summaryrefslogtreecommitdiffstats
path: root/clang/lib/Analysis/SVals.cpp
Commit message (Collapse)AuthorAgeFilesLines
* Rename: StripCasts describes what it does better. Zhongxing Xu2009-11-101-3/+3
| | | | | | getBaseRegion will be used in another method. llvm-svn: 86649
* Add checker for CWE-587: Assignment of a Fixed Address to a Pointer.Zhongxing Xu2009-11-091-0/+4
| | | | llvm-svn: 86523
* Remove tabs, and whitespace cleanups.Mike Stump2009-09-091-30/+30
| | | | llvm-svn: 81346
* Use SymbolicRegion instead of CodeTextRegion for symbolic functionTed Kremenek2009-08-281-12/+4
| | | | | | | | pointers. Most logic cares first about whether or not a region is symbolic, and second if represents code. This should fix a series of silent corner case bugs (as well as simplify a bunch of code). llvm-svn: 80335
* Replace cerr with errs().Benjamin Kramer2009-08-231-1/+0
| | | | llvm-svn: 79854
* Implement lazy "copying" of structures and arrays in RegionStore. WhileTed Kremenek2009-08-061-1/+15
| | | | | | | | | | | | | | | | RegionStore already lazily abstracted the contents of arrays and structs, when doing an assignment from one array/struct to another we did an explicit element-wise copy, which resulted in a loss of laziness and huge performance problem when analyzing many code bases. Now RegionStoreManager handles such assignments using a new SVal could 'LazyCompoundSVal', which basically means the value of a given struct or array (a MemRegion*) in a specific state (GRState). When we do a load from a field whose encompassing struct binds to a LazyCompoundSVal, we essentially do a field lookup in the original structure. This means we have essentially zero copying of data for structs/arrays and everything stays lazy. llvm-svn: 78268
* Remove 'StoreManager::OldCastRegion()', TypedViewRegion (which onlyTed Kremenek2009-07-291-14/+3
| | | | | | | OldCastRegion used), and the associated command line option '-analyzer-store=old-basic-cast'. llvm-svn: 77509
* Add 'MemRegion::getBaseRegion()', a utility method to strip ElementRegions withTed Kremenek2009-07-291-2/+6
| | | | | | index 0. This will be used for refinements to InvalidateRegion and CastRegion. llvm-svn: 77481
* Tweak pretty-printing of CompoundVal to make it more useful for debugging.Ted Kremenek2009-07-141-2/+2
| | | | llvm-svn: 75672
* Tidy pretty-printing for SVals, using 'dump()' instead of 'printStdErr()', ↵Ted Kremenek2009-07-131-52/+37
| | | | | | and implementing operator<< support for llvm::raw_ostream. llvm-svn: 75560
* add utility method.Zhongxing Xu2009-06-301-0/+7
| | | | llvm-svn: 74521
* Introduce a new concept to the static analyzer: SValuator.Ted Kremenek2009-06-261-16/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | GRTransferFuncs had the conflated role of both constructing SVals (symbolic expressions) as well as handling checker-specific logic. Now SValuator has the role of constructing SVals from expressions and GRTransferFuncs just handles checker-specific logic. The motivation is by separating these two concepts we will be able to much more easily create richer constraint-generating logic without coupling it to the main checker transfer function logic. We now have one implementation of SValuator: SimpleSValuator. SimpleSValuator is essentially the SVal-related logic that was in GRSimpleVals (which is removed in this patch). This includes the logic for EvalBinOp, EvalCast, etc. Because SValuator has a narrower role than the old GRTransferFuncs, the interfaces are much simpler, and so is the implementation of SimpleSValuator compared to GRSimpleVals. I also did a line-by-line review of SVal-related logic in GRSimpleVals and cleaned it up while moving it over to SimpleSValuator. As a consequence of removing GRSimpleVals, there is no longer a '-checker-simple' option. The '-checker-cfref' did everything that option did but also ran the retain/release checker. Of course a user may not always wish to run the retain/release checker, nor do we wish core analysis logic buried in the checker-specific logic. The next step is to refactor the logic in CFRefCount.cpp to separate out these pieces into the core analysis engine. llvm-svn: 74229
