| Age | Commit message (Collapse) | Author |
|---|
|
- Eliminates many calls to std::string.c_str()
- Fixes an invalid read in ReturnStackAddressChecker due to an unsafe call to
StringRef.data() which doesn't guarantee null-termination.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@88779 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Add a CheckLocation() interface to Checker.
Now ImplicitNullDeref nodes are cached in NullDerefChecker.
More cleanups follow.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@85471 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
to a noreturn or panic function
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@81803 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
local node information.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@81433 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@81346 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Now AnalysisManager is the only place we can get CodeDecl.
This leads to an API change: GRState::bindExpr() now takes the CFG argument.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@79980 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@79328 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
BugReporter.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@79327 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
which allows custom checks to register callback creator functions for creating
BugReporterVisitor objects. This allows various checks to include diagnostics
such as 'assuming value is null' with little extra work. Eventually this API
should be refactored to be cleaner and more simple.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@79302 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
merge ExplodedGraphImpl and ExplodedGraph.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@78291 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
and their impl base classes. This can greatly simply some code of the core
analysis engine. This patch merges ExplodedNodeImpl into ExplodedNode.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@78270 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@77446 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Educate GRExprEngine::VisitGraph() about 'PreStmt'.
Mark the constructor of 'PostStmt' to be explicit, preventing implicit
conversions and the selection of the wrong 'generateNode' method in
GRStmtNodeBuilder.
Constify a bunch of arguments, which falls out of the changes to ProgramPoint.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@76809 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
BugReporter API. No real functionality change.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@76760 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@71135 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
'BugReporterVisitor'. This simplifies callbacks from BugReporter to BugReports
(via VisitNode). It also lays the foundation for arbitrary visitor "call backs"
that can be registered to a BugReporterContext as a PathDiagnostic is
constructed. These call backs can help operate as separate "experts" that can
work on constructed pieces of a PathDiagnostic for which they possess special
knowledge.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@71121 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- Add an (optional) short description for BugReports for clients that want
to distinguish between long and short descriptions for bugs
- Make the bug report for VLA less obscene for Plist diagnostics by using
the short description
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70415 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@66621 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
back to the summary used when evaluating the statement associated with a
simulation node. This is now being used to help improve the checker's
diagnostics. To get things started, the checker now emits a path diagnostic
indicating that 'autorelease' is a no-op in GC mode.
Some of these changes are exposing further grossness in the interface between
BugReporter and the ExplodedGraph::Trim facilities. These really need to be
cleaned up one day.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64881 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64042 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
the ownership of BugTypes and BugReports. Now BugReports are owned by BugTypes,
and BugTypes are owned by the BugReporter object.
The major functionality change in this patch is that reports are not immediately
emitted by a call to BugReporter::EmitWarning (now called EmitReport), but
instead of queued up in report "equivalence classes". When
BugReporter::FlushReports() is called, it emits one diagnostic per report
equivalence class. This provides a nice cleanup with the caching of reports as
well as enables the BugReporter engine to select the "best" path for reporting a
path-sensitive bug based on all the locations in the ExplodedGraph that the same
bug could occur.
Along with this patch, Leaks are now coalesced into a common equivalence class
by their allocation site, and the "summary" diagnostic for leaks now reports the
allocation site as the location of the bug (this may later be augmented to also
provide an example location where the leak occurs).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@63796 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
diagnostics the code paths for diagnostics involving paths or single locations are now unified. This patch also constifies many arguments/methods that are touched by this logic, leading to a nice overall code cleanup.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@62903 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
used by Diagnostics to determine if a diagnostic sent to a given DiagnosticClient should be included in the count of diagnostics. The default implementation of this method returns 'true'.
Implemented DiagCollector::IncludeInDiagnosticCounts() to return 'false' so that the batching of diagnostics for use with BugReporter doesn't mess up the count of real diagnostics.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@62873 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
the representation of symbolic values.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@60575 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
without calling getAsString(). This implicitly puts quotes around the
name, so diagnostics need to be tweaked to accommodate this.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@59916 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
No functionality change.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@59908 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
diags over to use this. QualTypes implicitly print single quotes around
them for uniformity and future extension.
