[cfe-commits] r63110 - in /cfe/trunk: lib/Analysis/BasicStore.cpp test/Analysis/misc-ps.m
Ted Kremenek
kremenek at apple.com
Tue Jan 27 10:29:03 PST 2009
Author: kremenek
Date: Tue Jan 27 12:29:03 2009
New Revision: 63110
URL: http://llvm.org/viewvc/llvm-project?rev=63110&view=rev
Log:
Fix bug in BasicStore::getLValueElement where if the base of an array subscript expression was an ElementRegion we stacked another ElementRegion on top of that.
This fixes PR 3422.
Modified:
cfe/trunk/lib/Analysis/BasicStore.cpp
cfe/trunk/test/Analysis/misc-ps.m
Modified: cfe/trunk/lib/Analysis/BasicStore.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/Analysis/BasicStore.cpp?rev=63110&r1=63109&r2=63110&view=diff
==============================================================================
--- cfe/trunk/lib/Analysis/BasicStore.cpp (original)
+++ cfe/trunk/lib/Analysis/BasicStore.cpp Tue Jan 27 12:29:03 2009
@@ -203,7 +203,6 @@
SVal BasicStoreManager::getLValueElement(const GRState* St, SVal Base,
SVal Offset) {
-
if (Base.isUnknownOrUndef())
return Base;
@@ -233,6 +232,17 @@
case loc::MemRegionKind: {
const MemRegion *R = cast<loc::MemRegionVal>(BaseL).getRegion();
+
+ if (isa<ElementRegion>(R)) {
+ // Basic example:
+ // char buf[100];
+ // char *q = &buf[1]; // p points to ElementRegion(buf,Unknown)
+ // &q[10]
+ assert(cast<ElementRegion>(R)->getIndex().isUnknown());
+ return Base;
+ }
+
+
if (const TypedRegion *TR = dyn_cast<TypedRegion>(R)) {
BaseR = TR;
break;
@@ -244,7 +254,7 @@
break;
}
-
+
case loc::ConcreteIntKind:
// While these seem funny, this can happen through casts.
// FIXME: What we should return is the field offset. For example,
Modified: cfe/trunk/test/Analysis/misc-ps.m
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/misc-ps.m?rev=63110&r1=63109&r2=63110&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/misc-ps.m (original)
+++ cfe/trunk/test/Analysis/misc-ps.m Tue Jan 27 12:29:03 2009
@@ -100,3 +100,11 @@
*p = 1; // no-warning
}
+// PR 3422
+void pr3422_helper(char *p);
+void pr3422() {
+ char buf[100];
+ char *q = &buf[10];
+ pr3422_helper(&q[1]);
+}
+
More information about the cfe-commits
mailing list