mirrors/llvm-project
0
0
Fork 0
mirror of https://github.com/llvm/llvm-project.git synced 2025-05-11 17:36:06 +00:00
Code Issues Projects Releases Wiki Activity
llvm-project/clang/lib/Analysis/MemRegion.cpp

502 lines
14 KiB
C++
Raw Normal View History

This is a big patch, but the functionality change is small and the rest of the patch consists of deltas due to API changes. This patch overhauls the "memory region" abstraction that was prototyped (but never really used) as part of the Store.h. This patch adds MemRegion.h and MemRegion.cpp, which defines the class MemRegion and its subclasses. This classes serve to define an abstract representation of memory, with regions being layered on other regions to to capture the relationships between fields and variables, variables and the address space they are allocated in, and so on. The main motivation of this patch is that key parts of the analyzer assumed that all value bindings were to VarDecls. In the future this won't be the case, and this patch removes lval::DeclVal and replaces it with lval::MemRegionVal. Now all pieces of the analyzer must reason about abstract memory blocks instead of just variables. There should be no functionality change from this patch, but it opens the door for significant improvements to the analyzer such as field-sensitivity and object-sensitivity, both which were on hold until the memory abstraction got generalized. The memory region abstraction also allows type-information to literally be affixed to a memory region. This will allow the some now redundant logic to be removed from the retain/release checker. llvm-svn: 57042
2008-10-04 05:50:14 +00:00
//== MemRegion.cpp - Abstract memory regions for static analysis --*- C++ -*--//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
//
// This file defines MemRegion and its subclasses. MemRegion defines a
// partially-typed abstraction of memory useful for path-sensitive dataflow
// analyses.
//
//===----------------------------------------------------------------------===//
#include "llvm/Support/raw_ostream.h"
#include "clang/Analysis/PathSensitive/MemRegion.h"
using namespace clang;
MemRegion::~MemRegion() {}
Add isSubRegionOf() method to SubRegion. llvm-svn: 61924
2009-01-08 13:17:14 +00:00
bool SubRegion::isSubRegionOf(const MemRegion* R) const {
const MemRegion* r = getSuperRegion();
while (r != 0) {
if (r == R)
return true;
if (const SubRegion* sr = dyn_cast<SubRegion>(r))
r = sr->getSuperRegion();
else
break;
}
return false;
}
This is a big patch, but the functionality change is small and the rest of the patch consists of deltas due to API changes. This patch overhauls the "memory region" abstraction that was prototyped (but never really used) as part of the Store.h. This patch adds MemRegion.h and MemRegion.cpp, which defines the class MemRegion and its subclasses. This classes serve to define an abstract representation of memory, with regions being layered on other regions to to capture the relationships between fields and variables, variables and the address space they are allocated in, and so on. The main motivation of this patch is that key parts of the analyzer assumed that all value bindings were to VarDecls. In the future this won't be the case, and this patch removes lval::DeclVal and replaces it with lval::MemRegionVal. Now all pieces of the analyzer must reason about abstract memory blocks instead of just variables. There should be no functionality change from this patch, but it opens the door for significant improvements to the analyzer such as field-sensitivity and object-sensitivity, both which were on hold until the memory abstraction got generalized. The memory region abstraction also allows type-information to literally be affixed to a memory region. This will allow the some now redundant logic to be removed from the retain/release checker. llvm-svn: 57042
2008-10-04 05:50:14 +00:00
void MemSpaceRegion::Profile(llvm::FoldingSetNodeID& ID) const {
ID.AddInteger((unsigned)getKind());
}
Add StringRegion to MemRegions. llvm-svn: 58137
2008-10-25 14:13:41 +00:00
void StringRegion::ProfileRegion(llvm::FoldingSetNodeID& ID,
const StringLiteral* Str,
const MemRegion* superRegion) {
ID.AddInteger((unsigned) StringRegionKind);
ID.AddPointer(Str);
ID.AddPointer(superRegion);
}
Added AllocaRegion, which represents regions created by calls to alloca(). llvm-svn: 58551
2008-11-02 00:34:33 +00:00
void AllocaRegion::ProfileRegion(llvm::FoldingSetNodeID& ID,
const Expr* Ex, unsigned cnt) {
ID.AddInteger((unsigned) AllocaRegionKind);
ID.AddPointer(Ex);
ID.AddInteger(cnt);
}
void AllocaRegion::Profile(llvm::FoldingSetNodeID& ID) const {
ProfileRegion(ID, Ex, Cnt);
}
Rename AnonTypedRegion to TypedViewRegion. llvm-svn: 65764
2009-03-01 05:44:08 +00:00
void TypedViewRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, QualType T,
Enhances SCA to process untyped region to typed region conversion. - RegionView and RegionViewMap is introduced to assist back-mapping from super region to subregions. - GDM is used to carry RegionView information. - AnonTypedRegion is added to represent a typed region introduced by pointer casting. Later AnonTypedRegion can be used in other similar cases, e.g., malloc()'ed region. - The specific conversion is delegated to store manager. llvm-svn: 59382
2008-11-16 04:07:26 +00:00
const MemRegion* superRegion) {
Rename AnonTypedRegion to TypedViewRegion. llvm-svn: 65764
2009-03-01 05:44:08 +00:00
ID.AddInteger((unsigned) TypedViewRegionKind);
Enhances SCA to process untyped region to typed region conversion. - RegionView and RegionViewMap is introduced to assist back-mapping from super region to subregions. - GDM is used to carry RegionView information. - AnonTypedRegion is added to represent a typed region introduced by pointer casting. Later AnonTypedRegion can be used in other similar cases, e.g., malloc()'ed region. - The specific conversion is delegated to store manager. llvm-svn: 59382
2008-11-16 04:07:26 +00:00
ID.Add(T);
ID.AddPointer(superRegion);
}
Added CompoundLiteralRegion to represent the (temporary) memory allocated for a compound literal. llvm-svn: 58270
2008-10-27 20:57:58 +00:00
void CompoundLiteralRegion::Profile(llvm::FoldingSetNodeID& ID) const {
CompoundLiteralRegion::ProfileRegion(ID, CL, superRegion);
}
void CompoundLiteralRegion::ProfileRegion(llvm::FoldingSetNodeID& ID,
const CompoundLiteralExpr* CL,
const MemRegion* superRegion) {
ID.AddInteger((unsigned) CompoundLiteralRegionKind);
ID.AddPointer(CL);
ID.AddPointer(superRegion);
}
