This is an archive of the discontinued LLVM Phabricator instance.

Differential D19979

[analyzer] ScopeContext - initial implementation
Needs ReviewPublic

Authored by a.sidorin on May 5 2016, 9:05 AM.

Details

Reviewers
dcoughlin
zaks.anna
bshastry
Summary

This patch enables ScopeContext to track variable lifetime. It is RFC mostly since the work on its dependencies is still not finished and it lacks some tests.
Pre-discussion took place in cfe-dev:

StackLocalsSpaceRegion is still present to preserve current behaviour because 'cfg-scope-info' is false by default.

Diff Detail

Event Timeline

a.sidorin updated this revision to Diff 56296.May 5 2016, 9:05 AM
a.sidorin retitled this revision from to [analyzer] ScopeContext - initial implementation.
a.sidorin updated this object.
a.sidorin added reviewers: zaks.anna, dcoughlin, bshastry.
a.sidorin added a parent revision: D16403: Add scope information to CFG.
a.sidorin added a subscriber: cfe-commits.
xazax.hun added a subscriber: xazax.hun.May 6 2016, 4:26 AM
NoQ added a subscriber: NoQ.May 6 2016, 7:58 AM
dcoughlin mentioned this in D15031: CFG: Add CFGElement for automatic variables that leave the scope.Aug 16 2016, 6:31 PM
dcoughlin edited edge metadata.Aug 21 2016, 10:23 AM

This has been requested by PR29069 https://llvm.org/bugs/show_bug.cgi?id=29069

NoQ added a comment.Nov 2 2016, 8:15 AM

https://llvm.org/bugs/show_bug.cgi?id=28450
^Another impressing test case for variable scopes, which should ideally be fixed by scope contexts, even though i doubt this patch (or the CFG patch) addresses this issue. Variable-length arrays might actually mess up things quite a bit.

Long story short, every time a goto jumps to before VLA was declared, it gets re-allocated. And we need to represent it as a different VarRegion for the same declaration. We could extend the region hierarchy to treat VLAs specially, but ideally it seems saner to me to make a VarRegion on top of a different scope memspace every time VLA is re-allocated.

a.sidorin added a comment.Nov 7 2016, 6:14 AM

Hm. A pretty nice example. But we should check if the initial patch supports gotos; afair, it doesn't.

ilya-palachev added a subscriber: ilya-palachev.Nov 7 2016, 7:27 AM
NoQ mentioned this in D24246: StaticAnalyzer - MisusedMovedObjectChecker.Feb 9 2017, 6:59 AM
xazax.hun added a comment.Mar 30 2017, 8:47 AM

What is the status of this?
Aleksei, could you upload a new patch with the context available?
(And also with a testcase added for jumps/gotos and VLA.)

You modified the malloc checker but I did not see a test for that.

NoQ mentioned this in D34260: [StaticAnalyzer] Completely unrolling specific loops with known bound option .Jun 16 2017, 12:41 PM
szepet added a subscriber: szepet.Jun 22 2017, 9:09 AM
a.sidorin added a comment.Dec 18 2017, 6:29 AM

This patch still depends on scope implementation in CFG. There is no final implementation; after initial implementation is done, I'll update the patch.

a.sidorin mentioned this in D41151: [analyzer] Adding LoopContext and improve loop modeling.Dec 18 2017, 6:29 AM
NoQ mentioned this in D73519: [analyzer] AnalysisDeclContext: Refactor and documentation.Jan 28 2020, 1:34 PM
Charusso mentioned this in rG7e1a6ca9e89c: [analyzer] AnalysisDeclContext: Refactor and documentation.Mar 3 2020, 10:21 PM
Charusso mentioned this in rG401a937db340: [analyzer] AnalysisDeclContext: Refactor and documentation.Jul 14 2020, 4:40 PM

Revision Contents

PathSize
include/
clang/
Analysis/
28 lines
48 lines
StaticAnalyzer/
Core/
28 lines
31 lines
PathSensitive/
4 lines
4 lines
75 lines
1 line
4 lines
lib/
Analysis/
79 lines
StaticAnalyzer/
Checkers/
18 lines
3 lines
16 lines
3 lines
Core/
8 lines
43 lines
8 lines
5 lines
82 lines
22 lines
138 lines
14 lines
1 line
test/
Analysis/
24 lines

Diff 56296

include/clang/Analysis/AnalysisContext.h

Context not available.
class PseudoConstantAnalysis; class PseudoConstantAnalysis;
class LocationContextManager; class LocationContextManager;
class StackFrameContext; class StackFrameContext;
class ScopeContext;
class BlockInvocationContext; class BlockInvocationContext;
class AnalysisDeclContextManager; class AnalysisDeclContextManager;
class LocationContext; class LocationContext;
Context not available.
llvm::BumpPtrAllocator A; llvm::BumpPtrAllocator A;
llvm::DenseMap<const BlockDecl*,void*> *ReferencedBlockVars; llvm::DenseMap<const BlockDecl*,void*> *ReferencedBlockVars;
llvm::DenseMap<const Stmt *, void *> *DeclaredVars;
void *ManagedAnalyses; void *ManagedAnalyses;
Context not available.
PseudoConstantAnalysis *getPseudoConstantAnalysis(); PseudoConstantAnalysis *getPseudoConstantAnalysis();
typedef const VarDecl * const * referenced_decls_iterator; typedef const VarDecl * const * referenced_decls_iterator;
typedef const VarDecl * const * declared_vars_iterator;
std::pair<referenced_decls_iterator, referenced_decls_iterator> std::pair<referenced_decls_iterator, referenced_decls_iterator>
getReferencedBlockVars(const BlockDecl *BD); getReferencedBlockVars(const BlockDecl *BD);
std::pair<declared_vars_iterator, declared_vars_iterator>
getDeclaredVars(const Stmt *Scope);
/// Return the ImplicitParamDecl* associated with 'self' if this /// Return the ImplicitParamDecl* associated with 'self' if this
/// AnalysisDeclContext wraps an ObjCMethodDecl. Returns NULL otherwise. /// AnalysisDeclContext wraps an ObjCMethodDecl. Returns NULL otherwise.
const ImplicitParamDecl *getSelfDecl() const; const ImplicitParamDecl *getSelfDecl() const;
Context not available.
const Stmt *S, const CFGBlock *Blk, const Stmt *S, const CFGBlock *Blk,
unsigned Idx, unsigned Cnt); unsigned Idx, unsigned Cnt);
const ScopeContext *getScope(LocationContext const *Parent, const Stmt *S,
unsigned BlockCount);
const BlockInvocationContext * const BlockInvocationContext *
getBlockInvocationContext(const LocationContext *parent, getBlockInvocationContext(const LocationContext *parent,
const BlockDecl *BD, const BlockDecl *BD,
Context not available.
class ScopeContext : public LocationContext { class ScopeContext : public LocationContext {
const Stmt *Enter; const Stmt *Enter;
// The block count to discriminate between scopes of the same statement.
unsigned BlockCount;
friend class LocationContextManager; friend class LocationContextManager;
ScopeContext(AnalysisDeclContext *ctx, const LocationContext *parent, ScopeContext(AnalysisDeclContext *ctx, const LocationContext *Parent,
const Stmt *s) const Stmt *S, unsigned BlockCount)
: LocationContext(Scope, ctx, parent), Enter(s) {} : LocationContext(Scope, ctx, Parent), Enter(S), BlockCount(BlockCount) {
assert(Parent);
assert(S);
}
public: public:
~ScopeContext() {} ~ScopeContext() {}
const Stmt *getTriggerStmt() const { return Enter; }
void Profile(llvm::FoldingSetNodeID &ID); void Profile(llvm::FoldingSetNodeID &ID);
static void Profile(llvm::FoldingSetNodeID &ID, AnalysisDeclContext *ctx, static void Profile(llvm::FoldingSetNodeID &ID, AnalysisDeclContext *ctx,
const LocationContext *parent, const Stmt *s) { const LocationContext *parent, const Stmt *s,
unsigned BlockCount) {
ProfileCommon(ID, Scope, ctx, parent, s); ProfileCommon(ID, Scope, ctx, parent, s);
ID.AddInteger(BlockCount);
} }
static bool classof(const LocationContext *Ctx) { static bool classof(const LocationContext *Ctx) {
Context not available.
const ScopeContext *getScope(AnalysisDeclContext *ctx, const ScopeContext *getScope(AnalysisDeclContext *ctx,
const LocationContext *parent, const LocationContext *parent,
const Stmt *s); const Stmt *s, unsigned BlockCount);
const BlockInvocationContext * const BlockInvocationContext *
getBlockInvocationContext(AnalysisDeclContext *ctx, getBlockInvocationContext(AnalysisDeclContext *ctx,
Context not available.

