clang API Documentation
00001 //== MemRegion.cpp - Abstract memory regions for static analysis --*- C++ -*--// 00002 // 00003 // The LLVM Compiler Infrastructure 00004 // 00005 // This file is distributed under the University of Illinois Open Source 00006 // License. See LICENSE.TXT for details. 00007 // 00008 //===----------------------------------------------------------------------===// 00009 // 00010 // This file defines MemRegion and its subclasses. MemRegion defines a 00011 // partially-typed abstraction of memory useful for path-sensitive dataflow 00012 // analyses. 00013 // 00014 //===----------------------------------------------------------------------===// 00015 00016 #include "clang/StaticAnalyzer/Core/PathSensitive/MemRegion.h" 00017 #include "clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h" 00018 #include "clang/Analysis/AnalysisContext.h" 00019 #include "clang/Analysis/Support/BumpVector.h" 00020 #include "clang/AST/CharUnits.h" 00021 #include "clang/AST/DeclObjC.h" 00022 #include "clang/AST/RecordLayout.h" 00023 #include "clang/Basic/SourceManager.h" 00024 #include "llvm/Support/raw_ostream.h" 00025 00026 using namespace clang; 00027 using namespace ento; 00028 00029 //===----------------------------------------------------------------------===// 00030 // MemRegion Construction. 00031 //===----------------------------------------------------------------------===// 00032 00033 template<typename RegionTy> struct MemRegionManagerTrait; 00034 00035 template <typename RegionTy, typename A1> 00036 RegionTy* MemRegionManager::getRegion(const A1 a1) { 00037 00038 const typename MemRegionManagerTrait<RegionTy>::SuperRegionTy *superRegion = 00039 MemRegionManagerTrait<RegionTy>::getSuperRegion(*this, a1); 00040 00041 llvm::FoldingSetNodeID ID; 00042 RegionTy::ProfileRegion(ID, a1, superRegion); 00043 void *InsertPos; 00044 RegionTy* R = cast_or_null<RegionTy>(Regions.FindNodeOrInsertPos(ID, 00045 InsertPos)); 00046 00047 if (!R) { 00048 R = (RegionTy*) A.Allocate<RegionTy>(); 00049 new (R) RegionTy(a1, superRegion); 00050 Regions.InsertNode(R, InsertPos); 00051 } 00052 00053 return R; 00054 } 00055 00056 template <typename RegionTy, typename A1> 00057 RegionTy* MemRegionManager::getSubRegion(const A1 a1, 00058 const MemRegion *superRegion) { 00059 llvm::FoldingSetNodeID ID; 00060 RegionTy::ProfileRegion(ID, a1, superRegion); 00061 void *InsertPos; 00062 RegionTy* R = cast_or_null<RegionTy>(Regions.FindNodeOrInsertPos(ID, 00063 InsertPos)); 00064 00065 if (!R) { 00066 R = (RegionTy*) A.Allocate<RegionTy>(); 00067 new (R) RegionTy(a1, superRegion); 00068 Regions.InsertNode(R, InsertPos); 00069 } 00070 00071 return R; 00072 } 00073 00074 template <typename RegionTy, typename A1, typename A2> 00075 RegionTy* MemRegionManager::getRegion(const A1 a1, const A2 a2) { 00076 00077 const typename MemRegionManagerTrait<RegionTy>::SuperRegionTy *superRegion = 00078 MemRegionManagerTrait<RegionTy>::getSuperRegion(*this, a1, a2); 00079 00080 llvm::FoldingSetNodeID ID; 00081 RegionTy::ProfileRegion(ID, a1, a2, superRegion); 00082 void *InsertPos; 00083 RegionTy* R = cast_or_null<RegionTy>(Regions.FindNodeOrInsertPos(ID, 00084 InsertPos)); 00085 00086 if (!R) { 00087 R = (RegionTy*) A.Allocate<RegionTy>(); 00088 new (R) RegionTy(a1, a2, superRegion); 00089 Regions.InsertNode(R, InsertPos); 00090 } 00091 00092 return R; 00093 } 00094 00095 template <typename RegionTy, typename A1, typename A2> 00096 RegionTy* MemRegionManager::getSubRegion(const A1 a1, const A2 a2, 00097 const MemRegion *superRegion) { 00098 00099 llvm::FoldingSetNodeID ID; 00100 RegionTy::ProfileRegion(ID, a1, a2, superRegion); 00101 void *InsertPos; 00102 RegionTy* R = cast_or_null<RegionTy>(Regions.FindNodeOrInsertPos(ID, 00103 InsertPos)); 00104 00105 if (!R) { 00106 R = (RegionTy*) A.Allocate<RegionTy>(); 00107 new (R) RegionTy(a1, a2, superRegion); 00108 Regions.InsertNode(R, InsertPos); 00109 } 00110 00111 return R; 00112 } 00113 00114 template <typename RegionTy, typename A1, typename A2, typename A3> 00115 RegionTy* MemRegionManager::getSubRegion(const A1 a1, const A2 a2, const A3 a3, 00116 const MemRegion *superRegion) { 00117 00118 llvm::FoldingSetNodeID ID; 00119 RegionTy::ProfileRegion(ID, a1, a2, a3, superRegion); 00120 void *InsertPos; 00121 RegionTy* R = cast_or_null<RegionTy>(Regions.FindNodeOrInsertPos(ID, 00122 InsertPos)); 00123 00124 if (!R) { 00125 R = (RegionTy*) A.Allocate<RegionTy>(); 00126 new (R) RegionTy(a1, a2, a3, superRegion); 00127 Regions.InsertNode(R, InsertPos); 00128 } 00129 00130 return R; 00131 } 00132 00133 //===----------------------------------------------------------------------===// 00134 // Object destruction. 