diff options
| author | Tim Chevalier <chevalier@alum.wellesley.edu> | 2011-06-22 21:26:34 -0700 |
|---|---|---|
| committer | Tim Chevalier <chevalier@alum.wellesley.edu> | 2011-06-22 22:13:42 -0700 |
| commit | 9a48bd2f2133a76371cb92488620146be990a82c (patch) | |
| tree | 4664e8f3de63d83e5497e857a7a0f27bc24b3625 /src/rustllvm/MachOObjectFile.cpp | |
| parent | 7105cd1761c9ad84f95381f021ca4960e2bd0641 (diff) | |
| download | rust-9a48bd2f2133a76371cb92488620146be990a82c.tar.gz rust-9a48bd2f2133a76371cb92488620146be990a82c.zip | |
Compute typestate properly for move
typestate now drops constraints correctly in the post-state of a move expression or a declaration whose op is a move. It doesn't yet drop constraints mentioning variables that get updated. To do this, I had to change typestate to use trit-vectors instead of bit-vectors, because for every constraint, there are three possible values: known-to-be-false (e.g. after x <- y, init(y) is known-to-be-false), known-to-be-true, and unknown. Before, we conflated known-to-be-false with unknown. But move requires them to be treated differently. Consider: (program a) (a1) x = 1; (a2) y <- x; (a3) log x; (program b) (b1) x = 1; (b2) y <- z; (b3) log x; With only two values, the postcondition of statement a2 for constraint init(x) is the same as that of b2: 0. But in (a2)'s postcondition, init(x) *must* be false, but in (b2)'s condition, it's just whatever it was in the postcondition of the preceding statement.
Diffstat (limited to 'src/rustllvm/MachOObjectFile.cpp')
0 files changed, 0 insertions, 0 deletions