include/clang/Analysis/ProgramPoint.h

Context not available.
PostImplicitCallKind, PostImplicitCallKind,
MinImplicitCallKind = PreImplicitCallKind, MinImplicitCallKind = PreImplicitCallKind,
MaxImplicitCallKind = PostImplicitCallKind, MaxImplicitCallKind = PostImplicitCallKind,
ScopeEnterKind,
ScopeExitKind,
EpsilonKind}; EpsilonKind};
private: private:
Context not available.
} }
}; };
/// Represents a point where a new scope is being entered.
class ScopeEnter : public ProgramPoint {
public:
ScopeEnter(const Stmt *TriggerStmt, const ScopeContext *ScopeCtx,
const LocationContext *CurrCtx)
: ProgramPoint(TriggerStmt, CurrCtx, ScopeEnterKind, ScopeCtx) {}
const Stmt *getTriggerStmt() const {
return static_cast<const Stmt *>(getData1());
}
const LocationContext *getParentContext() const {
return static_cast<const LocationContext *>(getData2());
}
private:
ScopeEnter() {}
friend class ProgramPoint;
static bool isKind(const ProgramPoint &Location) {
return Location.getKind() == ScopeEnterKind;
}
};
/// Represents a point where a scope is being exited.
class ScopeExit : public ProgramPoint {
public:
ScopeExit(const Stmt *TriggerStmt, const ScopeContext *ScopeCtx,
const LocationContext *TargetCtx)
: ProgramPoint(TriggerStmt, ScopeCtx, ScopeExitKind, TargetCtx) {}
const Stmt *getTriggerStmt() const {
return static_cast<const Stmt *>(getData1());
}
const LocationContext *getScopeContext() const {
return static_cast<const LocationContext *>(getData2());
}
private:
ScopeExit() {}
friend class ProgramPoint;
static bool isKind(const ProgramPoint &Location) {
return Location.getKind() == ScopeExitKind;
}
};
/// Represents a point when we begin processing an inlined call. /// Represents a point when we begin processing an inlined call.
/// CallEnter uses the caller's location context. /// CallEnter uses the caller's location context.
class CallEnter : public ProgramPoint { class CallEnter : public ProgramPoint {
Context not available.

include/clang/StaticAnalyzer/Core/Checker.h

Context not available.
} }
}; };
class ScopeEnter {
template <typename CHECKER>
static void _checkScopeEnter(void *checker, CheckerContext &C) {
((const CHECKER *)checker)->checkScopeEnter(C);
}
public:
template <typename CHECKER>
static void _register(CHECKER *checker, CheckerManager &mgr) {
mgr._registerForScopeEnter(
CheckerManager::CheckScopeFunc(checker, _checkScopeEnter<CHECKER>));
}
};
class ScopeExit {
template <typename CHECKER>
static void _checkScopeExit(void *checker, CheckerContext &C) {
((const CHECKER *)checker)->checkScopeExit(C);
}
public:
template <typename CHECKER>
static void _register(CHECKER *checker, CheckerManager &mgr) {
mgr._registerForScopeExit(
CheckerManager::CheckScopeFunc(checker, _checkScopeExit<CHECKER>));
}
};
class Location { class Location {
template <typename CHECKER> template <typename CHECKER>
static void _checkLocation(void *checker, static void _checkLocation(void *checker,
Context not available.

include/clang/StaticAnalyzer/Core/CheckerManager.h

Context not available.
const CallEvent &Call, ExprEngine &Eng, const CallEvent &Call, ExprEngine &Eng,
bool wasInlined = false); bool wasInlined = false);
/// \brief Run checkers for entering scope.
void runCheckersForScopeEnter(ExplodedNodeSet &Dst,
const ExplodedNodeSet &Src,
ProgramPoint PP, ExprEngine &Eng) {
runCheckersForScope(/*isEnter=*/true, Dst, Src, PP, Eng);
}
/// \brief Run checkers for exiting scope.
void runCheckersForScopeExit(ExplodedNodeSet &Dst,
const ExplodedNodeSet &Src,
ProgramPoint PP,
ExprEngine &Eng) {
runCheckersForScope(/*isEnter=*/false, Dst, Src, PP, Eng);
}
/// \brief Run checkers for scope enter/exit event.
void runCheckersForScope(bool IsEnter, ExplodedNodeSet &Dst,
const ExplodedNodeSet &Src,
ProgramPoint PP,
ExprEngine &Eng);
/// \brief Run checkers for load/store of a location. /// \brief Run checkers for load/store of a location.
void runCheckersForLocation(ExplodedNodeSet &Dst, void runCheckersForLocation(ExplodedNodeSet &Dst,
const ExplodedNodeSet &Src, const ExplodedNodeSet &Src,
Context not available.
typedef CheckerFn<void (const CallEvent &, CheckerContext &)> typedef CheckerFn<void (const CallEvent &, CheckerContext &)>
CheckCallFunc; CheckCallFunc;
typedef CheckerFn<void (CheckerContext &)> CheckScopeFunc;
typedef CheckerFn<void (const SVal &location, bool isLoad, typedef CheckerFn<void (const SVal &location, bool isLoad,
const Stmt *S, const Stmt *S,
CheckerContext &)> CheckerContext &)>
Context not available.
void _registerForPreCall(CheckCallFunc checkfn); void _registerForPreCall(CheckCallFunc checkfn);
void _registerForPostCall(CheckCallFunc checkfn); void _registerForPostCall(CheckCallFunc checkfn);
void _registerForScopeEnter(CheckScopeFunc checkfn);
void _registerForScopeExit(CheckScopeFunc checkfn);
void _registerForLocation(CheckLocationFunc checkfn); void _registerForLocation(CheckLocationFunc checkfn);
void _registerForBind(CheckBindFunc checkfn); void _registerForBind(CheckBindFunc checkfn);
Context not available.
std::vector<CheckCallFunc> PreCallCheckers; std::vector<CheckCallFunc> PreCallCheckers;
std::vector<CheckCallFunc> PostCallCheckers; std::vector<CheckCallFunc> PostCallCheckers;
std::vector<CheckScopeFunc> ScopeEnterCheckers;
std::vector<CheckScopeFunc> ScopeExitCheckers;
std::vector<CheckLocationFunc> LocationCheckers; std::vector<CheckLocationFunc> LocationCheckers;
std::vector<CheckBindFunc> BindCheckers; std::vector<CheckBindFunc> BindCheckers;
Context not available.

include/clang/StaticAnalyzer/Core/PathSensitive/Environment.h

Context not available.
/// This allows the environment to manage context-sensitive bindings, /// This allows the environment to manage context-sensitive bindings,
/// which is essentially for modeling recursive function analysis, among /// which is essentially for modeling recursive function analysis, among
/// other things. /// other things.
class EnvironmentEntry : public std::pair<const Stmt*, class EnvironmentEntry
const StackFrameContext *> { : public std::pair<const Stmt*, const LocationContext *> {
public: public:
EnvironmentEntry(const Stmt *s, const LocationContext *L); EnvironmentEntry(const Stmt *s, const LocationContext *L);
Context not available.