00135 //===----------------------------------------------------------------------===// 00136 00137 MemRegion::~MemRegion() {} 00138 00139 MemRegionManager::~MemRegionManager() { 00140 // All regions and their data are BumpPtrAllocated. No need to call 00141 // their destructors. 00142 } 00143 00144 //===----------------------------------------------------------------------===// 00145 // Basic methods. 00146 //===----------------------------------------------------------------------===// 00147 00148 bool SubRegion::isSubRegionOf(const MemRegion* R) const { 00149 const MemRegion* r = getSuperRegion(); 00150 while (r != 0) { 00151 if (r == R) 00152 return true; 00153 if (const SubRegion* sr = dyn_cast<SubRegion>(r)) 00154 r = sr->getSuperRegion(); 00155 else 00156 break; 00157 } 00158 return false; 00159 } 00160 00161 MemRegionManager* SubRegion::getMemRegionManager() const { 00162 const SubRegion* r = this; 00163 do { 00164 const MemRegion *superRegion = r->getSuperRegion(); 00165 if (const SubRegion *sr = dyn_cast<SubRegion>(superRegion)) { 00166 r = sr; 00167 continue; 00168 } 00169 return superRegion->getMemRegionManager(); 00170 } while (1); 00171 } 00172 00173 const StackFrameContext *VarRegion::getStackFrame() const { 00174 const StackSpaceRegion *SSR = dyn_cast<StackSpaceRegion>(getMemorySpace()); 00175 return SSR ? SSR->getStackFrame() : NULL; 00176 } 00177 00178 //===----------------------------------------------------------------------===// 00179 // Region extents. 00180 //===----------------------------------------------------------------------===// 00181 00182 DefinedOrUnknownSVal DeclRegion::getExtent(SValBuilder &svalBuilder) const { 00183 ASTContext &Ctx = svalBuilder.getContext(); 00184 QualType T = getDesugaredValueType(Ctx); 00185 00186 if (isa<VariableArrayType>(T)) 00187 return nonloc::SymbolVal(svalBuilder.getSymbolManager().getExtentSymbol(this)); 00188 if (isa<IncompleteArrayType>(T)) 00189 return UnknownVal(); 00190 00191 CharUnits size = Ctx.getTypeSizeInChars(T); 00192 QualType sizeTy = svalBuilder.getArrayIndexType(); 00193 return svalBuilder.makeIntVal(size.getQuantity(), sizeTy); 00194 } 00195 00196 DefinedOrUnknownSVal FieldRegion::getExtent(SValBuilder &svalBuilder) const { 00197 DefinedOrUnknownSVal Extent = DeclRegion::getExtent(svalBuilder); 00198 00199 // A zero-length array at the end of a struct often stands for dynamically- 00200 // allocated extra memory. 00201 if (Extent.isZeroConstant()) { 00202 QualType T = getDesugaredValueType(svalBuilder.getContext()); 00203 00204 if (isa<ConstantArrayType>(T)) 00205 return UnknownVal(); 00206 } 00207 00208 return Extent; 00209 } 00210 00211 DefinedOrUnknownSVal AllocaRegion::getExtent(SValBuilder &svalBuilder) const { 00212 return nonloc::SymbolVal(svalBuilder.getSymbolManager().getExtentSymbol(this)); 00213 } 00214 00215 DefinedOrUnknownSVal SymbolicRegion::getExtent(SValBuilder &svalBuilder) const { 00216 return nonloc::SymbolVal(svalBuilder.getSymbolManager().getExtentSymbol(this)); 00217 } 00218 00219 DefinedOrUnknownSVal StringRegion::getExtent(SValBuilder &svalBuilder) const { 00220 return svalBuilder.makeIntVal(getStringLiteral()->getByteLength()+1, 00221 svalBuilder.getArrayIndexType()); 00222 } 00223 00224 ObjCIvarRegion::ObjCIvarRegion(const ObjCIvarDecl *ivd, const MemRegion* sReg) 00225 : DeclRegion(ivd, sReg, ObjCIvarRegionKind) {} 00226 00227 const ObjCIvarDecl *ObjCIvarRegion::getDecl() const { 00228 return cast<ObjCIvarDecl>(D); 00229 } 00230 00231 QualType ObjCIvarRegion::getValueType() const { 00232 return getDecl()->getType(); 00233 } 00234 00235 QualType CXXBaseObjectRegion::getValueType() const { 00236 return QualType(decl->getTypeForDecl(), 0); 00237 } 00238 00239 //===----------------------------------------------------------------------===// 00240 // FoldingSet profiling. 00241 //===----------------------------------------------------------------------===// 00242 00243 void MemSpaceRegion::Profile(llvm::FoldingSetNodeID& ID) const { 00244 ID.AddInteger((unsigned)getKind()); 00245 } 00246 00247 void StackSpaceRegion::Profile(llvm::FoldingSetNodeID &ID) const { 00248 ID.AddInteger((unsigned)getKind()); 00249 ID.AddPointer(getStackFrame()); 00250 } 00251 00252 void StaticGlobalSpaceRegion::Profile(llvm::FoldingSetNodeID &ID) const { 00253 ID.AddInteger((unsigned)getKind()); 00254 ID.AddPointer(getCodeRegion()); 00255 } 00256 00257 void StringRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, 00258 const StringLiteral* Str, 00259 const MemRegion* superRegion) { 00260 ID.AddInteger((unsigned) StringRegionKind); 00261 ID.AddPointer(Str); 00262 ID.AddPointer(superRegion); 00263 } 00264 00265 void ObjCStringRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, 00266 const ObjCStringLiteral* Str, 