1 //== MemRegion.h - Abstract memory regions for static analysis --*- C++ -*--==//
3 // The LLVM Compiler Infrastructure
5 // This file is distributed under the University of Illinois Open Source
6 // License. See LICENSE.TXT for details.
8 //===----------------------------------------------------------------------===//
10 // This file defines MemRegion and its subclasses. MemRegion defines a
11 // partially-typed abstraction of memory useful for path-sensitive dataflow
14 //===----------------------------------------------------------------------===//
16 #ifndef LLVM_CLANG_GR_MEMREGION_H
17 #define LLVM_CLANG_GR_MEMREGION_H
19 #include "clang/AST/ASTContext.h"
20 #include "clang/AST/CharUnits.h"
21 #include "clang/AST/Decl.h"
22 #include "clang/AST/ExprObjC.h"
23 #include "clang/Basic/LLVM.h"
24 #include "clang/StaticAnalyzer/Core/PathSensitive/SVals.h"
25 #include "llvm/Support/ErrorHandling.h"
26 #include "llvm/ADT/FoldingSet.h"
30 class BumpPtrAllocator;
35 class LocationContext;
36 class StackFrameContext;
40 class MemRegionManager;
46 /// Represent a region's offset within the top level base region.
51 /// The bit offset within the base region. It shouldn't be negative.
55 // We're using a const instead of an enumeration due to the size required;
56 // Visual Studio will only create enumerations of size int, not long long.
57 static const int64_t Symbolic = INT64_MAX;
59 RegionOffset() : R(0) {}
60 RegionOffset(const MemRegion *r, int64_t off) : R(r), Offset(off) {}
62 const MemRegion *getRegion() const { return R; }
64 bool hasSymbolicOffset() const { return Offset == Symbolic; }
66 int64_t getOffset() const {
67 assert(!hasSymbolicOffset());
71 bool isValid() const { return R; }
74 //===----------------------------------------------------------------------===//
75 // Base region classes.
76 //===----------------------------------------------------------------------===//
78 /// MemRegion - The root abstract class for all memory regions.
79 class MemRegion : public llvm::FoldingSetNode {
80 friend class MemRegionManager;
84 GenericMemSpaceRegionKind,
85 StackLocalsSpaceRegionKind,
86 StackArgumentsSpaceRegionKind,
88 UnknownSpaceRegionKind,
89 StaticGlobalSpaceRegionKind,
90 GlobalInternalSpaceRegionKind,
91 GlobalSystemSpaceRegionKind,
92 GlobalImmutableSpaceRegionKind,
93 BEG_NON_STATIC_GLOBAL_MEMSPACES = GlobalInternalSpaceRegionKind,
94 END_NON_STATIC_GLOBAL_MEMSPACES = GlobalImmutableSpaceRegionKind,
95 BEG_GLOBAL_MEMSPACES = StaticGlobalSpaceRegionKind,
96 END_GLOBAL_MEMSPACES = GlobalImmutableSpaceRegionKind,
97 BEG_MEMSPACES = GenericMemSpaceRegionKind,
98 END_MEMSPACES = GlobalImmutableSpaceRegionKind,
104 FunctionTextRegionKind = BEG_TYPED_REGIONS,
107 BEG_TYPED_VALUE_REGIONS,
108 CompoundLiteralRegionKind = BEG_TYPED_VALUE_REGIONS,
111 ObjCStringRegionKind,
115 VarRegionKind = BEG_DECL_REGIONS,
118 END_DECL_REGIONS = ObjCIvarRegionKind,
119 CXXTempObjectRegionKind,
120 CXXBaseObjectRegionKind,
121 END_TYPED_VALUE_REGIONS = CXXBaseObjectRegionKind,
122 END_TYPED_REGIONS = CXXBaseObjectRegionKind
129 MemRegion(Kind k) : kind(k) {}
130 virtual ~MemRegion();
133 ASTContext &getContext() const;
135 virtual void Profile(llvm::FoldingSetNodeID& ID) const = 0;
137 virtual MemRegionManager* getMemRegionManager() const = 0;
139 const MemSpaceRegion *getMemorySpace() const;
141 const MemRegion *getBaseRegion() const;
143 /// Check if the region is a subregion of the given region.
144 virtual bool isSubRegionOf(const MemRegion *R) const;
146 const MemRegion *StripCasts(bool StripBaseCasts = true) const;
148 bool hasGlobalsOrParametersStorage() const;
150 bool hasStackStorage() const;
152 bool hasStackNonParametersStorage() const;
154 bool hasStackParametersStorage() const;
156 /// Compute the offset within the top level memory object.
157 RegionOffset getAsOffset() const;
159 /// \brief Get a string representation of a region for debug use.
160 std::string getString() const;
162 virtual void dumpToStream(raw_ostream &os) const;
166 /// \brief Returns true if this region can be printed in a user-friendly way.
167 virtual bool canPrintPretty() const;
169 /// \brief Print the region for use in diagnostics.
170 virtual void printPretty(raw_ostream &os) const;
172 Kind getKind() const { return kind; }
174 template<typename RegionTy> const RegionTy* getAs() const;
176 virtual bool isBoundable() const { return false; }
179 /// MemSpaceRegion - A memory region that represents a "memory space";
180 /// for example, the set of global variables, the stack frame, etc.
