1 //===- CallEvent.h - Wrapper for all function and method calls ----*- C++ -*--//
3 // The LLVM Compiler Infrastructure
5 // This file is distributed under the University of Illinois Open Source
6 // License. See LICENSE.TXT for details.
8 //===----------------------------------------------------------------------===//
10 /// \file This file defines CallEvent and its subclasses, which represent path-
11 /// sensitive instances of different kinds of function and method calls
12 /// (C, C++, and Objective-C).
14 //===----------------------------------------------------------------------===//
16 #ifndef LLVM_CLANG_STATICANALYZER_PATHSENSITIVE_CALL
17 #define LLVM_CLANG_STATICANALYZER_PATHSENSITIVE_CALL
19 #include "clang/Basic/SourceManager.h"
20 #include "clang/AST/DeclCXX.h"
21 #include "clang/AST/ExprCXX.h"
22 #include "clang/AST/ExprObjC.h"
23 #include "clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h"
24 #include "clang/StaticAnalyzer/Core/PathSensitive/SVals.h"
25 #include "llvm/ADT/PointerIntPair.h"
29 class ProgramPointTag;
36 CE_BEG_SIMPLE_CALLS = CE_Function,
37 CE_END_SIMPLE_CALLS = CE_Block,
41 CE_BEG_CXX_INSTANCE_CALLS = CE_CXXMember,
42 CE_END_CXX_INSTANCE_CALLS = CE_CXXDestructor,
45 CE_BEG_FUNCTION_CALLS = CE_Function,
46 CE_END_FUNCTION_CALLS = CE_CXXAllocator,
51 class CallEventManager;
53 template<typename T = CallEvent>
54 class CallEventRef : public IntrusiveRefCntPtr<const T> {
56 CallEventRef(const T *Call) : IntrusiveRefCntPtr<const T>(Call) {}
57 CallEventRef(const CallEventRef &Orig) : IntrusiveRefCntPtr<const T>(Orig) {}
59 CallEventRef<T> cloneWithState(ProgramStateRef State) const {
60 return this->getPtr()->template cloneWithState<T>(State);
63 // Allow implicit conversions to a superclass type, since CallEventRef
64 // behaves like a pointer-to-const.
65 template <typename SuperT>
66 operator CallEventRef<SuperT> () const {
67 return this->getPtr();
71 /// \brief Defines the runtime definition of the called function.
72 class RuntimeDefinition {
73 /// The Declaration of the function which will be called at runtime.
74 /// 0 if not available.
77 /// The region representing an object (ObjC/C++) on which the method is
78 /// called. With dynamic dispatch, the method definition depends on the
79 /// runtime type of this object. 0 when there is no dynamic dispatch.
83 RuntimeDefinition(): D(0), R(0) {}
84 RuntimeDefinition(const Decl *InD): D(InD), R(0) {}
85 RuntimeDefinition(const Decl *InD, const MemRegion *InR): D(InD), R(InR) {}
86 const Decl *getDecl() { return D; }
87 const MemRegion *getDispatchRegion() { return R; }
88 bool mayHaveOtherDefinitions() { return R != 0; }
91 /// \brief Represents an abstract call to a function or method along a
94 /// CallEvents are created through the factory methods of CallEventManager.
96 /// CallEvents should always be cheap to create and destroy. In order for
97 /// CallEventManager to be able to re-use CallEvent-sized memory blocks,
98 /// subclasses of CallEvent may not add any data members to the base class.
99 /// Use the "Data" and "Location" fields instead.
102 typedef CallEventKind Kind;
105 ProgramStateRef State;
106 const LocationContext *LCtx;
107 llvm::PointerUnion<const Expr *, const Decl *> Origin;
110 CallEvent &operator=(const CallEvent &);
113 // This is user data for subclasses.
116 // This is user data for subclasses.
117 // This should come right before RefCount, so that the two fields can be
118 // packed together on LP64 platforms.
