diff options
| -rw-r--r-- | include/clang/Analysis/PathSensitive/Store.h | 5 | ||||
| -rw-r--r-- | lib/Analysis/GRSimpleVals.cpp | 3 | ||||
| -rw-r--r-- | lib/Analysis/RegionStore.cpp | 29 |
3 files changed, 36 insertions, 1 deletions
diff --git a/include/clang/Analysis/PathSensitive/Store.h b/include/clang/Analysis/PathSensitive/Store.h index b8d6364388..ed30a8bca5 100644 --- a/include/clang/Analysis/PathSensitive/Store.h +++ b/include/clang/Analysis/PathSensitive/Store.h @@ -112,6 +112,11 @@ public: /// casted and 'CastToTy' the result type of the cast. virtual CastResult CastRegion(const GRState* state, const MemRegion* R, QualType CastToTy) = 0; + + /// EvalBinOp - Perform pointer arithmetic. + virtual SVal EvalBinOp(BinaryOperator::Opcode Op, Loc L, NonLoc R) { + return UnknownVal(); + } /// getSelfRegion - Returns the region for the 'self' (Objective-C) or /// 'this' object (C++). When used when analyzing a normal function this diff --git a/lib/Analysis/GRSimpleVals.cpp b/lib/Analysis/GRSimpleVals.cpp index d50876e5b3..90d9e57bfd 100644 --- a/lib/Analysis/GRSimpleVals.cpp +++ b/lib/Analysis/GRSimpleVals.cpp @@ -265,7 +265,8 @@ SVal GRSimpleVals::EvalBinOp(GRExprEngine& Eng, BinaryOperator::Opcode Op, SVal GRSimpleVals::EvalBinOp(GRExprEngine& Eng, BinaryOperator::Opcode Op, Loc L, NonLoc R) { - return UnknownVal(); + // Delegate pointer arithmetic to store manager. + return Eng.getStoreManager().EvalBinOp(Op, L, R); } // Equality operators for Locs. diff --git a/lib/Analysis/RegionStore.cpp b/lib/Analysis/RegionStore.cpp index e6e530bc0f..7ab54b8b25 100644 --- a/lib/Analysis/RegionStore.cpp +++ b/lib/Analysis/RegionStore.cpp @@ -170,6 +170,8 @@ public: CastResult CastRegion(const GRState* state, const MemRegion* R, QualType CastToTy); + SVal EvalBinOp(BinaryOperator::Opcode Op, Loc L, NonLoc R); + /// The high level logic for this method is this: /// Retrieve (L) /// if L has binding @@ -551,6 +553,33 @@ RegionStoreManager::CastRegion(const GRState* state, const MemRegion* R, return CastResult(AddRegionView(state, ViewR, R), ViewR); } +SVal RegionStoreManager::EvalBinOp(BinaryOperator::Opcode Op, Loc L, NonLoc R) { + // Assume the base location is MemRegionVal(ElementRegion). + + if (!isa<loc::MemRegionVal>(L)) { + return UnknownVal(); + } + + const MemRegion* MR = cast<loc::MemRegionVal>(L).getRegion(); + + const ElementRegion* ER = cast<ElementRegion>(MR); + SVal Idx = ER->getIndex(); + + nonloc::ConcreteInt* Base = dyn_cast<nonloc::ConcreteInt>(&Idx); + nonloc::ConcreteInt* Offset = dyn_cast<nonloc::ConcreteInt>(&R); + + // Only support concrete integer indexes for now. + if (Base && Offset) { + SVal NewIdx = Base->EvalBinOp(getBasicVals(), Op, *Offset); + + const MemRegion* NewER = MRMgr.getElementRegion(NewIdx, + ER->getArrayRegion()); + return Loc::MakeVal(NewER); + + } else + return UnknownVal(); +} + SVal RegionStoreManager::Retrieve(const GRState* St, Loc L, QualType T) { assert(!isa<UnknownVal>(L) && "location unknown"); assert(!isa<UndefinedVal>(L) && "location undefined"); |