1 //== MemRegion.h - Abstract memory regions for static analysis --*- C++ -*--==//
2 //
3 // The LLVM Compiler Infrastructure
4 //
5 // This file is distributed under the University of Illinois Open Source
6 // License. See LICENSE.TXT for details.
7 //
8 //===----------------------------------------------------------------------===//
9 //
10 // This file defines MemRegion and its subclasses. MemRegion defines a
11 // partially-typed abstraction of memory useful for path-sensitive dataflow
12 // analyses.
13 //
14 //===----------------------------------------------------------------------===//
15
16 #ifndef LLVM_CLANG_STATICANALYZER_CORE_PATHSENSITIVE_MEMREGION_H
17 #define LLVM_CLANG_STATICANALYZER_CORE_PATHSENSITIVE_MEMREGION_H
18
19 #include "clang/AST/ASTContext.h"
20 #include "clang/AST/CharUnits.h"
21 #include "clang/AST/Decl.h"
22 #include "clang/AST/DeclCXX.h"
23 #include "clang/AST/ExprObjC.h"
24 #include "clang/Analysis/AnalysisContext.h"
25 #include "clang/Basic/LLVM.h"
26 #include "clang/StaticAnalyzer/Core/PathSensitive/SVals.h"
27 #include "llvm/ADT/FoldingSet.h"
28 #include "llvm/Support/Allocator.h"
29 #include "llvm/Support/ErrorHandling.h"
30 #include <string>
31
32 namespace clang {
33
34 class LocationContext;
35 class StackFrameContext;
36
37 namespace ento {
38
39 class CodeTextRegion;
40 class MemRegionManager;
41 class MemSpaceRegion;
42 class SValBuilder;
43 class SymbolicRegion;
44 class VarRegion;
45
46 /// Represent a region's offset within the top level base region.
47 class RegionOffset {
48 /// The base region.
49 const MemRegion *R;
50
51 /// The bit offset within the base region. Can be negative.
52 int64_t Offset;
53
54 public:
55 // We're using a const instead of an enumeration due to the size required;
56 // Visual Studio will only create enumerations of size int, not long long.
57 static const int64_t Symbolic = INT64_MAX;
58
RegionOffset()59 RegionOffset() : R(nullptr) {}
RegionOffset(const MemRegion * r,int64_t off)60 RegionOffset(const MemRegion *r, int64_t off) : R(r), Offset(off) {}
61
getRegion()62 const MemRegion *getRegion() const { return R; }
63
hasSymbolicOffset()64 bool hasSymbolicOffset() const { return Offset == Symbolic; }
65
getOffset()66 int64_t getOffset() const {
67 assert(!hasSymbolicOffset());
68 return Offset;
69 }
70
isValid()71 bool isValid() const { return R; }
72 };
73
74 //===----------------------------------------------------------------------===//
75 // Base region classes.
76 //===----------------------------------------------------------------------===//
77
78 /// MemRegion - The root abstract class for all memory regions.
79 class MemRegion : public llvm::FoldingSetNode {
80 public:
81 enum Kind {
82 #define REGION(Id, Parent) Id ## Kind,
83 #define REGION_RANGE(Id, First, Last) BEGIN_##Id = First, END_##Id = Last,
84 #include "clang/StaticAnalyzer/Core/PathSensitive/Regions.def"
85 };
86
87 private:
88 const Kind kind;
89
90 protected:
MemRegion(Kind k)91 MemRegion(Kind k) : kind(k) {}
92 virtual ~MemRegion();
93
94 public:
95 ASTContext &getContext() const;
96
97 virtual void Profile(llvm::FoldingSetNodeID& ID) const = 0;
98
99 virtual MemRegionManager* getMemRegionManager() const = 0;
100
101 const MemSpaceRegion *getMemorySpace() const;
102
103 const MemRegion *getBaseRegion() const;
104
105 /// Check if the region is a subregion of the given region.
106 virtual bool isSubRegionOf(const MemRegion *R) const;
107
108 const MemRegion *StripCasts(bool StripBaseCasts = true) const;
109
110 /// \brief If this is a symbolic region, returns the region. Otherwise,
111 /// goes up the base chain looking for the first symbolic base region.
112 const SymbolicRegion *getSymbolicBase() const;
113
114 bool hasGlobalsOrParametersStorage() const;
115
116 bool hasStackStorage() const;
117
118 bool hasStackNonParametersStorage() const;
119
120 bool hasStackParametersStorage() const;
121
122 /// Compute the offset within the top level memory object.
123 RegionOffset getAsOffset() const;
124
125 /// \brief Get a string representation of a region for debug use.
126 std::string getString() const;
127
128 virtual void dumpToStream(raw_ostream &os) const;
129
130 void dump() const;
131
132 /// \brief Returns true if this region can be printed in a user-friendly way.
133 virtual bool canPrintPretty() const;
134
135 /// \brief Print the region for use in diagnostics.
136 virtual void printPretty(raw_ostream &os) const;
137
138 /// \brief Returns true if this region's textual representation can be used
139 /// as part of a larger expression.
140 virtual bool canPrintPrettyAsExpr() const;
141
142 /// \brief Print the region as expression.
143 ///
144 /// When this region represents a subexpression, the method is for printing
145 /// an expression containing it.
146 virtual void printPrettyAsExpr(raw_ostream &os) const;
147
getKind()148 Kind getKind() const { return kind; }
149
150 template<typename RegionTy> const RegionTy* getAs() const;
151
isBoundable()152 virtual bool isBoundable() const { return false; }
153
154
155 /// Get descriptive name for memory region. The name is obtained from
156 /// the variable/field declaration retrieved from the memory region.
157 /// Regions that point to an element of an array are returned as: "arr[0]".
158 /// Regions that point to a struct are returned as: "st.var".
159 //
160 /// \param UseQuotes Set if the name should be quoted.
161 ///
162 /// \returns variable name for memory region
163 std::string getDescriptiveName(bool UseQuotes = true) const;
164
165
166 /// Retrieve source range from memory region. The range retrieval
167 /// is based on the decl obtained from the memory region.
168 /// For a VarRegion the range of the base region is returned.
169 /// For a FieldRegion the range of the field is returned.
170 /// If no declaration is found, an empty source range is returned.
171 /// The client is responsible for checking if the returned range is valid.
172 ///
173 /// \returns source range for declaration retrieved from memory region
174 clang::SourceRange sourceRange() const;
175 };
176
177 /// MemSpaceRegion - A memory region that represents a "memory space";
178 /// for example, the set of global variables, the stack frame, etc.
179 class MemSpaceRegion : public MemRegion {
180 protected:
181 MemRegionManager *Mgr;
182
MemSpaceRegion(MemRegionManager * mgr,Kind k)183 MemSpaceRegion(MemRegionManager *mgr, Kind k) : MemRegion(k), Mgr(mgr) {
184 assert(classof(this));
185 }
186
getMemRegionManager()187 MemRegionManager* getMemRegionManager() const override { return Mgr; }
188
189 public:
isBoundable()190 bool isBoundable() const override { return false; }
191
192 void Profile(llvm::FoldingSetNodeID &ID) const override;
193
classof(const MemRegion * R)194 static bool classof(const MemRegion *R) {
195 Kind k = R->getKind();
196 return k >= BEGIN_MEMSPACES && k <= END_MEMSPACES;
197 }
198 };
199
200 /// CodeSpaceRegion - The memory space that holds the executable code of
201 /// functions and blocks.