119 SourceLocation Location;
122 mutable unsigned RefCount;
124 template <typename T> friend struct llvm::IntrusiveRefCntPtrInfo;
125 void Retain() const { ++RefCount; }
126 void Release() const;
129 friend class CallEventManager;
131 CallEvent(const Expr *E, ProgramStateRef state, const LocationContext *lctx)
132 : State(state), LCtx(lctx), Origin(E), RefCount(0) {}
134 CallEvent(const Decl *D, ProgramStateRef state, const LocationContext *lctx)
135 : State(state), LCtx(lctx), Origin(D), RefCount(0) {}
137 // DO NOT MAKE PUBLIC
138 CallEvent(const CallEvent &Original)
139 : State(Original.State), LCtx(Original.LCtx), Origin(Original.Origin),
140 Data(Original.Data), Location(Original.Location), RefCount(0) {}
143 ProgramStateRef getState() const {
147 const LocationContext *getLocationContext() const {
152 /// Copies this CallEvent, with vtable intact, into a new block of memory.
153 virtual void cloneTo(void *Dest) const = 0;
155 /// \brief Get the value of arbitrary expressions at this point in the path.
156 SVal getSVal(const Stmt *S) const {
157 return getState()->getSVal(S, getLocationContext());
161 typedef SmallVectorImpl<const MemRegion *> RegionList;
163 /// \brief Used to specify non-argument regions that will be invalidated as a
164 /// result of this call.
165 virtual void getExtraInvalidatedRegions(RegionList &Regions) const {}
167 virtual QualType getDeclaredResultType() const = 0;
170 virtual ~CallEvent() {}
172 /// \brief Returns the kind of call this is.
173 virtual Kind getKind() const = 0;
175 /// \brief Returns the declaration of the function or method that will be
176 /// called. May be null.
177 virtual const Decl *getDecl() const {
178 return Origin.dyn_cast<const Decl *>();
181 /// \brief Returns the definition of the function or method that will be
183 virtual RuntimeDefinition getRuntimeDefinition() const = 0;
185 /// \brief Returns the expression whose value will be the result of this call.
187 const Expr *getOriginExpr() const {
188 return Origin.dyn_cast<const Expr *>();
191 /// \brief Returns the number of arguments (explicit and implicit).
193 /// Note that this may be greater than the number of parameters in the
194 /// callee's declaration, and that it may include arguments not written in
196 virtual unsigned getNumArgs() const = 0;
198 /// \brief Returns true if the callee is known to be from a system header.
199 bool isInSystemHeader() const {
200 const Decl *D = getDecl();
204 SourceLocation Loc = D->getLocation();
206 const SourceManager &SM =
207 getState()->getStateManager().getContext().getSourceManager();
208 return SM.isInSystemHeader(D->getLocation());
211 // Special case for implicitly-declared global operator new/delete.
212 // These should be considered system functions.
213 if (const FunctionDecl *FD = dyn_cast<FunctionDecl>(D))
214 return FD->isOverloadedOperator() && FD->isImplicit() && FD->isGlobal();
219 /// \brief Returns a source range for the entire call, suitable for
220 /// outputting in diagnostics.
221 virtual SourceRange getSourceRange() const {
222 return getOriginExpr()->getSourceRange();
225 /// \brief Returns the value of a given argument at the time of the call.
226 virtual SVal getArgSVal(unsigned Index) const;
228 /// \brief Returns the expression associated with a given argument.
229 /// May be null if this expression does not appear in the source.
230 virtual const Expr *getArgExpr(unsigned Index) const { return 0; }
232 /// \brief Returns the source range for errors associated with this argument.
234 /// May be invalid if the argument is not written in the source.
235 virtual SourceRange getArgSourceRange(unsigned Index) const;
237 /// \brief Returns the result type, adjusted for references.
238 QualType getResultType() const;
240 /// \brief Returns true if any of the arguments appear to represent callbacks.
241 bool hasNonZeroCallbackArg() const;
243 /// \brief Returns true if any of the arguments are known to escape to long-
244 /// term storage, even if this method will not modify them.
245 // NOTE: The exact semantics of this are still being defined!
246 // We don't really want a list of hardcoded exceptions in the long run,
247 // but we don't want duplicated lists of known APIs in the short term either.
