1 //== MemRegion.h - Abstract memory regions for static analysis --*- C++ -*--==//
2 //
3 // The LLVM Compiler Infrastructure
4 //
5 // This file is distributed under the University of Illinois Open Source
6 // License. See LICENSE.TXT for details.
7 //
8 //===----------------------------------------------------------------------===//
9 //
10 // This file defines MemRegion and its subclasses. MemRegion defines a
11 // partially-typed abstraction of memory useful for path-sensitive dataflow
12 // analyses.
13 //
14 //===----------------------------------------------------------------------===//
15
16 #ifndef LLVM_CLANG_GR_MEMREGION_H
17 #define LLVM_CLANG_GR_MEMREGION_H
18
19 #include "clang/AST/ASTContext.h"
20 #include "clang/AST/CharUnits.h"
21 #include "clang/AST/Decl.h"
22 #include "clang/AST/ExprObjC.h"
23 #include "clang/Basic/LLVM.h"
24 #include "clang/StaticAnalyzer/Core/PathSensitive/SVals.h"
25 #include "llvm/ADT/FoldingSet.h"
26 #include "llvm/Support/ErrorHandling.h"
27 #include <string>
28
29 namespace llvm {
30 class BumpPtrAllocator;
31 }
32
33 namespace clang {
34
35 class LocationContext;
36 class StackFrameContext;
37
38 namespace ento {
39
40 class CodeTextRegion;
41 class MemRegionManager;
42 class MemSpaceRegion;
43 class SValBuilder;
44 class SymbolicRegion;
45 class VarRegion;
46
47 /// Represent a region's offset within the top level base region.
48 class RegionOffset {
49 /// The base region.
50 const MemRegion *R;
51
52 /// The bit offset within the base region. It shouldn't be negative.
53 int64_t Offset;
54
55 public:
56 // We're using a const instead of an enumeration due to the size required;
57 // Visual Studio will only create enumerations of size int, not long long.
58 static const int64_t Symbolic = INT64_MAX;
59
RegionOffset()60 RegionOffset() : R(0) {}
RegionOffset(const MemRegion * r,int64_t off)61 RegionOffset(const MemRegion *r, int64_t off) : R(r), Offset(off) {}
62
getRegion()63 const MemRegion *getRegion() const { return R; }
64
hasSymbolicOffset()65 bool hasSymbolicOffset() const { return Offset == Symbolic; }
66
getOffset()67 int64_t getOffset() const {
68 assert(!hasSymbolicOffset());
69 return Offset;
70 }
71
isValid()72 bool isValid() const { return R; }
73 };
74
75 //===----------------------------------------------------------------------===//
76 // Base region classes.
77 //===----------------------------------------------------------------------===//
78
79 /// MemRegion - The root abstract class for all memory regions.
80 class MemRegion : public llvm::FoldingSetNode {
81 friend class MemRegionManager;
82 public:
83 enum Kind {
84 // Memory spaces.
85 GenericMemSpaceRegionKind,
86 StackLocalsSpaceRegionKind,
87 StackArgumentsSpaceRegionKind,
88 HeapSpaceRegionKind,
89 UnknownSpaceRegionKind,
90 StaticGlobalSpaceRegionKind,
91 GlobalInternalSpaceRegionKind,
92 GlobalSystemSpaceRegionKind,
93 GlobalImmutableSpaceRegionKind,
94 BEG_NON_STATIC_GLOBAL_MEMSPACES = GlobalInternalSpaceRegionKind,
95 END_NON_STATIC_GLOBAL_MEMSPACES = GlobalImmutableSpaceRegionKind,
96 BEG_GLOBAL_MEMSPACES = StaticGlobalSpaceRegionKind,
97 END_GLOBAL_MEMSPACES = GlobalImmutableSpaceRegionKind,
98 BEG_MEMSPACES = GenericMemSpaceRegionKind,
99 END_MEMSPACES = GlobalImmutableSpaceRegionKind,
100 // Untyped regions.
101 SymbolicRegionKind,
102 AllocaRegionKind,
103 // Typed regions.
104 BEG_TYPED_REGIONS,
105 FunctionTextRegionKind = BEG_TYPED_REGIONS,
106 BlockTextRegionKind,
107 BlockDataRegionKind,
108 BEG_TYPED_VALUE_REGIONS,
109 CompoundLiteralRegionKind = BEG_TYPED_VALUE_REGIONS,
110 CXXThisRegionKind,
111 StringRegionKind,
112 ObjCStringRegionKind,
113 ElementRegionKind,
114 // Decl Regions.
115 BEG_DECL_REGIONS,
116 VarRegionKind = BEG_DECL_REGIONS,
117 FieldRegionKind,
118 ObjCIvarRegionKind,
119 END_DECL_REGIONS = ObjCIvarRegionKind,
120 CXXTempObjectRegionKind,
121 CXXBaseObjectRegionKind,
122 END_TYPED_VALUE_REGIONS = CXXBaseObjectRegionKind,
123 END_TYPED_REGIONS = CXXBaseObjectRegionKind
124 };
125
126 private:
127 const Kind kind;
128
129 protected:
MemRegion(Kind k)130 MemRegion(Kind k) : kind(k) {}
131 virtual ~MemRegion();
132
133 public:
134 ASTContext &getContext() const;
135
136 virtual void Profile(llvm::FoldingSetNodeID& ID) const = 0;
137
138 virtual MemRegionManager* getMemRegionManager() const = 0;
139
140 const MemSpaceRegion *getMemorySpace() const;
141
142 const MemRegion *getBaseRegion() const;
143
144 /// Check if the region is a subregion of the given region.
145 virtual bool isSubRegionOf(const MemRegion *R) const;
146
147 const MemRegion *StripCasts(bool StripBaseCasts = true) const;
148
149 /// \brief If this is a symbolic region, returns the region. Otherwise,
150 /// goes up the base chain looking for the first symbolic base region.
151 const SymbolicRegion *getSymbolicBase() const;
152
153 bool hasGlobalsOrParametersStorage() const;
154
155 bool hasStackStorage() const;
156
157 bool hasStackNonParametersStorage() const;
158
159 bool hasStackParametersStorage() const;
160
161 /// Compute the offset within the top level memory object.
162 RegionOffset getAsOffset() const;
163
164 /// \brief Get a string representation of a region for debug use.
165 std::string getString() const;
166
167 virtual void dumpToStream(raw_ostream &os) const;
168
169 void dump() const;
170
171 /// \brief Returns true if this region can be printed in a user-friendly way.
172 virtual bool canPrintPretty() const;
173
174 /// \brief Print the region for use in diagnostics.
175 virtual void printPretty(raw_ostream &os) const;
176
177 /// \brief Returns true if this region's textual representation can be used
178 /// as part of a larger expression.
179 virtual bool canPrintPrettyAsExpr() const;
180
181 /// \brief Print the region as expression.
