| Age | Commit message (Collapse) | Author |
|---|
|
arguments...which are allowed if the access length is 0!
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107759 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
IdempotentOperationChecker::PreVisitBinaryOperator.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107748 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
making the other switch case unreachable, or sinking the 'continue' into it
doesn't silence this.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107745 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
consider them for warnings.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107741 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
SubRegions. Fixes assertion failure
reported in PR 7572.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107738 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
StaticGlobalSpaceRegion.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107731 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107728 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
null-terminated strings and memory blocks. Currently only checks memcpy(), memmove(), and bcopy(), but this is intended to be expanded soon.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107722 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107709 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
(-analyzer-idempotent-operation). Finds idempotent and/or tautological operations in a path sensitive context, flagging operations that have no effect or a predictable effect.
Example:
{
int a = 1;
int b = 5;
int c = b / a; // a is 1 on all paths
}
- New IdempotentOperationChecker class
- Moved recursive Stmt functions in r107675 to IdempotentOperationChecker
- Minor refactoring of SVal to allow checking for any integer
- Added command line option for check
- Added basic test cases
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107706 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107645 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
expression equals a certain value, use SValuator::EvalEQ and GRState::Assume to see if it can, must, or must not equal that value.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107638 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
argument was non-NULL, and we report where the null assumption came from (like AttrNonNullChecker already did).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107633 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
unimplemented. A VLA region's sizeof value matches its extent.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107611 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107603 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
regions that may not be known at compile-time (such as those created by malloc). This replaces the old setExtent/getExtent API on Store, which used the GRState's GDM to store SVals.
Also adds a getKnownValue() method to SValuator, which gets the integer value of an SVal if it is known to only have one possible value. There are more places in the code that could be using this, but in general we want to be dealing entirely in SVals, so its usefulness is limited.
The only visible functionality change is that extents are now honored for any DeclRegion, such as fields and Objective-C ivars, rather than just variables. This shows up in bounds-checking and cast-size-checking.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107577 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
non-static global variables
when calling a function/method whose impact on global variables we cannot accurately estimate.
This change introduces two new MemSpaceRegions that divide up the memory space of globals, and causes
RegionStore and BasicStore to consult a binding to the NonStaticGlobalsMemSpaceRegion when lazily
determining the value of a global.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107423 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
the current statement around everywhere. Preparation for symbolic extents.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107422 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107388 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
this time actually used the cached checker list when calling back to Checker visit methods. This reduces the analysis time for sqlite3.c by 8%.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107259 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
don't crash if we do a funny thing like ((int)ptr)&1. Fixes PR7527.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107236 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
be true if some paths were aborted because they exceeded
the maximum loop unrolling count.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107209 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@107012 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
SimpleSValuator::EvalBinOpLL().
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106992 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
constraints. Part of PR7491.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106972 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106964 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
appear in this context.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106919 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
scaled as well.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106911 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
a winowed list of checkers that actually do something for a given StmtClass.
As the number of checkers grows, this may potentially significantly reduce
the number of checkers called at any one time. My own measurements show that
for the ~20 registered Checker objects, only ~5 of them respond at any one time
to a give statement. While this isn't a net performance win right now (there
is a minor slowdown on sqlite.3) this improvement does greatly improve debugging
when stepping through the checkers used to evaluate a given statement.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106884 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
regression test.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106883 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
from the context when it is not already available.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106868 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106755 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106742 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106741 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106738 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
by GRExprEngine
when the worklist algorithm has terminated. This allows some checkers to do a post-analysis
phase after all paths have been analyzed.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106689 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106617 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106616 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Fixes analyzer
crash reported in PR 7450.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106609 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
types, updating callers of both isFloatingType() and
isRealFloatingType() accordingly. Caught at least one issue where we
allowed one to declare a vector of vectors (!), along with cleaning up
the standard-conversion logic for C++.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106595 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Instead, halt the analysis of the current path, which is what we do in GRExprEngine::ProcessStmt
for all other C++ constructs not currently handled by the analyzer.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106561 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106530 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
assuming relationships, convert the integers to the same type as the symbol, at least for now.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106458 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106456 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106403 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
as "a*0" and "a+0". This is not very powerful, but does make the analyzer look a little smarter than it actually is.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106402 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
pointers) causes a divide-by-zero error. Simple fix: check if the pointee type size is 0 and bail out early if it is.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106401 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
const2
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106339 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
to use them instead of SourceRange. CharSourceRange is just a SourceRange
plus a bool that indicates whether the range has the end character resolved
or whether the end location is the start of the end token. While most of
the compiler wants to think of ranges that have ends that are the start of
the end token, the printf diagnostic stuff wants to highlight ranges within
tokens.
This is transparent to the diagnostic stuff. To start taking advantage of
the new capabilities, you can do something like this:
Diag(..) << CharSourceRange::getCharRange(Begin,End)
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106338 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@106274 91177308-0d34-0410-b5e6-96231b3b80d8
|