include/clang/StaticAnalyzer/Core/PathSensitive/ExprEngine.h

Context not available.
void ProcessInitializer(const CFGInitializer I, ExplodedNode *Pred); void ProcessInitializer(const CFGInitializer I, ExplodedNode *Pred);
void ProcessScopeEnter(const CFGScopeBegin SC, ExplodedNode *Pred);
void ProcessScopeExit(const CFGScopeEnd SE, ExplodedNode *Pred);
void ProcessImplicitDtor(const CFGImplicitDtor D, ExplodedNode *Pred); void ProcessImplicitDtor(const CFGImplicitDtor D, ExplodedNode *Pred);
void ProcessAutomaticObjDtor(const CFGAutomaticObjDtor D, void ProcessAutomaticObjDtor(const CFGAutomaticObjDtor D,
Context not available.

include/clang/StaticAnalyzer/Core/PathSensitive/MemRegion.h

Context not available.
} }
}; };
class ScopeLocalSpaceRegion : public MemSpaceRegion {
const ScopeContext *ScopeCtx;
void *DeclaredVars;
virtual void anchor();
friend class MemRegionManager;
ScopeLocalSpaceRegion(MemRegionManager *Mgr, const ScopeContext *ScopeCtx)
: MemSpaceRegion(Mgr, ScopeLocalSpaceRegionKind),
ScopeCtx(ScopeCtx),
DeclaredVars(nullptr) {}
void LazyInitializeDeclaredVars();
const VarRegion *getScopedRegion(const VarDecl *VD);
public:
const ScopeContext *getScopeContext() const { return ScopeCtx; }
void Profile(llvm::FoldingSetNodeID &ID) const;
class declared_vars_iterator {
const MemRegion *const *MR;
public:
explicit declared_vars_iterator(const MemRegion *const *MR) : MR(MR) {}
const VarRegion *getDeclaredRegion() const {
return cast<VarRegion>(*MR);
}
const VarRegion *operator *() const {
return getDeclaredRegion();
}
const VarRegion *operator ->() const {
return getDeclaredRegion();
}
bool operator==(const declared_vars_iterator &I) const {
assert((MR == nullptr) == (I.MR == nullptr));
return I.MR == MR;
}
bool operator!=(const declared_vars_iterator &I) const {
assert((MR == nullptr) == (I.MR == nullptr));
return I.MR != MR;
}
declared_vars_iterator &operator++() {
++MR;
return *this;
}
};
declared_vars_iterator declared_vars_begin() const;
declared_vars_iterator declared_vars_end() const;
void dumpToStream(raw_ostream &os) const;
static bool classof(const MemRegion *R) {
return R->getKind() == ScopeLocalSpaceRegionKind;
}
};
/// SubRegion - A region that subsets another larger region. Most regions /// SubRegion - A region that subsets another larger region. Most regions
/// are subclasses of SubRegion. /// are subclasses of SubRegion.
Context not available.
GlobalImmutableSpaceRegion *ImmutableGlobals; GlobalImmutableSpaceRegion *ImmutableGlobals;
llvm::DenseMap<const StackFrameContext *, StackLocalsSpaceRegion *> llvm::DenseMap<const StackFrameContext *, StackLocalsSpaceRegion *>
StackLocalsSpaceRegions; StackLocalsSpaceRegions;
llvm::DenseMap<const StackFrameContext *, StackArgumentsSpaceRegion *> llvm::DenseMap<const StackFrameContext *, StackArgumentsSpaceRegion *>
StackArgumentsSpaceRegions; StackArgumentsSpaceRegions;
llvm::DenseMap<const CodeTextRegion *, StaticGlobalSpaceRegion *> llvm::DenseMap<const CodeTextRegion *, StaticGlobalSpaceRegion *>
StaticsGlobalSpaceRegions; StaticsGlobalSpaceRegions;
llvm::DenseMap<const ScopeContext *, ScopeLocalSpaceRegion *>
ScopeLocalSpaceRegions;
HeapSpaceRegion *heap; HeapSpaceRegion *heap;
UnknownSpaceRegion *unknown; UnknownSpaceRegion *unknown;
CodeSpaceRegion *code; CodeSpaceRegion *code;
llvm::PointerUnion<const StackFrameContext *, const VarRegion *>
getStackOrCaptureRegionForDeclContext(const LocationContext *LC,
const DeclContext *DC,
const VarDecl *VD);
public: public:
MemRegionManager(ASTContext &c, llvm::BumpPtrAllocator& a) MemRegionManager(ASTContext &c, llvm::BumpPtrAllocator& a)
: C(c), A(a), InternalGlobals(0), SystemGlobals(0), ImmutableGlobals(0), : C(c), A(a), InternalGlobals(0), SystemGlobals(0), ImmutableGlobals(0),
Context not available.
const StackArgumentsSpaceRegion * const StackArgumentsSpaceRegion *
getStackArgumentsRegion(const StackFrameContext *STC); getStackArgumentsRegion(const StackFrameContext *STC);
/// getScopeLocalSpaceRegion - Retrieve the memory region associated with
/// the given scope.
const ScopeLocalSpaceRegion *
getScopeLocalSpaceRegion(const ScopeContext *ScopeCtx);
/// getGlobalsRegion - Retrieve the memory region associated with /// getGlobalsRegion - Retrieve the memory region associated with
/// global variables. /// global variables.
const GlobalsSpaceRegion *getGlobalsRegion( const GlobalsSpaceRegion *getGlobalsRegion(
Context not available.

include/clang/StaticAnalyzer/Core/PathSensitive/Regions.def

Context not available.
REGION(StackLocalsSpaceRegion, StackSpaceRegion) REGION(StackLocalsSpaceRegion, StackSpaceRegion)
REGION_RANGE(STACK_MEMSPACES, StackArgumentsSpaceRegionKind, REGION_RANGE(STACK_MEMSPACES, StackArgumentsSpaceRegionKind,
StackLocalsSpaceRegionKind) StackLocalsSpaceRegionKind)
REGION(ScopeLocalSpaceRegion, MemSpaceRegion)
REGION(UnknownSpaceRegion, MemSpaceRegion) REGION(UnknownSpaceRegion, MemSpaceRegion)
REGION_RANGE(MEMSPACES, CodeSpaceRegionKind, REGION_RANGE(MEMSPACES, CodeSpaceRegionKind,
UnknownSpaceRegionKind) UnknownSpaceRegionKind)
Context not available.

include/clang/StaticAnalyzer/Core/PathSensitive/SymbolManager.h

Context not available.
RegionSetTy RegionRoots; RegionSetTy RegionRoots;
const StackFrameContext *LCtx; const LocationContext *LCtx;
const Stmt *Loc; const Stmt *Loc;
SymbolManager& SymMgr; SymbolManager& SymMgr;
StoreRef reapedStore; StoreRef reapedStore;
Context not available.
/// considered live. /// considered live.
/// If the stack frame context is NULL, everything on stack is considered /// If the stack frame context is NULL, everything on stack is considered
/// dead. /// dead.
SymbolReaper(const StackFrameContext *Ctx, const Stmt *s, SymbolManager& symmgr, SymbolReaper(const LocationContext *Ctx, const Stmt *s, SymbolManager& symmgr,
StoreManager &storeMgr) StoreManager &storeMgr)
: LCtx(Ctx), Loc(s), SymMgr(symmgr), : LCtx(Ctx), Loc(s), SymMgr(symmgr),
reapedStore(0, storeMgr) {} reapedStore(0, storeMgr) {}
Context not available.

