2008-02-16 09:12:31 +08:00
|
|
|
//== SymbolManager.h - Management of Symbolic Values ------------*- C++ -*--==//
|
|
|
|
//
|
|
|
|
// The LLVM Compiler Infrastructure
|
|
|
|
//
|
|
|
|
// This file is distributed under the University of Illinois Open Source
|
|
|
|
// License. See LICENSE.TXT for details.
|
|
|
|
//
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
//
|
2008-03-06 18:40:09 +08:00
|
|
|
// This file defines SymbolManager, a class that manages symbolic values
|
2008-02-16 09:12:31 +08:00
|
|
|
// created for use by GRExprEngine and related classes.
|
|
|
|
//
|
|
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
|
2010-01-25 12:41:41 +08:00
|
|
|
#include "clang/Checker/PathSensitive/SymbolManager.h"
|
|
|
|
#include "clang/Checker/PathSensitive/MemRegion.h"
|
2010-02-17 16:50:05 +08:00
|
|
|
#include "clang/Analysis/AnalysisContext.h"
|
2008-12-05 10:45:20 +08:00
|
|
|
#include "llvm/Support/raw_ostream.h"
|
2008-02-16 09:12:31 +08:00
|
|
|
|
|
|
|
using namespace clang;
|
|
|
|
|
2009-07-14 07:31:04 +08:00
|
|
|
void SymExpr::dump() const {
|
|
|
|
dumpToStream(llvm::errs());
|
|
|
|
}
|
2009-03-26 11:35:11 +08:00
|
|
|
|
2009-09-09 23:08:12 +08:00
|
|
|
static void print(llvm::raw_ostream& os, BinaryOperator::Opcode Op) {
|
2009-03-26 11:35:11 +08:00
|
|
|
switch (Op) {
|
|
|
|
default:
|
|
|
|
assert(false && "operator printing not implemented");
|
|
|
|
break;
|
|
|
|
case BinaryOperator::Mul: os << '*' ; break;
|
|
|
|
case BinaryOperator::Div: os << '/' ; break;
|
|
|
|
case BinaryOperator::Rem: os << '%' ; break;
|
|
|
|
case BinaryOperator::Add: os << '+' ; break;
|
|
|
|
case BinaryOperator::Sub: os << '-' ; break;
|
|
|
|
case BinaryOperator::Shl: os << "<<" ; break;
|
|
|
|
case BinaryOperator::Shr: os << ">>" ; break;
|
|
|
|
case BinaryOperator::LT: os << "<" ; break;
|
|
|
|
case BinaryOperator::GT: os << '>' ; break;
|
|
|
|
case BinaryOperator::LE: os << "<=" ; break;
|
2009-09-09 23:08:12 +08:00
|
|
|
case BinaryOperator::GE: os << ">=" ; break;
|
2009-03-26 11:35:11 +08:00
|
|
|
case BinaryOperator::EQ: os << "==" ; break;
|
|
|
|
case BinaryOperator::NE: os << "!=" ; break;
|
|
|
|
case BinaryOperator::And: os << '&' ; break;
|
|
|
|
case BinaryOperator::Xor: os << '^' ; break;
|
|
|
|
case BinaryOperator::Or: os << '|' ; break;
|
2009-09-09 23:08:12 +08:00
|
|
|
}
|
2009-03-26 11:35:11 +08:00
|
|
|
}
|
|
|
|
|
2009-07-14 07:31:04 +08:00
|
|
|
void SymIntExpr::dumpToStream(llvm::raw_ostream& os) const {
|
2009-03-26 11:35:11 +08:00
|
|
|
os << '(';
|
2009-07-14 07:31:04 +08:00
|
|
|
getLHS()->dumpToStream(os);
|
2009-03-26 11:35:11 +08:00
|
|
|
os << ") ";
|
2009-07-14 07:31:04 +08:00
|
|
|
print(os, getOpcode());
|
|
|
|
os << ' ' << getRHS().getZExtValue();
|
|
|
|
if (getRHS().isUnsigned()) os << 'U';
|
2009-03-26 11:35:11 +08:00
|
|
|
}
|
2009-09-09 23:08:12 +08:00
|
|