00267 const MemRegion* superRegion) { 00268 ID.AddInteger((unsigned) ObjCStringRegionKind); 00269 ID.AddPointer(Str); 00270 ID.AddPointer(superRegion); 00271 } 00272 00273 void AllocaRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, 00274 const Expr *Ex, unsigned cnt, 00275 const MemRegion *) { 00276 ID.AddInteger((unsigned) AllocaRegionKind); 00277 ID.AddPointer(Ex); 00278 ID.AddInteger(cnt); 00279 } 00280 00281 void AllocaRegion::Profile(llvm::FoldingSetNodeID& ID) const { 00282 ProfileRegion(ID, Ex, Cnt, superRegion); 00283 } 00284 00285 void CompoundLiteralRegion::Profile(llvm::FoldingSetNodeID& ID) const { 00286 CompoundLiteralRegion::ProfileRegion(ID, CL, superRegion); 00287 } 00288 00289 void CompoundLiteralRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, 00290 const CompoundLiteralExpr *CL, 00291 const MemRegion* superRegion) { 00292 ID.AddInteger((unsigned) CompoundLiteralRegionKind); 00293 ID.AddPointer(CL); 00294 ID.AddPointer(superRegion); 00295 } 00296 00297 void CXXThisRegion::ProfileRegion(llvm::FoldingSetNodeID &ID, 00298 const PointerType *PT, 00299 const MemRegion *sRegion) { 00300 ID.AddInteger((unsigned) CXXThisRegionKind); 00301 ID.AddPointer(PT); 00302 ID.AddPointer(sRegion); 00303 } 00304 00305 void CXXThisRegion::Profile(llvm::FoldingSetNodeID &ID) const { 00306 CXXThisRegion::ProfileRegion(ID, ThisPointerTy, superRegion); 00307 } 00308 00309 void ObjCIvarRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, 00310 const ObjCIvarDecl *ivd, 00311 const MemRegion* superRegion) { 00312 DeclRegion::ProfileRegion(ID, ivd, superRegion, ObjCIvarRegionKind); 00313 } 00314 00315 void DeclRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, const Decl *D, 00316 const MemRegion* superRegion, Kind k) { 00317 ID.AddInteger((unsigned) k); 00318 ID.AddPointer(D); 00319 ID.AddPointer(superRegion); 00320 } 00321 00322 void DeclRegion::Profile(llvm::FoldingSetNodeID& ID) const { 00323 DeclRegion::ProfileRegion(ID, D, superRegion, getKind()); 00324 } 00325 00326 void VarRegion::Profile(llvm::FoldingSetNodeID &ID) const { 00327 VarRegion::ProfileRegion(ID, getDecl(), superRegion); 00328 } 00329 00330 void SymbolicRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, SymbolRef sym, 00331 const MemRegion *sreg) { 00332 ID.AddInteger((unsigned) MemRegion::SymbolicRegionKind); 00333 ID.Add(sym); 00334 ID.AddPointer(sreg); 00335 } 00336 00337 void SymbolicRegion::Profile(llvm::FoldingSetNodeID& ID) const { 00338 SymbolicRegion::ProfileRegion(ID, sym, getSuperRegion()); 00339 } 00340 00341 void ElementRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, 00342 QualType ElementType, SVal Idx, 00343 const MemRegion* superRegion) { 00344 ID.AddInteger(MemRegion::ElementRegionKind); 00345 ID.Add(ElementType); 00346 ID.AddPointer(superRegion); 00347 Idx.Profile(ID); 00348 } 00349 00350 void ElementRegion::Profile(llvm::FoldingSetNodeID& ID) const { 00351 ElementRegion::ProfileRegion(ID, ElementType, Index, superRegion); 00352 } 00353 00354 void FunctionTextRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, 00355 const FunctionDecl *FD, 00356 const MemRegion*) { 00357 ID.AddInteger(MemRegion::FunctionTextRegionKind); 00358 ID.AddPointer(FD); 00359 } 00360 00361 void FunctionTextRegion::Profile(llvm::FoldingSetNodeID& ID) const { 00362 FunctionTextRegion::ProfileRegion(ID, FD, superRegion); 00363 } 00364 00365 void BlockTextRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, 00366 const BlockDecl *BD, CanQualType, 00367 const AnalysisDeclContext *AC, 00368 const MemRegion*) { 00369 ID.AddInteger(MemRegion::BlockTextRegionKind); 00370 ID.AddPointer(BD); 00371 } 00372 00373 void BlockTextRegion::Profile(llvm::FoldingSetNodeID& ID) const { 00374 BlockTextRegion::ProfileRegion(ID, BD, locTy, AC, superRegion); 00375 } 00376 00377 void BlockDataRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, 00378 const BlockTextRegion *BC, 00379 const LocationContext *LC, 00380 const MemRegion *sReg) { 00381 ID.AddInteger(MemRegion::BlockDataRegionKind); 00382 ID.AddPointer(BC); 00383 ID.AddPointer(LC); 00384 ID.AddPointer(sReg); 00385 } 00386 00387 void BlockDataRegion::Profile(llvm::FoldingSetNodeID& ID) const { 00388 BlockDataRegion::ProfileRegion(ID, BC, LC, getSuperRegion()); 00389 } 00390 00391 void CXXTempObjectRegion::ProfileRegion(llvm::FoldingSetNodeID &ID, 00392 Expr const *Ex, 00393 const MemRegion *sReg) { 00394 ID.AddPointer(Ex); 00395 ID.AddPointer(sReg); 00396 } 00397 00398 void CXXTempObjectRegion::Profile(llvm::FoldingSetNodeID &ID) const { 00399 ProfileRegion(ID, Ex, getSuperRegion()); 00400 } 00401 00402 void CXXBaseObjectRegion::ProfileRegion(llvm::FoldingSetNodeID &ID, 00403 const CXXRecordDecl *decl, 00404 const MemRegion *sReg) { 00405 ID.AddPointer(decl); 00406 ID.AddPointer(sReg); 00407 } 00408 00409 void CXXBaseObjectRegion::Profile(llvm::FoldingSetNodeID &ID) const { 00410 ProfileRegion(ID, decl, superRegion); 00411 } 00412 00413 //===----------------------------------------------------------------------===// 00414 // Region anchors. 