From 8df44b26329a33658a529997db4e7aaaab9d14db Mon Sep 17 00:00:00 2001 From: Ted Kremenek Date: Fri, 12 Aug 2011 20:02:48 +0000 Subject: [PATCH] [analyzer] Introduce new MemRegion, "TypedValueRegion", so that we can separate TypedRegions that implement getValueType() from those that don't. Patch by Olaf Krzikalla! llvm-svn: 137498 --- .../Core/PathSensitive/BasicValueFactory.h | 10 +-- .../Core/PathSensitive/MemRegion.h | 69 +++++++++++-------- .../Core/PathSensitive/SValBuilder.h | 7 +- .../StaticAnalyzer/Core/PathSensitive/Store.h | 4 +- .../Core/PathSensitive/SymbolManager.h | 22 +++--- .../Checkers/BasicObjCFoundationChecks.cpp | 2 +- .../Checkers/CStringChecker.cpp | 11 ++- .../Checkers/CallAndMessageChecker.cpp | 2 +- .../Checkers/OSAtomicChecker.cpp | 8 +-- .../StaticAnalyzer/Core/BasicValueFactory.cpp | 4 +- .../Core/BugReporterVisitors.cpp | 4 +- clang/lib/StaticAnalyzer/Core/ExprEngine.cpp | 7 +- clang/lib/StaticAnalyzer/Core/GRState.cpp | 2 +- clang/lib/StaticAnalyzer/Core/RegionStore.cpp | 51 +++++++------- clang/lib/StaticAnalyzer/Core/SValBuilder.cpp | 4 +- clang/lib/StaticAnalyzer/Core/Store.cpp | 6 +- .../lib/StaticAnalyzer/Core/SymbolManager.cpp | 4 +- 17 files changed, 117 insertions(+), 100 deletions(-) diff --git a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/BasicValueFactory.h b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/BasicValueFactory.h index 69495be400a3..002d9605e352 100644 --- a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/BasicValueFactory.h +++ b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/BasicValueFactory.h @@ -49,17 +49,17 @@ public: class LazyCompoundValData : public llvm::FoldingSetNode { StoreRef store; - const TypedRegion *region; + const TypedValueRegion *region; public: - LazyCompoundValData(const StoreRef &st, const TypedRegion *r) + LazyCompoundValData(const StoreRef &st, const TypedValueRegion *r) : store(st), region(r) {} const void *getStore() const { return store.getStore(); } - const TypedRegion *getRegion() const { return region; } + const TypedValueRegion *getRegion() const { return region; } static void Profile(llvm::FoldingSetNodeID& ID, const StoreRef &store, - const TypedRegion *region); + const TypedValueRegion *region); void Profile(llvm::FoldingSetNodeID& ID) { Profile(ID, store, region); } }; @@ -176,7 +176,7 @@ public: llvm::ImmutableList Vals); const LazyCompoundValData *getLazyCompoundValData(const StoreRef &store, - const TypedRegion *region); + const TypedValueRegion *region); llvm::ImmutableList getEmptySValList() { return SValListFactory.getEmptyList(); diff --git a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/MemRegion.h b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/MemRegion.h index c2a2a9a914af..3c1fdb6be0fe 100644 --- a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/MemRegion.h +++ b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/MemRegion.h @@ -82,12 +82,13 @@ public: // Untyped regions. SymbolicRegionKind, AllocaRegionKind, + BlockDataRegionKind, // Typed regions. BEG_TYPED_REGIONS, FunctionTextRegionKind = BEG_TYPED_REGIONS, BlockTextRegionKind, - BlockDataRegionKind, - CompoundLiteralRegionKind, + BEG_TYPED_VALUE_REGIONS, + CompoundLiteralRegionKind = BEG_TYPED_VALUE_REGIONS, CXXThisRegionKind, StringRegionKind, ElementRegionKind, @@ -99,7 +100,8 @@ public: END_DECL_REGIONS = ObjCIvarRegionKind, CXXTempObjectRegionKind, CXXBaseObjectRegionKind, - END_TYPED_REGIONS = CXXBaseObjectRegionKind + END_TYPED_REGIONS = CXXBaseObjectRegionKind, + END_TYPED_VALUE_REGIONS = CXXBaseObjectRegionKind }; private: @@ -352,6 +354,26 @@ class TypedRegion : public SubRegion { protected: TypedRegion(const MemRegion* sReg, Kind k) : SubRegion(sReg, k) {} +public: + virtual QualType getLocationType() const = 0; + + QualType getDesugaredLocationType(ASTContext &Context) const { + return getLocationType().getDesugaredType(Context); + } + + bool isBoundable() const { return true; } + + static