|
|
2009-07-14 07:31:04 +08:00
|
|
|
void SymSymExpr::dumpToStream(llvm::raw_ostream& os) const {
|
2009-03-26 11:35:11 +08:00
|
|
|
os << '(';
|
2009-07-14 07:31:04 +08:00
|
|
|
getLHS()->dumpToStream(os);
|
2009-03-26 11:35:11 +08:00
|
|
|
os << ") ";
|
|
|
|
os << '(';
|
2009-07-14 07:31:04 +08:00
|
|
|
getRHS()->dumpToStream(os);
|
2009-09-09 23:08:12 +08:00
|
|
|
os << ')';
|
2009-03-26 11:35:11 +08:00
|
|
|
}
|
|
|
|
|
2009-07-14 07:31:04 +08:00
|
|
|
void SymbolConjured::dumpToStream(llvm::raw_ostream& os) const {
|
2009-08-01 14:17:29 +08:00
|
|
|
os << "conj_$" << getSymbolID() << '{' << T.getAsString() << '}';
|
2009-03-26 11:35:11 +08:00
|
|
|
}
|
|
|
|
|
2009-07-15 10:27:32 +08:00
|
|
|
void SymbolDerived::dumpToStream(llvm::raw_ostream& os) const {
|
|
|
|
os << "derived_$" << getSymbolID() << '{'
|
|
|
|
<< getParentSymbol() << ',' << getRegion() << '}';
|
|
|
|
}
|
|
|
|
|
2009-07-14 07:31:04 +08:00
|
|
|
void SymbolRegionValue::dumpToStream(llvm::raw_ostream& os) const {
|
|
|
|
os << "reg_$" << getSymbolID() << "<" << R << ">";
|
2009-03-04 06:06:47 +08:00
|
|
|
}
|
|
|
|
|
2009-09-09 23:08:12 +08:00
|
|
|
const SymbolRegionValue*
|
2010-03-01 14:56:52 +08:00
|
|
|
SymbolManager::getRegionValueSymbol(const TypedRegion* R) {
|
2008-03-12 09:21:45 +08:00
|
|
|
llvm::FoldingSetNodeID profile;
|
2010-03-01 14:56:52 +08:00
|
|
|
SymbolRegionValue::Profile(profile, R);
|
2009-09-09 23:08:12 +08:00
|
|
|
void* InsertPos;
|
|
|
|
SymExpr *SD = DataSet.FindNodeOrInsertPos(profile, InsertPos);
|
|
|
|
if (!SD) {
|
2009-05-09 12:08:27 +08:00
|
|
|
SD = (SymExpr*) BPAlloc.Allocate<SymbolRegionValue>();
|
2010-03-01 14:56:52 +08:00
|
|
|
new (SD) SymbolRegionValue(SymbolCounter, R);
|
2009-03-26 11:35:11 +08:00
|
|
|
DataSet.InsertNode(SD, InsertPos);
|
|
|
|
++SymbolCounter;
|
|
|
|
}
|
2009-09-09 23:08:12 +08:00
|
|
|
|
2009-05-09 12:08:27 +08:00
|
|
|
return cast<SymbolRegionValue>(SD);
|
2008-11-19 19:03:17 +08:00
|
|
|
}
|
2008-03-12 09:21:45 +08:00
|
|
|
|
2009-03-26 11:35:11 +08:00
|
|
|
const SymbolConjured*
|
|
|
|
SymbolManager::getConjuredSymbol(const Stmt* E, QualType T, unsigned Count,
|
|
|
|
const void* SymbolTag) {
|
2009-09-09 23:08:12 +08:00
|
|
|
|
2008-03-12 09:21:45 +08:00
|
|
|
llvm::FoldingSetNodeID profile;
|
2009-03-05 06:53:46 +08:00
|
|
|
SymbolConjured::Profile(profile, E, T, Count, SymbolTag);
|
2009-09-09 23:08:12 +08:00
|
|
|
void* InsertPos;
|
|
|
|
SymExpr *SD = DataSet.FindNodeOrInsertPos(profile, InsertPos);
|
|
|
|
if (!SD) {
|
2009-03-26 11:35:11 +08:00
|
|
|
SD = (SymExpr*) BPAlloc.Allocate<SymbolConjured>();
|
2009-09-09 23:08:12 +08:00
|
|
|
new (SD) SymbolConjured(SymbolCounter, E, T, Count, SymbolTag);
|
|
|
|
DataSet.InsertNode(SD, InsertPos);
|
2009-03-26 11:35:11 +08:00
|
|
|
++SymbolCounter;
|
|
|
|
}
|
2009-09-09 23:08:12 +08:00
|
|
|
|
2009-03-26 11:35:11 +08:00
|
|