00415 //===----------------------------------------------------------------------===// 00416 00417 void GlobalsSpaceRegion::anchor() { } 00418 void HeapSpaceRegion::anchor() { } 00419 void UnknownSpaceRegion::anchor() { } 00420 void StackLocalsSpaceRegion::anchor() { } 00421 void StackArgumentsSpaceRegion::anchor() { } 00422 void TypedRegion::anchor() { } 00423 void TypedValueRegion::anchor() { } 00424 void CodeTextRegion::anchor() { } 00425 void SubRegion::anchor() { } 00426 00427 //===----------------------------------------------------------------------===// 00428 // Region pretty-printing. 00429 //===----------------------------------------------------------------------===// 00430 00431 void MemRegion::dump() const { 00432 dumpToStream(llvm::errs()); 00433 } 00434 00435 std::string MemRegion::getString() const { 00436 std::string s; 00437 llvm::raw_string_ostream os(s); 00438 dumpToStream(os); 00439 return os.str(); 00440 } 00441 00442 void MemRegion::dumpToStream(raw_ostream &os) const { 00443 os << "<Unknown Region>"; 00444 } 00445 00446 void AllocaRegion::dumpToStream(raw_ostream &os) const { 00447 os << "alloca{" << (void*) Ex << ',' << Cnt << '}'; 00448 } 00449 00450 void FunctionTextRegion::dumpToStream(raw_ostream &os) const { 00451 os << "code{" << getDecl()->getDeclName().getAsString() << '}'; 00452 } 00453 00454 void BlockTextRegion::dumpToStream(raw_ostream &os) const { 00455 os << "block_code{" << (void*) this << '}'; 00456 } 00457 00458 void BlockDataRegion::dumpToStream(raw_ostream &os) const { 00459 os << "block_data{" << BC << '}'; 00460 } 00461 00462 void CompoundLiteralRegion::dumpToStream(raw_ostream &os) const { 00463 // FIXME: More elaborate pretty-printing. 00464 os << "{ " << (void*) CL << " }"; 00465 } 00466 00467 void CXXTempObjectRegion::dumpToStream(raw_ostream &os) const { 00468 os << "temp_object{" << getValueType().getAsString() << ',' 00469 << (void*) Ex << '}'; 00470 } 00471 00472 void CXXBaseObjectRegion::dumpToStream(raw_ostream &os) const { 00473 os << "base " << decl->getName(); 00474 } 00475 00476 void CXXThisRegion::dumpToStream(raw_ostream &os) const { 00477 os << "this"; 00478 } 00479 00480 void ElementRegion::dumpToStream(raw_ostream &os) const { 00481 os << "element{" << superRegion << ',' 00482 << Index << ',' << getElementType().getAsString() << '}'; 00483 } 00484 00485 void FieldRegion::dumpToStream(raw_ostream &os) const { 00486 os << superRegion << "->" << *getDecl(); 00487 } 00488 00489 void ObjCIvarRegion::dumpToStream(raw_ostream &os) const { 00490 os << "ivar{" << superRegion << ',' << *getDecl() << '}'; 00491 } 00492 00493 void StringRegion::dumpToStream(raw_ostream &os) const { 00494 Str->printPretty(os, 0, PrintingPolicy(getContext().getLangOpts())); 00495 } 00496 00497 void ObjCStringRegion::dumpToStream(raw_ostream &os) const { 00498 Str->printPretty(os, 0, PrintingPolicy(getContext().getLangOpts())); 00499 } 00500 00501 void SymbolicRegion::dumpToStream(raw_ostream &os) const { 00502 os << "SymRegion{" << sym << '}'; 00503 } 00504 00505 void VarRegion::dumpToStream(raw_ostream &os) const { 00506 os << *cast<VarDecl>(D); 00507 } 00508 00509 void RegionRawOffset::dump() const { 00510 dumpToStream(llvm::errs()); 00511 } 00512 00513 void RegionRawOffset::dumpToStream(raw_ostream &os) const { 00514 os << "raw_offset{" << getRegion() << ',' << getOffset().getQuantity() << '}'; 00515 } 00516 00517 void StaticGlobalSpaceRegion::dumpToStream(raw_ostream &os) const { 00518 os << "StaticGlobalsMemSpace{" << CR << '}'; 00519 } 00520 00521 void NonStaticGlobalSpaceRegion::dumpToStream(raw_ostream &os) const { 00522 os << "NonStaticGlobalSpaceRegion"; 00523 } 00524 00525 void GlobalInternalSpaceRegion::dumpToStream(raw_ostream &os) const { 00526 os << "GlobalInternalSpaceRegion"; 00527 } 00528 00529 void GlobalSystemSpaceRegion::dumpToStream(raw_ostream &os) const { 00530 os << "GlobalSystemSpaceRegion"; 00531 } 00532 00533 void GlobalImmutableSpaceRegion::dumpToStream(raw_ostream &os) const { 00534 os << "GlobalImmutableSpaceRegion"; 00535 } 00536 00537 void MemRegion::dumpPretty(raw_ostream &os) const { 00538 return; 00539 } 00540 00541 void VarRegion::dumpPretty(raw_ostream &os) const { 00542 os << getDecl()->getName(); 00543 } 00544 00545 void FieldRegion::dumpPretty(raw_ostream &os) const { 00546 superRegion->dumpPretty(os); 00547 os << "->" << getDecl(); 00548 } 00549 00550 //===----------------------------------------------------------------------===// 00551 // MemRegionManager methods. 