[analyzer] - get ElementRegions from MemRegion

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[analyzer] - get ElementRegions from MemRegion

Troy Johnson via cfe-dev
Hi everyone,

I'd like to get all ElementRegions of a MemRegion
passed as an argument to a CallEvent.
The MemRegion represents a fixed size array.

When I pass elements of the array to a function, I get this:
int arr[2];
f(&arr[1]) // element{arr,0 S32b,int*}
f(&arr[0]) // element{arr,1 S32b,int*}

Is it possible to retrieve the single ElementRegions from an array
passed as a whole?
g(arr) // element{arr,0 S32b,int*}, element{arr,1 S32b,int*}

For a single index I tried:
const MemRegion *memRegion = callEvent.getArgSVal(0).getAsRegion();
MemRegionManager *regionManager = memRegion->getMemRegionManager();
SVal idx = ctx.getSValBuilder().makeArrayIndex(1);
auto elementRegion = regionManager->getElementRegion(
     callEvent.getArgExpr(0)->getType(), idx.castAs<NonLoc>(),
     memRegion, ctx.getASTContext());

Logging elementRegion yields:
element{element{arr,0 S32b,int *},1 S32b,int **}

-Alex




_______________________________________________
cfe-dev mailing list
[hidden email]
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: [analyzer] - get ElementRegions from MemRegion

Troy Johnson via cfe-dev
To get from:
element{element{arr,0 S32b,int *},1 S32b,int **}

to:
element{arr,1 S32b,int*}

the pointee type of the argument needs to be passed to
the region manager when calling getElementRegion().
After that the obtained ElementRegion needs to be casted
to a MemRegion.

const ElementRegion *elementRegion =
    regionManager->getElementRegion(
    callEvent.getArgExpr(1)->getType()->getPointeeType(), idx,
    varRegion, ctx.getASTContext());

elementRegion->getAs<MemRegion>()


On 16.08.15 10:36, Alexander Droste wrote:

> Hi everyone,
>
> I'd like to get all ElementRegions of a MemRegion
> passed as an argument to a CallEvent.
> The MemRegion represents a fixed size array.
>
> When I pass elements of the array to a function, I get this:
> int arr[2];
> f(&arr[1]) // element{arr,0 S32b,int*}
> f(&arr[0]) // element{arr,1 S32b,int*}
>
> Is it possible to retrieve the single ElementRegions from an array
> passed as a whole?
> g(arr) // element{arr,0 S32b,int*}, element{arr,1 S32b,int*}
>
> For a single index I tried:
> const MemRegion *memRegion = callEvent.getArgSVal(0).getAsRegion();
> MemRegionManager *regionManager = memRegion->getMemRegionManager();
> SVal idx = ctx.getSValBuilder().makeArrayIndex(1);
> auto elementRegion = regionManager->getElementRegion(
>      callEvent.getArgExpr(0)->getType(), idx.castAs<NonLoc>(),
>      memRegion, ctx.getASTContext());
>
> Logging elementRegion yields:
> element{element{arr,0 S32b,int *},1 S32b,int **}
>
> -Alex
>
>
>
>
_______________________________________________
cfe-dev mailing list
[hidden email]
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev