include/clang/Checker/PathSensitive/Store.h

   1 //== Store.h - Interface for maps from Locations to Values ------*- C++ -*--==//
   2 //
   3 //                     The LLVM Compiler Infrastructure
   4 //
   5 // This file is distributed under the University of Illinois Open Source
   6 // License. See LICENSE.TXT for details.
   7 //
   8 //===----------------------------------------------------------------------===//
   9 //
  10 //  This file defined the types Store and StoreManager.
  11 //
  12 //===----------------------------------------------------------------------===//
  13
  14 #ifndef LLVM_CLANG_ANALYSIS_STORE_H
  15 #define LLVM_CLANG_ANALYSIS_STORE_H
  16
  17 #include "clang/Checker/PathSensitive/MemRegion.h"
  18 #include "clang/Checker/PathSensitive/SValBuilder.h"
  19 #include "llvm/ADT/DenseSet.h"
  20 #include "llvm/ADT/Optional.h"
  21
  22 namespace clang {
  23
  24 /// Store - This opaque type encapsulates an immutable mapping from
  25 ///  locations to values.  At a high-level, it represents the symbolic
  26 ///  memory model.  Different subclasses of StoreManager may choose
  27 ///  different types to represent the locations and values.
  28 typedef const void* Store;
  29
  30 class GRState;
  31 class GRStateManager;
  32 class Stmt;
  33 class Expr;
  34 class ObjCIvarDecl;
  35 class SubRegionMap;
  36 class StackFrameContext;
  37
  38 class StoreManager {
  39 protected:
  40   SValBuilder &svalBuilder;
  41   GRStateManager &StateMgr;
  42
  43   /// MRMgr - Manages region objects associated with this StoreManager.
  44   MemRegionManager &MRMgr;
  45   ASTContext &Ctx;
  46
  47   StoreManager(GRStateManager &stateMgr);
  48
  49 public:
  50   virtual ~StoreManager() {}
  51
  52   /// Return the value bound to specified location in a given state.
  53   /// \param[in] state The analysis state.
  54   /// \param[in] loc The symbolic memory location.
  55   /// \param[in] T An optional type that provides a hint indicating the
  56   ///   expected type of the returned value.  This is used if the value is
  57   ///   lazily computed.
  58   /// \return The value bound to the location \c loc.
  59   virtual SVal Retrieve(Store store, Loc loc, QualType T = QualType()) = 0;
  60
  61   /// Return a state with the specified value bound to the given location.
  62   /// \param[in] state The analysis state.
  63   /// \param[in] loc The symbolic memory location.
  64   /// \param[in] val The value to bind to location \c loc.
  65   /// \return A pointer to a GRState object that contains the same bindings as
  66   ///   \c state with the addition of having the value specified by \c val bound
  67   ///   to the location given for \c loc.
  68   virtual Store Bind(Store store, Loc loc, SVal val) = 0;
  69
  70   virtual Store BindDefault(Store store, const MemRegion *R, SVal V) {
  71     return store;
  72   }
  73
  74   virtual Store Remove(Store St, Loc L) = 0;
  75
  76   /// BindCompoundLiteral - Return the store that has the bindings currently
  77   ///  in 'store' plus the bindings for the CompoundLiteral.  'R' is the region
  78   ///  for the compound literal and 'BegInit' and 'EndInit' represent an
  79   ///  array of initializer values.
  80   virtual Store BindCompoundLiteral(Store store,
  81                                     const CompoundLiteralExpr* cl,
  82                                     const LocationContext *LC, SVal v) = 0;
  83
  84   /// getInitialStore - Returns the initial "empty" store representing the
  85   ///  value bindings upon entry to an analyzed function.
  86   virtual Store getInitialStore(const LocationContext *InitLoc) = 0;
  87
  88   /// getRegionManager - Returns the internal RegionManager object that is
  89   ///  used to query and manipulate MemRegion objects.