00552 //===----------------------------------------------------------------------===// 00553 00554 template <typename REG> 00555 const REG *MemRegionManager::LazyAllocate(REG*& region) { 00556 if (!region) { 00557 region = (REG*) A.Allocate<REG>(); 00558 new (region) REG(this); 00559 } 00560 00561 return region; 00562 } 00563 00564 template <typename REG, typename ARG> 00565 const REG *MemRegionManager::LazyAllocate(REG*& region, ARG a) { 00566 if (!region) { 00567 region = (REG*) A.Allocate<REG>(); 00568 new (region) REG(this, a); 00569 } 00570 00571 return region; 00572 } 00573 00574 const StackLocalsSpaceRegion* 00575 MemRegionManager::getStackLocalsRegion(const StackFrameContext *STC) { 00576 assert(STC); 00577 StackLocalsSpaceRegion *&R = StackLocalsSpaceRegions[STC]; 00578 00579 if (R) 00580 return R; 00581 00582 R = A.Allocate<StackLocalsSpaceRegion>(); 00583 new (R) StackLocalsSpaceRegion(this, STC); 00584 return R; 00585 } 00586 00587 const StackArgumentsSpaceRegion * 00588 MemRegionManager::getStackArgumentsRegion(const StackFrameContext *STC) { 00589 assert(STC); 00590 StackArgumentsSpaceRegion *&R = StackArgumentsSpaceRegions[STC]; 00591 00592 if (R) 00593 return R; 00594 00595 R = A.Allocate<StackArgumentsSpaceRegion>(); 00596 new (R) StackArgumentsSpaceRegion(this, STC); 00597 return R; 00598 } 00599 00600 const GlobalsSpaceRegion 00601 *MemRegionManager::getGlobalsRegion(MemRegion::Kind K, 00602 const CodeTextRegion *CR) { 00603 if (!CR) { 00604 if (K == MemRegion::GlobalSystemSpaceRegionKind) 00605 return LazyAllocate(SystemGlobals); 00606 if (K == MemRegion::GlobalImmutableSpaceRegionKind) 00607 return LazyAllocate(ImmutableGlobals); 00608 assert(K == MemRegion::GlobalInternalSpaceRegionKind); 00609 return LazyAllocate(InternalGlobals); 00610 } 00611 00612 assert(K == MemRegion::StaticGlobalSpaceRegionKind); 00613 StaticGlobalSpaceRegion *&R = StaticsGlobalSpaceRegions[CR]; 00614 if (R) 00615 return R; 00616 00617 R = A.Allocate<StaticGlobalSpaceRegion>(); 00618 new (R) StaticGlobalSpaceRegion(this, CR); 00619 return R; 00620 } 00621 00622 const HeapSpaceRegion *MemRegionManager::getHeapRegion() { 00623 return LazyAllocate(heap); 00624 } 00625 00626 const MemSpaceRegion *MemRegionManager::getUnknownRegion() { 00627 return LazyAllocate(unknown); 00628 } 00629 00630 const MemSpaceRegion *MemRegionManager::getCodeRegion() { 00631 return LazyAllocate(code); 00632 } 00633 00634 //===----------------------------------------------------------------------===// 00635 // Constructing regions. 00636 //===----------------------------------------------------------------------===// 00637 const StringRegion* MemRegionManager::getStringRegion(const StringLiteral* Str){ 00638 return getSubRegion<StringRegion>(Str, getGlobalsRegion()); 00639 } 00640 00641 const ObjCStringRegion * 00642 MemRegionManager::getObjCStringRegion(const ObjCStringLiteral* Str){ 00643 return getSubRegion<ObjCStringRegion>(Str, getGlobalsRegion()); 00644 } 00645 00646 const VarRegion* MemRegionManager::getVarRegion(const VarDecl *D, 00647 const LocationContext *LC) { 00648 const MemRegion *sReg = 0; 00649 00650 if (D->hasGlobalStorage() && !D->isStaticLocal()) { 00651 00652 // First handle the globals defined in system headers. 00653 if (C.getSourceManager().isInSystemHeader(D->getLocation())) { 00654 // Whitelist the system globals which often DO GET modified, assume the 00655 // rest are immutable. 00656 if (D->getName().find("errno") != StringRef::npos) 00657 sReg = getGlobalsRegion(MemRegion::GlobalSystemSpaceRegionKind); 00658 else 00659 sReg = getGlobalsRegion(MemRegion::GlobalImmutableSpaceRegionKind); 00660 00661 // Treat other globals as GlobalInternal unless they are constants. 00662 } else { 00663 QualType GQT = D->getType(); 00664 const Type *GT = GQT.getTypePtrOrNull(); 00665 // TODO: We could walk the complex types here and see if everything is 00666 // constified. 00667 if (GT && GQT.isConstQualified() && GT->isArithmeticType()) 00668 sReg = getGlobalsRegion(MemRegion::GlobalImmutableSpaceRegionKind); 00669 else 00670 sReg = getGlobalsRegion(); 00671 } 00672 00673 // Finally handle static locals. 00674 } else { 00675 // FIXME: Once we implement scope handling, we will need to properly lookup 00676 // 'D' to the proper LocationContext. 