diff options
| author | Ted Kremenek <kremenek@apple.com> | 2008-07-03 23:26:32 +0000 |
|---|---|---|
| committer | Ted Kremenek <kremenek@apple.com> | 2008-07-03 23:26:32 +0000 |
| commit | 4d85146e6d5099d84a2299d2a274ef270798bdb1 (patch) | |
| tree | 455f78b3e286c81318557703ae5954f64561e451 /clang/lib/Analysis/CFRefCount.cpp | |
| parent | 4bb9089db78977a187664ec61e57a12e7248085e (diff) | |
| download | bcm5719-llvm-4d85146e6d5099d84a2299d2a274ef270798bdb1.tar.gz bcm5719-llvm-4d85146e6d5099d84a2299d2a274ef270798bdb1.zip | |
Use conjured symbols for variables whose values are invalidated when
passed-by-reference to a function. This allows us to build up constraints for
their new values and restore some lost path-sensitivity. This addresses a few
false positives since in Adium.
llvm-svn: 53125
Diffstat (limited to 'clang/lib/Analysis/CFRefCount.cpp')
| -rw-r--r-- | clang/lib/Analysis/CFRefCount.cpp | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/clang/lib/Analysis/CFRefCount.cpp b/clang/lib/Analysis/CFRefCount.cpp index 323181a302e..a9c4f840f0b 100644 --- a/clang/lib/Analysis/CFRefCount.cpp +++ b/clang/lib/Analysis/CFRefCount.cpp @@ -1389,8 +1389,35 @@ void CFRefCount::EvalSummary(ExplodedNodeSet<ValueState>& Dst, } } else if (isa<LVal>(V)) { +#if 0 // Nuke all arguments passed by reference. StateMgr.Unbind(StVals, cast<LVal>(V)); +#else + if (lval::DeclVal* DV = dyn_cast<lval::DeclVal>(&V)) { + + // FIXME: Either this logic should also be replicated in GRSimpleVals + // or should be pulled into a separate "constraint engine." + // FIXME: We can have collisions on the conjured symbol if the + // expression *I also creates conjured symbols. We probably want + // to identify conjured symbols by an expression pair: the enclosing + // expression (the context) and the expression itself. This should + // disambiguate conjured symbols. + + // Invalidate the values of all variables passed by reference. + // Set the value of the variable to be a conjured symbol. + unsigned Count = Builder.getCurrentBlockCount(); + SymbolID NewSym = Eng.getSymbolManager().getConjuredSymbol(*I, Count); + + StateMgr.BindVar(StVals, DV->getDecl(), + LVal::IsLValType(DV->getDecl()->getType()) + ? cast<RVal>(lval::SymbolVal(NewSym)) + : cast<RVal>(nonlval::SymbolVal(NewSym))); + } + else { + // Nuke all other arguments passed by reference. + StateMgr.Unbind(StVals, cast<LVal>(V)); + } +#endif } else if (isa<nonlval::LValAsInteger>(V)) StateMgr.Unbind(StVals, cast<nonlval::LValAsInteger>(V).getLVal()); |
