[cfe-commits] r63844 - in /cfe/trunk: include/clang/Analysis/PathSensitive/MemRegion.h lib/Analysis/BasicConstraintManager.cpp lib/Analysis/BasicStore.cpp lib/Analysis/MemRegion.cpp lib/Analysis/RegionStore.cpp
Zhongxing Xu
xuzhongxing at gmail.com
Wed Feb 4 22:57:29 PST 2009
Author: zhongxingxu
Date: Thu Feb 5 00:57:29 2009
New Revision: 63844
URL: http://llvm.org/viewvc/llvm-project?rev=63844&view=rev
Log:
Make SymbolicRegion subclass TypedRegion, for symbols usually have types, so
do the symblic regions associated with them and we need them to be typed.
Current SymbolicRegion::getRValueType() method is very restricting. It may be
modified when we are more clear about what could be the types of symblic
regions.
BasicConstraintManager::Assume() is changed due to that now SymblicRegion is a
subclass of SubRegion.
Modified:
cfe/trunk/include/clang/Analysis/PathSensitive/MemRegion.h
cfe/trunk/lib/Analysis/BasicConstraintManager.cpp
cfe/trunk/lib/Analysis/BasicStore.cpp
cfe/trunk/lib/Analysis/MemRegion.cpp
cfe/trunk/lib/Analysis/RegionStore.cpp
Modified: cfe/trunk/include/clang/Analysis/PathSensitive/MemRegion.h
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/Analysis/PathSensitive/MemRegion.h?rev=63844&r1=63843&r2=63844&view=diff
==============================================================================
--- cfe/trunk/include/clang/Analysis/PathSensitive/MemRegion.h (original)
+++ cfe/trunk/include/clang/Analysis/PathSensitive/MemRegion.h Thu Feb 5 00:57:29 2009
@@ -38,10 +38,11 @@
/// MemRegion - The root abstract class for all memory regions.
class MemRegion : public llvm::FoldingSetNode {
public:
- enum Kind { MemSpaceRegionKind, SymbolicRegionKind,
+ enum Kind { MemSpaceRegionKind,
AllocaRegionKind,
// Typed regions.
BEG_TYPED_REGIONS,
+ SymbolicRegionKind,
CompoundLiteralRegionKind,
StringRegionKind, ElementRegionKind,
AnonTypedRegionKind,
@@ -103,7 +104,7 @@
bool isSubRegionOf(const MemRegion* R) const;
static bool classof(const MemRegion* R) {
- return R->getKind() > SymbolicRegionKind;
+ return R->getKind() > MemSpaceRegionKind;
}
};
@@ -135,32 +136,6 @@
}
};
-/// SymbolicRegion - A special, "non-concrete" region. Unlike other region
-/// clases, SymbolicRegion represents a region that serves as an alias for
-/// either a real region, a NULL pointer, etc. It essentially is used to
-/// map the concept of symbolic values into the domain of regions. Symbolic
-/// regions do not need to be typed.
-class SymbolicRegion : public MemRegion {
-protected:
- const SymbolRef sym;
-
-public:
- SymbolicRegion(const SymbolRef s) : MemRegion(SymbolicRegionKind), sym(s) {}
-
- SymbolRef getSymbol() const {
- return sym;
- }
-
- void Profile(llvm::FoldingSetNodeID& ID) const;
- static void ProfileRegion(llvm::FoldingSetNodeID& ID, SymbolRef sym);
-
- void print(llvm::raw_ostream& os) const;
-
- static bool classof(const MemRegion* R) {
- return R->getKind() == SymbolicRegionKind;
- }
-};
-
/// TypedRegion - An abstract class representing regions that are typed.
class TypedRegion : public SubRegion {
protected:
@@ -188,6 +163,37 @@
}
};
+/// SymbolicRegion - A special, "non-concrete" region. Unlike other region
+/// clases, SymbolicRegion represents a region that serves as an alias for
+/// either a real region, a NULL pointer, etc. It essentially is used to
+/// map the concept of symbolic values into the domain of regions. Symbolic
+/// regions do not need to be typed.