00677 const DeclContext *DC = D->getDeclContext(); 00678 const StackFrameContext *STC = LC->getStackFrameForDeclContext(DC); 00679 00680 if (!STC) 00681 sReg = getUnknownRegion(); 00682 else { 00683 if (D->hasLocalStorage()) { 00684 sReg = isa<ParmVarDecl>(D) || isa<ImplicitParamDecl>(D) 00685 ? static_cast<const MemRegion*>(getStackArgumentsRegion(STC)) 00686 : static_cast<const MemRegion*>(getStackLocalsRegion(STC)); 00687 } 00688 else { 00689 assert(D->isStaticLocal()); 00690 const Decl *D = STC->getDecl(); 00691 if (const FunctionDecl *FD = dyn_cast<FunctionDecl>(D)) 00692 sReg = getGlobalsRegion(MemRegion::StaticGlobalSpaceRegionKind, 00693 getFunctionTextRegion(FD)); 00694 else if (const BlockDecl *BD = dyn_cast<BlockDecl>(D)) { 00695 const BlockTextRegion *BTR = 00696 getBlockTextRegion(BD, 00697 C.getCanonicalType(BD->getSignatureAsWritten()->getType()), 00698 STC->getAnalysisDeclContext()); 00699 sReg = getGlobalsRegion(MemRegion::StaticGlobalSpaceRegionKind, 00700 BTR); 00701 } 00702 else { 00703 // FIXME: For ObjC-methods, we need a new CodeTextRegion. For now 00704 // just use the main global memspace. 00705 sReg = getGlobalsRegion(); 00706 } 00707 } 00708 } 00709 } 00710 00711 return getSubRegion<VarRegion>(D, sReg); 00712 } 00713 00714 const VarRegion *MemRegionManager::getVarRegion(const VarDecl *D, 00715 const MemRegion *superR) { 00716 return getSubRegion<VarRegion>(D, superR); 00717 } 00718 00719 const BlockDataRegion * 00720 MemRegionManager::getBlockDataRegion(const BlockTextRegion *BC, 00721 const LocationContext *LC) { 00722 const MemRegion *sReg = 0; 00723 const BlockDecl *BD = BC->getDecl(); 00724 if (!BD->hasCaptures()) { 00725 // This handles 'static' blocks. 00726 sReg = getGlobalsRegion(MemRegion::GlobalImmutableSpaceRegionKind); 00727 } 00728 else { 00729 if (LC) { 00730 // FIXME: Once we implement scope handling, we want the parent region 00731 // to be the scope. 00732 const StackFrameContext *STC = LC->getCurrentStackFrame(); 00733 assert(STC); 00734 sReg = getStackLocalsRegion(STC); 00735 } 00736 else { 00737 // We allow 'LC' to be NULL for cases where want BlockDataRegions 00738 // without context-sensitivity. 00739 sReg = getUnknownRegion(); 00740 } 00741 } 00742 00743 return getSubRegion<BlockDataRegion>(BC, LC, sReg); 00744 } 00745 00746 const CompoundLiteralRegion* 00747 MemRegionManager::getCompoundLiteralRegion(const CompoundLiteralExpr *CL, 00748 const LocationContext *LC) { 00749 00750 const MemRegion *sReg = 0; 00751 00752 if (CL->isFileScope()) 00753 sReg = getGlobalsRegion(); 00754 else { 00755 const StackFrameContext *STC = LC->getCurrentStackFrame(); 00756 assert(STC); 00757 sReg = getStackLocalsRegion(STC); 00758 } 00759 00760 return getSubRegion<CompoundLiteralRegion>(CL, sReg); 00761 } 00762 00763 const ElementRegion* 00764 MemRegionManager::getElementRegion(QualType elementType, NonLoc Idx, 00765 const MemRegion* superRegion, 00766 ASTContext &Ctx){ 00767 00768 QualType T = Ctx.getCanonicalType(elementType).getUnqualifiedType(); 00769 00770 llvm::FoldingSetNodeID ID; 00771 ElementRegion::ProfileRegion(ID, T, Idx, superRegion); 00772 00773 void *InsertPos; 00774 MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos); 00775 ElementRegion* R = cast_or_null<ElementRegion>(data); 00776 00777 if (!R) { 00778 R = (ElementRegion*) A.Allocate<ElementRegion>(); 00779 new (R) ElementRegion(T, Idx, superRegion); 00780 Regions.InsertNode(R, InsertPos); 00781 } 00782 00783 return R; 00784 } 00785 00786 const FunctionTextRegion * 00787 MemRegionManager::getFunctionTextRegion(const FunctionDecl *FD) { 00788 return getSubRegion<FunctionTextRegion>(FD, getCodeRegion()); 00789 } 00790 00791 const BlockTextRegion * 00792 MemRegionManager::getBlockTextRegion(const BlockDecl *BD, CanQualType locTy, 00793 AnalysisDeclContext *AC) { 00794 return getSubRegion<BlockTextRegion>(BD, locTy, AC, getCodeRegion()); 00795 } 00796 00797 00798 /// getSymbolicRegion - Retrieve or create a "symbolic" memory region. 00799 const SymbolicRegion *MemRegionManager::getSymbolicRegion(SymbolRef sym) { 00800 return getSubRegion<SymbolicRegion>(sym, getUnknownRegion()); 00801 } 00802 00803 const FieldRegion* 00804 MemRegionManager::getFieldRegion(const FieldDecl *d, 00805 const MemRegion* superRegion){ 00806 return getSubRegion<FieldRegion>(d, superRegion); 00807 } 00808 00809 const ObjCIvarRegion* 00810 MemRegionManager::getObjCIvarRegion(const ObjCIvarDecl *d, 00811 const MemRegion* superRegion) { 00812 return getSubRegion<ObjCIvarRegion>(d, superRegion); 00813 } 00814 00815 const CXXTempObjectRegion* 00816 MemRegionManager::getCXXTempObjectRegion(Expr const *E, 00817 LocationContext const *LC) { 00818 const StackFrameContext *SFC = LC->getCurrentStackFrame(); 00819 assert(SFC); 00820 return getSubRegion<CXXTempObjectRegion>(E, getStackLocalsRegion(SFC)); 00821 } 00822 00823 const CXXBaseObjectRegion * 00824 MemRegionManager::getCXXBaseObjectRegion(const CXXRecordDecl *decl, 00825 const MemRegion *superRegion) { 00826 return getSubRegion<CXXBaseObjectRegion>(decl, superRegion); 