bool classof(const MemRegion* R) { + unsigned k = R->getKind(); + return k >= BEG_TYPED_REGIONS && k <= END_TYPED_REGIONS; + } +}; + +/// TypedValueRegion - An abstract class representing regions having a typed value. +class TypedValueRegion : public TypedRegion { +protected: + TypedValueRegion(const MemRegion* sReg, Kind k) : TypedRegion(sReg, k) {} + public: virtual QualType getValueType() const = 0; @@ -369,15 +391,9 @@ public: return T.getTypePtrOrNull() ? T.getDesugaredType(Context) : T; } - QualType getDesugaredLocationType(ASTContext &Context) const { - return getLocationType().getDesugaredType(Context); - } - - bool isBoundable() const { return true; } - static bool classof(const MemRegion* R) { unsigned k = R->getKind(); - return k >= BEG_TYPED_REGIONS && k <= END_TYPED_REGIONS; + return k >= BEG_TYPED_VALUE_REGIONS && k <= END_TYPED_VALUE_REGIONS; } }; @@ -386,11 +402,6 @@ class CodeTextRegion : public TypedRegion { protected: CodeTextRegion(const MemRegion *sreg, Kind k) : TypedRegion(sreg, k) {} public: - QualType getValueType() const { - assert(0 && "Do not get the object type of a CodeTextRegion."); - return QualType(); - } - bool isBoundable() const { return false; } static bool classof(const MemRegion* R) { @@ -566,13 +577,13 @@ public: }; /// StringRegion - Region associated with a StringLiteral. -class StringRegion : public TypedRegion { +class StringRegion : public TypedValueRegion { friend class MemRegionManager; const StringLiteral* Str; protected: StringRegion(const StringLiteral* str, const MemRegion* sreg) - : TypedRegion(sreg, StringRegionKind), Str(str) {} + : TypedValueRegion(sreg, StringRegionKind), Str(str) {} static void ProfileRegion(llvm::FoldingSetNodeID& ID, const StringLiteral* Str, @@ -604,13 +615,13 @@ public: /// CompoundLiteralRegion - A memory region representing a compound literal. /// Compound literals are essentially temporaries that are stack allocated /// or in the global constant pool. -class CompoundLiteralRegion : public TypedRegion { +class CompoundLiteralRegion : public TypedValueRegion { private: friend class MemRegionManager; const CompoundLiteralExpr* CL; CompoundLiteralRegion(const CompoundLiteralExpr* cl, const MemRegion* sReg) - : TypedRegion(sReg, CompoundLiteralRegionKind), CL(cl) {} + : TypedValueRegion(sReg, CompoundLiteralRegionKind), CL(cl) {} static void ProfileRegion(llvm::FoldingSetNodeID& ID, const CompoundLiteralExpr* CL, @@ -633,12 +644,12 @@ public: } }; -class DeclRegion : public TypedRegion { +class DeclRegion : public TypedValueRegion { protected: const Decl* D; DeclRegion(const Decl* d, const MemRegion* sReg, Kind k) - : TypedRegion(sReg, k), D(d) {} + : TypedValueRegion(sReg, k), D(d) {} static void ProfileRegion(llvm::FoldingSetNodeID& ID, const Decl* D, const MemRegion* superRegion, Kind k); @@ -689,11 +700,11 @@ public: /// CXXThisRegion - Represents the region for the implicit 'this' parameter /// in a call to a C++ method. This region doesn't represent the object /// referred to by 'this', but rather 'this' itself. -class CXXThisRegion : public TypedRegion { +class CXXThisRegion : public TypedValueRegion { friend class MemRegionManager; CXXThisRegion(const PointerType *thisPointerTy, const MemRegion *sReg) - : TypedRegion(sReg, CXXThisRegionKind), ThisPointerTy(thisPointerTy) {} + : TypedValueRegion(sReg, CXXThisRegionKind), ThisPointerTy(thisPointerTy) {} static void ProfileRegion(llvm::FoldingSetNodeID &ID, const PointerType *PT, @@ -792,14 +803,14 @@ public: void dump() const; }; -class ElementRegion : public TypedRegion { +class ElementRegion : public TypedValueRegion { friend class MemRegionManager; QualType ElementType; NonLoc Index; ElementRegion(QualType elementType, NonLoc Idx, const MemRegion* sReg) - : TypedRegion(sReg, ElementRegionKind), + : TypedValueRegion(sReg, ElementRegionKind), ElementType(elementType), Index(Idx) { assert((!isa(&Idx) || cast(&Idx)->getValue().isSigned()) && @@ -833,13 +844,13 @@ public: }; // C++ temporary object associated with an expression. -class CXXTempObjectRegion : public TypedRegion { +class CXXTempObjectRegion : public TypedValueRegion { friend class MemRegionManager; Expr const *Ex; CXXTempObjectRegion(Expr const *E, MemRegion const *sReg) - : TypedRegion(sReg, CXXTempObjectRegionKind), Ex(E) {} + : TypedValueRegion(sReg, CXXTempObjectRegionKind), Ex(E) {} static void ProfileRegion(llvm::FoldingSetNodeID &ID, Expr const *E, const MemRegion *sReg); @@ -860,13 +871,13 @@ public: // CXXBaseObjectRegion represents a base object within a C++ object. It is // identified by the base class declaration and the region of its parent object. -class CXXBaseObjectRegion : public TypedRegion { +class CXXBaseObjectRegion : public TypedValueRegion { friend class MemRegionManager; const CXXRecordDecl *decl; CXXBaseObjectRegion(const CXXRecordDecl *d, const MemRegion *sReg) - : TypedRegion(sReg, CXXBaseObjectRegionKind), decl(d) {} + : TypedValueRegion(sReg, CXXBaseObjectRegionKind), decl(d) {} static void ProfileRegion(llvm::FoldingSetNodeID &ID, const CXXRecordDecl *decl, const MemRegion *sReg); diff --git a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h index 65eabea24077..20b86a816131 100644 --- a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h +++ b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h @@ -130,7 +130,7 @@ public: DefinedOrUnknownSVal makeZeroVal(QualType type); /// getRegionValueSymbolVal - make a unique symbol for value of region. - DefinedOrUnknownSVal getRegionValueSymbolVal(const TypedRegion *region); + DefinedOrUnknownSVal getRegionValueSymbolVal(const TypedValueRegion *region); DefinedOrUnknownSVal getConjuredSymbolVal(const void *symbolTag, const Expr *expr, unsigned count); @@ -139,7 +139,7 @@ public: unsigned count); DefinedOrUnknownSVal getDerivedRegionValueSymbolVal( - SymbolRef parentSymbol, const TypedRegion *region); + SymbolRef parentSymbol, const TypedValueRegion *region); DefinedSVal getMetadataSymbolVal( const void *symbolTag, const MemRegion *region, @@ -154,7 +154,8 @@ public: return nonloc::CompoundVal(BasicVals.getCompoundValData(type, vals)); } - NonLoc makeLazyCompoundVal(const StoreRef &store, const TypedRegion *region) { + NonLoc makeLazyCompoundVal(const StoreRef &store, + const TypedValueRegion *region) { return nonloc::LazyCompoundVal( BasicVals.getLazyCompoundValData(store, region)); } diff --git a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/Store.h b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/Store.h index 66022faf9152..dc1049856b16 100644 --- a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/Store.h +++ b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/Store.h @@ -219,8 +219,8 @@ protected: /// CastRetrievedVal - Used by subclasses of StoreManager to implement /// implicit casts that arise from loads from regions that are reinterpreted /// as another region. - SVal CastRetrievedVal(SVal val, const TypedRegion *region, QualType castTy, - bool performTestOnly = true); + SVal CastRetrievedVal(SVal val, const TypedValueRegion *region, + QualType castTy, bool performTestOnly = true); private: SVal getLValueFieldOrIvar(const Decl* decl, SVal base); diff --git a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/SymbolManager.h b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/SymbolManager.h index 94b99fbae4eb..1ed16ac31117 100644 --- a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/SymbolManager.h +++ b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/SymbolManager.h @@ -37,7 +37,7 @@ namespace ento { class BasicValueFactory; class MemRegion; class SubRegion; - class TypedRegion; + class TypedValueRegion; class VarRegion; class SymExpr : public llvm::FoldingSetNode { @@ -95,15 +95,15 @@ typedef llvm::SmallVector SymbolRefSmallVectorTy; /// A symbol representing the value of a MemRegion. class SymbolRegionValue : public SymbolData { - const TypedRegion *R; + const