202 class CodeSpaceRegion : public MemSpaceRegion {
203 friend class MemRegionManager;
204
CodeSpaceRegion(MemRegionManager * mgr)205 CodeSpaceRegion(MemRegionManager *mgr)
206 : MemSpaceRegion(mgr, CodeSpaceRegionKind) {}
207
208 public:
209 void dumpToStream(raw_ostream &os) const override;
210
classof(const MemRegion * R)211 static bool classof(const MemRegion *R) {
212 return R->getKind() == CodeSpaceRegionKind;
213 }
214 };
215
216 class GlobalsSpaceRegion : public MemSpaceRegion {
217 virtual void anchor();
218 protected:
GlobalsSpaceRegion(MemRegionManager * mgr,Kind k)219 GlobalsSpaceRegion(MemRegionManager *mgr, Kind k)
220 : MemSpaceRegion(mgr, k) {}
221 public:
classof(const MemRegion * R)222 static bool classof(const MemRegion *R) {
223 Kind k = R->getKind();
224 return k >= BEGIN_GLOBAL_MEMSPACES && k <= END_GLOBAL_MEMSPACES;
225 }
226 };
227
228 /// \brief The region of the static variables within the current CodeTextRegion
229 /// scope.
230 ///
231 /// Currently, only the static locals are placed there, so we know that these
232 /// variables do not get invalidated by calls to other functions.
233 class StaticGlobalSpaceRegion : public GlobalsSpaceRegion {
234 friend class MemRegionManager;
235
236 const CodeTextRegion *CR;
237
StaticGlobalSpaceRegion(MemRegionManager * mgr,const CodeTextRegion * cr)238 StaticGlobalSpaceRegion(MemRegionManager *mgr, const CodeTextRegion *cr)
239 : GlobalsSpaceRegion(mgr, StaticGlobalSpaceRegionKind), CR(cr) {}
240
241 public:
242 void Profile(llvm::FoldingSetNodeID &ID) const override;
243
244 void dumpToStream(raw_ostream &os) const override;
245
getCodeRegion()246 const CodeTextRegion *getCodeRegion() const { return CR; }
247
classof(const MemRegion * R)248 static bool classof(const MemRegion *R) {
249 return R->getKind() == StaticGlobalSpaceRegionKind;
250 }
251 };
252
253 /// \brief The region for all the non-static global variables.
254 ///
255 /// This class is further split into subclasses for efficient implementation of
256 /// invalidating a set of related global values as is done in
257 /// RegionStoreManager::invalidateRegions (instead of finding all the dependent
258 /// globals, we invalidate the whole parent region).
259 class NonStaticGlobalSpaceRegion : public GlobalsSpaceRegion {
260 protected:
NonStaticGlobalSpaceRegion(MemRegionManager * mgr,Kind k)261 NonStaticGlobalSpaceRegion(MemRegionManager *mgr, Kind k)
262 : GlobalsSpaceRegion(mgr, k) {}
263
264 public:
265
classof(const MemRegion * R)266 static bool classof(const MemRegion *R) {
267 Kind k = R->getKind();
268 return k >= BEGIN_NON_STATIC_GLOBAL_MEMSPACES &&
269 k <= END_NON_STATIC_GLOBAL_MEMSPACES;
270 }
271 };
272
273 /// \brief The region containing globals which are defined in system/external
274 /// headers and are considered modifiable by system calls (ex: errno).
275 class GlobalSystemSpaceRegion : public NonStaticGlobalSpaceRegion {
276 friend class MemRegionManager;
277
GlobalSystemSpaceRegion(MemRegionManager * mgr)278 GlobalSystemSpaceRegion(MemRegionManager *mgr)
279 : NonStaticGlobalSpaceRegion(mgr, GlobalSystemSpaceRegionKind) {}
280
281 public:
282
283 void dumpToStream(raw_ostream &os) const override;
284
classof(const MemRegion * R)285 static bool classof(const MemRegion *R) {
286 return R->getKind() == GlobalSystemSpaceRegionKind;
287 }
288 };
289
290 /// \brief The region containing globals which are considered not to be modified
291 /// or point to data which could be modified as a result of a function call
292 /// (system or internal). Ex: Const global scalars would be modeled as part of
293 /// this region. This region also includes most system globals since they have
294 /// low chance of being modified.
295 class GlobalImmutableSpaceRegion : public NonStaticGlobalSpaceRegion {
296 friend class MemRegionManager;
297
GlobalImmutableSpaceRegion(MemRegionManager * mgr)298 GlobalImmutableSpaceRegion(MemRegionManager *mgr)
299 : NonStaticGlobalSpaceRegion(mgr, GlobalImmutableSpaceRegionKind) {}
300
301 public:
302
303 void dumpToStream(raw_ostream &os) const override;
304
classof(const MemRegion * R)305 static bool classof(const MemRegion *R) {
306 return R->getKind() == GlobalImmutableSpaceRegionKind;
307 }
308 };
309
310 /// \brief The region containing globals which can be modified by calls to
311 /// "internally" defined functions - (for now just) functions other then system
312 /// calls.
