, 456ca5d78d0bc3010164f2f9682967d64d7e305a167Jordan Rose SubEngine *subeng); 457ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 458ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ~ProgramStateManager(); 459ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 4608bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef getInitialState(const LocationContext *InitLoc); 461ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 462ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ASTContext &getContext() { return svalBuilder->getContext(); } 463ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const ASTContext &getContext() const { return svalBuilder->getContext(); } 464ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 465ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek BasicValueFactory &getBasicVals() { 466ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return svalBuilder->getBasicValueFactory(); 467ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 468ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 469ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SValBuilder &getSValBuilder() { 470ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return *svalBuilder; 471ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 472ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 473ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SymbolManager &getSymbolManager() { 474ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return svalBuilder->getSymbolManager(); 475ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 476ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const SymbolManager &getSymbolManager() const { 477ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return svalBuilder->getSymbolManager(); 478ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 479ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 480ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek llvm::BumpPtrAllocator& getAllocator() { return Alloc; } 481ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 482ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek MemRegionManager& getRegionManager() { 483ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return svalBuilder->getRegionManager(); 484ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 485ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const MemRegionManager& getRegionManager() const { 486ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return svalBuilder->getRegionManager(); 487ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 488ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 489972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose CallEventManager &getCallEventManager() { return *CallEventMgr; } 490972a3680bdd95f2e9d6316b391f1c47513dc78ccJordan Rose 491ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek StoreManager& getStoreManager() { return *StoreMgr; } 492ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ConstraintManager& getConstraintManager() { return *ConstraintMgr; } 493ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SubEngine* getOwningEngine() { return Eng; } 494ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 4958bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef removeDeadBindings(ProgramStateRef St, 496ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const StackFrameContext *LCtx, 497ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SymbolReaper& SymReaper); 498ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 499ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekpublic: 500ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 501ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek SVal ArrayToPointer(Loc Array) { 502ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return StoreMgr->ArrayToPointer(Array); 503ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 504ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 505ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Methods that manipulate the GDM. 5068bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef addGDM(ProgramStateRef St, void *Key, void *Data); 5078bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef removeGDM(ProgramStateRef state, void *Key); 508ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 509ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Methods that query & manipulate the Store. 510ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 5118bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek void iterBindings(ProgramStateRef state, StoreManager::BindingsHandler& F) { 512ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek StoreMgr->iterBindings(state->getStore(), F); 513ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 514ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 5158bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef getPersistentState(ProgramState &Impl); 5168bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef getPersistentStateWithGDM(ProgramStateRef FromState, 5178bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef GDMState); 518ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 5198bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek bool haveEqualEnvironments(ProgramStateRef S1, ProgramStateRef S2) { 520ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return S1->Env == S2->Env; 521ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 522ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 5238bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek bool haveEqualStores(ProgramStateRef S1, ProgramStateRef S2) { 524ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return S1->store == S2->store; 525ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 526ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 527ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 528ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Generic Data Map methods. 529ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek //==---------------------------------------------------------------------==// 530ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 531ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // ProgramStateManager and ProgramState support a "generic data map" that allows 532ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // different clients of ProgramState objects to embed arbitrary data within a 533ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // ProgramState object. The generic data map is essentially an immutable map 534ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // from a "tag" (that acts as the "key" for a client) and opaque values. 535ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Tags/keys and values are simply void* values. The typical way that clients 536ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // generate unique tags are by taking the address of a static variable. 537ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Clients are responsible for ensuring that data values referred to by a 538ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // the data pointer are immutable (and thus are essentially purely functional 539ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // data). 540ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 541ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // The templated methods below use the ProgramStateTrait<T> class 542ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // to resolve keys into the GDM and to return data values to clients. 543ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // 544ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 545ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek // Trait based GDM dispatch. 546ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 5478bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef set(ProgramStateRef st, typename ProgramStateTrait<T>::data_type D) { 548ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return addGDM(st, ProgramStateTrait<T>::GDMIndex(), 549ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateTrait<T>::MakeVoidPtr(D)); 550ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 551ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 552ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template<typename T> 5538bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef set(ProgramStateRef st, 554ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::key_type K, 555ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::value_type V, 556ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) { 557ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 558ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return addGDM(st, ProgramStateTrait<T>::GDMIndex(), 559ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateTrait<T>::MakeVoidPtr(ProgramStateTrait<T>::Set(st->get<T>(), K, V, C))); 560ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 561ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 562ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 5638bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef add(ProgramStateRef st, 564ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::key_type K, 565ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) { 566ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return addGDM(st, ProgramStateTrait<T>::GDMIndex(), 567ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateTrait<T>::MakeVoidPtr(ProgramStateTrait<T>::Add(st->get<T>(), K, C))); 568ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 569ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 570ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 5718bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef remove(ProgramStateRef st, 572ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::key_type K, 573ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) { 574ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 575ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return addGDM(st, ProgramStateTrait<T>::GDMIndex(), 576ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateTrait<T>::MakeVoidPtr(ProgramStateTrait<T>::Remove(st->get<T>(), K, C))); 577ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 578ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 579ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 5808bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef remove(ProgramStateRef st) { 581ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return removeGDM(st, ProgramStateTrait<T>::GDMIndex()); 582ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 583ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 584ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void *FindGDMContext(void *index, 585ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void *(*CreateContext)(llvm::BumpPtrAllocator&), 586ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void (*DeleteContext)(void*)); 587ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 588ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek template <typename T> 589ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type get_context() { 590ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek void *p = FindGDMContext(ProgramStateTrait<T>::GDMIndex(), 591ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateTrait<T>::CreateContext, 592ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ProgramStateTrait<T>::DeleteContext); 593ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 594ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return ProgramStateTrait<T>::MakeContext(p); 595ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 596ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 5978bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek void EndPath(ProgramStateRef St) { 598ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek ConstraintMgr->EndPath(St); 599ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 600ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek}; 601ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 602ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 603ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 604ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek// Out-of-line method definitions for ProgramState. 605ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek//===----------------------------------------------------------------------===// 606ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 60747cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenekinline ConstraintManager &ProgramState::getConstraintManager() const { 60847cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek return stateMgr->getConstraintManager(); 60947cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek} 61047cbd0f3892c7965cf16a58393f9f17a22d4d4d9Ted Kremenek 611ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline const VarRegion* ProgramState::getRegion(const VarDecl *D, 6125eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek const LocationContext *LC) const 6135eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek{ 614ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().getRegionManager().getVarRegion(D, LC); 615ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 616ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 6178bef8238181a30e52dea380789a7e2d760eac532Ted Kremenekinline ProgramStateRef ProgramState::assume(DefinedOrUnknownSVal Cond, 618ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek bool Assumption) const { 619ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek if (Cond.isUnknown()) 620ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return this; 621ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 622ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().ConstraintMgr->assume(this, cast<DefinedSVal>(Cond), 623ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek Assumption); 624ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 625ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 6268bef8238181a30e52dea380789a7e2d760eac532Ted