clang: clang::ento::StoreManager Class Reference (original) (raw)
#include "[clang/StaticAnalyzer/Core/PathSensitive/Store.h](Store%5F8h%5Fsource.html)"
| Public Member Functions | |
|---|---|
| virtual | ~StoreManager ()=default |
| virtual SVal | getBinding (Store store, Loc loc, QualType T=QualType())=0 |
| Return the value bound to specified location in a given state. | |
| virtual std::optional< SVal > | getDefaultBinding (Store store, const MemRegion *R)=0 |
| Return the default value bound to a region in a given store. | |
| std::optional< SVal > | getDefaultBinding (nonloc::LazyCompoundVal lcv) |
| Return the default value bound to a LazyCompoundVal. | |
| virtual StoreRef | Bind (Store store, Loc loc, SVal val)=0 |
| Return a store with the specified value bound to the given location. | |
| virtual StoreRef | BindDefaultInitial (Store store, const MemRegion *R, SVal V)=0 |
| Return a store with the specified value bound to all sub-regions of the region. | |
| virtual StoreRef | BindDefaultZero (Store store, const MemRegion *R)=0 |
| Return a store with in which all values within the given region are reset to zero. | |
| virtual StoreRef | killBinding (Store ST, Loc L)=0 |
| Create a new store with the specified binding removed. | |
| virtual StoreRef | getInitialStore (const LocationContext *InitLoc)=0 |
| getInitialStore - Returns the initial "empty" store representing the value bindings upon entry to an analyzed function. | |
| MemRegionManager & | getRegionManager () |
| getRegionManager - Returns the internal RegionManager object that is used to query and manipulate MemRegion objects. | |
| SValBuilder & | getSValBuilder () |
| virtual Loc | getLValueVar (const VarDecl *VD, const LocationContext *LC) |
| Loc | getLValueCompoundLiteral (const CompoundLiteralExpr *CL, const LocationContext *LC) |
| virtual SVal | getLValueIvar (const ObjCIvarDecl *decl, SVal base) |
| virtual SVal | getLValueField (const FieldDecl *D, SVal Base) |
| virtual SVal | getLValueElement (QualType elementType, NonLoc offset, SVal Base) |
| virtual SVal | ArrayToPointer (Loc Array, QualType ElementTy)=0 |
| ArrayToPointer - Used by ExprEngine::VistCast to handle implicit conversions between arrays and pointers. | |
| SVal | evalDerivedToBase (SVal Derived, const CastExpr *Cast) |
| Evaluates a chain of derived-to-base casts through the path specified in Cast. | |
| SVal | evalDerivedToBase (SVal Derived, const CXXBasePath &CastPath) |
| Evaluates a chain of derived-to-base casts through the specified path. | |
| SVal | evalDerivedToBase (SVal Derived, QualType DerivedPtrType, bool IsVirtual) |
| Evaluates a derived-to-base cast through a single level of derivation. | |
| std::optional< SVal > | evalBaseToDerived (SVal Base, QualType DerivedPtrType) |
| Attempts to do a down cast. | |
| const ElementRegion * | GetElementZeroRegion (const SubRegion *R, QualType T) |
| std::optional< const MemRegion * > | castRegion (const MemRegion *region, QualType CastToTy) |
| castRegion - Used by ExprEngine::VisitCast to handle casts from a MemRegion* to a specific location type. | |
| virtual StoreRef | removeDeadBindings (Store store, const StackFrameContext *LCtx, SymbolReaper &SymReaper)=0 |
| virtual bool | includedInBindings (Store store, const MemRegion *region) const =0 |
| virtual void | incrementReferenceCount (Store store) |
| If the StoreManager supports it, increment the reference count of the specified Store object. | |
| virtual void | decrementReferenceCount (Store store) |
| If the StoreManager supports it, decrement the reference count of the specified Store object. | |
| virtual StoreRef | invalidateRegions (Store store, ArrayRef< SVal > Values, const Stmt *S, unsigned Count, const LocationContext *LCtx, const CallEvent *Call, InvalidatedSymbols &IS, RegionAndSymbolInvalidationTraits &ITraits, InvalidatedRegions *TopLevelRegions, InvalidatedRegions *Invalidated)=0 |
| invalidateRegions - Clears out the specified regions from the store, marking their values as unknown. | |
| StoreRef | enterStackFrame (Store store, const CallEvent &Call, const StackFrameContext *CalleeCtx) |
| enterStackFrame - Let the StoreManager to do something when execution engine is about to execute into a callee. | |
| virtual bool | scanReachableSymbols (Store S, const MemRegion *R, ScanReachableSymbols &Visitor)=0 |
| Finds the transitive closure of symbols within the given region. | |
| virtual void | printJson (raw_ostream &Out, Store S, const char *NL, unsigned int Space, bool IsDot) const =0 |
| virtual void | iterBindings (Store store, BindingsHandler &f)=0 |
| iterBindings - Iterate over the bindings in the Store. | |
| Protected Attributes | |
|---|---|
| SValBuilder & | svalBuilder |
| ProgramStateManager & | StateMgr |
| MemRegionManager & | MRMgr |
| MRMgr - Manages region objects associated with this StoreManager. | |
| ASTContext & | Ctx |
Definition at line 53 of file Store.h.