181 class MemSpaceRegion : public MemRegion {
183 friend class MemRegionManager;
185 MemRegionManager *Mgr;
187 MemSpaceRegion(MemRegionManager *mgr, Kind k = GenericMemSpaceRegionKind)
188 : MemRegion(k), Mgr(mgr) {
189 assert(classof(this));
192 MemRegionManager* getMemRegionManager() const { return Mgr; }
195 bool isBoundable() const { return false; }
197 void Profile(llvm::FoldingSetNodeID &ID) const;
199 static bool classof(const MemRegion *R) {
200 Kind k = R->getKind();
201 return k >= BEG_MEMSPACES && k <= END_MEMSPACES;
205 class GlobalsSpaceRegion : public MemSpaceRegion {
206 virtual void anchor();
208 GlobalsSpaceRegion(MemRegionManager *mgr, Kind k)
209 : MemSpaceRegion(mgr, k) {}
211 static bool classof(const MemRegion *R) {
212 Kind k = R->getKind();
213 return k >= BEG_GLOBAL_MEMSPACES && k <= END_GLOBAL_MEMSPACES;
217 /// \brief The region of the static variables within the current CodeTextRegion
220 /// Currently, only the static locals are placed there, so we know that these
221 /// variables do not get invalidated by calls to other functions.
222 class StaticGlobalSpaceRegion : public GlobalsSpaceRegion {
223 friend class MemRegionManager;
225 const CodeTextRegion *CR;
227 StaticGlobalSpaceRegion(MemRegionManager *mgr, const CodeTextRegion *cr)
228 : GlobalsSpaceRegion(mgr, StaticGlobalSpaceRegionKind), CR(cr) {}
231 void Profile(llvm::FoldingSetNodeID &ID) const;
233 void dumpToStream(raw_ostream &os) const;
235 const CodeTextRegion *getCodeRegion() const { return CR; }
237 static bool classof(const MemRegion *R) {
238 return R->getKind() == StaticGlobalSpaceRegionKind;
242 /// \brief The region for all the non-static global variables.
244 /// This class is further split into subclasses for efficient implementation of
245 /// invalidating a set of related global values as is done in
246 /// RegionStoreManager::invalidateRegions (instead of finding all the dependent
247 /// globals, we invalidate the whole parent region).
248 class NonStaticGlobalSpaceRegion : public GlobalsSpaceRegion {
249 friend class MemRegionManager;
252 NonStaticGlobalSpaceRegion(MemRegionManager *mgr, Kind k)
253 : GlobalsSpaceRegion(mgr, k) {}
257 static bool classof(const MemRegion *R) {
258 Kind k = R->getKind();
259 return k >= BEG_NON_STATIC_GLOBAL_MEMSPACES &&
260 k <= END_NON_STATIC_GLOBAL_MEMSPACES;
264 /// \brief The region containing globals which are defined in system/external
265 /// headers and are considered modifiable by system calls (ex: errno).
266 class GlobalSystemSpaceRegion : public NonStaticGlobalSpaceRegion {
267 friend class MemRegionManager;
269 GlobalSystemSpaceRegion(MemRegionManager *mgr)
270 : NonStaticGlobalSpaceRegion(mgr, GlobalSystemSpaceRegionKind) {}
274 void dumpToStream(raw_ostream &os) const;
276 static bool classof(const MemRegion *R) {
277 return R->getKind() == GlobalSystemSpaceRegionKind;
281 /// \brief The region containing globals which are considered not to be modified
282 /// or point to data which could be modified as a result of a function call
283 /// (system or internal). Ex: Const global scalars would be modeled as part of
284 /// this region. This region also includes most system globals since they have
285 /// low chance of being modified.