00827 } 00828 00829 const CXXThisRegion* 00830 MemRegionManager::getCXXThisRegion(QualType thisPointerTy, 00831 const LocationContext *LC) { 00832 const StackFrameContext *STC = LC->getCurrentStackFrame(); 00833 assert(STC); 00834 const PointerType *PT = thisPointerTy->getAs<PointerType>(); 00835 assert(PT); 00836 return getSubRegion<CXXThisRegion>(PT, getStackArgumentsRegion(STC)); 00837 } 00838 00839 const AllocaRegion* 00840 MemRegionManager::getAllocaRegion(const Expr *E, unsigned cnt, 00841 const LocationContext *LC) { 00842 const StackFrameContext *STC = LC->getCurrentStackFrame(); 00843 assert(STC); 00844 return getSubRegion<AllocaRegion>(E, cnt, getStackLocalsRegion(STC)); 00845 } 00846 00847 const MemSpaceRegion *MemRegion::getMemorySpace() const { 00848 const MemRegion *R = this; 00849 const SubRegion* SR = dyn_cast<SubRegion>(this); 00850 00851 while (SR) { 00852 R = SR->getSuperRegion(); 00853 SR = dyn_cast<SubRegion>(R); 00854 } 00855 00856 return dyn_cast<MemSpaceRegion>(R); 00857 } 00858 00859 bool MemRegion::hasStackStorage() const { 00860 return isa<StackSpaceRegion>(getMemorySpace()); 00861 } 00862 00863 bool MemRegion::hasStackNonParametersStorage() const { 00864 return isa<StackLocalsSpaceRegion>(getMemorySpace()); 00865 } 00866 00867 bool MemRegion::hasStackParametersStorage() const { 00868 return isa<StackArgumentsSpaceRegion>(getMemorySpace()); 00869 } 00870 00871 bool MemRegion::hasGlobalsOrParametersStorage() const { 00872 const MemSpaceRegion *MS = getMemorySpace(); 00873 return isa<StackArgumentsSpaceRegion>(MS) || 00874 isa<GlobalsSpaceRegion>(MS); 00875 } 00876 00877 // getBaseRegion strips away all elements and fields, and get the base region 00878 // of them. 00879 const MemRegion *MemRegion::getBaseRegion() const { 00880 const MemRegion *R = this; 00881 while (true) { 00882 switch (R->getKind()) { 00883 case MemRegion::ElementRegionKind: 00884 case MemRegion::FieldRegionKind: 00885 case MemRegion::ObjCIvarRegionKind: 00886 case MemRegion::CXXBaseObjectRegionKind: 00887 R = cast<SubRegion>(R)->getSuperRegion(); 00888 continue; 00889 default: 00890 break; 00891 } 00892 break; 00893 } 00894 return R; 00895 } 00896 00897 //===----------------------------------------------------------------------===// 00898 // View handling. 00899 //===----------------------------------------------------------------------===// 00900 00901 const MemRegion *MemRegion::StripCasts() const { 00902 const MemRegion *R = this; 00903 while (true) { 00904 if (const ElementRegion *ER = dyn_cast<ElementRegion>(R)) { 00905 // FIXME: generalize. Essentially we want to strip away ElementRegions 00906 // that were layered on a symbolic region because of casts. We only 00907 // want to strip away ElementRegions, however, where the index is 0. 00908 SVal index = ER->getIndex(); 00909 if (nonloc::ConcreteInt *CI = dyn_cast<nonloc::ConcreteInt>(&index)) { 00910 if (CI->getValue().getSExtValue() == 0) { 00911 R = ER->getSuperRegion(); 00912 continue; 00913 } 00914 } 00915 } 00916 break; 00917 } 00918 return R; 00919 } 00920 00921 // FIXME: Merge with the implementation of the same method in Store.cpp 00922 static bool IsCompleteType(ASTContext &Ctx, QualType Ty) { 00923 if (const RecordType *RT = Ty->getAs<RecordType>()) { 00924 const RecordDecl *D = RT->getDecl(); 00925 if (!D->getDefinition()) 00926 return false; 00927 } 00928 00929 return true; 00930 } 00931 00932 RegionRawOffset ElementRegion::getAsArrayOffset() const { 00933 CharUnits offset = CharUnits::Zero(); 00934 const ElementRegion *ER = this; 00935 const MemRegion *superR = NULL; 00936 ASTContext &C = getContext(); 00937 00938 // FIXME: Handle multi-dimensional arrays. 00939 00940 while (ER) { 00941 superR = ER->getSuperRegion(); 00942 00943 // FIXME: generalize to symbolic offsets. 00944 SVal index = ER->getIndex(); 00945 if (nonloc::ConcreteInt *CI = dyn_cast<nonloc::ConcreteInt>(&index)) { 00946 // Update the offset. 00947 int64_t i = CI->getValue().getSExtValue(); 00948 00949 if (i != 0) { 00950 QualType elemType = ER->getElementType(); 00951 00952 // If we are pointing to an incomplete type, go no further. 00953 if (!IsCompleteType(C, elemType)) { 00954 superR = ER; 00955 break; 00956 } 00957 00958 CharUnits size = C.getTypeSizeInChars(elemType); 00959 offset += (i * size); 00960 } 00961 00962 // Go to the next ElementRegion (if any). 