From: Ted Kremenek Date: Wed, 1 Jul 2009 23:19:52 +0000 (+0000) Subject: Add a FIXME to RegionStore, do some minor code cleanup, and get RegionStore to X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=921109ab9c4a114da4588566bc56c09443ea2339;p=clang Add a FIXME to RegionStore, do some minor code cleanup, and get RegionStore to pass misc-ps.m. Currently RegionStore/BasicStore don't do any special reasoning about clang-style vectors, so we should return UnknownVal (in all cases) when accessing their values via an array. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@74660 91177308-0d34-0410-b5e6-96231b3b80d8 --- diff --git a/lib/Analysis/RegionStore.cpp b/lib/Analysis/RegionStore.cpp index 4857a402cf..bc83d1636d 100644 --- a/lib/Analysis/RegionStore.cpp +++ b/lib/Analysis/RegionStore.cpp @@ -918,12 +918,13 @@ SVal RegionStoreManager::RetrieveElement(const GRState* state, const ElementRegion* R) { // Check if the region has a binding. RegionBindingsTy B = GetRegionBindings(state->getStore()); - const SVal* V = B.lookup(R); - if (V) + if (const SVal* V = B.lookup(R)) return *V; + const MemRegion* superR = R->getSuperRegion(); + // Check if the region is an element region of a string literal. - if (const StringRegion *StrR=dyn_cast(R->getSuperRegion())) { + if (const StringRegion *StrR=dyn_cast(superR)) { const StringLiteral *Str = StrR->getStringLiteral(); SVal Idx = R->getIndex(); if (nonloc::ConcreteInt *CI = dyn_cast(&Idx)) { @@ -937,12 +938,8 @@ SVal RegionStoreManager::RetrieveElement(const GRState* state, } } - const MemRegion* SuperR = R->getSuperRegion(); - // Check if the super region has a default value. - const SVal* D = state->get(SuperR); - - if (D) { + if (const SVal *D = state->get(superR)) { if (D->hasConjuredSymbol()) return ValMgr.getRegionValueSymbolVal(R); else @@ -950,14 +947,29 @@ SVal RegionStoreManager::RetrieveElement(const GRState* state, } // Check if the super region has a binding. - D = B.lookup(SuperR); - if (D) { + if (B.lookup(superR)) { // We do not extract the bit value from super region for now. return ValMgr.makeUnknownVal(); } + + if (R->hasHeapStorage()) { + // FIXME: If the region has heap storage and we know nothing special + // about its bindings, should we instead return UnknownVal? Seems like + // we should only return UndefinedVal in the cases where we know the value + // will be undefined. + return UndefinedVal(); + } + + if (R->hasStackStorage()) { + // Currently we don't reason specially about Clang-style vectors. Check + // if superR is a vector and if so return Unknown. + if (const TypedRegion *typedSuperR = dyn_cast(superR)) { + if (typedSuperR->getValueType(getContext())->isVectorType()) + return UnknownVal(); + } - if (R->hasHeapOrStackStorage()) return UndefinedVal(); + } QualType Ty = R->getValueType(getContext()); diff --git a/test/Analysis/misc-ps.m b/test/Analysis/misc-ps.m index 205bac2c82..07aa15e874 100644 --- a/test/Analysis/misc-ps.m +++ b/test/Analysis/misc-ps.m @@ -1,8 +1,7 @@ // RUN: clang-cc -analyze -checker-cfref --analyzer-store=basic -analyzer-constraints=basic --verify -fblocks %s && -// RUN: clang-cc -analyze -checker-cfref --analyzer-store=basic -analyzer-constraints=range --verify -fblocks %s - -// NOWORK: clang-cc -analyze -checker-cfref --analyzer-store=region -analyzer-constraints=basic --verify -fblocks %s && -// NOWORK: clang-cc -analyze -checker-cfref --analyzer-store=region -analyzer-constraints=range --verify -fblocks %s +// RUN: clang-cc -analyze -checker-cfref --analyzer-store=basic -analyzer-constraints=range --verify -fblocks %s && +// RUN: clang-cc -analyze -checker-cfref --analyzer-store=region -analyzer-constraints=basic --verify -fblocks %s && +// RUN: clang-cc -analyze -checker-cfref --analyzer-store=region -analyzer-constraints=range --verify -fblocks %s typedef struct objc_selector *SEL; typedef signed char BOOL;