1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
|
//== ValueState*h - Path-Sens. "State" for tracking valuues -----*- C++ -*--==//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
//
// This file defines SymbolID, ExprBindKey, and ValueState*
//
//===----------------------------------------------------------------------===//
#ifndef LLVM_CLANG_ANALYSIS_VALUESTATE_H
#define LLVM_CLANG_ANALYSIS_VALUESTATE_H
// FIXME: Reduce the number of includes.
#include "clang/Analysis/PathSensitive/Environment.h"
#include "clang/Analysis/PathSensitive/Store.h"
#include "clang/Analysis/PathSensitive/RValues.h"
#include "clang/Analysis/PathSensitive/GRCoreEngine.h"
#include "clang/AST/Expr.h"
#include "clang/AST/Decl.h"
#include "clang/AST/ASTContext.h"
#include "clang/Analysis/Analyses/LiveVariables.h"
#include "llvm/Support/Casting.h"
#include "llvm/Support/DataTypes.h"
#include "llvm/ADT/APSInt.h"
#include "llvm/ADT/FoldingSet.h"
#include "llvm/ADT/ImmutableMap.h"
#include "llvm/ADT/SmallVector.h"
#include "llvm/ADT/DenseSet.h"
#include "llvm/Support/Allocator.h"
#include "llvm/Support/Compiler.h"
#include "llvm/Support/Streams.h"
#include <functional>
namespace clang {
class ValueStateManager;
//===----------------------------------------------------------------------===//
// ValueState- An ImmutableMap type Stmt*/Decl*/Symbols to RVals.
//===----------------------------------------------------------------------===//
/// ValueState - This class encapsulates the actual data values for
/// for a "state" in our symbolic value tracking. It is intended to be
/// used as a functional object; that is once it is created and made
/// "persistent" in a FoldingSet its values will never change.
class ValueState : public llvm::FoldingSetNode {
public:
// Typedefs.
typedef llvm::ImmutableSet<llvm::APSInt*> IntSetTy;
typedef llvm::ImmutableMap<SymbolID,IntSetTy> ConstNotEqTy;
typedef llvm::ImmutableMap<SymbolID,const llvm::APSInt*> ConstEqTy;
private:
void operator=(const ValueState& R) const;
friend class ValueStateManager;
Environment Env;
Store St;
// FIXME: Make these private.
public:
ConstNotEqTy ConstNotEq;
ConstEqTy ConstEq;
void* CheckerState;
public:
/// This ctor is used when creating the first ValueState object.
ValueState(const Environment& env, Store st,
ConstNotEqTy CNE, ConstEqTy CE)
: Env(env),
St(st),
ConstNotEq(CNE),
ConstEq(CE),
CheckerState(NULL) {}
/// Copy ctor - We must explicitly define this or else the "Next" ptr
/// in FoldingSetNode will also get copied.
ValueState(const ValueState& RHS)
: llvm::FoldingSetNode(),
Env(RHS.Env),
St(RHS.St),
ConstNotEq(RHS.ConstNotEq),
ConstEq(RHS.ConstEq),
CheckerState(RHS.CheckerState) {}
/// getEnvironment - Return the environment associated with this state.
/// The environment is the mapping from expressions to values.
const Environment& getEnvironment() const { return Env; }
/// getStore - Return the store associated with this state. The store
/// is a mapping from locations to values.
Store getStore() const { return St; }
/// Profile - Profile the contents of a ValueState object for use
/// in a FoldingSet.
static void Profile(llvm::FoldingSetNodeID& ID, const ValueState* V) {
V->Env.Profile(ID);
ID.AddPointer(V->St);
V->ConstNotEq.Profile(ID);
V->ConstEq.Profile(ID);
ID.AddPointer(V->CheckerState);
}
/// Profile - Used to profile the contents of this object for inclusion
/// in a FoldingSet.
void Profile(llvm::FoldingSetNodeID& ID) const {
Profile(ID, this);
}
// Queries.
bool isNotEqual(SymbolID sym, const llvm::APSInt& V) const;
const llvm::APSInt* getSymVal(SymbolID sym) const;
RVal LookupExpr(Expr* E) const {
return Env.LookupExpr(E);
}
// Iterators.
// FIXME: We'll be removing the VarBindings iterator very soon. Right now
// it assumes that Store is a VarBindingsTy.
typedef llvm::ImmutableMap<VarDecl*,RVal> VarBindingsTy;
typedef VarBindingsTy::iterator vb_iterator;
vb_iterator vb_begin() const {
VarBindingsTy B(static_cast<const VarBindingsTy::TreeTy*>(St));
return B.begin();
}
vb_iterator vb_end() const {
VarBindingsTy B(static_cast<const VarBindingsTy::TreeTy*>(St));
return B.end();
}
typedef Environment::seb_iterator seb_iterator;
seb_iterator seb_begin() const { return Env.seb_begin(); }
seb_iterator seb_end() const { return Env.beb_end(); }
typedef Environment::beb_iterator beb_iterator;
beb_iterator beb_begin() const { return Env.beb_begin(); }
beb_iterator beb_end() const { return Env.beb_end(); }
typedef ConstNotEqTy::iterator cne_iterator;
cne_iterator cne_begin() const { return ConstNotEq.begin(); }
cne_iterator cne_end() const { return ConstNotEq.end(); }
typedef ConstEqTy::iterator ce_iterator;
ce_iterator ce_begin() const { return ConstEq.begin(); }
ce_iterator ce_end() const { return ConstEq.end(); }
class CheckerStatePrinter {
public:
virtual ~CheckerStatePrinter() {}
virtual void PrintCheckerState(std::ostream& Out, void* State,
const char* nl, const char* sep) = 0;
};
void print(std::ostream& Out, CheckerStatePrinter* P = NULL,
const char* nl = "\n", const char* sep = "") const;
void printStdErr(CheckerStatePrinter* P = NULL) const;
void printDOT(std::ostream& Out, CheckerStatePrinter*P = NULL) const;
};
template<> struct GRTrait<ValueState*> {
static inline void* toPtr(ValueState* St) { return (void*) St; }
static inline ValueState* toState(void* P) { return (ValueState*) P; }
static inline void Profile(llvm::FoldingSetNodeID& profile, ValueState* St) {
// At this point states have already been uniqued. Just
// add the pointer.
profile.AddPointer(St);
}
};
class ValueStateManager {
private:
EnvironmentManager EnvMgr;
llvm::OwningPtr<StoreManager> StMgr;
ValueState::IntSetTy::Factory ISetFactory;
ValueState::ConstNotEqTy::Factory CNEFactory;
ValueState::ConstEqTy::Factory CEFactory;
/// StateSet - FoldingSet containing all the states created for analyzing
/// a particular function. This is used to unique states.
llvm::FoldingSet<ValueState> StateSet;
/// ValueMgr - Object that manages the data for all created RVals.
BasicValueFactory BasicVals;
/// SymMgr - Object that manages the symbol information.
SymbolManager SymMgr;
/// Alloc - A BumpPtrAllocator to allocate states.
llvm::BumpPtrAllocator& Alloc;
/// DRoots - A vector to hold of worklist used by RemoveDeadSymbols.
/// This vector is persistent because it is reused over and over.
StoreManager::DeclRootsTy DRoots;
private:
Environment RemoveBlkExpr(const Environment& Env, Expr* E) {
return EnvMgr.RemoveBlkExpr(Env, E);
}
// FIXME: Remove when we do lazy initializaton of variable bindings.
const ValueState* BindVar(const ValueState* St, VarDecl* D, RVal V) {
return SetRVal(St, lval::DeclVal(D), V);
}
public:
ValueStateManager(ASTContext& Ctx, StoreManager* stmgr,
llvm::BumpPtrAllocator& alloc)
: EnvMgr(alloc),
StMgr(stmgr),
ISetFactory(alloc),
CNEFactory(alloc),
CEFactory(alloc),
BasicVals(Ctx, alloc),
SymMgr(alloc),
Alloc(alloc) {}
const ValueState* getInitialState();
BasicValueFactory& getBasicValueFactory() { return BasicVals; }
SymbolManager& getSymbolManager() { return SymMgr; }
typedef StoreManager::DeadSymbolsTy DeadSymbolsTy;
const ValueState* RemoveDeadBindings(const ValueState* St, Stmt* Loc,
const LiveVariables& Liveness,
DeadSymbolsTy& DeadSyms);
const ValueState* RemoveSubExprBindings(const ValueState* St) {
ValueState NewSt = *St;
NewSt.Env = EnvMgr.RemoveSubExprBindings(NewSt.Env);
return getPersistentState(NewSt);
}
// Methods that query & manipulate the Environment.
RVal GetRVal(const ValueState* St, Expr* Ex) {
return St->getEnvironment().GetRVal(Ex, BasicVals);
}
RVal GetBlkExprRVal(const ValueState* St, Expr* Ex) {
return St->getEnvironment().GetBlkExprRVal(Ex, BasicVals);
}
const ValueState* SetRVal(const ValueState* St, Expr* Ex, RVal V,
bool
|
