}
// Check for casts from a region to a specific type.
- if (loc::MemRegionVal *RV = dyn_cast<loc::MemRegionVal>(&V)) {
+ if (loc::MemRegionVal *RV = dyn_cast<loc::MemRegionVal>(&V)) {
+ // FIXME: For TypedViewRegions, we should handle the case where the
+ // underlying symbolic pointer is a function pointer or
+ // block pointer.
+
+ // FIXME: We should handle the case where we strip off view layers to get
+ // to a desugared type.
+
assert(Loc::IsLocType(T));
assert(Loc::IsLocType(ExTy));
// Just pass through symbols that are function or block pointers.
if (SymTy->isFunctionPointerType() || SymTy->isBlockPointerType())
goto PassThrough;
+
+ // Are we casting to a function or block pointer?
+ if (T->isFunctionPointerType() || T->isBlockPointerType()) {
+ // FIXME: We should verify that the underlying type of the symbolic
+ // pointer is a void* (or maybe char*). Other things are an abuse
+ // of the type system.
+ goto PassThrough;
+ }
StoreManager& StoreMgr = getStoreManager();
const MemRegion* R =
// Test function pointer casts. Currently we track function addresses using
// loc::FunctionVal. Because casts can be arbitrary, do we need to model
// functions with regions?
-
-typedef void (*MyFuncTest1)(void);
+typedef void* (*MyFuncTest1)(void);
MyFuncTest1 test1_aux(void);
void test1(void) {
p = ((void*) test1_aux());
if (p != ((void*) 0)) x = (*p)();
}
+
+// Test casts from void* to function pointers. Same issue as above:
+// should we eventually model function pointers using regions?
+void* test2(void *p) {
+ MyFuncTest1 fp = (MyFuncTest1) p;
+ return (*fp)();
+}
projects / clang / commitdiff