summaryrefslogtreecommitdiffstats
path: root/clang/lib/Analysis/MemRegion.cpp
Commit message (Collapse)AuthorAgeFilesLines
* Remove tabs, and whitespace cleanups.Mike Stump2009-09-091-19/+19
| | | | llvm-svn: 81346
* Use SymbolicRegion instead of CodeTextRegion for symbolic functionTed Kremenek2009-08-281-19/+8
| | | | | | | | pointers. Most logic cares first about whether or not a region is symbolic, and second if represents code. This should fix a series of silent corner case bugs (as well as simplify a bunch of code). llvm-svn: 80335
* Remove 'SelfRegion' field from both BasicStoreManager and RegionStoreManager.Ted Kremenek2009-08-211-2/+9
| | | | | | | | | | | | | | | | | | SelfRegion represented the object bound to 'self' (when analyzing Objective-C methods) upon entry to a method. Having this region stored on the side ignores the current stack frame that we might be analyzing (among other things), and is a problem for interprocedural analysis. For RegionStoreManager, the value for SelfRegion is just lazily created. For BasicStoreManager, the value for SelfRegion is bound eagerly to 'self', but no explicit tracking of SelfRegion on the side is made. As part of this change, remove the restriction in BasicStoreManager that we only track ivars for 'self'. This shouldn't actually change anything in terms of precision, and simplifies the logic. llvm-svn: 79694
* Add LocationContext* field to VarRegion. This is needed for interprocedural ↵Ted Kremenek2009-08-211-2/+7
| | | | | | analysis. llvm-svn: 79680
* This is a fairly large patch, which resulted from a cascade of changesTed Kremenek2009-08-011-4/+67
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | made to RegionStore (and related classes) in order to handle some analyzer failures involving casts and manipulation of symbolic memory. The root of the change is in StoreManager::CastRegion(). Instead of using ad hoc heuristics to decide when to layer an ElementRegion on a casted MemRegion, we now always layer an ElementRegion when the cast type is different than the original type of the region. This carries the current cast information associated with a region around without resorting to the error prone recording of "casted types" in GRState. Along with this new policy of layering ElementRegions, I added a new algorithm to strip away existing ElementRegions when they simply represented casts of a base memory object. This algorithm computes the raw "byte offset" that an ElementRegion represents from the base region, and allows the new ElementRegion to be based off that offset. The added benefit is that this naturally handles a series of casts of a MemRegion without building up a set of redundant ElementRegions (thus canonicalizing the region view). Other related changes that cascaded from this one (as tests were failing in RegionStore): - Revamped RegionStoreManager::InvalidateRegion() to completely remove all bindings and default values from a region and all subregions. Now invalidated fields are not bound directly to new symbolic values; instead the base region has a "default" symbol value from which "derived symbols" can be created. The main advantage of this approach is that it allows us to invalidate a region hierarchy and then lazily instantiate new values no matter how deep the hierarchy went (i.e., regardless of the number of field accesses, e.g. x->f->y->z->...). The previous approach did not do this. - Slightly reworked RegionStoreManager::RemoveDeadBindings() to also incorporate live symbols and live regions that do not have direct bindings but also have "default values" used for lazy instantiation. The changes to 'InvalidateRegion' revealed that these were necessary in order to achieve lazy instantiation of values in the region store with those bindings being removed too early. - The changes to InvalidateRegion() and RemoveDeadBindings() revealed a serious bug in 'getSubRegionMap()' where not all region -> subregion relationships involved in actually bindings (explicit and implicit) were