313 class GlobalInternalSpaceRegion : public NonStaticGlobalSpaceRegion {
314 friend class MemRegionManager;
315
GlobalInternalSpaceRegion(MemRegionManager * mgr)316 GlobalInternalSpaceRegion(MemRegionManager *mgr)
317 : NonStaticGlobalSpaceRegion(mgr, GlobalInternalSpaceRegionKind) {}
318
319 public:
320
321 void dumpToStream(raw_ostream &os) const override;
322
classof(const MemRegion * R)323 static bool classof(const MemRegion *R) {
324 return R->getKind() == GlobalInternalSpaceRegionKind;
325 }
326 };
327
328 class HeapSpaceRegion : public MemSpaceRegion {
329 virtual void anchor();
330 friend class MemRegionManager;
331
HeapSpaceRegion(MemRegionManager * mgr)332 HeapSpaceRegion(MemRegionManager *mgr)
333 : MemSpaceRegion(mgr, HeapSpaceRegionKind) {}
334 public:
335
336 void dumpToStream(raw_ostream &os) const override;
337
classof(const MemRegion * R)338 static bool classof(const MemRegion *R) {
339 return R->getKind() == HeapSpaceRegionKind;
340 }
341 };
342
343 class UnknownSpaceRegion : public MemSpaceRegion {
344 virtual void anchor();
345 friend class MemRegionManager;
UnknownSpaceRegion(MemRegionManager * mgr)346 UnknownSpaceRegion(MemRegionManager *mgr)
347 : MemSpaceRegion(mgr, UnknownSpaceRegionKind) {}
348 public:
349
350 void dumpToStream(raw_ostream &os) const override;
351
classof(const MemRegion * R)352 static bool classof(const MemRegion *R) {
353 return R->getKind() == UnknownSpaceRegionKind;
354 }
355 };
356
357 class StackSpaceRegion : public MemSpaceRegion {
358 private:
359 const StackFrameContext *SFC;
360
361 protected:
StackSpaceRegion(MemRegionManager * mgr,Kind k,const StackFrameContext * sfc)362 StackSpaceRegion(MemRegionManager *mgr, Kind k, const StackFrameContext *sfc)
363 : MemSpaceRegion(mgr, k), SFC(sfc) {
364 assert(classof(this));
365 }
366
367 public:
getStackFrame()368 const StackFrameContext *getStackFrame() const { return SFC; }
369
370 void Profile(llvm::FoldingSetNodeID &ID) const override;
371
classof(const MemRegion * R)372 static bool classof(const MemRegion *R) {
373 Kind k = R->getKind();
374 return k >= BEGIN_STACK_MEMSPACES && k <= END_STACK_MEMSPACES;
375 }
376 };
377
378 class StackLocalsSpaceRegion : public StackSpaceRegion {
379 virtual void anchor();
380 friend class MemRegionManager;
StackLocalsSpaceRegion(MemRegionManager * mgr,const StackFrameContext * sfc)381 StackLocalsSpaceRegion(MemRegionManager *mgr, const StackFrameContext *sfc)
382 : StackSpaceRegion(mgr, StackLocalsSpaceRegionKind, sfc) {}
383 public:
384
385 void dumpToStream(raw_ostream &os) const override;
386
classof(const MemRegion * R)387 static bool classof(const MemRegion *R) {
388 return R->getKind() == StackLocalsSpaceRegionKind;
389 }
390 };
391
392 class StackArgumentsSpaceRegion : public StackSpaceRegion {
393 private:
394 virtual void anchor();
395 friend class MemRegionManager;
StackArgumentsSpaceRegion(MemRegionManager * mgr,const StackFrameContext * sfc)396 StackArgumentsSpaceRegion(MemRegionManager *mgr, const StackFrameContext *sfc)
397 : StackSpaceRegion(mgr, StackArgumentsSpaceRegionKind, sfc) {}
398 public:
399
400 void dumpToStream(raw_ostream &os) const override;
401
classof(const MemRegion * R)402 static bool classof(const MemRegion *R) {
403 return R->getKind() == StackArgumentsSpaceRegionKind;
404 }
405 };
406
407
408 /// SubRegion - A region that subsets another larger region. Most regions
409 /// are subclasses of SubRegion.
410 class SubRegion : public MemRegion {
411 private:
412 virtual void anchor();
413 protected:
414 const MemRegion* superRegion;
SubRegion(const MemRegion * sReg,Kind k)415 SubRegion(const MemRegion* sReg, Kind k) : MemRegion(k), superRegion(sReg) {}
416 public:
getSuperRegion()417 const MemRegion* getSuperRegion() const {
418 return superRegion;
419 }
420
421 /// getExtent - Returns the size of the region in bytes.
getExtent(SValBuilder & svalBuilder)422 virtual DefinedOrUnknownSVal getExtent(SValBuilder &svalBuilder) const {
423 return UnknownVal();
424 }
425
426 MemRegionManager* getMemRegionManager() const override;
427
428 bool isSubRegionOf(const MemRegion* R) const override;
429
classof(const MemRegion * R)430 static bool classof(const MemRegion* R) {
431 return R->getKind() > END_MEMSPACES;
432 }
433 };
434
435 //===----------------------------------------------------------------------===//
436 // MemRegion subclasses.
437 //===----------------------------------------------------------------------===//
438
439 /// AllocaRegion - A region that represents an untyped blob of bytes created
440 /// by a call to 'alloca'.
441 class AllocaRegion : public SubRegion {
442 friend class MemRegionManager;
443 protected:
444 unsigned Cnt; // Block counter. Used to distinguish different pieces of
445 // memory allocated by alloca at the same call site.
446 const Expr *Ex;
447
AllocaRegion(const Expr * ex,unsigned cnt,const MemRegion * superRegion)448 AllocaRegion(const Expr *ex, unsigned cnt, const MemRegion *superRegion)
449 : SubRegion(superRegion, AllocaRegionKind), Cnt(cnt), Ex(ex) {}
450
451 public:
452
getExpr()453 const Expr *getExpr() const { return Ex; }
454
isBoundable()455 bool isBoundable() const override { return true; }
456
457 DefinedOrUnknownSVal getExtent(SValBuilder &svalBuilder) const override;
458
459 void Profile(llvm::FoldingSetNodeID& ID) const override;
460
461 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const Expr *Ex,
462 unsigned Cnt, const MemRegion *superRegion);
463
464 void dumpToStream(raw_ostream &os) const override;
465
classof(const MemRegion * R)466 static bool classof(const MemRegion* R) {
467 return R->getKind() == AllocaRegionKind;
468 }
469 };
470
471 /// TypedRegion - An abstract class representing regions that are typed.
472 class TypedRegion : public SubRegion {
473 public:
474 void anchor() override;
475 protected:
TypedRegion(const MemRegion * sReg,Kind k)476 TypedRegion(const MemRegion* sReg, Kind k) : SubRegion(sReg, k) {}
477
478 public:
479 virtual QualType getLocationType() const = 0;
480
getDesugaredLocationType(ASTContext & Context)481 QualType getDesugaredLocationType(ASTContext &Context) const {
482 return getLocationType().getDesugaredType(Context);
483 }
484
isBoundable()485 bool isBoundable() const override { return true; }
486
classof(const MemRegion * R)487 static bool classof(const MemRegion* R) {
488 unsigned k = R->getKind();
489 return k >= BEGIN_TYPED_REGIONS && k <= END_TYPED_REGIONS;
490 }
491 };
492
493 /// TypedValueRegion - An abstract class representing regions having a typed value.
494 class TypedValueRegion : public TypedRegion {
495 public:
496 void anchor() override;
497 protected:
TypedValueRegion(const MemRegion * sReg,Kind k)498 TypedValueRegion(const MemRegion* sReg, Kind k) : TypedRegion(sReg, k) {}
499
500 public:
501 virtual QualType getValueType() const = 0;
502
getLocationType()503 QualType getLocationType() const override {
504 // FIXME: We can possibly optimize this later to cache this value.
505 QualType T = getValueType();
506 ASTContext &ctx = getContext();
507 if (T->getAs<ObjCObjectType>())
508 return ctx.getObjCObjectPointerType(T);
509 return ctx.getPointerType(getValueType());
510 }
511
getDesugaredValueType(ASTContext & Context)512 QualType getDesugaredValueType(ASTContext &Context) const {
513 QualType T = getValueType();
514 return T.getTypePtrOrNull() ? T.getDesugaredType(Context) : T;
515 }
516
517 DefinedOrUnknownSVal getExtent(SValBuilder &svalBuilder) const override;
518
classof(const MemRegion * R)519 static bool classof(const MemRegion* R) {
520 unsigned k = R->getKind();
521 return k >= BEGIN_TYPED_VALUE_REGIONS && k <= END_TYPED_VALUE_REGIONS;
522 }
523 };
524
525
526 class CodeTextRegion : public TypedRegion {
527 public:
528 void anchor() override;
529 protected:
CodeTextRegion(const MemRegion * sreg,Kind k)530 CodeTextRegion(const MemRegion *sreg, Kind k) : TypedRegion(sreg, k) {}
531 public:
isBoundable()532 bool isBoundable() const override { return false; }
533
classof(const MemRegion * R)534 static bool classof(const MemRegion* R) {
535 Kind k = R->getKind();
536 return k >= BEGIN_CODE_TEXT_REGIONS && k <= END_CODE_TEXT_REGIONS;
537 }
538 };
539
540 /// FunctionCodeRegion - A region that represents code texts of function.
