OSchip
/
llvm-project
mirror of https://github.com/THU-DSP-LAB/llvm-project.git
13
0
Fork 6
Code Issues Packages Projects Releases Wiki Activity
50,706 Commits 32 Branches 0 Tags 2.2 GiB
Commit Graph

52 Commits

Author SHA1 Message Date
Zhongxing Xu b670f294c9 RegionViewMap factory is actually not used. All GDMs should use factories from 
GDMContext.

llvm-svn: 60150
 2008-11-27 06:03:03 +00:00
Sebastian Redl f7cb84d771 Fix the fix of revision 59974. Now array-struct.c passes too. 
llvm-svn: 59975
 2008-11-24 19:39:40 +00:00
Sebastian Redl 81c1e1306c Fix crash of array bounds checking under 64-bit. 
There might be other, similar bugs lurking there.

llvm-svn: 59974
 2008-11-24 19:35:33 +00:00
Zhongxing Xu 9165ed69af Add support for AllocaRegion extent with GDM. 
One design problem that is emerging is the signed-ness problem during static
analysis. Many unsigned value have to be converted into signed value because
it partipates in operations with signed values. 

On the other hand, we cannot blindly make all values occuring in static analysis
signed, because we do have cases where unsignedness is required, for example,
integer overflow detection.

llvm-svn: 59957
 2008-11-24 09:44:56 +00:00
Zhongxing Xu f556cd6cb9 Strings are NULL terminated. So the region size should plus one. 
llvm-svn: 59943
 2008-11-24 05:16:01 +00:00
Zhongxing Xu 8361d4c51b Add a comment about the signedness. 
llvm-svn: 59932
 2008-11-24 02:30:48 +00:00
Zhongxing Xu a61731dd0d Add getSize() support for StringRegion. 
llvm-svn: 59930
 2008-11-24 02:18:56 +00:00
Zhongxing Xu cdf25053ee Clean up code by using utility methods. 
llvm-svn: 59899
 2008-11-23 04:30:35 +00:00
Zhongxing Xu 4c8bf0086a Remove debug code. 
llvm-svn: 59870
 2008-11-22 13:23:00 +00:00
Zhongxing Xu 4d45b34a8a Initial support for checking out of bound memory access. Only support 
ConcreteInt index for now.

llvm-svn: 59869
 2008-11-22 13:21:46 +00:00
Zhongxing Xu e5816f213d Add support for symbolicating global structs and arrays in RegionStoreManager::getInitialStore(). 
llvm-svn: 59619
 2008-11-19 11:06:24 +00:00
Ted Kremenek c0145fd0bf Fix warning about RegionStoreManager::Retrieve() not always returning a value. 
llvm-svn: 59571
 2008-11-19 00:27:37 +00:00
Zhongxing Xu f87a7abcd4 handle the case that the array element is of structure type when bind the whole array to a single value (for example, UnknownVal, UndefinedVal). 
llvm-svn: 59521
 2008-11-18 13:11:04 +00:00
Zhongxing Xu 99a96d6ef3 Enhance modularization: return a <state,loc> pair to let GRExprEngine modify the 
environment.

llvm-svn: 59407
 2008-11-16 07:06:26 +00:00
Zhongxing Xu ceca80619f Enhances SCA to process untyped region to typed region conversion. 
- RegionView and RegionViewMap is introduced to assist back-mapping from
   super region to subregions.
 - GDM is used to carry RegionView information.
 - AnonTypedRegion is added to represent a typed region introduced by pointer
   casting. Later AnonTypedRegion can be used in other similar cases, e.g.,
   malloc()'ed region.
 - The specific conversion is delegated to store manager.

llvm-svn: 59382
 2008-11-16 04:07:26 +00:00
Zhongxing Xu 6a276cf5b7 Improve zero value generation. 
llvm-svn: 59356
 2008-11-15 05:18:50 +00:00
Zhongxing Xu d4e72fca45 Process array base expression of any type. 
llvm-svn: 59240
 2008-11-13 09:48:44 +00:00
Zhongxing Xu 189a30796a Array index might be unsigned. We have to generate a temporary signed value for 
it to be evaluated by APSInt::operators.

