diff options
| author | Zhongxing Xu <xuzhongxing@gmail.com> | 2009-05-09 15:18:12 +0000 |
|---|---|---|
| committer | Zhongxing Xu <xuzhongxing@gmail.com> | 2009-05-09 15:18:12 +0000 |
| commit | c4761f5ea355aee7b6d9b7727af055ee43acaa10 (patch) | |
| tree | cbe26058b127e1c987099b9c0bc71ec15bded3e1 /lib/Analysis/RegionStore.cpp | |
| parent | 8a9bf4a768539a40344e809c52a6eb862f4145ac (diff) | |
When evaluating pointer arithmetic, if the base location is a symbolic region,
convert it to the first element region.
Also do not assume the array region is typed.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@71358 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'lib/Analysis/RegionStore.cpp')
| -rw-r--r-- | lib/Analysis/RegionStore.cpp | 33 |
1 files changed, 15 insertions, 18 deletions
diff --git a/lib/Analysis/RegionStore.cpp b/lib/Analysis/RegionStore.cpp index aa09a60deb..bfbbce15ab 100644 --- a/lib/Analysis/RegionStore.cpp +++ b/lib/Analysis/RegionStore.cpp @@ -688,26 +688,24 @@ RegionStoreManager::CastRegion(const GRState* state, const MemRegion* R, } SVal RegionStoreManager::EvalBinOp(BinaryOperator::Opcode Op, Loc L, NonLoc R) { - // Assume the base location is MemRegionVal(ElementRegion). + // Assume the base location is MemRegionVal. if (!isa<loc::MemRegionVal>(L)) return UnknownVal(); const MemRegion* MR = cast<loc::MemRegionVal>(L).getRegion(); - if (isa<SymbolicRegion>(MR)) - return UnknownVal(); - - const TypedRegion* TR = cast<TypedRegion>(MR); - const ElementRegion* ER = dyn_cast<ElementRegion>(TR); - - if (!ER) { - // If the region is not element region, create one with index 0. This can - // happen in the following example: - // char *p = foo(); - // p += 3; - // Note that p binds to a TypedViewRegion(SymbolicRegion). - nonloc::ConcreteInt Idx(getBasicVals().getZeroWithPtrWidth(false)); - ER = MRMgr.getElementRegion(TR->getValueType(getContext()), Idx, TR); - } + const ElementRegion *ER = 0; + // If the operand is a symbolic region, we convert it to the first element + // region implicitly. + if (const SymbolicRegion *SR = dyn_cast<SymbolicRegion>(MR)) { + // Get symbol's type. It should be a pointer type. + SymbolRef Sym = SR->getSymbol(); + QualType T = Sym->getType(getContext()); + QualType EleTy = cast<PointerType>(T.getTypePtr())->getPointeeType(); + + SVal ZeroIdx = ValMgr.makeZeroArrayIndex(); + ER = MRMgr.getElementRegion(EleTy, ZeroIdx, SR); + } else + ER = cast<ElementRegion>(MR); SVal Idx = ER->getIndex(); @@ -726,8 +724,7 @@ SVal RegionStoreManager::EvalBinOp(BinaryOperator::Opcode Op, Loc L, NonLoc R) { Offset->getValue())); SVal NewIdx = Base->EvalBinOp(getBasicVals(), Op, OffConverted); const MemRegion* NewER = - MRMgr.getElementRegion(ER->getElementType(), NewIdx, - cast<TypedRegion>(ER->getSuperRegion())); + MRMgr.getElementRegion(ER->getElementType(), NewIdx,ER->getSuperRegion()); return Loc::MakeVal(NewER); } |