541 class FunctionCodeRegion : public CodeTextRegion {
542 const NamedDecl *FD;
543 public:
FunctionCodeRegion(const NamedDecl * fd,const MemRegion * sreg)544 FunctionCodeRegion(const NamedDecl *fd, const MemRegion* sreg)
545 : CodeTextRegion(sreg, FunctionCodeRegionKind), FD(fd) {
546 assert(isa<ObjCMethodDecl>(fd) || isa<FunctionDecl>(fd));
547 }
548
getLocationType()549 QualType getLocationType() const override {
550 const ASTContext &Ctx = getContext();
551 if (const FunctionDecl *D = dyn_cast<FunctionDecl>(FD)) {
552 return Ctx.getPointerType(D->getType());
553 }
554
555 assert(isa<ObjCMethodDecl>(FD));
556 assert(false && "Getting the type of ObjCMethod is not supported yet");
557
558 // TODO: We might want to return a different type here (ex: id (*ty)(...))
559 // depending on how it is used.
560 return QualType();
561 }
562
getDecl()563 const NamedDecl *getDecl() const {
564 return FD;
565 }
566
567 void dumpToStream(raw_ostream &os) const override;
568
569 void Profile(llvm::FoldingSetNodeID& ID) const override;
570
571 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const NamedDecl *FD,
572 const MemRegion*);
573
classof(const MemRegion * R)574 static bool classof(const MemRegion* R) {
575 return R->getKind() == FunctionCodeRegionKind;
576 }
577 };
578
579
580 /// BlockCodeRegion - A region that represents code texts of blocks (closures).
581 /// Blocks are represented with two kinds of regions. BlockCodeRegions
582 /// represent the "code", while BlockDataRegions represent instances of blocks,
583 /// which correspond to "code+data". The distinction is important, because
584 /// like a closure a block captures the values of externally referenced
585 /// variables.
586 class BlockCodeRegion : public CodeTextRegion {
587 friend class MemRegionManager;
588
589 const BlockDecl *BD;
590 AnalysisDeclContext *AC;
591 CanQualType locTy;
592
BlockCodeRegion(const BlockDecl * bd,CanQualType lTy,AnalysisDeclContext * ac,const MemRegion * sreg)593 BlockCodeRegion(const BlockDecl *bd, CanQualType lTy,
594 AnalysisDeclContext *ac, const MemRegion* sreg)
595 : CodeTextRegion(sreg, BlockCodeRegionKind), BD(bd), AC(ac), locTy(lTy) {}
596
597 public:
getLocationType()598 QualType getLocationType() const override {
599 return locTy;
600 }
601
getDecl()602 const BlockDecl *getDecl() const {
603 return BD;
604 }
605
getAnalysisDeclContext()606 AnalysisDeclContext *getAnalysisDeclContext() const { return AC; }
607
608 void dumpToStream(raw_ostream &os) const override;
609
610 void Profile(llvm::FoldingSetNodeID& ID) const override;
611
612 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const BlockDecl *BD,
613 CanQualType, const AnalysisDeclContext*,
614 const MemRegion*);
615
classof(const MemRegion * R)616 static bool classof(const MemRegion* R) {
617 return R->getKind() == BlockCodeRegionKind;
618 }
619 };
620
621 /// BlockDataRegion - A region that represents a block instance.
622 /// Blocks are represented with two kinds of regions. BlockCodeRegions
623 /// represent the "code", while BlockDataRegions represent instances of blocks,
624 /// which correspond to "code+data". The distinction is important, because
625 /// like a closure a block captures the values of externally referenced
626 /// variables.
627 class BlockDataRegion : public TypedRegion {
628 friend class MemRegionManager;
629 const BlockCodeRegion *BC;
630 const LocationContext *LC; // Can be null */
631 unsigned BlockCount;
632 void *ReferencedVars;
633 void *OriginalVars;
634
BlockDataRegion(const BlockCodeRegion * bc,const LocationContext * lc,unsigned count,const MemRegion * sreg)635 BlockDataRegion(const BlockCodeRegion *bc, const LocationContext *lc,
636 unsigned count, const MemRegion *sreg)
637 : TypedRegion(sreg, BlockDataRegionKind), BC(bc), LC(lc),
638 BlockCount(count),
639 ReferencedVars(nullptr), OriginalVars(nullptr) {}
640
641 public:
getCodeRegion()642 const BlockCodeRegion *getCodeRegion() const { return BC; }
643
getDecl()644 const BlockDecl *getDecl() const { return BC->getDecl(); }
645
getLocationType()646 QualType getLocationType() const override { return BC->getLocationType(); }
647
648 class referenced_vars_iterator {
649 const MemRegion * const *R;
650 const MemRegion * const *OriginalR;
651 public:
referenced_vars_iterator(const MemRegion * const * r,const MemRegion * const * originalR)652 explicit referenced_vars_iterator(const MemRegion * const *r,
653 const MemRegion * const *originalR)
654 : R(r), OriginalR(originalR) {}
655
getCapturedRegion()656 const VarRegion *getCapturedRegion() const {
657 return cast<VarRegion>(*R);
658 }
getOriginalRegion()659 const VarRegion *getOriginalRegion() const {
660 return cast<VarRegion>(*OriginalR);
661 }
662
663 bool operator==(const referenced_vars_iterator &I) const {
664 assert((R == nullptr) == (I.R == nullptr));
665 return I.R == R;
666 }
667 bool operator!=(const referenced_vars_iterator &I) const {
668 assert((R == nullptr) == (I.R == nullptr));
669 return I.R != R;
670 }
671 referenced_vars_iterator &operator++() {
672 ++R;
673 ++OriginalR;
674 return *this;
675 }
676 };
677
678 /// Return the original region for a captured region, if
679 /// one exists.
680 const VarRegion *getOriginalRegion(const VarRegion *VR) const;
681
682 referenced_vars_iterator referenced_vars_begin() const;
683 referenced_vars_iterator referenced_vars_end() const;
684
685 void dumpToStream(raw_ostream &os) const override;
686
687 void Profile(llvm::FoldingSetNodeID& ID) const override;
688
689 static void ProfileRegion(llvm::FoldingSetNodeID&, const BlockCodeRegion *,
690 const LocationContext *, unsigned,
691 const MemRegion *);
692
classof(const MemRegion * R)693 static bool classof(const MemRegion* R) {
694 return R->getKind() == BlockDataRegionKind;
695 }
696 private:
697 void LazyInitializeReferencedVars();
698 std::pair<const VarRegion *, const VarRegion *>
699 getCaptureRegions(const VarDecl *VD);
700 };
701
702 /// SymbolicRegion - A special, "non-concrete" region. Unlike other region
703 /// classes, SymbolicRegion represents a region that serves as an alias for
704 /// either a real region, a NULL pointer, etc. It essentially is used to
705 /// map the concept of symbolic values into the domain of regions. Symbolic
706 /// regions do not need to be typed.