286 class GlobalImmutableSpaceRegion : public NonStaticGlobalSpaceRegion {
287 friend class MemRegionManager;
289 GlobalImmutableSpaceRegion(MemRegionManager *mgr)
290 : NonStaticGlobalSpaceRegion(mgr, GlobalImmutableSpaceRegionKind) {}
294 void dumpToStream(raw_ostream &os) const;
296 static bool classof(const MemRegion *R) {
297 return R->getKind() == GlobalImmutableSpaceRegionKind;
301 /// \brief The region containing globals which can be modified by calls to
302 /// "internally" defined functions - (for now just) functions other then system
304 class GlobalInternalSpaceRegion : public NonStaticGlobalSpaceRegion {
305 friend class MemRegionManager;
307 GlobalInternalSpaceRegion(MemRegionManager *mgr)
308 : NonStaticGlobalSpaceRegion(mgr, GlobalInternalSpaceRegionKind) {}
312 void dumpToStream(raw_ostream &os) const;
314 static bool classof(const MemRegion *R) {
315 return R->getKind() == GlobalInternalSpaceRegionKind;
319 class HeapSpaceRegion : public MemSpaceRegion {
320 virtual void anchor();
321 friend class MemRegionManager;
323 HeapSpaceRegion(MemRegionManager *mgr)
324 : MemSpaceRegion(mgr, HeapSpaceRegionKind) {}
327 void dumpToStream(raw_ostream &os) const;
329 static bool classof(const MemRegion *R) {
330 return R->getKind() == HeapSpaceRegionKind;
334 class UnknownSpaceRegion : public MemSpaceRegion {
335 virtual void anchor();
336 friend class MemRegionManager;
337 UnknownSpaceRegion(MemRegionManager *mgr)
338 : MemSpaceRegion(mgr, UnknownSpaceRegionKind) {}
341 void dumpToStream(raw_ostream &os) const;
343 static bool classof(const MemRegion *R) {
344 return R->getKind() == UnknownSpaceRegionKind;
348 class StackSpaceRegion : public MemSpaceRegion {
350 const StackFrameContext *SFC;
353 StackSpaceRegion(MemRegionManager *mgr, Kind k, const StackFrameContext *sfc)
354 : MemSpaceRegion(mgr, k), SFC(sfc) {
355 assert(classof(this));
359 const StackFrameContext *getStackFrame() const { return SFC; }
361 void Profile(llvm::FoldingSetNodeID &ID) const;
363 static bool classof(const MemRegion *R) {
364 Kind k = R->getKind();
365 return k >= StackLocalsSpaceRegionKind &&
366 k <= StackArgumentsSpaceRegionKind;
370 class StackLocalsSpaceRegion : public StackSpaceRegion {
371 virtual void anchor();
372 friend class MemRegionManager;
373 StackLocalsSpaceRegion(MemRegionManager *mgr, const StackFrameContext *sfc)
374 : StackSpaceRegion(mgr, StackLocalsSpaceRegionKind, sfc) {}
377 void dumpToStream(raw_ostream &os) const;
379 static bool classof(const MemRegion *R) {
380 return R->getKind() == StackLocalsSpaceRegionKind;
384 class StackArgumentsSpaceRegion : public StackSpaceRegion {
386 virtual void anchor();
387 friend class MemRegionManager;
388 StackArgumentsSpaceRegion(MemRegionManager *mgr, const StackFrameContext *sfc)
389 : StackSpaceRegion(mgr, StackArgumentsSpaceRegionKind, sfc) {}
392 void dumpToStream(raw_ostream &os) const;
394 static bool classof(const MemRegion *R) {
395 return R->getKind() == StackArgumentsSpaceRegionKind;
400 /// SubRegion - A region that subsets another larger region. Most regions
401 /// are subclasses of SubRegion.
402 class SubRegion : public MemRegion {
404 virtual void anchor();
406 const MemRegion* superRegion;
407 SubRegion(const MemRegion* sReg, Kind k) : MemRegion(k), superRegion(sReg) {}
409 const MemRegion* getSuperRegion() const {
413 /// getExtent - Returns the size of the region in bytes.
414 virtual DefinedOrUnknownSVal getExtent(SValBuilder &svalBuilder) const {
418 MemRegionManager* getMemRegionManager() const;
420 virtual bool isSubRegionOf(const MemRegion* R) const;
422 static bool classof(const MemRegion* R) {
423 return R->getKind() > END_MEMSPACES;
427 //===----------------------------------------------------------------------===//
428 // MemRegion subclasses.
429 //===----------------------------------------------------------------------===//
431 /// AllocaRegion - A region that represents an untyped blob of bytes created
432 /// by a call to 'alloca'.
433 class AllocaRegion : public SubRegion {
434 friend class MemRegionManager;
436 unsigned Cnt; // Block counter. Used to distinguish different pieces of
437 // memory allocated by alloca at the same call site.
440 AllocaRegion(const Expr *ex, unsigned cnt, const MemRegion *superRegion)
441 : SubRegion(superRegion, AllocaRegionKind), Cnt(cnt), Ex(ex) {}
445 const Expr *getExpr() const { return Ex; }
447 bool isBoundable() const { return true; }
449 DefinedOrUnknownSVal getExtent(SValBuilder &svalBuilder) const;
451 void Profile(llvm::FoldingSetNodeID& ID) const;
453 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const Expr *Ex,
454 unsigned Cnt, const MemRegion *superRegion);
456 void dumpToStream(raw_ostream &os) const;
458 static bool classof(const MemRegion* R) {
459 return R->getKind() == AllocaRegionKind;
463 /// TypedRegion - An abstract class representing regions that are typed.
464 class TypedRegion : public SubRegion {
466 virtual void anchor();
468 TypedRegion(const MemRegion* sReg, Kind k) : SubRegion(sReg, k) {}
471 virtual QualType getLocationType() const = 0;
473 QualType getDesugaredLocationType(ASTContext &Context) const {
474 return getLocationType().getDesugaredType(Context);
477 bool isBoundable() const { return true; }
479 static bool classof(const MemRegion* R) {
480 unsigned k = R->getKind();
481 return k >= BEG_TYPED_REGIONS && k <= END_TYPED_REGIONS;
485 /// TypedValueRegion - An abstract class representing regions having a typed value.
486 class TypedValueRegion : public TypedRegion {
488 virtual void anchor();
490 TypedValueRegion(const MemRegion* sReg, Kind k) : TypedRegion(sReg, k) {}
493 virtual QualType getValueType() const = 0;
495 virtual QualType getLocationType() const {
496 // FIXME: We can possibly optimize this later to cache this value.
