| Age | Commit message (Collapse) | Author |
|---|
|
offsets for now.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65814 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
called "SymbolReaper". Right now it just consolidates the two and cleans up some client code, but shortly it will be used to enable "lazy computation" of live symbols for use with RegionStore.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@62722 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
StoreManager::GetRegionSVal.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@61894 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
functionality change.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@61888 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
* Now Bind() methods take and return GRState* because binding could
also alter GDM.
* No variables are initialized except those declared with initial
values.
* failed C test cases are due to bugs in RemoveDeadBindings(),
which removes constraints that is still alive. This will be fixed in later
patch.
* default value of array and struct regions will be implemented in later patch.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@61274 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- Overhauled the notion of "types" for TypedRegions. We now distinguish between the "lvalue" of a region (via getLValueRegion()) and the "rvalue" of a region (va getRValueRegion()). Since a region represents a chunk of memory it has both, but we were conflating these concepts in some cases, leading to some insidious bugs.
- Removed AnonPointeeType, partially because it is unused and because it doesn't have a clear notion of lvalue vs rvalue type. We can add it back once there is a need for it and we can resolve its role with these concepts.
StoreManager:
- Overhauled StoreManager::CastRegion. It expects an *lvalue* type for a region. This is actually what motivated the overhaul to the MemRegion type mechanism. It also no longer returns an SVal; we can just return a MemRegion*.
- BasicStoreManager::CastRegion now overlays an "AnonTypedRegion" for pointer-pointer casts. This matches with the MemRegion changes.
- Similar changes to RegionStore, except I've added a bunch of FIXMEs where it wasn't 100% clear where we should use TypedRegion::getRValueRegion() or TypedRegion::getLValueRegion().
AuditCFNumberCreate check:
- Now blasts through AnonTypedRegions that may layer the original memory region, thus checking if the actually memory block is of the appropriate type. This change was needed to work with the changes to StoreManager::CastRegion.
GRExprEngine::VisitCast:
- Conform to the new interface of StoreManager::CastRegion.
Tests:
- None of the analysis tests fail now for using the "basic store".
- Disabled the tests 'array-struct.c' and 'rdar-6442306-1.m' pending further testing and bug fixing.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@60995 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
the representation of symbolic values.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@60575 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
GRState* argument instead of a Store. This allows them to use the GDM for storing other data.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@60570 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
One design problem that is emerging is the signed-ness problem during static
analysis. Many unsigned value have to be converted into signed value because
it partipates in operations with signed values.
On the other hand, we cannot blindly make all values occuring in static analysis
signed, because we do have cases where unsignedness is required, for example,
integer overflow detection.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@59957 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
environment.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@59407 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- RegionView and RegionViewMap is introduced to assist back-mapping from
super region to subregions.
- GDM is used to carry RegionView information.
- AnonTypedRegion is added to represent a typed region introduced by pointer
casting. Later AnonTypedRegion can be used in other similar cases, e.g.,
malloc()'ed region.
- The specific conversion is delegated to store manager.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@59382 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
instead of an Expr* (which can be null). Lazy symbolication of conjured symbols is now the sole responsibility of GRExprEngine.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@59151 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
currently.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@58886 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@58847 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
available, things get much simplified.
One addition is that CompoundLiteralExpr can appear both in rvalue and lvalue
context.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@58837 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
BindDecl better describes what the function does:
- Bind the VarDecl to its memory region
- Bind the memory region to some initial value.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@58359 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- GRExprEngine::VisitCompoundLiteral...
(1) visits the initializer list (generating ExplodedNodes)
(2) creates a CompoundMemRegion for the literal
(3) creates a new state with the bound literal values using
GRStateManager::BindCompoundLiteral
- GRStateManager::BindCompoundLiteral simply calls
StoreManager::BindCompoundLiteral to get a new store and returns a persistent
GRState with that store.