This is a big patch, but the functionality change is small and the rest of the patch consists of deltas due to API changes. This patch overhauls the "memory region" abstraction that was prototyped (but never really used) as part of the Store.h. This patch adds MemRegion.h and MemRegion.cpp, which defines the class MemRegion and its subclasses. This classes serve to define an abstract representation of memory, with regions being layered on other regions to to capture the relationships between fields and variables, variables and the address space they are allocated in, and so on. The main motivation of this patch is that key parts of the analyzer assumed that all value bindings were to VarDecls. In the future this won't be the case, and this patch removes lval::DeclVal and replaces it with lval::MemRegionVal. Now all pieces of the analyzer must reason about abstract memory blocks instead of just variables. There should be no functionality change from this patch, but it opens the door for significant improvements to the analyzer such as field-sensitivity and object-sensitivity, both which were on hold until the memory abstraction got generalized. The memory region abstraction also allows type-information to literally be affixed to a memory region. This will allow the some now redundant logic to be removed from the retain/release checker. llvm-svn: 57042
2008-10-04 05:50:14 +00:00
void DeclRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, const Decl* D,
const MemRegion* superRegion, Kind k) {
ID.AddInteger((unsigned) k);
ID.AddPointer(D);
ID.AddPointer(superRegion);
}
void DeclRegion::Profile(llvm::FoldingSetNodeID& ID) const {
DeclRegion::ProfileRegion(ID, D, superRegion, getKind());
}
Rename SymbolID to SymbolRef. This is a precursor to some overhauling of the representation of symbolic values. llvm-svn: 60575
2008-12-05 02:27:51 +00:00
void SymbolicRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, SymbolRef sym) {
- constify some uses of MemRegion* (MemRegion should be immutable). - Added new region "SymbolicRegion", which maps symbol values to the region domain. - Enhanced BasicStore::getFieldLValue() to return a FieldRegion (using SymbolicRegion) - Added some utility methods to GRState for fetch svals from the store. - Fixed regression in CheckNSError (we weren't getting the value bound to the parameter) llvm-svn: 57717
2008-10-17 20:28:54 +00:00
ID.AddInteger((unsigned) MemRegion::SymbolicRegionKind);
Use trait-based profiling of SymbolRefs, avoiding calling getNumber() (which will soon be removed). llvm-svn: 60577
2008-12-05 02:39:38 +00:00
ID.Add(sym);
- constify some uses of MemRegion* (MemRegion should be immutable). - Added new region "SymbolicRegion", which maps symbol values to the region domain. - Enhanced BasicStore::getFieldLValue() to return a FieldRegion (using SymbolicRegion) - Added some utility methods to GRState for fetch svals from the store. - Fixed regression in CheckNSError (we weren't getting the value bound to the parameter) llvm-svn: 57717
2008-10-17 20:28:54 +00:00
}
void SymbolicRegion::Profile(llvm::FoldingSetNodeID& ID) const {
SymbolicRegion::ProfileRegion(ID, sym);
}
Add ElementRegion to represent memory chunks for array elements. llvm-svn: 57891
2008-10-21 05:27:10 +00:00
void ElementRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, SVal Idx,
const MemRegion* superRegion) {
ID.AddInteger(MemRegion::ElementRegionKind);
ID.AddPointer(superRegion);
Idx.Profile(ID);
}
void ElementRegion::Profile(llvm::FoldingSetNodeID& ID) const {
ElementRegion::ProfileRegion(ID, Index, superRegion);
}
An ElementRegion is really a typed region. Its super region's type has to be ArrayType. llvm-svn: 58245
2008-10-27 13:17:02 +00:00
Add prototype for CodeTextRegion. A CodeTextRegion wraps two kinds of data: FunctionDecl* or SymbolRef. The latter comes from the symbolic function pointer that are generated from function calls or input data. llvm-svn: 68777
2009-04-10 08:45:10 +00:00
void CodeTextRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, const void* data,
QualType t) {
ID.AddInteger(MemRegion::CodeTextRegionKind);
ID.AddPointer(data);
ID.Add(t);
}
void CodeTextRegion::Profile(llvm::FoldingSetNodeID& ID) const {
CodeTextRegion::ProfileRegion(ID, Data, LocationType);
}
Make SymbolicRegion subclass TypedRegion, for symbols usually have types, so do the symblic regions associated with them and we need them to be typed. Current SymbolicRegion::getRValueType() method is very restricting. It may be modified when we are more clear about what could be the types of symblic regions. BasicConstraintManager::Assume() is changed due to that now SymblicRegion is a subclass of SubRegion. llvm-svn: 63844
2009-02-05 06:57:29 +00:00
//===----------------------------------------------------------------------===//
// getLValueType() and getRValueType()
//===----------------------------------------------------------------------===//
MemRegion: - Overhauled the notion of "types" for TypedRegions. We now distinguish between the "lvalue" of a region (via getLValueRegion()) and the "rvalue" of a region (va getRValueRegion()). Since a region represents a chunk of memory it has both, but we were conflating these concepts in some cases, leading to some insidious bugs. - Removed AnonPointeeType, partially because it is unused and because it doesn't have a clear notion of lvalue vs rvalue type. We can add it back once there is a need for it and we can resolve its role with these concepts. StoreManager: - Overhauled StoreManager::CastRegion. It expects an *lvalue* type for a region. This is actually what motivated the overhaul to the MemRegion type mechanism. It also no longer returns an SVal; we can just return a MemRegion*. - BasicStoreManager::CastRegion now overlays an "AnonTypedRegion" for pointer-pointer casts. This matches with the MemRegion changes. - Similar changes to RegionStore, except I've added a bunch of FIXMEs where it wasn't 100% clear where we should use TypedRegion::getRValueRegion() or TypedRegion::getLValueRegion(). AuditCFNumberCreate check: - Now blasts through AnonTypedRegions that may layer the original memory region, thus checking if the actually memory block is of the appropriate type. This change was needed to work with the changes to StoreManager::CastRegion. GRExprEngine::VisitCast: - Conform to the new interface of StoreManager::CastRegion. Tests: - None of the analysis tests fail now for using the "basic store". - Disabled the tests 'array-struct.c' and 'rdar-6442306-1.m' pending further testing and bug fixing. llvm-svn: 60995
2008-12-13 21:49:13 +00:00
QualType ElementRegion::getRValueType(ASTContext& C) const {
Fix crash ElementRegion::getRValueType() when the RvalueType of the ArrayRegion is a typedef and not (directly) a pointer. llvm-svn: 62909
2009-01-24 06:11:36 +00:00
// Strip off typedefs from the ArrayRegion's RvalueType.
QualType T = getArrayRegion()->getRValueType(C)->getDesugaredType();
When getting the element region type, we should get the rvalue type of the super region. Otherwise we would get an extra level of pointer type. llvm-svn: 62844
2009-01-23 10:19:29 +00:00
Fix crash ElementRegion::getRValueType() when the RvalueType of the ArrayRegion is a typedef and not (directly) a pointer. llvm-svn: 62909
2009-01-24 06:11:36 +00:00
if (ArrayType* AT = dyn_cast<ArrayType>(T.getTypePtr()))
Change AllocaRegion to subclass TypedRegion. We need to know ElementRegion's type when assigning to it. llvm-svn: 59229
2008-11-13 07:30:58 +00:00
return AT->getElementType();
Fix crash ElementRegion::getRValueType() when the RvalueType of the ArrayRegion is a typedef and not (directly) a pointer. llvm-svn: 62909
2009-01-24 06:11:36 +00:00
Fix a couple bugs: - NonLoc::MakeVal() would use sizeof(unsigned) (literally) instead of consulting ASTContext for the size (in bits) of 'int'. While it worked, it was a conflation of concepts and using ASTContext.IntTy is 100% correct. - RegionStore::getSizeInElements() no longer assumes that a VarRegion has the type "ConstantArray", and handles the case when uses use ordinary variables as if they were arrays. - Fixed ElementRegion::getRValueType() to just return the rvalue type of its "array region" in the case the array didn't have ArrayType. - All of this fixes <rdar://problem/6541136> llvm-svn: 63347
2009-01-30 00:08:43 +00:00
// If the RValueType of the array region isn't an ArrayType, then essentially
// the element's
return T;
An ElementRegion is really a typed region. Its super region's type has to be ArrayType. llvm-svn: 58245
2008-10-27 13:17:02 +00:00
}
MemRegion: - Overhauled the notion of "types" for TypedRegions. We now distinguish between the "lvalue" of a region (via getLValueRegion()) and the "rvalue" of a region (va getRValueRegion()). Since a region represents a chunk of memory it has both, but we were conflating these concepts in some cases, leading to some insidious bugs. - Removed AnonPointeeType, partially because it is unused and because it doesn't have a clear notion of lvalue vs rvalue type. We can add it back once there is a need for it and we can resolve its role with these concepts. StoreManager: - Overhauled StoreManager::CastRegion. It expects an *lvalue* type for a region. This is actually what motivated the overhaul to the MemRegion type mechanism. It also no longer returns an SVal; we can just return a MemRegion*. - BasicStoreManager::CastRegion now overlays an "AnonTypedRegion" for pointer-pointer casts. This matches with the MemRegion changes. - Similar changes to RegionStore, except I've added a bunch of FIXMEs where it wasn't 100% clear where we should use TypedRegion::getRValueRegion() or TypedRegion::getLValueRegion(). AuditCFNumberCreate check: - Now blasts through AnonTypedRegions that may layer the original memory region, thus checking if the actually memory block is of the appropriate type. This change was needed to work with the changes to StoreManager::CastRegion. GRExprEngine::VisitCast: - Conform to the new interface of StoreManager::CastRegion. Tests: - None of the analysis tests fail now for using the "basic store". - Disabled the tests 'array-struct.c' and 'rdar-6442306-1.m' pending further testing and bug fixing. llvm-svn: 60995
2008-12-13 21:49:13 +00:00
QualType StringRegion::getRValueType(ASTContext& C) const {
return Str->getType();
}
This is a big patch, but the functionality change is small and the rest of the patch consists of deltas due to API changes. This patch overhauls the "memory region" abstraction that was prototyped (but never really used) as part of the Store.h. This patch adds MemRegion.h and MemRegion.cpp, which defines the class MemRegion and its subclasses. This classes serve to define an abstract representation of memory, with regions being layered on other regions to to capture the relationships between fields and variables, variables and the address space they are allocated in, and so on. The main motivation of this patch is that key parts of the analyzer assumed that all value bindings were to VarDecls. In the future this won't be the case, and this patch removes lval::DeclVal and replaces it with lval::MemRegionVal. Now all pieces of the analyzer must reason about abstract memory blocks instead of just variables. There should be no functionality change from this patch, but it opens the door for significant improvements to the analyzer such as field-sensitivity and object-sensitivity, both which were on hold until the memory abstraction got generalized. The memory region abstraction also allows type-information to literally be affixed to a memory region. This will allow the some now redundant logic to be removed from the retain/release checker. llvm-svn: 57042
2008-10-04 05:50:14 +00:00
//===----------------------------------------------------------------------===//
// Region pretty-printing.
//===----------------------------------------------------------------------===//
std::string MemRegion::getString() const {
std::string s;
llvm::raw_string_ostream os(s);
print(os);
return os.str();
}
void MemRegion::print(llvm::raw_ostream& os) const {
os << "<Unknown Region>";
}
Added AllocaRegion, which represents regions created by calls to alloca(). llvm-svn: 58551
2008-11-02 00:34:33 +00:00
void AllocaRegion::print(llvm::raw_ostream& os) const {
os << "alloca{" << (void*) Ex << ',' << Cnt << '}';
}
Lexically order the implementation of MemRegion 'print' methods. No functionality change. llvm-svn: 69688
2009-04-21 18:09:22 +00:00
void CompoundLiteralRegion::print(llvm::raw_ostream& os) const {
// FIXME: More elaborate pretty-printing.