TypedValueRegion *R; public: - SymbolRegionValue(SymbolID sym, const TypedRegion *r) + SymbolRegionValue(SymbolID sym, const TypedValueRegion *r) : SymbolData(RegionValueKind, sym), R(r) {} - const TypedRegion* getRegion() const { return R; } + const TypedValueRegion* getRegion() const { return R; } - static void Profile(llvm::FoldingSetNodeID& profile, const TypedRegion* R) { + static void Profile(llvm::FoldingSetNodeID& profile, const TypedValueRegion* R) { profile.AddInteger((unsigned) RegionValueKind); profile.AddPointer(R); } @@ -166,21 +166,21 @@ public: /// symbolic value. class SymbolDerived : public SymbolData { SymbolRef parentSymbol; - const TypedRegion *R; + const TypedValueRegion *R; public: - SymbolDerived(SymbolID sym, SymbolRef parent, const TypedRegion *r) + SymbolDerived(SymbolID sym, SymbolRef parent, const TypedValueRegion *r) : SymbolData(DerivedKind, sym), parentSymbol(parent), R(r) {} SymbolRef getParentSymbol() const { return parentSymbol; } - const TypedRegion *getRegion() const { return R; } + const TypedValueRegion *getRegion() const { return R; } QualType getType(ASTContext&) const; void dumpToStream(raw_ostream &os) const; static void Profile(llvm::FoldingSetNodeID& profile, SymbolRef parent, - const TypedRegion *r) { + const TypedValueRegion *r) { profile.AddInteger((unsigned) DerivedKind); profile.AddPointer(r); profile.AddPointer(parent); @@ -380,7 +380,7 @@ public: static bool canSymbolicate(QualType T); /// \brief Make a unique symbol for MemRegion R according to its kind. - const SymbolRegionValue* getRegionValueSymbol(const TypedRegion* R); + const SymbolRegionValue* getRegionValueSymbol(const TypedValueRegion* R); const SymbolConjured* getConjuredSymbol(const Stmt* E, QualType T, unsigned VisitCount, @@ -392,7 +392,7 @@ public: } const SymbolDerived *getDerivedSymbol(SymbolRef parentSymbol, - const TypedRegion *R); + const TypedValueRegion *R); const SymbolExtent *getExtentSymbol(const SubRegion *R); diff --git a/clang/lib/StaticAnalyzer/Checkers/BasicObjCFoundationChecks.cpp b/clang/lib/StaticAnalyzer/Checkers/BasicObjCFoundationChecks.cpp index 85d74ac06c36..b2ac9ddc402e 100644 --- a/clang/lib/StaticAnalyzer/Checkers/BasicObjCFoundationChecks.cpp +++ b/clang/lib/StaticAnalyzer/Checkers/BasicObjCFoundationChecks.cpp @@ -290,7 +290,7 @@ void CFNumberCreateChecker::checkPreStmt(const CallExpr *CE, if (!LV) return; - const TypedRegion* R = dyn_cast(LV->stripCasts()); + const TypedValueRegion* R = dyn_cast(LV->stripCasts()); if (!R) return; diff --git a/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp index ca15a74dc98d..71c4ee68ef25 100644 --- a/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp +++ b/clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp @@ -770,8 +770,7 @@ const GRState *CStringChecker::InvalidateBuffer(CheckerContext &C, bool CStringChecker::SummarizeRegion(raw_ostream& os, ASTContext& Ctx, const MemRegion *MR) { const TypedRegion *TR = dyn_cast(MR); - if (!TR) - return false; + const TypedValueRegion *TVR = dyn_cast(MR); switch (TR->getKind()) { case MemRegion::FunctionTextRegionKind: { @@ -790,16 +789,16 @@ bool CStringChecker::SummarizeRegion(raw_ostream& os, ASTContext& Ctx, return true; case MemRegion::CXXThisRegionKind: case MemRegion::CXXTempObjectRegionKind: - os << "a C++ temp object of type " << TR->getValueType().getAsString(); + os << "a C++ temp object of type " << TVR->getValueType().getAsString(); return true; case MemRegion::VarRegionKind: - os << "a variable of type" << TR->getValueType().getAsString(); + os << "a variable of type" << TVR->getValueType().getAsString(); return true; case MemRegion::FieldRegionKind: - os << "a field of type " << TR->getValueType().getAsString(); + os << "a field of type " << TVR->getValueType().getAsString(); return true; case MemRegion::ObjCIvarRegionKind: - os << "an instance variable of type " << TR->getValueType().getAsString(); + os << "an instance variable of type " << TVR->getValueType().getAsString(); return true; default: return false; diff --git a/clang/lib/StaticAnalyzer/Checkers/CallAndMessageChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/CallAndMessageChecker.cpp index 67db2d24c0a1..f1e7aaac808c 100644 --- a/clang/lib/StaticAnalyzer/Checkers/CallAndMessageChecker.cpp +++ b/clang/lib/StaticAnalyzer/Checkers/CallAndMessageChecker.cpp @@ -116,7 +116,7 @@ bool CallAndMessageChecker::PreVisitProcessArg(CheckerContext &C, MemRegionManager &mrMgr, Store s) : C(c), StoreMgr(storeMgr), MrMgr(mrMgr), store(s) {} - bool Find(const TypedRegion *R) { + bool Find(const TypedValueRegion *R) { QualType T = R->getValueType(); if (const RecordType *RT = T->getAsStructureType()) { const RecordDecl *RD = RT->getDecl()->getDefinition(); diff --git a/clang/lib/StaticAnalyzer/Checkers/OSAtomicChecker.cpp b/clang/lib/StaticAnalyzer/Checkers/OSAtomicChecker.cpp index b518ab42ab7f..82801317cb63 100644 --- a/clang/lib/StaticAnalyzer/Checkers/OSAtomicChecker.cpp +++ b/clang/lib/StaticAnalyzer/Checkers/OSAtomicChecker.cpp @@ -106,8 +106,8 @@ bool OSAtomicChecker::evalOSAtomicCompareAndSwap(CheckerContext &C, // LoadTy specifying can be omitted. But we put it here to emphasize the // semantics. QualType LoadTy; - if (const TypedRegion *TR = - dyn_cast_or_null(location.getAsRegion())) { + if (const TypedValueRegion *TR = + dyn_cast_or_null(location.getAsRegion())) { LoadTy = TR->getValueType(); } Engine.evalLoad(Tmp, theValueExpr, C.getPredecessor(), @@ -159,8 +159,8 @@ bool OSAtomicChecker::evalOSAtomicCompareAndSwap(CheckerContext &C, SVal val = stateEqual->getSVal(newValueExpr); // Handle implicit value casts. - if (const TypedRegion *R = - dyn_cast_or_null(location.getAsRegion())) { + if (const TypedValueRegion *R = + dyn_cast_or_null(location.getAsRegion())) { val = svalBuilder.evalCast(val,R->getValueType(), newValueExpr->getType()); } diff --git a/clang/lib/StaticAnalyzer/Core/BasicValueFactory.cpp b/clang/lib/StaticAnalyzer/Core/BasicValueFactory.cpp index 0ed4ff143171..f08c1fdbdb0f 100644 --- a/clang/lib/StaticAnalyzer/Core/BasicValueFactory.cpp +++ b/clang/lib/StaticAnalyzer/Core/BasicValueFactory.cpp @@ -27,7 +27,7 @@ void CompoundValData::Profile(llvm::FoldingSetNodeID& ID, QualType T, void LazyCompoundValData::Profile(llvm::FoldingSetNodeID& ID, const StoreRef &store, - const TypedRegion *region) { + const TypedValueRegion *region) { ID.AddPointer(store.getStore()); ID.AddPointer(region); } @@ -128,7 +128,7 @@ BasicValueFactory::getCompoundValData(QualType T, const LazyCompoundValData* BasicValueFactory::getLazyCompoundValData(const StoreRef &store, - const TypedRegion *region) { + const TypedValueRegion *region) { llvm::FoldingSetNodeID ID; LazyCompoundValData::Profile(ID, store, region); void* InsertPos; diff --git a/clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp b/clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp index 5f068dc9f04b..de4780e54d45 100644 --- a/clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp +++ b/clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp @@ -140,7 +140,7 @@ public: if (isa(V)) { bool b = false; if (R->isBoundable()) { - if (const TypedRegion *TR = dyn_cast(R)) { + if (const TypedValueRegion *TR = dyn_cast(R)) { if (TR->getValueType()->isObjCObjectPointerType()) { os << "initialized to nil"; b = true; @@ -170,7 +170,7 @@ public: if (isa(V)) { bool b = false; if (R->isBoundable()) { - if (const TypedRegion *TR = dyn_cast(R)) { + if (const TypedValueRegion *TR = dyn_cast(R)) { if (TR->getValueType()->isObjCObjectPointerType()) { os << "nil object reference stored to "; b = true; diff --git a/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp b/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp index e2c0fc1b7e7b..9db55577f4c6 100644 --- a/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp +++ b/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp @@ -1522,8 +1522,8 @@ void