- BasicStore::BindCompoundLiteral simply returns the same store, as it
doesn't handle field sensitivity
- RegionStore::BindCompoundLiteral currently fires an assert (pending discussion
of how to best implement mappings for CompoundLiteralRegion).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@58277 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
for StringLiteral lvalue evaluation, instead of directly returning a
loc::StringLiteralVal by the Environment.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@58138 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
associated with the "this" or "self" object (C++ and Objective-C respectively).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@58107 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@58056 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
intact.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@58028 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57964 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57896 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
RValues.h/cpp => SVals.h/cpp
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57893 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- Added new region "SymbolicRegion", which maps symbol values to the region domain.
- Enhanced BasicStore::getFieldLValue() to return a FieldRegion (using SymbolicRegion)
- Added some utility methods to GRState for fetch svals from the store.
- Fixed regression in CheckNSError (we weren't getting the value bound to the parameter)
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57717 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
RVal => SVal
LVal => Loc
NonLVal => NonLoc
lval => loc
nonlval => nonloc
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57671 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
regions.
Remove GRExprEngine::getLVal and RValues::MakeVal.
Enhance StoreManager "GetLValue" methods to dispatch for specific kinds of lvalue queries, as opposed to interogating the expression tree (GRExprEngine already does this).
Added FIXMEs. In particular, we no longer "assume" that a base pointer in a field/array access is null (this logic was removed). Perhaps we should do this when fetching the lvalue for fields and array elements?
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57657 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57654 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
new VisitLValue method is added to replace the old VisitLVal. The semantics
model becomes more explicit to separate rvalue evaluation from lvalue
evaluation.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57627 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57225 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57107 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
the patch consists of deltas due to API changes.
This patch overhauls the "memory region" abstraction that was prototyped (but never really used) as part of the Store.h. This patch adds MemRegion.h and MemRegion.cpp, which defines the class MemRegion and its subclasses. This classes serve to define an abstract representation of memory, with regions being layered on other regions to to capture the relationships between fields and variables, variables and the address space they are allocated in, and so on.
The main motivation of this patch is that key parts of the analyzer assumed that all value bindings were to VarDecls. In the future this won't be the case, and this patch removes lval::DeclVal and replaces it with lval::MemRegionVal. Now all pieces of the analyzer must reason about abstract memory blocks instead of just variables.
There should be no functionality change from this patch, but it opens the door for significant improvements to the analyzer such as field-sensitivity and object-sensitivity, both which were on hold until the memory abstraction got generalized.
The memory region abstraction also allows type-information to literally be affixed to a memory region. This will allow the some now redundant logic to be removed from the retain/release checker.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57042 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- Change definition of store::Region and store::Binding (once again) to make
them real classes that just wrap pointers. This makes them more strictly
typed, and allows specific implementations of Regions/Bindings to just
subclass them.
- minor renamings to RegionExtent and its subclasses
- added a bunch of doxygen comments
StoreManager: (static analyzer)
- added 'iterBindings', an iteration method for iterating over the bindings of a
store. It that takes a callback object (acting like a poor man's closure).
- added 'getRVal' version for store::Binding. Will potentially phase the other
versions of GetRVal in StoreManager out.
- reimplemented 'getBindings' to be non-virtual and to use 'iterBindings'
BasicStoreManager: (static analyzer)
- implemented 'iterBindings' for BasicStoreManager
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@55688 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Migrated CFRefCount.cpp to use getBindings and BindingsAsString instead of
making assumptions about the Store (removed dependence on GRState::vb_iterator).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@55522 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Store.h)
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@55519 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Their precise semantics will be implemented by a specific StoreManager.
Use function pointer to create the StoreManager in GRStateManager. This matches how we create ConstraintsManager.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@55514 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Added 'getExtent()' to StoreManager.
Implemented 'getExtent()' for BasicStoreManager.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@55321 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@55213 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
analyzer.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@55211 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@55144 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@55013 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This patch extends BasicStoreManager::getInitialStore() to include code that symbolicates input variables.
It also removes redundant handling of ImplicitParamDecl, since it is a subclass of VarDecl.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@54993 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
RemoveDeadBindings method in StoreManager.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53726 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
current store implementation is now encapsulated by BasicStore.
These changes prompted some long due constification of ValueState. Much of the
diffs in this patch include adding "const" qualifiers.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@53423 91177308-0d34-0410-b5e6-96231b3b80d8
|