◆ InvalidatedRegions
◆ ~StoreManager()
| virtual clang::ento::StoreManager::~StoreManager ( ) | virtualdefault |
|---|
◆ ArrayToPointer()
| virtual SVal clang::ento::StoreManager::ArrayToPointer ( Loc Array, QualType ElementTy ) | pure virtual |
|---|
ArrayToPointer - Used by ExprEngine::VistCast to handle implicit conversions between arrays and pointers.
◆ Bind()
Return a store with the specified value bound to the given location.
Parameters
| [in] | store | The store in which to make the binding. |
|---|---|---|
| [in] | loc | The symbolic memory location. |
| [in] | val | The value to bind to location loc. |
Returns
A StoreRef object that contains the same bindings as store with the addition of having the value specified by val bound to the location given for loc.
◆ BindDefaultInitial()
Return a store with the specified value bound to all sub-regions of the region.
The region must not have previous bindings. If you need to invalidate existing bindings, consider invalidateRegions().
◆ BindDefaultZero()
Return a store with in which all values within the given region are reset to zero.
This method is allowed to overwrite previous bindings.
◆ castRegion()
castRegion - Used by ExprEngine::VisitCast to handle casts from a MemRegion* to a specific location type.
'R' is the region being casted and 'CastToTy' the result type of the cast.
Definition at line 74 of file Store.cpp.
References clang::ASTContext::CharTy, Ctx, clang::ento::ElementRegion::getAsArrayOffset(), clang::ASTContext::getCanonicalType(), clang::ento::ProgramStateManager::getContext(), clang::ento::MemRegion::getKind(), clang::QualType::getLocalUnqualifiedType(), clang::ento::RegionRawOffset::getOffset(), clang::Type::getPointeeType(), clang::CharUnits::getQuantity(), clang::ento::RegionRawOffset::getRegion(), clang::ASTContext::getTypeSizeInChars(), clang::Type::isBlockPointerType(), clang::ento::MemRegion::isBoundable(), clang::Type::isIncompleteType(), clang::Type::isObjCObjectPointerType(), clang::CharUnits::isZero(), MakeElementRegion(), StateMgr, clang::ento::MemRegion::StripCasts(), and clang::ASTContext::VoidTy.
Referenced by clang::ento::SValBuilder::getCastedMemRegionVal().
◆ decrementReferenceCount()
| virtual void clang::ento::StoreManager::decrementReferenceCount ( Store store) | inlinevirtual |
|---|
◆ enterStackFrame()
◆ evalBaseToDerived()
| std::optional< SVal > StoreManager::evalBaseToDerived | ( | SVal | Base, |
|---|---|---|---|
| QualType | DerivedPtrType | ||
| ) |
Attempts to do a down cast.
Used to model BaseToDerived and C++ dynamic_cast. The callback may result in the following 3 scenarios:
- Successful cast (ex: derived is subclass of base).
- Failed cast (ex: derived is definitely not a subclass of base). The distinction of this case from the next one is necessary to model dynamic_cast.
- We don't know (base is a symbolic region and we don't have enough info to determine if the cast will succeed at run time). The function returns an optional with SVal representing the derived class in case of a successful cast and
std::nulloptotherwise.
Definition at line 316 of file Store.cpp.
References evalDerivedToBase(), clang::Type::getAsCXXRecordDecl(), clang::ento::MemRegionManager::getCXXDerivedObjectRegion(), getCXXRecordType(), GetElementZeroRegion(), clang::Type::getPointeeCXXRecordDecl(), clang::Type::getPointeeType(), clang::CXXRecordDecl::isDerivedFrom(), clang::QualType::isNull(), clang::Type::isVoidType(), MRMgr, clang::ento::MemRegion::StripCasts(), and clang::T.
Referenced by clang::ento::CXXInstanceCall::getInitialStackFrameContents(), and clang::ento::ExprEngine::VisitCast().
◆ evalDerivedToBase() [1/3]
◆ evalDerivedToBase() [2/3]
◆ evalDerivedToBase() [3/3]
◆ getBinding()
Return the value bound to specified location in a given state.
Parameters
| [in] | store | The store in which to make the lookup. |
|---|---|---|
| [in] | loc | The symbolic memory location. |
| [in] | T | An optional type that provides a hint indicating the expected type of the returned value. This is used if the value is lazily computed. |
Returns
The value bound to the location loc.
Referenced by evalComparison().
◆ getDefaultBinding() [1/2]
Return the default value bound to a LazyCompoundVal.
The default binding is used to represent the value of any fields or elements within the structure represented by the LazyCompoundVal which were not initialized explicitly separately from the whole structure. Default binding may be an unknown, undefined, concrete, or symbolic value.
Parameters
| [in] | lcv | The lazy compound value. |
|---|
Returns
The default value bound to the LazyCompoundVal lcv, if a default binding exists.