497 QualType T = getValueType();
498 ASTContext &ctx = getContext();
499 if (T->getAs<ObjCObjectType>())
500 return ctx.getObjCObjectPointerType(T);
501 return ctx.getPointerType(getValueType());
504 QualType getDesugaredValueType(ASTContext &Context) const {
505 QualType T = getValueType();
506 return T.getTypePtrOrNull() ? T.getDesugaredType(Context) : T;
509 DefinedOrUnknownSVal getExtent(SValBuilder &svalBuilder) const;
511 static bool classof(const MemRegion* R) {
512 unsigned k = R->getKind();
513 return k >= BEG_TYPED_VALUE_REGIONS && k <= END_TYPED_VALUE_REGIONS;
518 class CodeTextRegion : public TypedRegion {
520 virtual void anchor();
522 CodeTextRegion(const MemRegion *sreg, Kind k) : TypedRegion(sreg, k) {}
524 bool isBoundable() const { return false; }
526 static bool classof(const MemRegion* R) {
527 Kind k = R->getKind();
528 return k >= FunctionTextRegionKind && k <= BlockTextRegionKind;
532 /// FunctionTextRegion - A region that represents code texts of function.
533 class FunctionTextRegion : public CodeTextRegion {
536 FunctionTextRegion(const NamedDecl *fd, const MemRegion* sreg)
537 : CodeTextRegion(sreg, FunctionTextRegionKind), FD(fd) {
538 assert(isa<ObjCMethodDecl>(fd) || isa<FunctionDecl>(fd));
541 QualType getLocationType() const {
542 const ASTContext &Ctx = getContext();
543 if (const FunctionDecl *D = dyn_cast<FunctionDecl>(FD)) {
544 return Ctx.getPointerType(D->getType());
547 assert(isa<ObjCMethodDecl>(FD));
548 assert(false && "Getting the type of ObjCMethod is not supported yet");
550 // TODO: We might want to return a different type here (ex: id (*ty)(...))
551 // depending on how it is used.
555 const NamedDecl *getDecl() const {
559 virtual void dumpToStream(raw_ostream &os) const;
561 void Profile(llvm::FoldingSetNodeID& ID) const;
563 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const NamedDecl *FD,
566 static bool classof(const MemRegion* R) {
567 return R->getKind() == FunctionTextRegionKind;
572 /// BlockTextRegion - A region that represents code texts of blocks (closures).
573 /// Blocks are represented with two kinds of regions. BlockTextRegions
574 /// represent the "code", while BlockDataRegions represent instances of blocks,
575 /// which correspond to "code+data". The distinction is important, because
576 /// like a closure a block captures the values of externally referenced
578 class BlockTextRegion : public CodeTextRegion {
579 friend class MemRegionManager;
582 AnalysisDeclContext *AC;
585 BlockTextRegion(const BlockDecl *bd, CanQualType lTy,
586 AnalysisDeclContext *ac, const MemRegion* sreg)
587 : CodeTextRegion(sreg, BlockTextRegionKind), BD(bd), AC(ac), locTy(lTy) {}
590 QualType getLocationType() const {
594 const BlockDecl *getDecl() const {
598 AnalysisDeclContext *getAnalysisDeclContext() const { return AC; }
600 virtual void dumpToStream(raw_ostream &os) const;
602 void Profile(llvm::FoldingSetNodeID& ID) const;
604 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const BlockDecl *BD,
605 CanQualType, const AnalysisDeclContext*,
608 static bool classof(const MemRegion* R) {
609 return R->getKind() == BlockTextRegionKind;
613 /// BlockDataRegion - A region that represents a block instance.
614 /// Blocks are represented with two kinds of regions. BlockTextRegions
615 /// represent the "code", while BlockDataRegions represent instances of blocks,
616 /// which correspond to "code+data". The distinction is important, because
617 /// like a closure a block captures the values of externally referenced
619 class BlockDataRegion : public TypedRegion {
620 friend class MemRegionManager;
621 const BlockTextRegion *BC;
622 const LocationContext *LC; // Can be null */
623 void *ReferencedVars;
626 BlockDataRegion(const BlockTextRegion *bc, const LocationContext *lc,
627 const MemRegion *sreg)
628 : TypedRegion(sreg, BlockDataRegionKind), BC(bc), LC(lc),
629 ReferencedVars(0), OriginalVars(0) {}
632 const BlockTextRegion *getCodeRegion() const { return BC; }
634 const BlockDecl *getDecl() const { return BC->getDecl(); }
636 QualType getLocationType() const { return BC->getLocationType(); }
638 class referenced_vars_iterator {
639 const MemRegion * const *R;
640 const MemRegion * const *OriginalR;
642 explicit referenced_vars_iterator(const MemRegion * const *r,
643 const MemRegion * const *originalR)
644 : R(r), OriginalR(originalR) {}
646 operator const MemRegion * const *() const {
650 const MemRegion *getCapturedRegion() const {
653 const MemRegion *getOriginalRegion() const {
657 const VarRegion* operator*() const {
658 return cast<VarRegion>(*R);
661 bool operator==(const referenced_vars_iterator &I) const {
664 bool operator!=(const referenced_vars_iterator &I) const {
667 referenced_vars_iterator &operator++() {
674 referenced_vars_iterator referenced_vars_begin() const;
675 referenced_vars_iterator referenced_vars_end() const;
677 virtual void dumpToStream(raw_ostream &os) const;
679 void Profile(llvm::FoldingSetNodeID& ID) const;
681 static void ProfileRegion(llvm::FoldingSetNodeID&, const BlockTextRegion *,
682 const LocationContext *, const MemRegion *);
684 static bool classof(const MemRegion* R) {
685 return R->getKind() == BlockDataRegionKind;
688 void LazyInitializeReferencedVars();
691 /// SymbolicRegion - A special, "non-concrete" region. Unlike other region
692 /// clases, SymbolicRegion represents a region that serves as an alias for
693 /// either a real region, a NULL pointer, etc. It essentially is used to
694 /// map the concept of symbolic values into the domain of regions. Symbolic
695 /// regions do not need to be typed.