os << "{ " << (void*) CL << " }";
This is a big patch, but the functionality change is small and the rest of the patch consists of deltas due to API changes. This patch overhauls the "memory region" abstraction that was prototyped (but never really used) as part of the Store.h. This patch adds MemRegion.h and MemRegion.cpp, which defines the class MemRegion and its subclasses. This classes serve to define an abstract representation of memory, with regions being layered on other regions to to capture the relationships between fields and variables, variables and the address space they are allocated in, and so on. The main motivation of this patch is that key parts of the analyzer assumed that all value bindings were to VarDecls. In the future this won't be the case, and this patch removes lval::DeclVal and replaces it with lval::MemRegionVal. Now all pieces of the analyzer must reason about abstract memory blocks instead of just variables. There should be no functionality change from this patch, but it opens the door for significant improvements to the analyzer such as field-sensitivity and object-sensitivity, both which were on hold until the memory abstraction got generalized. The memory region abstraction also allows type-information to literally be affixed to a memory region. This will allow the some now redundant logic to be removed from the retain/release checker. llvm-svn: 57042
2008-10-04 05:50:14 +00:00
}
Lexically order the implementation of MemRegion 'print' methods. No functionality change. llvm-svn: 69688
2009-04-21 18:09:22 +00:00
void ElementRegion::print(llvm::raw_ostream& os) const {
superRegion->print(os);
os << '['; Index.print(os); os << ']';
- constify some uses of MemRegion* (MemRegion should be immutable). - Added new region "SymbolicRegion", which maps symbol values to the region domain. - Enhanced BasicStore::getFieldLValue() to return a FieldRegion (using SymbolicRegion) - Added some utility methods to GRState for fetch svals from the store. - Fixed regression in CheckNSError (we weren't getting the value bound to the parameter) llvm-svn: 57717
2008-10-17 20:28:54 +00:00
}
Add pretty-printing support for FieldRegions. llvm-svn: 57724
2008-10-17 21:05:44 +00:00
void FieldRegion::print(llvm::raw_ostream& os) const {
superRegion->print(os);
Rename NamedDecl::getName() to getNameAsString(). Replace a bunch of uses of getName() with uses of getDeclName(). This upgrades a bunch of diags to take DeclNames instead of std::strings. This also tweaks a couple of diagnostics to be cleaner and changes CheckInitializerTypes/PerformInitializationByConstructor to pass around DeclarationNames instead of std::strings. llvm-svn: 59947
2008-11-24 05:29:24 +00:00
os << "->" << getDecl()->getNameAsString();
Add pretty-printing support for FieldRegions. llvm-svn: 57724
2008-10-17 21:05:44 +00:00
}
Lexically order the implementation of MemRegion 'print' methods. No functionality change. llvm-svn: 69688
2009-04-21 18:09:22 +00:00
void StringRegion::print(llvm::raw_ostream& os) const {
Str->printPretty(os);
Add printing method to ElementRegion. llvm-svn: 58077
2008-10-24 06:30:07 +00:00
}
Lexically order the implementation of MemRegion 'print' methods. No functionality change. llvm-svn: 69688
2009-04-21 18:09:22 +00:00
void SymbolicRegion::print(llvm::raw_ostream& os) const {
os << "SymRegion-" << sym;
Added CompoundLiteralRegion to represent the (temporary) memory allocated for a compound literal. llvm-svn: 58270
2008-10-27 20:57:58 +00:00
}
Lexically order the implementation of MemRegion 'print' methods. No functionality change. llvm-svn: 69688
2009-04-21 18:09:22 +00:00
void TypedViewRegion::print(llvm::raw_ostream& os) const {
os << "typed_view{" << LValueType.getAsString() << ',';
getSuperRegion()->print(os);
os << '}';
}
void VarRegion::print(llvm::raw_ostream& os) const {
os << cast<VarDecl>(D)->getNameAsString();
Add pretty printing to StringRegion. llvm-svn: 58985
2008-11-10 13:05:26 +00:00
}
This is a big patch, but the functionality change is small and the rest of the patch consists of deltas due to API changes. This patch overhauls the "memory region" abstraction that was prototyped (but never really used) as part of the Store.h. This patch adds MemRegion.h and MemRegion.cpp, which defines the class MemRegion and its subclasses. This classes serve to define an abstract representation of memory, with regions being layered on other regions to to capture the relationships between fields and variables, variables and the address space they are allocated in, and so on. The main motivation of this patch is that key parts of the analyzer assumed that all value bindings were to VarDecls. In the future this won't be the case, and this patch removes lval::DeclVal and replaces it with lval::MemRegionVal. Now all pieces of the analyzer must reason about abstract memory blocks instead of just variables. There should be no functionality change from this patch, but it opens the door for significant improvements to the analyzer such as field-sensitivity and object-sensitivity, both which were on hold until the memory abstraction got generalized. The memory region abstraction also allows type-information to literally be affixed to a memory region. This will allow the some now redundant logic to be removed from the retain/release checker. llvm-svn: 57042
2008-10-04 05:50:14 +00:00
//===----------------------------------------------------------------------===//
// MemRegionManager methods.
//===----------------------------------------------------------------------===//
MemSpaceRegion* MemRegionManager::LazyAllocate(MemSpaceRegion*& region) {
if (!region) {
region = (MemSpaceRegion*) A.Allocate<MemSpaceRegion>();
new (region) MemSpaceRegion();
}
return region;
}
MemSpaceRegion* MemRegionManager::getStackRegion() {
return LazyAllocate(stack);
}
MemSpaceRegion* MemRegionManager::getGlobalsRegion() {
return LazyAllocate(globals);
}
MemSpaceRegion* MemRegionManager::getHeapRegion() {
return LazyAllocate(heap);
}
This is the first step to implement a field-sensitive store model. Other things are simplified: no heap shape assumption, no parameter alias assumption, etc. llvm-svn: 57285
2008-10-08 02:50:44 +00:00
MemSpaceRegion* MemRegionManager::getUnknownRegion() {
return LazyAllocate(unknown);
}
Add prototype for CodeTextRegion. A CodeTextRegion wraps two kinds of data: FunctionDecl* or SymbolRef. The latter comes from the symbolic function pointer that are generated from function calls or input data. llvm-svn: 68777
2009-04-10 08:45:10 +00:00
MemSpaceRegion* MemRegionManager::getCodeRegion() {
return LazyAllocate(code);
}
Lazy bingding for region-store manager. * Now Bind() methods take and return GRState* because binding could also alter GDM. * No variables are initialized except those declared with initial values. * failed C test cases are due to bugs in RemoveDeadBindings(), which removes constraints that is still alive. This will be fixed in later patch. * default value of array and struct regions will be implemented in later patch. llvm-svn: 61274
2008-12-20 06:32:12 +00:00
bool MemRegionManager::onStack(const MemRegion* R) {
while (const SubRegion* SR = dyn_cast<SubRegion>(R))
R = SR->getSuperRegion();
return (R != 0) && (R == stack);
}
bool MemRegionManager::onHeap(const MemRegion* R) {
while (const SubRegion* SR = dyn_cast<SubRegion>(R))
R = SR->getSuperRegion();
return (R != 0) && (R == heap);
}
Add StringRegion to MemRegions. llvm-svn: 58137
2008-10-25 14:13:41 +00:00
StringRegion* MemRegionManager::getStringRegion(const StringLiteral* Str) {
llvm::FoldingSetNodeID ID;
MemSpaceRegion* GlobalsR = getGlobalsRegion();
StringRegion::ProfileRegion(ID, Str, GlobalsR);
void* InsertPos;
MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos);
StringRegion* R = cast_or_null<StringRegion>(data);
if (!R) {
R = (StringRegion*) A.Allocate<StringRegion>();
new (R) StringRegion(Str, GlobalsR);
Regions.InsertNode(R, InsertPos);
}
return R;
}
Pull determination of the super region for a VarRegion into a single getVarRegion() method. This provides a common clean API for clients. llvm-svn: 58272
2008-10-27 21:01:26 +00:00
VarRegion* MemRegionManager::getVarRegion(const VarDecl* d) {
const MemRegion* superRegion = d->hasLocalStorage() ? getStackRegion()
: getGlobalsRegion();
This is a big patch, but the functionality change is small and the rest of the patch consists of deltas due to API changes. This patch overhauls the "memory region" abstraction that was prototyped (but never really used) as part of the Store.h. This patch adds MemRegion.h and MemRegion.cpp, which defines the class MemRegion and its subclasses. This classes serve to define an abstract representation of memory, with regions being layered on other regions to to capture the relationships between fields and variables, variables and the address space they are allocated in, and so on. The main motivation of this patch is that key parts of the analyzer assumed that all value bindings were to VarDecls. In the future this won't be the case, and this patch removes lval::DeclVal and replaces it with lval::MemRegionVal. Now all pieces of the analyzer must reason about abstract memory blocks instead of just variables. There should be no functionality change from this patch, but it opens the door for significant improvements to the analyzer such as field-sensitivity and object-sensitivity, both which were on hold until the memory abstraction got generalized. The memory region abstraction also allows type-information to literally be affixed to a memory region. This will allow the some now redundant logic to be removed from the retain/release checker. llvm-svn: 57042
2008-10-04 05:50:14 +00:00
llvm::FoldingSetNodeID ID;
DeclRegion::ProfileRegion(ID, d, superRegion, MemRegion::VarRegionKind);
void* InsertPos;
MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos);
VarRegion* R = cast_or_null<VarRegion>(data);
if (!R) {
R = (VarRegion*) A.Allocate<VarRegion>();
new (R) VarRegion(d, superRegion);
Regions.InsertNode(R, InsertPos);
}
return R;
}
Added CompoundLiteralRegion to represent the (temporary) memory allocated for a compound literal. llvm-svn: 58270
2008-10-27 20:57:58 +00:00
CompoundLiteralRegion*
MemRegionManager::getCompoundLiteralRegion(const CompoundLiteralExpr* CL) {
// Is this compound literal allocated on the stack or is part of the
// global constant pool?