* Remove uses of std::ostream from libAnalysis.Ted Kremenek2009-06-241-5/+0
| | | | llvm-svn: 74136
* Move all factory methods from SVal to ValueManager. API cleanup!Zhongxing Xu2009-06-231-59/+0
| | | | llvm-svn: 73954
* Split ValueManager method definitions into its own source file.Zhongxing Xu2009-06-231-119/+0
| | | | | | No functionality change. llvm-svn: 73952
* ValueManager::makeNonLoc -> ValueManager::makeIntValZhongxing Xu2009-06-231-1/+1
| | | | | | Clean up code with ValueManager. llvm-svn: 73951
* Instead of setting the default value of the array region, bind the rest of theZhongxing Xu2009-06-231-0/+4
| | | | | | array elements to 0 explicitly. Create 0 values with the element type. llvm-svn: 73946
* A further step of r73690: associate the cast-to type with the created symbol,Zhongxing Xu2009-06-191-2/+2
| | | | | | | because the type of the symbol is used to create the default range. We need the sign to be consistent. llvm-svn: 73756
* Move clients over from using GRStateManager::BindXXX and friends toTed Kremenek2009-06-181-2/+4
| | | | | | GRState->bindXXX and friends (and constify some arguments along the way). llvm-svn: 73740
* When casting region, if we do not create an element region, record the cast-to Zhongxing Xu2009-06-181-2/+3
| | | | | | | | | type. When retrieving the region value, if we are going to create a symbol value, use the cast-to type if possible. llvm-svn: 73690
* Add logic for invalidating array region to CFRefCount.cpp. When invalidatingZhongxing Xu2009-05-121-0/+25
| | | | | | | | | array region, set its default value to conjured symbol. When retrieving its element, create new region value symbol for the element. Also fix some 80 columns violations. llvm-svn: 71548
* Rename:Zhongxing Xu2009-05-091-2/+2
| | | | | | | SymbolRegionRValue => SymbolRegionValue SymExpr::RegionRValue => SymExpr::RegionValueKind llvm-svn: 71322
* As discussed with Ted, rename TypedRegion::getObjectType() to Zhongxing Xu2009-05-091-1/+1
| | | | | | TypedRegion::getValueType(). llvm-svn: 71321
* rename: MemRegion:Zhongxing Xu2009-05-091-1/+1
| | | | | | | | | RValueType => ObjectType LValueType => LocationType No functionality change. llvm-svn: 71304
* Rename 'makeZeroIndex' to 'makeZeroArrayIndex'.Ted Kremenek2009-05-041-1/+1
| | | | llvm-svn: 70865
* array indexes are unsigned integers of the same width as pointer.Zhongxing Xu2009-05-041-0/+4
| | | | | | | no-outofbounds.c still fails. Previously it passed because the array index is mistakenly a loc::ConcreteInt. llvm-svn: 70844
* Use 'getAs<CodeTextRegion>' instead of 'dyn_cast<CodeTextRegion>' to handle anyTed Kremenek2009-04-211-1/+1
| | | | | | layered regions. llvm-svn: 69686
* Remove loc::FuncVal.Zhongxing Xu2009-04-201-9/+0
| | | | llvm-svn: 69577
* get a CodeTextRegion when visiting FunctionDecl reference.Zhongxing Xu2009-04-201-3/+20
| | | | | | get FunctionDecl with more general utility method. llvm-svn: 69570
* As we now have ValueManager as the new value factory, we do not need factoryZhongxing Xu2009-04-201-1/+1
| | | | | | methods of SVal. llvm-svn: 69565
* Implement analyzer support for OSCompareAndSwap. This required pushing "tagged"Ted Kremenek2009-04-111-0/+4
| | | | | | | | | ProgramPoints all the way through to GRCoreEngine. NSString.m now fails with RegionStoreManager because of the void** cast. Disabling use of region store for that test for now. llvm-svn: 68845
* Move a few more NonLoc static functions to ValueManager.Ted Kremenek2009-04-101-9/+8
| | | | llvm-svn: 68800
* Add prototype for CodeTextRegion.Zhongxing Xu2009-04-101-0/+24
| | | | | | | | A CodeTextRegion wraps two kinds of data: FunctionDecl* or SymbolRef. The latter comes from the symbolic function pointer that are generated from function calls or input data. llvm-svn: 68777
* Finally nuke loc::SymbolVal.Zhongxing Xu2009-04-101-7/+0
| | | | llvm-svn: 68771
* - Move ownership of MemRegionManager into ValueManager.Ted Kremenek2009-04-091-9/+8
| | | | | | | - Pull SVal::GetConjuredSymbol() and friends into ValueManager. This greatly simplifies the calling interface to clients. llvm-svn: 68731
* Remove SVal::MakeZero and replace it with ValueManager::makeZeroVal.Ted Kremenek2009-04-091-1/+1
| | | | llvm-svn: 68711
* stop using loc::SymbolVal and clean up code with new API.Zhongxing Xu2009-04-091-2/+0
| | | | llvm-svn: 68703
* Add a new method because sometimes the type of the conjured symbol is not theZhongxing Xu2009-04-091-0/+13
| | | | | | type of the expression where we create the symbol. llvm-svn: 68692
* Create a symbolic region instead of a loc::SymbolVal. This is a continued stepZhongxing Xu2009-04-091-13/+10
| | | | | | to eliminate the use of loc::SymbolVal. llvm-svn: 68685
* Enhance analyzer reasoning about sending messages to nil. A nil receiver ↵Ted Kremenek2009-04-081-0/+20
| | | | | | returns 0 for scalars of size <= sizeof(void*). llvm-svn: 68629
* This is the first step to gradually remove the use of loc::SymbolVal. NowZhongxing Xu2009-04-031-2/+3
| | | | | | | | when creating symbolic values, we distinguish between location and non-location values. For location values, we create a symbolic region instead of a loc::SymbolVal. llvm-svn: 68373
* Remove dead code.Ted Kremenek2009-03-301-103/+0
| | | | llvm-svn: 68063
* analyzer infrastructure: make a bunch of changes to symbolic expressions thatTed Kremenek2009-03-261-109/+107
| | | | | | | | | | | | | | | | Zhongxing and I discussed by email. Main changes: - Removed SymIntConstraintVal and SymIntConstraint - Added SymExpr as a parent class to SymbolData, SymSymExpr, SymIntExpr - Added nonloc::SymExprVal to wrap SymExpr - SymbolRef is now just a typedef of 'const SymbolData*' - Bunch of minor code cleanups in how some methods were invoked (no functionality change) This changes are part of a long-term plan to have full symbolic expression trees. This will be useful for lazily evaluating complicated expressions. llvm-svn: 67731
* This patch adds two more SymbolData subclasses: SymIntExpr and SymSymExpr, forZhongxing Xu2009-03-251-0/+17
| | | | | | | | representing symbolic expressions like 'x'+3 and 'x'+'y'. The design is subjected to change later when we fix the class hierarchy of symbolic expressions. llvm-svn: 67678
* GRExprEngine:Ted Kremenek2009-03-201-0/+17
| | | | | | | | - Conjure symbols at '--' and '++' unary operations - Add utility method SVal::GetConjuredSymbolVal() and constify some arguments along the way. llvm-svn: 67395
* Fix crash reported in <rdar://problem/6695527>. We now haveTed Kremenek2009-03-181-3/+10
| | | | | | | | | SVal::GetRValueSymbolVal do the checking if we can symbolicate a type instead of having BasicStoreManager do it (which wasn't always doing the check consistently). Having this check in SVal::GetRValueSymbolVal keeps the check in one centralized place. llvm-svn: 67245
* Remove some now-unneeded calls to llvm::errs().flush().Daniel Dunbar2009-03-101-1/+1
| | | | llvm-svn: 66555
* Rework use of loc::SymbolVal in the retain/release checker to use the new methodTed Kremenek2009-03-031-0/+36
| | | | | | | | | | | SVal::getAsLocSymbol(). This simplifies the code and allows the retain/release checker to (I believe) also correctly reason about location symbols wrapped in SymbolicRegions. Along the way I cleaned up SymbolRef a little, disallowing implicit casts to 'unsigned'. llvm-svn: 65972
* Fix case where we should use dyn_cast instead of cast.Ted Kremenek2009-03-031-1/+1
| | | | llvm-svn: 65956
* Fix a couple bugs:Ted Kremenek2009-01-301-4/+3
| | | | | | | | | | | | | | - NonLoc::MakeVal() would use sizeof(unsigned) (literally) instead of consulting ASTContext for the size (in bits) of 'int'. While it worked, it was a conflation of concepts and using ASTContext.IntTy is 100% correct. - RegionStore::getSizeInElements() no longer assumes that a VarRegion has the type "ConstantArray", and handles the case when uses use ordinary variables as if they were arrays. - Fixed ElementRegion::getRValueType() to just return the rvalue type of its "array region" in the case the array didn't have ArrayType. - All of this fixes <rdar://problem/6541136> llvm-svn: 63347
OpenPOWER on IntegriCloud