696 class SymbolicRegion : public SubRegion {
701 SymbolicRegion(const SymbolRef s, const MemRegion* sreg)
702 : SubRegion(sreg, SymbolicRegionKind), sym(s) {}
704 SymbolRef getSymbol() const {
708 bool isBoundable() const { return true; }
710 DefinedOrUnknownSVal getExtent(SValBuilder &svalBuilder) const;
712 void Profile(llvm::FoldingSetNodeID& ID) const;
714 static void ProfileRegion(llvm::FoldingSetNodeID& ID,
716 const MemRegion* superRegion);
718 void dumpToStream(raw_ostream &os) const;
720 static bool classof(const MemRegion* R) {
721 return R->getKind() == SymbolicRegionKind;
725 /// StringRegion - Region associated with a StringLiteral.
726 class StringRegion : public TypedValueRegion {
727 friend class MemRegionManager;
728 const StringLiteral* Str;
731 StringRegion(const StringLiteral* str, const MemRegion* sreg)
732 : TypedValueRegion(sreg, StringRegionKind), Str(str) {}
734 static void ProfileRegion(llvm::FoldingSetNodeID& ID,
735 const StringLiteral* Str,
736 const MemRegion* superRegion);
740 const StringLiteral* getStringLiteral() const { return Str; }
742 QualType getValueType() const {
743 return Str->getType();
746 DefinedOrUnknownSVal getExtent(SValBuilder &svalBuilder) const;
748 bool isBoundable() const { return false; }
750 void Profile(llvm::FoldingSetNodeID& ID) const {
751 ProfileRegion(ID, Str, superRegion);
754 void dumpToStream(raw_ostream &os) const;
756 static bool classof(const MemRegion* R) {
757 return R->getKind() == StringRegionKind;
761 /// The region associated with an ObjCStringLiteral.
762 class ObjCStringRegion : public TypedValueRegion {
763 friend class MemRegionManager;
764 const ObjCStringLiteral* Str;
767 ObjCStringRegion(const ObjCStringLiteral* str, const MemRegion* sreg)
768 : TypedValueRegion(sreg, ObjCStringRegionKind), Str(str) {}
770 static void ProfileRegion(llvm::FoldingSetNodeID& ID,
771 const ObjCStringLiteral* Str,
772 const MemRegion* superRegion);
776 const ObjCStringLiteral* getObjCStringLiteral() const { return Str; }
778 QualType getValueType() const {
779 return Str->getType();
782 bool isBoundable() const { return false; }
784 void Profile(llvm::FoldingSetNodeID& ID) const {
785 ProfileRegion(ID, Str, superRegion);
788 void dumpToStream(raw_ostream &os) const;
790 static bool classof(const MemRegion* R) {
791 return R->getKind() == ObjCStringRegionKind;
795 /// CompoundLiteralRegion - A memory region representing a compound literal.
796 /// Compound literals are essentially temporaries that are stack allocated
797 /// or in the global constant pool.
798 class CompoundLiteralRegion : public TypedValueRegion {
800 friend class MemRegionManager;
801 const CompoundLiteralExpr *CL;
803 CompoundLiteralRegion(const CompoundLiteralExpr *cl, const MemRegion* sReg)
804 : TypedValueRegion(sReg, CompoundLiteralRegionKind), CL(cl) {}
806 static void ProfileRegion(llvm::FoldingSetNodeID& ID,
807 const CompoundLiteralExpr *CL,
808 const MemRegion* superRegion);
810 QualType getValueType() const {
811 return CL->getType();
814 bool isBoundable() const { return !CL->isFileScope(); }
816 void Profile(llvm::FoldingSetNodeID& ID) const;
818 void dumpToStream(raw_ostream &os) const;
820 const CompoundLiteralExpr *getLiteralExpr() const { return CL; }
822 static bool classof(const MemRegion* R) {
823 return R->getKind() == CompoundLiteralRegionKind;
827 class DeclRegion : public TypedValueRegion {
831 DeclRegion(const Decl *d, const MemRegion* sReg, Kind k)
832 : TypedValueRegion(sReg, k), D(d) {}
834 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const Decl *D,
835 const MemRegion* superRegion, Kind k);
838 const Decl *getDecl() const { return D; }
839 void Profile(llvm::FoldingSetNodeID& ID) const;
841 static bool classof(const MemRegion* R) {
842 unsigned k = R->getKind();
843 return k >= BEG_DECL_REGIONS && k <= END_DECL_REGIONS;
847 class VarRegion : public DeclRegion {
848 friend class MemRegionManager;
850 // Constructors and private methods.
