| Age | Commit message (Collapse) | Author |
|---|
|
PathDiagnosticControlFlowPiece to distinguish (in the class hierarchy) between
events and control-flow diagnostic pieces. Clients must now use these directly
when constructing PathDiagnosticPieces.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@66310 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@66304 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
control-flow pieces, events, etc.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@66291 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@66271 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Add some assertions along the way...
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@66265 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
PathDiagnostic descriptions
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@66263 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- Store bindings using a MemRegion -> SVal binding instead of VarDecl -> SVal
binding. This mirrors some of the idea of RegionStore, but is far simpler and
not nearly as functional. This leads to some code simplification and
some potential for some minor precision hacks.
Along the way...
- constify the use of MemRegion* in a few places
- add operator<<(llvm::raw_ostream, const MemRegion*)
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@66163 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- Have 'TypedRegion::getRValueType()' return a null QualType for 'id<...>'
instead of aborting.
- Change 'TypedRegion::isBoundable()' to return true for all objects with a
non-null RValueType (this may not be the final behavior).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@66093 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
multiple symbols conjured at the same location. All that is required of the tag
is that it is a fixed void* value that points to an memory address that remains
valid throughout the remainder of the lifetime of the SymbolManager.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@66092 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
direct binding in the StoreManager.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@66005 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
retrieval from the store/environment for locations or scalar types.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65982 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
SVal::getAsLocSymbol(). This simplifies the code and allows the retain/release
checker to (I believe) also correctly reason about location symbols wrapped in
SymbolicRegions.
Along the way I cleaned up SymbolRef a little, disallowing implicit casts to
'unsigned'.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65972 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65957 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
MemRegions.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65919 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
for clients of StoreManagers from MemRegions to their subregions.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65914 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65862 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
offsets for now.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65814 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65764 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
giving them rough classifications (normal types, never-canonical
types, always-dependent types, abstract type representations) and
making it far easier to make sure that we've hit all of the cases when
decoding types.
Switched some switch() statements on the type class over to using this
mechanism, and filtering out those things we don't care about. For
example, CodeGen should never see always-dependent or non-canonical
types, while debug info generation should never see always-dependent
types. More switch() statements on the type class need to be moved
over to using this approach, so that we'll get warnings when we add a
new type then fail to account for it somewhere in the compiler.
As part of this, some types have been renamed:
TypeOfExpr -> TypeOfExprType
FunctionTypeProto -> FunctionProtoType
FunctionTypeNoProto -> FunctionNoProtoType
There shouldn't be any functionality change...
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65591 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
diagnostic messages.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65574 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
know how to recover from an error, we can attach a hint to the
diagnostic that states how to modify the code, which can be one of:
- Insert some new code (a text string) at a particular source
location
- Remove the code within a given range
- Replace the code within a given range with some new code (a text
string)
Right now, we use these hints to annotate diagnostic information. For
example, if one uses the '>>' in a template argument in C++98, as in
this code:
template<int I> class B { };
B<1000 >> 2> *b1;
we'll warn that the behavior will change in C++0x. The fix is to
insert parenthese, so we use code insertion annotations to illustrate
where the parentheses go:
test.cpp:10:10: warning: use of right-shift operator ('>>') in template
argument will require parentheses in C++0x
B<1000 >> 2> *b1;
^
( )
Use of these annotations is partially implemented for HTML
diagnostics, but it's not (yet) producing valid HTML, which may be
related to PR2386, so it has been #if 0'd out.
In this future, we could consider hooking this mechanism up to the
rewriter to actually try to fix these problems during compilation (or,
after a compilation whose only errors have fixes). For now, however, I
suggest that we use these code modification hints whenever we can, so
that we get better diagnostics now and will have better coverage when
we find better ways to use this information.
This also fixes PR3410 by placing the complaint about missing tokens
just after the previous token (rather than at the location of the next
token).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65570 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
same statement.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65486 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
expressions of the form: 'short x = (y != 10);' While we handle 'int x = (y !=
10)' lazily, the cast to another integer type currently loses the symbolic
constraint. Eager evaluation of the constraint causes the paths to bifurcate and
eagerly evaluate 'y != 10' to a constant of 1 or 0. This should address
<rdar://problem/6619921> until we have a better (more lazy approach) for
handling promotions/truncations of symbolic integer values.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65480 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65424 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
PostStmt program point. This allows clients to pass in PostStmtCustom program
points.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65080 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
and data) so that clients don't need a unique address for the pair itself.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65079 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
message expression is nil and the return type is struct then the returned value
is undefined or potentially garbage.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@65003 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
back to the summary used when evaluating the statement associated with a
simulation node. This is now being used to help improve the checker's
diagnostics. To get things started, the checker now emits a path diagnostic
indicating that 'autorelease' is a no-op in GC mode.