  90   MemRegionManager& getRegionManager() { return MRMgr; }
  91
  92   /// getSubRegionMap - Returns an opaque map object that clients can query
  93   ///  to get the subregions of a given MemRegion object.  It is the
  94   //   caller's responsibility to 'delete' the returned map.
  95   virtual SubRegionMap *getSubRegionMap(Store store) = 0;
  96
  97   virtual Loc getLValueVar(const VarDecl *VD, const LocationContext *LC) {
  98     return svalBuilder.makeLoc(MRMgr.getVarRegion(VD, LC));
  99   }
 100
 101   virtual Loc getLValueString(const StringLiteral* S) {
 102     return svalBuilder.makeLoc(MRMgr.getStringRegion(S));
 103   }
 104
 105   Loc getLValueCompoundLiteral(const CompoundLiteralExpr* CL,
 106                                const LocationContext *LC) {
 107     return loc::MemRegionVal(MRMgr.getCompoundLiteralRegion(CL, LC));
 108   }
 109
 110   virtual SVal getLValueIvar(const ObjCIvarDecl* decl, SVal base) {
 111     return getLValueFieldOrIvar(decl, base);
 112   }
 113
 114   virtual SVal getLValueField(const FieldDecl* D, SVal Base) {
 115     return getLValueFieldOrIvar(D, Base);
 116   }
 117
 118   virtual SVal getLValueElement(QualType elementType, NonLoc offset, SVal Base);
 119
 120   // FIXME: This should soon be eliminated altogether; clients should deal with
 121   // region extents directly.
 122   virtual DefinedOrUnknownSVal getSizeInElements(const GRState *state,
 123                                                  const MemRegion *region,
 124                                                  QualType EleTy) {
 125     return UnknownVal();
 126   }
 127
 128   /// ArrayToPointer - Used by GRExprEngine::VistCast to handle implicit
 129   ///  conversions between arrays and pointers.
 130   virtual SVal ArrayToPointer(Loc Array) = 0;
 131
 132   /// Evaluates DerivedToBase casts.
 133   virtual SVal evalDerivedToBase(SVal derived, QualType basePtrType) {
 134     return UnknownVal();
 135   }
 136
 137   class CastResult {
 138     const GRState *state;
 139     const MemRegion *region;
 140   public:
 141     const GRState *getState() const { return state; }
 142     const MemRegion* getRegion() const { return region; }
 143     CastResult(const GRState *s, const MemRegion* r = 0) : state(s), region(r){}
 144   };
 145
 146   const ElementRegion *GetElementZeroRegion(const MemRegion *R, QualType T);
 147
 148   /// CastRegion - Used by GRExprEngine::VisitCast to handle casts from
 149   ///  a MemRegion* to a specific location type.  'R' is the region being
 150   ///  casted and 'CastToTy' the result type of the cast.
 151   const MemRegion *CastRegion(const MemRegion *region, QualType CastToTy);
 152
 153
 154   /// evalBinOp - Perform pointer arithmetic.
 155   virtual SVal evalBinOp(BinaryOperator::Opcode Op,
 156                          Loc lhs, NonLoc rhs, QualType resultTy) {
 157     return UnknownVal();
 158   }
 159
 160   virtual Store RemoveDeadBindings(Store store, const StackFrameContext *LCtx,
 161                                    SymbolReaper& SymReaper,
 162                       llvm::SmallVectorImpl<const MemRegion*>& RegionRoots) = 0;
 163
 164   virtual Store BindDecl(Store store, const VarRegion *VR, SVal initVal) = 0;
 165
 166   virtual Store BindDeclWithNoInit(Store store, const VarRegion *VR) = 0;
 167
 168   typedef llvm::DenseSet<SymbolRef> InvalidatedSymbols;
 169   typedef llvm::SmallVector<const MemRegion *, 8> InvalidatedRegions;
 170
 171   /// InvalidateRegions - Clears out the specified regions from the store,
 172   ///  marking their values as unknown. Depending on the store, this may also
 173   ///  invalidate additional regions that may have changed based on accessing
 174   ///  the given regions. Optionally, invalidates non-static globals as well.