Kremenekinline std::pair<ProgramStateRef , ProgramStateRef > 627ae160f880d183ab938fd7ce3b891694ae2f569c0Ted KremenekProgramState::assume(DefinedOrUnknownSVal Cond) const { 628ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek if (Cond.isUnknown()) 629ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return std::make_pair(this, this); 630ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 631ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().ConstraintMgr->assumeDual(this, 632ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek cast<DefinedSVal>(Cond)); 633ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 634ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 6358bef8238181a30e52dea380789a7e2d760eac532Ted Kremenekinline ProgramStateRef ProgramState::bindLoc(SVal LV, SVal V) const { 636ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return !isa<Loc>(LV) ? this : bindLoc(cast<Loc>(LV), V); 637ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 638ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 639ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline Loc ProgramState::getLValue(const VarDecl *VD, 640ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const LocationContext *LC) const { 641ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().StoreMgr->getLValueVar(VD, LC); 642ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 643ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 644ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline Loc ProgramState::getLValue(const CompoundLiteralExpr *literal, 645ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const LocationContext *LC) const { 646ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().StoreMgr->getLValueCompoundLiteral(literal, LC); 647ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 648ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 649ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline SVal ProgramState::getLValue(const ObjCIvarDecl *D, SVal Base) const { 650ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().StoreMgr->getLValueIvar(D, Base); 651ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 652ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 653ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline SVal ProgramState::getLValue(const FieldDecl *D, SVal Base) const { 654ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().StoreMgr->getLValueField(D, Base); 655ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 656ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 6573a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Roseinline SVal ProgramState::getLValue(const IndirectFieldDecl *D, 6583a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose SVal Base) const { 6593a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose StoreManager &SM = *getStateManager().StoreMgr; 6603a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose for (IndirectFieldDecl::chain_iterator I = D->chain_begin(), 6613a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose E = D->chain_end(); 6623a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose I != E; ++I) { 6633a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose Base = SM.getLValueField(cast<FieldDecl>(*I), Base); 6643a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose } 6653a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose 6663a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose return Base; 6673a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose} 6683a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861eJordan Rose 669ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline SVal ProgramState::getLValue(QualType ElementType, SVal Idx, SVal Base) const{ 670ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek if (NonLoc *N = dyn_cast<NonLoc>(&Idx)) 671ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().StoreMgr->getLValueElement(ElementType, *N, Base); 672ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return UnknownVal(); 673ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 674ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 675e5a934d3c840872d58724383a83443ed38f1d831Jordan Roseinline SVal ProgramState::getSVal(const Stmt *Ex, 676e5a934d3c840872d58724383a83443ed38f1d831Jordan Rose const LocationContext *LCtx) const{ 6775eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek return Env.getSVal(EnvironmentEntry(Ex, LCtx), 678e5a934d3c840872d58724383a83443ed38f1d831Jordan Rose *getStateManager().svalBuilder); 679ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 680ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 6815eca482fe895ea57bc82410222e6426c09e63284Ted Kremenekinline SVal 6825eca482fe895ea57bc82410222e6426c09e63284Ted KremenekProgramState::getSValAsScalarOrLoc(const Stmt *S, 6835eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek const LocationContext *LCtx) const { 684ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek if (const Expr *Ex = dyn_cast<Expr>(S)) { 685ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek QualType T = Ex->getType(); 686591b5f53c0e11d87401b4804bb1be1a53f95c619Anna Zaks if (Ex->isGLValue() || Loc::isLocType(T) || T->isIntegerType()) 6875eca482fe895ea57bc82410222e6426c09e63284Ted Kremenek return getSVal(S, LCtx); 688ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek } 689ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 690ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return UnknownVal(); 691ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 692ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 693ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline SVal ProgramState::getRawSVal(Loc LV, QualType T) const { 6941437425a62dbf7bdb0a855d3ed3b05ed2019ec1eAnna Zaks return getStateManager().StoreMgr->getBinding(getStore(), LV, T); 695ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 696ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 697ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline SVal ProgramState::getSVal(const MemRegion* R) const { 6981437425a62dbf7bdb0a855d3ed3b05ed2019ec1eAnna Zaks return getStateManager().StoreMgr->getBinding(getStore(), 6991437425a62dbf7bdb0a855d3ed3b05ed2019ec1eAnna Zaks loc::MemRegionVal(R)); 700ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 701ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 702ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline BasicValueFactory &ProgramState::getBasicVals() const { 703ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().getBasicVals(); 704ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 705ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 706ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenekinline SymbolManager &ProgramState::getSymbolManager() const { 707ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().getSymbolManager(); 708ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 709ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 710ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate<typename T> 