lib/Analysis/AnalysisDeclContext.cpp

Context not available.
builtCFG(false), builtCFG(false),
builtCompleteCFG(false), builtCompleteCFG(false),
ReferencedBlockVars(0), ReferencedBlockVars(0),
DeclaredVars(nullptr),
ManagedAnalyses(0) ManagedAnalyses(0)
{ {
cfgBuildOptions.forcedBlkExprs = &forcedBlkExprs; cfgBuildOptions.forcedBlkExprs = &forcedBlkExprs;
Context not available.
builtCFG(false), builtCFG(false),
builtCompleteCFG(false), builtCompleteCFG(false),
ReferencedBlockVars(0), ReferencedBlockVars(0),
DeclaredVars(nullptr),
ManagedAnalyses(0) ManagedAnalyses(0)
{ {
cfgBuildOptions.forcedBlkExprs = &forcedBlkExprs; cfgBuildOptions.forcedBlkExprs = &forcedBlkExprs;
Context not available.
Cnt); Cnt);
} }
const ScopeContext *
AnalysisDeclContext::getScope(const LocationContext *Parent, const Stmt *S,
unsigned BlockCount) {
return getLocationContextManager().getScope(this, Parent, S, BlockCount);
}
const BlockInvocationContext * const BlockInvocationContext *
AnalysisDeclContext::getBlockInvocationContext(const LocationContext *parent, AnalysisDeclContext::getBlockInvocationContext(const LocationContext *parent,
const clang::BlockDecl *BD, const clang::BlockDecl *BD,
Context not available.
} }
void ScopeContext::Profile(llvm::FoldingSetNodeID &ID) { void ScopeContext::Profile(llvm::FoldingSetNodeID &ID) {
Profile(ID, getAnalysisDeclContext(), getParent(), Enter); Profile(ID, getAnalysisDeclContext(), getParent(), Enter, BlockCount);
} }
void BlockInvocationContext::Profile(llvm::FoldingSetNodeID &ID) { void BlockInvocationContext::Profile(llvm::FoldingSetNodeID &ID) {
Context not available.
const ScopeContext * const ScopeContext *
LocationContextManager::getScope(AnalysisDeclContext *ctx, LocationContextManager::getScope(AnalysisDeclContext *ctx,
const LocationContext *parent, const LocationContext *parent,
const Stmt *s) { const Stmt *s, unsigned BlockCount) {
return getLocationContext<ScopeContext, Stmt>(ctx, parent, s); llvm::FoldingSetNodeID ID;
ScopeContext::Profile(ID, ctx, parent, s, BlockCount);
void *InsertPos;
ScopeContext *L =
cast_or_null<ScopeContext>(Contexts.FindNodeOrInsertPos(ID, InsertPos));
if (!L) {
L = new ScopeContext(ctx, parent, s, BlockCount);
Contexts.InsertNode(L, InsertPos);
}
return L;
} }
const BlockInvocationContext * const BlockInvocationContext *
Context not available.
return BV; return BV;
} }
static DeclVec *LazyInitializeDeclaredVars(const Stmt *Scope, void *&Vec,
llvm::BumpPtrAllocator &A) {
if (Vec)
return (DeclVec*) Vec;
BumpVectorContext BC(A);
DeclVec *Declared = (DeclVec*) A.Allocate<DeclVec>();
new (Declared) DeclVec(BC, 10);
if (const IfStmt *IfS = dyn_cast<IfStmt>(Scope)) {
if (const VarDecl *VD = IfS->getConditionVariable())
Declared->push_back(VD, BC);
} else if (const WhileStmt *WS = dyn_cast<WhileStmt>(Scope)) {
if (const VarDecl *VD = WS->getConditionVariable())
Declared->push_back(VD, BC);
} else if (const SwitchStmt *SS = dyn_cast<SwitchStmt>(Scope)) {
if (const VarDecl *VD = SS->getConditionVariable())
Declared->push_back(VD, BC);
} else if (const ForStmt *FS = dyn_cast<ForStmt>(Scope)) {
if (const VarDecl *VD = FS->getConditionVariable())
Declared->push_back(VD, BC);
} else if (const CXXForRangeStmt *CFR = dyn_cast<CXXForRangeStmt>(Scope)) {
if (const VarDecl *VD = CFR->getLoopVariable())
Declared->push_back(VD, BC);
} else if (const CXXCatchStmt *CS = dyn_cast<CXXCatchStmt>(Scope)) {
if (const VarDecl *VD = CS->getExceptionDecl())
Declared->push_back(VD, BC);
} else {
for (const Stmt *Child : Scope->children())
if (const DeclStmt *DS = dyn_cast<DeclStmt>(Child))
for (DeclStmt::const_decl_iterator I = DS->decl_begin(),
E = DS->decl_end(); I != E; ++I)
if (const VarDecl *VD = dyn_cast<VarDecl>(*I))
Declared->push_back(VD, BC);
}
Vec = Declared;
return Declared;
}
std::pair<AnalysisDeclContext::referenced_decls_iterator, std::pair<AnalysisDeclContext::referenced_decls_iterator,
AnalysisDeclContext::referenced_decls_iterator> AnalysisDeclContext::referenced_decls_iterator>
AnalysisDeclContext::getReferencedBlockVars(const BlockDecl *BD) { AnalysisDeclContext::getReferencedBlockVars(const BlockDecl *BD) {
Context not available.
return std::make_pair(V->begin(), V->end()); return std::make_pair(V->begin(), V->end());
} }
std::pair<AnalysisDeclContext::referenced_decls_iterator,
AnalysisDeclContext::referenced_decls_iterator>
AnalysisDeclContext::getDeclaredVars(const Stmt *Scope) {
if (!DeclaredVars)
DeclaredVars = new llvm::DenseMap<const Stmt *, void *>();
DeclVec *V = LazyInitializeDeclaredVars(Scope, (*DeclaredVars)[Scope], A);
return std::make_pair(V->begin(), V->end());
}
ManagedAnalysis *&AnalysisDeclContext::getAnalysisImpl(const void *tag) { ManagedAnalysis *&AnalysisDeclContext::getAnalysisImpl(const void *tag) {
if (!ManagedAnalyses) if (!ManagedAnalyses)
ManagedAnalyses = new ManagedAnalysisMap(); ManagedAnalyses = new ManagedAnalysisMap();
Context not available.

lib/StaticAnalyzer/Checkers/CheckerDocumentation.cpp

Context not available.
check::Location, check::Location,
check::Bind, check::Bind,
check::DeadSymbols, check::DeadSymbols,
check::ScopeEnter,
check::ScopeExit,
check::EndFunction, check::EndFunction,
check::EndAnalysis, check::EndAnalysis,
check::EndOfTranslationUnit, check::EndOfTranslationUnit,
Context not available.
/// check::DeadSymbols /// check::DeadSymbols
void checkDeadSymbols(SymbolReaper &SR, CheckerContext &C) const {} void checkDeadSymbols(SymbolReaper &SR, CheckerContext &C) const {}
/// \brief Called when a scope is being entered.
///
/// This callback may be used by the checkers to determine variables that
/// become alive in some scope and perform necessary actions.
///
/// check::ScopeEnter
void checkScopeEnter(CheckerContext &C) const {}
/// \brief Called when a scope is being leaved.
///
/// This callback may be used by the checkers to determine variables whose
/// lifetime ends.
///
/// check::ScopeExit
void checkScopeExit(CheckerContext &C) const {}
/// \brief Called when the analyzer core reaches the end of a /// \brief Called when the analyzer core reaches the end of a
/// function being analyzed. /// function being analyzed.
/// ///
Context not available.

lib/StaticAnalyzer/Checkers/MacOSXAPIChecker.cpp

Context not available.
os << " stack allocated memory"; os << " stack allocated memory";
os << " for the predicate value. Using such transient memory for " os << " for the predicate value. Using such transient memory for "
"the predicate is potentially dangerous."; "the predicate is potentially dangerous.";
if (isa<VarRegion>(R) && isa<StackLocalsSpaceRegion>(R->getMemorySpace())) if (isa<VarRegion>(R) && (isa<StackLocalsSpaceRegion>(R->getMemorySpace()) ||
isa<ScopeLocalSpaceRegion>(R->getMemorySpace())))
os << " Perhaps you intended to declare the variable as 'static'?"; os << " Perhaps you intended to declare the variable as 'static'?";
BugReport *report = new BugReport(*BT_dispatchOnce, os.str(), N); BugReport *report = new BugReport(*BT_dispatchOnce, os.str(), N);
Context not available.

