diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/Analysis/BasicStore.cpp | 23 | ||||
| -rw-r--r-- | lib/Analysis/GRExprEngine.cpp | 12 | ||||
| -rw-r--r-- | lib/Analysis/MemRegion.cpp | 8 | ||||
| -rw-r--r-- | lib/Analysis/RegionStore.cpp | 16 |
4 files changed, 37 insertions, 22 deletions
diff --git a/lib/Analysis/BasicStore.cpp b/lib/Analysis/BasicStore.cpp index 207f609609..91d85c4c2b 100644 --- a/lib/Analysis/BasicStore.cpp +++ b/lib/Analysis/BasicStore.cpp @@ -171,7 +171,7 @@ SVal BasicStoreManager::getLValueElement(const GRState* St, SVal Base, return Base; Loc BaseL = cast<Loc>(Base); - const MemRegion* BaseR = 0; + const TypedRegion* BaseR = 0; switch(BaseL.getSubKind()) { case loc::SymbolValKind: { @@ -194,9 +194,19 @@ SVal BasicStoreManager::getLValueElement(const GRState* St, SVal Base, // Technically we can get here if people do funny things with casts. return UndefinedVal(); - case loc::MemRegionKind: - BaseR = cast<loc::MemRegionVal>(BaseL).getRegion(); + case loc::MemRegionKind: { + const MemRegion *R = cast<loc::MemRegionVal>(BaseL).getRegion(); + if (const TypedRegion *TR = dyn_cast<TypedRegion>(R)) { + BaseR = TR; + break; + } + + // FIXME: Handle SymbolRegions? Shouldn't be possible in + // BasicStoreManager. + assert(!isa<SymbolicRegion>(R)); + break; + } case loc::ConcreteIntKind: // While these seem funny, this can happen through casts. @@ -210,9 +220,10 @@ SVal BasicStoreManager::getLValueElement(const GRState* St, SVal Base, return Base; } - // We return an "unknown" index because we aren't reasoning about indices - // at all. - return loc::MemRegionVal(MRMgr.getElementRegion(UnknownVal(), BaseR)); + if (BaseR) + return loc::MemRegionVal(MRMgr.getElementRegion(UnknownVal(), BaseR)); + else + return UnknownVal(); } SVal BasicStoreManager::Retrieve(const GRState* state, Loc LV, QualType T) { diff --git a/lib/Analysis/GRExprEngine.cpp b/lib/Analysis/GRExprEngine.cpp index 96776b46ff..74e1a07631 100644 --- a/lib/Analysis/GRExprEngine.cpp +++ b/lib/Analysis/GRExprEngine.cpp @@ -1731,7 +1731,7 @@ void GRExprEngine::VisitCast(Expr* CastE, Expr* Ex, NodeTy* Pred, NodeSet& Dst){ continue; } - // Check for casts from AllocaRegion pointer to typed pointer. + // Check for casts from a pointer to a region to typed pointer. if (isa<loc::MemRegionVal>(V)) { assert(Loc::IsLocType(T)); assert(Loc::IsLocType(ExTy)); @@ -1740,14 +1740,8 @@ void GRExprEngine::VisitCast(Expr* CastE, Expr* Ex, NodeTy* Pred, NodeSet& Dst){ std::pair<const GRState*, SVal> Res = getStoreManager().CastRegion(St, V, T, CastE); - const GRState* NewSt = Res.first; - SVal NewPtr = Res.second; - - // If no new region is created, fall through to the default case. - if (NewSt != St) { - MakeNode(Dst, CastE, N, BindExpr(NewSt, CastE, NewPtr)); - continue; - } + MakeNode(Dst, CastE, N, BindExpr(Res.first, CastE, Res.second)); + continue; } // All other cases. diff --git a/lib/Analysis/MemRegion.cpp b/lib/Analysis/MemRegion.cpp index 1e580a8cd3..94ffb3f152 100644 --- a/lib/Analysis/MemRegion.cpp +++ b/lib/Analysis/MemRegion.cpp @@ -107,14 +107,13 @@ void ElementRegion::Profile(llvm::FoldingSetNodeID& ID) const { } QualType ElementRegion::getType(ASTContext& C) const { - QualType T = cast<TypedRegion>(superRegion)->getType(C); + QualType T = getArrayRegion()->getType(C); if (isa<ArrayType>(T.getTypePtr())) { ArrayType* AT = cast<ArrayType>(T.getTypePtr()); return AT->getElementType(); } else { - assert (isa<AnonTypedRegion>(superRegion)); PointerType* PtrT = cast<PointerType>(T.getTypePtr()); QualType PTy = PtrT->getPointeeType(); return C.getCanonicalType(PTy); @@ -278,8 +277,9 @@ MemRegionManager::getCompoundLiteralRegion(const CompoundLiteralExpr* CL) { return R; } -ElementRegion* MemRegionManager::getElementRegion(SVal Idx, - const MemRegion* superRegion){ +ElementRegion* +MemRegionManager::getElementRegion(SVal Idx, const TypedRegion* superRegion){ + llvm::FoldingSetNodeID ID; ElementRegion::ProfileRegion(ID, Idx, superRegion); diff --git a/lib/Analysis/RegionStore.cpp b/lib/Analysis/RegionStore.cpp index e065c5c410..defa80f324 100644 --- a/lib/Analysis/RegionStore.cpp +++ b/lib/Analysis/RegionStore.cpp @@ -287,7 +287,7 @@ SVal RegionStoreManager::getLValueElement(const GRState* St, SVal NewIdx = CI1->EvalBinOp(getBasicVals(), BinaryOperator::Add, *CI2); return loc::MemRegionVal(MRMgr.getElementRegion(NewIdx, - ElemR->getSuperRegion())); + ElemR->getArrayRegion())); } return UnknownVal(); @@ -360,8 +360,18 @@ SVal RegionStoreManager::getSizeInElements(const GRState* St, // Cast 'pointer to array' to 'pointer to the first element of array'. SVal RegionStoreManager::ArrayToPointer(SVal Array) { - const MemRegion* ArrayR = cast<loc::MemRegionVal>(&Array)->getRegion(); - + if (Array.isUnknownOrUndef()) + return Array; + + if (!isa<loc::MemRegionVal>(Array)) + return UnknownVal(); + + const MemRegion* R = cast<loc::MemRegionVal>(&Array)->getRegion(); + const TypedRegion* ArrayR = dyn_cast<TypedRegion>(R); + + if (ArrayR) + return UnknownVal(); + nonloc::ConcreteInt Idx(getBasicVals().getZeroWithPtrWidth(false)); ElementRegion* ER = MRMgr.getElementRegion(Idx, ArrayR); |