[cfe-commits] r111116 - in /cfe/trunk: include/clang/Checker/PathSensitive/ConstraintManager.h include/clang/Checker/PathSensitive/GRState.h lib/Checker/FlatStore.cpp lib/Checker/RegionStore.cpp lib/Checker/SimpleConstraintManager.cpp lib/Checker/SimpleConstraintManager.h lib/Checker/Store.cpp test/Analysis/outofbound.c

Ted Kremenek kremenek at apple.com
Mon Aug 16 09:00:11 PDT 2010 

On Aug 15, 2010, at 6:15 PM, Jordy Rose wrote:

> ==============================================================================
> --- cfe/trunk/include/clang/Checker/PathSensitive/GRState.h (original)
> +++ cfe/trunk/include/clang/Checker/PathSensitive/GRState.h Sun Aug 15 20:15:17 2010
> @@ -618,9 +618,42 @@
>   if (Idx.isUnknown() || UpperBound.isUnknown())
>     return this;
> 
> -  ConstraintManager &CM = *getStateManager().ConstraintMgr;
> -  return CM.AssumeInBound(this, cast<DefinedSVal>(Idx),
> -                           cast<DefinedSVal>(UpperBound), Assumption);
> +  // Build an expression for 0 <= Idx < UpperBound.
> +  // This is the same as Idx + MIN < UpperBound + MIN, if overflow is allowed.
> +  // FIXME: This should probably be part of SValuator.
> +  GRStateManager &SM = getStateManager();
> +  ValueManager &VM = SM.getValueManager();
> +  SValuator &SV = VM.getSValuator();
> +  ASTContext &Ctx = VM.getContext();
> +
> +  // Get the offset: the minimum value of the array index type.
> +  BasicValueFactory &BVF = VM.getBasicValueFactory();
> +  // FIXME: This should be using ValueManager::ArrayIndexTy...somehow.
> +  QualType IndexTy = Ctx.IntTy;
> +  nonloc::ConcreteInt Min = BVF.getMinValue(IndexTy);
> +
> +  // Adjust the index.
> +  SVal NewIdx = SV.EvalBinOpNN(this, BinaryOperator::Add,
> +                               cast<NonLoc>(Idx), Min, IndexTy);
> +  if (NewIdx.isUnknownOrUndef())
> +    return this;
> +
> +  // Adjust the upper bound.
> +  SVal NewBound = SV.EvalBinOpNN(this, BinaryOperator::Add,
> +                                 cast<NonLoc>(UpperBound), Min, IndexTy);
> +  if (NewBound.isUnknownOrUndef())
> +    return this;
> +
> +  // Build the actual comparison.
> +  SVal InBound = SV.EvalBinOpNN(this, BinaryOperator::LT,
> +                                cast<NonLoc>(NewIdx), cast<NonLoc>(NewBound),
> +                                Ctx.IntTy);
> +  if (InBound.isUnknownOrUndef())
> +    return this;
> +
> +  // Finally, let the constraint manager take care of it.
> +  ConstraintManager &CM = SM.getConstraintManager();
> +  return CM.Assume(this, cast<DefinedSVal>(InBound), Assumption);
> }

Since this is no longer a simple function, we should move it out-of-line.

More information about the cfe-commits mailing list