|
return cast<SymbolConjured>(SD);
|
2008-03-12 09:21:45 +08:00
|
|
|
}
|
|
|
|
|
2009-07-15 10:27:32 +08:00
|
|
|
const SymbolDerived*
|
|
|
|
SymbolManager::getDerivedSymbol(SymbolRef parentSymbol,
|
|
|
|
const TypedRegion *R) {
|
2009-09-09 23:08:12 +08:00
|
|
|
|
2009-07-15 10:27:32 +08:00
|
|
|
llvm::FoldingSetNodeID profile;
|
|
|
|
SymbolDerived::Profile(profile, parentSymbol, R);
|
2009-09-09 23:08:12 +08:00
|
|
|
void* InsertPos;
|
|
|
|
SymExpr *SD = DataSet.FindNodeOrInsertPos(profile, InsertPos);
|
|
|
|
if (!SD) {
|
2009-07-15 10:27:32 +08:00
|
|
|
SD = (SymExpr*) BPAlloc.Allocate<SymbolDerived>();
|
|
|
|
new (SD) SymbolDerived(SymbolCounter, parentSymbol, R);
|
2009-09-09 23:08:12 +08:00
|
|
|
DataSet.InsertNode(SD, InsertPos);
|
2009-07-15 10:27:32 +08:00
|
|
|
++SymbolCounter;
|
|
|
|
}
|
2009-09-09 23:08:12 +08:00
|
|
|
|
2009-07-15 10:27:32 +08:00
|
|
|
return cast<SymbolDerived>(SD);
|
|
|
|
}
|
|
|
|
|
2009-03-26 11:35:11 +08:00
|
|
|
const SymIntExpr *SymbolManager::getSymIntExpr(const SymExpr *lhs,
|
2009-09-09 23:08:12 +08:00
|
|
|
BinaryOperator::Opcode op,
|
2009-03-26 11:35:11 +08:00
|
|
|
const llvm::APSInt& v,
|
|
|
|
QualType t) {
|
2009-03-25 13:58:37 +08:00
|
|
|
llvm::FoldingSetNodeID ID;
|
|
|
|
SymIntExpr::Profile(ID, lhs, op, v, t);
|
2009-03-26 11:35:11 +08:00
|
|
|
void *InsertPos;
|
|
|
|
SymExpr *data = DataSet.FindNodeOrInsertPos(ID, InsertPos);
|
|
|
|
|
|
|
|
if (!data) {
|
|
|
|
data = (SymIntExpr*) BPAlloc.Allocate<SymIntExpr>();
|
|
|
|
new (data) SymIntExpr(lhs, op, v, t);
|
|
|
|
DataSet.InsertNode(data, InsertPos);
|
|
|
|
}
|
2009-09-09 23:08:12 +08:00
|
|
|
|
2009-03-26 11:35:11 +08:00
|
|
|
return cast<SymIntExpr>(data);
|
2009-03-25 13:58:37 +08:00
|
|
|
}
|
|
|
|
|
2009-03-26 11:35:11 +08:00
|
|
|
const SymSymExpr *SymbolManager::getSymSymExpr(const SymExpr *lhs,
|
|
|
|
BinaryOperator::Opcode op,
|
|
|
|
const SymExpr *rhs,
|
|
|
|
QualType t) {
|
2009-03-25 13:58:37 +08:00
|
|
|
llvm::FoldingSetNodeID ID;
|
|
|
|
SymSymExpr::Profile(ID, lhs, op, rhs, t);
|
2009-03-26 11:35:11 +08:00
|
|
|
void *InsertPos;
|
|
|
|
SymExpr *data = DataSet.FindNodeOrInsertPos(ID, InsertPos);
|
|
|
|
|
|
|
|
if (!data) {
|
|
|
|
data = (SymSymExpr*) BPAlloc.Allocate<SymSymExpr>();
|
|
|
|
new (data) SymSymExpr(lhs, op, rhs, t);
|
|
|
|
DataSet.InsertNode(data, InsertPos);
|
|
|
|
}
|
2009-09-09 23:08:12 +08:00
|
|
|
|
2009-03-26 11:35:11 +08:00
|
|
|
return cast<SymSymExpr>(data);
|
2008-03-12 09:21:45 +08:00
|
|
|
}
|
|
|
|
|
Static analyzer: Remove a bunch of outdated SymbolData objects and
their associated APIs. We no longer need separate SymbolData objects
for fields, variables, etc. Instead, we now associated symbols with
the "rvalue" of a MemRegion (i.e., the value stored at that region).
Now we only have two kinds of SymbolData objects: SymbolRegionRValue
and SymbolConjured.
