diff options
| author | Zhongxing Xu <xuzhongxing@gmail.com> | 2009-07-06 06:01:24 +0000 |
|---|---|---|
| committer | Zhongxing Xu <xuzhongxing@gmail.com> | 2009-07-06 06:01:24 +0000 |
| commit | 313b6dab9efcce465b68da0fed7bf422b6e5c375 (patch) | |
| tree | 2dcc7e1a73b0fe9ab18fc049a1922319f9c8e785 /lib/Analysis/CFRefCount.cpp | |
| parent | 9852b5bf94d4934de63da6356c651c61e81f58d9 (diff) | |
Further cleanup of region invalidation code. No functionality change.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@74816 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'lib/Analysis/CFRefCount.cpp')
| -rw-r--r-- | lib/Analysis/CFRefCount.cpp | 86 |
1 files changed, 39 insertions, 47 deletions
diff --git a/lib/Analysis/CFRefCount.cpp b/lib/Analysis/CFRefCount.cpp index a96281a5e9..c8919c38cb 100644 --- a/lib/Analysis/CFRefCount.cpp +++ b/lib/Analysis/CFRefCount.cpp @@ -2757,10 +2757,7 @@ void CFRefCount::EvalSummary(ExplodedNodeSet<GRState>& Dst, ExplodedNode<GRState>* Pred) { // Get the state. - GRStateManager& StateMgr = Eng.getStateManager(); const GRState *state = Builder.GetState(Pred); - ASTContext& Ctx = StateMgr.getContext(); - ValueManager &ValMgr = Eng.getValueManager(); // Evaluate the effect of the arguments. RefVal::Kind hasErr = (RefVal::Kind) 0; @@ -2796,59 +2793,54 @@ void CFRefCount::EvalSummary(ExplodedNodeSet<GRState>& Dst, // expression (the context) and the expression itself. This should // disambiguate conjured symbols. unsigned Count = Builder.getCurrentBlockCount(); - const TypedRegion* R = dyn_cast<TypedRegion>(MR->getRegion()); - StoreManager& StoreMgr = - Eng.getStateManager().getStoreManager(); - if (R) { - // Are we dealing with an ElementRegion? If the element type is - // a basic integer type (e.g., char, int) and the underying region - // is a variable region then strip off the ElementRegion. - // FIXME: We really need to think about this for the general case - // as sometimes we are reasoning about arrays and other times - // about (char*), etc., is just a form of passing raw bytes. - // e.g., void *p = alloca(); foo((char*)p); - if (const ElementRegion *ER = dyn_cast<ElementRegion>(R)) { - // Checking for 'integral type' is probably too promiscuous, but - // we'll leave it in for now until we have a systematic way of - // handling all of these cases. Eventually we need to come up - // with an interface to StoreManager so that this logic can be - // approriately delegated to the respective StoreManagers while - // still allowing us to do checker-specific logic (e.g., - // invalidating reference counts), probably via callbacks. - if (ER->getElementType()->isIntegralType()) { - const MemRegion *superReg = ER->getSuperRegion(); - if (isa<VarRegion>(superReg) || isa<FieldRegion>(superReg) || - isa<ObjCIvarRegion>(superReg)) - R = cast<TypedRegion>(superReg); - } - - // FIXME: What about layers of ElementRegions? + StoreManager& StoreMgr = Eng.getStateManager().getStoreManager(); + + const MemRegion *R = MR->getRegion(); + // Are we dealing with an ElementRegion? If the element type is + // a basic integer type (e.g., char, int) and the underying region + // is a variable region then strip off the ElementRegion. + // FIXME: We really need to think about this for the general case + // as sometimes we are reasoning about arrays and other times + // about (char*), etc., is just a form of passing raw bytes. + // e.g., void *p = alloca(); foo((char*)p); + if (const ElementRegion *ER = dyn_cast<ElementRegion>(R)) { + // Checking for 'integral type' is probably too promiscuous, but + // we'll leave it in for now until we have a systematic way of + // handling all of these cases. Eventually we need to come up + // with an interface to StoreManager so that this logic can be + // approriately delegated to the respective StoreManagers while + // still allowing us to do checker-specific logic (e.g., + // invalidating reference counts), probably via callbacks. + if (ER->getElementType()->isIntegralType()) { + const MemRegion *superReg = ER->getSuperRegion(); + if (isa<VarRegion>(superReg) || isa<FieldRegion>(superReg) || + isa<ObjCIvarRegion>(superReg)) + R = cast<TypedRegion>(superReg); } - - // Is the invalidated variable something that we were tracking? - SymbolRef Sym = state->getSValAsScalarOrLoc(R).getAsLocSymbol(); - - // Remove any existing reference-count binding. - if (Sym) state = state->remove<RefBindings>(Sym); - - state = StoreMgr.InvalidateRegion(state, R, *I, Count); - } - else if (isa<AllocaRegion>(MR->getRegion())) { - // Invalidate the alloca region by setting its default value to - // conjured symbol. The type of the symbol is irrelavant. - SVal V = ValMgr.getConjuredSymbolVal(*I, Eng.getContext().IntTy, - Count); - state = StoreMgr.setDefaultValue(state, MR->getRegion(), V); + // FIXME: What about layers of ElementRegions? } - else - state = state->bindLoc(*MR, UnknownVal()); + + // Is the invalidated variable something that we were tracking? + SymbolRef Sym = state->getSValAsScalarOrLoc(R).getAsLocSymbol(); + + // Remove any existing reference-count binding. + if (Sym) + state = state->remove<RefBindings>(Sym); + + state = StoreMgr.InvalidateRegion(state, R, *I, Count); } else { // Nuke all other arguments passed by reference. + // FIXME: is this necessary or correct? unbind only removes the binding. + // We should bind it to UnknownVal explicitly. Otherwise default value + // may be loaded. state = state->unbindLoc(cast<Loc>(V)); } } else if (isa<nonloc::LocAsInteger>(V)) + // FIXME: is this necessary or correct? unbind only removes the binding. + // We should bind it to UnknownVal explicitly. Otherwise default value + // may be loaded. state = state->unbindLoc(cast<nonloc::LocAsInteger>(V).getLoc()); } |