182 ///
183 /// When this region represents a subexpression, the method is for printing
184 /// an expression containing it.
185 virtual void printPrettyAsExpr(raw_ostream &os) const;
186
getKind()187 Kind getKind() const { return kind; }
188
189 template<typename RegionTy> const RegionTy* getAs() const;
190
isBoundable()191 virtual bool isBoundable() const { return false; }
192 };
193
194 /// MemSpaceRegion - A memory region that represents a "memory space";
195 /// for example, the set of global variables, the stack frame, etc.
196 class MemSpaceRegion : public MemRegion {
197 protected:
198 friend class MemRegionManager;
199
200 MemRegionManager *Mgr;
201
202 MemSpaceRegion(MemRegionManager *mgr, Kind k = GenericMemSpaceRegionKind)
MemRegion(k)203 : MemRegion(k), Mgr(mgr) {
204 assert(classof(this));
205 }
206
getMemRegionManager()207 MemRegionManager* getMemRegionManager() const { return Mgr; }
208
209 public:
isBoundable()210 bool isBoundable() const { return false; }
211
212 void Profile(llvm::FoldingSetNodeID &ID) const;
213
classof(const MemRegion * R)214 static bool classof(const MemRegion *R) {
215 Kind k = R->getKind();
216 return k >= BEG_MEMSPACES && k <= END_MEMSPACES;
217 }
218 };
219
220 class GlobalsSpaceRegion : public MemSpaceRegion {
221 virtual void anchor();
222 protected:
GlobalsSpaceRegion(MemRegionManager * mgr,Kind k)223 GlobalsSpaceRegion(MemRegionManager *mgr, Kind k)
224 : MemSpaceRegion(mgr, k) {}
225 public:
classof(const MemRegion * R)226 static bool classof(const MemRegion *R) {
227 Kind k = R->getKind();
228 return k >= BEG_GLOBAL_MEMSPACES && k <= END_GLOBAL_MEMSPACES;
229 }
230 };
231
232 /// \brief The region of the static variables within the current CodeTextRegion
233 /// scope.
234 ///
235 /// Currently, only the static locals are placed there, so we know that these
236 /// variables do not get invalidated by calls to other functions.
237 class StaticGlobalSpaceRegion : public GlobalsSpaceRegion {
238 friend class MemRegionManager;
239
240 const CodeTextRegion *CR;
241
StaticGlobalSpaceRegion(MemRegionManager * mgr,const CodeTextRegion * cr)242 StaticGlobalSpaceRegion(MemRegionManager *mgr, const CodeTextRegion *cr)
243 : GlobalsSpaceRegion(mgr, StaticGlobalSpaceRegionKind), CR(cr) {}
244
245 public:
246 void Profile(llvm::FoldingSetNodeID &ID) const;
247
248 void dumpToStream(raw_ostream &os) const;
249
getCodeRegion()250 const CodeTextRegion *getCodeRegion() const { return CR; }
251
classof(const MemRegion * R)252 static bool classof(const MemRegion *R) {
253 return R->getKind() == StaticGlobalSpaceRegionKind;
254 }
255 };
256
257 /// \brief The region for all the non-static global variables.
258 ///
259 /// This class is further split into subclasses for efficient implementation of
260 /// invalidating a set of related global values as is done in
261 /// RegionStoreManager::invalidateRegions (instead of finding all the dependent
262 /// globals, we invalidate the whole parent region).
263 class NonStaticGlobalSpaceRegion : public GlobalsSpaceRegion {
264 friend class MemRegionManager;
265
266 protected:
NonStaticGlobalSpaceRegion(MemRegionManager * mgr,Kind k)267 NonStaticGlobalSpaceRegion(MemRegionManager *mgr, Kind k)
268 : GlobalsSpaceRegion(mgr, k) {}
269
270 public:
271
classof(const MemRegion * R)272 static bool classof(const MemRegion *R) {
273 Kind k = R->getKind();
274 return k >= BEG_NON_STATIC_GLOBAL_MEMSPACES &&
275 k <= END_NON_STATIC_GLOBAL_MEMSPACES;
276 }
277 };
278
279 /// \brief The region containing globals which are defined in system/external
280 /// headers and are considered modifiable by system calls (ex: errno).
281 class GlobalSystemSpaceRegion : public NonStaticGlobalSpaceRegion {
282 friend class MemRegionManager;
283
GlobalSystemSpaceRegion(MemRegionManager * mgr)284 GlobalSystemSpaceRegion(MemRegionManager *mgr)
285 : NonStaticGlobalSpaceRegion(mgr, GlobalSystemSpaceRegionKind) {}
286
287 public:
288
289 void dumpToStream(raw_ostream &os) const;
290
classof(const MemRegion * R)291 static bool classof(const MemRegion *R) {
292 return R->getKind() == GlobalSystemSpaceRegionKind;
293 }
294 };
295
296 /// \brief The region containing globals which are considered not to be modified
297 /// or point to data which could be modified as a result of a function call
298 /// (system or internal). Ex: Const global scalars would be modeled as part of
299 /// this region. This region also includes most system globals since they have
300 /// low chance of being modified.
301 class GlobalImmutableSpaceRegion : public NonStaticGlobalSpaceRegion {
302 friend class MemRegionManager;
303
GlobalImmutableSpaceRegion(MemRegionManager * mgr)304 GlobalImmutableSpaceRegion(MemRegionManager *mgr)
305 : NonStaticGlobalSpaceRegion(mgr, GlobalImmutableSpaceRegionKind) {}
306
307 public:
308
309 void dumpToStream(raw_ostream &os) const;
310
classof(const MemRegion * R)311 static bool classof(const MemRegion *R) {
312 return R->getKind() == GlobalImmutableSpaceRegionKind;
313 }
314 };
315
316 /// \brief The region containing globals which can be modified by calls to
317 /// "internally" defined functions - (for now just) functions other then system
318 /// calls.
