[cfe-dev] PreStmtPurgeDeadSymbols and LazyCompoundVal, bindings

Aleksei Sidorin via cfe-dev cfe-dev at lists.llvm.org
Tue Jul 12 09:13:03 PDT 2016


Hello Adam,

1. temp_object (CXXTempObjectRegion) is just an abstract memory piece. 
But we need to get the value stored in it, not the memory itself. As I 
understand, your code doesn't uses references performs copying by value. 
So, LazyCompoundVal becomes the value of this region because it has 
structure type.

2. LazyCompoundVal contains a reference to the Store where a binding was 
initiated. So, on the last step LazyCompoundVal still refers to the 
conjured symbol but in another Store which exists on the step 4. This is 
done because we may change the fields of the initial structure but 
LazyCompoundVal should stay the same. So, LazyCompoundVal uses a 
"freezed" version of Store and we may safely remove dead bindings from 
the current state.
If you take a Store LazyCompoundVal refers to 
(LazyCompoundVal::getStore()), you will see a binding. It is not lost.

Anna or Artem, please correct me if I'm wrong.


> Hi,
>
> I am facing the following problem:
>
> 1) I evaluate a function returning a record to a conjured symbol
> 2) MaterializeTemporaryExpr creates a new temp_object, binds it (default binding) to the conjured symbol and adds a new expression where the function is evaluated to this temp_object.
> 3) PreStmtPurgeDeadSymbol removes all other expressions, thus the one remaining is the one created by MaterializeTemporaryExpr. This means the function is evaluated to a temp_object which is bound to the conjured symbol.
> 4) CXXConsturctExpr binds (default binding) a lazyCompoundVal to the variable receiving the function return value, which refers to the temp_object, which is bound to the conjured symbol.
> 5) PreStmtPurgeDeadSymbol removes the binding of the temp_object to the conjured symbol, but it was not dead! It was used indirectly via the lazyCompoundVal. So the indirect binding between the variable and the conjured symbol is completely lost.
>
> My first (minor) problem is: why creating a lazyCompoundVal for a temp_object? A temp_object as its name says is temporary, so there is no point to do a lazy copy of it. This step could be optimized away by binding the temp_object itself to the receiving variable. In this special case it could also solve the main problem, thus losing the binding between the variable and the expression value (the conjured symbol the function evaluates to in my special case).
>
> However, the second (major) problem is the erroneous removal of a live binding of the base region of the lazyCompoundVal. I checked why this happens in RegionStore.cpp, and I found that function VisitBinding of class invalidateRegionsWorker calls function getInterestingValues of RegionStoreManager which returns the target of the binding and not the source. So in my case it returns the conjured symbol itself and not the temp_object which is bound to it. Because of this the binding of the temp_object is not marked as a live binding and is thus removed. Is this the way it is supposed to work? I do not think so, because it breaks a chain of bindings this way. Any idea how to fix it?
>
> Thanks your suggestions in advance!
>
> Regards,
>
> Ádám


-- 
Best regards,
Aleksei Sidorin
Software Engineer,
IMSWL-IMCG, SRR, Samsung Electronics




More information about the cfe-dev mailing list