+class SymbolicRegion : public TypedRegion {
+protected:
+ const SymbolRef sym;
+ const SymbolManager& SymMgr;
+
+public:
+ SymbolicRegion(const SymbolRef s, const SymbolManager& mgr, MemRegion* sreg)
+ : TypedRegion(sreg, SymbolicRegionKind), sym(s), SymMgr(mgr) {}
+
+ SymbolRef getSymbol() const {
+ return sym;
+ }
+
+ QualType getRValueType(ASTContext& C) const;
+
+ void Profile(llvm::FoldingSetNodeID& ID) const;
+
+ static void ProfileRegion(llvm::FoldingSetNodeID& ID, SymbolRef sym);
+
+ void print(llvm::raw_ostream& os) const;
+
+ static bool classof(const MemRegion* R) {
+ return R->getKind() == SymbolicRegionKind;
+ }
+};
+
/// StringRegion - Region associated with a StringLiteral.
class StringRegion : public TypedRegion {
friend class MemRegionManager;
@@ -492,7 +498,7 @@
getCompoundLiteralRegion(const CompoundLiteralExpr* CL);
/// getSymbolicRegion - Retrieve or create a "symbolic" memory region.
- SymbolicRegion* getSymbolicRegion(const SymbolRef sym);
+ SymbolicRegion* getSymbolicRegion(const SymbolRef sym, const SymbolManager&);
StringRegion* getStringRegion(const StringLiteral* Str);
Modified: cfe/trunk/lib/Analysis/BasicConstraintManager.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Analysis/BasicConstraintManager.cpp?rev=63844&r1=63843&r2=63844&view=diff
==============================================================================
--- cfe/trunk/lib/Analysis/BasicConstraintManager.cpp (original)
+++ cfe/trunk/lib/Analysis/BasicConstraintManager.cpp Thu Feb 5 00:57:29 2009
@@ -165,17 +165,14 @@
// FIXME: Should this go into the storemanager?
const MemRegion* R = cast<loc::MemRegionVal>(Cond).getRegion();
-
- while (R) {
- if (const SubRegion* SubR = dyn_cast<SubRegion>(R)) {
- R = SubR->getSuperRegion();
- continue;
- }
- else if (const SymbolicRegion* SymR = dyn_cast<SymbolicRegion>(R))
+ const SubRegion* SubR = dyn_cast<SubRegion>(R);
+
+ while (SubR) {
+ // FIXME: now we only find the first symbolic region.
+ if (const SymbolicRegion* SymR = dyn_cast<SymbolicRegion>(SubR))
return AssumeAux(St, loc::SymbolVal(SymR->getSymbol()), Assumption,
isFeasible);
-
- break;
+ SubR = dyn_cast<SubRegion>(SubR->getSuperRegion());
}
// FALL-THROUGH.
Modified: cfe/trunk/lib/Analysis/BasicStore.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Analysis/BasicStore.cpp?rev=63844&r1=63843&r2=63844&view=diff
==============================================================================
--- cfe/trunk/lib/Analysis/BasicStore.cpp (original)
+++ cfe/trunk/lib/Analysis/BasicStore.cpp Thu Feb 5 00:57:29 2009
@@ -173,7 +173,8 @@
switch(BaseL.getSubKind()) {
case loc::SymbolValKind:
- BaseR = MRMgr.getSymbolicRegion(cast<loc::SymbolVal>(&BaseL)->getSymbol());
+ BaseR = MRMgr.getSymbolicRegion(cast<loc::SymbolVal>(&BaseL)->getSymbol(),
+ StateMgr.getSymbolManager());
break;
case loc::GotoLabelKind:
@@ -218,7 +219,8 @@
// Create a region to represent this symbol.
// FIXME: In the future we may just use symbolic regions instead of
// SymbolVals to reason about symbolic memory chunks.
- const MemRegion* SymR = MRMgr.getSymbolicRegion(Sym);
+ const MemRegion* SymR = MRMgr.getSymbolicRegion(Sym,
+ StateMgr.getSymbolManager());
// Layered a typed region on top of this.
