[clang] [clang][analyzer] Add C standard streams to the internal memory space (PR #147766)

[Donát Nagy via cfe-commits]

================
@@ -1054,10 +1054,26 @@ const VarRegion *MemRegionManager::getVarRegion(const VarDecl *D,
     assert(!Ty.isNull());
     if (Ty.isConstQualified()) {
       sReg = getGlobalsRegion(MemRegion::GlobalImmutableSpaceRegionKind);
-    } else if (Ctx.getSourceManager().isInSystemHeader(D->getLocation())) {
-      sReg = getGlobalsRegion(MemRegion::GlobalSystemSpaceRegionKind);
     } else {
-      sReg = getGlobalsRegion(MemRegion::GlobalInternalSpaceRegionKind);
+      StringRef N = D->getNameAsString();
+      QualType FILETy = D->getASTContext().getFILEType();
+      if (!FILETy.isNull())
+        FILETy = FILETy.getCanonicalType();
+      Ty = Ty.getCanonicalType();
+      bool IsStdStreamVar = Ty->isPointerType() &&
+                            Ty->getPointeeType() == FILETy &&
+                            (N == "stdin" || N == "stdout" || N == "stderr");
+      // Pointer value of C standard streams is usually not modified by calls
+      // to functions declared in system headers. This means that they should
+      // not get invalidated by calls to functions declared in system headers,
+      // so they are placed in the global internal space, which is not
+      // invalidated by calls to functions declared in system headers.
+      if (Ctx.getSourceManager().isInSystemHeader(D->getLocation()) &&
+          !IsStdStreamVar) {
+        sReg = getGlobalsRegion(MemRegion::GlobalSystemSpaceRegionKind);
+      } else {
+        sReg = getGlobalsRegion(MemRegion::GlobalInternalSpaceRegionKind);
+      }
----------------
NagyDonat wrote:

> So, if I understand this code correctly, we want to bless std streams to not get invalidated even on calls to fns of system headers, right?

Almost correct, but the "even" is not warranted.
- Conservative evaluation of functions of system headers invalidates `GlobalSystemSpace` (public global variables that might have connections to some public functions) but does not invalidate `GlobalInternalSpace` (which includes all the globals declared in user code + according to this PR would include the std streams).
- Conservative evaluation of other functions (not declared in system headers) invalidates _all globals_: both  `GlobalSystemSpace` and `GlobalInternalSpace`.

https://github.com/llvm/llvm-project/pull/147766