248 virtual bool argumentsMayEscape() const {
249 return hasNonZeroCallbackArg();
252 /// \brief Returns an appropriate ProgramPoint for this call.
253 ProgramPoint getProgramPoint(bool IsPreVisit = false,
254 const ProgramPointTag *Tag = 0) const;
256 /// \brief Returns a new state with all argument regions invalidated.
258 /// This accepts an alternate state in case some processing has already
260 ProgramStateRef invalidateRegions(unsigned BlockCount,
261 ProgramStateRef Orig = 0) const;
263 typedef std::pair<Loc, SVal> FrameBindingTy;
264 typedef SmallVectorImpl<FrameBindingTy> BindingsTy;
266 /// Populates the given SmallVector with the bindings in the callee's stack
267 /// frame at the start of this call.
268 virtual void getInitialStackFrameContents(const StackFrameContext *CalleeCtx,
269 BindingsTy &Bindings) const = 0;
271 /// Returns a copy of this CallEvent, but using the given state.
272 template <typename T>
273 CallEventRef<T> cloneWithState(ProgramStateRef NewState) const;
275 /// Returns a copy of this CallEvent, but using the given state.
276 CallEventRef<> cloneWithState(ProgramStateRef NewState) const {
277 return cloneWithState<CallEvent>(NewState);
280 /// \brief Returns true if this is a statement that can be considered for
283 /// FIXME: This should go away once CallEvents are cheap and easy to
284 /// construct from ExplodedNodes.
285 static bool mayBeInlined(const Stmt *S);
287 // Iterator access to formal parameters and their types.
289 typedef std::const_mem_fun_t<QualType, ParmVarDecl> get_type_fun;
292 typedef const ParmVarDecl * const *param_iterator;
294 /// Returns an iterator over the call's formal parameters.
296 /// If UseDefinitionParams is set, this will return the parameter decls
297 /// used in the callee's definition (suitable for inlining). Most of the
298 /// time it is better to use the decl found by name lookup, which likely
299 /// carries more annotations.
301 /// Remember that the number of formal parameters may not match the number
302 /// of arguments for all calls. However, the first parameter will always
303 /// correspond with the argument value returned by \c getArgSVal(0).
305 /// If the call has no accessible declaration (or definition, if
306 /// \p UseDefinitionParams is set), \c param_begin() will be equal to
308 virtual param_iterator param_begin() const =0;
309 /// \sa param_begin()
310 virtual param_iterator param_end() const = 0;
312 typedef llvm::mapped_iterator<param_iterator, get_type_fun>
315 /// Returns an iterator over the types of the call's formal parameters.
317 /// This uses the callee decl found by default name lookup rather than the
318 /// definition because it represents a public interface, and probably has
319 /// more annotations.
320 param_type_iterator param_type_begin() const {
321 return llvm::map_iterator(param_begin(),
322 get_type_fun(&ParmVarDecl::getType));
324 /// \sa param_type_begin()
325 param_type_iterator param_type_end() const {
326 return llvm::map_iterator(param_end(), get_type_fun(&ParmVarDecl::getType));
329 // For debugging purposes only
330 void dump(raw_ostream &Out) const;
331 LLVM_ATTRIBUTE_USED void dump() const;
333 static bool classof(const CallEvent *) { return true; }
337 /// \brief Represents a call to any sort of function that might have a
339 class AnyFunctionCall : public CallEvent {
341 AnyFunctionCall(const Expr *E, ProgramStateRef St,
342 const LocationContext *LCtx)
343 : CallEvent(E, St, LCtx) {}
344 AnyFunctionCall(const Decl *D, ProgramStateRef St,
345 const LocationContext *LCtx)
346 : CallEvent(D, St, LCtx) {}
347 AnyFunctionCall(const AnyFunctionCall &Other) : CallEvent(Other) {}
349 virtual QualType getDeclaredResultType() const;
352 // This function is overridden by subclasses, but they must return
354 virtual const FunctionDecl *getDecl() const {
355 return cast<FunctionDecl>(CallEvent::getDecl());
358 virtual RuntimeDefinition getRuntimeDefinition() const {
359 const FunctionDecl *FD = getDecl();
360 // Note that hasBody() will fill FD with the definition FunctionDecl.