being recorded. This has been fixed by using a worklist algorithm to iteratively fill in the region map. - Added special support to RegionStoreManager::Bind()/Retrieve() to handle OSAtomicCompareAndSwap in light of the new 'CastRegion' changes and the layering of ElementRegions. - Fixed a bug in SymbolReaper::isLive() where derived symbols were not being marked live if the symbol they were derived from was also live. This fix was critical for getting lazy instantiation in RegionStore to work. - Tidied up the implementation of ValueManager::getXXXSymbolVal() methods to use SymbolManager::canSymbolicate() to decide whether or not a symbol should be symbolicated. - 'test/Analysis/misc-ps-xfail.m' now passes; that test case has been moved to 'test/Analysis/misc-ps.m'. - Tweaked some pretty-printing of MemRegions, and implemented 'ElementRegion::getRawOffset()' for use with the CastRegion changes. llvm-svn: 77782
* Remove 'StoreManager::OldCastRegion()', TypedViewRegion (which onlyTed Kremenek2009-07-291-27/+0
| | | | | | | OldCastRegion used), and the associated command line option '-analyzer-store=old-basic-cast'. llvm-svn: 77509
* Add 'MemRegion::getBaseRegion()', a utility method to strip ElementRegions withTed Kremenek2009-07-291-0/+20
| | | | | | index 0. This will be used for refinements to InvalidateRegion and CastRegion. llvm-svn: 77481
* Implement FIXME in pretty-printing for StringRegions.Ted Kremenek2009-07-191-3/+2
| | | | llvm-svn: 76381
* Improve debug pretty-printing for ObjCIVarRegions.Ted Kremenek2009-07-191-0/+4
| | | | llvm-svn: 76380
* Move RegionStoreManager over to using newTed Kremenek2009-07-161-1/+2
| | | | | | | | ValueManager::makeArrayIndex()/convertArrayIndex() methods. This handles yet another crash case when reasoning about array indices of different bitwidth and signedness. llvm-svn: 75884
* Tidy pretty-printing for SVals, using 'dump()' instead of 'printStdErr()', ↵Ted Kremenek2009-07-131-1/+1
| | | | | | and implementing operator<< support for llvm::raw_ostream. llvm-svn: 75560
* When pretty-printing symbolic regions, use '{' ... '}' to indicate the ↵Ted Kremenek2009-07-131-1/+1
| | | | | | symbol used for the region (makes it easier to read for nested regions). llvm-svn: 75550
* Change pretty-printing API for SymExprs and MemRegions to use a naming ↵Ted Kremenek2009-07-131-20/+17
| | | | | | convention and style similar to other elements in Clang. llvm-svn: 75548
* Rename potentially ambiguous member template 'getRegion' to 'getSubRegion' ↵Ted Kremenek2009-07-101-4/+4
| | | | | | to hopefully resolve template lookup ambiguities on some compilers. llvm-svn: 75253
* Enhance RegionStore to lazily symbolicate fields and array elements forTed Kremenek2009-07-021-0/+7
| | | | | | structures passed-by-value as function arguments. llvm-svn: 74729
* StoreManagers: Use 'hasGlobalsStorage()' and 'hasParametersStorage()' instead ofTed Kremenek2009-07-021-1/+17
| | | | | | | directly consulting if a VarDecl is an implicit or actual parameter, a global, etc. llvm-svn: 74716
* Add a separate MemSpaceRegion for function/method arguments passed on the stack.Ted Kremenek2009-07-021-3/+11
| | | | | | | This will simplify the logic of StoreManagers that want to specially reason about the values of parameters. llvm-svn: 74715
* Remove commented methods. Add MemRegion::printStdErr().Ted Kremenek2009-07-021-0/+4
| | | | llvm-svn: 74709
* Key decisions about 'bool' vs '_Bool' to be based on a new flag in langoptions.Chris Lattner2009-06-301-1/+2
| | | | | | | | | | | | This is simple enough, but then I thought it would be nice to make PrintingPolicy get a LangOptions so that various things can key off "bool" and "C++" independently. This spiraled out of control. There are many fixme's, but I think things are slightly better than they were before. One thing that can be improved: CFG should probably have an ASTContext pointer in it, which would simplify its clients. llvm-svn: 74493
* - Add MemRegion::getMemorySpace()Ted Kremenek2009-06-231-27/+22
