1 //===- MemRegion.cpp - Abstract memory regions for static analysis --------===//
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
7 //===----------------------------------------------------------------------===//
9 // This file defines MemRegion and its subclasses. MemRegion defines a
10 // partially-typed abstraction of memory useful for path-sensitive dataflow
13 //===----------------------------------------------------------------------===//
15 #include "clang/StaticAnalyzer/Core/PathSensitive/MemRegion.h"
16 #include "clang/AST/ASTContext.h"
17 #include "clang/AST/Attr.h"
18 #include "clang/AST/CharUnits.h"
19 #include "clang/AST/Decl.h"
20 #include "clang/AST/DeclCXX.h"
21 #include "clang/AST/DeclObjC.h"
22 #include "clang/AST/Expr.h"
23 #include "clang/AST/PrettyPrinter.h"
24 #include "clang/AST/RecordLayout.h"
25 #include "clang/AST/Type.h"
26 #include "clang/Analysis/AnalysisDeclContext.h"
27 #include "clang/Analysis/Support/BumpVector.h"
28 #include "clang/Basic/IdentifierTable.h"
29 #include "clang/Basic/LLVM.h"
30 #include "clang/Basic/SourceManager.h"
31 #include "clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h"
32 #include "clang/StaticAnalyzer/Core/PathSensitive/SVals.h"
33 #include "clang/StaticAnalyzer/Core/PathSensitive/SymbolManager.h"
34 #include "llvm/ADT/APInt.h"
35 #include "llvm/ADT/FoldingSet.h"
36 #include "llvm/ADT/Optional.h"
37 #include "llvm/ADT/PointerUnion.h"
38 #include "llvm/ADT/SmallString.h"
39 #include "llvm/ADT/StringRef.h"
40 #include "llvm/ADT/Twine.h"
41 #include "llvm/Support/Allocator.h"
42 #include "llvm/Support/Casting.h"
43 #include "llvm/Support/CheckedArithmetic.h"
44 #include "llvm/Support/Compiler.h"
45 #include "llvm/Support/Debug.h"
46 #include "llvm/Support/ErrorHandling.h"
47 #include "llvm/Support/raw_ostream.h"
56 using namespace clang;
59 #define DEBUG_TYPE "MemRegion"
61 //===----------------------------------------------------------------------===//
62 // MemRegion Construction.
63 //===----------------------------------------------------------------------===//
65 template <typename RegionTy, typename SuperTy, typename Arg1Ty>
66 RegionTy* MemRegionManager::getSubRegion(const Arg1Ty arg1,
67 const SuperTy *superRegion) {
68 llvm::FoldingSetNodeID ID;
69 RegionTy::ProfileRegion(ID, arg1, superRegion);
71 auto *R = cast_or_null<RegionTy>(Regions.FindNodeOrInsertPos(ID, InsertPos));
74 R = A.Allocate<RegionTy>();
75 new (R) RegionTy(arg1, superRegion);
76 Regions.InsertNode(R, InsertPos);
82 template <typename RegionTy, typename SuperTy, typename Arg1Ty, typename Arg2Ty>
83 RegionTy* MemRegionManager::getSubRegion(const Arg1Ty arg1, const Arg2Ty arg2,
84 const SuperTy *superRegion) {
85 llvm::FoldingSetNodeID ID;
86 RegionTy::ProfileRegion(ID, arg1, arg2, superRegion);
88 auto *R = cast_or_null<RegionTy>(Regions.FindNodeOrInsertPos(ID, InsertPos));
91 R = A.Allocate<RegionTy>();
92 new (R) RegionTy(arg1, arg2, superRegion);
93 Regions.InsertNode(R, InsertPos);
99 template <typename RegionTy, typename SuperTy,
100 typename Arg1Ty, typename Arg2Ty, typename Arg3Ty>
101 RegionTy* MemRegionManager::getSubRegion(const Arg1Ty arg1, const Arg2Ty arg2,
103 const SuperTy *superRegion) {
104 llvm::FoldingSetNodeID ID;
105 RegionTy::ProfileRegion(ID, arg1, arg2, arg3, superRegion);
107 auto *R = cast_or_null<RegionTy>(Regions.FindNodeOrInsertPos(ID, InsertPos));
110 R = A.Allocate<RegionTy>();
111 new (R) RegionTy(arg1, arg2, arg3, superRegion);
112 Regions.InsertNode(R, InsertPos);
118 //===----------------------------------------------------------------------===//
119 // Object destruction.
120 //===----------------------------------------------------------------------===//
122 MemRegion::~MemRegion() = default;
124 // All regions and their data are BumpPtrAllocated. No need to call their
126 MemRegionManager::~MemRegionManager() = default;
128 //===----------------------------------------------------------------------===//
130 //===----------------------------------------------------------------------===//
132 bool SubRegion::isSubRegionOf(const MemRegion* R) const {
133 const MemRegion* r = this;
137 if (const auto *sr = dyn_cast<SubRegion>(r))
138 r = sr->getSuperRegion();
141 } while (r != nullptr);
145 MemRegionManager* SubRegion::getMemRegionManager() const {
146 const SubRegion* r = this;
148 const MemRegion *superRegion = r->getSuperRegion();
149 if (const auto *sr = dyn_cast<SubRegion>(superRegion)) {
153 return superRegion->getMemRegionManager();
157 const StackFrameContext *VarRegion::getStackFrame() const {
158 const auto *SSR = dyn_cast<StackSpaceRegion>(getMemorySpace());
159 return SSR ? SSR->getStackFrame() : nullptr;
162 //===----------------------------------------------------------------------===//
164 //===----------------------------------------------------------------------===//
166 DefinedOrUnknownSVal TypedValueRegion::getExtent(SValBuilder &svalBuilder) const {
167 ASTContext &Ctx = svalBuilder.getContext();
168 QualType T = getDesugaredValueType(Ctx);
170 if (isa<VariableArrayType>(T))
171 return nonloc::SymbolVal(svalBuilder.getSymbolManager().getExtentSymbol(this));
172 if (T->isIncompleteType())
175 CharUnits size = Ctx.getTypeSizeInChars(T);
176 QualType sizeTy = svalBuilder.getArrayIndexType();
177 return svalBuilder.makeIntVal(size.getQuantity(), sizeTy);
180 DefinedOrUnknownSVal FieldRegion::getExtent(SValBuilder &svalBuilder) const {
181 // Force callers to deal with bitfields explicitly.
182 if (getDecl()->isBitField())
185 DefinedOrUnknownSVal Extent = DeclRegion::getExtent(svalBuilder);
187 // A zero-length array at the end of a struct often stands for dynamically-
188 // allocated extra memory.