00963 ER = dyn_cast<ElementRegion>(superR); 00964 continue; 00965 } 00966 00967 return NULL; 00968 } 00969 00970 assert(superR && "super region cannot be NULL"); 00971 return RegionRawOffset(superR, offset); 00972 } 00973 00974 RegionOffset MemRegion::getAsOffset() const { 00975 const MemRegion *R = this; 00976 int64_t Offset = 0; 00977 00978 while (1) { 00979 switch (R->getKind()) { 00980 default: 00981 return RegionOffset(0); 00982 case SymbolicRegionKind: 00983 case AllocaRegionKind: 00984 case CompoundLiteralRegionKind: 00985 case CXXThisRegionKind: 00986 case StringRegionKind: 00987 case VarRegionKind: 00988 case CXXTempObjectRegionKind: 00989 goto Finish; 00990 case ElementRegionKind: { 00991 const ElementRegion *ER = cast<ElementRegion>(R); 00992 QualType EleTy = ER->getValueType(); 00993 00994 if (!IsCompleteType(getContext(), EleTy)) 00995 return RegionOffset(0); 00996 00997 SVal Index = ER->getIndex(); 00998 if (const nonloc::ConcreteInt *CI=dyn_cast<nonloc::ConcreteInt>(&Index)) { 00999 int64_t i = CI->getValue().getSExtValue(); 01000 CharUnits Size = getContext().getTypeSizeInChars(EleTy); 01001 Offset += i * Size.getQuantity() * 8; 01002 } else { 01003 // We cannot compute offset for non-concrete index. 01004 return RegionOffset(0); 01005 } 01006 R = ER->getSuperRegion(); 01007 break; 01008 } 01009 case FieldRegionKind: { 01010 const FieldRegion *FR = cast<FieldRegion>(R); 01011 const RecordDecl *RD = FR->getDecl()->getParent(); 01012 if (!RD->isCompleteDefinition()) 01013 // We cannot compute offset for incomplete type. 01014 return RegionOffset(0); 01015 // Get the field number. 01016 unsigned idx = 0; 01017 for (RecordDecl::field_iterator FI = RD->field_begin(), 01018 FE = RD->field_end(); FI != FE; ++FI, ++idx) 01019 if (FR->getDecl() == &*FI) 01020 break; 01021 01022 const ASTRecordLayout &Layout = getContext().getASTRecordLayout(RD); 01023 // This is offset in bits. 01024 Offset += Layout.getFieldOffset(idx); 01025 R = FR->getSuperRegion(); 01026 break; 01027 } 01028 } 01029 } 01030 01031 Finish: 01032 return RegionOffset(R, Offset); 01033 } 01034 01035 //===----------------------------------------------------------------------===// 01036 // BlockDataRegion 01037 //===----------------------------------------------------------------------===// 01038 01039 void BlockDataRegion::LazyInitializeReferencedVars() { 01040 if (ReferencedVars) 01041 return; 01042 01043 AnalysisDeclContext *AC = getCodeRegion()->getAnalysisDeclContext(); 01044 AnalysisDeclContext::referenced_decls_iterator I, E; 01045 llvm::tie(I, E) = AC->getReferencedBlockVars(BC->getDecl()); 01046 01047 if (I == E) { 01048 ReferencedVars = (void*) 0x1; 01049 return; 01050 } 01051 01052 MemRegionManager &MemMgr = *getMemRegionManager(); 01053 llvm::BumpPtrAllocator &A = MemMgr.getAllocator(); 01054 BumpVectorContext BC(A); 01055 01056 typedef BumpVector<const MemRegion*> VarVec; 01057 VarVec *BV = (VarVec*) A.Allocate<VarVec>(); 01058 new (BV) VarVec(BC, E - I); 01059 VarVec *BVOriginal = (VarVec*) A.Allocate<VarVec>(); 01060 new (BVOriginal) VarVec(BC, E - I); 01061 01062 for ( ; I != E; ++I) { 01063 const VarDecl *VD = *I; 01064 const VarRegion *VR = 0; 01065 const VarRegion *OriginalVR = 0; 01066 01067 if (!VD->getAttr<BlocksAttr>() && VD->hasLocalStorage()) { 01068 VR = MemMgr.getVarRegion(VD, this); 01069 OriginalVR = MemMgr.getVarRegion(VD, LC); 01070 } 01071 else { 01072 if (LC) { 01073 VR = MemMgr.getVarRegion(VD, LC); 01074 OriginalVR = VR; 01075 } 01076 else { 01077 VR = MemMgr.getVarRegion(VD, MemMgr.getUnknownRegion()); 01078 OriginalVR = MemMgr.getVarRegion(VD, LC); 01079 } 01080 } 01081 01082 assert(VR); 01083 assert(OriginalVR); 01084 BV->push_back(VR, BC); 01085 BVOriginal->push_back(OriginalVR, BC); 01086 } 01087 01088 ReferencedVars = BV; 01089 OriginalVars = BVOriginal; 01090 } 01091 01092 BlockDataRegion::referenced_vars_iterator 01093 BlockDataRegion::referenced_vars_begin() const { 01094 const_cast<BlockDataRegion*>(this)->LazyInitializeReferencedVars(); 01095 01096 BumpVector<const MemRegion*> *Vec = 01097 static_cast<BumpVector<const MemRegion*>*>(ReferencedVars); 01098 01099 if (Vec == (void*) 0x1) 01100 return BlockDataRegion::referenced_vars_iterator(0, 0); 01101 01102 BumpVector<const MemRegion*> *VecOriginal = 01103 static_cast<BumpVector<const MemRegion*>*>(OriginalVars); 01104 01105 return BlockDataRegion::referenced_vars_iterator(Vec->begin(), 01106 VecOriginal->begin()); 01107 } 01108 01109 BlockDataRegion::referenced_vars_iterator 01110 BlockDataRegion::referenced_vars_end() const { 01111 const_cast<BlockDataRegion*>(this)->LazyInitializeReferencedVars(); 01112 01113 BumpVector<const MemRegion*> *Vec = 01114 static_cast<BumpVector<const MemRegion*>*>(ReferencedVars); 01115 01116 if (Vec == (void*) 0x1) 01117 return BlockDataRegion::referenced_vars_iterator(0, 0); 01118 01119 BumpVector<const MemRegion*> *VecOriginal = 01120 static_cast<BumpVector<const MemRegion*>*>(OriginalVars); 01121 01122 return BlockDataRegion::referenced_vars_iterator(Vec->end(), 01123 VecOriginal->end()); 01124 }