7118bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::add(typename ProgramStateTrait<T>::key_type K) const { 712ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().add<T>(this, K, get_context<T>()); 713ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 714ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 715ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename T> 716ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektypename ProgramStateTrait<T>::context_type ProgramState::get_context() const { 717ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().get_context<T>(); 718ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 719ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 720ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate<typename T> 7218bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::remove(typename ProgramStateTrait<T>::key_type K) const { 722ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().remove<T>(this, K, get_context<T>()); 723ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 724ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 725ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate<typename T> 7268bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::remove(typename ProgramStateTrait<T>::key_type K, 727ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) const { 728ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().remove<T>(this, K, C); 729ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 730ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 731ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename T> 7328bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::remove() const { 733ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().remove<T>(this); 734ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 735ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 736ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate<typename T> 7378bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::set(typename ProgramStateTrait<T>::data_type D) const { 738ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().set<T>(this, D); 739ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 740ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 741ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate<typename T> 7428bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::set(typename ProgramStateTrait<T>::key_type K, 743ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::value_type E) const { 744ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().set<T>(this, K, E, get_context<T>()); 745ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 746ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 747ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate<typename T> 7488bef8238181a30e52dea380789a7e2d760eac532Ted KremenekProgramStateRef ProgramState::set(typename ProgramStateTrait<T>::key_type K, 749ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::value_type E, 750ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek typename ProgramStateTrait<T>::context_type C) const { 751ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return getStateManager().set<T>(this, K, E, C); 752ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 753ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 754ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename CB> 755ae160f880d183ab938fd7ce3b891694ae2f569c0Ted KremenekCB ProgramState::scanReachableSymbols(SVal val) const { 756ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek CB cb(this); 757ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek scanReachableSymbols(val, cb); 758ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return cb; 759ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 760ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 761ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename CB> 762ae160f880d183ab938fd7ce3b891694ae2f569c0Ted KremenekCB ProgramState::scanReachableSymbols(const SVal *beg, const SVal *end) const { 763ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek CB cb(this); 764ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek scanReachableSymbols(beg, end, cb); 765ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return cb; 766ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 767ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 768ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenektemplate <typename CB> 769ae160f880d183ab938fd7ce3b891694ae2f569c0Ted KremenekCB ProgramState::scanReachableSymbols(const MemRegion * const *beg, 770ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek const MemRegion * const *end) const { 771ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek CB cb(this); 772ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek scanReachableSymbols(beg, end, cb); 773ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek return cb; 774ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} 775ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 7765f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks/// \class ScanReachableSymbols 7775f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks/// A Utility class that allows to visit the reachable symbols using a custom 7785f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks/// SymbolVisitor. 779e0d24eb1060a213ec9820dc02c45f26b2d5b348bJordan Roseclass ScanReachableSymbols { 7805f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks typedef llvm::DenseMap<const void*, unsigned> VisitedItems; 7815f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks 7825f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks VisitedItems visited; 7838bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ProgramStateRef state; 7845f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks SymbolVisitor &visitor; 7855f625712f622f6e57de17b6f7eec242956b993eeAnna Zakspublic: 7865f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks 7878bef8238181a30e52dea380789a7e2d760eac532Ted Kremenek ScanReachableSymbols(ProgramStateRef st, SymbolVisitor& v) 7885f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks : state(st), visitor(v) {} 7895f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks 7905f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks bool scan(nonloc::CompoundVal val); 7915f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks bool scan(SVal val); 7925f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks bool scan(const MemRegion *R); 7935f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks bool scan(const SymExpr *sym); 7945f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks}; 7955f625712f622f6e57de17b6f7eec242956b993eeAnna Zaks 796e54778d77d4f2b2d006bdb7e16f49271e1e9d13dAnna Zaks} // end ento namespace 797ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 798ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek} // end clang namespace 799ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek 800ae160f880d183ab938fd7ce3b891694ae2f569c0Ted Kremenek#endif 801