 175   /// \param[in] store The initial store
 176   /// \param[in] Begin A pointer to the first region to invalidate.
 177   /// \param[in] End A pointer just past the last region to invalidate.
 178   /// \param[in] E The current statement being evaluated. Used to conjure
 179   ///   symbols to mark the values of invalidated regions.
 180   /// \param[in] Count The current block count. Used to conjure
 181   ///   symbols to mark the values of invalidated regions.
 182   /// \param[in,out] IS A set to fill with any symbols that are no longer
 183   ///   accessible. Pass \c NULL if this information will not be used.
 184   /// \param[in] invalidateGlobals If \c true, any non-static global regions
 185   ///   are invalidated as well.
 186   /// \param[in,out] Regions A vector to fill with any regions being
 187   ///   invalidated. This should include any regions explicitly invalidated
 188   ///   even if they do not currently have bindings. Pass \c NULL if this
 189   ///   information will not be used.
 190   virtual Store InvalidateRegions(Store store,
 191                                   const MemRegion * const *Begin,
 192                                   const MemRegion * const *End,
 193                                   const Expr *E, unsigned Count,
 194                                   InvalidatedSymbols *IS,
 195                                   bool invalidateGlobals,
 196                                   InvalidatedRegions *Regions) = 0;
 197
 198   /// EnterStackFrame - Let the StoreManager to do something when execution
 199   /// engine is about to execute into a callee.
 200   virtual Store EnterStackFrame(const GRState *state,
 201                                 const StackFrameContext *frame);
 202
 203   virtual void print(Store store, llvm::raw_ostream& Out,
 204                      const char* nl, const char *sep) = 0;
 205
 206   class BindingsHandler {
 207   public:
 208     virtual ~BindingsHandler();
 209     virtual bool HandleBinding(StoreManager& SMgr, Store store,
 210                                const MemRegion *region, SVal val) = 0;
 211   };
 212
 213   /// iterBindings - Iterate over the bindings in the Store.
 214   virtual void iterBindings(Store store, BindingsHandler& f) = 0;
 215
 216 protected:
 217   const MemRegion *MakeElementRegion(const MemRegion *baseRegion,
 218                                      QualType pointeeTy, uint64_t index = 0);
 219
 220   /// CastRetrievedVal - Used by subclasses of StoreManager to implement
 221   ///  implicit casts that arise from loads from regions that are reinterpreted
 222   ///  as another region.
 223   SVal CastRetrievedVal(SVal val, const TypedRegion *region, QualType castTy,
 224                         bool performTestOnly = true);
 225
 226 private:
 227   SVal getLValueFieldOrIvar(const Decl* decl, SVal base);
 228 };
 229
 230 // FIXME: Do we still need this?
 231 /// SubRegionMap - An abstract interface that represents a queryable map
 232 ///  between MemRegion objects and their subregions.
 233 class SubRegionMap {
 234 public:
 235   virtual ~SubRegionMap() {}
 236
 237   class Visitor {
 238   public:
 239     virtual ~Visitor() {}
 240     virtual bool Visit(const MemRegion* Parent, const MemRegion* SubRegion) = 0;
 241   };
 242
 243   virtual bool iterSubRegions(const MemRegion *region, Visitor& V) const = 0;
 244 };
 245
 246 // FIXME: Do we need to pass GRStateManager anymore?
 247 StoreManager *CreateBasicStoreManager(GRStateManager& StMgr);
 248 StoreManager *CreateRegionStoreManager(GRStateManager& StMgr);
 249 StoreManager *CreateFieldsOnlyRegionStoreManager(GRStateManager& StMgr);
 250 StoreManager *CreateFlatStoreManager(GRStateManager &StMgr);
 251 } // end clang namespace
 252
 253 #endif