| | | | | | | | | | - Change implementation of MemRegion::hasStackStorage()/hasHeapStorage() to use 'getMemorySpace()'. This avoids a double traversal up the region hierarchy and is simpler. - Add MemRegion::hasHeapOrStackStorage() as a slightly more efficient alternative to 'hasStackStorage() || hasHeapStorage()'. llvm-svn: 73977
* Move 'hasStackStorage()' and 'hasHeapStorage()' from MemRegionManager to ↵Ted Kremenek2009-06-231-8/+8
| | | | | | MemRegion. llvm-svn: 73973
* MemRegionManager: Migrate logic for getCodeTextRegion() over to using Zhongxing Xu2009-06-231-28/+4
| | | | | | trait-based MemRegion creation. llvm-svn: 73941
* Remove duplicated methods.Zhongxing Xu2009-06-231-16/+20
| | | | llvm-svn: 73940
* MemRegions:Ted Kremenek2009-06-231-4/+16
| | | | | | | | - Embed a reference to MemRegionManager objects in MemSpaceRegion objects - Use this embedded reference for MemRegion objects to access ASTContext objects without external help - Use this access to ASTContext to simplify 'isBoundable' (no ASTContext& argument required) llvm-svn: 73935
* MemRegionManager: Migrate logic for getAllocaRegion() over to using ↵Ted Kremenek2009-06-231-16/+4
| | | | | | trait-based MemRegion creation. llvm-svn: 73927
* MemRegionManager: Migrate getObjCObjectRegion() and getTypedViewRegion() to useTed Kremenek2009-06-231-30/+3
| | | | | | the new trait-based construction of MemRegion objects. llvm-svn: 73926
* Migrate factory methods for FieldRegion and ObjCIVarRegion creation to use theTed Kremenek2009-06-221-28/+2
| | | | | | new generalized region-construction code. llvm-svn: 73921
* Refactor some of the logic in MemRegionManager for constructing regions usingTed Kremenek2009-06-221-70/+15
| | | | | | | | member template functions and traits. The idea is to allow MemRegionManager to construct subclasses of MemRegion that aren't declared in MemRegion.h (e.g., checker-specific regions). llvm-svn: 73917
* Use canonical type for building ElementRegion. Otherwise ElementRegions cannotZhongxing Xu2009-06-161-3/+5
| | | | | | be unique. llvm-svn: 73482
* rename: MemRegion:Zhongxing Xu2009-05-091-8/+0
| | | | | | | | | RValueType => ObjectType LValueType => LocationType No functionality change. llvm-svn: 71304
* The super region of ElementRegion no longer needs to be TypedRegion. In theZhongxing Xu2009-05-061-1/+1
| | | | | | future we would create ElementRegion directly on top of typeless regions. llvm-svn: 71075
* Per conversations with Zhongxing, add an 'element type' toTed Kremenek2009-05-041-17/+8
| | | | | | | | | | | | | | | | | | | ElementRegion. I also removed 'ElementRegion::getArrayRegion', although we may need to add this back. This breaks a few test cases with RegionStore: - 'array-struct.c' triggers an infinite recursion in RegionStoreManager. Need to investigate. - misc-ps.m triggers a failure with RegionStoreManager as we now get the diagnostic: 'Line 159: Uninitialized or undefined return value returned to caller.' There were a bunch of places that needed to be edit RegionStoreManager, and we may not be passing all the correct 'element types' down from GRExprEngine. Zhongxing: When you get a chance, could you review this? I could have easily screwed up something basic in RegionStoreManager. llvm-svn: 70830
* MemRegion pretty-printing: Convert DeclName to a string to print out the actualTed Kremenek2009-04-291-1/+1
| | | | | | name of the tracked function. llvm-svn: 70381
* Recommit 69694 but this time also include the header changes (sorry for breakingTed Kremenek2009-04-211-0/+10
| | | | | | the build). llvm-svn: 69702
* Revert 69694 (use of undefined getSymbol)Daniel Dunbar2009-04-211-10/+0
| | | | llvm-svn: 69697
* Add pretty-printing for CodeTextRegions.Ted Kremenek2009-04-211-0/+10
| | | | llvm-svn: 69694
* Lexically order the implementation of MemRegion 'print' methods. No ↵Ted Kremenek2009-04-211-18/+18
| | | | | | functionality change. llvm-svn: 69688
* Implement analyzer support for OSCompareAndSwap. This required pushing "tagged"Ted Kremenek2009-04-111-1/+16