const MemRegion* superRegion = CL->isFileScope() ?
getGlobalsRegion() : getStackRegion();
// Profile the compound literal.
llvm::FoldingSetNodeID ID;
CompoundLiteralRegion::ProfileRegion(ID, CL, superRegion);
void* InsertPos;
MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos);
CompoundLiteralRegion* R = cast_or_null<CompoundLiteralRegion>(data);
if (!R) {
R = (CompoundLiteralRegion*) A.Allocate<CompoundLiteralRegion>();
new (R) CompoundLiteralRegion(CL, superRegion);
Regions.InsertNode(R, InsertPos);
}
return R;
}
A series of cleanups/fixes motivated by <rdar://problem/6442306>: GRExprEngine (VisitCast): - When using StoreManager::CastRegion, always use the state and value it returns to generate the next node. Failure to do so means that region values returned that don't require the state to be modified will get ignored. MemRegion: - Tighten the interface for ElementRegion. Now ElementRegion can only be created with a super region that is a 'TypedRegion' instead of any MemRegion. Code in BasicStoreManager/RegionStoreManager already assumed this, but it would result in a dynamic assertion check (and crash) rather than just having the compiler forbid the construction of such regions. - Added ElementRegion::getArrayRegion() to return the 'typed version' of an ElementRegion's super region. - Removed bogus assertion in ElementRegion::getType() that assumed that the super region was an AnonTypedRegion. All that matters is that it is a TypedRegion, which is now true all the time by design. BasicStore: - Modified getLValueElement() to check if the 'array' region is a TypedRegion before creating an ElementRegion. This conforms to the updated interface for ElementRegion. RegionStore: - In ArrayToPointer() gracefully handle things we don't reason about, and only create an ElementRegion if the array region is indeed a TypedRegion. llvm-svn: 60990
2008-12-13 19:24:37 +00:00
ElementRegion*
MemRegionManager::getElementRegion(SVal Idx, const TypedRegion* superRegion){
Add ElementRegion to represent memory chunks for array elements. llvm-svn: 57891
2008-10-21 05:27:10 +00:00
llvm::FoldingSetNodeID ID;
ElementRegion::ProfileRegion(ID, Idx, superRegion);
void* InsertPos;
MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos);
ElementRegion* R = cast_or_null<ElementRegion>(data);
if (!R) {
R = (ElementRegion*) A.Allocate<ElementRegion>();
new (R) ElementRegion(Idx, superRegion);
Regions.InsertNode(R, InsertPos);
}
return R;
}
Add prototype for CodeTextRegion. A CodeTextRegion wraps two kinds of data: FunctionDecl* or SymbolRef. The latter comes from the symbolic function pointer that are generated from function calls or input data. llvm-svn: 68777
2009-04-10 08:45:10 +00:00
CodeTextRegion* MemRegionManager::getCodeTextRegion(const FunctionDecl* fd,
QualType t) {
llvm::FoldingSetNodeID ID;
CodeTextRegion::ProfileRegion(ID, fd, t);
void* InsertPos;
MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos);
CodeTextRegion* R = cast_or_null<CodeTextRegion>(data);
if (!R) {
R = (CodeTextRegion*) A.Allocate<CodeTextRegion>();
new (R) CodeTextRegion(fd, t, getCodeRegion());
Regions.InsertNode(R, InsertPos);
}
return R;
}
CodeTextRegion* MemRegionManager::getCodeTextRegion(SymbolRef sym, QualType t) {
llvm::FoldingSetNodeID ID;
CodeTextRegion::ProfileRegion(ID, sym, t);
void* InsertPos;
MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos);
CodeTextRegion* R = cast_or_null<CodeTextRegion>(data);
if (!R) {
R = (CodeTextRegion*) A.Allocate<CodeTextRegion>();
new (R) CodeTextRegion(sym, t, getCodeRegion());
Regions.InsertNode(R, InsertPos);
}
return R;
}
- constify some uses of MemRegion* (MemRegion should be immutable). - Added new region "SymbolicRegion", which maps symbol values to the region domain. - Enhanced BasicStore::getFieldLValue() to return a FieldRegion (using SymbolicRegion) - Added some utility methods to GRState for fetch svals from the store. - Fixed regression in CheckNSError (we weren't getting the value bound to the parameter) llvm-svn: 57717
2008-10-17 20:28:54 +00:00
/// getSymbolicRegion - Retrieve or create a "symbolic" memory region.
analyzer infrastructure: make a bunch of changes to symbolic expressions that Zhongxing and I discussed by email. Main changes: - Removed SymIntConstraintVal and SymIntConstraint - Added SymExpr as a parent class to SymbolData, SymSymExpr, SymIntExpr - Added nonloc::SymExprVal to wrap SymExpr - SymbolRef is now just a typedef of 'const SymbolData*' - Bunch of minor code cleanups in how some methods were invoked (no functionality change) This changes are part of a long-term plan to have full symbolic expression trees. This will be useful for lazily evaluating complicated expressions. llvm-svn: 67731
2009-03-26 03:35:11 +00:00
SymbolicRegion* MemRegionManager::getSymbolicRegion(SymbolRef sym) {
- constify some uses of MemRegion* (MemRegion should be immutable). - Added new region "SymbolicRegion", which maps symbol values to the region domain. - Enhanced BasicStore::getFieldLValue() to return a FieldRegion (using SymbolicRegion) - Added some utility methods to GRState for fetch svals from the store. - Fixed regression in CheckNSError (we weren't getting the value bound to the parameter) llvm-svn: 57717
2008-10-17 20:28:54 +00:00
llvm::FoldingSetNodeID ID;
SymbolicRegion::ProfileRegion(ID, sym);
void* InsertPos;
MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos);
SymbolicRegion* R = cast_or_null<SymbolicRegion>(data);
if (!R) {
R = (SymbolicRegion*) A.Allocate<SymbolicRegion>();
Make SymbolicRegion subclass TypedRegion, for symbols usually have types, so do the symblic regions associated with them and we need them to be typed. Current SymbolicRegion::getRValueType() method is very restricting. It may be modified when we are more clear about what could be the types of symblic regions. BasicConstraintManager::Assume() is changed due to that now SymblicRegion is a subclass of SubRegion. llvm-svn: 63844
2009-02-05 06:57:29 +00:00
// SymbolicRegion's storage class is usually unknown.