319 class GlobalInternalSpaceRegion : public NonStaticGlobalSpaceRegion {
320 friend class MemRegionManager;
321
GlobalInternalSpaceRegion(MemRegionManager * mgr)322 GlobalInternalSpaceRegion(MemRegionManager *mgr)
323 : NonStaticGlobalSpaceRegion(mgr, GlobalInternalSpaceRegionKind) {}
324
325 public:
326
327 void dumpToStream(raw_ostream &os) const;
328
classof(const MemRegion * R)329 static bool classof(const MemRegion *R) {
330 return R->getKind() == GlobalInternalSpaceRegionKind;
331 }
332 };
333
334 class HeapSpaceRegion : public MemSpaceRegion {
335 virtual void anchor();
336 friend class MemRegionManager;
337
HeapSpaceRegion(MemRegionManager * mgr)338 HeapSpaceRegion(MemRegionManager *mgr)
339 : MemSpaceRegion(mgr, HeapSpaceRegionKind) {}
340 public:
341
342 void dumpToStream(raw_ostream &os) const;
343
classof(const MemRegion * R)344 static bool classof(const MemRegion *R) {
345 return R->getKind() == HeapSpaceRegionKind;
346 }
347 };
348
349 class UnknownSpaceRegion : public MemSpaceRegion {
350 virtual void anchor();
351 friend class MemRegionManager;
UnknownSpaceRegion(MemRegionManager * mgr)352 UnknownSpaceRegion(MemRegionManager *mgr)
353 : MemSpaceRegion(mgr, UnknownSpaceRegionKind) {}
354 public:
355
356 void dumpToStream(raw_ostream &os) const;
357
classof(const MemRegion * R)358 static bool classof(const MemRegion *R) {
359 return R->getKind() == UnknownSpaceRegionKind;
360 }
361 };
362
363 class StackSpaceRegion : public MemSpaceRegion {
364 private:
365 const StackFrameContext *SFC;
366
367 protected:
StackSpaceRegion(MemRegionManager * mgr,Kind k,const StackFrameContext * sfc)368 StackSpaceRegion(MemRegionManager *mgr, Kind k, const StackFrameContext *sfc)
369 : MemSpaceRegion(mgr, k), SFC(sfc) {
370 assert(classof(this));
371 }
372
373 public:
getStackFrame()374 const StackFrameContext *getStackFrame() const { return SFC; }
375
376 void Profile(llvm::FoldingSetNodeID &ID) const;
377
classof(const MemRegion * R)378 static bool classof(const MemRegion *R) {
379 Kind k = R->getKind();
380 return k >= StackLocalsSpaceRegionKind &&
381 k <= StackArgumentsSpaceRegionKind;
382 }
383 };
384
385 class StackLocalsSpaceRegion : public StackSpaceRegion {
386 virtual void anchor();
387 friend class MemRegionManager;
StackLocalsSpaceRegion(MemRegionManager * mgr,const StackFrameContext * sfc)388 StackLocalsSpaceRegion(MemRegionManager *mgr, const StackFrameContext *sfc)
389 : StackSpaceRegion(mgr, StackLocalsSpaceRegionKind, sfc) {}
390 public:
391
392 void dumpToStream(raw_ostream &os) const;
393
classof(const MemRegion * R)394 static bool classof(const MemRegion *R) {
395 return R->getKind() == StackLocalsSpaceRegionKind;
396 }
397 };
398
399 class StackArgumentsSpaceRegion : public StackSpaceRegion {
400 private:
401 virtual void anchor();
402 friend class MemRegionManager;
StackArgumentsSpaceRegion(MemRegionManager * mgr,const StackFrameContext * sfc)403 StackArgumentsSpaceRegion(MemRegionManager *mgr, const StackFrameContext *sfc)
404 : StackSpaceRegion(mgr, StackArgumentsSpaceRegionKind, sfc) {}
405 public:
406
407 void dumpToStream(raw_ostream &os) const;
408
classof(const MemRegion * R)409 static bool classof(const MemRegion *R) {
410 return R->getKind() == StackArgumentsSpaceRegionKind;
411 }
412 };
413
414
415 /// SubRegion - A region that subsets another larger region. Most regions
416 /// are subclasses of SubRegion.
417 class SubRegion : public MemRegion {
418 private:
419 virtual void anchor();
420 protected:
421 const MemRegion* superRegion;
SubRegion(const MemRegion * sReg,Kind k)422 SubRegion(const MemRegion* sReg, Kind k) : MemRegion(k), superRegion(sReg) {}
423 public:
getSuperRegion()424 const MemRegion* getSuperRegion() const {
425 return superRegion;
426 }
427
428 /// getExtent - Returns the size of the region in bytes.
getExtent(SValBuilder & svalBuilder)429 virtual DefinedOrUnknownSVal getExtent(SValBuilder &svalBuilder) const {
430 return UnknownVal();
431 }
432
433 MemRegionManager* getMemRegionManager() const;
434
435 virtual bool isSubRegionOf(const MemRegion* R) const;
436
classof(const MemRegion * R)437 static bool classof(const MemRegion* R) {
438 return R->getKind() > END_MEMSPACES;
439 }
440 };
441
442 //===----------------------------------------------------------------------===//
443 // MemRegion subclasses.
444 //===----------------------------------------------------------------------===//
445
446 /// AllocaRegion - A region that represents an untyped blob of bytes created
447 /// by a call to 'alloca'.
448 class AllocaRegion : public SubRegion {
449 friend class MemRegionManager;
450 protected:
451 unsigned Cnt; // Block counter. Used to distinguish different pieces of
452 // memory allocated by alloca at the same call site.
453 const Expr *Ex;
454
AllocaRegion(const Expr * ex,unsigned cnt,const MemRegion * superRegion)455 AllocaRegion(const Expr *ex, unsigned cnt, const MemRegion *superRegion)
456 : SubRegion(superRegion, AllocaRegionKind), Cnt(cnt), Ex(ex) {}
457
458 public:
459
getExpr()460 const Expr *getExpr() const { return Ex; }
461
isBoundable()462 bool isBoundable() const { return true; }
463
464 DefinedOrUnknownSVal getExtent(SValBuilder &svalBuilder) const;
465
466 void Profile(llvm::FoldingSetNodeID& ID) const;
467
468 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const Expr *Ex,
469 unsigned Cnt, const MemRegion *superRegion);
470
471 void dumpToStream(raw_ostream &os) const;
472
classof(const MemRegion * R)473 static bool classof(const MemRegion* R) {
474 return R->getKind() == AllocaRegionKind;
475 }
476 };
477
478 /// TypedRegion - An abstract class representing regions that are typed.
479 class TypedRegion : public SubRegion {
480 public:
481 virtual void anchor();
482 protected:
TypedRegion(const MemRegion * sReg,Kind k)483 TypedRegion(const MemRegion* sReg, Kind k) : SubRegion(sReg, k) {}
484
485 public:
486 virtual QualType getLocationType() const = 0;
487
getDesugaredLocationType(ASTContext & Context)488 QualType getDesugaredLocationType(ASTContext &Context) const {
489 return getLocationType().getDesugaredType(Context);
490 }
491
isBoundable()492 bool isBoundable() const { return true; }
493
classof(const MemRegion * R)494 static bool classof(const MemRegion* R) {
495 unsigned k = R->getKind();
496 return k >= BEG_TYPED_REGIONS && k <= END_TYPED_REGIONS;
497 }
498 };
499
500 /// TypedValueRegion - An abstract class representing regions having a typed value.
501 class TypedValueRegion : public TypedRegion {
502 public:
503 virtual void anchor();
504 protected:
TypedValueRegion(const MemRegion * sReg,Kind k)505 TypedValueRegion(const MemRegion* sReg, Kind k) : TypedRegion(sReg, k) {}
506
507 public:
508 virtual QualType getValueType() const = 0;
509
getLocationType()510 virtual QualType getLocationType() const {
511 // FIXME: We can possibly optimize this later to cache this value.