ExprEngine::evalLoad(ExplodedNodeSet& Dst, const Expr *Ex, // Are we loading from a region? This actually results in two loads; one // to fetch the address of the referenced value and one to fetch the // referenced value. - if (const TypedRegion *TR = - dyn_cast_or_null(location.getAsRegion())) { + if (const TypedValueRegion *TR = + dyn_cast_or_null(location.getAsRegion())) { QualType ValTy = TR->getValueType(); if (const ReferenceType *RT = ValTy->getAs()) { @@ -1894,7 +1894,8 @@ void ExprEngine::VisitObjCForCollectionStmt(const ObjCForCollectionStmt* S, const GRState *noElems = state->BindExpr(S, FalseV); if (loc::MemRegionVal *MV = dyn_cast(&elementV)) - if (const TypedRegion *R = dyn_cast(MV->getRegion())) { + if (const TypedValueRegion *R = + dyn_cast(MV->getRegion())) { // FIXME: The proper thing to do is to really iterate over the // container. We will do this with dispatch logic to the store. // For now, just 'conjure' up a symbolic value. diff --git a/clang/lib/StaticAnalyzer/Core/GRState.cpp b/clang/lib/StaticAnalyzer/Core/GRState.cpp index efe88ba47e6a..525b7c7baaa9 100644 --- a/clang/lib/StaticAnalyzer/Core/GRState.cpp +++ b/clang/lib/StaticAnalyzer/Core/GRState.cpp @@ -200,7 +200,7 @@ SVal GRState::getSValAsScalarOrLoc(const MemRegion *R) const { if (!R->isBoundable()) return UnknownVal(); - if (const TypedRegion *TR = dyn_cast(R)) { + if (const TypedValueRegion *TR = dyn_cast(R)) { QualType T = TR->getValueType(); if (Loc::isLocType(T) || T->isIntegerType()) return getSVal(R); diff --git a/clang/lib/StaticAnalyzer/Core/RegionStore.cpp b/clang/lib/StaticAnalyzer/Core/RegionStore.cpp index 6a039c55f571..d378f10fc095 100644 --- a/clang/lib/StaticAnalyzer/Core/RegionStore.cpp +++ b/clang/lib/StaticAnalyzer/Core/RegionStore.cpp @@ -288,9 +288,9 @@ public: // Part of public interface to class. } /// BindStruct - Bind a compound value to a structure. - StoreRef BindStruct(Store store, const TypedRegion* R, SVal V); + StoreRef BindStruct(Store store, const TypedValueRegion* R, SVal V); - StoreRef BindArray(Store store, const TypedRegion* R, SVal V); + StoreRef BindArray(Store store, const TypedValueRegion* R, SVal V); /// KillStruct - Set the entire struct to unknown. StoreRef KillStruct(Store store, const TypedRegion* R, SVal DefaultVal); @@ -335,9 +335,9 @@ public: // Part of public interface to class. SVal RetrieveVar(Store store, const VarRegion *R); - SVal RetrieveLazySymbol(const TypedRegion *R); + SVal RetrieveLazySymbol(const TypedValueRegion *R); - SVal RetrieveFieldOrElementCommon(Store store, const TypedRegion *R, + SVal RetrieveFieldOrElementCommon(Store store, const TypedValueRegion *R, QualType Ty, const MemRegion *superR); SVal RetrieveLazyBinding(const MemRegion *lazyBindingRegion, @@ -348,15 +348,16 @@ public: // Part of public interface to class. /// struct s x, y; /// x = y; /// y's value is retrieved by this method. - SVal RetrieveStruct(Store store, const TypedRegion* R); + SVal RetrieveStruct(Store store, const TypedValueRegion* R); - SVal RetrieveArray(Store store, const TypedRegion* R); + SVal RetrieveArray(Store store, const TypedValueRegion* R); /// Used to lazily generate derived symbols for bindings that are defined /// implicitly by default bindings in a super region. Optional RetrieveDerivedDefaultValue(RegionBindings B, const MemRegion *superR, - const TypedRegion *R, QualType Ty); + const TypedValueRegion *R, + QualType Ty); /// Get the state and region whose binding this region R corresponds to. std::pair @@ -683,7 +684,7 @@ void invalidateRegionsWorker::VisitBaseRegion(const MemRegion *baseR) { if (!baseR->isBoundable()) return; - const TypedRegion *TR = cast(baseR); + const TypedValueRegion *TR = cast(baseR); QualType T = TR->getValueType(); // Invalidate the binding. @@ -805,7 +806,7 @@ SVal RegionStoreManager::ArrayToPointer(Loc Array) { return UnknownVal(); const MemRegion* R = cast(&Array)->getRegion(); - const TypedRegion* ArrayR = dyn_cast(R); + const TypedValueRegion* ArrayR = dyn_cast(R); if (!ArrayR) return UnknownVal(); @@ -854,7 +855,7 @@ Optional RegionStoreManager::getDirectBinding(RegionBindings B, Optional RegionStoreManager::getDefaultBinding(RegionBindings B, const MemRegion *R) { if (R->isBoundable()) - if (const TypedRegion *TR = dyn_cast(R)) + if (const TypedValueRegion *TR = dyn_cast(R)) if (TR->getValueType()->isUnionType()) return UnknownVal(); @@ -898,7 +899,7 @@ SVal RegionStoreManager::Retrieve(Store store, Loc L, QualType T) { // FIXME: Perhaps this method should just take a 'const MemRegion*' argument // instead of 'Loc', and have the other Loc cases handled at a higher level. - const TypedRegion *R = cast(MR); + const TypedValueRegion *R = cast(MR); QualType RTy = R->getValueType(); // FIXME: We should eventually handle funny addressing. e.g.: @@ -1074,7 +1075,8 @@ SVal RegionStoreManager::RetrieveElement(Store store, if (!O.getRegion()) return UnknownVal(); - if (const TypedRegion *baseR = dyn_cast_or_null(O.getRegion())) { + if (const TypedValueRegion *baseR = + dyn_cast_or_null(O.getRegion())) { QualType baseT = baseR->getValueType(); if (baseT->isScalarType()) { QualType elemT = R->getElementType(); @@ -1112,7 +1114,7 @@ SVal RegionStoreManager::RetrieveField(Store store, Optional RegionStoreManager::RetrieveDerivedDefaultValue(RegionBindings B, const MemRegion *superR, - const TypedRegion *R, + const TypedValueRegion *R, QualType Ty) { if (const Optional &D = getDefaultBinding(B, superR)) { @@ -1146,7 +1148,7 @@ SVal RegionStoreManager::RetrieveLazyBinding(const MemRegion *lazyBindingRegion, } SVal RegionStoreManager::RetrieveFieldOrElementCommon(Store store, - const TypedRegion *R, + const TypedValueRegion *R, QualType Ty, const MemRegion *superR) { @@ -1181,7 +1183,8 @@ SVal RegionStoreManager::RetrieveFieldOrElementCommon(Store store, if (const ElementRegion *ER = dyn_cast(R)) { // Currently we don't reason specially about Clang-style vectors. Check // if superR is a vector and if so return Unknown. - if (const TypedRegion *typedSuperR = dyn_cast(superR)) { + if (const TypedValueRegion *typedSuperR = + dyn_cast(superR)) { if (typedSuperR->getValueType()->isVectorType()) return UnknownVal(); } @@ -1270,18 +1273,20 @@ SVal RegionStoreManager::RetrieveVar(Store store, const VarRegion *R) { return UndefinedVal(); } -SVal RegionStoreManager::RetrieveLazySymbol(const TypedRegion *R) { +SVal RegionStoreManager::RetrieveLazySymbol(const TypedValueRegion *R) { // All other values are symbolic. return svalBuilder.getRegionValueSymbolVal(R); } -SVal RegionStoreManager::RetrieveStruct(Store store, const TypedRegion* R) { +SVal RegionStoreManager::RetrieveStruct(Store store, + const TypedValueRegion* R) { QualType T = R->getValueType(); assert(T->isStructureOrClassType()); return svalBuilder.makeLazyCompoundVal(StoreRef(store, *this), R); } -SVal RegionStoreManager::RetrieveArray(Store store, const TypedRegion * R) { +SVal RegionStoreManager::RetrieveArray(Store store, + const TypedValueRegion * R) { assert(Ctx.getAsConstantArrayType(R->getValueType())); return svalBuilder.makeLazyCompoundVal(StoreRef(store, *this), R); } @@ -1325,14 +1330,14 @@ StoreRef RegionStoreManager::Bind(Store store, Loc L, SVal V) { const MemRegion *R = cast(L).getRegion(); // Check if the region is a struct region. - if (const TypedRegion* TR = dyn_cast(R)) + if (const TypedValueRegion* TR = dyn_cast(R)) if (TR->getValueType()->isStructureOrClassType()) return BindStruct(store, TR, V); if (const ElementRegion *ER = dyn_cast(R)) { if (ER->getIndex().isZeroConstant()) { - if (const TypedRegion *superR = - dyn_cast(ER->getSuperRegion())) { + if (const TypedValueRegion *superR = + dyn_cast(ER->getSuperRegion())) { QualType superTy = superR->getValueType(); // For now, just invalidate the fields of the struct/union/class. // This is for test rdar_test_7185607 in misc-ps-region-store.m. @@ -1412,7 +1417,7 @@ StoreRef RegionStoreManager::setImplicitDefaultValue(Store