| | | | | | | | | ProgramPoints all the way through to GRCoreEngine. NSString.m now fails with RegionStoreManager because of the void** cast. Disabling use of region store for that test for now. llvm-svn: 68845
* Add prototype for CodeTextRegion.Zhongxing Xu2009-04-101-0/+48
| | | | | | | | A CodeTextRegion wraps two kinds of data: FunctionDecl* or SymbolRef. The latter comes from the symbolic function pointer that are generated from function calls or input data. llvm-svn: 68777
* Re-apply 68028. The code had drifted enough that the tests would fail withoutTed Kremenek2009-03-301-22/+0
| | | | | | it. Will discuss offline whether symbolic regions should by typed or typeless. llvm-svn: 68070
* Revert 68028.Ted Kremenek2009-03-301-0/+22
| | | | llvm-svn: 68068
* Make SymbolicRegion untyped.Zhongxing Xu2009-03-301-22/+0
| | | | | | Layer the type information with a TypedViewRegion on top of the SymbolicRegion. llvm-svn: 68028
* analyzer infrastructure: make a bunch of changes to symbolic expressions thatTed Kremenek2009-03-261-10/+4
| | | | | | | | | | | | | | | | Zhongxing and I discussed by email. Main changes: - Removed SymIntConstraintVal and SymIntConstraint - Added SymExpr as a parent class to SymbolData, SymSymExpr, SymIntExpr - Added nonloc::SymExprVal to wrap SymExpr - SymbolRef is now just a typedef of 'const SymbolData*' - Bunch of minor code cleanups in how some methods were invoked (no functionality change) This changes are part of a long-term plan to have full symbolic expression trees. This will be useful for lazily evaluating complicated expressions. llvm-svn: 67731
* Add TypedViewRegion::isBoundable() to indicate whether or not theTed Kremenek2009-03-111-1/+1
| | | | | | | | | | | | | | | TypedViewRegion has a valid rvalue type. Also renamed instance variable 'T' to 'LvalueType' to make it unambiguous of its purpose. This fixes some crashes I was seeing after: http://lists.cs.uiuc.edu/pipermail/cfe-commits/Week-of-Mon-20090309/013771.html This is because 'isBoundable()' is defined in TypedRegion (the parent class) in terms of the rvalue type (which could be null), while for TypedViewRegion it should be defined in terms of the lvalue type. llvm-svn: 66712
* MemRegion:Ted Kremenek2009-03-041-2/+3
| | | | | | | | | - Have 'TypedRegion::getRValueType()' return a null QualType for 'id<...>' instead of aborting. - Change 'TypedRegion::isBoundable()' to return true for all objects with a non-null RValueType (this may not be the final behavior). llvm-svn: 66093
* Added the notion of a "boundable region", which is a region that can have a ↵Ted Kremenek2009-03-041-6/+16
| | | | | | direct binding in the StoreManager. llvm-svn: 66005
* Rework use of loc::SymbolVal in the retain/release checker to use the new methodTed Kremenek2009-03-031-2/+1
| | | | | | | | | | | SVal::getAsLocSymbol(). This simplifies the code and allows the retain/release checker to (I believe) also correctly reason about location symbols wrapped in SymbolicRegions. Along the way I cleaned up SymbolRef a little, disallowing implicit casts to 'unsigned'. llvm-svn: 65972
* Rename AnonTypedRegion to TypedViewRegion.Ted Kremenek2009-03-011-9/+9
| | | | llvm-svn: 65764
* Create ElementRegion when the base is SymbolicRegion. This is like what we doZhongxing Xu2009-02-061-10/+6
| | | | | | | | | for FieldRegion. This enables us to track more values. Simplify SymbolicRegion::getRValueType(). We assume the symbol always has pointer type. llvm-svn: 63928
* Make SymbolicRegion subclass TypedRegion, for symbols usually have types, so Zhongxing Xu2009-02-051-6/+26
| | | | | | | | | | | | | | do the symblic regions associated with them and we need them to be typed. Current SymbolicRegion::getRValueType() method is very restricting. It may be modified when we are more clear about what could be the types of symblic regions. BasicConstraintManager::Assume() is changed due to that now SymblicRegion is a subclass of SubRegion. llvm-svn: 63844
OpenPOWER on IntegriCloud