512 QualType T = getValueType();
513 ASTContext &ctx = getContext();
514 if (T->getAs<ObjCObjectType>())
515 return ctx.getObjCObjectPointerType(T);
516 return ctx.getPointerType(getValueType());
517 }
518
getDesugaredValueType(ASTContext & Context)519 QualType getDesugaredValueType(ASTContext &Context) const {
520 QualType T = getValueType();
521 return T.getTypePtrOrNull() ? T.getDesugaredType(Context) : T;
522 }
523
524 DefinedOrUnknownSVal getExtent(SValBuilder &svalBuilder) const;
525
classof(const MemRegion * R)526 static bool classof(const MemRegion* R) {
527 unsigned k = R->getKind();
528 return k >= BEG_TYPED_VALUE_REGIONS && k <= END_TYPED_VALUE_REGIONS;
529 }
530 };
531
532
533 class CodeTextRegion : public TypedRegion {
534 public:
535 virtual void anchor();
536 protected:
CodeTextRegion(const MemRegion * sreg,Kind k)537 CodeTextRegion(const MemRegion *sreg, Kind k) : TypedRegion(sreg, k) {}
538 public:
isBoundable()539 bool isBoundable() const { return false; }
540
classof(const MemRegion * R)541 static bool classof(const MemRegion* R) {
542 Kind k = R->getKind();
543 return k >= FunctionTextRegionKind && k <= BlockTextRegionKind;
544 }
545 };
546
547 /// FunctionTextRegion - A region that represents code texts of function.
548 class FunctionTextRegion : public CodeTextRegion {
549 const NamedDecl *FD;
550 public:
FunctionTextRegion(const NamedDecl * fd,const MemRegion * sreg)551 FunctionTextRegion(const NamedDecl *fd, const MemRegion* sreg)
552 : CodeTextRegion(sreg, FunctionTextRegionKind), FD(fd) {
553 assert(isa<ObjCMethodDecl>(fd) || isa<FunctionDecl>(fd));
554 }
555
getLocationType()556 QualType getLocationType() const {
557 const ASTContext &Ctx = getContext();
558 if (const FunctionDecl *D = dyn_cast<FunctionDecl>(FD)) {
559 return Ctx.getPointerType(D->getType());
560 }
561
562 assert(isa<ObjCMethodDecl>(FD));
563 assert(false && "Getting the type of ObjCMethod is not supported yet");
564
565 // TODO: We might want to return a different type here (ex: id (*ty)(...))
566 // depending on how it is used.
567 return QualType();
568 }
569
getDecl()570 const NamedDecl *getDecl() const {
571 return FD;
572 }
573
574 virtual void dumpToStream(raw_ostream &os) const;
575
576 void Profile(llvm::FoldingSetNodeID& ID) const;
577
578 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const NamedDecl *FD,
579 const MemRegion*);
580
classof(const MemRegion * R)581 static bool classof(const MemRegion* R) {
582 return R->getKind() == FunctionTextRegionKind;
583 }
584 };
585
586
587 /// BlockTextRegion - A region that represents code texts of blocks (closures).
588 /// Blocks are represented with two kinds of regions. BlockTextRegions
589 /// represent the "code", while BlockDataRegions represent instances of blocks,
590 /// which correspond to "code+data". The distinction is important, because
591 /// like a closure a block captures the values of externally referenced
592 /// variables.
593 class BlockTextRegion : public CodeTextRegion {
594 friend class MemRegionManager;
595
596 const BlockDecl *BD;
597 AnalysisDeclContext *AC;
598 CanQualType locTy;
599
BlockTextRegion(const BlockDecl * bd,CanQualType lTy,AnalysisDeclContext * ac,const MemRegion * sreg)600 BlockTextRegion(const BlockDecl *bd, CanQualType lTy,
601 AnalysisDeclContext *ac, const MemRegion* sreg)
602 : CodeTextRegion(sreg, BlockTextRegionKind), BD(bd), AC(ac), locTy(lTy) {}
603
604 public:
getLocationType()605 QualType getLocationType() const {
606 return locTy;
607 }
608
getDecl()609 const BlockDecl *getDecl() const {
610 return BD;
611 }
612
getAnalysisDeclContext()613 AnalysisDeclContext *getAnalysisDeclContext() const { return AC; }
614
615 virtual void dumpToStream(raw_ostream &os) const;
616
617 void Profile(llvm::FoldingSetNodeID& ID) const;
618
619 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const BlockDecl *BD,
620 CanQualType, const AnalysisDeclContext*,
621 const MemRegion*);
622
classof(const MemRegion * R)623 static bool classof(const MemRegion* R) {
624 return R->getKind() == BlockTextRegionKind;
625 }
626 };
627
628 /// BlockDataRegion - A region that represents a block instance.
629 /// Blocks are represented with two kinds of regions. BlockTextRegions
630 /// represent the "code", while BlockDataRegions represent instances of blocks,
631 /// which correspond to "code+data". The distinction is important, because
632 /// like a closure a block captures the values of externally referenced
633 /// variables.
634 class BlockDataRegion : public TypedRegion {
635 friend class MemRegionManager;
636 const BlockTextRegion *BC;
637 const LocationContext *LC; // Can be null */
638 void *ReferencedVars;
639 void *OriginalVars;
640
BlockDataRegion(const BlockTextRegion * bc,const LocationContext * lc,const MemRegion * sreg)641 BlockDataRegion(const BlockTextRegion *bc, const LocationContext *lc,
642 const MemRegion *sreg)
643 : TypedRegion(sreg, BlockDataRegionKind), BC(bc), LC(lc),
644 ReferencedVars(0), OriginalVars(0) {}
645
646 public:
getCodeRegion()647 const BlockTextRegion *getCodeRegion() const { return BC; }
648
getDecl()649 const BlockDecl *getDecl() const { return BC->getDecl(); }
650
getLocationType()651 QualType getLocationType() const { return BC->getLocationType(); }
652
653 class referenced_vars_iterator {
654 const MemRegion * const *R;
655 const MemRegion * const *OriginalR;
656 public:
referenced_vars_iterator(const MemRegion * const * r,const MemRegion * const * originalR)657 explicit referenced_vars_iterator(const MemRegion * const *r,
658 const MemRegion * const *originalR)
659 : R(r), OriginalR(originalR) {}
660
getCapturedRegion()661 const VarRegion *getCapturedRegion() const {
662 return cast<VarRegion>(*R);
663 }
getOriginalRegion()664 const VarRegion *getOriginalRegion() const {
665 return cast<VarRegion>(*OriginalR);
666 }
667
668 bool operator==(const referenced_vars_iterator &I) const {
669 assert((R == 0) == (I.R == 0));
670 return I.R == R;
671 }
672 bool operator!=(const referenced_vars_iterator &I) const {
673 assert((R == 0) == (I.R == 0));
674 return I.R != R;
675 }
676 referenced_vars_iterator &operator++() {
677 ++R;
678 ++OriginalR;
679 return *this;
680 }
681 };
682
683 /// Return the original region for a captured region, if
684 /// one exists.
