| Age | Commit message (Collapse) | Author |
|---|
|
currently.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@58886 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
available, things get much simplified.
One addition is that CompoundLiteralExpr can appear both in rvalue and lvalue
context.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@58837 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- SetSVal(GRState*, Loc, SVal) => BindLoc
- SetSVal(GRState*, Expr*, SVal) => BindExpr
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@58421 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
value.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@58419 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- Do not allow expressions to ever have reference type
- Extend Expr::isLvalue to handle more cases where having written a
reference into the source implies that the expression is an lvalue
(e.g., function calls, C++ casts).
- Make GRExprEngine::VisitCall treat the call arguments as lvalues when
they are being bound to a reference parameter.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@58306 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- GRExprEngine::VisitCompoundLiteral...
(1) visits the initializer list (generating ExplodedNodes)
(2) creates a CompoundMemRegion for the literal
(3) creates a new state with the bound literal values using
GRStateManager::BindCompoundLiteral
- GRStateManager::BindCompoundLiteral simply calls
StoreManager::BindCompoundLiteral to get a new store and returns a persistent
GRState with that store.
- BasicStore::BindCompoundLiteral simply returns the same store, as it
doesn't handle field sensitivity
- RegionStore::BindCompoundLiteral currently fires an assert (pending discussion
of how to best implement mappings for CompoundLiteralRegion).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@58277 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@58056 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57876 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
RVal => SVal
LVal => Loc
NonLVal => NonLoc
lval => loc
nonlval => nonloc
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57671 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
regions.
Remove GRExprEngine::getLVal and RValues::MakeVal.
Enhance StoreManager "GetLValue" methods to dispatch for specific kinds of lvalue queries, as opposed to interogating the expression tree (GRExprEngine already does this).
Added FIXMEs. In particular, we no longer "assume" that a base pointer in a field/array access is null (this logic was removed). Perhaps we should do this when fetching the lvalue for fields and array elements?
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57657 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57654 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
new VisitLValue method is added to replace the old VisitLVal. The semantics
model becomes more explicit to separate rvalue evaluation from lvalue
evaluation.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57627 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
the patch consists of deltas due to API changes.
This patch overhauls the "memory region" abstraction that was prototyped (but never really used) as part of the Store.h. This patch adds MemRegion.h and MemRegion.cpp, which defines the class MemRegion and its subclasses. This classes serve to define an abstract representation of memory, with regions being layered on other regions to to capture the relationships between fields and variables, variables and the address space they are allocated in, and so on.
The main motivation of this patch is that key parts of the analyzer assumed that all value bindings were to VarDecls. In the future this won't be the case, and this patch removes lval::DeclVal and replaces it with lval::MemRegionVal. Now all pieces of the analyzer must reason about abstract memory blocks instead of just variables.
There should be no functionality change from this patch, but it opens the door for significant improvements to the analyzer such as field-sensitivity and object-sensitivity, both which were on hold until the memory abstraction got generalized.
The memory region abstraction also allows type-information to literally be affixed to a memory region. This will allow the some now redundant logic to be removed from the retain/release checker.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57042 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
PostStmts.
GRExprEngine:
Use PostStore in EvalStore.
Use a second version of EvalStore in EvalBinaryOperator to associate the store with the expression on the LHS.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@56383 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
should be checked before being dereferenced.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@56318 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
end of the retain/release analysis.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@56312 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@55494 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@55487 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Rename ValueStateManager -> GRStateManager.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@54721 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
GRExprEngineInternalChecks.cpp.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53909 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
unfortunately needed because virtual methods with the same name can be hidden by subclasses.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53751 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
method.
Modified the new EvalBinOpNN to generate states instead of nodes. This is a much simpler interface and is what clients will want to do.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53750 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53748 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
there as well.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53743 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53740 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
of the methods only return an RVal; we want them to be able to create an arbitrary number of states.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53739 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
"batch auditor" to dispatch to specialized auditors instead of having a separate vector for each audited Expr*. This not only provides a much cleaner implementation, but also allows us to install auditors for any expression.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53464 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
current store implementation is now encapsulated by BasicStore.
These changes prompted some long due constification of ValueState. Much of the
diffs in this patch include adding "const" qualifiers.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53423 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53343 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
ASTContext&, PathDiagnosticClient*, can be provided by an external source.
Split BugReporter into BugReporter and GRBugReporter so checkers not based on GRExprEngine can still use the BugReporter mechanism.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53048 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
creator.
This allows an optimization in AnalysisConsumer where the same LiveVariables information is used between multiple analyses.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53046 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
1) Check if a dead store appears as a subexpression. For such cases, we emit
a verbose diagnostic so that users aren't confused. This addresses:
<rdar://problem/5968508> checker gives misleading report for dead store in loop
2) Don't emit a dead store warning when assigning a null value to a pointer.
This is a common form of defensive programming. We may wish to make
this an option to the the checker one day.
This addresses the feature request in the following email:
http://lists.cs.uiuc.edu/pipermail/cfe-dev/2008-June/001978.html
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@52555 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- #include ExprObjC.h in many places
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@51703 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
to use IsLValType when conjuring symbols for return values (this fixes a bug with an assertion firing in the analyzer when two qualified objective-c types were compared).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@50924 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
treat these as panic functions.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@50535 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
lval passed as an argument.
Fix: Inverted diagnostic messages.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@50513 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@50494 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
EvalStore/EvalLoad to handle all loads/stores from symbolic memory, allowing us
to do checks for null dereferences, etc., at any arbitrary load/store (these
were missed checks before). This also resulted in some major cleanups, some
conceptual, and others just in the structure of the code.
This temporarily introduces a regression in the test suite (null-deref-ps.c)
before I add a new LVal type for structure fields.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@50443 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
symbols.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@50233 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
function logic to act when symbols become dead.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@50221 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Problem:
In the recently refactored VisitDeref (which processes dereferences), we
were incorrectly skipping the node just generated for the subexpression
of the dereference. This was a horrible regression.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@50176 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@50112 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@50090 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
where "x" is NULL.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@50071 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
the checker-specific logic of symbolic assumptions.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@49910 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
object.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@49826 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
represent possible stores to "Unknown."
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@49811 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@49804 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
to the plug-in GRTransferFuncs object.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@49801 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
to start logically organizing them.
Added initial plug-in transfer function support for Objective-C message expressions.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@49752 91177308-0d34-0410-b5e6-96231b3b80d8
|