lib/StaticAnalyzer/Checkers/MallocChecker.cpp

Context not available.
return true; return true;
} }
if (isa<ScopeLocalSpaceRegion>(MS)) {
const VarRegion *VR = dyn_cast<VarRegion>(MR);
const VarDecl *VD;
if (VR)
VD = VR->getDecl();
else
VD = NULL;
if (VD)
os << "the address of the scope-local variable '" << VD->getName()
<< "'";
else
os << "the address of a scope-local variable";
return true;
}
if (isa<StackArgumentsSpaceRegion>(MS)) { if (isa<StackArgumentsSpaceRegion>(MS)) {
const VarRegion *VR = dyn_cast<VarRegion>(MR); const VarRegion *VR = dyn_cast<VarRegion>(MR);
const VarDecl *VD; const VarDecl *VD;
Context not available.

lib/StaticAnalyzer/Checkers/UnixAPIChecker.cpp

Context not available.
os << " stack allocated memory"; os << " stack allocated memory";
os << " for the \"control\" value. Using such transient memory for " os << " for the \"control\" value. Using such transient memory for "
"the control value is potentially dangerous."; "the control value is potentially dangerous.";
if (isa<VarRegion>(R) && isa<StackLocalsSpaceRegion>(R->getMemorySpace())) if (isa<VarRegion>(R) && (isa<StackLocalsSpaceRegion>(R->getMemorySpace()) ||
isa<ScopeLocalSpaceRegion>(R->getMemorySpace())))
os << " Perhaps you intended to declare the variable as 'static'?"; os << " Perhaps you intended to declare the variable as 'static'?";
LazyInitialize(BT_pthreadOnce, "Improper use of 'pthread_once'"); LazyInitialize(BT_pthreadOnce, "Improper use of 'pthread_once'");
Context not available.

lib/StaticAnalyzer/Core/BugReporterVisitors.cpp

Context not available.
const MemSpaceRegion *VarSpace = VR->getMemorySpace(); const MemSpaceRegion *VarSpace = VR->getMemorySpace();
const StackSpaceRegion *FrameSpace = dyn_cast<StackSpaceRegion>(VarSpace); const StackSpaceRegion *FrameSpace = dyn_cast<StackSpaceRegion>(VarSpace);
if (!FrameSpace) { const ScopeLocalSpaceRegion *ScopeSpace =
dyn_cast<ScopeLocalSpaceRegion>(VarSpace);
if (!FrameSpace && !ScopeSpace) {
// If we ever directly evaluate global DeclStmts, this assertion will be // If we ever directly evaluate global DeclStmts, this assertion will be
// invalid, but this still seems preferable to silently accepting an // invalid, but this still seems preferable to silently accepting an
// initialization that may be for a path-sensitive variable. // initialization that may be for a path-sensitive variable.
Context not available.
assert(VR->getDecl()->hasLocalStorage()); assert(VR->getDecl()->hasLocalStorage());
const LocationContext *LCtx = N->getLocationContext(); const LocationContext *LCtx = N->getLocationContext();
return FrameSpace->getStackFrame() == LCtx->getCurrentStackFrame(); return FrameSpace
? FrameSpace->getStackFrame() == LCtx->getCurrentStackFrame()
: ScopeSpace->getScopeContext() == LCtx;
} }
PathDiagnosticPiece *FindLastStoreBRVisitor::VisitNode(const ExplodedNode *Succ, PathDiagnosticPiece *FindLastStoreBRVisitor::VisitNode(const ExplodedNode *Succ,
Context not available.

lib/StaticAnalyzer/Core/CheckerManager.cpp

Context not available.
} }
namespace { namespace {
struct CheckScopeContext {
typedef std::vector<CheckerManager::CheckScopeFunc> CheckersTy;
bool IsEnter;
const CheckersTy &Checkers;
ProgramPoint PP;
ExprEngine &Eng;
CheckersTy::const_iterator checkers_begin() { return Checkers.begin(); }
CheckersTy::const_iterator checkers_end() { return Checkers.end(); }
CheckScopeContext(bool IsEnter, const CheckersTy &Checkers,
ProgramPoint PP, ExprEngine &Eng)
: IsEnter(IsEnter), Checkers(Checkers), PP(PP), Eng(Eng) {}
void runChecker(CheckerManager::CheckScopeFunc checkFn,
NodeBuilder &Bldr, ExplodedNode *Pred) {
CheckerContext C(Bldr, Eng, Pred, PP.withTag(checkFn.Checker));
checkFn(C);
}
};
}
/// \brief Run checkers for entering/leaving a scope.
void CheckerManager::runCheckersForScope(bool IsEnter,
ExplodedNodeSet &Dst,
const ExplodedNodeSet &Src,
ProgramPoint PP,
ExprEngine &Eng) {
CheckScopeContext C(IsEnter,
IsEnter ? ScopeEnterCheckers : ScopeExitCheckers,
PP, Eng);
expandGraphWithCheckers(C, Dst, Src);
}
namespace {
struct CheckLocationContext { struct CheckLocationContext {
typedef std::vector<CheckerManager::CheckLocationFunc> CheckersTy; typedef std::vector<CheckerManager::CheckLocationFunc> CheckersTy;
const CheckersTy &Checkers; const CheckersTy &Checkers;
Context not available.
PostCallCheckers.push_back(checkfn); PostCallCheckers.push_back(checkfn);
} }
void CheckerManager::_registerForScopeEnter(CheckScopeFunc checkfn) {
ScopeEnterCheckers.push_back(checkfn);
}
void CheckerManager::_registerForScopeExit(CheckScopeFunc checkfn) {
ScopeExitCheckers.push_back(checkfn);
}
void CheckerManager::_registerForLocation(CheckLocationFunc checkfn) { void CheckerManager::_registerForLocation(CheckLocationFunc checkfn) {
LocationCheckers.push_back(checkfn); LocationCheckers.push_back(checkfn);
} }
Context not available.

lib/StaticAnalyzer/Core/CoreEngine.cpp

Context not available.
assert(Loc.getAs<PostStmt>() || assert(Loc.getAs<PostStmt>() ||
Loc.getAs<PostInitializer>() || Loc.getAs<PostInitializer>() ||
Loc.getAs<PostImplicitCall>() || Loc.getAs<PostImplicitCall>() ||
Loc.getAs<CallExitEnd>()); Loc.getAs<CallExitEnd>() ||
Loc.getAs<ScopeEnter>() ||
Loc.getAs<ScopeExit>());
HandlePostStmt(WU.getBlock(), WU.getIndex(), Pred); HandlePostStmt(WU.getBlock(), WU.getIndex(), Pred);
break; break;
} }
Context not available.
// Do not create extra nodes. Move to the next CFG element. // Do not create extra nodes. Move to the next CFG element.
if (N->getLocation().getAs<PostInitializer>() || if (N->getLocation().getAs<PostInitializer>() ||
N->getLocation().getAs<PostImplicitCall>()) { N->getLocation().getAs<PostImplicitCall>() ||
N->getLocation().getAs<ScopeEnter>() ||
N->getLocation().getAs<ScopeExit>()) {
WList->enqueue(N, Block, Idx+1); WList->enqueue(N, Block, Idx+1);
return; return;
} }
Context not available.

lib/StaticAnalyzer/Core/Environment.cpp

Context not available.
} }
EnvironmentEntry::EnvironmentEntry(const Stmt *S, const LocationContext *L) EnvironmentEntry::EnvironmentEntry(const Stmt *S, const LocationContext *L)
: std::pair<const Stmt *, : std::pair<const Stmt *, const LocationContext *>(
const StackFrameContext *>(ignoreTransparentExprs(S), ignoreTransparentExprs(S), L) {}
L ? L->getCurrentStackFrame() : 0) {}
SVal Environment::lookupExpr(const EnvironmentEntry &E) const { SVal Environment::lookupExpr(const EnvironmentEntry &E) const {
const SVal* X = ExprBindings.lookup(E); const SVal* X = ExprBindings.lookup(E);
Context not available.