189 if (Extent.isZeroConstant()) {
190 QualType T = getDesugaredValueType(svalBuilder.getContext());
192 if (isa<ConstantArrayType>(T))
199 DefinedOrUnknownSVal AllocaRegion::getExtent(SValBuilder &svalBuilder) const {
200 return nonloc::SymbolVal(svalBuilder.getSymbolManager().getExtentSymbol(this));
203 DefinedOrUnknownSVal SymbolicRegion::getExtent(SValBuilder &svalBuilder) const {
204 return nonloc::SymbolVal(svalBuilder.getSymbolManager().getExtentSymbol(this));
207 DefinedOrUnknownSVal StringRegion::getExtent(SValBuilder &svalBuilder) const {
208 return svalBuilder.makeIntVal(getStringLiteral()->getByteLength()+1,
209 svalBuilder.getArrayIndexType());
212 ObjCIvarRegion::ObjCIvarRegion(const ObjCIvarDecl *ivd, const SubRegion *sReg)
213 : DeclRegion(ivd, sReg, ObjCIvarRegionKind) {}
215 const ObjCIvarDecl *ObjCIvarRegion::getDecl() const {
216 return cast<ObjCIvarDecl>(D);
219 QualType ObjCIvarRegion::getValueType() const {
220 return getDecl()->getType();
223 QualType CXXBaseObjectRegion::getValueType() const {
224 return QualType(getDecl()->getTypeForDecl(), 0);
227 QualType CXXDerivedObjectRegion::getValueType() const {
228 return QualType(getDecl()->getTypeForDecl(), 0);
231 //===----------------------------------------------------------------------===//
232 // FoldingSet profiling.
233 //===----------------------------------------------------------------------===//
235 void MemSpaceRegion::Profile(llvm::FoldingSetNodeID &ID) const {
236 ID.AddInteger(static_cast<unsigned>(getKind()));
239 void StackSpaceRegion::Profile(llvm::FoldingSetNodeID &ID) const {
240 ID.AddInteger(static_cast<unsigned>(getKind()));
241 ID.AddPointer(getStackFrame());
244 void StaticGlobalSpaceRegion::Profile(llvm::FoldingSetNodeID &ID) const {
245 ID.AddInteger(static_cast<unsigned>(getKind()));
246 ID.AddPointer(getCodeRegion());
249 void StringRegion::ProfileRegion(llvm::FoldingSetNodeID &ID,
250 const StringLiteral *Str,
251 const MemRegion *superRegion) {
252 ID.AddInteger(static_cast<unsigned>(StringRegionKind));
254 ID.AddPointer(superRegion);
257 void ObjCStringRegion::ProfileRegion(llvm::FoldingSetNodeID &ID,
258 const ObjCStringLiteral *Str,
259 const MemRegion *superRegion) {
260 ID.AddInteger(static_cast<unsigned>(ObjCStringRegionKind));
262 ID.AddPointer(superRegion);
265 void AllocaRegion::ProfileRegion(llvm::FoldingSetNodeID& ID,
266 const Expr *Ex, unsigned cnt,
267 const MemRegion *superRegion) {
268 ID.AddInteger(static_cast<unsigned>(AllocaRegionKind));
271 ID.AddPointer(superRegion);
274 void AllocaRegion::Profile(llvm::FoldingSetNodeID& ID) const {
275 ProfileRegion(ID, Ex, Cnt, superRegion);
278 void CompoundLiteralRegion::Profile(llvm::FoldingSetNodeID& ID) const {
279 CompoundLiteralRegion::ProfileRegion(ID, CL, superRegion);
282 void CompoundLiteralRegion::ProfileRegion(llvm::FoldingSetNodeID& ID,
283 const CompoundLiteralExpr *CL,
284 const MemRegion* superRegion) {
285 ID.AddInteger(static_cast<unsigned>(CompoundLiteralRegionKind));
287 ID.AddPointer(superRegion);
290 void CXXThisRegion::ProfileRegion(llvm::FoldingSetNodeID &ID,
291 const PointerType *PT,
292 const MemRegion *sRegion) {
293 ID.AddInteger(static_cast<unsigned>(CXXThisRegionKind));
295 ID.AddPointer(sRegion);
298 void CXXThisRegion::Profile(llvm::FoldingSetNodeID &ID) const {
299 CXXThisRegion::ProfileRegion(ID, ThisPointerTy, superRegion);
302 void ObjCIvarRegion::ProfileRegion(llvm::FoldingSetNodeID& ID,
303 const ObjCIvarDecl *ivd,
304 const MemRegion* superRegion) {
305 DeclRegion::ProfileRegion(ID, ivd, superRegion, ObjCIvarRegionKind);
308 void DeclRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, const Decl *D,
309 const MemRegion* superRegion, Kind k) {
310 ID.AddInteger(static_cast<unsigned>(k));
312 ID.AddPointer(superRegion);
315 void DeclRegion::Profile(llvm::FoldingSetNodeID& ID) const {
316 DeclRegion::ProfileRegion(ID, D, superRegion, getKind());
319 void VarRegion::Profile(llvm::FoldingSetNodeID &ID) const {
320 VarRegion::ProfileRegion(ID, getDecl(), superRegion);
323 void SymbolicRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, SymbolRef sym,
324 const MemRegion *sreg) {
325 ID.AddInteger(static_cast<unsigned>(MemRegion::SymbolicRegionKind));
330 void SymbolicRegion::Profile(llvm::FoldingSetNodeID& ID) const {
331 SymbolicRegion::ProfileRegion(ID, sym, getSuperRegion());
334 void ElementRegion::ProfileRegion(llvm::FoldingSetNodeID& ID,
335 QualType ElementType, SVal Idx,
336 const MemRegion* superRegion) {
337 ID.AddInteger(MemRegion::ElementRegionKind);
339 ID.AddPointer(superRegion);
343 void ElementRegion::Profile(llvm::FoldingSetNodeID& ID) const {
344 ElementRegion::ProfileRegion(ID, ElementType, Index, superRegion);
347 void FunctionCodeRegion::ProfileRegion(llvm::FoldingSetNodeID& ID,
350 ID.AddInteger(MemRegion::FunctionCodeRegionKind);
354 void FunctionCodeRegion::Profile(llvm::FoldingSetNodeID& ID) const {
355 FunctionCodeRegion::ProfileRegion(ID, FD, superRegion);
358 void BlockCodeRegion::ProfileRegion(llvm::FoldingSetNodeID& ID,
359 const BlockDecl *BD, CanQualType,
360 const AnalysisDeclContext *AC,
362 ID.AddInteger(MemRegion::BlockCodeRegionKind);
366 void BlockCodeRegion::Profile(llvm::FoldingSetNodeID& ID) const {
367 BlockCodeRegion::ProfileRegion(ID, BD, locTy, AC, superRegion);
370 void BlockDataRegion::ProfileRegion(llvm::FoldingSetNodeID& ID,
371 const BlockCodeRegion *BC,
372 const LocationContext *LC,
374 const MemRegion *sReg) {
375 ID.AddInteger(MemRegion::BlockDataRegionKind);
378 ID.AddInteger(BlkCount);
382 void BlockDataRegion::Profile(llvm::FoldingSetNodeID& ID) const {
383 BlockDataRegion::ProfileRegion(ID, BC, LC, BlockCount, getSuperRegion());
386 void CXXTempObjectRegion::ProfileRegion(llvm::FoldingSetNodeID &ID,
388 const MemRegion *sReg) {
393 void CXXTempObjectRegion::Profile(llvm::FoldingSetNodeID &ID) const {
394 ProfileRegion(ID, Ex, getSuperRegion());
397 void CXXBaseObjectRegion::ProfileRegion(llvm::FoldingSetNodeID &ID,
398 const CXXRecordDecl *RD,
400 const MemRegion *SReg) {
402 ID.AddBoolean(IsVirtual);
406 void CXXBaseObjectRegion::Profile(llvm::FoldingSetNodeID &ID) const {
407 ProfileRegion(ID, getDecl(), isVirtual(), superRegion);
410 void CXXDerivedObjectRegion::ProfileRegion(llvm::FoldingSetNodeID &ID,
411 const CXXRecordDecl *RD,
412 const MemRegion *SReg) {
417 void CXXDerivedObjectRegion::Profile(llvm::FoldingSetNodeID &ID) const {
418 ProfileRegion(ID, getDecl(), superRegion);
421 //===----------------------------------------------------------------------===//
423 //===----------------------------------------------------------------------===//
425 void GlobalsSpaceRegion::anchor() {}
427 void NonStaticGlobalSpaceRegion::anchor() {}
429 void StackSpaceRegion::anchor() {}
431 void TypedRegion::anchor() {}
433 void TypedValueRegion::anchor() {}
435 void CodeTextRegion::anchor() {}
437 void SubRegion::anchor() {}
439 //===----------------------------------------------------------------------===//
440 // Region pretty-printing.