361 if (FD && FD->hasBody(FD))
362 return RuntimeDefinition(FD);
363 return RuntimeDefinition();
366 virtual bool argumentsMayEscape() const;
368 virtual void getInitialStackFrameContents(const StackFrameContext *CalleeCtx,
369 BindingsTy &Bindings) const;
371 virtual param_iterator param_begin() const;
372 virtual param_iterator param_end() const;
374 static bool classof(const CallEvent *CA) {
375 return CA->getKind() >= CE_BEG_FUNCTION_CALLS &&
376 CA->getKind() <= CE_END_FUNCTION_CALLS;
380 /// \brief Represents a call to a non-C++ function, written as a CallExpr.
381 class SimpleCall : public AnyFunctionCall {
383 SimpleCall(const CallExpr *CE, ProgramStateRef St,
384 const LocationContext *LCtx)
385 : AnyFunctionCall(CE, St, LCtx) {}
386 SimpleCall(const SimpleCall &Other) : AnyFunctionCall(Other) {}
389 virtual const CallExpr *getOriginExpr() const {
390 return cast<CallExpr>(AnyFunctionCall::getOriginExpr());
393 virtual const FunctionDecl *getDecl() const;
395 virtual unsigned getNumArgs() const { return getOriginExpr()->getNumArgs(); }
397 virtual const Expr *getArgExpr(unsigned Index) const {
398 return getOriginExpr()->getArg(Index);
401 static bool classof(const CallEvent *CA) {
402 return CA->getKind() >= CE_BEG_SIMPLE_CALLS &&
403 CA->getKind() <= CE_END_SIMPLE_CALLS;
407 /// \brief Represents a C function or static C++ member function call.
409 /// Example: \c fun()
410 class FunctionCall : public SimpleCall {
411 friend class CallEventManager;
414 FunctionCall(const CallExpr *CE, ProgramStateRef St,
415 const LocationContext *LCtx)
416 : SimpleCall(CE, St, LCtx) {}
418 FunctionCall(const FunctionCall &Other) : SimpleCall(Other) {}
419 virtual void cloneTo(void *Dest) const { new (Dest) FunctionCall(*this); }
422 virtual Kind getKind() const { return CE_Function; }
424 static bool classof(const CallEvent *CA) {
425 return CA->getKind() == CE_Function;
429 /// \brief Represents a call to a block.
431 /// Example: <tt>^{ /* ... */ }()</tt>
432 class BlockCall : public SimpleCall {
433 friend class CallEventManager;
436 BlockCall(const CallExpr *CE, ProgramStateRef St,
437 const LocationContext *LCtx)
438 : SimpleCall(CE, St, LCtx) {}
440 BlockCall(const BlockCall &Other) : SimpleCall(Other) {}
441 virtual void cloneTo(void *Dest) const { new (Dest) BlockCall(*this); }
443 virtual void getExtraInvalidatedRegions(RegionList &Regions) const;
445 virtual QualType getDeclaredResultType() const;
448 /// \brief Returns the region associated with this instance of the block.
450 /// This may be NULL if the block's origin is unknown.
451 const BlockDataRegion *getBlockRegion() const;
453 /// \brief Gets the declaration of the block.
455 /// This is not an override of getDecl() because AnyFunctionCall has already
456 /// assumed that it's a FunctionDecl.
457 const BlockDecl *getBlockDecl() const {
458 const BlockDataRegion *BR = getBlockRegion();
461 return BR->getDecl();
464 virtual RuntimeDefinition getRuntimeDefinition() const {
465 return RuntimeDefinition(getBlockDecl());
468 virtual void getInitialStackFrameContents(const StackFrameContext *CalleeCtx,
469 BindingsTy &Bindings) const;
471 virtual param_iterator param_begin() const;
472 virtual param_iterator param_end() const;
474 virtual Kind getKind() const { return CE_Block; }
476 static bool classof(const CallEvent *CA) {
477 return CA->getKind() == CE_Block;
481 /// \brief Represents a non-static C++ member function call, no matter how
483 class CXXInstanceCall : public AnyFunctionCall {
485 virtual void getExtraInvalidatedRegions(RegionList &Regions) const;
487 CXXInstanceCall(const CallExpr *CE, ProgramStateRef St,
488 const LocationContext *LCtx)
489 : AnyFunctionCall(CE, St, LCtx) {}
490 CXXInstanceCall(const FunctionDecl *D, ProgramStateRef St,
491 const LocationContext *LCtx)
492 : AnyFunctionCall(D, St, LCtx) {}
495 CXXInstanceCall(const CXXInstanceCall &Other) : AnyFunctionCall(Other) {}
498 /// \brief Returns the expression representing the implicit 'this' object.