QualType T = StateMgr.getSymbolManager().getType(Sym);
BaseR = MRMgr.getAnonTypedRegion(T, SymR);
Modified: cfe/trunk/lib/Analysis/MemRegion.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Analysis/MemRegion.cpp?rev=63844&r1=63843&r2=63844&view=diff
==============================================================================
--- cfe/trunk/lib/Analysis/MemRegion.cpp (original)
+++ cfe/trunk/lib/Analysis/MemRegion.cpp Thu Feb 5 00:57:29 2009
@@ -107,6 +107,28 @@
ElementRegion::ProfileRegion(ID, Index, superRegion);
}
+//===----------------------------------------------------------------------===//
+// getLValueType() and getRValueType()
+//===----------------------------------------------------------------------===//
+
+QualType SymbolicRegion::getRValueType(ASTContext& C) const {
+ const SymbolData& data = SymMgr.getSymbolData(sym);
+
+ // FIXME: We could use the SymbolManager::getType() directly. But that
+ // would hide the assumptions we made here. What is the type of a symbolic
+ // region is unclear for other cases.
+
+ // For now we assume the symbol is a typed region rvalue.
+ const TypedRegion* R
+ = cast<TypedRegion>(cast<SymbolRegionRValue>(data).getRegion());
+
+ // Assume the region rvalue has a pointer type, only then we could have a
+ // symbolic region associated with it.
+ PointerType* PTy = cast<PointerType>(R->getRValueType(C).getTypePtr());
+
+ return PTy->getPointeeType();
+}
+
QualType ElementRegion::getRValueType(ASTContext& C) const {
// Strip off typedefs from the ArrayRegion's RvalueType.
QualType T = getArrayRegion()->getRValueType(C)->getDesugaredType();
@@ -119,10 +141,6 @@
return T;
}
-//===----------------------------------------------------------------------===//
-// getLValueType() and getRValueType()
-//===----------------------------------------------------------------------===//
-
QualType StringRegion::getRValueType(ASTContext& C) const {
return Str->getType();
}
@@ -308,7 +326,8 @@
}
/// getSymbolicRegion - Retrieve or create a "symbolic" memory region.
-SymbolicRegion* MemRegionManager::getSymbolicRegion(const SymbolRef sym) {
+SymbolicRegion* MemRegionManager::getSymbolicRegion(const SymbolRef sym,
+ const SymbolManager& mgr) {
llvm::FoldingSetNodeID ID;
SymbolicRegion::ProfileRegion(ID, sym);
@@ -319,7 +338,8 @@
if (!R) {
R = (SymbolicRegion*) A.Allocate<SymbolicRegion>();
- new (R) SymbolicRegion(sym);
+ // SymbolicRegion's storage class is usually unknown.
+ new (R) SymbolicRegion(sym, mgr, getUnknownRegion());
Regions.InsertNode(R, InsertPos);
}
Modified: cfe/trunk/lib/Analysis/RegionStore.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Analysis/RegionStore.cpp?rev=63844&r1=63843&r2=63844&view=diff
==============================================================================
--- cfe/trunk/lib/Analysis/RegionStore.cpp (original)
+++ cfe/trunk/lib/Analysis/RegionStore.cpp Thu Feb 5 00:57:29 2009
@@ -312,7 +312,8 @@
break;
case loc::SymbolValKind:
- BaseR = MRMgr.getSymbolicRegion(cast<loc::SymbolVal>(&BaseL)->getSymbol());
+ BaseR = MRMgr.getSymbolicRegion(cast<loc::SymbolVal>(&BaseL)->getSymbol(),
+ StateMgr.getSymbolManager());
break;
case loc::GotoLabelKind:
@@ -701,7 +702,8 @@
if (isa<loc::MemRegionVal>(L))
R = cast<loc::MemRegionVal>(L).getRegion();
else if (isa<loc::SymbolVal>(L))
- R = MRMgr.getSymbolicRegion(cast<loc::SymbolVal>(L).getSymbol());
+ R = MRMgr.getSymbolicRegion(cast<loc::SymbolVal>(L).getSymbol(),
+ StateMgr.getSymbolManager());
if (R) {
RegionBindingsTy B = GetRegionBindings(store);
More information about the cfe-commits
mailing list