685 const VarRegion *getOriginalRegion(const VarRegion *VR) const;
686
687 referenced_vars_iterator referenced_vars_begin() const;
688 referenced_vars_iterator referenced_vars_end() const;
689
690 virtual void dumpToStream(raw_ostream &os) const;
691
692 void Profile(llvm::FoldingSetNodeID& ID) const;
693
694 static void ProfileRegion(llvm::FoldingSetNodeID&, const BlockTextRegion *,
695 const LocationContext *, const MemRegion *);
696
classof(const MemRegion * R)697 static bool classof(const MemRegion* R) {
698 return R->getKind() == BlockDataRegionKind;
699 }
700 private:
701 void LazyInitializeReferencedVars();
702 std::pair<const VarRegion *, const VarRegion *>
703 getCaptureRegions(const VarDecl *VD);
704 };
705
706 /// SymbolicRegion - A special, "non-concrete" region. Unlike other region
707 /// clases, SymbolicRegion represents a region that serves as an alias for
708 /// either a real region, a NULL pointer, etc. It essentially is used to
709 /// map the concept of symbolic values into the domain of regions. Symbolic
710 /// regions do not need to be typed.
711 class SymbolicRegion : public SubRegion {
712 protected:
713 const SymbolRef sym;
714
715 public:
SymbolicRegion(const SymbolRef s,const MemRegion * sreg)716 SymbolicRegion(const SymbolRef s, const MemRegion* sreg)
717 : SubRegion(sreg, SymbolicRegionKind), sym(s) {}
718
getSymbol()719 SymbolRef getSymbol() const {
720 return sym;
721 }
722
isBoundable()723 bool isBoundable() const { return true; }
724
725 DefinedOrUnknownSVal getExtent(SValBuilder &svalBuilder) const;
726
727 void Profile(llvm::FoldingSetNodeID& ID) const;
728
729 static void ProfileRegion(llvm::FoldingSetNodeID& ID,
730 SymbolRef sym,
731 const MemRegion* superRegion);
732
733 void dumpToStream(raw_ostream &os) const;
734
classof(const MemRegion * R)735 static bool classof(const MemRegion* R) {
736 return R->getKind() == SymbolicRegionKind;
737 }
738 };
739
740 /// StringRegion - Region associated with a StringLiteral.
741 class StringRegion : public TypedValueRegion {
742 friend class MemRegionManager;
743 const StringLiteral* Str;
744 protected:
745
StringRegion(const StringLiteral * str,const MemRegion * sreg)746 StringRegion(const StringLiteral* str, const MemRegion* sreg)
747 : TypedValueRegion(sreg, StringRegionKind), Str(str) {}
748
749 static void ProfileRegion(llvm::FoldingSetNodeID& ID,
750 const StringLiteral* Str,
751 const MemRegion* superRegion);
752
753 public:
754
getStringLiteral()755 const StringLiteral* getStringLiteral() const { return Str; }
756
getValueType()757 QualType getValueType() const {
758 return Str->getType();
759 }
760
761 DefinedOrUnknownSVal getExtent(SValBuilder &svalBuilder) const;
762
isBoundable()763 bool isBoundable() const { return false; }
764
Profile(llvm::FoldingSetNodeID & ID)765 void Profile(llvm::FoldingSetNodeID& ID) const {
766 ProfileRegion(ID, Str, superRegion);
767 }
768
769 void dumpToStream(raw_ostream &os) const;
770
classof(const MemRegion * R)771 static bool classof(const MemRegion* R) {
772 return R->getKind() == StringRegionKind;
773 }
774 };
775
776 /// The region associated with an ObjCStringLiteral.
777 class ObjCStringRegion : public TypedValueRegion {
778 friend class MemRegionManager;
779 const ObjCStringLiteral* Str;
780 protected:
781
ObjCStringRegion(const ObjCStringLiteral * str,const MemRegion * sreg)782 ObjCStringRegion(const ObjCStringLiteral* str, const MemRegion* sreg)
783 : TypedValueRegion(sreg, ObjCStringRegionKind), Str(str) {}
784
785 static void ProfileRegion(llvm::FoldingSetNodeID& ID,
786 const ObjCStringLiteral* Str,
787 const MemRegion* superRegion);
788
789 public:
790
getObjCStringLiteral()791 const ObjCStringLiteral* getObjCStringLiteral() const { return Str; }
792
getValueType()793 QualType getValueType() const {
794 return Str->getType();
795 }
796
isBoundable()797 bool isBoundable() const { return false; }
798
Profile(llvm::FoldingSetNodeID & ID)799 void Profile(llvm::FoldingSetNodeID& ID) const {
800 ProfileRegion(ID, Str, superRegion);
801 }
802
803 void dumpToStream(raw_ostream &os) const;
804
classof(const MemRegion * R)805 static bool classof(const MemRegion* R) {
806 return R->getKind() == ObjCStringRegionKind;
807 }
808 };
809
810 /// CompoundLiteralRegion - A memory region representing a compound literal.
811 /// Compound literals are essentially temporaries that are stack allocated
812 /// or in the global constant pool.
813 class CompoundLiteralRegion : public TypedValueRegion {
814 private:
815 friend class MemRegionManager;
816 const CompoundLiteralExpr *CL;
817
CompoundLiteralRegion(const CompoundLiteralExpr * cl,const MemRegion * sReg)818 CompoundLiteralRegion(const CompoundLiteralExpr *cl, const MemRegion* sReg)
819 : TypedValueRegion(sReg, CompoundLiteralRegionKind), CL(cl) {}
820
821 static void ProfileRegion(llvm::FoldingSetNodeID& ID,
822 const CompoundLiteralExpr *CL,
823 const MemRegion* superRegion);
824 public:
getValueType()825 QualType getValueType() const {
826 return CL->getType();
827 }
828
isBoundable()829 bool isBoundable() const { return !CL->isFileScope(); }
830
831 void Profile(llvm::FoldingSetNodeID& ID) const;
832
833 void dumpToStream(raw_ostream &os) const;
834
getLiteralExpr()835 const CompoundLiteralExpr *getLiteralExpr() const { return CL; }
836
classof(const MemRegion * R)837 static bool classof(const MemRegion* R) {
838 return R->getKind() == CompoundLiteralRegionKind;
839 }
840 };
841
842 class DeclRegion : public TypedValueRegion {
843 protected:
844 const Decl *D;
845
DeclRegion(const Decl * d,const MemRegion * sReg,Kind k)846 DeclRegion(const Decl *d, const MemRegion* sReg, Kind k)
847 : TypedValueRegion(sReg, k), D(d) {}
848
849 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const Decl *D,
850 const MemRegion* superRegion, Kind k);
851
852 public:
getDecl()853 const Decl *getDecl() const { return D; }
854 void Profile(llvm::FoldingSetNodeID& ID) const;
855
classof(const MemRegion * R)856 static bool classof(const MemRegion* R) {
857 unsigned k = R->getKind();
858 return k >= BEG_DECL_REGIONS && k <= END_DECL_REGIONS;
859 }
860 };
861
862 class VarRegion : public DeclRegion {
863 friend class MemRegionManager;
864
865 // Constructors and private methods.
VarRegion(const VarDecl * vd,const MemRegion * sReg)866 VarRegion(const VarDecl *vd, const MemRegion* sReg)
867 : DeclRegion(vd, sReg, VarRegionKind) {}
868
ProfileRegion(llvm::FoldingSetNodeID & ID,const VarDecl * VD,const MemRegion * superRegion)869 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const VarDecl *VD,
870 const MemRegion *superRegion) {
871 DeclRegion::ProfileRegion(ID, VD, superRegion, VarRegionKind);
872 }
873
874 void Profile(llvm::FoldingSetNodeID& ID) const;
875
876 public:
getDecl()877 const VarDecl *getDecl() const { return cast<VarDecl>(D); }
878
879 const StackFrameContext *getStackFrame() const;
880
getValueType()881 QualType getValueType() const {
882 // FIXME: We can cache this if needed.
883 return getDecl()->getType();
884 }
885
886 void dumpToStream(raw_ostream &os) const;
887
classof(const MemRegion * R)888 static bool classof(const MemRegion* R) {
889 return R->getKind() == VarRegionKind;
890 }
891
892 bool canPrintPrettyAsExpr() const;
893
894 void printPrettyAsExpr(raw_ostream &os) const;
895 };
896
897 /// CXXThisRegion - Represents the region for the implicit 'this' parameter
898 /// in a call to a C++ method. This region doesn't represent the object
899 /// referred to by 'this', but rather 'this' itself.
900 class CXXThisRegion : public TypedValueRegion {
901 friend class MemRegionManager;
CXXThisRegion(const PointerType * thisPointerTy,const MemRegion * sReg)902 CXXThisRegion(const PointerType *thisPointerTy,
903 const MemRegion *sReg)
904 : TypedValueRegion(sReg, CXXThisRegionKind), ThisPointerTy(thisPointerTy) {}
905
906 static void ProfileRegion(llvm::FoldingSetNodeID &ID,
907 const PointerType *PT,
908 const MemRegion *sReg);
909
910 void Profile(llvm::FoldingSetNodeID &ID) const;
911
912 public:
getValueType()913 QualType getValueType() const {
914 return QualType(ThisPointerTy, 0);
915 }
916
917 void dumpToStream(raw_ostream &os) const;
918
classof(const MemRegion * R)919 static bool classof(const MemRegion* R) {
920 return R->getKind() == CXXThisRegionKind;
921 }
922
923 private:
924 const PointerType *ThisPointerTy;
925 };
926
927 class FieldRegion : public DeclRegion {
928 friend class MemRegionManager;
929
FieldRegion(const FieldDecl * fd,const MemRegion * sReg)930 FieldRegion(const FieldDecl *fd, const MemRegion* sReg)
931 : DeclRegion(fd, sReg, FieldRegionKind) {}
932
933 public:
getDecl()934 const FieldDecl *getDecl() const { return cast<FieldDecl>(D); }
935
getValueType()936 QualType getValueType() const {
937 // FIXME: We can cache this if needed.
938 return getDecl()->getType();
939 }
940
941 DefinedOrUnknownSVal getExtent(SValBuilder &svalBuilder) const;
942
ProfileRegion(llvm::FoldingSetNodeID & ID,const FieldDecl * FD,const MemRegion * superRegion)943 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const FieldDecl *FD,
944 const MemRegion* superRegion) {
945 DeclRegion::ProfileRegion(ID, FD, superRegion, FieldRegionKind);
946 }
947
classof(const MemRegion * R)948 static bool classof(const MemRegion* R) {
949 return R->getKind() == FieldRegionKind;
950 }
951
952 void dumpToStream(raw_ostream &os) const;
953
954 bool canPrintPretty() const;
955 void printPretty(raw_ostream &os) const;
956 bool canPrintPrettyAsExpr() const;
957 void printPrettyAsExpr(raw_ostream &os) const;
958 };
959
960 class ObjCIvarRegion : public DeclRegion {
961
962 friend class MemRegionManager;
963
964 ObjCIvarRegion(const ObjCIvarDecl *ivd, const MemRegion* sReg);
965
966 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const ObjCIvarDecl *ivd,
967 const MemRegion* superRegion);
968
969 public:
970 const ObjCIvarDecl *getDecl() const;
971 QualType getValueType() const;
972
973 bool canPrintPrettyAsExpr() const;
974 void printPrettyAsExpr(raw_ostream &os) const;
975
976 void dumpToStream(raw_ostream &os) const;
977
classof(const MemRegion * R)978 static bool classof(const MemRegion* R) {
979 return R->getKind() == ObjCIvarRegionKind;
980 }
981 };
982 //===----------------------------------------------------------------------===//
983 // Auxiliary data classes for use with MemRegions.
984 //===----------------------------------------------------------------------===//
985
986 class ElementRegion;
987
988 class RegionRawOffset {
989 private:
990 friend class ElementRegion;
991
992 const MemRegion *Region;
993 CharUnits Offset;
994
995 RegionRawOffset(const MemRegion* reg, CharUnits offset = CharUnits::Zero())
Region(reg)996 : Region(reg), Offset(offset) {}
997
998 public:
999 // FIXME: Eventually support symbolic offsets.
getOffset()1000 CharUnits getOffset() const { return Offset; }
getRegion()1001 const MemRegion *getRegion() const { return Region; }
1002
1003 void dumpToStream(raw_ostream &os) const;
1004 void dump() const;
1005 };
1006
1007 /// \brief ElementRegin is used to represent both array elements and casts.
1008 class ElementRegion : public TypedValueRegion {
1009 friend class MemRegionManager;
1010
1011 QualType ElementType;
1012 NonLoc Index;
1013
ElementRegion(QualType elementType,NonLoc Idx,const MemRegion * sReg)1014 ElementRegion(QualType elementType, NonLoc Idx, const MemRegion* sReg)
1015 : TypedValueRegion(sReg, ElementRegionKind),
1016 ElementType(elementType), Index(Idx) {
1017 assert((!Idx.getAs<nonloc::ConcreteInt>() ||
1018 Idx.castAs<nonloc::ConcreteInt>().getValue().isSigned()) &&
1019 "The index must be signed");
1020 }
1021
1022 static void ProfileRegion(llvm::FoldingSetNodeID& ID, QualType elementType,
1023 SVal Idx, const MemRegion* superRegion);
1024
1025 public:
1026
getIndex()1027 NonLoc getIndex() const { return Index; }
1028
getValueType()1029 QualType getValueType() const {
1030 return ElementType;
1031 }
1032
getElementType()1033 QualType getElementType() const {
1034 return ElementType;
1035 }
1036 /// Compute the offset within the array. The array might also be a subobject.