lib/StaticAnalyzer/Core/ExprEngine.cpp

Context not available.
case CFGElement::Initializer: case CFGElement::Initializer:
ProcessInitializer(E.castAs<CFGInitializer>().getInitializer(), Pred); ProcessInitializer(E.castAs<CFGInitializer>().getInitializer(), Pred);
return; return;
case CFGElement::ScopeBegin:
ProcessScopeEnter(E.castAs<CFGScopeBegin>(), Pred);
return;
case CFGElement::ScopeEnd:
ProcessScopeExit(E.castAs<CFGScopeEnd>(), Pred);
return;
case CFGElement::AutomaticObjectDtor: case CFGElement::AutomaticObjectDtor:
case CFGElement::DeleteDtor: case CFGElement::DeleteDtor:
case CFGElement::BaseDtor: case CFGElement::BaseDtor:
Context not available.
} }
const StackFrameContext *SFC = LC ? LC->getCurrentStackFrame() : 0; const StackFrameContext *SFC = LC ? LC->getCurrentStackFrame() : 0;
SymbolReaper SymReaper(SFC, ReferenceStmt, SymMgr, getStoreManager()); SymbolReaper SymReaper(LC, ReferenceStmt, SymMgr, getStoreManager());
getCheckerManager().runCheckersForLiveSymbols(CleanedState, SymReaper); getCheckerManager().runCheckersForLiveSymbols(CleanedState, SymReaper);
Context not available.
Engine.enqueue(Dst, currBldrCtx->getBlock(), currStmtIdx); Engine.enqueue(Dst, currBldrCtx->getBlock(), currStmtIdx);
} }
void ExprEngine::ProcessScopeEnter(const CFGScopeBegin SC, ExplodedNode *Pred) {
const Stmt *TriggerStmt = SC.getTriggerStmt();
PrettyStackTraceLoc CrashInfo(getContext().getSourceManager(),
TriggerStmt->getLocStart(),
"Error evaluating scope enter");
const LocationContext *ParentCtx = Pred->getLocationContext();
// We don't clean up dead bindings here.
const StackFrameContext *StackFrame = ParentCtx->getCurrentStackFrame();
// Construct a new scope frame for the statement.
AnalysisDeclContext *ADC = AMgr.getAnalysisDeclContext(StackFrame->getDecl());
const ScopeContext *ScopeCtx = ADC->getScope(ParentCtx, TriggerStmt,
currBldrCtx->blockCount());
ScopeEnter Enter(TriggerStmt, ScopeCtx, ParentCtx);
ExplodedNodeSet Src(Pred);
ExplodedNodeSet Tmp, Dst;
getCheckerManager().runCheckersForScopeEnter(Tmp, Src, Enter, *this);
if (Tmp.empty())
Tmp.Add(Pred);
NodeBuilder Bldr(Tmp, Dst, *currBldrCtx);
for (auto *Node : Tmp)
Bldr.generateNode(Enter, Node->getState(), Node);
// Enqueue the new nodes onto the work list.
Engine.enqueue(Dst, currBldrCtx->getBlock(), currStmtIdx);
}
void ExprEngine::ProcessScopeExit(const CFGScopeEnd SE, ExplodedNode *Pred) {
const Stmt *TriggerStmt = SE.getTriggerStmt();
PrettyStackTraceLoc CrashInfo(getContext().getSourceManager(),
TriggerStmt->getLocEnd(),
"Error evaluating scope exit");
// Construct a new scope frame for the statement.
const ScopeContext *ScopeCtx = cast<ScopeContext>(Pred->getLocationContext());
const LocationContext *TargetCtx = isa<ReturnStmt>(SE.getTriggerStmt())
? ScopeCtx->getCurrentStackFrame()
: ScopeCtx->getParent();
ScopeExit Exit(TriggerStmt, ScopeCtx, TargetCtx);
ExplodedNodeSet Src(Pred);
ExplodedNodeSet Tmp, Dst;
getCheckerManager().runCheckersForScopeExit(Tmp, Src, Exit, *this);
if (Tmp.empty())
Tmp.Add(Pred);
NodeBuilder Bldr(Tmp, Dst, *currBldrCtx);
for (auto *Node : Tmp)
Bldr.generateNode(Exit, Node->getState(), Node);
// Enqueue the new nodes onto the work list.
Engine.enqueue(Dst, currBldrCtx->getBlock(), currStmtIdx);
}
void ExprEngine::ProcessImplicitDtor(const CFGImplicitDtor D, void ExprEngine::ProcessImplicitDtor(const CFGImplicitDtor D,
ExplodedNode *Pred) { ExplodedNode *Pred) {
ExplodedNodeSet Dst; ExplodedNodeSet Dst;
Context not available.
break; break;
} }
case ProgramPoint::ScopeEnterKind: {
const Stmt *Trigger = Loc.castAs<ScopeEnter>().getTriggerStmt();
Out <<"ScopeEnter: " << Trigger->getStmtClassName() << ' ' <<
(const void *)Trigger;
break;
}
case ProgramPoint::ScopeExitKind: {
const Stmt *Trigger = Loc.castAs<ScopeExit>().getTriggerStmt();
Out <<"ScopeExit: " << Trigger->getStmtClassName() << ' ' <<
(const void *)Trigger;
break;
}
default: { default: {
const Stmt *S = Loc.castAs<StmtPoint>().getStmt(); const Stmt *S = Loc.castAs<StmtPoint>().getStmt();
Context not available.

lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp

Context not available.
PrettyStackTraceLocationContext CrashInfo(CEBNode->getLocationContext()); PrettyStackTraceLocationContext CrashInfo(CEBNode->getLocationContext());
const StackFrameContext *calleeCtx = const StackFrameContext *calleeCtx =
CEBNode->getLocationContext()->getCurrentStackFrame(); CEBNode->getLocationContext()->getCurrentStackFrame();
// The parent context might not be a stack frame, so make sure we const LocationContext *CallerCtx = calleeCtx->getParent();
// look up the first enclosing stack frame. if (isa<BlockInvocationContext>(CallerCtx))
const StackFrameContext *callerCtx = CallerCtx = CallerCtx->getParent();
calleeCtx->getParent()->getCurrentStackFrame();
const Stmt *CE = calleeCtx->getCallSite(); const Stmt *CE = calleeCtx->getCallSite();
ProgramStateRef state = CEBNode->getState(); ProgramStateRef state = CEBNode->getState();
// Find the last statement in the function and the corresponding basic block. // Find the last statement in the function and the corresponding basic block.
Context not available.
} }
} }
state = state->BindExpr(CE, callerCtx, V); state = state->BindExpr(CE, CallerCtx, V);
} }
// Bind the constructed object value to CXXConstructExpr. // Bind the constructed object value to CXXConstructExpr.
Context not available.
if (isTemporaryPRValue(CCE, ThisV)) if (isTemporaryPRValue(CCE, ThisV))
ThisV = state->getSVal(ThisV.castAs<Loc>()); ThisV = state->getSVal(ThisV.castAs<Loc>());
state = state->BindExpr(CCE, callerCtx, ThisV); state = state->BindExpr(CCE, CallerCtx, ThisV);
} }
} }
Context not available.
// Step 4: Generate the CallExit and leave the callee's context. // Step 4: Generate the CallExit and leave the callee's context.
// CleanedNodes -> CEENode // CleanedNodes -> CEENode
CallExitEnd Loc(calleeCtx, callerCtx); CallExitEnd Loc(calleeCtx, CallerCtx);
bool isNew; bool isNew;
ProgramStateRef CEEState = (*I == CEBNode) ? state : (*I)->getState(); ProgramStateRef CEEState = (*I == CEBNode) ? state : (*I)->getState();
ExplodedNode *CEENode = G.getNode(Loc, CEEState, false, &isNew); ExplodedNode *CEENode = G.getNode(Loc, CEEState, false, &isNew);
Context not available.
assert(D); assert(D);
const LocationContext *CurLC = Pred->getLocationContext(); const LocationContext *CurLC = Pred->getLocationContext();
const StackFrameContext *CallerSFC = CurLC->getCurrentStackFrame(); const LocationContext *ParentOfCallee = CurLC;
const LocationContext *ParentOfCallee = CallerSFC;
if (Call.getKind() == CE_Block) { if (Call.getKind() == CE_Block) {
const BlockDataRegion *BR = cast<BlockCall>(Call).getBlockRegion(); const BlockDataRegion *BR = cast<BlockCall>(Call).getBlockRegion();
assert(BR && "If we have the block definition we should have its region"); assert(BR && "If we have the block definition we should have its region");
AnalysisDeclContext *BlockCtx = AMgr.getAnalysisDeclContext(D); AnalysisDeclContext *BlockCtx = AMgr.getAnalysisDeclContext(D);
ParentOfCallee = BlockCtx->getBlockInvocationContext(CallerSFC, ParentOfCallee = BlockCtx->getBlockInvocationContext(CurLC,
cast<BlockDecl>(D), cast<BlockDecl>(D),
BR); BR);
} }
Context not available.