707 class SymbolicRegion : public SubRegion {
708 protected:
709 const SymbolRef sym;
710
711 public:
SymbolicRegion(const SymbolRef s,const MemRegion * sreg)712 SymbolicRegion(const SymbolRef s, const MemRegion* sreg)
713 : SubRegion(sreg, SymbolicRegionKind), sym(s) {}
714
getSymbol()715 SymbolRef getSymbol() const {
716 return sym;
717 }
718
isBoundable()719 bool isBoundable() const override { return true; }
720
721 DefinedOrUnknownSVal getExtent(SValBuilder &svalBuilder) const override;
722
723 void Profile(llvm::FoldingSetNodeID& ID) const override;
724
725 static void ProfileRegion(llvm::FoldingSetNodeID& ID,
726 SymbolRef sym,
727 const MemRegion* superRegion);
728
729 void dumpToStream(raw_ostream &os) const override;
730
classof(const MemRegion * R)731 static bool classof(const MemRegion* R) {
732 return R->getKind() == SymbolicRegionKind;
733 }
734 };
735
736 /// StringRegion - Region associated with a StringLiteral.
737 class StringRegion : public TypedValueRegion {
738 friend class MemRegionManager;
739 const StringLiteral* Str;
740 protected:
741
StringRegion(const StringLiteral * str,const MemRegion * sreg)742 StringRegion(const StringLiteral* str, const MemRegion* sreg)
743 : TypedValueRegion(sreg, StringRegionKind), Str(str) {}
744
745 static void ProfileRegion(llvm::FoldingSetNodeID& ID,
746 const StringLiteral* Str,
747 const MemRegion* superRegion);
748
749 public:
750
getStringLiteral()751 const StringLiteral* getStringLiteral() const { return Str; }
752
getValueType()753 QualType getValueType() const override {
754 return Str->getType();
755 }
756
757 DefinedOrUnknownSVal getExtent(SValBuilder &svalBuilder) const override;
758
isBoundable()759 bool isBoundable() const override { return false; }
760
Profile(llvm::FoldingSetNodeID & ID)761 void Profile(llvm::FoldingSetNodeID& ID) const override {
762 ProfileRegion(ID, Str, superRegion);
763 }
764
765 void dumpToStream(raw_ostream &os) const override;
766
classof(const MemRegion * R)767 static bool classof(const MemRegion* R) {
768 return R->getKind() == StringRegionKind;
769 }
770 };
771
772 /// The region associated with an ObjCStringLiteral.
773 class ObjCStringRegion : public TypedValueRegion {
774 friend class MemRegionManager;
775 const ObjCStringLiteral* Str;
776 protected:
777
ObjCStringRegion(const ObjCStringLiteral * str,const MemRegion * sreg)778 ObjCStringRegion(const ObjCStringLiteral* str, const MemRegion* sreg)
779 : TypedValueRegion(sreg, ObjCStringRegionKind), Str(str) {}
780
781 static void ProfileRegion(llvm::FoldingSetNodeID& ID,
782 const ObjCStringLiteral* Str,
783 const MemRegion* superRegion);
784
785 public:
786
getObjCStringLiteral()787 const ObjCStringLiteral* getObjCStringLiteral() const { return Str; }
788
getValueType()789 QualType getValueType() const override {
790 return Str->getType();
791 }
792
isBoundable()793 bool isBoundable() const override { return false; }
794
Profile(llvm::FoldingSetNodeID & ID)795 void Profile(llvm::FoldingSetNodeID& ID) const override {
796 ProfileRegion(ID, Str, superRegion);
797 }
798
799 void dumpToStream(raw_ostream &os) const override;
800
classof(const MemRegion * R)801 static bool classof(const MemRegion* R) {
802 return R->getKind() == ObjCStringRegionKind;
803 }
804 };
805
806 /// CompoundLiteralRegion - A memory region representing a compound literal.
807 /// Compound literals are essentially temporaries that are stack allocated
808 /// or in the global constant pool.
809 class CompoundLiteralRegion : public TypedValueRegion {
810 private:
811 friend class MemRegionManager;
812 const CompoundLiteralExpr *CL;
813
CompoundLiteralRegion(const CompoundLiteralExpr * cl,const MemRegion * sReg)814 CompoundLiteralRegion(const CompoundLiteralExpr *cl, const MemRegion* sReg)
815 : TypedValueRegion(sReg, CompoundLiteralRegionKind), CL(cl) {}
816
817 static void ProfileRegion(llvm::FoldingSetNodeID& ID,
818 const CompoundLiteralExpr *CL,
819 const MemRegion* superRegion);
820 public:
getValueType()821 QualType getValueType() const override {
822 return CL->getType();
823 }
824
isBoundable()825 bool isBoundable() const override { return !CL->isFileScope(); }
826
827 void Profile(llvm::FoldingSetNodeID& ID) const override;
828
829 void dumpToStream(raw_ostream &os) const override;
830
getLiteralExpr()831 const CompoundLiteralExpr *getLiteralExpr() const { return CL; }
832
classof(const MemRegion * R)833 static bool classof(const MemRegion* R) {
834 return R->getKind() == CompoundLiteralRegionKind;
835 }
836 };
837
838 class DeclRegion : public TypedValueRegion {
839 protected:
840 const Decl *D;
841
DeclRegion(const Decl * d,const MemRegion * sReg,Kind k)842 DeclRegion(const Decl *d, const MemRegion* sReg, Kind k)
843 : TypedValueRegion(sReg, k), D(d) {}
844
845 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const Decl *D,
846 const MemRegion* superRegion, Kind k);
847
848 public:
getDecl()849 const Decl *getDecl() const { return D; }
850 void Profile(llvm::FoldingSetNodeID& ID) const override;
851
classof(const MemRegion * R)852 static bool classof(const MemRegion* R) {
853 unsigned k = R->getKind();
854 return k >= BEGIN_DECL_REGIONS && k <= END_DECL_REGIONS;
855 }
856 };
857
858 class VarRegion : public DeclRegion {
859 friend class MemRegionManager;
860
861 // Constructors and private methods.
VarRegion(const VarDecl * vd,const MemRegion * sReg)862 VarRegion(const VarDecl *vd, const MemRegion* sReg)
863 : DeclRegion(vd, sReg, VarRegionKind) {}
864
ProfileRegion(llvm::FoldingSetNodeID & ID,const VarDecl * VD,const MemRegion * superRegion)865 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const VarDecl *VD,
866 const MemRegion *superRegion) {
867 DeclRegion::ProfileRegion(ID, VD, superRegion, VarRegionKind);
868 }
869
870 void Profile(llvm::FoldingSetNodeID& ID) const override;
871
872 public:
getDecl()873 const VarDecl *getDecl() const { return cast<VarDecl>(D); }
874
875 const StackFrameContext *getStackFrame() const;
876
getValueType()877 QualType getValueType() const override {
878 // FIXME: We can cache this if needed.