store, V).getRootWithoutRetain(), *this); } -StoreRef RegionStoreManager::BindArray(Store store, const TypedRegion* R, +StoreRef RegionStoreManager::BindArray(Store store, const TypedValueRegion* R, SVal Init) { const ArrayType *AT =cast(Ctx.getCanonicalType(R->getValueType())); @@ -1471,7 +1476,7 @@ StoreRef RegionStoreManager::BindArray(Store store, const TypedRegion* R, return newStore; } -StoreRef RegionStoreManager::BindStruct(Store store, const TypedRegion* R, +StoreRef RegionStoreManager::BindStruct(Store store, const TypedValueRegion* R, SVal V) { if (!Features.supportsFields()) diff --git a/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp b/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp index 71f2b4abb9c3..5269ebeac299 100644 --- a/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp +++ b/clang/lib/StaticAnalyzer/Core/SValBuilder.cpp @@ -70,7 +70,7 @@ SVal SValBuilder::convertToArrayIndex(SVal val) { } DefinedOrUnknownSVal -SValBuilder::getRegionValueSymbolVal(const TypedRegion* region) { +SValBuilder::getRegionValueSymbolVal(const TypedValueRegion* region) { QualType T = region->getValueType(); if (!SymbolManager::canSymbolicate(T)) @@ -133,7 +133,7 @@ DefinedSVal SValBuilder::getMetadataSymbolVal(const void *symbolTag, DefinedOrUnknownSVal SValBuilder::getDerivedRegionValueSymbolVal(SymbolRef parentSymbol, - const TypedRegion *region) { + const TypedValueRegion *region) { QualType T = region->getValueType(); if (!SymbolManager::canSymbolicate(T)) diff --git a/clang/lib/StaticAnalyzer/Core/Store.cpp b/clang/lib/StaticAnalyzer/Core/Store.cpp index a132e6dfb160..8913343b91da 100644 --- a/clang/lib/StaticAnalyzer/Core/Store.cpp +++ b/clang/lib/StaticAnalyzer/Core/Store.cpp @@ -87,7 +87,7 @@ const MemRegion *StoreManager::castRegion(const MemRegion *R, QualType CastToTy) // Handle casts from compatible types. if (R->isBoundable()) - if (const TypedRegion *TR = dyn_cast(R)) { + if (const TypedValueRegion *TR = dyn_cast(R)) { QualType ObjTy = Ctx.getCanonicalType(TR->getValueType()); if (CanonPointeeTy == ObjTy) return R; @@ -157,7 +157,7 @@ const MemRegion *StoreManager::castRegion(const MemRegion *R, QualType CastToTy) // Edge case: we are at 0 bytes off the beginning of baseR. We // check to see if type we are casting to is the same as the base // region. If so, just return the base region. - if (const TypedRegion *TR = dyn_cast(baseR)) { + if (const TypedValueRegion *TR = dyn_cast(baseR)) { QualType ObjTy = Ctx.getCanonicalType(TR->getValueType()); QualType CanonPointeeTy = Ctx.getCanonicalType(PointeeTy); if (CanonPointeeTy == ObjTy) @@ -211,7 +211,7 @@ const MemRegion *StoreManager::castRegion(const MemRegion *R, QualType CastToTy) /// CastRetrievedVal - Used by subclasses of StoreManager to implement /// implicit casts that arise from loads from regions that are reinterpreted /// as another region. -SVal StoreManager::CastRetrievedVal(SVal V, const TypedRegion *R, +SVal StoreManager::CastRetrievedVal(SVal V, const TypedValueRegion *R, QualType castTy, bool performTestOnly) { if (castTy.isNull()) diff --git a/clang/lib/StaticAnalyzer/Core/SymbolManager.cpp b/clang/lib/StaticAnalyzer/Core/SymbolManager.cpp index ba8504c27567..a2fdf28736a6 100644 --- a/clang/lib/StaticAnalyzer/Core/SymbolManager.cpp +++ b/clang/lib/StaticAnalyzer/Core/SymbolManager.cpp @@ -90,7 +90,7 @@ void SymbolRegionValue::dumpToStream(raw_ostream& os) const { } const SymbolRegionValue* -SymbolManager::getRegionValueSymbol(const TypedRegion* R) { +SymbolManager::getRegionValueSymbol(const TypedValueRegion* R) { llvm::FoldingSetNodeID profile; SymbolRegionValue::Profile(profile, R); void* InsertPos; @@ -125,7 +125,7 @@ SymbolManager::getConjuredSymbol(const Stmt* E, QualType T, unsigned Count, const SymbolDerived* SymbolManager::getDerivedSymbol(SymbolRef parentSymbol, - const TypedRegion *R) { + const TypedValueRegion *R) { llvm::FoldingSetNodeID profile; SymbolDerived::Profile(profile, parentSymbol, R);