851 VarRegion(const VarDecl *vd, const MemRegion* sReg)
852 : DeclRegion(vd, sReg, VarRegionKind) {}
854 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const VarDecl *VD,
855 const MemRegion *superRegion) {
856 DeclRegion::ProfileRegion(ID, VD, superRegion, VarRegionKind);
859 void Profile(llvm::FoldingSetNodeID& ID) const;
862 const VarDecl *getDecl() const { return cast<VarDecl>(D); }
864 const StackFrameContext *getStackFrame() const;
866 QualType getValueType() const {
867 // FIXME: We can cache this if needed.
868 return getDecl()->getType();
871 void dumpToStream(raw_ostream &os) const;
873 static bool classof(const MemRegion* R) {
874 return R->getKind() == VarRegionKind;
877 bool canPrintPretty() const;
878 void printPretty(raw_ostream &os) const;
881 /// CXXThisRegion - Represents the region for the implicit 'this' parameter
882 /// in a call to a C++ method. This region doesn't represent the object
883 /// referred to by 'this', but rather 'this' itself.
884 class CXXThisRegion : public TypedValueRegion {
885 friend class MemRegionManager;
886 CXXThisRegion(const PointerType *thisPointerTy,
887 const MemRegion *sReg)
888 : TypedValueRegion(sReg, CXXThisRegionKind), ThisPointerTy(thisPointerTy) {}
890 static void ProfileRegion(llvm::FoldingSetNodeID &ID,
891 const PointerType *PT,
892 const MemRegion *sReg);
894 void Profile(llvm::FoldingSetNodeID &ID) const;
897 QualType getValueType() const {
898 return QualType(ThisPointerTy, 0);
901 void dumpToStream(raw_ostream &os) const;
903 static bool classof(const MemRegion* R) {
904 return R->getKind() == CXXThisRegionKind;
908 const PointerType *ThisPointerTy;
911 class FieldRegion : public DeclRegion {
912 friend class MemRegionManager;
914 FieldRegion(const FieldDecl *fd, const MemRegion* sReg)
915 : DeclRegion(fd, sReg, FieldRegionKind) {}
918 const FieldDecl *getDecl() const { return cast<FieldDecl>(D); }
920 QualType getValueType() const {
921 // FIXME: We can cache this if needed.
922 return getDecl()->getType();
925 DefinedOrUnknownSVal getExtent(SValBuilder &svalBuilder) const;
927 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const FieldDecl *FD,
928 const MemRegion* superRegion) {
929 DeclRegion::ProfileRegion(ID, FD, superRegion, FieldRegionKind);
932 static bool classof(const MemRegion* R) {
933 return R->getKind() == FieldRegionKind;
936 void dumpToStream(raw_ostream &os) const;
938 bool canPrintPretty() const;
939 void printPretty(raw_ostream &os) const;
942 class ObjCIvarRegion : public DeclRegion {
944 friend class MemRegionManager;
946 ObjCIvarRegion(const ObjCIvarDecl *ivd, const MemRegion* sReg);
948 static void ProfileRegion(llvm::FoldingSetNodeID& ID, const ObjCIvarDecl *ivd,
949 const MemRegion* superRegion);
952 const ObjCIvarDecl *getDecl() const;
953 QualType getValueType() const;
955 void dumpToStream(raw_ostream &os) const;
957 static bool classof(const MemRegion* R) {
958 return R->getKind() == ObjCIvarRegionKind;
961 //===----------------------------------------------------------------------===//
962 // Auxiliary data classes for use with MemRegions.
963 //===----------------------------------------------------------------------===//
967 class RegionRawOffset {
969 friend class ElementRegion;
971 const MemRegion *Region;
974 RegionRawOffset(const MemRegion* reg, CharUnits offset = CharUnits::Zero())
975 : Region(reg), Offset(offset) {}
978 // FIXME: Eventually support symbolic offsets.
979 CharUnits getOffset() const { return Offset; }
980 const MemRegion *getRegion() const { return Region; }
982 void dumpToStream(raw_ostream &os) const;
986 /// \brief ElementRegin is used to represent both array elements and casts.
987 class ElementRegion : public TypedValueRegion {
988 friend class MemRegionManager;
990 QualType ElementType;
993 ElementRegion(QualType elementType, NonLoc Idx, const MemRegion* sReg)
994 : TypedValueRegion(sReg, ElementRegionKind),
995 ElementType(elementType), Index(Idx) {
996 assert((!isa<nonloc::ConcreteInt>(&Idx) ||
997 cast<nonloc::ConcreteInt>(&Idx)->getValue().isSigned()) &&
998 "The index must be signed");
1001 static void ProfileRegion(llvm::FoldingSetNodeID& ID, QualType elementType,
1002 SVal Idx, const MemRegion* superRegion);
1006 NonLoc getIndex() const { return Index; }
1008 QualType getValueType() const {
1012 QualType getElementType() const {
1015 /// Compute the offset within the array. The array might also be a subobject.
1016 RegionRawOffset getAsArrayOffset() const;
1018 void dumpToStream(raw_ostream &os) const;
1020 void Profile(llvm::FoldingSetNodeID& ID) const;
1022 static bool classof(const MemRegion* R) {
1023 return R->getKind() == ElementRegionKind;
1027 // C++ temporary object associated with an expression.