analyzer infrastructure: make a bunch of changes to symbolic expressions that Zhongxing and I discussed by email. Main changes: - Removed SymIntConstraintVal and SymIntConstraint - Added SymExpr as a parent class to SymbolData, SymSymExpr, SymIntExpr - Added nonloc::SymExprVal to wrap SymExpr - SymbolRef is now just a typedef of 'const SymbolData*' - Bunch of minor code cleanups in how some methods were invoked (no functionality change) This changes are part of a long-term plan to have full symbolic expression trees. This will be useful for lazily evaluating complicated expressions. llvm-svn: 67731
2009-03-26 03:35:11 +00:00
new (R) SymbolicRegion(sym, getUnknownRegion());
- constify some uses of MemRegion* (MemRegion should be immutable). - Added new region "SymbolicRegion", which maps symbol values to the region domain. - Enhanced BasicStore::getFieldLValue() to return a FieldRegion (using SymbolicRegion) - Added some utility methods to GRState for fetch svals from the store. - Fixed regression in CheckNSError (we weren't getting the value bound to the parameter) llvm-svn: 57717
2008-10-17 20:28:54 +00:00
Regions.InsertNode(R, InsertPos);
}
return R;
}
This is a big patch, but the functionality change is small and the rest of the patch consists of deltas due to API changes. This patch overhauls the "memory region" abstraction that was prototyped (but never really used) as part of the Store.h. This patch adds MemRegion.h and MemRegion.cpp, which defines the class MemRegion and its subclasses. This classes serve to define an abstract representation of memory, with regions being layered on other regions to to capture the relationships between fields and variables, variables and the address space they are allocated in, and so on. The main motivation of this patch is that key parts of the analyzer assumed that all value bindings were to VarDecls. In the future this won't be the case, and this patch removes lval::DeclVal and replaces it with lval::MemRegionVal. Now all pieces of the analyzer must reason about abstract memory blocks instead of just variables. There should be no functionality change from this patch, but it opens the door for significant improvements to the analyzer such as field-sensitivity and object-sensitivity, both which were on hold until the memory abstraction got generalized. The memory region abstraction also allows type-information to literally be affixed to a memory region. This will allow the some now redundant logic to be removed from the retain/release checker. llvm-svn: 57042
2008-10-04 05:50:14 +00:00
FieldRegion* MemRegionManager::getFieldRegion(const FieldDecl* d,
- constify some uses of MemRegion* (MemRegion should be immutable). - Added new region "SymbolicRegion", which maps symbol values to the region domain. - Enhanced BasicStore::getFieldLValue() to return a FieldRegion (using SymbolicRegion) - Added some utility methods to GRState for fetch svals from the store. - Fixed regression in CheckNSError (we weren't getting the value bound to the parameter) llvm-svn: 57717
2008-10-17 20:28:54 +00:00
const MemRegion* superRegion) {
This is a big patch, but the functionality change is small and the rest of the patch consists of deltas due to API changes. This patch overhauls the "memory region" abstraction that was prototyped (but never really used) as part of the Store.h. This patch adds MemRegion.h and MemRegion.cpp, which defines the class MemRegion and its subclasses. This classes serve to define an abstract representation of memory, with regions being layered on other regions to to capture the relationships between fields and variables, variables and the address space they are allocated in, and so on. The main motivation of this patch is that key parts of the analyzer assumed that all value bindings were to VarDecls. In the future this won't be the case, and this patch removes lval::DeclVal and replaces it with lval::MemRegionVal. Now all pieces of the analyzer must reason about abstract memory blocks instead of just variables. There should be no functionality change from this patch, but it opens the door for significant improvements to the analyzer such as field-sensitivity and object-sensitivity, both which were on hold until the memory abstraction got generalized. The memory region abstraction also allows type-information to literally be affixed to a memory region. This will allow the some now redundant logic to be removed from the retain/release checker. llvm-svn: 57042
2008-10-04 05:50:14 +00:00
llvm::FoldingSetNodeID ID;
DeclRegion::ProfileRegion(ID, d, superRegion, MemRegion::FieldRegionKind);
void* InsertPos;
MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos);
FieldRegion* R = cast_or_null<FieldRegion>(data);
if (!R) {
R = (FieldRegion*) A.Allocate<FieldRegion>();
new (R) FieldRegion(d, superRegion);
Regions.InsertNode(R, InsertPos);
}
return R;
}
- constify some uses of MemRegion* (MemRegion should be immutable). - Added new region "SymbolicRegion", which maps symbol values to the region domain. - Enhanced BasicStore::getFieldLValue() to return a FieldRegion (using SymbolicRegion) - Added some utility methods to GRState for fetch svals from the store. - Fixed regression in CheckNSError (we weren't getting the value bound to the parameter) llvm-svn: 57717
2008-10-17 20:28:54 +00:00
ObjCIvarRegion*
MemRegionManager::getObjCIvarRegion(const ObjCIvarDecl* d,
const MemRegion* superRegion) {
This is a big patch, but the functionality change is small and the rest of the patch consists of deltas due to API changes. This patch overhauls the "memory region" abstraction that was prototyped (but never really used) as part of the Store.h. This patch adds MemRegion.h and MemRegion.cpp, which defines the class MemRegion and its subclasses. This classes serve to define an abstract representation of memory, with regions being layered on other regions to to capture the relationships between fields and variables, variables and the address space they are allocated in, and so on. The main motivation of this patch is that key parts of the analyzer assumed that all value bindings were to VarDecls. In the future this won't be the case, and this patch removes lval::DeclVal and replaces it with lval::MemRegionVal. Now all pieces of the analyzer must reason about abstract memory blocks instead of just variables. There should be no functionality change from this patch, but it opens the door for significant improvements to the analyzer such as field-sensitivity and object-sensitivity, both which were on hold until the memory abstraction got generalized. The memory region abstraction also allows type-information to literally be affixed to a memory region. This will allow the some now redundant logic to be removed from the retain/release checker. llvm-svn: 57042
2008-10-04 05:50:14 +00:00
llvm::FoldingSetNodeID ID;
DeclRegion::ProfileRegion(ID, d, superRegion, MemRegion::ObjCIvarRegionKind);
void* InsertPos;
MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos);
ObjCIvarRegion* R = cast_or_null<ObjCIvarRegion>(data);
if (!R) {
Fix typos. llvm-svn: 57146
2008-10-06 03:03:33 +00:00
R = (ObjCIvarRegion*) A.Allocate<ObjCIvarRegion>();
new (R) ObjCIvarRegion(d, superRegion);