lib/StaticAnalyzer/Core/MemRegion.cpp

Context not available.
} }
const StackFrameContext *VarRegion::getStackFrame() const { const StackFrameContext *VarRegion::getStackFrame() const {
const StackSpaceRegion *SSR = dyn_cast<StackSpaceRegion>(getMemorySpace()); const MemSpaceRegion *Space = getMemorySpace();
return SSR ? SSR->getStackFrame() : NULL; if (const StackSpaceRegion *StackSpace = dyn_cast<StackSpaceRegion>(Space))
return StackSpace->getStackFrame();
else if (const ScopeLocalSpaceRegion *ScopeSpace =
dyn_cast<ScopeLocalSpaceRegion>(Space))
return ScopeSpace->getScopeContext()->getCurrentStackFrame();
return nullptr;
} }
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
Context not available.
ID.AddPointer(getCodeRegion()); ID.AddPointer(getCodeRegion());
} }
void ScopeLocalSpaceRegion::Profile(llvm::FoldingSetNodeID &ID) const {
ID.AddPointer(ScopeCtx);
}
void StringRegion::ProfileRegion(llvm::FoldingSetNodeID& ID, void StringRegion::ProfileRegion(llvm::FoldingSetNodeID& ID,
const StringLiteral* Str, const StringLiteral* Str,
const MemRegion* superRegion) { const MemRegion* superRegion) {
Context not available.
void GlobalsSpaceRegion::anchor() { } void GlobalsSpaceRegion::anchor() { }
void HeapSpaceRegion::anchor() { } void HeapSpaceRegion::anchor() { }
void UnknownSpaceRegion::anchor() { } void UnknownSpaceRegion::anchor() { }
void ScopeLocalSpaceRegion::anchor() { }
void StackLocalsSpaceRegion::anchor() { } void StackLocalsSpaceRegion::anchor() { }
void StackArgumentsSpaceRegion::anchor() { } void StackArgumentsSpaceRegion::anchor() { }
void TypedRegion::anchor() { } void TypedRegion::anchor() { }
Context not available.
os << "StackLocalsSpaceRegion"; os << "StackLocalsSpaceRegion";
} }
void ScopeLocalSpaceRegion::dumpToStream(raw_ostream &OS) const {
OS << "ScopeLocalSpaceRegion";
}
bool MemRegion::canPrintPretty() const { bool MemRegion::canPrintPretty() const {
return canPrintPrettyAsExpr(); return canPrintPrettyAsExpr();
} }
Context not available.
return R; return R;
} }
const ScopeLocalSpaceRegion *
MemRegionManager::getScopeLocalSpaceRegion(const ScopeContext *ScopeCtx) {
assert(ScopeCtx);
ScopeLocalSpaceRegion *&R = ScopeLocalSpaceRegions[ScopeCtx];
if (R)
return R;
R = A.Allocate<ScopeLocalSpaceRegion>();
new (R) ScopeLocalSpaceRegion(this, ScopeCtx);
return R;
}
const GlobalsSpaceRegion const GlobalsSpaceRegion
*MemRegionManager::getGlobalsRegion(MemRegion::Kind K, *MemRegionManager::getGlobalsRegion(MemRegion::Kind K,
const CodeTextRegion *CR) { const CodeTextRegion *CR) {
Context not available.
} }
/// Look through a chain of LocationContexts to either find the /// Look through a chain of LocationContexts to either find the
/// StackFrameContext that matches a DeclContext, or find a VarRegion /// StackFrameContext that matches a DeclContext,
/// for a variable captured by a block. /// or a ScopeContext where a variable was declared,
static llvm::PointerUnion<const StackFrameContext *, const VarRegion *> /// or find a VarRegion for a variable captured by a block.
getStackOrCaptureRegionForDeclContext(const LocationContext *LC, llvm::PointerUnion<const StackFrameContext *, const VarRegion *>
const DeclContext *DC, MemRegionManager::getStackOrCaptureRegionForDeclContext(
const VarDecl *VD) { const LocationContext *LC, const DeclContext *DC, const VarDecl *VD) {
while (LC) { while (LC) {
if (const StackFrameContext *SFC = dyn_cast<StackFrameContext>(LC)) { if (const StackFrameContext *SFC = dyn_cast<StackFrameContext>(LC)) {
if (cast<DeclContext>(SFC->getDecl()) == DC) if (cast<DeclContext>(SFC->getDecl()) == DC)
Context not available.
return cast<VarRegion>(I.getCapturedRegion()); return cast<VarRegion>(I.getCapturedRegion());
} }
} }
if (const ScopeContext *ScopeCtx = dyn_cast<ScopeContext>(LC)) {
const ScopeLocalSpaceRegion *Space = getScopeLocalSpaceRegion(ScopeCtx);
for (auto I = Space->declared_vars_begin(),
E = Space->declared_vars_end(); I != E; ++I) {
if (I->getDecl() == VD)
return *I;
}
}
LC = LC->getParent(); LC = LC->getParent();
} }
Context not available.
// Finally handle static locals. // Finally handle static locals.
} else { } else {
// FIXME: Once we implement scope handling, we will need to properly lookup
// 'D' to the proper LocationContext.
const DeclContext *DC = D->getDeclContext(); const DeclContext *DC = D->getDeclContext();
llvm::PointerUnion<const StackFrameContext *, const VarRegion *> V = llvm::PointerUnion<const StackFrameContext *, const VarRegion *> V =
getStackOrCaptureRegionForDeclContext(LC, DC, D); getStackOrCaptureRegionForDeclContext(LC, DC, D);
if (V.is<const VarRegion*>()) if (V.is<const VarRegion*>())
return V.get<const VarRegion*>(); return V.get<const VarRegion*>();
const StackFrameContext *STC = V.get<const StackFrameContext*>(); const StackFrameContext *STC = V.get<const StackFrameContext *>();
if (!STC) if (!STC)
sReg = getUnknownRegion(); sReg = getUnknownRegion();
Context not available.
if (D->hasLocalStorage()) { if (D->hasLocalStorage()) {
sReg = isa<ParmVarDecl>(D) || isa<ImplicitParamDecl>(D) sReg = isa<ParmVarDecl>(D) || isa<ImplicitParamDecl>(D)
? static_cast<const MemRegion*>(getStackArgumentsRegion(STC)) ? static_cast<const MemRegion*>(getStackArgumentsRegion(STC))
// TODO: assert if 'cfg-scope-info=true'.
: static_cast<const MemRegion*>(getStackLocalsRegion(STC)); : static_cast<const MemRegion*>(getStackLocalsRegion(STC));
}
else { } else {
assert(D->isStaticLocal()); assert(D->isStaticLocal());
const Decl *STCD = STC->getDecl(); const Decl *STCD = STC->getDecl();
if (isa<FunctionDecl>(STCD) || isa<ObjCMethodDecl>(STCD)) if (isa<FunctionDecl>(STCD) || isa<ObjCMethodDecl>(STCD))
Context not available.
STC->getAnalysisDeclContext()); STC->getAnalysisDeclContext());
sReg = getGlobalsRegion(MemRegion::StaticGlobalSpaceRegionKind, sReg = getGlobalsRegion(MemRegion::StaticGlobalSpaceRegionKind,
BTR); BTR);
}
else { } else {
sReg = getGlobalsRegion(); sReg = getGlobalsRegion();
} }
} }
Context not available.
} }
bool MemRegion::hasStackStorage() const { bool MemRegion::hasStackStorage() const {
return isa<StackSpaceRegion>(getMemorySpace()); const MemSpaceRegion *MS = getMemorySpace();
return isa<StackSpaceRegion>(MS) || isa<ScopeLocalSpaceRegion>(MS);
} }
bool MemRegion::hasStackNonParametersStorage() const { bool MemRegion::hasStackNonParametersStorage() const {
return isa<StackLocalsSpaceRegion>(getMemorySpace()); const MemSpaceRegion *MS = getMemorySpace();
return isa<ScopeLocalSpaceRegion>(MS) || isa<StackLocalsSpaceRegion>(MS);
} }
bool MemRegion::hasStackParametersStorage() const { bool MemRegion::hasStackParametersStorage() const {
Context not available.
case HeapSpaceRegionKind: case HeapSpaceRegionKind:
case UnknownSpaceRegionKind: case UnknownSpaceRegionKind:
case StaticGlobalSpaceRegionKind: case StaticGlobalSpaceRegionKind:
case ScopeLocalSpaceRegionKind:
case GlobalInternalSpaceRegionKind: case GlobalInternalSpaceRegionKind:
case GlobalSystemSpaceRegionKind: case GlobalSystemSpaceRegionKind:
case GlobalImmutableSpaceRegionKind: case GlobalImmutableSpaceRegionKind:
Context not available.
} }
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// ScopeLocalRegionSpace
//===----------------------------------------------------------------------===//
const VarRegion *ScopeLocalSpaceRegion::getScopedRegion(const VarDecl *VD) {
MemRegionManager &MemMgr = *getMemRegionManager();
return VD->hasLocalStorage() ? MemMgr.getVarRegion(VD, this)
: MemMgr.getVarRegion(VD, ScopeCtx);
}
void ScopeLocalSpaceRegion::LazyInitializeDeclaredVars() {
if (DeclaredVars)
return;
AnalysisDeclContext *ADC = ScopeCtx->getAnalysisDeclContext();
AnalysisDeclContext::declared_vars_iterator I, E;
llvm::tie(I, E) = ADC->getDeclaredVars(ScopeCtx->getTriggerStmt());
if (I == E) {
DeclaredVars = (void *)0x1;
return;
}
MemRegionManager &MemMgr = *getMemRegionManager();
llvm::BumpPtrAllocator &A = MemMgr.getAllocator();
BumpVectorContext BC(A);
typedef BumpVector<const MemRegion*> VarVec;
VarVec *BV = (VarVec*) A.Allocate<VarVec>();
new (BV) VarVec(BC, E - I);
VarVec *BVOriginal = (VarVec*) A.Allocate<VarVec>();
new (BVOriginal) VarVec(BC, E - I);
for ( ; I != E; ++I) {
const VarRegion *VR = getScopedRegion(*I);
assert(VR);
BV->push_back(VR, BC);
}
DeclaredVars = BV;
}
ScopeLocalSpaceRegion::declared_vars_iterator
ScopeLocalSpaceRegion::declared_vars_begin() const {
const_cast<ScopeLocalSpaceRegion*>(this)->LazyInitializeDeclaredVars();
BumpVector<const MemRegion *> *Vec =
static_cast<BumpVector<const MemRegion *> *>(DeclaredVars);
return declared_vars_iterator(Vec == (void *)0x1 ? nullptr : Vec->begin());
}
ScopeLocalSpaceRegion::declared_vars_iterator
ScopeLocalSpaceRegion::declared_vars_end() const {
const_cast<ScopeLocalSpaceRegion*>(this)->LazyInitializeDeclaredVars();
BumpVector<const MemRegion *> *Vec =
static_cast<BumpVector<const MemRegion *> *>(DeclaredVars);
return declared_vars_iterator(Vec == (void *)0x1 ? nullptr : Vec->end());
}
//===----------------------------------------------------------------------===//
// RegionAndSymbolInvalidationTraits // RegionAndSymbolInvalidationTraits
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
Context not available.

