[cfe-commits] r63928 - in /cfe/trunk: lib/Analysis/MemRegion.cpp lib/Analysis/RegionStore.cpp test/Analysis/null-deref-ps.c
Zhongxing Xu
xuzhongxing at gmail.com
Fri Feb 6 00:44:28 PST 2009
Author: zhongxingxu
Date: Fri Feb 6 02:44:27 2009
New Revision: 63928
URL: http://llvm.org/viewvc/llvm-project?rev=63928&view=rev
Log:
Create ElementRegion when the base is SymbolicRegion. This is like what we do
for FieldRegion. This enables us to track more values.
Simplify SymbolicRegion::getRValueType(). We assume the symbol always has
pointer type.
Modified:
cfe/trunk/lib/Analysis/MemRegion.cpp
cfe/trunk/lib/Analysis/RegionStore.cpp
cfe/trunk/test/Analysis/null-deref-ps.c
Modified: cfe/trunk/lib/Analysis/MemRegion.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Analysis/MemRegion.cpp?rev=63928&r1=63927&r2=63928&view=diff
==============================================================================
--- cfe/trunk/lib/Analysis/MemRegion.cpp (original)
+++ cfe/trunk/lib/Analysis/MemRegion.cpp Fri Feb 6 02:44:27 2009
@@ -114,18 +114,14 @@
QualType SymbolicRegion::getRValueType(ASTContext& C) const {
const SymbolData& data = SymMgr.getSymbolData(sym);
- // FIXME: We could use the SymbolManager::getType() directly. But that
- // would hide the assumptions we made here. What is the type of a symbolic
- // region is unclear for other cases.
-
- // For now we assume the symbol is a typed region rvalue.
- const TypedRegion* R
- = cast<TypedRegion>(cast<SymbolRegionRValue>(data).getRegion());
-
- // Assume the region rvalue has a pointer type, only then we could have a
- // symbolic region associated with it.
- PointerType* PTy = cast<PointerType>(R->getRValueType(C).getTypePtr());
+ // Get the type of the symbol.
+ QualType T = data.getType(C);
+ // Only when the symbol has pointer type it can have a symbolic region
+ // associated with it.
+ PointerType* PTy = cast<PointerType>(T.getTypePtr()->getDesugaredType());
+
+ // The type of the symbolic region is the pointee type of the symbol.
return PTy->getPointeeType();
}
Modified: cfe/trunk/lib/Analysis/RegionStore.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Analysis/RegionStore.cpp?rev=63928&r1=63927&r2=63928&view=diff
==============================================================================
--- cfe/trunk/lib/Analysis/RegionStore.cpp (original)
+++ cfe/trunk/lib/Analysis/RegionStore.cpp Fri Feb 6 02:44:27 2009
@@ -339,15 +339,20 @@
SVal RegionStoreManager::getLValueElement(const GRState* St,
SVal Base, SVal Offset) {
- if (Base.isUnknownOrUndef() || isa<loc::SymbolVal>(Base))
+ if (Base.isUnknownOrUndef())
return Base;
// Only handle integer offsets... for now.
if (!isa<nonloc::ConcreteInt>(Offset))
return UnknownVal();
- const TypedRegion *BaseRegion =
- cast<TypedRegion>(cast<loc::MemRegionVal>(Base).getRegion());
+ const TypedRegion* BaseRegion = 0;
+
+ if (isa<loc::SymbolVal>(Base))
+ BaseRegion = MRMgr.getSymbolicRegion(cast<loc::SymbolVal>(Base).getSymbol(),
+ StateMgr.getSymbolManager());
+ else
+ BaseRegion = cast<TypedRegion>(cast<loc::MemRegionVal>(Base).getRegion());
// Pointer of any type can be cast and used as array base.
const ElementRegion *ElemR = dyn_cast<ElementRegion>(BaseRegion);
@@ -476,6 +481,12 @@
return UnknownVal();
}
+ if (const SymbolicRegion* SR = dyn_cast<SymbolicRegion>(R)) {
+ // FIXME: Unsupported yet.
+ SR = 0;
+ return UnknownVal();
+ }
+
assert(0 && "Other regions are not supported yet.");
return UnknownVal();
}
Modified: cfe/trunk/test/Analysis/null-deref-ps.c
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/null-deref-ps.c?rev=63928&r1=63927&r2=63928&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/null-deref-ps.c (original)
+++ cfe/trunk/test/Analysis/null-deref-ps.c Fri Feb 6 02:44:27 2009
@@ -212,3 +212,12 @@
*p = 1; // no-warning
}
+// Exercise ElementRegion with SymbolicRegion as super region.
+void foo(int* p) {
+ int *x;
+ int a;
+ if (p[0] == 1)
+ x = &a;
+ if (p[0] == 1)
+ *x; // no-warning
+}
More information about the cfe-commits
mailing list