This is a big patch, but the functionality change is small and the rest of the patch consists of deltas due to API changes. This patch overhauls the "memory region" abstraction that was prototyped (but never really used) as part of the Store.h. This patch adds MemRegion.h and MemRegion.cpp, which defines the class MemRegion and its subclasses. This classes serve to define an abstract representation of memory, with regions being layered on other regions to to capture the relationships between fields and variables, variables and the address space they are allocated in, and so on. The main motivation of this patch is that key parts of the analyzer assumed that all value bindings were to VarDecls. In the future this won't be the case, and this patch removes lval::DeclVal and replaces it with lval::MemRegionVal. Now all pieces of the analyzer must reason about abstract memory blocks instead of just variables. There should be no functionality change from this patch, but it opens the door for significant improvements to the analyzer such as field-sensitivity and object-sensitivity, both which were on hold until the memory abstraction got generalized. The memory region abstraction also allows type-information to literally be affixed to a memory region. This will allow the some now redundant logic to be removed from the retain/release checker. llvm-svn: 57042
2008-10-04 05:50:14 +00:00
Regions.InsertNode(R, InsertPos);
}
return R;
}
Added region ObjCObjectRegion that represents an instance of an Objective-C object. llvm-svn: 58106
2008-10-24 20:30:08 +00:00
ObjCObjectRegion*
MemRegionManager::getObjCObjectRegion(const ObjCInterfaceDecl* d,
const MemRegion* superRegion) {
llvm::FoldingSetNodeID ID;
DeclRegion::ProfileRegion(ID, d, superRegion,
MemRegion::ObjCObjectRegionKind);
void* InsertPos;
MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos);
ObjCObjectRegion* R = cast_or_null<ObjCObjectRegion>(data);
if (!R) {
R = (ObjCObjectRegion*) A.Allocate<ObjCObjectRegion>();
new (R) ObjCObjectRegion(d, superRegion);
Regions.InsertNode(R, InsertPos);
}
return R;
}
Rename AnonTypedRegion to TypedViewRegion. llvm-svn: 65764
2009-03-01 05:44:08 +00:00
TypedViewRegion*
MemRegionManager::getTypedViewRegion(QualType t, const MemRegion* superRegion) {
Enhances SCA to process untyped region to typed region conversion. - RegionView and RegionViewMap is introduced to assist back-mapping from super region to subregions. - GDM is used to carry RegionView information. - AnonTypedRegion is added to represent a typed region introduced by pointer casting. Later AnonTypedRegion can be used in other similar cases, e.g., malloc()'ed region. - The specific conversion is delegated to store manager. llvm-svn: 59382
2008-11-16 04:07:26 +00:00
llvm::FoldingSetNodeID ID;
Rename AnonTypedRegion to TypedViewRegion. llvm-svn: 65764
2009-03-01 05:44:08 +00:00
TypedViewRegion::ProfileRegion(ID, t, superRegion);
Enhances SCA to process untyped region to typed region conversion. - RegionView and RegionViewMap is introduced to assist back-mapping from super region to subregions. - GDM is used to carry RegionView information. - AnonTypedRegion is added to represent a typed region introduced by pointer casting. Later AnonTypedRegion can be used in other similar cases, e.g., malloc()'ed region. - The specific conversion is delegated to store manager. llvm-svn: 59382
2008-11-16 04:07:26 +00:00
void* InsertPos;
MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos);
Rename AnonTypedRegion to TypedViewRegion. llvm-svn: 65764
2009-03-01 05:44:08 +00:00
TypedViewRegion* R = cast_or_null<TypedViewRegion>(data);
Enhances SCA to process untyped region to typed region conversion. - RegionView and RegionViewMap is introduced to assist back-mapping from super region to subregions. - GDM is used to carry RegionView information. - AnonTypedRegion is added to represent a typed region introduced by pointer casting. Later AnonTypedRegion can be used in other similar cases, e.g., malloc()'ed region. - The specific conversion is delegated to store manager. llvm-svn: 59382
2008-11-16 04:07:26 +00:00
if (!R) {
Rename AnonTypedRegion to TypedViewRegion. llvm-svn: 65764
2009-03-01 05:44:08 +00:00
R = (TypedViewRegion*) A.Allocate<TypedViewRegion>();
new (R) TypedViewRegion(t, superRegion);
Enhances SCA to process untyped region to typed region conversion. - RegionView and RegionViewMap is introduced to assist back-mapping from super region to subregions. - GDM is used to carry RegionView information. - AnonTypedRegion is added to represent a typed region introduced by pointer casting. Later AnonTypedRegion can be used in other similar cases, e.g., malloc()'ed region. - The specific conversion is delegated to store manager. llvm-svn: 59382
2008-11-16 04:07:26 +00:00
Regions.InsertNode(R, InsertPos);
}
return R;
}
Added region ObjCObjectRegion that represents an instance of an Objective-C object. llvm-svn: 58106
2008-10-24 20:30:08 +00:00
Added AllocaRegion, which represents regions created by calls to alloca(). llvm-svn: 58551
2008-11-02 00:34:33 +00:00
AllocaRegion* MemRegionManager::getAllocaRegion(const Expr* E, unsigned cnt) {
llvm::FoldingSetNodeID ID;
AllocaRegion::ProfileRegion(ID, E, cnt);
void* InsertPos;
MemRegion* data = Regions.FindNodeOrInsertPos(ID, InsertPos);
AllocaRegion* R = cast_or_null<AllocaRegion>(data);
if (!R) {
R = (AllocaRegion*) A.Allocate<AllocaRegion>();
new (R) AllocaRegion(E, cnt, getStackRegion());
Regions.InsertNode(R, InsertPos);
}
return R;
}
This is a big patch, but the functionality change is small and the rest of the patch consists of deltas due to API changes. This patch overhauls the "memory region" abstraction that was prototyped (but never really used) as part of the Store.h. This patch adds MemRegion.h and MemRegion.cpp, which defines the class MemRegion and its subclasses. This classes serve to define an abstract representation of memory, with regions being layered on other regions to to capture the relationships between fields and variables, variables and the address space they are allocated in, and so on. The main motivation of this patch is that key parts of the analyzer assumed that all value bindings were to VarDecls. In the future this won't be the case, and this patch removes lval::DeclVal and replaces it with lval::MemRegionVal. Now all pieces of the analyzer must reason about abstract memory blocks instead of just variables. There should be no functionality change from this patch, but it opens the door for significant improvements to the analyzer such as field-sensitivity and object-sensitivity, both which were on hold until the memory abstraction got generalized. The memory region abstraction also allows type-information to literally be affixed to a memory region. This will allow the some now redundant logic to be removed from the retain/release checker. llvm-svn: 57042
2008-10-04 05:50:14 +00:00
bool MemRegionManager::hasStackStorage(const MemRegion* R) {
- constify some uses of MemRegion* (MemRegion should be immutable). - Added new region "SymbolicRegion", which maps symbol values to the region domain. - Enhanced BasicStore::getFieldLValue() to return a FieldRegion (using SymbolicRegion) - Added some utility methods to GRState for fetch svals from the store. - Fixed regression in CheckNSError (we weren't getting the value bound to the parameter) llvm-svn: 57717
2008-10-17 20:28:54 +00:00
// Only subregions can have stack storage.
