nicolas/llvm-project
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

When conjuring symbols to recover path-sensitivity, don't conjure symbols that represent an entire struct. We need to implement struct temporaries as an actual "region", and then bind symbols to the FieldRegion of those temporaries.

Browse Source 
llvm-svn: 57739
This commit is contained in:
Ted Kremenek
2008-10-17 22:23:12 +00:00
parent b35174727f
commit 213873232d
3 changed files with 29 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
clang/lib/Analysis/CFRefCount.cpp
View File

@@ -1518,13 +1518,20 @@ void CFRefCount::EvalSummary(ExplodedNodeSet<GRState>& Dst,
// Set the value of the variable to be a conjured symbol.
unsigned Count = Builder.getCurrentBlockCount();
QualType T = R->getType();
SymbolID NewSym =
Eng.getSymbolManager().getConjuredSymbol(*I, T, Count);
state = state.SetSVal(*MR,
Loc::IsLocType(T)
? cast<SVal>(loc::SymbolVal(NewSym))
: cast<SVal>(nonloc::SymbolVal(NewSym)));
// FIXME: handle structs.
if (T->isIntegerType() || Loc::IsLocType(T)) {
SymbolID NewSym =
Eng.getSymbolManager().getConjuredSymbol(*I, T, Count);
state = state.SetSVal(*MR,
Loc::IsLocType(T)
? cast<SVal>(loc::SymbolVal(NewSym))
: cast<SVal>(nonloc::SymbolVal(NewSym)));
}
else {
state = state.SetSVal(*MR, UnknownVal());
}
}
else
state = state.SetSVal(*MR, UnknownVal());
@@ -1566,13 +1573,18 @@ void CFRefCount::EvalSummary(ExplodedNodeSet<GRState>& Dst,
default:
assert (false && "Unhandled RetEffect."); break;
case RetEffect::NoRet:
case RetEffect::NoRet: {
// Make up a symbol for the return value (not reference counted).
// FIXME: This is basically copy-and-paste from GRSimpleVals. We
// should compose behavior, not copy it.
if (Ex->getType() != Eng.getContext().VoidTy) {
// FIXME: We eventually should handle structs and other compound types
// that are returned by value.
QualType T = Ex->getType();
if (T->isIntegerType() || Loc::IsLocType(T)) {
unsigned Count = Builder.getCurrentBlockCount();
SymbolID Sym = Eng.getSymbolManager().getConjuredSymbol(Ex, Count);
@@ -1584,6 +1596,7 @@ void CFRefCount::EvalSummary(ExplodedNodeSet<GRState>& Dst,
}
break;
}
case RetEffect::Alias: {
unsigned idx = RE.getIndex();