[analyzer] Make the entries in 'Environment' context-sensitive by making entries map from

(Stmt*,LocationContext*) pairs to SVals instead of Stmt* to SVals.

This is needed to support basic IPA via inlining.  Without this, we cannot tell
if a Stmt* binding is part of the current analysis scope (StackFrameContext) or
part of a parent context.

This change introduces an uglification of the use of getSVal(), and thus takes
two steps forward and one step back.  There are also potential performance implications
of enlarging the Environment.  Both can be addressed going forward by refactoring the
APIs and optimizing the internal representation of Environment.  This patch
mainly introduces the functionality upon when we want to build upon (and clean up).

llvm-svn: 147688

1 files changed, 14 insertions, 10 deletions

diff --git a/clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
index dcc7ab95dc0..ea42da40673 100644
--- a/clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
+++ b/clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
@@ -100,7 +100,9 @@ private:
   static const ProgramState *MallocMemAux(CheckerContext &C, const CallExpr *CE,
                                      const Expr *SizeEx, SVal Init,
                                      const ProgramState *state) {
-    return MallocMemAux(C, CE, state->getSVal(SizeEx), Init, state);
+    return MallocMemAux(C, CE,
+                        state->getSVal(SizeEx, C.getLocationContext()),
+                        Init, state);
   }
   static const ProgramState *MallocMemAux(CheckerContext &C, const CallExpr *CE,
                                      SVal SizeEx, SVal Init,
@@ -230,7 +232,7 @@ const ProgramState *MallocChecker::MallocMemAux(CheckerContext &C,
   // Set the return value.
   SVal retVal = svalBuilder.getConjuredSymbolVal(NULL, CE,
                                                  CE->getType(), Count);
-  state = state->BindExpr(CE, retVal);
+  state = state->BindExpr(CE, C.getLocationContext(), retVal);
 
   // Fill the region with the initialization value.
   state = state->bindDefault(retVal, Init);
@@ -280,7 +282,7 @@ const ProgramState *MallocChecker::FreeMemAux(CheckerContext &C,
                                               unsigned Num,
                                               bool Hold) const {
   const Expr *ArgExpr = CE->getArg(Num);
-  SVal ArgVal = state->getSVal(ArgExpr);
+  SVal ArgVal = state->getSVal(ArgExpr, C.getLocationContext());
 
   DefinedOrUnknownSVal location = cast<DefinedOrUnknownSVal>(ArgVal);
 
@@ -501,8 +503,9 @@ void MallocChecker::ReportBadFree(CheckerContext &C, SVal ArgVal,
 void MallocChecker::ReallocMem(CheckerContext &C, const CallExpr *CE) const {
   const ProgramState *state = C.getState();
   const Expr *arg0Expr = CE->getArg(0);
+  const LocationContext *LCtx = C.getLocationContext();
   DefinedOrUnknownSVal arg0Val 
-    = cast<DefinedOrUnknownSVal>(state->getSVal(arg0Expr));
+    = cast<DefinedOrUnknownSVal>(state->getSVal(arg0Expr, LCtx));
 
   SValBuilder &svalBuilder = C.getSValBuilder();
 
@@ -516,7 +519,7 @@ void MallocChecker::ReallocMem(CheckerContext &C, const CallExpr *CE) const {
 
   // Get the value of the size argument.
   DefinedOrUnknownSVal Arg1Val = 
-    cast<DefinedOrUnknownSVal>(state->getSVal(Arg1));
+    cast<DefinedOrUnknownSVal>(state->getSVal(Arg1, LCtx));
 
   // Compare the size argument to 0.
   DefinedOrUnknownSVal SizeZero =
@@ -548,7 +551,8 @@ void MallocChecker::ReallocMem(CheckerContext &C, const CallExpr *CE) const {
           FreeMemAux(C, CE, stateSizeZero, 0, false)) {
 
         // Bind the return value to NULL because it is now free.
-        C.addTransition(stateFree->BindExpr(CE, svalBuilder.makeNull(), true));
+        C.addTransition(stateFree->BindExpr(CE, LCtx,
+                                            svalBuilder.makeNull(), true));
       }
     if (const ProgramState *stateSizeNotZero =
           stateNotEqual->assume(SizeZero,false))
@@ -565,9 +569,9 @@ void MallocChecker::ReallocMem(CheckerContext &C, const CallExpr *CE) const {
 void MallocChecker::CallocMem(CheckerContext &C, const CallExpr *CE) {
   const ProgramState *state = C.getState();
   SValBuilder &svalBuilder = C.getSValBuilder();
-
-  SVal count = state->getSVal(CE->getArg(0));
-  SVal elementSize = state->getSVal(CE->getArg(1));
+  const LocationContext *LCtx = C.getLocationContext();
+  SVal count = state->getSVal(CE->getArg(0), LCtx);
+  SVal elementSize = state->getSVal(CE->getArg(1), LCtx);
   SVal TotalSize = svalBuilder.evalBinOp(state, BO_Mul, count, elementSize,
                                         svalBuilder.getContext().getSizeType());  
   SVal zeroVal = svalBuilder.makeZeroVal(svalBuilder.getContext().CharTy);
@@ -638,7 +642,7 @@ void MallocChecker::checkPreStmt(const ReturnStmt *S, CheckerContext &C) const {
 
   const ProgramState *state = C.getState();
 
-  SymbolRef Sym = state->getSVal(retExpr).getAsSymbol();
+  SymbolRef Sym = state->getSVal(retExpr, C.getLocationContext()).getAsSymbol();
   if (!Sym)
     return;