879 return getDecl()->getType();
880 }
881
882 void dumpToStream(raw_ostream &os) const override;
883
classof(const MemRegion * R)884 static bool classof(const MemRegion* R) {
885 return R->getKind() == VarRegionKind;
886 }
887
888 bool canPrintPrettyAsExpr() const override;
889
890 void printPrettyAsExpr(raw_ostream &os) const override;
891 };
892
893 /// CXXThisRegion - Represents the region for the implicit 'this' parameter
894 /// in a call to a C++ method. This region doesn't represent the object
895 /// referred to by 'this', but rather 'this' itself.
896 class CXXThisRegion : public TypedValueRegion {
897 friend class MemRegionManager;
CXXThisRegion(const PointerType * thisPointerTy,const MemRegion * sReg)898 CXXThisRegion(const PointerType *thisPointerTy,
899 const MemRegion *sReg)
900 : TypedValueRegion(sReg, CXXThisRegionKind), ThisPointerTy(thisPointerTy) {}
901
902 static void ProfileRegion(llvm::FoldingSetNodeID &ID,
903 const PointerType *PT,
904 const MemRegion *sReg);
905
906 void Profile(llvm::FoldingSetNodeID &ID) const override;
907
908 public:
getValueType()909 QualType getValueType() const override {
910 return QualType(ThisPointerTy, 0);
911 }
912
913 void dumpToStream(raw_ostream &os) const override;
914
classof(const MemRegion * R)915 static bool classof(const MemRegion* R) {
916 return R->getKind() == CXXThisRegionKind;
917 }
918
919 private:
920 const PointerType *ThisPointerTy;
921 };
922
923 class FieldRegion : public DeclRegion {
924 friend class MemRegionManager;
925
FieldRegion(const FieldDecl * fd,const MemRegion * sReg)926 FieldRegion(const FieldDecl *fd, const MemRegion* sReg)
927 : DeclRegion(fd, sReg, FieldRegionKind) {}
928
929 public:
getDecl()930 const FieldDecl *getDecl() const { return cast<FieldDecl>(D); }
931
getValueType()932 QualType getValueType() const override {
933 // FIXME: We can cache this if needed.
934 return getDecl()->getType();
935 }
936
937 DefinedOrUnknownSVal getExtent(SValBuilder &svalBuilder) const override;
938
ProfileRegion(llvm::FoldingSetNodeID & ID,const FieldDecl * FD,const MemRegion * superRegion)939 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const FieldDecl *FD,
940 const MemRegion* superRegion) {
941 DeclRegion::ProfileRegion(ID, FD, superRegion, FieldRegionKind);
942 }
943
classof(const MemRegion * R)944 static bool classof(const MemRegion* R) {
945 return R->getKind() == FieldRegionKind;
946 }
947
948 void dumpToStream(raw_ostream &os) const override;
949
950 bool canPrintPretty() const override;
951 void printPretty(raw_ostream &os) const override;
952 bool canPrintPrettyAsExpr() const override;
953 void printPrettyAsExpr(raw_ostream &os) const override;
954 };
955
956 class ObjCIvarRegion : public DeclRegion {
957
958 friend class MemRegionManager;
959
960 ObjCIvarRegion(const ObjCIvarDecl *ivd, const MemRegion* sReg);
961
962 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const ObjCIvarDecl *ivd,
963 const MemRegion* superRegion);
964
965 public:
966 const ObjCIvarDecl *getDecl() const;
967 QualType getValueType() const override;
968
969 bool canPrintPrettyAsExpr() const override;
970 void printPrettyAsExpr(raw_ostream &os) const override;
971
972 void dumpToStream(raw_ostream &os) const override;
973
classof(const MemRegion * R)974 static bool classof(const MemRegion* R) {
975 return R->getKind() == ObjCIvarRegionKind;
976 }
977 };
978 //===----------------------------------------------------------------------===//
979 // Auxiliary data classes for use with MemRegions.
980 //===----------------------------------------------------------------------===//
981
982 class ElementRegion;
983
984 class RegionRawOffset {
985 private:
986 friend class ElementRegion;
987
988 const MemRegion *Region;
989 CharUnits Offset;
990
991 RegionRawOffset(const MemRegion* reg, CharUnits offset = CharUnits::Zero())
Region(reg)992 : Region(reg), Offset(offset) {}
993
994 public:
995 // FIXME: Eventually support symbolic offsets.
getOffset()996 CharUnits getOffset() const { return Offset; }
getRegion()997 const MemRegion *getRegion() const { return Region; }
998
999 void dumpToStream(raw_ostream &os) const;
1000 void dump() const;
1001 };
1002
1003 /// \brief ElementRegin is used to represent both array elements and casts.
1004 class ElementRegion : public TypedValueRegion {
1005 friend class MemRegionManager;
1006
1007 QualType ElementType;
1008 NonLoc Index;
1009
ElementRegion(QualType elementType,NonLoc Idx,const MemRegion * sReg)1010 ElementRegion(QualType elementType, NonLoc Idx, const MemRegion* sReg)
1011 : TypedValueRegion(sReg, ElementRegionKind),
1012 ElementType(elementType), Index(Idx) {
1013 assert((!Idx.getAs<nonloc::ConcreteInt>() ||
1014 Idx.castAs<nonloc::ConcreteInt>().getValue().isSigned()) &&
1015 "The index must be signed");
1016 }
1017
1018 static void ProfileRegion(llvm::FoldingSetNodeID& ID, QualType elementType,
1019 SVal Idx, const MemRegion* superRegion);
1020
1021 public:
1022
getIndex()1023 NonLoc getIndex() const { return Index; }
1024
getValueType()1025 QualType getValueType() const override {
1026 return ElementType;
1027 }
1028
getElementType()1029 QualType getElementType() const {
1030 return ElementType;
1031 }
1032 /// Compute the offset within the array. The array might also be a subobject.
1033 RegionRawOffset getAsArrayOffset() const;
1034
1035 void dumpToStream(raw_ostream &os) const override;
1036
1037 void Profile(llvm::FoldingSetNodeID& ID) const override;
1038
classof(const MemRegion * R)1039 static bool classof(const MemRegion* R) {
1040 return R->getKind() == ElementRegionKind;
1041 }
1042 };
1043
1044 // C++ temporary object associated with an expression.
1045 class CXXTempObjectRegion : public TypedValueRegion {
1046 friend class MemRegionManager;
1047
1048 Expr const *Ex;
1049
CXXTempObjectRegion(Expr const * E,MemRegion const * sReg)1050 CXXTempObjectRegion(Expr const *E, MemRegion const *sReg)
1051 : TypedValueRegion(sReg, CXXTempObjectRegionKind), Ex(E) {}
1052
1053 static void ProfileRegion(llvm::FoldingSetNodeID &ID,
1054 Expr const *E, const MemRegion *sReg);
1055
1056 public:
getExpr()1057 const Expr *getExpr() const { return Ex; }
1058
getValueType()1059 QualType getValueType() const override {
1060 return Ex->getType();
1061 }
1062
1063 void dumpToStream(raw_ostream &os) const override;
1064
1065 void Profile(llvm::FoldingSetNodeID &ID) const override;
1066
classof(const MemRegion * R)1067 static bool classof(const MemRegion* R) {
1068 return R->getKind() == CXXTempObjectRegionKind;
1069 }
1070 };
1071
1072 // CXXBaseObjectRegion represents a base object within a C++ object. It is
1073 // identified by the base class declaration and the region of its parent object.
