the build).

llvm-svn: 69702

llvm-svn: 69697

llvm-svn: 69694

llvm-svn: 69688

ProgramPoints all the way through to GRCoreEngine.

NSString.m now fails with RegionStoreManager because of the void** cast.
Disabling use of region store for that test for now.

llvm-svn: 68845

A CodeTextRegion wraps two kinds of data: FunctionDecl* or SymbolRef. 
The latter comes from the symbolic function pointer that are generated from
function calls or input data.

llvm-svn: 68777

it.  Will discuss offline whether symbolic regions should by typed or typeless.

llvm-svn: 68070

llvm-svn: 68068

Layer the type information with a TypedViewRegion on top of the SymbolicRegion.

llvm-svn: 68028

Zhongxing and I discussed by email.

Main changes:
- Removed SymIntConstraintVal and SymIntConstraint
- Added SymExpr as a parent class to SymbolData, SymSymExpr, SymIntExpr
- Added nonloc::SymExprVal to wrap SymExpr
- SymbolRef is now just a typedef of 'const SymbolData*'
- Bunch of minor code cleanups in how some methods were invoked (no functionality change)

This changes are part of a long-term plan to have full symbolic expression
trees. This will be useful for lazily evaluating complicated expressions.

llvm-svn: 67731

TypedViewRegion has a valid rvalue type. Also renamed instance variable 'T' to
'LvalueType' to make it unambiguous of its purpose.

This fixes some crashes I was seeing after:

http://lists.cs.uiuc.edu/pipermail/cfe-commits/Week-of-Mon-20090309/013771.html

This is because 'isBoundable()' is defined in TypedRegion (the parent class) in
terms of the rvalue type (which could be null), while for TypedViewRegion it
should be defined in terms of the lvalue type.

llvm-svn: 66712

- Have 'TypedRegion::getRValueType()' return a null QualType for 'id<...>'
  instead of aborting.
- Change 'TypedRegion::isBoundable()' to return true for all objects with a
  non-null RValueType (this may not be the final behavior).

llvm-svn: 66093

Added the notion of a "boundable region", which is a region that can have a direct binding in the StoreManager.

llvm-svn: 66005

SVal::getAsLocSymbol(). This simplifies the code and allows the retain/release
checker to (I believe) also correctly reason about location symbols wrapped in
SymbolicRegions.

Along the way I cleaned up SymbolRef a little, disallowing implicit casts to
'unsigned'.

llvm-svn: 65972

llvm-svn: 65764

for FieldRegion. This enables us to track more values.

Simplify SymbolicRegion::getRValueType(). We assume the symbol always has
pointer type.

llvm-svn: 63928

do the symblic regions associated with them and we need them to be typed.

Current SymbolicRegion::getRValueType() method is very restricting. It may be
modified when we are more clear about what could be the types of symblic
regions.

BasicConstraintManager::Assume() is changed due to that now SymblicRegion is a
subclass of SubRegion.
 

llvm-svn: 63844

- NonLoc::MakeVal() would use sizeof(unsigned) (literally) instead of consulting
  ASTContext for the size (in bits) of 'int'. While it worked, it was a
  conflation of concepts and using ASTContext.IntTy is 100% correct.
- RegionStore::getSizeInElements() no longer assumes that a VarRegion has the
  type "ConstantArray", and handles the case when uses use ordinary variables
  as if they were arrays.
- Fixed ElementRegion::getRValueType() to just return the rvalue type of its
  "array region" in the case the array didn't have ArrayType.
- All of this fixes <rdar://problem/6541136>

llvm-svn: 63347

Fix crash ElementRegion::getRValueType() when the RvalueType of the ArrayRegion is a typedef and not (directly) a pointer.

llvm-svn: 62909

region. Otherwise we would get an extra level of pointer type.

llvm-svn: 62844

StringRegion::print: Remove copy/paste code and just call Stmt::printPretty() for the StringLiteral.

llvm-svn: 62340

llvm-svn: 61924

* Now Bind() methods take and return GRState* because binding could
  also alter GDM.
* No variables are initialized except those declared with initial
  values.
* failed C test cases are due to bugs in RemoveDeadBindings(),
which removes constraints that is still alive. This will be fixed in later
patch.
* default value of array and struct regions will be implemented in later patch.

llvm-svn: 61274

llvm-svn: 61146

- Overhauled the notion of "types" for TypedRegions.  We now distinguish between the "lvalue" of a region (via getLValueRegion()) and the "rvalue" of a region (va getRValueRegion()).  Since a region represents a chunk of memory it has both, but we were conflating these concepts in some cases, leading to some insidious bugs.
- Removed AnonPointeeType, partially because it is unused and because it doesn't have a clear notion of lvalue vs rvalue type.  We can add it back once there is a need for it and we can resolve its role with these concepts.

StoreManager:
- Overhauled StoreManager::CastRegion.  It expects an *lvalue* type for a region.  This is actually what motivated the overhaul to the MemRegion type mechanism.  It also no longer returns an SVal; we can just return a MemRegion*.
- BasicStoreManager::CastRegion now overlays an "AnonTypedRegion" for pointer-pointer casts.  This matches with the MemRegion changes.
- Similar changes to RegionStore, except I've added a bunch of FIXMEs where it wasn't 100% clear where we should use TypedRegion::getRValueRegion() or TypedRegion::getLValueRegion().

AuditCFNumberCreate check:
- Now blasts through AnonTypedRegions that may layer the original memory region, thus checking if the actually memory block is of the appropriate type.  This change was needed to work with the changes to StoreManager::CastRegion.

GRExprEngine::VisitCast:
- Conform to the new interface of StoreManager::CastRegion.

Tests:
- None of the analysis tests fail now for using the "basic store".
- Disabled the tests 'array-struct.c' and 'rdar-6442306-1.m' pending further testing and bug fixing.

llvm-svn: 60995

GRExprEngine (VisitCast):
- When using StoreManager::CastRegion, always use the state and value it returns to generate the next node.  Failure to do so means that region values returned that don't require the state to be modified will get ignored.

MemRegion:
- Tighten the interface for ElementRegion.  Now ElementRegion can only be created with a super region that is a 'TypedRegion' instead of any MemRegion.  Code in BasicStoreManager/RegionStoreManager already assumed this, but it would result in a dynamic assertion check (and crash) rather than just having the compiler forbid the construction of such regions.
- Added ElementRegion::getArrayRegion() to return the 'typed version' of an ElementRegion's super region.
- Removed bogus assertion in ElementRegion::getType() that assumed that the super region was an AnonTypedRegion.  All that matters is that it is a TypedRegion, which is now true all the time by design.

BasicStore:
- Modified getLValueElement() to check if the 'array' region is a TypedRegion before creating an ElementRegion.  This conforms to the updated interface for ElementRegion.

RegionStore:
- In ArrayToPointer() gracefully handle things we don't reason about, and only create an ElementRegion if the array region is indeed a TypedRegion.

llvm-svn: 60990

llvm-svn: 60870

to them.

llvm-svn: 60868

Add SymbolRef::print() and have SymbolicRegion::print() use this method instead of calling SymbolRef::getNumber().

llvm-svn: 60578

llvm-svn: 60577

Rename SymbolID to SymbolRef.  This is a precursor to some overhauling of the representation of symbolic values.

llvm-svn: 60575

uses of getName() with uses of getDeclName().  This upgrades a bunch of
diags to take DeclNames instead of std::strings.

This also tweaks a couple of diagnostics to be cleaner and changes
CheckInitializerTypes/PerformInitializationByConstructor to pass
around DeclarationNames instead of std::strings.

llvm-svn: 59947

where the control reaches the end of a non-void function and also allows the
compiler to generate better code.  When this assertion is false we can easily
add more else cases.

llvm-svn: 59468

 - RegionView and RegionViewMap is introduced to assist back-mapping from
   super region to subregions.
 - GDM is used to carry RegionView information.
 - AnonTypedRegion is added to represent a typed region introduced by pointer
   casting. Later AnonTypedRegion can be used in other similar cases, e.g.,
   malloc()'ed region.
 - The specific conversion is delegated to store manager.

llvm-svn: 59382

type when assigning to it.

llvm-svn: 59229

llvm-svn: 59015

llvm-svn: 58985

- Prepare AnonPointeeRegioin for later use.

llvm-svn: 58595

llvm-svn: 58551

Pull determination of the super region for a VarRegion into a single getVarRegion() method.  This provides a common clean API for clients.

llvm-svn: 58272