Doing this requires a little function pointer dance to prevent libbasic
from depending on libast.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@59907 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
one for building up the diagnostic that is in flight (DiagnosticBuilder)
and one for pulling structured information out of the diagnostic when
formatting and presenting it.
There is no functionality change with this patch.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@59849 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
strings
first. This should allow removal of a bunch of II->getName() calls.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@59601 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@59598 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
const char*'s are now not converted to std::strings when the diagnostic
is formed, we just hold onto their pointer and format as needed.
This commit makes DiagnosticClient::FormatDiagnostic even more of a
mess, I'll fix it in the next commit.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@59593 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@59523 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
are formed. In particular, a diagnostic with all its strings and ranges is now
packaged up and sent to DiagnosticClients as a DiagnosticInfo instead of as a
ton of random stuff. This has the benefit of simplifying the interface, making
it more extensible, and allowing us to do more checking for things like access
past the end of the various arrays passed in.
In addition to introducing DiagnosticInfo, this also substantially changes how
Diagnostic::Report works. Instead of being passed in all of the info required
to issue a diagnostic, Report now takes only the required info (a location and
ID) and returns a fresh DiagnosticInfo *by value*. The caller is then free to
stuff strings and ranges into the DiagnosticInfo with the << operator. When
the dtor runs on the DiagnosticInfo object (which should happen at the end of
the statement), the diagnostic is actually emitted with all of the accumulated
information. This is a somewhat tricky dance, but it means that the
accumulated DiagnosticInfo is allowed to keep pointers to other expression
temporaries without those pointers getting invalidated.
This is just the minimal change to get this stuff working, but this will allow
us to eliminate the zillions of variant "Diag" methods scattered throughout
(e.g.) sema. For example, instead of calling:
Diag(BuiltinLoc, diag::err_overload_no_match, typeNames,
SourceRange(BuiltinLoc, RParenLoc));
We will soon be able to just do:
Diag(BuiltinLoc, diag::err_overload_no_match)
<< typeNames << SourceRange(BuiltinLoc, RParenLoc));
This scales better to support arbitrary types being passed in (not just
strings) in a type-safe way. Go operator overloading?!
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@59502 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
strings instead of array of strings. This reduces string copying
in some not-very-important cases, but paves the way for future
improvements.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@59494 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@59493 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@56394 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Changed casing of many bug names. The convention will be to have bug names (mostly) lower cased, and categories use some capitalization.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@56385 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
end of the retain/release analysis.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@56312 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
motivated because it became clear that the number of subclasses of ProgramPoint
would expand and we ran out of bits to represent a pointer variant. As a plus of
this change, BlockEdge program points can now be represented explicitly without
using a cache of CFGBlock* pairs in CFG.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@56245 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Rename ValueStateManager -> GRStateManager.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@54721 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
of the variable whose address was returned.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@54253 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
arguments marked nonnull.
This implements <rdar://problem/6069935>
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53891 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
BugReporter::EmitBasicReport interface.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53573 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
simple bug diagnostics.
Refactored error reporting in CheckObjCDealloc and CheckObjCInstMethSignature to use this new bug reporting interface (major code simplification).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53560 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
instead of references, because they can both fail
on functions we cannot construct full CFGs for yet.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53081 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
-dealloc, and whether or not that implementation calls [super dealloc].
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53075 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
BugReporter interface.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53054 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
ASTContext&, PathDiagnosticClient*, can be provided by an external source.
Split BugReporter into BugReporter and GRBugReporter so checkers not based on GRExprEngine can still use the BugReporter mechanism.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53048 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
1) Check if a dead store appears as a subexpression. For such cases, we emit
a verbose diagnostic so that users aren't confused. This addresses:
<rdar://problem/5968508> checker gives misleading report for dead store in loop
2) Don't emit a dead store warning when assigning a null value to a pointer.
This is a common form of defensive programming. We may wish to make
this an option to the the checker one day.
This addresses the feature request in the following email:
http://lists.cs.uiuc.edu/pipermail/cfe-dev/2008-June/001978.html
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@52555 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
commit.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@51470 91177308-0d34-0410-b5e6-96231b3b80d8
|