441 //===----------------------------------------------------------------------===//
443 LLVM_DUMP_METHOD void MemRegion::dump() const {
444 dumpToStream(llvm::errs());
447 std::string MemRegion::getString() const {
449 llvm::raw_string_ostream os(s);
454 void MemRegion::dumpToStream(raw_ostream &os) const {
455 os << "<Unknown Region>";
458 void AllocaRegion::dumpToStream(raw_ostream &os) const {
459 os << "alloca{S" << Ex->getID(getContext()) << ',' << Cnt << '}';
462 void FunctionCodeRegion::dumpToStream(raw_ostream &os) const {
463 os << "code{" << getDecl()->getDeclName().getAsString() << '}';
466 void BlockCodeRegion::dumpToStream(raw_ostream &os) const {
467 os << "block_code{" << static_cast<const void *>(this) << '}';
470 void BlockDataRegion::dumpToStream(raw_ostream &os) const {
471 os << "block_data{" << BC;
473 for (BlockDataRegion::referenced_vars_iterator
474 I = referenced_vars_begin(),
475 E = referenced_vars_end(); I != E; ++I)
476 os << "(" << I.getCapturedRegion() << "<-" <<
477 I.getOriginalRegion() << ") ";
481 void CompoundLiteralRegion::dumpToStream(raw_ostream &os) const {
482 // FIXME: More elaborate pretty-printing.
483 os << "{ S" << CL->getID(getContext()) << " }";
486 void CXXTempObjectRegion::dumpToStream(raw_ostream &os) const {
487 os << "temp_object{" << getValueType().getAsString() << ", "
488 << "S" << Ex->getID(getContext()) << '}';
491 void CXXBaseObjectRegion::dumpToStream(raw_ostream &os) const {
492 os << "Base{" << superRegion << ',' << getDecl()->getName() << '}';
495 void CXXDerivedObjectRegion::dumpToStream(raw_ostream &os) const {
496 os << "Derived{" << superRegion << ',' << getDecl()->getName() << '}';
499 void CXXThisRegion::dumpToStream(raw_ostream &os) const {
503 void ElementRegion::dumpToStream(raw_ostream &os) const {
504 os << "Element{" << superRegion << ','
505 << Index << ',' << getElementType().getAsString() << '}';
508 void FieldRegion::dumpToStream(raw_ostream &os) const {
509 os << superRegion << "->" << *getDecl();
512 void ObjCIvarRegion::dumpToStream(raw_ostream &os) const {
513 os << "Ivar{" << superRegion << ',' << *getDecl() << '}';
516 void StringRegion::dumpToStream(raw_ostream &os) const {
517 assert(Str != nullptr && "Expecting non-null StringLiteral");
518 Str->printPretty(os, nullptr, PrintingPolicy(getContext().getLangOpts()));
521 void ObjCStringRegion::dumpToStream(raw_ostream &os) const {
522 assert(Str != nullptr && "Expecting non-null ObjCStringLiteral");
523 Str->printPretty(os, nullptr, PrintingPolicy(getContext().getLangOpts()));
526 void SymbolicRegion::dumpToStream(raw_ostream &os) const {
527 if (isa<HeapSpaceRegion>(getSuperRegion()))
529 os << "SymRegion{" << sym << '}';
532 void VarRegion::dumpToStream(raw_ostream &os) const {
533 const auto *VD = cast<VarDecl>(D);
534 if (const IdentifierInfo *ID = VD->getIdentifier())
537 os << "VarRegion{D" << VD->getID() << '}';
540 LLVM_DUMP_METHOD void RegionRawOffset::dump() const {
541 dumpToStream(llvm::errs());
544 void RegionRawOffset::dumpToStream(raw_ostream &os) const {
545 os << "raw_offset{" << getRegion() << ',' << getOffset().getQuantity() << '}';
548 void CodeSpaceRegion::dumpToStream(raw_ostream &os) const {
549 os << "CodeSpaceRegion";
552 void StaticGlobalSpaceRegion::dumpToStream(raw_ostream &os) const {
553 os << "StaticGlobalsMemSpace{" << CR << '}';
556 void GlobalInternalSpaceRegion::dumpToStream(raw_ostream &os) const {
557 os << "GlobalInternalSpaceRegion";
560 void GlobalSystemSpaceRegion::dumpToStream(raw_ostream &os) const {
561 os << "GlobalSystemSpaceRegion";
564 void GlobalImmutableSpaceRegion::dumpToStream(raw_ostream &os) const {
565 os << "GlobalImmutableSpaceRegion";
568 void HeapSpaceRegion::dumpToStream(raw_ostream &os) const {
569 os << "HeapSpaceRegion";
572 void UnknownSpaceRegion::dumpToStream(raw_ostream &os) const {
573 os << "UnknownSpaceRegion";
576 void StackArgumentsSpaceRegion::dumpToStream(raw_ostream &os) const {
577 os << "StackArgumentsSpaceRegion";
580 void StackLocalsSpaceRegion::dumpToStream(raw_ostream &os) const {
581 os << "StackLocalsSpaceRegion";
584 bool MemRegion::canPrintPretty() const {
585 return canPrintPrettyAsExpr();
588 bool MemRegion::canPrintPrettyAsExpr() const {
592 void MemRegion::printPretty(raw_ostream &os) const {
593 assert(canPrintPretty() && "This region cannot be printed pretty.");
595 printPrettyAsExpr(os);
599 void MemRegion::printPrettyAsExpr(raw_ostream &) const {
600 llvm_unreachable("This region cannot be printed pretty.");
603 bool VarRegion::canPrintPrettyAsExpr() const {
607 void VarRegion::printPrettyAsExpr(raw_ostream &os) const {
608 os << getDecl()->getName();
611 bool ObjCIvarRegion::canPrintPrettyAsExpr() const {
615 void ObjCIvarRegion::printPrettyAsExpr(raw_ostream &os) const {
616 os << getDecl()->getName();
619 bool FieldRegion::canPrintPretty() const {
623 bool FieldRegion::canPrintPrettyAsExpr() const {
624 return superRegion->canPrintPrettyAsExpr();
627 void FieldRegion::printPrettyAsExpr(raw_ostream &os) const {
628 assert(canPrintPrettyAsExpr());
629 superRegion->printPrettyAsExpr(os);
630 os << "." << getDecl()->getName();
633 void FieldRegion::printPretty(raw_ostream &os) const {
634 if (canPrintPrettyAsExpr()) {
636 printPrettyAsExpr(os);
639 os << "field " << "\'" << getDecl()->getName() << "'";
643 bool CXXBaseObjectRegion::canPrintPrettyAsExpr() const {
644 return superRegion->canPrintPrettyAsExpr();
647 void CXXBaseObjectRegion::printPrettyAsExpr(raw_ostream &os) const {
648 superRegion->printPrettyAsExpr(os);
651 bool CXXDerivedObjectRegion::canPrintPrettyAsExpr() const {
652 return superRegion->canPrintPrettyAsExpr();
655 void CXXDerivedObjectRegion::printPrettyAsExpr(raw_ostream &os) const {
656 superRegion->printPrettyAsExpr(os);
659 std::string MemRegion::getDescriptiveName(bool UseQuotes) const {
660 std::string VariableName;
661 std::string ArrayIndices;
662 const MemRegion *R = this;
664 llvm::raw_svector_ostream os(buf);
666 // Obtain array indices to add them to the variable name.