1028 class CXXTempObjectRegion : public TypedValueRegion {
1029 friend class MemRegionManager;
1033 CXXTempObjectRegion(Expr const *E, MemRegion const *sReg)
1034 : TypedValueRegion(sReg, CXXTempObjectRegionKind), Ex(E) {}
1036 static void ProfileRegion(llvm::FoldingSetNodeID &ID,
1037 Expr const *E, const MemRegion *sReg);
1040 const Expr *getExpr() const { return Ex; }
1042 QualType getValueType() const {
1043 return Ex->getType();
1046 void dumpToStream(raw_ostream &os) const;
1048 void Profile(llvm::FoldingSetNodeID &ID) const;
1050 static bool classof(const MemRegion* R) {
1051 return R->getKind() == CXXTempObjectRegionKind;
1055 // CXXBaseObjectRegion represents a base object within a C++ object. It is
1056 // identified by the base class declaration and the region of its parent object.
1057 class CXXBaseObjectRegion : public TypedValueRegion {
1058 friend class MemRegionManager;
1060 const CXXRecordDecl *decl;
1062 CXXBaseObjectRegion(const CXXRecordDecl *d, const MemRegion *sReg)
1063 : TypedValueRegion(sReg, CXXBaseObjectRegionKind), decl(d) {}
1065 static void ProfileRegion(llvm::FoldingSetNodeID &ID,
1066 const CXXRecordDecl *decl, const MemRegion *sReg);
1069 const CXXRecordDecl *getDecl() const { return decl; }
1071 QualType getValueType() const;
1073 void dumpToStream(raw_ostream &os) const;
1075 void Profile(llvm::FoldingSetNodeID &ID) const;
1077 static bool classof(const MemRegion *region) {
1078 return region->getKind() == CXXBaseObjectRegionKind;
1082 template<typename RegionTy>
1083 const RegionTy* MemRegion::getAs() const {
1084 if (const RegionTy* RT = dyn_cast<RegionTy>(this))
1090 //===----------------------------------------------------------------------===//
1091 // MemRegionManager - Factory object for creating regions.
1092 //===----------------------------------------------------------------------===//
1094 class MemRegionManager {
1096 llvm::BumpPtrAllocator& A;
1097 llvm::FoldingSet<MemRegion> Regions;
1099 GlobalInternalSpaceRegion *InternalGlobals;
1100 GlobalSystemSpaceRegion *SystemGlobals;
1101 GlobalImmutableSpaceRegion *ImmutableGlobals;
1104 llvm::DenseMap<const StackFrameContext *, StackLocalsSpaceRegion *>
1105 StackLocalsSpaceRegions;
1106 llvm::DenseMap<const StackFrameContext *, StackArgumentsSpaceRegion *>
1107 StackArgumentsSpaceRegions;
1108 llvm::DenseMap<const CodeTextRegion *, StaticGlobalSpaceRegion *>
1109 StaticsGlobalSpaceRegions;
1111 HeapSpaceRegion *heap;
1112 UnknownSpaceRegion *unknown;
1113 MemSpaceRegion *code;
1116 MemRegionManager(ASTContext &c, llvm::BumpPtrAllocator& a)
1117 : C(c), A(a), InternalGlobals(0), SystemGlobals(0), ImmutableGlobals(0),
1118 heap(0), unknown(0), code(0) {}
1120 ~MemRegionManager();
1122 ASTContext &getContext() { return C; }
1124 llvm::BumpPtrAllocator &getAllocator() { return A; }
1126 /// getStackLocalsRegion - Retrieve the memory region associated with the
1127 /// specified stack frame.
1128 const StackLocalsSpaceRegion *
1129 getStackLocalsRegion(const StackFrameContext *STC);
1131 /// getStackArgumentsRegion - Retrieve the memory region associated with
1132 /// function/method arguments of the specified stack frame.
1133 const StackArgumentsSpaceRegion *
1134 getStackArgumentsRegion(const StackFrameContext *STC);
1136 /// getGlobalsRegion - Retrieve the memory region associated with
1137 /// global variables.
1138 const GlobalsSpaceRegion *getGlobalsRegion(
1139 MemRegion::Kind K = MemRegion::GlobalInternalSpaceRegionKind,
1140 const CodeTextRegion *R = 0);
1142 /// getHeapRegion - Retrieve the memory region associated with the
1144 const HeapSpaceRegion *getHeapRegion();
1146 /// getUnknownRegion - Retrieve the memory region associated with unknown
1148 const MemSpaceRegion *getUnknownRegion();
1150 const MemSpaceRegion *getCodeRegion();
1152 /// getAllocaRegion - Retrieve a region associated with a call to alloca().
1153 const AllocaRegion *getAllocaRegion(const Expr *Ex, unsigned Cnt,
1154 const LocationContext *LC);
1156 /// getCompoundLiteralRegion - Retrieve the region associated with a
1157 /// given CompoundLiteral.
1158 const CompoundLiteralRegion*
1159 getCompoundLiteralRegion(const CompoundLiteralExpr *CL,
1160 const LocationContext *LC);
1162 /// getCXXThisRegion - Retrieve the [artificial] region associated with the
1163 /// parameter 'this'.
