const GRState *SimpleConstraintManager::AssumeAux(const GRState *state, NonLoc Cond, bool Assumption) { // We cannot reason about SymIntExpr and SymSymExpr. if (!canReasonAbout(Cond)) { // Just return the current state indicating that the path is feasible. // This may be an over-approximation of what is possible. return state; } BasicValueFactory &BasicVals = state->getBasicVals(); SymbolManager &SymMgr = state->getSymbolManager(); switch (Cond.getSubKind()) { default: assert(false && "'Assume' not implemented for this NonLoc"); case nonloc::SymbolValKind: { nonloc::SymbolVal& SV = cast<nonloc::SymbolVal>(Cond); SymbolRef sym = SV.getSymbol(); QualType T = SymMgr.getType(sym); const llvm::APSInt &zero = BasicVals.getValue(0, T); return Assumption ? AssumeSymNE(state, sym, zero) : AssumeSymEQ(state, sym, zero); } case nonloc::SymExprValKind: { nonloc::SymExprVal V = cast<nonloc::SymExprVal>(Cond); if (const SymIntExpr *SE = dyn_cast<SymIntExpr>(V.getSymbolicExpression())){ // FIXME: This is a hack. It silently converts the RHS integer to be // of the same type as on the left side. This should be removed once // we support truncation/extension of symbolic values. GRStateManager &StateMgr = state->getStateManager(); ASTContext &Ctx = StateMgr.getContext(); QualType LHSType = SE->getLHS()->getType(Ctx); BasicValueFactory &BasicVals = StateMgr.getBasicVals(); const llvm::APSInt &RHS = BasicVals.Convert(LHSType, SE->getRHS()); SymIntExpr SENew(SE->getLHS(), SE->getOpcode(), RHS, SE->getType(Ctx)); return AssumeSymInt(state, Assumption, &SENew); } // For all other symbolic expressions, over-approximate and consider // the constraint feasible. return state; } case nonloc::ConcreteIntKind: { bool b = cast<nonloc::ConcreteInt>(Cond).getValue() != 0; bool isFeasible = b ? Assumption : !Assumption; return isFeasible ? state : NULL; } case nonloc::LocAsIntegerKind: return AssumeAux(state, cast<nonloc::LocAsInteger>(Cond).getLoc(), Assumption); } // end switch }
const GRState* SimpleConstraintManager::AssumeAux(const GRState* St,NonLoc Cond, bool Assumption, bool& isFeasible) { // We cannot reason about SymIntExpr and SymSymExpr. if (!canReasonAbout(Cond)) { isFeasible = true; return St; } BasicValueFactory& BasicVals = StateMgr.getBasicVals(); SymbolManager& SymMgr = StateMgr.getSymbolManager(); switch (Cond.getSubKind()) { default: assert(false && "'Assume' not implemented for this NonLoc"); case nonloc::SymbolValKind: { nonloc::SymbolVal& SV = cast<nonloc::SymbolVal>(Cond); SymbolRef sym = SV.getSymbol(); QualType T = SymMgr.getType(sym); if (Assumption) return AssumeSymNE(St, sym, BasicVals.getValue(0, T), isFeasible); else return AssumeSymEQ(St, sym, BasicVals.getValue(0, T), isFeasible); } case nonloc::SymExprValKind: { nonloc::SymExprVal V = cast<nonloc::SymExprVal>(Cond); if (const SymIntExpr *SE = dyn_cast<SymIntExpr>(V.getSymbolicExpression())) return AssumeSymInt(St, Assumption, SE, isFeasible); isFeasible = true; return St; } case nonloc::ConcreteIntKind: { bool b = cast<nonloc::ConcreteInt>(Cond).getValue() != 0; isFeasible = b ? Assumption : !Assumption; return St; } case nonloc::LocAsIntegerKind: return AssumeAux(St, cast<nonloc::LocAsInteger>(Cond).getLoc(), Assumption, isFeasible); } // end switch }