This cleanup also makes the distinction between a SymbolicRegion and a
symbolic value that is a location much clearer. A SymbolicRegion
represents a chunk of symbolic memory, while a symbolic location is
just a "pointer" with different possible values. Without any specific
knowledge, a symbolic location resolves (i.e., via a dereference) to a
SymbolicRegion. In the future, when we do better alias reasoning, a
symbolic location can become an alias for another location, thus
merging the constraints on the referred SymbolicRegion with the other
region.
llvm-svn: 62769
2009-01-23 02:23:34 +08:00
|
|
|
QualType SymbolConjured::getType(ASTContext&) const {
|
|
|
|
return T;
|
|
|
|
}
|
2008-12-05 09:31:31 +08:00
|
|
|
|
2009-07-15 10:27:32 +08:00
|
|
|
|
|
|
|
QualType SymbolDerived::getType(ASTContext& Ctx) const {
|
|
|
|
return R->getValueType(Ctx);
|
|
|
|
}
|
|
|
|
|
2009-05-09 12:08:27 +08:00
|
|
|
QualType SymbolRegionValue::getType(ASTContext& C) const {
|
2010-03-01 14:56:52 +08:00
|
|
|
return R->getValueType(C);
|
2008-02-16 09:12:31 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
SymbolManager::~SymbolManager() {}
|
2009-01-22 06:26:05 +08:00
|
|
|
|
2009-03-23 23:42:58 +08:00
|
|
|
bool SymbolManager::canSymbolicate(QualType T) {
|
2009-07-30 02:12:48 +08:00
|
|
|
return Loc::IsLocType(T) || (T->isIntegerType() && T->isScalarType());
|
2009-03-23 23:42:58 +08:00
|
|
|
}
|
|
|
|
|
2009-01-22 06:26:05 +08:00
|
|
|
void SymbolReaper::markLive(SymbolRef sym) {
|
2009-09-02 14:03:18 +08:00
|
|
|
TheLiving.insert(sym);
|
|
|
|
TheDead.erase(sym);
|
2009-01-22 06:26:05 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
bool SymbolReaper::maybeDead(SymbolRef sym) {
|
|
|
|
if (isLive(sym))
|
|
|
|
return false;
|
2009-09-09 23:08:12 +08:00
|
|
|
|
2009-09-02 14:03:18 +08:00
|
|
|
TheDead.insert(sym);
|
2009-01-22 06:26:05 +08:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
Static analyzer: Remove a bunch of outdated SymbolData objects and
their associated APIs. We no longer need separate SymbolData objects
for fields, variables, etc. Instead, we now associated symbols with
the "rvalue" of a MemRegion (i.e., the value stored at that region).
Now we only have two kinds of SymbolData objects: SymbolRegionRValue
and SymbolConjured.
This cleanup also makes the distinction between a SymbolicRegion and a
symbolic value that is a location much clearer. A SymbolicRegion
represents a chunk of symbolic memory, while a symbolic location is
just a "pointer" with different possible values. Without any specific
knowledge, a symbolic location resolves (i.e., via a dereference) to a
SymbolicRegion. In the future, when we do better alias reasoning, a
symbolic location can become an alias for another location, thus
merging the constraints on the referred SymbolicRegion with the other
region.
llvm-svn: 62769
2009-01-23 02:23:34 +08:00
|
|
|
bool SymbolReaper::isLive(SymbolRef sym) {
|
2009-09-02 14:03:18 +08:00
|
|
|
if (TheLiving.count(sym))
|
2009-01-23 02:51:33 +08:00
|
|
|
return true;
|
2009-09-09 23:08:12 +08:00
|
|
|
|
2009-08-01 14:17:29 +08:00
|
|
|
if (const SymbolDerived *derived = dyn_cast<SymbolDerived>(sym)) {
|
|
|
|
if (isLive(derived->getParentSymbol())) {
|
|
|
|
markLive(sym);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
2009-09-09 23:08:12 +08:00
|
|
|
|
2009-01-23 02:51:33 +08:00
|
|
|
// Interogate the symbol. It may derive from an input value to
|
|
|
|
// the analyzed function/method.
|
2009-05-09 12:08:27 +08:00
|
|
|
return isa<SymbolRegionValue>(sym);
|
2009-01-22 06:26:05 +08:00
|
|
|
}
|
2009-02-14 11:16:10 +08:00
|
|
|
|
2009-12-05 04:32:20 +08:00
|
|
|
bool SymbolReaper::isLive(const Stmt *Loc, const VarRegion *VR) const {
|
2009-12-15 06:15:06 +08:00
|
|
|
const StackFrameContext *SFC = VR->getStackFrame();
|
2010-02-17 16:50:05 +08:00
|
|
|
|
|
|
|
if (SFC == CurrentStackFrame)
|
|
|
|
return Liveness.isLive(Loc, VR->getDecl());
|
|
|
|
else
|
|
|
|
return SFC->isParentOf(CurrentStackFrame);
|
2009-12-05 04:32:20 +08:00
|
|
|
}
|
|
|
|
|
2009-02-14 11:16:10 +08:00
|
|
|
SymbolVisitor::~SymbolVisitor() {}
|