array indexes are unsigned integers of the same width as pointer.
no-outofbounds.c still fails. Previously it passed because the array index
is mistakenly a loc::ConcreteInt.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70844 91177308-0d34-0410-b5e6-96231b3b80d8
diff --git a/lib/Analysis/BasicStore.cpp b/lib/Analysis/BasicStore.cpp
index 969e4c9..598191f57 100644
--- a/lib/Analysis/BasicStore.cpp
+++ b/lib/Analysis/BasicStore.cpp
@@ -213,11 +213,10 @@
const MemRegion *R = cast<loc::MemRegionVal>(BaseL).getRegion();
if (isa<ElementRegion>(R)) {
- // Basic example:
- // char buf[100];
- // char *q = &buf[1]; // p points to ElementRegion(buf,Unknown)
- // &q[10]
- //assert(cast<ElementRegion>(R)->getIndex().isUnknown());
+ // int x;
+ // char* y = (char*) &x;
+ // 'y' => ElementRegion(0, VarRegion('x'))
+ // y[0] = 'a';
return Base;
}
diff --git a/lib/Analysis/SVals.cpp b/lib/Analysis/SVals.cpp
index 71f09d2..43ede0f 100644
--- a/lib/Analysis/SVals.cpp
+++ b/lib/Analysis/SVals.cpp
@@ -227,6 +227,10 @@
return UnknownVal();
}
+SVal ValueManager::makeZeroIndex() {
+ return nonloc::ConcreteInt(BasicVals.getZeroWithPtrWidth(false));
+}
+
//===----------------------------------------------------------------------===//
// Utility methods for constructing Non-Locs.
//===----------------------------------------------------------------------===//
diff --git a/lib/Analysis/Store.cpp b/lib/Analysis/Store.cpp
index 76437d2..c9c49c6 100644
--- a/lib/Analysis/Store.cpp
+++ b/lib/Analysis/Store.cpp
@@ -67,7 +67,7 @@
// the types aren't the same, so we construct an ElementRegion.
// FIXME: We should have a standard query function to get the size
// of the array index.
- SVal Idx = ValMgr.makeZeroVal(ValMgr.getContext().VoidPtrTy);
+ SVal Idx = ValMgr.makeZeroIndex();
// If the super region is an element region, strip it away.
// FIXME: Is this the right thing to do in all cases?