Some of these changes are exposing further grossness in the interface between
BugReporter and the ExplodedGraph::Trim facilities. These really need to be
cleaned up one day.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64881 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
type as specified by Loc::IsLocType().
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64832 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64786 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64682 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
APSInt value that is 1 greater or 1 less than the provided value.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64678 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64677 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64675 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
ConstraintManager:
- constify getSymVal()
BasicConstraintManager:
- Pull out logic that would be common to ConstraintManagers of a similar nature
and put them in a parent class called 'SimpleConstraintManager'.
RangeConstraintManager:
- Added a new prototype ConstraintManager to track ranges of variables! This
ConstraintManager keeps tracks of ranges of concrete integers that a symbolic
integer may have.
AnalysisConsumer:
- Add driver option to use RangeConstraintManager with GRExprEngine-based
analyses.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64558 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
symbols from an SVal.
- Fixed a bug in EnvironmentManager::RemoveDeadBindings() where it did not mark
live all the symbols reachable from a live block-level expression.
- Fixed a bug in the retain/release checker where it did not stop tracking
symbols that 'escaped' via compound literals being assigned to something the
BasicStoreManager didn't reason about.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64534 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- Added a new 'node builder' class called GRStmtNodeBuilderRef (name may
change). This is essentially a smart reference to a GRStmtNodeBuilder object
that keeps track of the current context (predecessor node, GRExprEngine
object, etc.) The idea is to gradually simplify the interface between
GRExprEngine and GRTransferFuncs using this new builder (i.e., passing 1
argument instead of 5). It also handles some of the "auto-transition" for node
creation, simplifying some of the logic in GRExprEngine itself.
- Used GRStmtBuilderRef to replace GRTransferFuncs::EvalStore with
GRTransferFuncs::EvalBind. The new EvalBind method will be used at any
arbitrary places where a binding between a location and value takes place.
Moreover, GRTransferFuncs no longer has the responsibility to request
StoreManager to do the binding; this is now in GRExprEngine::EvalBind. All
GRTransferFuncs::EvalBind does is checker-specific logic (which can be a
no-op).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64525 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- Add 'EvalBind', which will be used by 'EvalStore' to pull much of the value binding logic out of GRTransferFuncs.
- Rename many cases of 'St' to 'state'.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64426 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
indicate the checker.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64144 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
ProgramPoints.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64143 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64042 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
do the symblic regions associated with them and we need them to be typed.
Current SymbolicRegion::getRValueType() method is very restricting. It may be
modified when we are more clear about what could be the types of symblic
regions.
BasicConstraintManager::Assume() is changed due to that now SymblicRegion is a
subclass of SubRegion.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@63844 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
the ownership of BugTypes and BugReports. Now BugReports are owned by BugTypes,
and BugTypes are owned by the BugReporter object.
The major functionality change in this patch is that reports are not immediately
emitted by a call to BugReporter::EmitWarning (now called EmitReport), but
instead of queued up in report "equivalence classes". When
BugReporter::FlushReports() is called, it emits one diagnostic per report
equivalence class. This provides a nice cleanup with the caching of reports as
well as enables the BugReporter engine to select the "best" path for reporting a
path-sensitive bug based on all the locations in the ExplodedGraph that the same
bug could occur.
Along with this patch, Leaks are now coalesced into a common equivalence class
by their allocation site, and the "summary" diagnostic for leaks now reports the
allocation site as the location of the bug (this may later be augmented to also
provide an example location where the leak occurs).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@63796 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@63715 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
with Stmt/Expr nodes), and convert some of the more mundane
switch-on-all-decl-kinds uses over to use this new file.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@63570 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
the liveness state of block-level expressions could oscillate because
of two issues:
- The initial value before a merge was not always set to "Top"
- The set of live block-level expressions is a union, not an intersection
This fixes <rdar://problem/650084>.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@63421 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@63412 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- NonLoc::MakeVal() would use sizeof(unsigned) (literally) instead of consulting
ASTContext for the size (in bits) of 'int'. While it worked, it was a
conflation of concepts and using ASTContext.IntTy is 100% correct.
- RegionStore::getSizeInElements() no longer assumes that a VarRegion has the
type "ConstantArray", and handles the case when uses use ordinary variables
as if they were arrays.
- Fixed ElementRegion::getRValueType() to just return the rvalue type of its
"array region" in the case the array didn't have ArrayType.
- All of this fixes <rdar://problem/6541136>
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@63347 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
diags around, eliminating #defines, etc. Patch by
Anders Johnsen!
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@63318 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
changes in various diagnostics code.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@63282 91177308-0d34-0410-b5e6-96231b3b80d8
|