499 virtual const Expr *getCXXThisExpr() const { return 0; }
501 /// \brief Returns the value of the implicit 'this' object.
502 virtual SVal getCXXThisVal() const {
503 const Expr *Base = getCXXThisExpr();
504 // FIXME: This doesn't handle an overloaded ->* operator.
507 return getSVal(Base);
510 virtual const FunctionDecl *getDecl() const;
512 virtual RuntimeDefinition getRuntimeDefinition() const;
514 virtual void getInitialStackFrameContents(const StackFrameContext *CalleeCtx,
515 BindingsTy &Bindings) const;
517 static bool classof(const CallEvent *CA) {
518 return CA->getKind() >= CE_BEG_CXX_INSTANCE_CALLS &&
519 CA->getKind() <= CE_END_CXX_INSTANCE_CALLS;
523 /// \brief Represents a non-static C++ member function call.
525 /// Example: \c obj.fun()
526 class CXXMemberCall : public CXXInstanceCall {
527 friend class CallEventManager;
530 CXXMemberCall(const CXXMemberCallExpr *CE, ProgramStateRef St,
531 const LocationContext *LCtx)
532 : CXXInstanceCall(CE, St, LCtx) {}
534 CXXMemberCall(const CXXMemberCall &Other) : CXXInstanceCall(Other) {}
535 virtual void cloneTo(void *Dest) const { new (Dest) CXXMemberCall(*this); }
538 virtual const CXXMemberCallExpr *getOriginExpr() const {
539 return cast<CXXMemberCallExpr>(CXXInstanceCall::getOriginExpr());
542 virtual unsigned getNumArgs() const {
543 if (const CallExpr *CE = getOriginExpr())
544 return CE->getNumArgs();
548 virtual const Expr *getArgExpr(unsigned Index) const {
549 return getOriginExpr()->getArg(Index);
552 virtual const Expr *getCXXThisExpr() const;
554 virtual Kind getKind() const { return CE_CXXMember; }
556 static bool classof(const CallEvent *CA) {
557 return CA->getKind() == CE_CXXMember;
561 /// \brief Represents a C++ overloaded operator call where the operator is
562 /// implemented as a non-static member function.
564 /// Example: <tt>iter + 1</tt>
565 class CXXMemberOperatorCall : public CXXInstanceCall {
566 friend class CallEventManager;
569 CXXMemberOperatorCall(const CXXOperatorCallExpr *CE, ProgramStateRef St,
570 const LocationContext *LCtx)
571 : CXXInstanceCall(CE, St, LCtx) {}
573 CXXMemberOperatorCall(const CXXMemberOperatorCall &Other)
574 : CXXInstanceCall(Other) {}
575 virtual void cloneTo(void *Dest) const {
576 new (Dest) CXXMemberOperatorCall(*this);
580 virtual const CXXOperatorCallExpr *getOriginExpr() const {
581 return cast<CXXOperatorCallExpr>(CXXInstanceCall::getOriginExpr());
584 virtual unsigned getNumArgs() const {
585 return getOriginExpr()->getNumArgs() - 1;
587 virtual const Expr *getArgExpr(unsigned Index) const {
588 return getOriginExpr()->getArg(Index + 1);
591 virtual const Expr *getCXXThisExpr() const;
593 virtual Kind getKind() const { return CE_CXXMemberOperator; }
595 static bool classof(const CallEvent *CA) {
596 return CA->getKind() == CE_CXXMemberOperator;
600 /// \brief Represents an implicit call to a C++ destructor.