667 const ElementRegion *ER = nullptr;
668 while ((ER = R->getAs<ElementRegion>())) {
669 // Index is a ConcreteInt.
670 if (auto CI = ER->getIndex().getAs<nonloc::ConcreteInt>()) {
671 llvm::SmallString<2> Idx;
672 CI->getValue().toString(Idx);
673 ArrayIndices = (llvm::Twine("[") + Idx.str() + "]" + ArrayIndices).str();
675 // If not a ConcreteInt, try to obtain the variable
676 // name by calling 'getDescriptiveName' recursively.
678 std::string Idx = ER->getDescriptiveName(false);
680 ArrayIndices = (llvm::Twine("[") + Idx + "]" + ArrayIndices).str();
683 R = ER->getSuperRegion();
686 // Get variable name.
687 if (R && R->canPrintPrettyAsExpr()) {
688 R->printPrettyAsExpr(os);
690 return (llvm::Twine("'") + os.str() + ArrayIndices + "'").str();
692 return (llvm::Twine(os.str()) + ArrayIndices).str();
698 SourceRange MemRegion::sourceRange() const {
699 const auto *const VR = dyn_cast<VarRegion>(this->getBaseRegion());
700 const auto *const FR = dyn_cast<FieldRegion>(this);
702 // Check for more specific regions first.
705 return FR->getDecl()->getSourceRange();
709 return VR->getDecl()->getSourceRange();
711 // Return invalid source range (can be checked by client).
716 //===----------------------------------------------------------------------===//
717 // MemRegionManager methods.
718 //===----------------------------------------------------------------------===//
720 template <typename REG>
721 const REG *MemRegionManager::LazyAllocate(REG*& region) {
723 region = A.Allocate<REG>();
724 new (region) REG(this);
730 template <typename REG, typename ARG>
731 const REG *MemRegionManager::LazyAllocate(REG*& region, ARG a) {
733 region = A.Allocate<REG>();
734 new (region) REG(this, a);
740 const StackLocalsSpaceRegion*
741 MemRegionManager::getStackLocalsRegion(const StackFrameContext *STC) {
743 StackLocalsSpaceRegion *&R = StackLocalsSpaceRegions[STC];
748 R = A.Allocate<StackLocalsSpaceRegion>();
749 new (R) StackLocalsSpaceRegion(this, STC);
753 const StackArgumentsSpaceRegion *
754 MemRegionManager::getStackArgumentsRegion(const StackFrameContext *STC) {
756 StackArgumentsSpaceRegion *&R = StackArgumentsSpaceRegions[STC];
761 R = A.Allocate<StackArgumentsSpaceRegion>();
762 new (R) StackArgumentsSpaceRegion(this, STC);
766 const GlobalsSpaceRegion
767 *MemRegionManager::getGlobalsRegion(MemRegion::Kind K,
768 const CodeTextRegion *CR) {
770 if (K == MemRegion::GlobalSystemSpaceRegionKind)
771 return LazyAllocate(SystemGlobals);
772 if (K == MemRegion::GlobalImmutableSpaceRegionKind)
773 return LazyAllocate(ImmutableGlobals);
774 assert(K == MemRegion::GlobalInternalSpaceRegionKind);
775 return LazyAllocate(InternalGlobals);
778 assert(K == MemRegion::StaticGlobalSpaceRegionKind);
779 StaticGlobalSpaceRegion *&R = StaticsGlobalSpaceRegions[CR];
783 R = A.Allocate<StaticGlobalSpaceRegion>();
784 new (R) StaticGlobalSpaceRegion(this, CR);
788 const HeapSpaceRegion *MemRegionManager::getHeapRegion() {
789 return LazyAllocate(heap);
792 const UnknownSpaceRegion *MemRegionManager::getUnknownRegion() {
793 return LazyAllocate(unknown);
796 const CodeSpaceRegion *MemRegionManager::getCodeRegion() {
797 return LazyAllocate(code);
800 //===----------------------------------------------------------------------===//
801 // Constructing regions.
802 //===----------------------------------------------------------------------===//
804 const StringRegion *MemRegionManager::getStringRegion(const StringLiteral *Str){
805 return getSubRegion<StringRegion>(
806 Str, cast<GlobalInternalSpaceRegion>(getGlobalsRegion()));
809 const ObjCStringRegion *
810 MemRegionManager::getObjCStringRegion(const ObjCStringLiteral *Str){
811 return getSubRegion<ObjCStringRegion>(
812 Str, cast<GlobalInternalSpaceRegion>(getGlobalsRegion()));
815 /// Look through a chain of LocationContexts to either find the
816 /// StackFrameContext that matches a DeclContext, or find a VarRegion
817 /// for a variable captured by a block.
818 static llvm::PointerUnion<const StackFrameContext *, const VarRegion *>
819 getStackOrCaptureRegionForDeclContext(const LocationContext *LC,
820 const DeclContext *DC,
823 if (const auto *SFC = dyn_cast<StackFrameContext>(LC)) {
824 if (cast<DeclContext>(SFC->getDecl()) == DC)
827 if (const auto *BC = dyn_cast<BlockInvocationContext>(LC)) {
829 static_cast<const BlockDataRegion *>(BC->getContextData());
830 // FIXME: This can be made more efficient.