1037 RegionRawOffset getAsArrayOffset() const;
1038
1039 void dumpToStream(raw_ostream &os) const;
1040
1041 void Profile(llvm::FoldingSetNodeID& ID) const;
1042
classof(const MemRegion * R)1043 static bool classof(const MemRegion* R) {
1044 return R->getKind() == ElementRegionKind;
1045 }
1046 };
1047
1048 // C++ temporary object associated with an expression.
1049 class CXXTempObjectRegion : public TypedValueRegion {
1050 friend class MemRegionManager;
1051
1052 Expr const *Ex;
1053
CXXTempObjectRegion(Expr const * E,MemRegion const * sReg)1054 CXXTempObjectRegion(Expr const *E, MemRegion const *sReg)
1055 : TypedValueRegion(sReg, CXXTempObjectRegionKind), Ex(E) {}
1056
1057 static void ProfileRegion(llvm::FoldingSetNodeID &ID,
1058 Expr const *E, const MemRegion *sReg);
1059
1060 public:
getExpr()1061 const Expr *getExpr() const { return Ex; }
1062
getValueType()1063 QualType getValueType() const {
1064 return Ex->getType();
1065 }
1066
1067 void dumpToStream(raw_ostream &os) const;
1068
1069 void Profile(llvm::FoldingSetNodeID &ID) const;
1070
classof(const MemRegion * R)1071 static bool classof(const MemRegion* R) {
1072 return R->getKind() == CXXTempObjectRegionKind;
1073 }
1074 };
1075
1076 // CXXBaseObjectRegion represents a base object within a C++ object. It is
1077 // identified by the base class declaration and the region of its parent object.
1078 class CXXBaseObjectRegion : public TypedValueRegion {
1079 friend class MemRegionManager;
1080
1081 llvm::PointerIntPair<const CXXRecordDecl *, 1, bool> Data;
1082
CXXBaseObjectRegion(const CXXRecordDecl * RD,bool IsVirtual,const MemRegion * SReg)1083 CXXBaseObjectRegion(const CXXRecordDecl *RD, bool IsVirtual,
1084 const MemRegion *SReg)
1085 : TypedValueRegion(SReg, CXXBaseObjectRegionKind), Data(RD, IsVirtual) {}
1086
1087 static void ProfileRegion(llvm::FoldingSetNodeID &ID, const CXXRecordDecl *RD,
1088 bool IsVirtual, const MemRegion *SReg);
1089
1090 public:
getDecl()1091 const CXXRecordDecl *getDecl() const { return Data.getPointer(); }
isVirtual()1092 bool isVirtual() const { return Data.getInt(); }
1093
1094 QualType getValueType() const;
1095
1096 void dumpToStream(raw_ostream &os) const;
1097
1098 void Profile(llvm::FoldingSetNodeID &ID) const;
1099
classof(const MemRegion * region)1100 static bool classof(const MemRegion *region) {
1101 return region->getKind() == CXXBaseObjectRegionKind;
1102 }
1103
1104 bool canPrintPrettyAsExpr() const;
1105
1106 void printPrettyAsExpr(raw_ostream &os) const;
1107 };
1108
1109 template<typename RegionTy>
getAs()1110 const RegionTy* MemRegion::getAs() const {
1111 if (const RegionTy* RT = dyn_cast<RegionTy>(this))
1112 return RT;
1113
1114 return NULL;
1115 }
1116
1117 //===----------------------------------------------------------------------===//
1118 // MemRegionManager - Factory object for creating regions.
1119 //===----------------------------------------------------------------------===//
1120
1121 class MemRegionManager {
1122 ASTContext &C;
1123 llvm::BumpPtrAllocator& A;
1124 llvm::FoldingSet<MemRegion> Regions;
1125
1126 GlobalInternalSpaceRegion *InternalGlobals;
1127 GlobalSystemSpaceRegion *SystemGlobals;
1128 GlobalImmutableSpaceRegion *ImmutableGlobals;
1129
1130
1131 llvm::DenseMap<const StackFrameContext *, StackLocalsSpaceRegion *>
1132 StackLocalsSpaceRegions;
1133 llvm::DenseMap<const StackFrameContext *, StackArgumentsSpaceRegion *>
1134 StackArgumentsSpaceRegions;
1135 llvm::DenseMap<const CodeTextRegion *, StaticGlobalSpaceRegion *>
1136 StaticsGlobalSpaceRegions;
1137
1138 HeapSpaceRegion *heap;
1139 UnknownSpaceRegion *unknown;
1140 MemSpaceRegion *code;
1141
1142 public:
MemRegionManager(ASTContext & c,llvm::BumpPtrAllocator & a)1143 MemRegionManager(ASTContext &c, llvm::BumpPtrAllocator& a)
1144 : C(c), A(a), InternalGlobals(0), SystemGlobals(0), ImmutableGlobals(0),
1145 heap(0), unknown(0), code(0) {}
1146
1147 ~MemRegionManager();
1148
getContext()1149 ASTContext &getContext() { return C; }
1150
getAllocator()1151 llvm::BumpPtrAllocator &getAllocator() { return A; }
1152
1153 /// getStackLocalsRegion - Retrieve the memory region associated with the
1154 /// specified stack frame.
1155 const StackLocalsSpaceRegion *
1156 getStackLocalsRegion(const StackFrameContext *STC);
1157
1158 /// getStackArgumentsRegion - Retrieve the memory region associated with
1159 /// function/method arguments of the specified stack frame.
1160 const StackArgumentsSpaceRegion *
1161 getStackArgumentsRegion(const StackFrameContext *STC);
1162
1163 /// getGlobalsRegion - Retrieve the memory region associated with
1164 /// global variables.
1165 const GlobalsSpaceRegion *getGlobalsRegion(
1166 MemRegion::Kind K = MemRegion::GlobalInternalSpaceRegionKind,
1167 const CodeTextRegion *R = 0);
1168
1169 /// getHeapRegion - Retrieve the memory region associated with the
1170 /// generic "heap".
1171 const HeapSpaceRegion *getHeapRegion();
1172
1173 /// getUnknownRegion - Retrieve the memory region associated with unknown
1174 /// memory space.
1175 const MemSpaceRegion *getUnknownRegion();
1176
1177 const MemSpaceRegion *getCodeRegion();
1178
1179 /// getAllocaRegion - Retrieve a region associated with a call to alloca().
1180 const AllocaRegion *getAllocaRegion(const Expr *Ex, unsigned Cnt,
1181 const LocationContext *LC);
1182
1183 /// getCompoundLiteralRegion - Retrieve the region associated with a
1184 /// given CompoundLiteral.
