diff options
5 files changed, 14 insertions, 10 deletions
diff --git a/include/clang/StaticAnalyzer/PathSensitive/Checker.h b/include/clang/StaticAnalyzer/PathSensitive/Checker.h index 797a377c56..82205dcd13 100644 --- a/include/clang/StaticAnalyzer/PathSensitive/Checker.h +++ b/include/clang/StaticAnalyzer/PathSensitive/Checker.h @@ -245,7 +245,7 @@ private: CheckerContext C(Dst, Builder, Eng, Pred, tag, isLoad ? ProgramPoint::PreLoadKind : ProgramPoint::PreStoreKind, 0, S, state); - visitLocation(C, S, location); + visitLocation(C, S, location, isLoad); } void GR_evalDeadSymbols(ExplodedNodeSet &Dst, StmtNodeBuilder &Builder, @@ -260,7 +260,8 @@ public: virtual ~Checker(); virtual void _PreVisit(CheckerContext &C, const Stmt *S) {} virtual void _PostVisit(CheckerContext &C, const Stmt *S) {} - virtual void visitLocation(CheckerContext &C, const Stmt *S, SVal location) {} + virtual void visitLocation(CheckerContext &C, const Stmt *S, SVal location, + bool isLoad) {} virtual void PreVisitBind(CheckerContext &C, const Stmt *StoreE, SVal location, SVal val) {} virtual void evalDeadSymbols(CheckerContext &C, SymbolReaper &SymReaper) {} diff --git a/lib/StaticAnalyzer/Checkers/ArrayBoundChecker.cpp b/lib/StaticAnalyzer/Checkers/ArrayBoundChecker.cpp index 13e628bcb1..d52427bf9d 100644 --- a/lib/StaticAnalyzer/Checkers/ArrayBoundChecker.cpp +++ b/lib/StaticAnalyzer/Checkers/ArrayBoundChecker.cpp @@ -27,7 +27,7 @@ class ArrayBoundChecker : public: ArrayBoundChecker() : BT(0) {} static void *getTag() { static int x = 0; return &x; } - void visitLocation(CheckerContext &C, const Stmt *S, SVal l); + void visitLocation(CheckerContext &C, const Stmt *S, SVal l, bool isLoad); }; } @@ -35,7 +35,8 @@ void ento::RegisterArrayBoundChecker(ExprEngine &Eng) { Eng.registerCheck(new ArrayBoundChecker()); } -void ArrayBoundChecker::visitLocation(CheckerContext &C, const Stmt *S, SVal l){ +void ArrayBoundChecker::visitLocation(CheckerContext &C, const Stmt *S, SVal l, + bool isLoad) { // Check for out of bound array element access. const MemRegion *R = l.getAsRegion(); if (!R) diff --git a/lib/StaticAnalyzer/Checkers/ArrayBoundCheckerV2.cpp b/lib/StaticAnalyzer/Checkers/ArrayBoundCheckerV2.cpp index b55fadebf8..f6d3e15d96 100644 --- a/lib/StaticAnalyzer/Checkers/ArrayBoundCheckerV2.cpp +++ b/lib/StaticAnalyzer/Checkers/ArrayBoundCheckerV2.cpp @@ -34,7 +34,7 @@ class ArrayBoundCheckerV2 : public: ArrayBoundCheckerV2() : BT(0) {} static void *getTag() { static int x = 0; return &x; } - void visitLocation(CheckerContext &C, const Stmt *S, SVal l); + void visitLocation(CheckerContext &C, const Stmt *S, SVal l, bool isLoad); }; // FIXME: Eventually replace RegionRawOffset with this class. @@ -68,7 +68,7 @@ void ento::RegisterArrayBoundCheckerV2(ExprEngine &Eng) { void ArrayBoundCheckerV2::visitLocation(CheckerContext &checkerContext, const Stmt *S, - SVal location) { + SVal location, bool isLoad) { // NOTE: Instead of using GRState::assumeInBound(), we are prototyping // some new logic here that reasons directly about memory region extents. diff --git a/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp b/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp index 7dc8ec84df..3f6f943329 100644 --- a/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp +++ b/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp @@ -29,7 +29,8 @@ class DereferenceChecker : public Checker { public: DereferenceChecker() : BT_null(0), BT_undef(0) {} static void *getTag() { static int tag = 0; return &tag; } - void visitLocation(CheckerContext &C, const Stmt *S, SVal location); + void visitLocation(CheckerContext &C, const Stmt *S, SVal location, + bool isLoad); std::pair<ExplodedNode * const*, ExplodedNode * const*> getImplicitNodes() const { @@ -85,7 +86,7 @@ void DereferenceChecker::AddDerefSource(llvm::raw_ostream &os, } void DereferenceChecker::visitLocation(CheckerContext &C, const Stmt *S, - SVal l) { + SVal l, bool isLoad) { // Check for dereference of an undefined value. if (l.isUndef()) { if (ExplodedNode *N = C.generateSink()) { diff --git a/lib/StaticAnalyzer/Checkers/MallocChecker.cpp b/lib/StaticAnalyzer/Checkers/MallocChecker.cpp index 9375947abb..36968ecd1f 100644 --- a/lib/StaticAnalyzer/Checkers/MallocChecker.cpp +++ b/lib/StaticAnalyzer/Checkers/MallocChecker.cpp @@ -82,7 +82,7 @@ public: void PreVisitReturnStmt(CheckerContext &C, const ReturnStmt *S); const GRState *evalAssume(const GRState *state, SVal Cond, bool Assumption, bool *respondsToCallback); - void visitLocation(CheckerContext &C, const Stmt *S, SVal l); + void visitLocation(CheckerContext &C, const Stmt *S, SVal l, bool isLoad); virtual void PreVisitBind(CheckerContext &C, const Stmt *StoreE, SVal location, SVal val); @@ -653,7 +653,8 @@ const GRState *MallocChecker::evalAssume(const GRState *state, SVal Cond, } // Check if the location is a freed symbolic region. -void MallocChecker::visitLocation(CheckerContext &C, const Stmt *S, SVal l) { +void MallocChecker::visitLocation(CheckerContext &C, const Stmt *S, SVal l, + bool isLoad) { SymbolRef Sym = l.getLocSymbolInBase(); if (Sym) { const RefState *RS = C.getState()->get<RegionState>(Sym); |