831 for (BlockDataRegion::referenced_vars_iterator
832 I = BR->referenced_vars_begin(),
833 E = BR->referenced_vars_end(); I != E; ++I) {
834 const VarRegion *VR = I.getOriginalRegion();
835 if (VR->getDecl() == VD)
836 return cast<VarRegion>(I.getCapturedRegion());
840 LC = LC->getParent();
842 return (const StackFrameContext *)nullptr;
845 const VarRegion* MemRegionManager::getVarRegion(const VarDecl *D,
846 const LocationContext *LC) {
847 D = D->getCanonicalDecl();
848 const MemRegion *sReg = nullptr;
850 if (D->hasGlobalStorage() && !D->isStaticLocal()) {
852 // First handle the globals defined in system headers.
853 if (C.getSourceManager().isInSystemHeader(D->getLocation())) {
854 // Whitelist the system globals which often DO GET modified, assume the
855 // rest are immutable.
856 if (D->getName().find("errno") != StringRef::npos)
857 sReg = getGlobalsRegion(MemRegion::GlobalSystemSpaceRegionKind);
859 sReg = getGlobalsRegion(MemRegion::GlobalImmutableSpaceRegionKind);
861 // Treat other globals as GlobalInternal unless they are constants.
863 QualType GQT = D->getType();
864 const Type *GT = GQT.getTypePtrOrNull();
865 // TODO: We could walk the complex types here and see if everything is
867 if (GT && GQT.isConstQualified() && GT->isArithmeticType())
868 sReg = getGlobalsRegion(MemRegion::GlobalImmutableSpaceRegionKind);
870 sReg = getGlobalsRegion();
873 // Finally handle static locals.
875 // FIXME: Once we implement scope handling, we will need to properly lookup
876 // 'D' to the proper LocationContext.
877 const DeclContext *DC = D->getDeclContext();
878 llvm::PointerUnion<const StackFrameContext *, const VarRegion *> V =
879 getStackOrCaptureRegionForDeclContext(LC, DC, D);
881 if (V.is<const VarRegion*>())
882 return V.get<const VarRegion*>();
884 const auto *STC = V.get<const StackFrameContext *>();
887 // FIXME: Assign a more sensible memory space to static locals
888 // we see from within blocks that we analyze as top-level declarations.
889 sReg = getUnknownRegion();
891 if (D->hasLocalStorage()) {
892 sReg = isa<ParmVarDecl>(D) || isa<ImplicitParamDecl>(D)
893 ? static_cast<const MemRegion*>(getStackArgumentsRegion(STC))
894 : static_cast<const MemRegion*>(getStackLocalsRegion(STC));
897 assert(D->isStaticLocal());
898 const Decl *STCD = STC->getDecl();
899 if (isa<FunctionDecl>(STCD) || isa<ObjCMethodDecl>(STCD))
900 sReg = getGlobalsRegion(MemRegion::StaticGlobalSpaceRegionKind,
901 getFunctionCodeRegion(cast<NamedDecl>(STCD)));
902 else if (const auto *BD = dyn_cast<BlockDecl>(STCD)) {
903 // FIXME: The fallback type here is totally bogus -- though it should
904 // never be queried, it will prevent uniquing with the real
905 // BlockCodeRegion. Ideally we'd fix the AST so that we always had a
908 if (const TypeSourceInfo *TSI = BD->getSignatureAsWritten())
911 T = getContext().VoidTy;
912 if (!T->getAs<FunctionType>())
913 T = getContext().getFunctionNoProtoType(T);
914 T = getContext().getBlockPointerType(T);
916 const BlockCodeRegion *BTR =
917 getBlockCodeRegion(BD, C.getCanonicalType(T),
918 STC->getAnalysisDeclContext());
919 sReg = getGlobalsRegion(MemRegion::StaticGlobalSpaceRegionKind,
923 sReg = getGlobalsRegion();
929 return getSubRegion<VarRegion>(D, sReg);
932 const VarRegion *MemRegionManager::getVarRegion(const VarDecl *D,
933 const MemRegion *superR) {
934 D = D->getCanonicalDecl();
935 return getSubRegion<VarRegion>(D, superR);
938 const BlockDataRegion *
939 MemRegionManager::getBlockDataRegion(const BlockCodeRegion *BC,
940 const LocationContext *LC,
941 unsigned blockCount) {
942 const MemSpaceRegion *sReg = nullptr;
943 const BlockDecl *BD = BC->getDecl();
944 if (!BD->hasCaptures()) {
945 // This handles 'static' blocks.
946 sReg = getGlobalsRegion(MemRegion::GlobalImmutableSpaceRegionKind);
950 // FIXME: Once we implement scope handling, we want the parent region
952 const StackFrameContext *STC = LC->getStackFrame();
954 sReg = getStackLocalsRegion(STC);
957 // We allow 'LC' to be NULL for cases where want BlockDataRegions
958 // without context-sensitivity.
959 sReg = getUnknownRegion();
963 return getSubRegion<BlockDataRegion>(BC, LC, blockCount, sReg);
966 const CXXTempObjectRegion *
967 MemRegionManager::getCXXStaticTempObjectRegion(const Expr *Ex) {
968 return getSubRegion<CXXTempObjectRegion>(
969 Ex, getGlobalsRegion(MemRegion::GlobalInternalSpaceRegionKind, nullptr));
972 const CompoundLiteralRegion*
973 MemRegionManager::getCompoundLiteralRegion(const CompoundLiteralExpr *CL,
974 const LocationContext *LC) {
975 const MemSpaceRegion *sReg = nullptr;
977 if (CL->isFileScope())
978 sReg = getGlobalsRegion();
980 const StackFrameContext *STC = LC->getStackFrame();
982 sReg = getStackLocalsRegion(STC);
985 return getSubRegion<CompoundLiteralRegion>(CL, sReg);
989 MemRegionManager::getElementRegion(QualType elementType, NonLoc Idx,
990 const SubRegion* superRegion,
992 QualType T = Ctx.getCanonicalType(elementType).getUnqualifiedType();
994 llvm::FoldingSetNodeID ID;
995 ElementRegion::ProfileRegion(ID, T, Idx, superRegion);
998 MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos);
999 auto *R = cast_or_null<ElementRegion>(data);
1002 R = A.Allocate<ElementRegion>();
1003 new (R) ElementRegion(T, Idx, superRegion);
1004 Regions.InsertNode(R, InsertPos);
1010 const FunctionCodeRegion *
1011 MemRegionManager::getFunctionCodeRegion(const NamedDecl *FD) {
1012 // To think: should we canonicalize the declaration here?
1013 return getSubRegion<FunctionCodeRegion>(FD, getCodeRegion());
1016 const BlockCodeRegion *
1017 MemRegionManager::getBlockCodeRegion(const BlockDecl *BD, CanQualType locTy,
1018 AnalysisDeclContext *AC) {
1019 return getSubRegion<BlockCodeRegion>(BD, locTy, AC, getCodeRegion());
1022 /// getSymbolicRegion - Retrieve or create a "symbolic" memory region.