1185 const CompoundLiteralRegion*
1186 getCompoundLiteralRegion(const CompoundLiteralExpr *CL,
1187 const LocationContext *LC);
1188
1189 /// getCXXThisRegion - Retrieve the [artificial] region associated with the
1190 /// parameter 'this'.
1191 const CXXThisRegion *getCXXThisRegion(QualType thisPointerTy,
1192 const LocationContext *LC);
1193
1194 /// \brief Retrieve or create a "symbolic" memory region.
1195 const SymbolicRegion* getSymbolicRegion(SymbolRef Sym);
1196
1197 /// \brief Return a unique symbolic region belonging to heap memory space.
1198 const SymbolicRegion *getSymbolicHeapRegion(SymbolRef sym);
1199
1200 const StringRegion *getStringRegion(const StringLiteral* Str);
1201
1202 const ObjCStringRegion *getObjCStringRegion(const ObjCStringLiteral *Str);
1203
1204 /// getVarRegion - Retrieve or create the memory region associated with
1205 /// a specified VarDecl and LocationContext.
1206 const VarRegion* getVarRegion(const VarDecl *D, const LocationContext *LC);
1207
1208 /// getVarRegion - Retrieve or create the memory region associated with
1209 /// a specified VarDecl and super region.
1210 const VarRegion* getVarRegion(const VarDecl *D, const MemRegion *superR);
1211
1212 /// getElementRegion - Retrieve the memory region associated with the
1213 /// associated element type, index, and super region.
1214 const ElementRegion *getElementRegion(QualType elementType, NonLoc Idx,
1215 const MemRegion *superRegion,
1216 ASTContext &Ctx);
1217
getElementRegionWithSuper(const ElementRegion * ER,const MemRegion * superRegion)1218 const ElementRegion *getElementRegionWithSuper(const ElementRegion *ER,
1219 const MemRegion *superRegion) {
1220 return getElementRegion(ER->getElementType(), ER->getIndex(),
1221 superRegion, ER->getContext());
1222 }
1223
1224 /// getFieldRegion - Retrieve or create the memory region associated with
1225 /// a specified FieldDecl. 'superRegion' corresponds to the containing
1226 /// memory region (which typically represents the memory representing
1227 /// a structure or class).
1228 const FieldRegion *getFieldRegion(const FieldDecl *fd,
1229 const MemRegion* superRegion);
1230
getFieldRegionWithSuper(const FieldRegion * FR,const MemRegion * superRegion)1231 const FieldRegion *getFieldRegionWithSuper(const FieldRegion *FR,
1232 const MemRegion *superRegion) {
1233 return getFieldRegion(FR->getDecl(), superRegion);
1234 }
1235
1236 /// getObjCIvarRegion - Retrieve or create the memory region associated with
1237 /// a specified Objective-c instance variable. 'superRegion' corresponds
1238 /// to the containing region (which typically represents the Objective-C
1239 /// object).
1240 const ObjCIvarRegion *getObjCIvarRegion(const ObjCIvarDecl *ivd,
1241 const MemRegion* superRegion);
1242
1243 const CXXTempObjectRegion *getCXXTempObjectRegion(Expr const *Ex,
1244 LocationContext const *LC);
1245
1246 /// Create a CXXBaseObjectRegion with the given base class for region
1247 /// \p Super.
1248 ///
1249 /// The type of \p Super is assumed be a class deriving from \p BaseClass.
1250 const CXXBaseObjectRegion *
1251 getCXXBaseObjectRegion(const CXXRecordDecl *BaseClass, const MemRegion *Super,
1252 bool IsVirtual);
1253
1254 /// Create a CXXBaseObjectRegion with the same CXXRecordDecl but a different
1255 /// super region.
1256 const CXXBaseObjectRegion *
getCXXBaseObjectRegionWithSuper(const CXXBaseObjectRegion * baseReg,const MemRegion * superRegion)1257 getCXXBaseObjectRegionWithSuper(const CXXBaseObjectRegion *baseReg,
1258 const MemRegion *superRegion) {
1259 return getCXXBaseObjectRegion(baseReg->getDecl(), superRegion,
1260 baseReg->isVirtual());
1261 }
1262
1263 const FunctionTextRegion *getFunctionTextRegion(const NamedDecl *FD);
1264 const BlockTextRegion *getBlockTextRegion(const BlockDecl *BD,
1265 CanQualType locTy,
1266 AnalysisDeclContext *AC);
1267
1268 /// getBlockDataRegion - Get the memory region associated with an instance
1269 /// of a block. Unlike many other MemRegions, the LocationContext*
1270 /// argument is allowed to be NULL for cases where we have no known
1271 /// context.
1272 const BlockDataRegion *getBlockDataRegion(const BlockTextRegion *bc,
1273 const LocationContext *lc = NULL);
1274
1275 /// Create a CXXTempObjectRegion for temporaries which are lifetime-extended
1276 /// by static references. This differs from getCXXTempObjectRegion in the
1277 /// super-region used.
1278 const CXXTempObjectRegion *getCXXStaticTempObjectRegion(const Expr *Ex);
1279
1280 private:
1281 template <typename RegionTy, typename A1>
1282 RegionTy* getRegion(const A1 a1);
1283
1284 template <typename RegionTy, typename A1>
1285 RegionTy* getSubRegion(const A1 a1, const MemRegion* superRegion);
1286
1287 template <typename RegionTy, typename A1, typename A2>
1288 RegionTy* getRegion(const A1 a1, const A2 a2);
1289
1290 template <typename RegionTy, typename A1, typename A2>
1291 RegionTy* getSubRegion(const A1 a1, const A2 a2,
1292 const MemRegion* superRegion);
1293
1294 template <typename RegionTy, typename A1, typename A2, typename A3>
1295 RegionTy* getSubRegion(const A1 a1, const A2 a2, const A3 a3,
1296 const MemRegion* superRegion);
1297
1298 template <typename REG>
1299 const REG* LazyAllocate(REG*& region);
1300
1301 template <typename REG, typename ARG>
1302 const REG* LazyAllocate(REG*& region, ARG a);
1303 };
1304
1305 //===----------------------------------------------------------------------===//
1306 // Out-of-line member definitions.
1307 //===----------------------------------------------------------------------===//
1308
getContext()1309 inline ASTContext &MemRegion::getContext() const {
1310 return getMemRegionManager()->getContext();
1311 }
1312
1313 } // end GR namespace
1314
1315 } // end clang namespace
1316
1317 //===----------------------------------------------------------------------===//
1318 // Pretty-printing regions.
1319 //===----------------------------------------------------------------------===//
1320
1321 namespace llvm {
1322 static inline raw_ostream &operator<<(raw_ostream &os,
1323 const clang::ento::MemRegion* R) {
1324 R->dumpToStream(os);
1325 return os;
1326 }
1327 } // end llvm namespace
1328
1329 #endif
1330