diff options
Diffstat (limited to 'lib/Analysis')
| -rw-r--r-- | lib/Analysis/BasicStore.cpp | 28 | ||||
| -rw-r--r-- | lib/Analysis/CFRefCount.cpp | 10 | ||||
| -rw-r--r-- | lib/Analysis/Environment.cpp | 15 | ||||
| -rw-r--r-- | lib/Analysis/GRExprEngine.cpp | 40 | ||||
| -rw-r--r-- | lib/Analysis/GRExprEngineInternalChecks.cpp | 4 | ||||
| -rw-r--r-- | lib/Analysis/GRSimpleVals.cpp | 23 | ||||
| -rw-r--r-- | lib/Analysis/MemRegion.cpp | 254 | ||||
| -rw-r--r-- | lib/Analysis/RegionStore.cpp | 99 | ||||
| -rw-r--r-- | lib/Analysis/SVals.cpp | 174 | ||||
| -rw-r--r-- | lib/Analysis/ValueManager.cpp | 125 |
10 files changed, 303 insertions, 469 deletions
diff --git a/lib/Analysis/BasicStore.cpp b/lib/Analysis/BasicStore.cpp index fcb405d..6b346cd 100644 --- a/lib/Analysis/BasicStore.cpp +++ b/lib/Analysis/BasicStore.cpp @@ -63,7 +63,7 @@ public: // FIXME: Investigate what is using this. This method should be removed. virtual Loc getLoc(const VarDecl* VD) { - return Loc::MakeVal(MRMgr.getVarRegion(VD)); + return ValMgr.makeLoc(MRMgr.getVarRegion(VD)); } const GRState *BindCompoundLiteral(const GRState *state, @@ -126,17 +126,17 @@ StoreManager* clang::CreateBasicStoreManager(GRStateManager& StMgr) { } SVal BasicStoreManager::getLValueVar(const GRState *state, const VarDecl* VD) { - return Loc::MakeVal(MRMgr.getVarRegion(VD)); + return ValMgr.makeLoc(MRMgr.getVarRegion(VD)); } SVal BasicStoreManager::getLValueString(const GRState *state, const StringLiteral* S) { - return Loc::MakeVal(MRMgr.getStringRegion(S)); + return ValMgr.makeLoc(MRMgr.getStringRegion(S)); } SVal BasicStoreManager::getLValueCompoundLiteral(const GRState *state, const CompoundLiteralExpr* CL){ - return Loc::MakeVal(MRMgr.getCompoundLiteralRegion(CL)); + return ValMgr.makeLoc(MRMgr.getCompoundLiteralRegion(CL)); } SVal BasicStoreManager::getLValueIvar(const GRState *state, const ObjCIvarDecl* D, @@ -151,7 +151,7 @@ SVal BasicStoreManager::getLValueIvar(const GRState *state, const ObjCIvarDecl* const MemRegion *BaseR = cast<loc::MemRegionVal>(BaseL).getRegion(); if (BaseR == SelfRegion) - return loc::MemRegionVal(MRMgr.getObjCIvarRegion(D, BaseR)); + return ValMgr.makeLoc(MRMgr.getObjCIvarRegion(D, BaseR)); } return UnknownVal(); @@ -186,7 +186,7 @@ SVal BasicStoreManager::getLValueField(const GRState *state, SVal Base, return Base; } - return Loc::MakeVal(MRMgr.getFieldRegion(D, BaseR)); + return ValMgr.makeLoc(MRMgr.getFieldRegion(D, BaseR)); } SVal BasicStoreManager::getLValueElement(const GRState *state, @@ -242,8 +242,8 @@ SVal BasicStoreManager::getLValueElement(const GRState *state, } if (BaseR) - return Loc::MakeVal(MRMgr.getElementRegion(elementType, UnknownVal(), - BaseR, getContext())); + return ValMgr.makeLoc(MRMgr.getElementRegion(elementType, UnknownVal(), + BaseR, getContext())); else return UnknownVal(); } @@ -351,7 +351,7 @@ Store BasicStoreManager::BindInternal(Store store, Loc loc, SVal V) { // are incompatible. This may also cause lots of breakage // elsewhere. Food for thought. if (const TypedRegion *TyR = dyn_cast<TypedRegion>(R)) { - if (TyR->isBoundable(C) && + if (TyR->isBoundable() && Loc::IsLocType(TyR->getValueType(C))) V = X->getLoc(); } @@ -456,7 +456,7 @@ BasicStoreManager::RemoveDeadBindings(const GRState *state, Stmt* Loc, const MemRegion* R = I.getKey(); if (!Marked.count(R)) { - store = Remove(store, Loc::MakeVal(R)); + store = Remove(store, ValMgr.makeLoc(R)); SVal X = I.getData(); for (symbol_iterator SI=X.symbol_begin(), SE=X.symbol_end(); SI!=SE; ++SI) @@ -483,7 +483,7 @@ Store BasicStoreManager::scanForIvars(Stmt *B, const Decl* SelfDecl, Store St) { const MemRegion *IVR = MRMgr.getObjCIvarRegion(IV->getDecl(), SelfRegion); SVal X = ValMgr.getRegionValueSymbolVal(IVR); - St = BindInternal(St, Loc::MakeVal(IVR), X); + St = BindInternal(St, ValMgr.makeLoc(IVR), X); } } } @@ -515,8 +515,8 @@ Store BasicStoreManager::getInitialStore() { SelfRegion = MRMgr.getObjCObjectRegion(MD->getClassInterface(), MRMgr.getHeapRegion()); - St = BindInternal(St, Loc::MakeVal(MRMgr.getVarRegion(PD)), - Loc::MakeVal(SelfRegion)); + St = BindInternal(St, ValMgr.makeLoc(MRMgr.getVarRegion(PD)), + ValMgr.makeLoc(SelfRegion)); // Scan the method for ivar references. While this requires an // entire AST scan, the cost should not be high in practice. @@ -541,7 +541,7 @@ Store BasicStoreManager::getInitialStore() { ? ValMgr.getRegionValueSymbolVal(R) : UndefinedVal(); - St = BindInternal(St, Loc::MakeVal(R), X); + St = BindInternal(St, ValMgr.makeLoc(R), X); } } return St; diff --git a/lib/Analysis/CFRefCount.cpp b/lib/Analysis/CFRefCount.cpp index c58ceb4..1ccd092 100644 --- a/lib/Analysis/CFRefCount.cpp +++ b/lib/Analysis/CFRefCount.cpp @@ -2835,7 +2835,7 @@ void CFRefCount::EvalSummary(ExplodedNodeSet<GRState>& Dst, // Remove any existing reference-count binding. if (Sym) state = state->remove<RefBindings>(Sym); - if (R->isBoundable(Ctx)) { + if (R->isBoundable()) { // Set the value of the variable to be a conjured symbol. unsigned Count = Builder.getCurrentBlockCount(); QualType T = R->getValueType(Ctx); @@ -2843,7 +2843,7 @@ void CFRefCount::EvalSummary(ExplodedNodeSet<GRState>& Dst, if (Loc::IsLocType(T) || (T->isIntegerType() && T->isScalarType())){ ValueManager &ValMgr = Eng.getValueManager(); SVal V = ValMgr.getConjuredSymbolVal(*I, T, Count); - state = state->bindLoc(Loc::MakeVal(R), V); + state = state->bindLoc(ValMgr.makeLoc(R), V); } else if (const RecordType *RT = T->getAsStructureType()) { // Handle structs in a not so awesome way. Here we just @@ -2873,7 +2873,7 @@ void CFRefCount::EvalSummary(ExplodedNodeSet<GRState>& Dst, const FieldRegion* FR = MRMgr.getFieldRegion(FD, R); SVal V = ValMgr.getConjuredSymbolVal(*I, FT, Count); - state = state->bindLoc(Loc::MakeVal(FR), V); + state = state->bindLoc(ValMgr.makeLoc(FR), V); } } } else if (const ArrayType *AT = Ctx.getAsArrayType(T)) { @@ -2987,7 +2987,7 @@ void CFRefCount::EvalSummary(ExplodedNodeSet<GRState>& Dst, QualType RetT = GetReturnType(Ex, ValMgr.getContext()); state = state->set<RefBindings>(Sym, RefVal::makeOwned(RE.getObjKind(), RetT)); - state = state->bindExpr(Ex, ValMgr.makeRegionVal(Sym), false); + state = state->bindExpr(Ex, ValMgr.makeLoc(Sym), false); // FIXME: Add a flag to the checker where allocations are assumed to // *not fail. @@ -3010,7 +3010,7 @@ void CFRefCount::EvalSummary(ExplodedNodeSet<GRState>& Dst, QualType RetT = GetReturnType(Ex, ValMgr.getContext()); state = state->set<RefBindings>(Sym, RefVal::makeNotOwned(RE.getObjKind(), RetT)); - state = state->bindExpr(Ex, ValMgr.makeRegionVal(Sym), false); + state = state->bindExpr(Ex, ValMgr.makeLoc(Sym), false); break; } } diff --git a/lib/Analysis/Environment.cpp b/lib/Analysis/Environment.cpp index 7ada6d8..2b751df 100644 --- a/lib/Analysis/Environment.cpp +++ b/lib/Analysis/Environment.cpp @@ -18,14 +18,14 @@ using namespace clang; -SVal Environment::GetSVal(const Stmt *E, BasicValueFactory& BasicVals) const { +SVal Environment::GetSVal(const Stmt *E, ValueManager& ValMgr) const { for (;;) { switch (E->getStmtClass()) { case Stmt::AddrLabelExprClass: - return Loc::MakeVal(cast<AddrLabelExpr>(E)); + return ValMgr.makeLoc(cast<AddrLabelExpr>(E)); // ParenExprs are no-ops. @@ -35,11 +35,11 @@ SVal Environment::GetSVal(const Stmt *E, BasicValueFactory& BasicVals) const { case Stmt::CharacterLiteralClass: { const CharacterLiteral* C = cast<CharacterLiteral>(E); - return NonLoc::MakeVal(BasicVals, C->getValue(), C->getType()); + return ValMgr.makeIntVal(C->getValue(), C->getType()); } case Stmt::IntegerLiteralClass: { - return NonLoc::MakeVal(BasicVals, cast<IntegerLiteral>(E)); + return ValMgr.makeIntVal(cast<IntegerLiteral>(E)); } // Casts where the source and target type are the same @@ -69,8 +69,7 @@ SVal Environment::GetSVal(const Stmt *E, BasicValueFactory& BasicVals) const { return LookupExpr(E); } -SVal Environment::GetBlkExprSVal(const Stmt *E, - BasicValueFactory& BasicVals) const { +SVal Environment::GetBlkExprSVal(const Stmt *E, ValueManager& ValMgr) const { while (1) { switch (E->getStmtClass()) { @@ -80,11 +79,11 @@ SVal Environment::GetBlkExprSVal(const Stmt *E, case Stmt::CharacterLiteralClass: { const CharacterLiteral* C = cast<CharacterLiteral>(E); - return NonLoc::MakeVal(BasicVals, C->getValue(), C->getType()); + return ValMgr.makeIntVal(C->getValue(), C->getType()); } case Stmt::IntegerLiteralClass: { - return NonLoc::MakeVal(BasicVals, cast<IntegerLiteral>(E)); + return ValMgr.makeIntVal(cast<IntegerLiteral>(E)); } default: diff --git a/lib/Analysis/GRExprEngine.cpp b/lib/Analysis/GRExprEngine.cpp index 87432d4..d5f0e40 100644 --- a/lib/Analysis/GRExprEngine.cpp +++ b/lib/Analysis/GRExprEngine.cpp @@ -905,16 +905,19 @@ void GRExprEngine::VisitLogicalExpr(BinaryOperator* B, NodeTy* Pred, // this right now, and since most logical expressions are used for branches, // the payoff is not likely to be large. Instead, we do eager evaluation. if (const GRState *newState = state->assume(X, true)) - MakeNode(Dst, B, Pred, newState->bindBlkExpr(B, MakeConstantVal(1U, B))); + MakeNode(Dst, B, Pred, + newState->bindBlkExpr(B, ValMgr.makeIntVal(1U, B->getType()))); if (const GRState *newState = state->assume(X, false)) - MakeNode(Dst, B, Pred, newState->bindBlkExpr(B, MakeConstantVal(0U, B))); + MakeNode(Dst, B, Pred, + newState->bindBlkExpr(B, ValMgr.makeIntVal(0U, B->getType()))); } else { // We took the LHS expression. Depending on whether we are '&&' or // '||' we know what the value of the expression is via properties of // the short-circuiting. - X = MakeConstantVal( B->getOpcode() == BinaryOperator::LAnd ? 0U : 1U, B); + X = ValMgr.makeIntVal(B->getOpcode() == BinaryOperator::LAnd ? 0U : 1U, + B->getType()); MakeNode(Dst, B, Pred, state->bindBlkExpr(B, X)); } } @@ -944,8 +947,7 @@ void GRExprEngine::VisitDeclRefExpr(DeclRefExpr* Ex, NodeTy* Pred, NodeSet& Dst, } else if (const EnumConstantDecl* ED = dyn_cast<EnumConstantDecl>(D)) { assert(!asLValue && "EnumConstantDecl does not have lvalue."); - BasicValueFactory& BasicVals = StateMgr.getBasicVals(); - SVal V = nonloc::ConcreteInt(BasicVals.getValue(ED->getInitVal())); + SVal V = ValMgr.makeIntVal(ED->getInitVal()); MakeNode(Dst, Ex, Pred, state->bindExpr(Ex, V)); return; @@ -1615,14 +1617,16 @@ void GRExprEngine::EvalEagerlyAssume(NodeSet &Dst, NodeSet &Src, Expr *Ex) { if (isa<nonloc::SymExprVal>(V)) { // First assume that the condition is true. if (const GRState *stateTrue = state->assume(V, true)) { - stateTrue = stateTrue->bindExpr(Ex, MakeConstantVal(1U, Ex)); + stateTrue = stateTrue->bindExpr(Ex, + ValMgr.makeIntVal(1U, Ex->getType())); Dst.Add(Builder->generateNode(PostStmtCustom(Ex, &EagerlyAssumeTag), stateTrue, Pred)); } // Next, assume that the condition is false. if (const GRState *stateFalse = state->assume(V, false)) { - stateFalse = stateFalse->bindExpr(Ex, MakeConstantVal(0U, Ex)); + stateFalse = stateFalse->bindExpr(Ex, + ValMgr.makeIntVal(0U, Ex->getType())); Dst.Add(Builder->generateNode(PostStmtCustom(Ex, &EagerlyAssumeTag), stateFalse, Pred)); } @@ -1725,12 +1729,11 @@ void GRExprEngine::VisitObjCForCollectionStmtAux(ObjCForCollectionStmt* S, const GRState *state = GetState(Pred); // Handle the case where the container still has elements. - QualType IntTy = getContext().IntTy; - SVal TrueV = NonLoc::MakeVal(getBasicVals(), 1, IntTy); + SVal TrueV = ValMgr.makeTruthVal(1); const GRState *hasElems = state->bindExpr(S, TrueV); // Handle the case where the container has no elements. - SVal FalseV = NonLoc::MakeVal(getBasicVals(), 0, IntTy); + SVal FalseV = ValMgr.makeTruthVal(0); const GRState *noElems = state->bindExpr(S, FalseV); if (loc::MemRegionVal* MV = dyn_cast<loc::MemRegionVal>(&ElementV)) @@ -1742,11 +1745,11 @@ void GRExprEngine::VisitObjCForCollectionStmtAux(ObjCForCollectionStmt* S, assert (Loc::IsLocType(T)); unsigned Count = Builder->getCurrentBlockCount(); SymbolRef Sym = SymMgr.getConjuredSymbol(elem, T, Count); - SVal V = Loc::MakeVal(getStoreManager().getRegionManager().getSymbolicRegion(Sym)); + SVal V = ValMgr.makeLoc(Sym); hasElems = hasElems->bindLoc(ElementV, V); // Bind the location to 'nil' on the false branch. - SVal nilV = loc::ConcreteInt(getBasicVals().getValue(0, T)); + SVal nilV = ValMgr.makeIntVal(0, T); noElems = noElems->bindLoc(ElementV, nilV); } @@ -2290,7 +2293,7 @@ void GRExprEngine::VisitInitListExpr(InitListExpr* E, NodeTy* Pred, // Handle base case where the initializer has no elements. // e.g: static int* myArray[] = {}; if (NumInitElements == 0) { - SVal V = NonLoc::MakeCompoundVal(T, StartVals, getBasicVals()); + SVal V = ValMgr.makeCompoundVal(T, StartVals); MakeNode(Dst, E, Pred, state->bindExpr(E, V)); return; } @@ -2323,7 +2326,7 @@ void GRExprEngine::VisitInitListExpr(InitListExpr* E, NodeTy* Pred, if (NewItr == ItrEnd) { // Now we have a list holding all init values. Make CompoundValData. - SVal V = NonLoc::MakeCompoundVal(T, NewVals, getBasicVals()); + SVal V = ValMgr.makeCompoundVal(T, NewVals); // Make final state and node. MakeNode(Dst, E, *NI, state->bindExpr(E, V)); @@ -2393,8 +2396,7 @@ void GRExprEngine::VisitSizeOfAlignOfExpr(SizeOfAlignOfExpr* Ex, amt = getContext().getTypeAlign(T) / 8; MakeNode(Dst, Ex, Pred, - GetState(Pred)->bindExpr(Ex, NonLoc::MakeVal(getBasicVals(), amt, - Ex->getType()))); + GetState(Pred)->bindExpr(Ex, ValMgr.makeIntVal(amt, Ex->getType()))); } @@ -2468,7 +2470,7 @@ void GRExprEngine::VisitUnaryOperator(UnaryOperator* U, NodeTy* Pred, // For all other types, UnaryOperator::Float returns 0. assert (Ex->getType()->isIntegerType()); const GRState* state = GetState(*I); - SVal X = NonLoc::MakeVal(getBasicVals(), 0, Ex->getType()); + SVal X = ValMgr.makeZeroVal(Ex->getType()); MakeNode(Dst, U, *I, state->bindExpr(U, X)); } @@ -2571,7 +2573,7 @@ void GRExprEngine::VisitUnaryOperator(UnaryOperator* U, NodeTy* Pred, // transfer functions as "0 == E". if (isa<Loc>(V)) { - Loc X = Loc::MakeNull(getBasicVals()); + Loc X = ValMgr.makeNull(); SVal Result = EvalBinOp(state,BinaryOperator::EQ, cast<Loc>(V), X, U->getType()); state = state->bindExpr(U, Result); @@ -2629,7 +2631,7 @@ void GRExprEngine::VisitUnaryOperator(UnaryOperator* U, NodeTy* Pred, BinaryOperator::Opcode Op = U->isIncrementOp() ? BinaryOperator::Add : BinaryOperator::Sub; - SVal Result = EvalBinOp(state, Op, V2, MakeConstantVal(1U, U), + SVal Result = EvalBinOp(state, Op, V2, ValMgr.makeIntVal(1U,U->getType()), U->getType()); // Conjure a new symbol if necessary to recover precision. diff --git a/lib/Analysis/GRExprEngineInternalChecks.cpp b/lib/Analysis/GRExprEngineInternalChecks.cpp index 7f7270d..13df89e 100644 --- a/lib/Analysis/GRExprEngineInternalChecks.cpp +++ b/lib/Analysis/GRExprEngineInternalChecks.cpp @@ -717,7 +717,7 @@ public: if (isa<loc::ConcreteInt>(V)) { bool b = false; ASTContext &C = BRC.getASTContext(); - if (R->isBoundable(C)) { + if (R->isBoundable()) { if (const TypedRegion *TR = dyn_cast<TypedRegion>(R)) { if (C.isObjCObjectPointerType(TR->getValueType(C))) { os << "initialized to nil"; @@ -748,7 +748,7 @@ public: if (isa<loc::ConcreteInt>(V)) { bool b = false; ASTContext &C = BRC.getASTContext(); - if (R->isBoundable(C)) { + if (R->isBoundable()) { if (const TypedRegion *TR = dyn_cast<TypedRegion>(R)) { if (C.isObjCObjectPointerType(TR->getValueType(C))) { os << "nil object reference stored to "; diff --git a/lib/Analysis/GRSimpleVals.cpp b/lib/Analysis/GRSimpleVals.cpp index 7e54f1a..4806121 100644 --- a/lib/Analysis/GRSimpleVals.cpp +++ b/lib/Analysis/GRSimpleVals.cpp @@ -84,7 +84,7 @@ SVal GRSimpleVals::EvalCast(GRExprEngine& Eng, Loc X, QualType T) { unsigned BitWidth = Eng.getContext().getTypeSize(T); if (!isa<loc::ConcreteInt>(X)) - return nonloc::LocAsInteger::Make(BasicVals, X, BitWidth); + return Eng.getValueManager().makeLocAsInteger(X, BitWidth); llvm::APSInt V = cast<loc::ConcreteInt>(X).getValue(); V.setIsUnsigned(T->isUnsignedIntegerType() || Loc::IsLocType(T)); @@ -133,8 +133,8 @@ SVal GRSimpleVals::DetermEvalBinOpNN(GRExprEngine& Eng, BinaryOperator::Opcode Op, NonLoc L, NonLoc R, QualType T) { - BasicValueFactory& BasicVals = Eng.getBasicVals(); + ValueManager& ValMgr = Eng.getValueManager(); unsigned subkind = L.getSubKind(); while (1) { @@ -157,16 +157,15 @@ SVal GRSimpleVals::DetermEvalBinOpNN(GRExprEngine& Eng, llvm::APSInt V = cast<nonloc::ConcreteInt>(R).getValue(); V.setIsUnsigned(true); V.extOrTrunc(Ctx.getTypeSize(Ctx.VoidPtrTy)); - return EvalBinOp(Eng, Op, LL, - loc::ConcreteInt(BasicVals.getValue(V))); + return EvalBinOp(Eng, Op, LL, ValMgr.makeLoc(V)); } default: switch (Op) { case BinaryOperator::EQ: - return NonLoc::MakeIntTruthVal(BasicVals, false); + return ValMgr.makeTruthVal(false); case BinaryOperator::NE: - return NonLoc::MakeIntTruthVal(BasicVals, true); + return ValMgr.makeTruthVal(true); default: // This case also handles pointer arithmetic. return UnknownVal(); @@ -289,7 +288,7 @@ SVal GRSimpleVals::EvalBinOp(GRExprEngine& Eng, const GRState *state, SVal GRSimpleVals::EvalEquality(GRExprEngine& Eng, Loc L, Loc R, bool isEqual) { - BasicValueFactory& BasicVals = Eng.getBasicVals(); + ValueManager& ValMgr = Eng.getValueManager(); switch (L.getSubKind()) { @@ -307,7 +306,7 @@ SVal GRSimpleVals::EvalEquality(GRExprEngine& Eng, Loc L, Loc R, bool isEqual) { if (!isEqual) b = !b; - return NonLoc::MakeIntTruthVal(BasicVals, b); + return ValMgr.makeTruthVal(b); } else if (SymbolRef Sym = R.getAsSymbol()) { const SymIntExpr * SE = @@ -339,10 +338,10 @@ SVal GRSimpleVals::EvalEquality(GRExprEngine& Eng, Loc L, Loc R, bool isEqual) { // Fall-through. case loc::GotoLabelKind: - return NonLoc::MakeIntTruthVal(BasicVals, isEqual ? L == R : L != R); + return ValMgr.makeTruthVal(isEqual ? L == R : L != R); } - return NonLoc::MakeIntTruthVal(BasicVals, isEqual ? false : true); + return ValMgr.makeTruthVal(isEqual ? false : true); } //===----------------------------------------------------------------------===// @@ -367,8 +366,8 @@ void GRSimpleVals::EvalCall(ExplodedNodeSet<GRState>& Dst, if (isa<loc::MemRegionVal>(V)) { const MemRegion *R = cast<loc::MemRegionVal>(V).getRegion(); - if (R->isBoundable(Eng.getContext())) - St = StateMgr.BindLoc(St, cast<Loc>(V), UnknownVal()); + if (R->isBoundable()) + St = StateMgr.BindLoc(St, cast<Loc>(V), UnknownVal()); } else if (isa<nonloc::LocAsInteger>(V)) St = StateMgr.BindLoc(St, cast<nonloc::LocAsInteger>(V).getLoc(), UnknownVal()); diff --git a/lib/Analysis/MemRegion.cpp b/lib/Analysis/MemRegion.cpp index 9e11a26..9bd93cd 100644 --- a/lib/Analysis/MemRegion.cpp +++ b/lib/Analysis/MemRegion.cpp @@ -18,6 +18,9 @@ using namespace clang; +//===----------------------------------------------------------------------===// +// Basic methods. +//===----------------------------------------------------------------------===// MemRegion::~MemRegion() {} @@ -34,6 +37,19 @@ bool SubRegion::isSubRegionOf(const MemRegion* R) const { return false; } + +MemRegionManager* SubRegion::getMemRegionManager() const { + const SubRegion* r = this; + do { + const MemRegion *superRegion = r->getSuperRegion(); + if (const SubRegion *sr = dyn_cast<SubRegion>(superRegion)) { + r = sr; + continue; + } + return superRegion->getMemRegionManager(); + } while (1); +} + void MemSpaceRegion::Profile(llvm::FoldingSetNodeID& ID) const { ID.AddInteger((unsigned)getKind()); } @@ -47,14 +63,15 @@ void StringRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, } void AllocaRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, - const Expr* Ex, unsigned cnt) { + const Expr* Ex, unsigned cnt, + const MemRegion *) { ID.AddInteger((unsigned) AllocaRegionKind); ID.AddPointer(Ex); ID.AddInteger(cnt); } void AllocaRegion::Profile(llvm::FoldingSetNodeID& ID) const { - ProfileRegion(ID, Ex, Cnt); + ProfileRegion(ID, Ex, Cnt, superRegion); } void TypedViewRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, QualType T, @@ -87,13 +104,15 @@ void DeclRegion::Profile(llvm::FoldingSetNodeID& ID) const { DeclRegion::ProfileRegion(ID, D, superRegion, getKind()); } -void SymbolicRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, SymbolRef sym) { +void SymbolicRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, SymbolRef sym, + const MemRegion *sreg) { ID.AddInteger((unsigned) MemRegion::SymbolicRegionKind); ID.Add(sym); + ID.AddPointer(sreg); } void SymbolicRegion::Profile(llvm::FoldingSetNodeID& ID) const { - SymbolicRegion::ProfileRegion(ID, sym); + SymbolicRegion::ProfileRegion(ID, sym, getSuperRegion()); } void ElementRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, @@ -110,14 +129,14 @@ void ElementRegion::Profile(llvm::FoldingSetNodeID& ID) const { } void CodeTextRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, const void* data, - QualType t) { + QualType t, const MemRegion*) { ID.AddInteger(MemRegion::CodeTextRegionKind); ID.AddPointer(data); ID.Add(t); } void CodeTextRegion::Profile(llvm::FoldingSetNodeID& ID) const { - CodeTextRegion::ProfileRegion(ID, Data, LocationType); + CodeTextRegion::ProfileRegion(ID, Data, LocationType, superRegion); } //===----------------------------------------------------------------------===// @@ -186,13 +205,12 @@ void VarRegion::print(llvm::raw_ostream& os) const { // MemRegionManager methods. //===----------------------------------------------------------------------===// -MemSpaceRegion* MemRegionManager::LazyAllocate(MemSpaceRegion*& region) { - +MemSpaceRegion* MemRegionManager::LazyAllocate(MemSpaceRegion*& region) { if (!region) { region = (MemSpaceRegion*) A.Allocate<MemSpaceRegion>(); - new (region) MemSpaceRegion(); + new (region) MemSpaceRegion(this); } - + return region; } @@ -216,82 +234,21 @@ MemSpaceRegion* MemRegionManager::getCodeRegion() { return LazyAllocate(code); } -bool MemRegionManager::onStack(const MemRegion* R) { - while (const SubRegion* SR = dyn_cast<SubRegion>(R)) - R = SR->getSuperRegion(); - - return (R != 0) && (R == stack); -} - -bool MemRegionManager::onHeap(const MemRegion* R) { - while (const SubRegion* SR = dyn_cast<SubRegion>(R)) - R = SR->getSuperRegion(); - - return (R != 0) && (R == heap); -} +//===----------------------------------------------------------------------===// +// Constructing regions. +//===----------------------------------------------------------------------===// StringRegion* MemRegionManager::getStringRegion(const StringLiteral* Str) { - llvm::FoldingSetNodeID ID; - MemSpaceRegion* GlobalsR = getGlobalsRegion(); - - StringRegion::ProfileRegion(ID, Str, GlobalsR); - - void* InsertPos; - MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos); - StringRegion* R = cast_or_null<StringRegion>(data); - - if (!R) { - R = (StringRegion*) A.Allocate<StringRegion>(); - new (R) StringRegion(Str, GlobalsR); - Regions.InsertNode(R, InsertPos); - } - - return R; + return getRegion<StringRegion>(Str); } VarRegion* MemRegionManager::getVarRegion(const VarDecl* d) { - - const MemRegion* superRegion = d->hasLocalStorage() ? getStackRegion() - : getGlobalsRegion(); - - llvm::FoldingSetNodeID ID; - DeclRegion::ProfileRegion(ID, d, superRegion, MemRegion::VarRegionKind); - - void* InsertPos; - MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos); - VarRegion* R = cast_or_null<VarRegion>(data); - - if (!R) { - R = (VarRegion*) A.Allocate<VarRegion>(); - new (R) VarRegion(d, superRegion); - Regions.InsertNode(R, InsertPos); - } - - return R; + return getRegion<VarRegion>(d); } CompoundLiteralRegion* MemRegionManager::getCompoundLiteralRegion(const CompoundLiteralExpr* CL) { - // Is this compound literal allocated on the stack or is part of the - // global constant pool? - const MemRegion* superRegion = CL->isFileScope() ? - getGlobalsRegion() : getStackRegion(); - - // Profile the compound literal. - llvm::FoldingSetNodeID ID; - CompoundLiteralRegion::ProfileRegion(ID, CL, superRegion); - - void* InsertPos; - MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos); - CompoundLiteralRegion* R = cast_or_null<CompoundLiteralRegion>(data); - - if (!R) { - R = (CompoundLiteralRegion*) A.Allocate<CompoundLiteralRegion>(); - new (R) CompoundLiteralRegion(CL, superRegion); - Regions.InsertNode(R, InsertPos); - } - - return R; + return getRegion<CompoundLiteralRegion>(CL); } ElementRegion* @@ -318,149 +275,45 @@ MemRegionManager::getElementRegion(QualType elementType, SVal Idx, CodeTextRegion* MemRegionManager::getCodeTextRegion(const FunctionDecl* fd, QualType t) { - llvm::FoldingSetNodeID