Definition at line 97 of file Store.h.
References getDefaultBinding(), clang::ento::nonloc::LazyCompoundVal::getRegion(), and clang::ento::nonloc::LazyCompoundVal::getStore().
◆ getDefaultBinding() [2/2]
| virtual std::optional< SVal > clang::ento::StoreManager::getDefaultBinding ( Store store, const MemRegion * R ) | pure virtual |
|---|
Return the default value bound to a region in a given store.
The default binding is the value of sub-regions that were not initialized separately from their base region. For example, if the structure is zero-initialized upon construction, this method retrieves the concrete zero value, even if some or all fields were later overwritten manually. Default binding may be an unknown, undefined, concrete, or symbolic value.
Parameters
| [in] | store | The store in which to make the lookup. |
|---|---|---|
| [in] | R | The region to find the default binding for. |
Returns
The default value bound to the region in the store, if a default binding exists.
Referenced by getDefaultBinding(), and clang::ento::taint::getTaintedSymbolsImpl().
◆ GetElementZeroRegion()
◆ getInitialStore()
getInitialStore - Returns the initial "empty" store representing the value bindings upon entry to an analyzed function.
◆ getLValueCompoundLiteral()
◆ getLValueElement()
Definition at line 443 of file Store.cpp.
References clang::ento::SVal::castAs(), clang::ento::SValBuilder::convertToArrayIndex(), Ctx, clang::ento::SVal::getAs(), clang::ento::SValBuilder::getBasicValueFactory(), clang::QualType::getCanonicalType(), clang::ento::MemRegionManager::getElementRegion(), clang::Type::getPointeeType(), clang::QualType::isNull(), MRMgr, clang::ento::MemRegion::StripCasts(), and svalBuilder.
◆ getLValueField()
| virtual SVal clang::ento::StoreManager::getLValueField ( const FieldDecl * D, SVal Base ) | inlinevirtual |
|---|
◆ getLValueIvar()
◆ getLValueVar()
◆ getRegionManager()
getRegionManager - Returns the internal RegionManager object that is used to query and manipulate MemRegion objects.
Definition at line 131 of file Store.h.
References MRMgr.
◆ getSValBuilder()
| SValBuilder & clang::ento::StoreManager::getSValBuilder ( ) | inline |
|---|
◆ includedInBindings()
| virtual bool clang::ento::StoreManager::includedInBindings ( Store store, const MemRegion * region ) const | pure virtual |
|---|
◆ incrementReferenceCount()
| virtual void clang::ento::StoreManager::incrementReferenceCount ( Store store) | inlinevirtual |
|---|
◆ invalidateRegions()
invalidateRegions - Clears out the specified regions from the store, marking their values as unknown.
Depending on the store, this may also invalidate additional regions that may have changed based on accessing the given regions. If Call is non-null, then this also invalidates non-static globals (but if Call is from a system header, then this is limited to globals declared in system headers).
Instead of calling this method directly, you should probably use [ProgramState::invalidateRegions](classclang%5F1%5F1ento%5F1%5F1ProgramState.html#a4deab4527c1bea826bdceb2c30baeab9 "Returns the state with bindings for the given regions cleared from the store."), which calls this and then ensures that the relevant checker callbacks are triggered.
Parameters
| [in] | store | The initial store. |
|---|---|---|
| [in] | Values | The values to invalidate. |
| [in] | S | The current statement being evaluated. Used to conjure symbols to mark the values of invalidated regions. |
| [in] | Count | The current block count. Used to conjure symbols to mark the values of invalidated regions. |
| [in] | Call | The call expression which will be used to determine which globals should get invalidated. |
| [in,out] | IS | A set to fill with any symbols that are no longer accessible. Pass NULL if this information will not be used. |
| [in] | ITraits | Information about invalidation for a particular region/symbol. |
| [in,out] | InvalidatedTopLevel | A vector to fill with regions explicitly being invalidated. Pass NULL if this information will not be used. |
| [in,out] | Invalidated | A vector to fill with any regions being invalidated. This should include any regions explicitly invalidated even if they do not currently have bindings. Pass NULL if this information will not be used. |
◆ iterBindings()
| virtual void clang::ento::StoreManager::iterBindings ( Store store, BindingsHandler & f ) | pure virtual |
|---|
iterBindings - Iterate over the bindings in the Store.
◆ killBinding()
| virtual StoreRef clang::ento::StoreManager::killBinding ( Store ST, Loc L ) | pure virtual |
|---|
Create a new store with the specified binding removed.
Parameters
| ST | the original store, that is the basis for the new store. |
|---|---|
| L | the location whose binding should be removed. |
◆ MakeElementRegion()
◆ printJson()
| virtual void clang::ento::StoreManager::printJson ( raw_ostream & Out, Store S, const char * NL, unsigned int Space, bool IsDot ) const | pure virtual |
|---|
◆ removeDeadBindings()
◆ scanReachableSymbols()
◆ Ctx
◆ MRMgr
◆ StateMgr
◆ svalBuilder
The documentation for this class was generated from the following files: