diff options
| author | Zhongxing Xu <xuzhongxing@gmail.com> | 2009-05-09 15:18:12 +0000 | 
|---|---|---|
| committer | Zhongxing Xu <xuzhongxing@gmail.com> | 2009-05-09 15:18:12 +0000 | 
| commit | d6daef91654719de80c5a6436b2392173c3f8f22 (patch) | |
| tree | 53ea9a154f2bc6c1caa4c14b69c58f5ab5260871 /clang/lib/Analysis | |
| parent | b18d7cab0c3adb84bb9f19da488b04c31e2bdd2f (diff) | |
| download | bcm5719-llvm-d6daef91654719de80c5a6436b2392173c3f8f22.tar.gz bcm5719-llvm-d6daef91654719de80c5a6436b2392173c3f8f22.zip | |
When evaluating pointer arithmetic, if the base location is a symbolic region,
convert it to the first element region.
Also do not assume the array region is typed.
llvm-svn: 71358
Diffstat (limited to 'clang/lib/Analysis')
| -rw-r--r-- | clang/lib/Analysis/RegionStore.cpp | 33 | 
1 files changed, 15 insertions, 18 deletions
| diff --git a/clang/lib/Analysis/RegionStore.cpp b/clang/lib/Analysis/RegionStore.cpp index aa09a60deb9..bfbbce15ab4 100644 --- a/clang/lib/Analysis/RegionStore.cpp +++ b/clang/lib/Analysis/RegionStore.cpp @@ -688,26 +688,24 @@ RegionStoreManager::CastRegion(const GRState* state, const MemRegion* R,  }  SVal RegionStoreManager::EvalBinOp(BinaryOperator::Opcode Op, Loc L, NonLoc R) { -  // Assume the base location is MemRegionVal(ElementRegion). +  // Assume the base location is MemRegionVal.    if (!isa<loc::MemRegionVal>(L))      return UnknownVal();    const MemRegion* MR = cast<loc::MemRegionVal>(L).getRegion(); -  if (isa<SymbolicRegion>(MR)) -    return UnknownVal(); - -  const TypedRegion* TR = cast<TypedRegion>(MR); -  const ElementRegion* ER = dyn_cast<ElementRegion>(TR); -   -  if (!ER) { -    // If the region is not element region, create one with index 0. This can -    // happen in the following example: -    // char *p = foo(); -    // p += 3; -    // Note that p binds to a TypedViewRegion(SymbolicRegion). -    nonloc::ConcreteInt Idx(getBasicVals().getZeroWithPtrWidth(false)); -    ER = MRMgr.getElementRegion(TR->getValueType(getContext()), Idx, TR); -  } +  const ElementRegion *ER = 0; +  // If the operand is a symbolic region, we convert it to the first element +  // region implicitly. +  if (const SymbolicRegion *SR = dyn_cast<SymbolicRegion>(MR)) { +    // Get symbol's type. It should be a pointer type. +    SymbolRef Sym = SR->getSymbol(); +    QualType T = Sym->getType(getContext()); +    QualType EleTy = cast<PointerType>(T.getTypePtr())->getPointeeType(); + +    SVal ZeroIdx = ValMgr.makeZeroArrayIndex(); +    ER = MRMgr.getElementRegion(EleTy, ZeroIdx, SR); +  } else +    ER = cast<ElementRegion>(MR);    SVal Idx = ER->getIndex(); @@ -726,8 +724,7 @@ SVal RegionStoreManager::EvalBinOp(BinaryOperator::Opcode Op, Loc L, NonLoc R) {                                                             Offset->getValue()));      SVal NewIdx = Base->EvalBinOp(getBasicVals(), Op, OffConverted);      const MemRegion* NewER = -      MRMgr.getElementRegion(ER->getElementType(), NewIdx,  -                             cast<TypedRegion>(ER->getSuperRegion())); +      MRMgr.getElementRegion(ER->getElementType(), NewIdx,ER->getSuperRegion());      return Loc::MakeVal(NewER);    } | 