ID; - CodeTextRegion::ProfileRegion(ID, fd, t); - void* InsertPos; - MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos); - CodeTextRegion* R = cast_or_null<CodeTextRegion>(data); - - if (!R) { - R = (CodeTextRegion*) A.Allocate<CodeTextRegion>(); - new (R) CodeTextRegion(fd, t, getCodeRegion()); - Regions.InsertNode(R, InsertPos); - } - - return R; + return getRegion<CodeTextRegion>(fd, t); } CodeTextRegion* MemRegionManager::getCodeTextRegion(SymbolRef sym, QualType t) { - llvm::FoldingSetNodeID ID; - CodeTextRegion::ProfileRegion(ID, sym, t); - void* InsertPos; - MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos); - CodeTextRegion* R = cast_or_null<CodeTextRegion>(data); - - if (!R) { - R = (CodeTextRegion*) A.Allocate<CodeTextRegion>(); - new (R) CodeTextRegion(sym, t, getCodeRegion()); - Regions.InsertNode(R, InsertPos); - } - - return R; + return getRegion<CodeTextRegion>(sym, t); } /// getSymbolicRegion - Retrieve or create a "symbolic" memory region. SymbolicRegion* MemRegionManager::getSymbolicRegion(SymbolRef sym) { - llvm::FoldingSetNodeID ID; - SymbolicRegion::ProfileRegion(ID, sym); - void* InsertPos; - MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos); - SymbolicRegion* R = cast_or_null<SymbolicRegion>(data); - - if (!R) { - R = (SymbolicRegion*) A.Allocate<SymbolicRegion>(); - // SymbolicRegion's storage class is usually unknown. - new (R) SymbolicRegion(sym, getUnknownRegion()); - Regions.InsertNode(R, InsertPos); - } - - return R; + return getRegion<SymbolicRegion>(sym); } FieldRegion* MemRegionManager::getFieldRegion(const FieldDecl* d, const MemRegion* superRegion) { - llvm::FoldingSetNodeID ID; - DeclRegion::ProfileRegion(ID, d, superRegion, MemRegion::FieldRegionKind); - - void* InsertPos; - MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos); - FieldRegion* R = cast_or_null<FieldRegion>(data); - - if (!R) { - R = (FieldRegion*) A.Allocate<FieldRegion>(); - new (R) FieldRegion(d, superRegion); - Regions.InsertNode(R, InsertPos); - } - - return R; + return getRegion<FieldRegion>(d, superRegion); } ObjCIvarRegion* MemRegionManager::getObjCIvarRegion(const ObjCIvarDecl* d, const MemRegion* superRegion) { - llvm::FoldingSetNodeID ID; - DeclRegion::ProfileRegion(ID, d, superRegion, MemRegion::ObjCIvarRegionKind); - - void* InsertPos; - MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos); - ObjCIvarRegion* R = cast_or_null<ObjCIvarRegion>(data); - - if (!R) { - R = (ObjCIvarRegion*) A.Allocate<ObjCIvarRegion>(); - new (R) ObjCIvarRegion(d, superRegion); - Regions.InsertNode(R, InsertPos); - } - - return R; + return getRegion<ObjCIvarRegion>(d, superRegion); } ObjCObjectRegion* MemRegionManager::getObjCObjectRegion(const ObjCInterfaceDecl* d, - const MemRegion* superRegion) { - llvm::FoldingSetNodeID ID; - DeclRegion::ProfileRegion(ID, d, superRegion, - MemRegion::ObjCObjectRegionKind); - - void* InsertPos; - MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos); - ObjCObjectRegion* R = cast_or_null<ObjCObjectRegion>(data); - - if (!R) { - R = (ObjCObjectRegion*) A.Allocate<ObjCObjectRegion>(); - new (R) ObjCObjectRegion(d, superRegion); - Regions.InsertNode(R, InsertPos); - } - - return R; + const MemRegion* superRegion) { + return getRegion<ObjCObjectRegion>(d, superRegion); } TypedViewRegion* MemRegionManager::getTypedViewRegion(QualType t, const MemRegion* superRegion) { - llvm::FoldingSetNodeID ID; - TypedViewRegion::ProfileRegion(ID, t, superRegion); - - void* InsertPos; - MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos); - TypedViewRegion* R = cast_or_null<TypedViewRegion>(data); - - if (!R) { - R = (TypedViewRegion*) A.Allocate<TypedViewRegion>(); - new (R) TypedViewRegion(t, superRegion); - Regions.InsertNode(R, InsertPos); - } - - return R; + return getRegion<TypedViewRegion>(t, superRegion); } AllocaRegion* MemRegionManager::getAllocaRegion(const Expr* E, unsigned cnt) { - llvm::FoldingSetNodeID ID; - AllocaRegion::ProfileRegion(ID, E, cnt); - - void* InsertPos; - MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos); - AllocaRegion* R = cast_or_null<AllocaRegion>(data); - - if (!R) { - R = (AllocaRegion*) A.Allocate<AllocaRegion>(); - new (R) AllocaRegion(E, cnt, getStackRegion()); - Regions.InsertNode(R, InsertPos); - } - - return R; + return getRegion<AllocaRegion>(E, cnt); } bool MemRegionManager::hasStackStorage(const MemRegion* R) { - // Only subregions can have stack storage. const SubRegion* SR = dyn_cast<SubRegion>(R); @@ -476,10 +329,29 @@ bool MemRegionManager::hasStackStorage(const MemRegion* R) { SR = dyn_cast<SubRegion>(R); } - + return false; } +bool MemRegionManager::hasHeapStorage(const MemRegion* R) { + // Only subregions can have stack storage. + const SubRegion* SR = dyn_cast<SubRegion>(R); + + if (!SR) + return false; + + MemSpaceRegion* H = getHeapRegion(); + + while (SR) { + R = SR->getSuperRegion(); + if (R == H) + return true; + + SR = dyn_cast<SubRegion>(R); + } + + return false; +} //===----------------------------------------------------------------------===// // View handling. diff --git a/lib/Analysis/RegionStore.cpp b/lib/Analysis/RegionStore.cpp index 5f2b8f8..f76807b 100644 --- a/lib/Analysis/RegionStore.cpp +++ b/lib/Analysis/RegionStore.cpp @@ -513,7 +513,7 @@ SVal RegionStoreManager::getLValueElement(const GRState *St, if (OffI.isUnsigned()) { llvm::APSInt Tmp = OffI; Tmp.setIsSigned(true); - Offset = NonLoc::MakeVal(getBasicVals(), Tmp); + Offset = ValMgr.makeIntVal(Tmp); } } return loc::MemRegionVal(MRMgr.getElementRegion(elementType, Offset, @@ -547,7 +547,7 @@ SVal RegionStoreManager::getLValueElement(const GRState *St, Tmp.setIsSigned(true); Tmp += BaseIdxI; // Compute the new offset. - NewIdx = NonLoc::MakeVal(getBasicVals(), Tmp); + NewIdx = ValMgr.makeIntVal(Tmp); } else NewIdx = nonloc::ConcreteInt(getBasicVals().getValue(BaseIdxI + OffI)); @@ -572,7 +572,7 @@ SVal RegionStoreManager::getSizeInElements(const GRState *state, if (const ConstantArrayType* CAT = dyn_cast<ConstantArrayType>(T)) { // return the size as signed integer. - return NonLoc::MakeVal(getBasicVals(), CAT->getSize(), false); + return