1074 class CXXBaseObjectRegion : public TypedValueRegion {
1075 friend class MemRegionManager;
1076
1077 llvm::PointerIntPair<const CXXRecordDecl *, 1, bool> Data;
1078
CXXBaseObjectRegion(const CXXRecordDecl * RD,bool IsVirtual,const MemRegion * SReg)1079 CXXBaseObjectRegion(const CXXRecordDecl *RD, bool IsVirtual,
1080 const MemRegion *SReg)
1081 : TypedValueRegion(SReg, CXXBaseObjectRegionKind), Data(RD, IsVirtual) {}
1082
1083 static void ProfileRegion(llvm::FoldingSetNodeID &ID, const CXXRecordDecl *RD,
1084 bool IsVirtual, const MemRegion *SReg);
1085
1086 public:
getDecl()1087 const CXXRecordDecl *getDecl() const { return Data.getPointer(); }
isVirtual()1088 bool isVirtual() const { return Data.getInt(); }
1089
1090 QualType getValueType() const override;
1091
1092 void dumpToStream(raw_ostream &os) const override;
1093
1094 void Profile(llvm::FoldingSetNodeID &ID) const override;
1095
classof(const MemRegion * region)1096 static bool classof(const MemRegion *region) {
1097 return region->getKind() == CXXBaseObjectRegionKind;
1098 }
1099
1100 bool canPrintPrettyAsExpr() const override;
1101
1102 void printPrettyAsExpr(raw_ostream &os) const override;
1103 };
1104
1105 template<typename RegionTy>
getAs()1106 const RegionTy* MemRegion::getAs() const {
1107 if (const RegionTy* RT = dyn_cast<RegionTy>(this))
1108 return RT;
1109
1110 return nullptr;
1111 }
1112
1113 //===----------------------------------------------------------------------===//
1114 // MemRegionManager - Factory object for creating regions.
1115 //===----------------------------------------------------------------------===//
1116
1117 class MemRegionManager {
1118 ASTContext &C;
1119 llvm::BumpPtrAllocator& A;
1120 llvm::FoldingSet<MemRegion> Regions;
1121
1122 GlobalInternalSpaceRegion *InternalGlobals;
1123 GlobalSystemSpaceRegion *SystemGlobals;
1124 GlobalImmutableSpaceRegion *ImmutableGlobals;
1125
1126
1127 llvm::DenseMap<const StackFrameContext *, StackLocalsSpaceRegion *>
1128 StackLocalsSpaceRegions;
1129 llvm::DenseMap<const StackFrameContext *, StackArgumentsSpaceRegion *>
1130 StackArgumentsSpaceRegions;
1131 llvm::DenseMap<const CodeTextRegion *, StaticGlobalSpaceRegion *>
1132 StaticsGlobalSpaceRegions;
1133
1134 HeapSpaceRegion *heap;
1135 UnknownSpaceRegion *unknown;
1136 CodeSpaceRegion *code;
1137
1138 public:
MemRegionManager(ASTContext & c,llvm::BumpPtrAllocator & a)1139 MemRegionManager(ASTContext &c, llvm::BumpPtrAllocator &a)
1140 : C(c), A(a), InternalGlobals(nullptr), SystemGlobals(nullptr),
1141 ImmutableGlobals(nullptr), heap(nullptr), unknown(nullptr),
1142 code(nullptr) {}
1143
1144 ~MemRegionManager();
1145
getContext()1146 ASTContext &getContext() { return C; }
1147
getAllocator()1148 llvm::BumpPtrAllocator &getAllocator() { return A; }
1149
1150 /// getStackLocalsRegion - Retrieve the memory region associated with the
1151 /// specified stack frame.
1152 const StackLocalsSpaceRegion *
1153 getStackLocalsRegion(const StackFrameContext *STC);
1154
1155 /// getStackArgumentsRegion - Retrieve the memory region associated with
1156 /// function/method arguments of the specified stack frame.
1157 const StackArgumentsSpaceRegion *
1158 getStackArgumentsRegion(const StackFrameContext *STC);
1159
1160 /// getGlobalsRegion - Retrieve the memory region associated with
1161 /// global variables.
1162 const GlobalsSpaceRegion *getGlobalsRegion(
1163 MemRegion::Kind K = MemRegion::GlobalInternalSpaceRegionKind,
1164 const CodeTextRegion *R = nullptr);
1165
1166 /// getHeapRegion - Retrieve the memory region associated with the
1167 /// generic "heap".
1168 const HeapSpaceRegion *getHeapRegion();
1169
1170 /// getUnknownRegion - Retrieve the memory region associated with unknown
1171 /// memory space.
1172 const UnknownSpaceRegion *getUnknownRegion();
1173
1174 const CodeSpaceRegion *getCodeRegion();
1175
1176 /// getAllocaRegion - Retrieve a region associated with a call to alloca().
1177 const AllocaRegion *getAllocaRegion(const Expr *Ex, unsigned Cnt,
1178 const LocationContext *LC);
1179
1180 /// getCompoundLiteralRegion - Retrieve the region associated with a
1181 /// given CompoundLiteral.
1182 const CompoundLiteralRegion*
1183 getCompoundLiteralRegion(const CompoundLiteralExpr *CL,
1184 const LocationContext *LC);
1185
1186 /// getCXXThisRegion - Retrieve the [artificial] region associated with the
1187 /// parameter 'this'.
1188 const CXXThisRegion *getCXXThisRegion(QualType thisPointerTy,
1189 const LocationContext *LC);
1190
1191 /// \brief Retrieve or create a "symbolic" memory region.
1192 const SymbolicRegion* getSymbolicRegion(SymbolRef Sym);
1193
1194 /// \brief Return a unique symbolic region belonging to heap memory space.
1195 const SymbolicRegion *getSymbolicHeapRegion(SymbolRef sym);
1196
1197 const StringRegion *getStringRegion(const StringLiteral* Str);
1198
1199 const ObjCStringRegion *getObjCStringRegion(const ObjCStringLiteral *Str);
1200
1201 /// getVarRegion - Retrieve or create the memory region associated with
1202 /// a specified VarDecl and LocationContext.
1203 const VarRegion* getVarRegion(const VarDecl *D, const LocationContext *LC);
1204
1205 /// getVarRegion - Retrieve or create the memory region associated with
1206 /// a specified VarDecl and super region.
1207 const VarRegion* getVarRegion(const VarDecl *D, const MemRegion *superR);
1208
1209 /// getElementRegion - Retrieve the memory region associated with the
1210 /// associated element type, index, and super region.