lib/StaticAnalyzer/Core/PathDiagnostic.cpp

Context not available.
return PathDiagnosticLocation(Init.getInitializer()->getInit(), return PathDiagnosticLocation(Init.getInitializer()->getInit(),
SM, CallerCtx); SM, CallerCtx);
} }
case CFGElement::ScopeBegin: {
const Stmt *TriggerStmt = Source.castAs<CFGScopeBegin>().getTriggerStmt();
return PathDiagnosticLocation(TriggerStmt, SM, CallerCtx);
}
case CFGElement::ScopeEnd: {
const Stmt *TriggerStmt = Source.castAs<CFGScopeEnd>().getTriggerStmt();
return PathDiagnosticLocation::createEnd(TriggerStmt, SM, CallerCtx);
}
case CFGElement::AutomaticObjectDtor: { case CFGElement::AutomaticObjectDtor: {
const CFGAutomaticObjDtor &Dtor = Source.castAs<CFGAutomaticObjDtor>(); const CFGAutomaticObjDtor &Dtor = Source.castAs<CFGAutomaticObjDtor>();
return PathDiagnosticLocation::createEnd(Dtor.getTriggerStmt(), return PathDiagnosticLocation::createEnd(Dtor.getTriggerStmt(),
Context not available.
return CEE->getCalleeContext()->getCallSite(); return CEE->getCalleeContext()->getCallSite();
if (Optional<PostInitializer> PIPP = P.getAs<PostInitializer>()) if (Optional<PostInitializer> PIPP = P.getAs<PostInitializer>())
return PIPP->getInitializer()->getInit(); return PIPP->getInitializer()->getInit();
if (Optional<ScopeExit> SE = P.getAs<ScopeExit>())
return SE->getTriggerStmt();
if (Optional<ScopeEnter> SEnt = P.getAs<ScopeEnter>())
return SEnt->getTriggerStmt();
return 0; return 0;
} }
Context not available.
if (const BinaryOperator *B = dyn_cast<BinaryOperator>(S)) if (const BinaryOperator *B = dyn_cast<BinaryOperator>(S))
return PathDiagnosticLocation::createOperatorLoc(B, SM); return PathDiagnosticLocation::createOperatorLoc(B, SM);
if (P.getAs<PostStmtPurgeDeadSymbols>()) if (P.getAs<PostStmtPurgeDeadSymbols>() || P.getAs<ScopeExit>())
return PathDiagnosticLocation::createEnd(S, SM, LC); return PathDiagnosticLocation::createEnd(S, SM, LC);
if (S->getLocStart().isValid()) if (S->getLocStart().isValid())
Context not available.

lib/StaticAnalyzer/Core/Store.cpp

Context not available.
case MemRegion::HeapSpaceRegionKind: case MemRegion::HeapSpaceRegionKind:
case MemRegion::UnknownSpaceRegionKind: case MemRegion::UnknownSpaceRegionKind:
case MemRegion::StaticGlobalSpaceRegionKind: case MemRegion::StaticGlobalSpaceRegionKind:
case MemRegion::ScopeLocalSpaceRegionKind:
case MemRegion::GlobalInternalSpaceRegionKind: case MemRegion::GlobalInternalSpaceRegionKind:
case MemRegion::GlobalSystemSpaceRegionKind: case MemRegion::GlobalSystemSpaceRegionKind:
case MemRegion::GlobalImmutableSpaceRegionKind: { case MemRegion::GlobalImmutableSpaceRegionKind: {
Context not available.

test/Analysis/scope-context.cpp

  • This file was added.
// RUN: clang_cc1 -analyze -analyzer-checker=core,debug.ExprInspection -analyzer-store=region -verify -analyzer-config cfg-scope-info=true %s
void clang_analyzer_eval(bool);
void testEq() {
void *a[2];
for (int i = 0; i < 2; ++i) {
int x[1];
a[i] = &x[0];
}
clang_analyzer_eval(a[0] == a[1]); // expected-warning{{FALSE}}
}
void testBreak() {
for (int i = 0; i < 3; ++i) {
{
int unused;
break;
}
}
{
int unused;
}
}