Added AllocaRegion, which represents regions created by calls to alloca(). llvm-svn: 58551
2008-11-02 00:34:33 +00:00
const SubRegion* SR = dyn_cast<SubRegion>(R);
- constify some uses of MemRegion* (MemRegion should be immutable). - Added new region "SymbolicRegion", which maps symbol values to the region domain. - Enhanced BasicStore::getFieldLValue() to return a FieldRegion (using SymbolicRegion) - Added some utility methods to GRState for fetch svals from the store. - Fixed regression in CheckNSError (we weren't getting the value bound to the parameter) llvm-svn: 57717
2008-10-17 20:28:54 +00:00
if (!SR)
return false;
Added AllocaRegion, which represents regions created by calls to alloca(). llvm-svn: 58551
2008-11-02 00:34:33 +00:00
This is a big patch, but the functionality change is small and the rest of the patch consists of deltas due to API changes. This patch overhauls the "memory region" abstraction that was prototyped (but never really used) as part of the Store.h. This patch adds MemRegion.h and MemRegion.cpp, which defines the class MemRegion and its subclasses. This classes serve to define an abstract representation of memory, with regions being layered on other regions to to capture the relationships between fields and variables, variables and the address space they are allocated in, and so on. The main motivation of this patch is that key parts of the analyzer assumed that all value bindings were to VarDecls. In the future this won't be the case, and this patch removes lval::DeclVal and replaces it with lval::MemRegionVal. Now all pieces of the analyzer must reason about abstract memory blocks instead of just variables. There should be no functionality change from this patch, but it opens the door for significant improvements to the analyzer such as field-sensitivity and object-sensitivity, both which were on hold until the memory abstraction got generalized. The memory region abstraction also allows type-information to literally be affixed to a memory region. This will allow the some now redundant logic to be removed from the retain/release checker. llvm-svn: 57042
2008-10-04 05:50:14 +00:00
MemSpaceRegion* S = getStackRegion();
- constify some uses of MemRegion* (MemRegion should be immutable). - Added new region "SymbolicRegion", which maps symbol values to the region domain. - Enhanced BasicStore::getFieldLValue() to return a FieldRegion (using SymbolicRegion) - Added some utility methods to GRState for fetch svals from the store. - Fixed regression in CheckNSError (we weren't getting the value bound to the parameter) llvm-svn: 57717
2008-10-17 20:28:54 +00:00
while (SR) {
R = SR->getSuperRegion();
if (R == S)
return true;
SR = dyn_cast<SubRegion>(R);
This is a big patch, but the functionality change is small and the rest of the patch consists of deltas due to API changes. This patch overhauls the "memory region" abstraction that was prototyped (but never really used) as part of the Store.h. This patch adds MemRegion.h and MemRegion.cpp, which defines the class MemRegion and its subclasses. This classes serve to define an abstract representation of memory, with regions being layered on other regions to to capture the relationships between fields and variables, variables and the address space they are allocated in, and so on. The main motivation of this patch is that key parts of the analyzer assumed that all value bindings were to VarDecls. In the future this won't be the case, and this patch removes lval::DeclVal and replaces it with lval::MemRegionVal. Now all pieces of the analyzer must reason about abstract memory blocks instead of just variables. There should be no functionality change from this patch, but it opens the door for significant improvements to the analyzer such as field-sensitivity and object-sensitivity, both which were on hold until the memory abstraction got generalized. The memory region abstraction also allows type-information to literally be affixed to a memory region. This will allow the some now redundant logic to be removed from the retain/release checker. llvm-svn: 57042
2008-10-04 05:50:14 +00:00
}
Implement analyzer support for OSCompareAndSwap. This required pushing "tagged" ProgramPoints all the way through to GRCoreEngine. NSString.m now fails with RegionStoreManager because of the void** cast. Disabling use of region store for that test for now. llvm-svn: 68845
2009-04-11 00:11:10 +00:00
This is a big patch, but the functionality change is small and the rest of the patch consists of deltas due to API changes. This patch overhauls the "memory region" abstraction that was prototyped (but never really used) as part of the Store.h. This patch adds MemRegion.h and MemRegion.cpp, which defines the class MemRegion and its subclasses. This classes serve to define an abstract representation of memory, with regions being layered on other regions to to capture the relationships between fields and variables, variables and the address space they are allocated in, and so on. The main motivation of this patch is that key parts of the analyzer assumed that all value bindings were to VarDecls. In the future this won't be the case, and this patch removes lval::DeclVal and replaces it with lval::MemRegionVal. Now all pieces of the analyzer must reason about abstract memory blocks instead of just variables. There should be no functionality change from this patch, but it opens the door for significant improvements to the analyzer such as field-sensitivity and object-sensitivity, both which were on hold until the memory abstraction got generalized. The memory region abstraction also allows type-information to literally be affixed to a memory region. This will allow the some now redundant logic to be removed from the retain/release checker. llvm-svn: 57042
2008-10-04 05:50:14 +00:00
return false;
}
Implement analyzer support for OSCompareAndSwap. This required pushing "tagged" ProgramPoints all the way through to GRCoreEngine. NSString.m now fails with RegionStoreManager because of the void** cast. Disabling use of region store for that test for now. llvm-svn: 68845
2009-04-11 00:11:10 +00:00
//===----------------------------------------------------------------------===//
// View handling.
//===----------------------------------------------------------------------===//
const MemRegion *TypedViewRegion::removeViews() const {
const SubRegion *SR = this;
const MemRegion *R = SR;
while (SR && isa<TypedViewRegion>(SR)) {
R = SR->getSuperRegion();
SR = dyn_cast<SubRegion>(R);
}
return R;
}
Reference in New Issue Copy Permalink