[cfe-commits] r68191 - /cfe/trunk/docs/AnalyzerRegions.txt
Zhongxing Xu
xuzhongxing at gmail.com
Tue Mar 31 23:01:08 PDT 2009
Author: zhongxingxu
Date: Wed Apr 1 01:01:08 2009
New Revision: 68191
URL: http://llvm.org/viewvc/llvm-project?rev=68191&view=rev
Log:
Update docs.
Modified:
cfe/trunk/docs/AnalyzerRegions.txt
Modified: cfe/trunk/docs/AnalyzerRegions.txt
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/docs/AnalyzerRegions.txt?rev=68191&r1=68190&r2=68191&view=diff
==============================================================================
--- cfe/trunk/docs/AnalyzerRegions.txt (original)
+++ cfe/trunk/docs/AnalyzerRegions.txt Wed Apr 1 01:01:08 2009
@@ -146,6 +146,25 @@
For toll-free bridging casts, we return the original region.
+ We can set up a lattice for pointer types, with the most general type 'void*'
+ at the top. The lattice enforces a partial order among types.
+
+ Every MemRegion has a root position in the type lattice. For example, the
+ pointee region of 'void *p' has its root position at the top of the lattice.
+ VarRegion of 'int x' has its root position at the 'int type' node.
+
+ TypedViewRegion is used to move the region down or up in the lattice. Moving
+ down in the lattice adds a TypedViewRegion. Moving up in the lattice removes a
+ TypedViewRegion.
+
+ Do we want to allow moving up beyond the root position? This happens when:
+ int x;
+ void *p = &x;
+
+ The region of 'x' has its root position at 'int*' node. the cast to void*
+ moves that region up to the 'void*' node. I propose to not allow such casts,
+ and assign the region of 'x' for 'p'.
+
Region Bindings
The following region kinds are boundable: VarRegion, CompoundLiteralRegion,
@@ -158,9 +177,20 @@
To canonicalize a region, we get the canonical types for all TypedViewRegions
along the way up to the root region, and make new TypedViewRegions with those
canonical types.
+
+ For ObjC and C++, perhaps another canonicalization rule should be added: for
+ FieldRegion, the least derived class that has the field is used as the type
+ of the super region of the FieldRegion.
All bindings and retrievings are done on the canonicalized regions.
Canonicalization is transparent outside the region store manager, and more
specifically, unaware outside the Bind() and Retrieve() method. We don't need
to consider region canonicalization when doing pointer cast.
+
+Constraint Manager
+
+ The constraint manager reasons about the abstract location of memory
+ objects. We can have different views on a region, but none of these views
+ changes the location of that object. Thus we should get the same abstract
+ location for those regions.
More information about the cfe-commits
mailing list