602 /// This can occur at the end of a scope (for automatic objects), at the end
603 /// of a full-expression (for temporaries), or as part of a delete.
604 class CXXDestructorCall : public CXXInstanceCall {
605 friend class CallEventManager;
608 /// Creates an implicit destructor.
610 /// \param DD The destructor that will be called.
611 /// \param Trigger The statement whose completion causes this destructor call.
612 /// \param Target The object region to be destructed.
613 /// \param St The path-sensitive state at this point in the program.
614 /// \param LCtx The location context at this point in the program.
615 CXXDestructorCall(const CXXDestructorDecl *DD, const Stmt *Trigger,
616 const MemRegion *Target, ProgramStateRef St,
617 const LocationContext *LCtx)
618 : CXXInstanceCall(DD, St, LCtx) {
620 Location = Trigger->getLocEnd();
623 CXXDestructorCall(const CXXDestructorCall &Other) : CXXInstanceCall(Other) {}
624 virtual void cloneTo(void *Dest) const { new (Dest) CXXDestructorCall(*this); }
627 virtual SourceRange getSourceRange() const { return Location; }
628 virtual unsigned getNumArgs() const { return 0; }
630 /// \brief Returns the value of the implicit 'this' object.
631 virtual SVal getCXXThisVal() const;
633 virtual Kind getKind() const { return CE_CXXDestructor; }
635 static bool classof(const CallEvent *CA) {
636 return CA->getKind() == CE_CXXDestructor;
640 /// \brief Represents a call to a C++ constructor.
643 class CXXConstructorCall : public AnyFunctionCall {
644 friend class CallEventManager;
647 /// Creates a constructor call.
649 /// \param CE The constructor expression as written in the source.
650 /// \param Target The region where the object should be constructed. If NULL,
651 /// a new symbolic region will be used.
652 /// \param St The path-sensitive state at this point in the program.
653 /// \param LCtx The location context at this point in the program.
654 CXXConstructorCall(const CXXConstructExpr *CE, const MemRegion *target,
655 ProgramStateRef St, const LocationContext *LCtx)
656 : AnyFunctionCall(CE, St, LCtx) {
660 CXXConstructorCall(const CXXConstructorCall &Other) : AnyFunctionCall(Other){}
661 virtual void cloneTo(void *Dest) const { new (Dest) CXXConstructorCall(*this); }
663 virtual void getExtraInvalidatedRegions(RegionList &Regions) const;
666 virtual const CXXConstructExpr *getOriginExpr() const {
667 return cast<CXXConstructExpr>(AnyFunctionCall::getOriginExpr());
670 virtual const CXXConstructorDecl *getDecl() const {
671 return getOriginExpr()->getConstructor();
674 virtual unsigned getNumArgs() const { return getOriginExpr()->getNumArgs(); }
676 virtual const Expr *getArgExpr(unsigned Index) const {
677 return getOriginExpr()->getArg(Index);
680 /// \brief Returns the value of the implicit 'this' object.
681 SVal getCXXThisVal() const;
683 virtual void getInitialStackFrameContents(const StackFrameContext *CalleeCtx,
684 BindingsTy &Bindings) const;
686 virtual Kind getKind() const { return CE_CXXConstructor; }
688 static bool classof(const CallEvent *CA) {
689 return CA->getKind() == CE_CXXConstructor;
693 /// \brief Represents the memory allocation call in a C++ new-expression.
695 /// This is a call to "operator new".
696 class CXXAllocatorCall : public AnyFunctionCall {
697 friend class CallEventManager;
700 CXXAllocatorCall(const CXXNewExpr *E, ProgramStateRef St,
701 const LocationContext *LCtx)
702 : AnyFunctionCall(E, St, LCtx) {}
704 CXXAllocatorCall(const CXXAllocatorCall &Other) : AnyFunctionCall(Other) {}
705 virtual void cloneTo(void *Dest) const { new (Dest) CXXAllocatorCall(*this); }
708 virtual const CXXNewExpr *getOriginExpr() const {
709 return cast<CXXNewExpr>(AnyFunctionCall::getOriginExpr());
712 virtual const FunctionDecl *getDecl() const {
713 return getOriginExpr()->getOperatorNew();
716 virtual unsigned getNumArgs() const {
717 return getOriginExpr()->getNumPlacementArgs() + 1;
720 virtual const Expr *getArgExpr(unsigned Index) const {
721 // The first argument of an allocator call is the size of the allocation.
