| Age | Commit message (Collapse) | Author |
|---|
|
only stop processing the checkers after all the nodes for a current
check have been processed. This (I believe) handles the case where
PredSet (the input nodes) contains more than one node due to state
bifurcation. Zhongxing: can you review this?
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@89882 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@89829 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
initial transition of the nil-receiver checker to the Checker
interface as done in r89745. Some important changes include:
1) We consolidate the BugType object used for nil receiver bug
reports, and don't include the type of the returned value in the
BugType (which would be wrong if a nil receiver bug was reported more
than once)
2) Added a new (temporary) flag to CheckerContext: DoneEvauating.
This is used by GRExprEngine when evaluating message expressions to
not continue evaluating the message expression if this flag is set.
This flag is currently set by the nil receiver checker. This is an
intermediate solution to allow the nil-receiver checker to properly
work as a plug-in outside of GRExprEngine. Basically, this flag
indicates that the entire message expression has been evaluated, not
just a precondition (which is what the nil-receiver checker does).
This flag *should not* be repurposed for general use, but just to pull
more things out of GRExprEngine that already in there as we devise a
better interface in the Checker class.
3) Cleaned up the logic in the nil-receiver checker, making the
control-flow a lot easier to read.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@89804 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@89750 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
CallAndMessageChecker.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@89745 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
along the way. Important changes:
1) To generate a sink node, use GenerateSink(); GenerateNode() is for
generating regular transitions. This makes the API clearer and also
allows us to use the 'bool' option to GenerateNode() for a different
purpose.
2) GenerateNode() now automatically adds the generated node to the
destination ExplodedNodeSet (autotransition) unless the client
specifies otherwise with a bool flag. Several checkers did not call
'addTransition()' after calling 'GenerateNode()', causing the
simulation path to be prematurely culled when a non-fail stop bug was
encountered.
3) Add variants of GenerateNode()/GenerateSink() that take neither a
Stmt* or a GRState*; most callers of GenerateNode() just pass in the
same Stmt* as provided when the CheckerContext object is created; we
can just use that the majority of the time. This cleanup also allows
us to potentially coelesce the APIs for evaluating branches and
end-of-paths (which currently directly use builders).
4) addTransition() no longer needs to be called except for a few
cases. We now have a variant of addTransition() that takes a
GRState*; this allows one to propagate the updated state without
caring about generating a new node explicitly. This nicely cleaned up
a bunch of cases that called autoTransition() with a bunch of
conditional logic surround the call (that common logic has now been
swallowed up by addTransition() itself).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@89707 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
in the checker directly. But I don't have a better approach for now.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@89640 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
UndefinedAssignmentChecker. So this check is redundant.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@89592 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
undefined.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@89591 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
also handled undefined receivers in message expressions.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@89524 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
is now handled by UndefinedArgChecker.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@89519 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@89446 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@89437 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@89383 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
end of the path. Need to unify interfaces.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@89063 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@89060 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
* Add a load type to GRExprEngine::EvalLoad().
* When retrieve from 'theValue' of OSAtomic funcitions, use the type of the
region instead of the argument expression as the load type.
* Then we can convert CastRetrievedSVal to a pure assertion. In the future
we can let all Retrieve() methods simply return SVal.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@88888 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@88882 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@88729 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@87092 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@87091 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
CallExprs. No clients (yet).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@86949 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
and was easily inlined.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@86948 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
overflow logic in GRExprEngineInternalChecks.cpp.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@86877 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@86837 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@86836 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
the old builder API. This percolated a bunch of changes up to the
Checker class (where CheckLocation has been renamed VisitLocation) and
GRExprEngine. ProgramPoint now has the notion of a "LocationCheck"
point (with PreLoad and PreStore respectively), and a bunch of the old
ProgramPoints that are no longer used have been removed.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@86798 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Patch by Victor Zverovich!
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@86638 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@86595 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@86529 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
CheckerVisitor::PreVisitDeclStmt()), and refactor VLASizeChecker to have only one Checker subclass (not two) and to not use the node builders directly (and instead use the newer CheckerContext).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@86329 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
stack variable or a garbage
value into their own respective subclasses of Checker (and put them in .cpp files where their
implementation details are hidden from GRExprEngine).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@86215 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
an "assign expression", representing the expressions where the value
binding occurs and the assignment takes place respectively. These are
largely syntactic clues for better error reporting.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@86084 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
catching such bugs closer to the source.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@86003 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
VarDecl*, and modify GRExprEngine::EvalBind() to handle decl initialization as well. This paves the way for adding "checker" visitation in EvalBind().
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@85983 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
a BugReporter&. This paves the way for pulling some of the retain/release checker into a "Checker" class.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@85971 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Split it to two checkers, one for undefined size,
the other for zero size, so that we don't need to query the size
when emitting the bug report.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@85895 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
release] in GC mode
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@85887 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
place, so we inlined it in to GRExprEngine::EvalLocation().
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@85838 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@85618 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@85597 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
can get the correct base lvalue.
Revert r85578.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@85579 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
GRExprEngine::VisitMemberExpr().
This fixes the crash reported in PR 5316.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@85578 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Add a CheckLocation() interface to Checker.
Now ImplicitNullDeref nodes are cached in NullDerefChecker.
More cleanups follow.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@85471 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Switch a few ugly switch-on-string-literal constructs to use the new
llvm::StringSwitch.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@85461 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
warnings. Eventually we need a way to import externally defined functions
summaries.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@85092 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
qualified reference to a declaration that is not a non-static data
member or non-static member function, e.g.,
namespace N { int i; }
int j = N::i;
Instead, extend DeclRefExpr to optionally store the qualifier. Most
clients won't see or care about the difference (since
QualifierDeclRefExpr inherited DeclRefExpr). However, this reduces the
number of top-level expression types that clients need to cope with,
brings the implementation of DeclRefExpr into line with MemberExpr,
and simplifies and unifies our handling of declaration references.
Extended DeclRefExpr to (optionally) store explicitly-specified
template arguments. This occurs when naming a declaration via a
template-id (which will be stored in a TemplateIdRefExpr) that,
following template argument deduction and (possibly) overload
resolution, is replaced with a DeclRefExpr that refers to a template
specialization but maintains the template arguments as written.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@84962 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@84757 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
are updated.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@84447 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- strcmp -> ==
- OS.write(II->getName() ...) -> OS << II->getNameStr()
- Avoid std::string concatenation
- Use getNameStr().str() when an std::string is really needed.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@84437 91177308-0d34-0410-b5e6-96231b3b80d8
|