1211 const ElementRegion *getElementRegion(QualType elementType, NonLoc Idx,
1212 const MemRegion *superRegion,
1213 ASTContext &Ctx);
1214
getElementRegionWithSuper(const ElementRegion * ER,const MemRegion * superRegion)1215 const ElementRegion *getElementRegionWithSuper(const ElementRegion *ER,
1216 const MemRegion *superRegion) {
1217 return getElementRegion(ER->getElementType(), ER->getIndex(),
1218 superRegion, ER->getContext());
1219 }
1220
1221 /// getFieldRegion - Retrieve or create the memory region associated with
1222 /// a specified FieldDecl. 'superRegion' corresponds to the containing
1223 /// memory region (which typically represents the memory representing
1224 /// a structure or class).
1225 const FieldRegion *getFieldRegion(const FieldDecl *fd,
1226 const MemRegion* superRegion);
1227
getFieldRegionWithSuper(const FieldRegion * FR,const MemRegion * superRegion)1228 const FieldRegion *getFieldRegionWithSuper(const FieldRegion *FR,
1229 const MemRegion *superRegion) {
1230 return getFieldRegion(FR->getDecl(), superRegion);
1231 }
1232
1233 /// getObjCIvarRegion - Retrieve or create the memory region associated with
1234 /// a specified Objective-c instance variable. 'superRegion' corresponds
1235 /// to the containing region (which typically represents the Objective-C
1236 /// object).
1237 const ObjCIvarRegion *getObjCIvarRegion(const ObjCIvarDecl *ivd,
1238 const MemRegion* superRegion);
1239
1240 const CXXTempObjectRegion *getCXXTempObjectRegion(Expr const *Ex,
1241 LocationContext const *LC);
1242
1243 /// Create a CXXBaseObjectRegion with the given base class for region
1244 /// \p Super.
1245 ///
1246 /// The type of \p Super is assumed be a class deriving from \p BaseClass.
1247 const CXXBaseObjectRegion *
1248 getCXXBaseObjectRegion(const CXXRecordDecl *BaseClass, const MemRegion *Super,
1249 bool IsVirtual);
1250
1251 /// Create a CXXBaseObjectRegion with the same CXXRecordDecl but a different
1252 /// super region.
1253 const CXXBaseObjectRegion *
getCXXBaseObjectRegionWithSuper(const CXXBaseObjectRegion * baseReg,const MemRegion * superRegion)1254 getCXXBaseObjectRegionWithSuper(const CXXBaseObjectRegion *baseReg,
1255 const MemRegion *superRegion) {
1256 return getCXXBaseObjectRegion(baseReg->getDecl(), superRegion,
1257 baseReg->isVirtual());
1258 }
1259
1260 const FunctionCodeRegion *getFunctionCodeRegion(const NamedDecl *FD);
1261 const BlockCodeRegion *getBlockCodeRegion(const BlockDecl *BD,
1262 CanQualType locTy,
1263 AnalysisDeclContext *AC);
1264
1265 /// getBlockDataRegion - Get the memory region associated with an instance
1266 /// of a block. Unlike many other MemRegions, the LocationContext*
1267 /// argument is allowed to be NULL for cases where we have no known
1268 /// context.
1269 const BlockDataRegion *getBlockDataRegion(const BlockCodeRegion *bc,
1270 const LocationContext *lc,
1271 unsigned blockCount);
1272
1273 /// Create a CXXTempObjectRegion for temporaries which are lifetime-extended
1274 /// by static references. This differs from getCXXTempObjectRegion in the
1275 /// super-region used.
1276 const CXXTempObjectRegion *getCXXStaticTempObjectRegion(const Expr *Ex);
1277
1278 private:
1279 template <typename RegionTy, typename A1>
1280 RegionTy* getRegion(const A1 a1);
1281
1282 template <typename RegionTy, typename A1>
1283 RegionTy* getSubRegion(const A1 a1, const MemRegion* superRegion);
1284
1285 template <typename RegionTy, typename A1, typename A2>
1286 RegionTy* getRegion(const A1 a1, const A2 a2);
1287
1288 template <typename RegionTy, typename A1, typename A2>
1289 RegionTy* getSubRegion(const A1 a1, const A2 a2,
1290 const MemRegion* superRegion);
1291
1292 template <typename RegionTy, typename A1, typename A2, typename A3>
1293 RegionTy* getSubRegion(const A1 a1, const A2 a2, const A3 a3,
1294 const MemRegion* superRegion);
1295
1296 template <typename REG>
1297 const REG* LazyAllocate(REG*& region);
1298
1299 template <typename REG, typename ARG>
1300 const REG* LazyAllocate(REG*& region, ARG a);
1301 };
1302
1303 //===----------------------------------------------------------------------===//
1304 // Out-of-line member definitions.
1305 //===----------------------------------------------------------------------===//
1306
getContext()1307 inline ASTContext &MemRegion::getContext() const {
1308 return getMemRegionManager()->getContext();
1309 }
1310
1311 //===----------------------------------------------------------------------===//
1312 // Means for storing region/symbol handling traits.
1313 //===----------------------------------------------------------------------===//
1314
1315 /// Information about invalidation for a particular region/symbol.
1316 class RegionAndSymbolInvalidationTraits {
1317 typedef unsigned char StorageTypeForKinds;
1318 llvm::DenseMap<const MemRegion *, StorageTypeForKinds> MRTraitsMap;
1319 llvm::DenseMap<SymbolRef, StorageTypeForKinds> SymTraitsMap;
1320
1321 typedef llvm::DenseMap<const MemRegion *, StorageTypeForKinds>::const_iterator
1322 const_region_iterator;
1323 typedef llvm::DenseMap<SymbolRef, StorageTypeForKinds>::const_iterator
1324 const_symbol_iterator;
1325
1326 public:
1327 /// \brief Describes different invalidation traits.
1328 enum InvalidationKinds {
1329 /// Tells that a region's contents is not changed.
1330 TK_PreserveContents = 0x1,
1331 /// Suppress pointer-escaping of a region.
1332 TK_SuppressEscape = 0x2,
1333 // Do not invalidate super region.
1334 TK_DoNotInvalidateSuperRegion = 0x4,
1335 /// When applied to a MemSpaceRegion, indicates the entire memory space
1336 /// should be invalidated.
1337 TK_EntireMemSpace = 0x8
1338
1339 // Do not forget to extend StorageTypeForKinds if number of traits exceed
1340 // the number of bits StorageTypeForKinds can store.
1341 };
1342
1343 void setTrait(SymbolRef Sym, InvalidationKinds IK);
1344 void setTrait(const MemRegion *MR, InvalidationKinds IK);
1345 bool hasTrait(SymbolRef Sym, InvalidationKinds IK) const;
1346 bool hasTrait(const MemRegion *MR, InvalidationKinds IK) const;
1347 };
1348
1349 } // end GR namespace
1350
1351 } // end clang namespace
1352
1353 //===----------------------------------------------------------------------===//
1354 // Pretty-printing regions.
1355 //===----------------------------------------------------------------------===//
1356
1357 namespace llvm {
1358 static inline raw_ostream &operator<<(raw_ostream &os,
1359 const clang::ento::MemRegion* R) {
1360 R->dumpToStream(os);
1361 return os;
1362 }
1363 } // end llvm namespace
1364
1365 #endif
1366