724 return getOriginExpr()->getPlacementArg(Index - 1);
727 virtual Kind getKind() const { return CE_CXXAllocator; }
729 static bool classof(const CallEvent *CE) {
730 return CE->getKind() == CE_CXXAllocator;
734 /// \brief Represents the ways an Objective-C message send can occur.
736 // Note to maintainers: OCM_Message should always be last, since it does not
737 // need to fit in the Data field's low bits.
738 enum ObjCMessageKind {
744 /// \brief Represents any expression that calls an Objective-C method.
746 /// This includes all of the kinds listed in ObjCMessageKind.
747 class ObjCMethodCall : public CallEvent {
748 friend class CallEventManager;
750 const PseudoObjectExpr *getContainingPseudoObjectExpr() const;
753 ObjCMethodCall(const ObjCMessageExpr *Msg, ProgramStateRef St,
754 const LocationContext *LCtx)
755 : CallEvent(Msg, St, LCtx) {
759 ObjCMethodCall(const ObjCMethodCall &Other) : CallEvent(Other) {}
760 virtual void cloneTo(void *Dest) const { new (Dest) ObjCMethodCall(*this); }
762 virtual void getExtraInvalidatedRegions(RegionList &Regions) const;
764 virtual QualType getDeclaredResultType() const;
766 /// Check if the selector may have multiple definitions (may have overrides).
767 virtual bool canBeOverridenInSubclass(ObjCInterfaceDecl *IDecl,
771 virtual const ObjCMessageExpr *getOriginExpr() const {
772 return cast<ObjCMessageExpr>(CallEvent::getOriginExpr());
774 virtual const ObjCMethodDecl *getDecl() const {
775 return getOriginExpr()->getMethodDecl();
777 virtual unsigned getNumArgs() const {
778 return getOriginExpr()->getNumArgs();
780 virtual const Expr *getArgExpr(unsigned Index) const {
781 return getOriginExpr()->getArg(Index);
784 bool isInstanceMessage() const {
785 return getOriginExpr()->isInstanceMessage();
787 ObjCMethodFamily getMethodFamily() const {
788 return getOriginExpr()->getMethodFamily();
790 Selector getSelector() const {
791 return getOriginExpr()->getSelector();
794 virtual SourceRange getSourceRange() const;
796 /// \brief Returns the value of the receiver at the time of this call.
797 SVal getReceiverSVal() const;
799 /// \brief Get the interface for the receiver.
801 /// This works whether this is an instance message or a class message.
802 /// However, it currently just uses the static type of the receiver.
803 const ObjCInterfaceDecl *getReceiverInterface() const {
804 return getOriginExpr()->getReceiverInterface();
807 /// Returns how the message was written in the source (property access,
808 /// subscript, or explicit message send).
809 ObjCMessageKind getMessageKind() const;
811 /// Returns true if this property access or subscript is a setter (has the
812 /// form of an assignment).
813 bool isSetter() const {
814 switch (getMessageKind()) {
816 llvm_unreachable("This is not a pseudo-object access!");
817 case OCM_PropertyAccess:
818 return getNumArgs() > 0;
820 return getNumArgs() > 1;
822 llvm_unreachable("Unknown message kind");
825 virtual RuntimeDefinition getRuntimeDefinition() const;
827 virtual void getInitialStackFrameContents(const StackFrameContext *CalleeCtx,
828 BindingsTy &Bindings) const;
830 virtual param_iterator param_begin() const;
831 virtual param_iterator param_end() const;
833 virtual Kind getKind() const { return CE_ObjCMessage; }
835 static bool classof(const CallEvent *CA) {
836 return CA->getKind() == CE_ObjCMessage;
841 /// \brief Manages the lifetime of CallEvent objects.