1023 const SymbolicRegion *MemRegionManager::getSymbolicRegion(SymbolRef sym) {
1024 return getSubRegion<SymbolicRegion>(sym, getUnknownRegion());
1027 const SymbolicRegion *MemRegionManager::getSymbolicHeapRegion(SymbolRef Sym) {
1028 return getSubRegion<SymbolicRegion>(Sym, getHeapRegion());
1032 MemRegionManager::getFieldRegion(const FieldDecl *d,
1033 const SubRegion* superRegion){
1034 return getSubRegion<FieldRegion>(d, superRegion);
1037 const ObjCIvarRegion*
1038 MemRegionManager::getObjCIvarRegion(const ObjCIvarDecl *d,
1039 const SubRegion* superRegion) {
1040 return getSubRegion<ObjCIvarRegion>(d, superRegion);
1043 const CXXTempObjectRegion*
1044 MemRegionManager::getCXXTempObjectRegion(Expr const *E,
1045 LocationContext const *LC) {
1046 const StackFrameContext *SFC = LC->getStackFrame();
1048 return getSubRegion<CXXTempObjectRegion>(E, getStackLocalsRegion(SFC));
1051 /// Checks whether \p BaseClass is a valid virtual or direct non-virtual base
1052 /// class of the type of \p Super.
1053 static bool isValidBaseClass(const CXXRecordDecl *BaseClass,
1054 const TypedValueRegion *Super,
1056 BaseClass = BaseClass->getCanonicalDecl();
1058 const CXXRecordDecl *Class = Super->getValueType()->getAsCXXRecordDecl();
1063 return Class->isVirtuallyDerivedFrom(BaseClass);
1065 for (const auto &I : Class->bases()) {
1066 if (I.getType()->getAsCXXRecordDecl()->getCanonicalDecl() == BaseClass)
1073 const CXXBaseObjectRegion *
1074 MemRegionManager::getCXXBaseObjectRegion(const CXXRecordDecl *RD,
1075 const SubRegion *Super,
1077 if (isa<TypedValueRegion>(Super)) {
1078 assert(isValidBaseClass(RD, dyn_cast<TypedValueRegion>(Super), IsVirtual));
1079 (void)&isValidBaseClass;
1082 // Virtual base regions should not be layered, since the layout rules
1084 while (const auto *Base = dyn_cast<CXXBaseObjectRegion>(Super))
1085 Super = cast<SubRegion>(Base->getSuperRegion());
1086 assert(Super && !isa<MemSpaceRegion>(Super));
1090 return getSubRegion<CXXBaseObjectRegion>(RD, IsVirtual, Super);
1093 const CXXDerivedObjectRegion *
1094 MemRegionManager::getCXXDerivedObjectRegion(const CXXRecordDecl *RD,
1095 const SubRegion *Super) {
1096 return getSubRegion<CXXDerivedObjectRegion>(RD, Super);
1099 const CXXThisRegion*
1100 MemRegionManager::getCXXThisRegion(QualType thisPointerTy,
1101 const LocationContext *LC) {
1102 const auto *PT = thisPointerTy->getAs<PointerType>();
1104 // Inside the body of the operator() of a lambda a this expr might refer to an
1105 // object in one of the parent location contexts.
1106 const auto *D = dyn_cast<CXXMethodDecl>(LC->getDecl());
1107 // FIXME: when operator() of lambda is analyzed as a top level function and
1108 // 'this' refers to a this to the enclosing scope, there is no right region to
1110 while (!LC->inTopFrame() && (!D || D->isStatic() ||
1111 PT != D->getThisType()->getAs<PointerType>())) {
1112 LC = LC->getParent();
1113 D = dyn_cast<CXXMethodDecl>(LC->getDecl());
1115 const StackFrameContext *STC = LC->getStackFrame();
1117 return getSubRegion<CXXThisRegion>(PT, getStackArgumentsRegion(STC));
1121 MemRegionManager::getAllocaRegion(const Expr *E, unsigned cnt,
1122 const LocationContext *LC) {
1123 const StackFrameContext *STC = LC->getStackFrame();
1125 return getSubRegion<AllocaRegion>(E, cnt, getStackLocalsRegion(STC));
1128 const MemSpaceRegion *MemRegion::getMemorySpace() const {
1129 const MemRegion *R = this;
1130 const auto *SR = dyn_cast<SubRegion>(this);
1133 R = SR->getSuperRegion();
1134 SR = dyn_cast<SubRegion>(R);
1137 return dyn_cast<MemSpaceRegion>(R);
1140 bool MemRegion::hasStackStorage() const {
1141 return isa<StackSpaceRegion>(getMemorySpace());
1144 bool MemRegion::hasStackNonParametersStorage() const {
1145 return isa<StackLocalsSpaceRegion>(getMemorySpace());
1148 bool MemRegion::hasStackParametersStorage() const {
1149 return isa<StackArgumentsSpaceRegion>(getMemorySpace());
1152 bool MemRegion::hasGlobalsOrParametersStorage() const {
1153 const MemSpaceRegion *MS = getMemorySpace();
1154 return isa<StackArgumentsSpaceRegion>(MS) ||
1155 isa<GlobalsSpaceRegion>(MS);
1158 // getBaseRegion strips away all elements and fields, and get the base region
1160 const MemRegion *MemRegion::getBaseRegion() const {
1161 const MemRegion *R = this;
1163 switch (R->getKind()) {
1164 case MemRegion::ElementRegionKind:
1165 case MemRegion::FieldRegionKind:
1166 case MemRegion::ObjCIvarRegionKind:
1167 case MemRegion::CXXBaseObjectRegionKind:
1168 case MemRegion::CXXDerivedObjectRegionKind:
1169 R = cast<SubRegion>(R)->getSuperRegion();
1179 // getgetMostDerivedObjectRegion gets the region of the root class of a C++
1181 const MemRegion *MemRegion::getMostDerivedObjectRegion() const {
1182 const MemRegion *R = this;
1183 while (const auto *BR = dyn_cast<CXXBaseObjectRegion>(R))
1184 R = BR->getSuperRegion();
1188 bool MemRegion::isSubRegionOf(const MemRegion *) const {
1192 //===----------------------------------------------------------------------===//
1194 //===----------------------------------------------------------------------===//
1196 const MemRegion *MemRegion::StripCasts(bool StripBaseAndDerivedCasts) const {
1197 const MemRegion *R = this;
1199 switch (R->getKind()) {
1200 case ElementRegionKind: {
1201 const auto *ER = cast<ElementRegion>(R);
1202 if (!ER->getIndex().isZeroConstant())
1204 R = ER->getSuperRegion();
1207 case CXXBaseObjectRegionKind:
1208 case CXXDerivedObjectRegionKind:
1209 if (!StripBaseAndDerivedCasts)
1211 R = cast<TypedValueRegion>(R)->getSuperRegion();
1219 const SymbolicRegion *MemRegion::getSymbolicBase() const {
1220 const auto *SubR = dyn_cast<SubRegion>(this);
1223 if (const auto *SymR = dyn_cast<SymbolicRegion>(SubR))
1225 SubR = dyn_cast<SubRegion>(SubR->getSuperRegion());
1230 RegionRawOffset ElementRegion::getAsArrayOffset() const {
1232 const ElementRegion *ER = this;
1233 const MemRegion *superR = nullptr;
1234 ASTContext &C = getContext();
1236 // FIXME: Handle multi-dimensional arrays.