ValMgr.makeIntVal(CAT->getSize(), false); } const QualType* CastTy = state->get<RegionCasts>(VR); @@ -585,19 +585,19 @@ SVal RegionStoreManager::getSizeInElements(const GRState *state, uint64_t EleSize = getContext().getTypeSize(EleTy); uint64_t VarSize = getContext().getTypeSize(VarTy); assert(VarSize != 0); - return NonLoc::MakeIntVal(getBasicVals(), VarSize / EleSize, false); + return ValMgr.makeIntVal(VarSize/EleSize, false); } // Clients can use ordinary variables as if they were arrays. These // essentially are arrays of size 1. - return NonLoc::MakeIntVal(getBasicVals(), 1, false); + return ValMgr.makeIntVal(1, false); } if (const StringRegion* SR = dyn_cast<StringRegion>(R)) { const StringLiteral* Str = SR->getStringLiteral(); // We intentionally made the size value signed because it participates in // operations with signed indices. - return NonLoc::MakeIntVal(getBasicVals(), Str->getByteLength()+1, false); + return ValMgr.makeIntVal(Str->getByteLength()+1, false); } if (const FieldRegion* FR = dyn_cast<FieldRegion>(R)) { @@ -676,7 +676,9 @@ RegionStoreManager::CastRegion(const GRState *state, const MemRegion* R, // CodeTextRegion should be cast to only function pointer type. if (isa<CodeTextRegion>(R)) { - assert(CastToTy->isFunctionPointerType() || CastToTy->isBlockPointerType()); + assert(CastToTy->isFunctionPointerType() || CastToTy->isBlockPointerType() + || (CastToTy->isPointerType() + && CastToTy->getAsPointerType()->getPointeeType()->isVoidType())); return CastResult(state, R); } @@ -800,7 +802,7 @@ SVal RegionStoreManager::EvalBinOp(const GRState *state, const MemRegion* NewER = MRMgr.getElementRegion(ER->getElementType(), NewIdx,ER->getSuperRegion(), getContext()); - return Loc::MakeVal(NewER); + return ValMgr.makeLoc(NewER); } @@ -937,7 +939,7 @@ SVal RegionStoreManager::Retrieve(const GRState *state, Loc L, QualType T) { } } - if (MRMgr.onStack(R) || MRMgr.onHeap(R)) { + if (MRMgr.hasStackStorage(R) || MRMgr.hasHeapStorage(R)) { // All stack variables are considered to have undefined values // upon creation. All heap allocated blocks are considered to // have undefined values as well unless they are explicitly bound @@ -984,7 +986,7 @@ SVal RegionStoreManager::RetrieveStruct(const GRState *state, StructVal = getBasicVals().consVals(FieldValue, StructVal); } - return NonLoc::MakeCompoundVal(T, StructVal, getBasicVals()); + return ValMgr.makeCompoundVal(T, StructVal); } SVal RegionStoreManager::RetrieveArray(const GRState *state, @@ -998,7 +1000,7 @@ SVal RegionStoreManager::RetrieveArray(const GRState *state, llvm::APSInt i = getBasicVals().getZeroWithPtrWidth(false); for (; i < Size; ++i) { - SVal Idx = NonLoc::MakeVal(getBasicVals(), i); + SVal Idx = ValMgr.makeIntVal(i); ElementRegion* ER = MRMgr.getElementRegion(CAT->getElementType(), Idx, R, getContext()); QualType ETy = ER->getElementType(); @@ -1006,7 +1008,7 @@ SVal RegionStoreManager::RetrieveArray(const GRState *state, ArrayVal = getBasicVals().consVals(ElementVal, ArrayVal); } - return NonLoc::MakeCompoundVal(T, ArrayVal, getBasicVals()); + return ValMgr.makeCompoundVal(T, ArrayVal); } //===----------------------------------------------------------------------===// @@ -1059,7 +1061,7 @@ const GRState *RegionStoreManager::BindDecl(const GRState *state, if (T->isStructureType()) return BindStruct(state, VR, InitVal); - return Bind(state, Loc::MakeVal(VR), InitVal); + return Bind(state, ValMgr.makeLoc(VR), InitVal); } // FIXME: this method should be merged into Bind(). @@ -1077,17 +1079,11 @@ const GRState *RegionStoreManager::BindArray(const GRState *state, SVal Init) { QualType T = R->getValueType(getContext()); - assert(T->isArrayType()); - - // When we are binding the whole array, it always has default value 0. - state = state->set<RegionDefaultValue>(R, NonLoc::MakeIntVal(getBasicVals(), - 0, false)); - ConstantArrayType* CAT = cast<ConstantArrayType>(T.getTypePtr()); + QualType ElementTy = CAT->getElementType(); llvm::APSInt Size(CAT->getSize(), false); - llvm::APSInt i = getBasicVals().getValue(0, Size.getBitWidth(), - Size.isUnsigned()); + llvm::APSInt i(llvm::APInt::getNullValue(Size.getBitWidth()), false); // Check if the init expr is a StringLiteral. if (isa<loc::MemRegionVal>(Init)) { @@ -1104,12 +1100,10 @@ const GRState *RegionStoreManager::BindArray(const GRState *state, if (j >= len) break; - SVal Idx = NonLoc::MakeVal(getBasicVals(), i); - ElementRegion* ER = - MRMgr.getElementRegion(cast<ArrayType>(T)->getElementType(), - Idx, R, getContext()); + SVal Idx = ValMgr.makeIntVal(i); + ElementRegion* ER = MRMgr.getElementRegion(ElementTy, Idx,R,getContext()); - SVal V = NonLoc::MakeVal(getBasicVals(), str[j], sizeof(char)*8, true); + SVal V = ValMgr.makeIntVal(str[j], sizeof(char)*8, true); state = Bind(state, loc::MemRegionVal(ER), V); } @@ -1120,19 +1114,29 @@ const GRState *RegionStoreManager::BindArray(const GRState *state, nonloc::CompoundVal::iterator VI = CV.begin(), VE = CV.end(); for (; i < Size; ++i, ++VI) { - // The init list might be shorter than the array decl. + // The init list might be shorter than the array length. if (VI == VE) break; - SVal Idx = NonLoc::MakeVal(getBasicVals(), i); - ElementRegion* ER = - MRMgr.getElementRegion(cast<ArrayType>(T)->getElementType(), - Idx, R, getContext()); + SVal Idx = ValMgr.makeIntVal(i); + ElementRegion* ER = MRMgr.getElementRegion(ElementTy, Idx, R, getContext()); if (CAT->getElementType()->isStructureType()) state = BindStruct(state, ER, *VI); else - state = Bind(state, Loc::MakeVal(ER), *VI); + state = Bind(state, ValMgr.makeLoc(ER), *VI); + } + + // If the init list is shorter than the array length, bind the rest elements + // to 0. + if (ElementTy->isIntegerType()) { + while (i < Size) { + SVal Idx = ValMgr.makeIntVal(i); + ElementRegion* ER = MRMgr.getElementRegion(ElementTy, Idx,R,getContext()); + SVal V = ValMgr.makeZeroVal(ElementTy); + state = Bind(state, ValMgr.makeLoc(ER), V); + ++i; + } } return state; @@ -1161,30 +1165,37 @@ RegionStoreManager::BindStruct(const GRState *state, const TypedRegion* R, nonloc::CompoundVal& CV = cast<nonloc::CompoundVal>(V); nonloc::CompoundVal::iterator VI = CV.begin(), VE = CV.end(); - - for (RecordDecl::field_iterator FI = RD->field_begin(getContext()), - FE = RD->field_end(getContext()); + + RecordDecl::field_iterator FI, FE; + + for (FI = RD->field_begin(getContext()), FE = RD->field_end(getContext()); FI != FE; ++FI, ++VI) { - // There may be fewer values than fields only when we are initializing a - // struct decl. In this case, mark the region as having default value. - if (VI == VE) { - const NonLoc& Idx = NonLoc::MakeIntVal(getBasicVals(), 0, false); - state = state->set<RegionDefaultValue>(R, Idx); + if (VI == VE) break; - } QualType FTy = (*FI)->getType(); FieldRegion* FR = MRMgr.getFieldRegion(*FI, R); if (Loc::IsLocType(FTy) || FTy->isIntegerType()) - state = Bind(state, Loc::MakeVal(FR), *VI); + state = Bind(state, ValMgr.makeLoc(FR), *VI); else if (FTy->isArrayType()) state = BindArray(state, FR, *VI); else if (FTy->isStructureType()) state = BindStruct(state, FR, *VI); } + // There may be fewer values in the initialize list than the fields of struct. + while (FI != FE) { + QualType FTy = (*FI)->getType(); + if (FTy->isIntegerType()) { + FieldRegion* FR = MRMgr.getFieldRegion(*FI, R); + state = Bind(state, ValMgr.makeLoc(FR), ValMgr.makeZeroVal(FTy)); + } + + ++FI; + } + return state; } @@ -1202,7 +1213,7 @@ const GRState *RegionStoreManager::KillStruct(const GRState *state, const MemRegion* R = I.getKey(); if (const SubRegion* subRegion = dyn_cast<SubRegion>(R)) if (subRegion->isSubRegionOf(R)) - store = Remove(store, Loc::MakeVal(subRegion)); + store = Remove(store, ValMgr.makeLoc(subRegion)); // FIXME: Maybe we should also remove the bindings for the "views" of the // subregions. } @@ -1398,7 +1409,7 @@ Store RegionStoreManager::RemoveDeadBindings(const GRState *state, Stmt* Loc, continue; // Remove this dead region from the store. - store = Remove(store, Loc::MakeVal(R)); + store = Remove(store, ValMgr.makeLoc(R)); // Mark all non-live symbols that this region references as dead. if (const SymbolicRegion* SymR = dyn_cast<SymbolicRegion>(R)) diff --git a/lib/Analysis/SVals.cpp b/lib/Analysis/SVals.cpp index 77c3c8f..dd9490b 100644 --- a/lib/Analysis/SVals.cpp +++ b/lib/Analysis/SVals.cpp @@ -237,180 +237,6 @@ SVal loc::ConcreteInt::EvalBinOp(BasicValueFactory& BasicVals, } //===----------------------------------------------------------------------===// -// Utility methods for constructing SVals. -//===----------------------------------------------------------------------===// - -SVal ValueManager::makeZeroVal(QualType T) { - if (Loc::IsLocType(T)) - return Loc::MakeNull(BasicVals); - - if (T->isIntegerType()) - return NonLoc::MakeVal(BasicVals, 0, T); - - // FIXME: Handle floats. - // FIXME: Handle structs. - return UnknownVal(); -} - -SVal ValueManager::makeZeroArrayIndex() { - return nonloc::ConcreteInt(BasicVals.getZeroWithPtrWidth(false)); -} - -//===----------------------------------------------------------------------===// -// Utility methods for constructing Non-Locs. -//===----------------------------------------------------------------------===// - -NonLoc ValueManager::makeNonLoc(SymbolRef sym) { - return nonloc::SymbolVal(sym); -} - -NonLoc ValueManager::makeNonLoc(const SymExpr *lhs, BinaryOperator::Opcode op, - const APSInt& v, QualType T) { - // The Environment ensures we always get a persistent APSInt in - // BasicValueFactory, so we don't need to get the APSInt from - // BasicValueFactory again. - assert(!Loc::IsLocType(T)); - return nonloc::SymExprVal(SymMgr.getSymIntExpr(lhs, op, v, T)); -} - -NonLoc ValueManager::makeNonLoc(const SymExpr *lhs, BinaryOperator::Opcode op, - const SymExpr *rhs, QualType T) { - assert(SymMgr.getType(lhs) == SymMgr.getType(rhs)); - assert(!Loc::IsLocType(T)); - return nonloc::SymExprVal(SymMgr.getSymSymExpr(lhs, op, rhs, T)); -} - -NonLoc NonLoc::MakeIntVal(BasicValueFactory& BasicVals, uint64_t X, - bool isUnsigned) { - return nonloc::ConcreteInt(BasicVals.getIntValue(X, isUnsigned)); -} - -NonLoc NonLoc::MakeVal(BasicValueFactory& BasicVals, uint64_t X, - unsigned BitWidth, bool isUnsigned) { - return nonloc::ConcreteInt(BasicVals.getValue(X, BitWidth, isUnsigned)); -} - -NonLoc NonLoc::MakeVal(BasicValueFactory& BasicVals, uint64_t X, QualType T) { - return nonloc::ConcreteInt(BasicVals.getValue(X, T)); -} - -NonLoc NonLoc::MakeVal(BasicValueFactory& BasicVals, const IntegerLiteral* I) { - - return nonloc::ConcreteInt(BasicVals.getValue(APSInt(I->getValue(), - I->getType()->isUnsignedIntegerType()))); -} - -NonLoc NonLoc::MakeVal(BasicValueFactory& BasicVals, const llvm::APInt& I, - bool isUnsigned) { - return nonloc::ConcreteInt(BasicVals.getValue(I, isUnsigned)); -} - -NonLoc NonLoc::MakeVal(BasicValueFactory& BasicVals, const llvm::APSInt& I) { - return nonloc::ConcreteInt(BasicVals.getValue(I)); -} - -NonLoc NonLoc::MakeIntTruthVal(BasicValueFactory& BasicVals, bool b) { - return nonloc::ConcreteInt(BasicVals.getTruthValue(b)); -} - -NonLoc ValueManager::makeTruthVal(bool b, QualType T) { - return nonloc::ConcreteInt(BasicVals.getTruthValue(b, T)); -} - -NonLoc NonLoc::MakeCompoundVal(QualType T, llvm::ImmutableList<SVal> Vals, - BasicValueFactory& BasicVals) { - return nonloc::CompoundVal(BasicVals.getCompoundValData(T, Vals)); -} - -SVal ValueManager::getRegionValueSymbolVal(const MemRegion* R, QualType T) { - SymbolRef sym = SymMgr.getRegionValueSymbol(R, T); - - if (const TypedRegion* TR = dyn_cast<TypedRegion>(R)) { - if (T.isNull()) - T = TR->getValueType(SymMgr.getContext()); - - // If T is of function pointer type, create a CodeTextRegion wrapping a - // symbol. - if (T->isFunctionPointerType()) { - return Loc::MakeVal(MemMgr.getCodeTextRegion(sym, T)); - } - - if (Loc::IsLocType(T)) - return Loc::MakeVal(MemMgr.getSymbolicRegion(sym)); - - // Only handle integers for now. - if (T->isIntegerType() && T->isScalarType()) - return makeNonLoc(sym); - } - - return UnknownVal(); -} - -SVal ValueManager::getConjuredSymbolVal(const Expr* E, unsigned Count) { - QualType T = E->getType(); - SymbolRef sym = SymMgr.getConjuredSymbol(E, Count); - - // If