1164 const CXXThisRegion *getCXXThisRegion(QualType thisPointerTy,
1165 const LocationContext *LC);
1167 /// \brief Retrieve or create a "symbolic" memory region.
1168 const SymbolicRegion* getSymbolicRegion(SymbolRef Sym);
1170 /// \brief Return a unique symbolic region belonging to heap memory space.
1171 const SymbolicRegion *getSymbolicHeapRegion(SymbolRef sym);
1173 const StringRegion *getStringRegion(const StringLiteral* Str);
1175 const ObjCStringRegion *getObjCStringRegion(const ObjCStringLiteral *Str);
1177 /// getVarRegion - Retrieve or create the memory region associated with
1178 /// a specified VarDecl and LocationContext.
1179 const VarRegion* getVarRegion(const VarDecl *D, const LocationContext *LC);
1181 /// getVarRegion - Retrieve or create the memory region associated with
1182 /// a specified VarDecl and super region.
1183 const VarRegion* getVarRegion(const VarDecl *D, const MemRegion *superR);
1185 /// getElementRegion - Retrieve the memory region associated with the
1186 /// associated element type, index, and super region.
1187 const ElementRegion *getElementRegion(QualType elementType, NonLoc Idx,
1188 const MemRegion *superRegion,
1191 const ElementRegion *getElementRegionWithSuper(const ElementRegion *ER,
1192 const MemRegion *superRegion) {
1193 return getElementRegion(ER->getElementType(), ER->getIndex(),
1194 superRegion, ER->getContext());
1197 /// getFieldRegion - Retrieve or create the memory region associated with
1198 /// a specified FieldDecl. 'superRegion' corresponds to the containing
1199 /// memory region (which typically represents the memory representing
1200 /// a structure or class).
1201 const FieldRegion *getFieldRegion(const FieldDecl *fd,
1202 const MemRegion* superRegion);
1204 const FieldRegion *getFieldRegionWithSuper(const FieldRegion *FR,
1205 const MemRegion *superRegion) {
1206 return getFieldRegion(FR->getDecl(), superRegion);
1209 /// getObjCIvarRegion - Retrieve or create the memory region associated with
1210 /// a specified Objective-c instance variable. 'superRegion' corresponds
1211 /// to the containing region (which typically represents the Objective-C
1213 const ObjCIvarRegion *getObjCIvarRegion(const ObjCIvarDecl *ivd,
1214 const MemRegion* superRegion);
1216 const CXXTempObjectRegion *getCXXTempObjectRegion(Expr const *Ex,
1217 LocationContext const *LC);
1219 const CXXBaseObjectRegion *getCXXBaseObjectRegion(const CXXRecordDecl *decl,
1220 const MemRegion *superRegion);
1222 /// Create a CXXBaseObjectRegion with the same CXXRecordDecl but a different
1224 const CXXBaseObjectRegion *
1225 getCXXBaseObjectRegionWithSuper(const CXXBaseObjectRegion *baseReg,
1226 const MemRegion *superRegion) {
1227 return getCXXBaseObjectRegion(baseReg->getDecl(), superRegion);
1230 const FunctionTextRegion *getFunctionTextRegion(const NamedDecl *FD);
1231 const BlockTextRegion *getBlockTextRegion(const BlockDecl *BD,
1233 AnalysisDeclContext *AC);
1235 /// getBlockDataRegion - Get the memory region associated with an instance
1236 /// of a block. Unlike many other MemRegions, the LocationContext*
1237 /// argument is allowed to be NULL for cases where we have no known
1239 const BlockDataRegion *getBlockDataRegion(const BlockTextRegion *bc,
1240 const LocationContext *lc = NULL);
1243 template <typename RegionTy, typename A1>
1244 RegionTy* getRegion(const A1 a1);
1246 template <typename RegionTy, typename A1>
1247 RegionTy* getSubRegion(const A1 a1, const MemRegion* superRegion);
1249 template <typename RegionTy, typename A1, typename A2>
1250 RegionTy* getRegion(const A1 a1, const A2 a2);
1252 template <typename RegionTy, typename A1, typename A2>
1253 RegionTy* getSubRegion(const A1 a1, const A2 a2,
1254 const MemRegion* superRegion);
1256 template <typename RegionTy, typename A1, typename A2, typename A3>
1257 RegionTy* getSubRegion(const A1 a1, const A2 a2, const A3 a3,
1258 const MemRegion* superRegion);
1260 template <typename REG>
1261 const REG* LazyAllocate(REG*& region);
1263 template <typename REG, typename ARG>
1264 const REG* LazyAllocate(REG*& region, ARG a);
1267 //===----------------------------------------------------------------------===//
1268 // Out-of-line member definitions.
1269 //===----------------------------------------------------------------------===//
1271 inline ASTContext &MemRegion::getContext() const {
1272 return getMemRegionManager()->getContext();
1275 } // end GR namespace
1277 } // end clang namespace
1279 //===----------------------------------------------------------------------===//
1280 // Pretty-printing regions.
1281 //===----------------------------------------------------------------------===//
1284 static inline raw_ostream &operator<<(raw_ostream &os,
1285 const clang::ento::MemRegion* R) {
1286 R->dumpToStream(os);
1289 } // end llvm namespace
projects / FreeBSD / stable / 9.git / blob