1239 superR = ER->getSuperRegion();
1241 // FIXME: generalize to symbolic offsets.
1242 SVal index = ER->getIndex();
1243 if (auto CI = index.getAs<nonloc::ConcreteInt>()) {
1244 // Update the offset.
1245 int64_t i = CI->getValue().getSExtValue();
1248 QualType elemType = ER->getElementType();
1250 // If we are pointing to an incomplete type, go no further.
1251 if (elemType->isIncompleteType()) {
1256 int64_t size = C.getTypeSizeInChars(elemType).getQuantity();
1257 if (auto NewOffset = llvm::checkedMulAdd(i, size, offset)) {
1258 offset = *NewOffset;
1260 LLVM_DEBUG(llvm::dbgs() << "MemRegion::getAsArrayOffset: "
1261 << "offset overflowing, returning unknown\n");
1267 // Go to the next ElementRegion (if any).
1268 ER = dyn_cast<ElementRegion>(superR);
1275 assert(superR && "super region cannot be NULL");
1276 return RegionRawOffset(superR, CharUnits::fromQuantity(offset));
1279 /// Returns true if \p Base is an immediate base class of \p Child
1280 static bool isImmediateBase(const CXXRecordDecl *Child,
1281 const CXXRecordDecl *Base) {
1282 assert(Child && "Child must not be null");
1283 // Note that we do NOT canonicalize the base class here, because
1284 // ASTRecordLayout doesn't either. If that leads us down the wrong path,
1285 // so be it; at least we won't crash.
1286 for (const auto &I : Child->bases()) {
1287 if (I.getType()->getAsCXXRecordDecl() == Base)
1294 static RegionOffset calculateOffset(const MemRegion *R) {
1295 const MemRegion *SymbolicOffsetBase = nullptr;
1299 switch (R->getKind()) {
1300 case MemRegion::CodeSpaceRegionKind:
1301 case MemRegion::StackLocalsSpaceRegionKind:
1302 case MemRegion::StackArgumentsSpaceRegionKind:
1303 case MemRegion::HeapSpaceRegionKind:
1304 case MemRegion::UnknownSpaceRegionKind:
1305 case MemRegion::StaticGlobalSpaceRegionKind:
1306 case MemRegion::GlobalInternalSpaceRegionKind:
1307 case MemRegion::GlobalSystemSpaceRegionKind:
1308 case MemRegion::GlobalImmutableSpaceRegionKind:
1309 // Stores can bind directly to a region space to set a default value.
1310 assert(Offset == 0 && !SymbolicOffsetBase);
1313 case MemRegion::FunctionCodeRegionKind:
1314 case MemRegion::BlockCodeRegionKind:
1315 case MemRegion::BlockDataRegionKind:
1316 // These will never have bindings, but may end up having values requested
1317 // if the user does some strange casting.
1319 SymbolicOffsetBase = R;
1322 case MemRegion::SymbolicRegionKind:
1323 case MemRegion::AllocaRegionKind:
1324 case MemRegion::CompoundLiteralRegionKind:
1325 case MemRegion::CXXThisRegionKind:
1326 case MemRegion::StringRegionKind:
1327 case MemRegion::ObjCStringRegionKind:
1328 case MemRegion::VarRegionKind:
1329 case MemRegion::CXXTempObjectRegionKind:
1330 // Usual base regions.
1333 case MemRegion::ObjCIvarRegionKind:
1334 // This is a little strange, but it's a compromise between
1335 // ObjCIvarRegions having unknown compile-time offsets (when using the
1336 // non-fragile runtime) and yet still being distinct, non-overlapping
1337 // regions. Thus we treat them as "like" base regions for the purposes
1338 // of computing offsets.
1341 case MemRegion::CXXBaseObjectRegionKind: {
1342 const auto *BOR = cast<CXXBaseObjectRegion>(R);
1343 R = BOR->getSuperRegion();
1346 bool RootIsSymbolic = false;
1347 if (const auto *TVR = dyn_cast<TypedValueRegion>(R)) {
1348 Ty = TVR->getDesugaredValueType(R->getContext());
1349 } else if (const auto *SR = dyn_cast<SymbolicRegion>(R)) {
1350 // If our base region is symbolic, we don't know what type it really is.
1351 // Pretend the type of the symbol is the true dynamic type.
1352 // (This will at least be self-consistent for the life of the symbol.)
1353 Ty = SR->getSymbol()->getType()->getPointeeType();
1354 RootIsSymbolic = true;
1357 const CXXRecordDecl *Child = Ty->getAsCXXRecordDecl();
1359 // We cannot compute the offset of the base class.
1360 SymbolicOffsetBase = R;
1362 if (RootIsSymbolic) {
1363 // Base layers on symbolic regions may not be type-correct.
1364 // Double-check the inheritance here, and revert to a symbolic offset
1365 // if it's invalid (e.g. due to a reinterpret_cast).
1366 if (BOR->isVirtual()) {
1367 if (!Child->isVirtuallyDerivedFrom(BOR->getDecl()))
1368 SymbolicOffsetBase = R;
1370 if (!isImmediateBase(Child, BOR->getDecl()))
1371 SymbolicOffsetBase = R;
1376 // Don't bother calculating precise offsets if we already have a
1377 // symbolic offset somewhere in the chain.
1378 if (SymbolicOffsetBase)
1381 CharUnits BaseOffset;
1382 const ASTRecordLayout &Layout = R->getContext().getASTRecordLayout(Child);
1383 if (BOR->isVirtual())
1384 BaseOffset = Layout.getVBaseClassOffset(BOR->getDecl());
1386 BaseOffset = Layout.getBaseClassOffset(BOR->getDecl());
1388 // The base offset is in chars, not in bits.
1389 Offset += BaseOffset.getQuantity() * R->getContext().getCharWidth();
1393 case MemRegion::CXXDerivedObjectRegionKind: {
1394 // TODO: Store the base type in the CXXDerivedObjectRegion and use it.
1398 case MemRegion::ElementRegionKind: {
1399 const auto *ER = cast<ElementRegion>(R);
1400 R = ER->getSuperRegion();
1402 QualType EleTy = ER->getValueType();
1403 if (EleTy->isIncompleteType()) {
1404 // We cannot compute the offset of the base class.
1405 SymbolicOffsetBase = R;
1409 SVal Index = ER->getIndex();
1410 if (Optional<nonloc::ConcreteInt> CI =
1411 Index.getAs<nonloc::ConcreteInt>()) {
1412 // Don't bother calculating precise offsets if we already have a
1413 // symbolic offset somewhere in the chain.
1414 if (SymbolicOffsetBase)
1417 int64_t i = CI->getValue().getSExtValue();
1418 // This type size is in bits.
