| Age | Commit message (Collapse) | Author |
|---|
|
and discussions with Ted and Jordy.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@114056 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@112928 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@109210 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@108811 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@108668 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@108621 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Let AnalysisContext contain a TranslationUnit.
Let CallEnter refer to an AnalysisContext instead of a FunctionDecl.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@108617 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@103458 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
due to a Clang-on-Clang failure
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@97162 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
They were breaking clang-x86_64-darwin10-selfhost
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@97138 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This patch implements the CallEnter/CallExit idea of Ted.
Add two interfaces to GRSubEngine: ProcessCallEnter, ProcessCallExit.
The CallEnter program point uses caller's location context. The
CallExit program point uses callee's location context.
CallEnter is built by GRStmtNodeBuilder. CallExit is built by
GREndPathNodeBuilder.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@97122 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
This change was a lot bigger than I originally anticipated; among
other things it requires us storing more information in the CFG to
record what block-level expressions need to be evaluated as lvalues.
The big change is that CFGBlocks no longer contain Stmt*'s by
CFGElements. Currently CFGElements just wrap Stmt*, but they also
store a bit indicating whether the block-level expression should be
evalauted as an lvalue. DeclStmts involving the initialization of a
reference require us treating the initialization expression as an
lvalue, even though that information isn't recorded in the AST.
Conceptually this change isn't that complicated, but it required
bubbling up the data through the CFGBuilder, to GRCoreEngine, and
eventually to GRExprEngine.
The addition of CFGElement is also useful for when we want to handle
more control-flow constructs or other data we want to keep in the CFG
that isn't represented well with just a block of statements.
In GRExprEngine, this patch introduces logic for evaluating the
lvalues of references, which currently retrieves the internal "pointer
value" that the reference represents. EvalLoad does a two stage load
to catch null dereferences involving an invalid reference (although
this could possibly be caught earlier during the initialization of a
reference).
Symbols are currently symbolicated using the reference type, instead
of a pointer type, and special handling is required creating
ElementRegions that layer on SymbolicRegions (see the changes to
RegionStoreManager).
Along the way, the DeadStoresChecker also silences warnings involving
dead stores to references. This was the original change I introduced
(which I wrote test cases for) that I realized caused GRExprEngine to
crash.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@91501 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Remove isPod() from DenseMapInfo, splitting it out to its own
isPodLike type trait. This is a generally useful type trait for
more than just DenseMap, and we really care about whether something
acts like a pod, not whether it really is a pod.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@91422 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
pointing this out!
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@88949 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
the old builder API. This percolated a bunch of changes up to the
Checker class (where CheckLocation has been renamed VisitLocation) and
GRExprEngine. ProgramPoint now has the notion of a "LocationCheck"
point (with PreLoad and PreStore respectively), and a bunch of the old
ProgramPoints that are no longer used have been removed.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@86798 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@85087 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@81346 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@79502 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
which is either a stack frame context of the function or a local scope
context.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@79072 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Educate GRExprEngine::VisitGraph() about 'PreStmt'.
Mark the constructor of 'PostStmt' to be explicit, preventing implicit
conversions and the selection of the wrong 'generateNode' method in
GRStmtNodeBuilder.
Constify a bunch of arguments, which falls out of the changes to ProgramPoint.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@76809 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
preconditions (in GRExprEngine) before the statement itself is evaluated.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@76791 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
variable. This gives us much more flexibility with defining more
ProgramPoints, which is the direction we are heading. The removal of
various bit-mangling of pointers also cleans up the logic.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@76721 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@76092 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@71701 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@71280 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
analysis introspection) when we computed an lvalue. This shouldn't
effect the current analysis results in any way.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@71169 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
ProgramPoints all the way through to GRCoreEngine.
NSString.m now fails with RegionStoreManager because of the void** cast.
Disabling use of region store for that test for now.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@68845 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
more, it gives us a tremendous amount of flexibility for extending the analyzer
to handle arbitrary program points.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@68823 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
and data) so that clients don't need a unique address for the pair itself.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65079 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
indicate the checker.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64144 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
ProgramPoints.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64143 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- Added four new ProgramPoint types that subclass PostStmt for use in
GRExprEngine::EvalLocation:
- PostOutOfBoundsCheckFailed
- PostUndefLocationCheckFailed
- PostNullCheckFailed
- PostLocationChecksSucceed
These were created because of a horribly subtle caching bug in EvalLocation
where a node representing an "bug condition" in EvalLocation (e.g. a null
dereference) could be re-used as the "non-bug condition" because the Store did
not contain any information to differentiate between the two. The extra
program points just disables any accidental caching between EvalLocation and
its callers.
GRExprEngine:
- EvalLocation now returns a NodeTy* instead of GRState*. This should be used as the "vetted" predecessor for EvalLoad/EvalStore.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@61105 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
PostStmts.
GRExprEngine:
Use PostStore in EvalStore.
Use a second version of EvalStore in EvalBinaryOperator to associate the store with the expression on the LHS.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@56383 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
motivated because it became clear that the number of subclasses of ProgramPoint
would expand and we ran out of bits to represent a pointer variant. As a plus of
this change, BlockEdge program points can now be represented explicitly without
using a cache of CFGBlock* pairs in CFG.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@56245 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
distinguishes between the cases when we just evaluated the transfer function of a Stmt* (PostStmt) or performed a load (PostLoad). This solves a caching bug observed in a recent bug report.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@52443 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
EvalStore/EvalLoad to handle all loads/stores from symbolic memory, allowing us
to do checks for null dereferences, etc., at any arbitrary load/store (these
were missed checks before). This also resulted in some major cleanups, some
conceptual, and others just in the structure of the code.
This temporarily introduces a regression in the test suite (null-deref-ps.c)
before I add a new LVal type for structure fields.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@50443 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
least an 8-byte alignment.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@50310 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
add back (fixed) later.
Updated CFGStmtVisitor to be in accord with rr47913: CallExprs are no longer (automatically) block-level expressions in the CFG.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@47935 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
ExplodedGraph. This allows us to build "layered" ExplodedGraphs where one
simulation is layered on another.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@47926 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
be incorrectly merged together.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@47851 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@47038 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@46081 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@46078 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
the methods of CFGBlock.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@45925 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@45847 91177308-0d34-0410-b5e6-96231b3b80d8
|
