[analyzer] Very simple ObjC instance method inlining

- Retrieves the type of the object/receiver from the state.
- Binds self during stack setup.
- Only explores the path on which the method is inlined (no
bifurcation to explore the path on which the method is not inlined).

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160991 91177308-0d34-0410-b5e6-96231b3b80d8

3 files changed, 41 insertions, 25 deletions

diff --git a/lib/StaticAnalyzer/Core/CallEvent.cpp b/lib/StaticAnalyzer/Core/CallEvent.cpp
index ab4b3832ee..6a5d0f0fa9 100644
--- a/lib/StaticAnalyzer/Core/CallEvent.cpp
+++ b/lib/StaticAnalyzer/Core/CallEvent.cpp
@@ -590,34 +590,34 @@ ObjCMessageKind ObjCMethodCall::getMessageKind() const {
   return static_cast<ObjCMessageKind>(Info.getInt());
 }
 
-// TODO: This implementation is copied from SemaExprObjC.cpp, needs to be
-// factored into the ObjCInterfaceDecl.
-ObjCMethodDecl *ObjCMethodCall::LookupClassMethodDefinition(Selector Sel,
-                                           ObjCInterfaceDecl *ClassDecl) const {
-  ObjCMethodDecl *Method = 0;
-  // Lookup in class and all superclasses.
-  while (ClassDecl && !Method) {
-    if (ObjCImplementationDecl *ImpDecl = ClassDecl->getImplementation())
-      Method = ImpDecl->getClassMethod(Sel);
-
-    // Look through local category implementations associated with the class.
-    if (!Method)
-      Method = ClassDecl->getCategoryClassMethod(Sel);
-
-    // Before we give up, check if the selector is an instance method.
-    // But only in the root. This matches gcc's behavior and what the
-    // runtime expects.
-    if (!Method && !ClassDecl->getSuperClass()) {
-      Method = ClassDecl->lookupInstanceMethod(Sel);
-      // Look through local category implementations associated
-      // with the root class.
-      //if (!Method)
-      //  Method = LookupPrivateInstanceMethod(Sel, ClassDecl);
+const Decl *ObjCMethodCall::getRuntimeDefinition() const {
+  const ObjCMessageExpr *E = getOriginExpr();
+  Selector Sel = E->getSelector();
+  assert(E);
+
+  if (E->isInstanceMessage()) {
+    const MemRegion *Receiver = getReceiverSVal().getAsRegion();
+    DynamicTypeInfo TI = getState()->getDynamicTypeInfo(Receiver);
+    const ObjCObjectPointerType *T =
+                    dyn_cast<ObjCObjectPointerType>(TI.getType().getTypePtr());
+    if (!T)
+      return 0;
+    if (ObjCInterfaceDecl *IDecl = T->getInterfaceDecl()) {
+      // Find the method implementation.
+      return IDecl->lookupPrivateMethod(Sel);
     }
 
-    ClassDecl = ClassDecl->getSuperClass();
+  } else {
+    // This is a class method.
+    // If we have type info for the receiver class, we are calling via
+    // class name.
+    if (ObjCInterfaceDecl *IDecl = E->getReceiverInterface()) {
+      // Find/Return the method implementation.
+      return IDecl->lookupPrivateClassMethod(Sel);
+    }
   }
-  return Method;
+
+  return 0;
 }
 
 
diff --git a/lib/StaticAnalyzer/Core/ProgramState.cpp b/lib/StaticAnalyzer/Core/ProgramState.cpp
index 6adc18c67c..20f1e226b8 100644
--- a/lib/StaticAnalyzer/Core/ProgramState.cpp
+++ b/lib/StaticAnalyzer/Core/ProgramState.cpp
@@ -731,3 +731,12 @@ bool ProgramState::isTainted(SymbolRef Sym, TaintTagType Kind) const {
   
   return Tainted;
 }
+
+DynamicTypeInfo ProgramState::getDynamicTypeInfo(const MemRegion *Reg) const {
+  if (const TypedRegion *TR = dyn_cast<TypedRegion>(Reg))
+    return DynamicTypeInfo(TR->getLocationType());
+  if (const SymbolicRegion *SR = dyn_cast<SymbolicRegion>(Reg))
+    return DynamicTypeInfo(SR->getSymbol()
+                             ->getType(getStateManager().getContext()));
+  return DynamicTypeInfo();
+}
diff --git a/lib/StaticAnalyzer/Core/Store.cpp b/lib/StaticAnalyzer/Core/Store.cpp
index 98d815f328..ed221c5419 100644
--- a/lib/StaticAnalyzer/Core/Store.cpp
+++ b/lib/StaticAnalyzer/Core/Store.cpp
@@ -53,6 +53,13 @@ StoreRef StoreManager::enterStackFrame(Store OldStore,
     Store = Bind(Store.getStore(), ThisRegion, ThisVal);
   }
 
+  if (const ObjCMethodCall *MCall = dyn_cast<ObjCMethodCall>(&Call)) {
+    SVal SelfVal = MCall->getReceiverSVal();
+    const VarDecl *SelfDecl = LCtx->getAnalysisDeclContext()->getSelfDecl();
+    Store = Bind(Store.getStore(),
+                 svalBuilder.makeLoc(MRMgr.getVarRegion(SelfDecl, LCtx)),
+                 SelfVal);
+  }
   return Store;
 }