1419 Offset += i * R->getContext().getTypeSize(EleTy);
1421 // We cannot compute offset for non-concrete index.
1422 SymbolicOffsetBase = R;
1426 case MemRegion::FieldRegionKind: {
1427 const auto *FR = cast<FieldRegion>(R);
1428 R = FR->getSuperRegion();
1430 const RecordDecl *RD = FR->getDecl()->getParent();
1431 if (RD->isUnion() || !RD->isCompleteDefinition()) {
1432 // We cannot compute offset for incomplete type.
1433 // For unions, we could treat everything as offset 0, but we'd rather
1434 // treat each field as a symbolic offset so they aren't stored on top
1435 // of each other, since we depend on things in typed regions actually
1436 // matching their types.
1437 SymbolicOffsetBase = R;
1440 // Don't bother calculating precise offsets if we already have a
1441 // symbolic offset somewhere in the chain.
1442 if (SymbolicOffsetBase)
1445 // Get the field number.
1447 for (RecordDecl::field_iterator FI = RD->field_begin(),
1448 FE = RD->field_end(); FI != FE; ++FI, ++idx) {
1449 if (FR->getDecl() == *FI)
1452 const ASTRecordLayout &Layout = R->getContext().getASTRecordLayout(RD);
1453 // This is offset in bits.
1454 Offset += Layout.getFieldOffset(idx);
1461 if (SymbolicOffsetBase)
1462 return RegionOffset(SymbolicOffsetBase, RegionOffset::Symbolic);
1463 return RegionOffset(R, Offset);
1466 RegionOffset MemRegion::getAsOffset() const {
1468 cachedOffset = calculateOffset(this);
1469 return *cachedOffset;
1472 //===----------------------------------------------------------------------===//
1474 //===----------------------------------------------------------------------===//
1476 std::pair<const VarRegion *, const VarRegion *>
1477 BlockDataRegion::getCaptureRegions(const VarDecl *VD) {
1478 MemRegionManager &MemMgr = *getMemRegionManager();
1479 const VarRegion *VR = nullptr;
1480 const VarRegion *OriginalVR = nullptr;
1482 if (!VD->hasAttr<BlocksAttr>() && VD->hasLocalStorage()) {
1483 VR = MemMgr.getVarRegion(VD, this);
1484 OriginalVR = MemMgr.getVarRegion(VD, LC);
1488 VR = MemMgr.getVarRegion(VD, LC);
1492 VR = MemMgr.getVarRegion(VD, MemMgr.getUnknownRegion());
1493 OriginalVR = MemMgr.getVarRegion(VD, LC);
1496 return std::make_pair(VR, OriginalVR);
1499 void BlockDataRegion::LazyInitializeReferencedVars() {
1503 AnalysisDeclContext *AC = getCodeRegion()->getAnalysisDeclContext();
1504 const auto &ReferencedBlockVars = AC->getReferencedBlockVars(BC->getDecl());
1506 std::distance(ReferencedBlockVars.begin(), ReferencedBlockVars.end());
1508 if (NumBlockVars == 0) {
1509 ReferencedVars = (void*) 0x1;
1513 MemRegionManager &MemMgr = *getMemRegionManager();
1514 llvm::BumpPtrAllocator &A = MemMgr.getAllocator();
1515 BumpVectorContext BC(A);
1517 using VarVec = BumpVector<const MemRegion *>;
1519 auto *BV = A.Allocate<VarVec>();
1520 new (BV) VarVec(BC, NumBlockVars);
1521 auto *BVOriginal = A.Allocate<VarVec>();
1522 new (BVOriginal) VarVec(BC, NumBlockVars);
1524 for (const auto *VD : ReferencedBlockVars) {
1525 const VarRegion *VR = nullptr;
1526 const VarRegion *OriginalVR = nullptr;
1527 std::tie(VR, OriginalVR) = getCaptureRegions(VD);
1530 BV->push_back(VR, BC);
1531 BVOriginal->push_back(OriginalVR, BC);
1534 ReferencedVars = BV;
1535 OriginalVars = BVOriginal;
1538 BlockDataRegion::referenced_vars_iterator
1539 BlockDataRegion::referenced_vars_begin() const {
1540 const_cast<BlockDataRegion*>(this)->LazyInitializeReferencedVars();
1542 auto *Vec = static_cast<BumpVector<const MemRegion *> *>(ReferencedVars);
1544 if (Vec == (void*) 0x1)
1545 return BlockDataRegion::referenced_vars_iterator(nullptr, nullptr);
1548 static_cast<BumpVector<const MemRegion *> *>(OriginalVars);
1550 return BlockDataRegion::referenced_vars_iterator(Vec->begin(),
1551 VecOriginal->begin());
1554 BlockDataRegion::referenced_vars_iterator
1555 BlockDataRegion::referenced_vars_end() const {
1556 const_cast<BlockDataRegion*>(this)->LazyInitializeReferencedVars();
1558 auto *Vec = static_cast<BumpVector<const MemRegion *> *>(ReferencedVars);
1560 if (Vec == (void*) 0x1)
1561 return BlockDataRegion::referenced_vars_iterator(nullptr, nullptr);
1564 static_cast<BumpVector<const MemRegion *> *>(OriginalVars);
1566 return BlockDataRegion::referenced_vars_iterator(Vec->end(),
1567 VecOriginal->end());
1570 const VarRegion *BlockDataRegion::getOriginalRegion(const VarRegion *R) const {
1571 for (referenced_vars_iterator I = referenced_vars_begin(),
1572 E = referenced_vars_end();
1574 if (I.getCapturedRegion() == R)
1575 return I.getOriginalRegion();
1580 //===----------------------------------------------------------------------===//
1581 // RegionAndSymbolInvalidationTraits
1582 //===----------------------------------------------------------------------===//
1584 void RegionAndSymbolInvalidationTraits::setTrait(SymbolRef Sym,
1585 InvalidationKinds IK) {
1586 SymTraitsMap[Sym] |= IK;
1589 void RegionAndSymbolInvalidationTraits::setTrait(const MemRegion *MR,
1590 InvalidationKinds IK) {
1592 if (const auto *SR = dyn_cast<SymbolicRegion>(MR))
1593 setTrait(SR->getSymbol(), IK);
1595 MRTraitsMap[MR] |= IK;
1598 bool RegionAndSymbolInvalidationTraits::hasTrait(SymbolRef Sym,
1599 InvalidationKinds IK) const {
1600 const_symbol_iterator I = SymTraitsMap.find(Sym);
1601 if (I != SymTraitsMap.end())
1602 return I->second & IK;
1607 bool RegionAndSymbolInvalidationTraits::hasTrait(const MemRegion *MR,
1608 InvalidationKinds IK) const {
1612 if (const auto *SR = dyn_cast<SymbolicRegion>(MR))
1613 return hasTrait(SR->getSymbol(), IK);
1615 const_region_iterator I = MRTraitsMap.find(MR);
1616 if (I != MRTraitsMap.end())
1617 return I->second & IK;
projects / FreeBSD / FreeBSD.git / blob