843 /// CallEventManager provides a way to create arbitrary CallEvents "on the
844 /// stack" as if they were value objects by keeping a cache of CallEvent-sized
845 /// memory blocks. The CallEvents created by CallEventManager are only valid
846 /// for the lifetime of the OwnedCallEvent that holds them; right now these
847 /// objects cannot be copied and ownership cannot be transferred.
848 class CallEventManager {
849 friend class CallEvent;
851 llvm::BumpPtrAllocator &Alloc;
852 SmallVector<void *, 8> Cache;
854 void reclaim(const void *Memory) {
855 Cache.push_back(const_cast<void *>(Memory));
858 /// Returns memory that can be initialized as a CallEvent.
861 return Alloc.Allocate<FunctionCall>();
863 return Cache.pop_back_val();
866 template <typename T, typename Arg>
867 T *create(Arg A, ProgramStateRef St, const LocationContext *LCtx) {
868 return new (allocate()) T(A, St, LCtx);
871 template <typename T, typename Arg1, typename Arg2>
872 T *create(Arg1 A1, Arg2 A2, ProgramStateRef St, const LocationContext *LCtx) {
873 return new (allocate()) T(A1, A2, St, LCtx);
876 template <typename T, typename Arg1, typename Arg2, typename Arg3>
877 T *create(Arg1 A1, Arg2 A2, Arg3 A3, ProgramStateRef St,
878 const LocationContext *LCtx) {
879 return new (allocate()) T(A1, A2, A3, St, LCtx);
883 CallEventManager(llvm::BumpPtrAllocator &alloc) : Alloc(alloc) {}
887 getCaller(const StackFrameContext *CalleeCtx, ProgramStateRef State);
891 getSimpleCall(const CallExpr *E, ProgramStateRef State,
892 const LocationContext *LCtx);
894 CallEventRef<ObjCMethodCall>
895 getObjCMethodCall(const ObjCMessageExpr *E, ProgramStateRef State,
896 const LocationContext *LCtx) {
897 return create<ObjCMethodCall>(E, State, LCtx);
900 CallEventRef<CXXConstructorCall>
901 getCXXConstructorCall(const CXXConstructExpr *E, const MemRegion *Target,
902 ProgramStateRef State, const LocationContext *LCtx) {
903 return create<CXXConstructorCall>(E, Target, State, LCtx);
906 CallEventRef<CXXDestructorCall>
907 getCXXDestructorCall(const CXXDestructorDecl *DD, const Stmt *Trigger,
908 const MemRegion *Target, ProgramStateRef State,
909 const LocationContext *LCtx) {
910 return create<CXXDestructorCall>(DD, Trigger, Target, State, LCtx);
913 CallEventRef<CXXAllocatorCall>
914 getCXXAllocatorCall(const CXXNewExpr *E, ProgramStateRef State,
915 const LocationContext *LCtx) {
916 return create<CXXAllocatorCall>(E, State, LCtx);
921 template <typename T>
922 CallEventRef<T> CallEvent::cloneWithState(ProgramStateRef NewState) const {
923 assert(isa<T>(*this) && "Cloning to unrelated type");
924 assert(sizeof(T) == sizeof(CallEvent) && "Subclasses may not add fields");
926 if (NewState == State)
927 return cast<T>(this);
929 CallEventManager &Mgr = State->getStateManager().getCallEventManager();
930 T *Copy = static_cast<T *>(Mgr.allocate());
932 assert(Copy->getKind() == this->getKind() && "Bad copy");
934 Copy->State = NewState;
938 inline void CallEvent::Release() const {
939 assert(RefCount > 0 && "Reference count is already zero.");
945 CallEventManager &Mgr = State->getStateManager().getCallEventManager();
951 } // end namespace ento
952 } // end namespace clang
955 // Support isa<>, cast<>, and dyn_cast<> for CallEventRef.
956 template<class T> struct simplify_type< clang::ento::CallEventRef<T> > {
957 typedef const T *SimpleType;
960 getSimplifiedValue(const clang::ento::CallEventRef<T>& Val) {
projects / FreeBSD / FreeBSD.git / blob