T is of function pointer type, create a CodeTextRegion wrapping a - // symbol. - if (T->isFunctionPointerType()) { - return Loc::MakeVal(MemMgr.getCodeTextRegion(sym, T)); - } - - if (Loc::IsLocType(T)) - return Loc::MakeVal(MemMgr.getSymbolicRegion(sym)); - - if (T->isIntegerType() && T->isScalarType()) - return makeNonLoc(sym); - - return UnknownVal(); -} - -SVal ValueManager::getConjuredSymbolVal(const Expr* E, QualType T, - unsigned Count) { - - SymbolRef sym = SymMgr.getConjuredSymbol(E, T, Count); - - // If T is of function pointer type, create a CodeTextRegion wrapping a - // symbol. - if (T->isFunctionPointerType()) { - return Loc::MakeVal(MemMgr.getCodeTextRegion(sym, T)); - } - - if (Loc::IsLocType(T)) - return Loc::MakeVal(MemMgr.getSymbolicRegion(sym)); - - if (T->isIntegerType() && T->isScalarType()) - return makeNonLoc(sym); - - return UnknownVal(); -} - -SVal ValueManager::getFunctionPointer(const FunctionDecl* FD) { - CodeTextRegion* R - = MemMgr.getCodeTextRegion(FD, Context.getPointerType(FD->getType())); - return loc::MemRegionVal(R); -} - -nonloc::LocAsInteger nonloc::LocAsInteger::Make(BasicValueFactory& Vals, Loc V, - unsigned Bits) { - return LocAsInteger(Vals.getPersistentSValWithData(V, Bits)); -} - -//===----------------------------------------------------------------------===// -// Utility methods for constructing Locs. -//===----------------------------------------------------------------------===// - -Loc Loc::MakeVal(const MemRegion* R) { return loc::MemRegionVal(R); } - -Loc Loc::MakeVal(const AddrLabelExpr *E) { - return loc::GotoLabel(E->getLabel()); -} - -Loc Loc::MakeNull(BasicValueFactory &BasicVals) { - return loc::ConcreteInt(BasicVals.getZeroWithPtrWidth()); -} - -//===----------------------------------------------------------------------===// // Pretty-Printing. //===----------------------------------------------------------------------===// diff --git a/lib/Analysis/ValueManager.cpp b/lib/Analysis/ValueManager.cpp new file mode 100644 index 0000000..724a2e9 --- /dev/null +++ b/lib/Analysis/ValueManager.cpp @@ -0,0 +1,125 @@ +//== ValueManager.cpp - Aggregate manager of symbols and SVals --*- C++ -*--==// +// +// The LLVM Compiler Infrastructure +// +// This file is distributed under the University of Illinois Open Source +// License. See LICENSE.TXT for details. +// +//===----------------------------------------------------------------------===// +// +// This file defines ValueManager, a class that manages symbolic values +// and SVals created for use by GRExprEngine and related classes. It +// wraps and owns SymbolManager, MemRegionManager, and BasicValueFactory. +// +//===----------------------------------------------------------------------===// + +#include "clang/Analysis/PathSensitive/ValueManager.h" + +using namespace clang; +using namespace llvm; + +//===----------------------------------------------------------------------===// +// Utility methods for constructing SVals. +//===----------------------------------------------------------------------===// + +SVal ValueManager::makeZeroVal(QualType T) { + if (Loc::IsLocType(T)) + return makeNull(); + + if (T->isIntegerType()) + return makeIntVal(0, T); + + // FIXME: Handle floats. + // FIXME: Handle structs. + return UnknownVal(); +} + +//===----------------------------------------------------------------------===// +// Utility methods for constructing Non-Locs. +//===----------------------------------------------------------------------===// + +NonLoc ValueManager::makeNonLoc(const SymExpr *lhs, BinaryOperator::Opcode op, + const APSInt& v, QualType T) { + // The Environment ensures we always get a persistent APSInt in + // BasicValueFactory, so we don't need to get the APSInt from + // BasicValueFactory again. + assert(!Loc::IsLocType(T)); + return nonloc::SymExprVal(SymMgr.getSymIntExpr(lhs, op, v, T)); +} + +NonLoc ValueManager::makeNonLoc(const SymExpr *lhs, BinaryOperator::Opcode op, + const SymExpr *rhs, QualType T) { + assert(SymMgr.getType(lhs) == SymMgr.getType(rhs)); + assert(!Loc::IsLocType(T)); + return nonloc::SymExprVal(SymMgr.getSymSymExpr(lhs, op, rhs, T)); +} + + +SVal ValueManager::getRegionValueSymbolVal(const MemRegion* R, QualType T) { + SymbolRef sym = SymMgr.getRegionValueSymbol(R, T); + + if (const TypedRegion* TR = dyn_cast<TypedRegion>(R)) { + if (T.isNull()) + T = TR->getValueType(SymMgr.getContext()); + + // If T is of function pointer type, create a CodeTextRegion wrapping a + // symbol. + if (T->isFunctionPointerType()) { + return loc::MemRegionVal(MemMgr.getCodeTextRegion(sym, T)); + } + + if (Loc::IsLocType(T)) + return loc::MemRegionVal(MemMgr.getSymbolicRegion(sym)); + + // Only handle integers for now. + if (T->isIntegerType() && T->isScalarType()) + return nonloc::SymbolVal(sym); + } + + return UnknownVal(); +} + +SVal ValueManager::getConjuredSymbolVal(const Expr* E, unsigned Count) { + QualType T = E->getType(); + SymbolRef sym = SymMgr.getConjuredSymbol(E, Count); + + // If T is of function pointer type, create a CodeTextRegion wrapping a + // symbol. + if (T->isFunctionPointerType()) { + return loc::MemRegionVal(MemMgr.getCodeTextRegion(sym, T)); + } + + if (Loc::IsLocType(T)) + return loc::MemRegionVal(MemMgr.getSymbolicRegion(sym)); + + if (T->isIntegerType() && T->isScalarType()) + return nonloc::SymbolVal(sym); + + return UnknownVal(); +} + +SVal ValueManager::getConjuredSymbolVal(const Expr* E, QualType T, + unsigned Count) { + + SymbolRef sym = SymMgr.getConjuredSymbol(E, T, Count); + + // If T is of function pointer type, create a CodeTextRegion wrapping a + // symbol. + if (T->isFunctionPointerType()) { + return loc::MemRegionVal(MemMgr.getCodeTextRegion(sym, T)); + } + + if (Loc::IsLocType(T)) + return loc::MemRegionVal(MemMgr.getSymbolicRegion(sym)); + + if (T->isIntegerType() && T->isScalarType()) + return nonloc::SymbolVal(sym); + + return UnknownVal(); +} + +SVal ValueManager::getFunctionPointer(const FunctionDecl* FD) { + CodeTextRegion* R + = MemMgr.getCodeTextRegion(FD, Context.getPointerType(FD->getType())); + return loc::MemRegionVal(R); +} |