llvm-svn: 59238
 2008-11-13 09:15:14 +00:00
Zhongxing Xu 29188c2948 Incomplete struct pointer can be used as a function argument. 
llvm-svn: 59235
 2008-11-13 08:41:36 +00:00
Ted Kremenek cd639218e4 StoreManager::BindDecl now takes an SVal* for the initialization value instead of an Expr* (which can be null). Lazy symbolication of conjured symbols is now the sole responsibility of GRExprEngine. 
llvm-svn: 59151
 2008-11-12 19:18:35 +00:00
Zhongxing Xu 18d6fd45de Implement RegionStoreManager::RemoveDeadBindings(). This prunes several false warning caused by removal of symbolic constraints. Currently we just mark all symbols live. Further optimization for dead binding removal needed. 
llvm-svn: 58982
 2008-11-10 09:39:04 +00:00
Zhongxing Xu 2c677c34d5 Finish the implementation of VisitCompoundLiteralExpr. As VisitInitListExpr is 
available, things get much simplified.

One addition is that CompoundLiteralExpr can appear both in rvalue and lvalue
context.

llvm-svn: 58837
 2008-11-07 10:38:33 +00:00
Zhongxing Xu e79a4e667b Make the assertion real. 
llvm-svn: 58833
 2008-11-07 08:57:30 +00:00
Zhongxing Xu 2e8e604704 1. When a pointer to struct is used as an argument, GRSimpleVals::EvalCall() 
sets the whole struct to Unknown. Then we cannot assume the V passed to
   BindStruct() is always a CompoundVal. When it is an UnknownVal, we call
   BindStructToVal(UnknownVal).

2. Change the signature of InitializeStructToUndefined() to BindStructToVal()
   to reuse the code.

llvm-svn: 58564
 2008-11-02 12:13:30 +00:00
Zhongxing Xu 73f006e800 Simplify interface. We can get canonical type from the base region directly. No need for an extra type argument. 
llvm-svn: 58507
 2008-10-31 11:02:48 +00:00
Zhongxing Xu b393b5080c Implement struct initialization for SCA. 
llvm-svn: 58506
 2008-10-31 10:53:01 +00:00
Zhongxing Xu 98bb1fa69e Implement array initialization for SCA. 
llvm-svn: 58504
 2008-10-31 10:24:47 +00:00
Zhongxing Xu ce71638c0d Implement BindStruct and fix a bug in RetriveStruct. 
llvm-svn: 58496
 2008-10-31 08:10:01 +00:00
Zhongxing Xu 6c0d588942 Implement load from struct region. Instead of returning an UnknownVal(), we create a CompoundVal by loading from each field of the struct. 
llvm-svn: 58494
 2008-10-31 07:16:08 +00:00
Zhongxing Xu 628ae879ea Rename: AddDecl => BindDecl 
BindDecl better describes what the function does:
  - Bind the VarDecl to its memory region
  - Bind the memory region to some initial value.

llvm-svn: 58359
 2008-10-29 02:34:02 +00:00
Ted Kremenek bf26368255 Added preliminary support for CompoundLiterals in the static analyzer: 
- GRExprEngine::VisitCompoundLiteral...
   (1) visits the initializer list (generating ExplodedNodes)
   (2) creates a CompoundMemRegion for the literal
   (3) creates a new state with the bound literal values using
       GRStateManager::BindCompoundLiteral

- GRStateManager::BindCompoundLiteral simply calls 
  StoreManager::BindCompoundLiteral to get a new store and returns a persistent
  GRState with that store.

- BasicStore::BindCompoundLiteral simply returns the same store, as it
  doesn't handle field sensitivity
  
- RegionStore::BindCompoundLiteral currently fires an assert (pending discussion
  of how to best implement mappings for CompoundLiteralRegion).

llvm-svn: 58277
 2008-10-27 21:54:31 +00:00
Zhongxing Xu 144d7554c4 Use ASTContext::getCanonicalType() to get TypedRegion's type. 
llvm-svn: 58247
 2008-10-27 13:35:03 +00:00
Zhongxing Xu 36d4ade4be We cannot get precise lvalue for symbolic base array region. 
llvm-svn: 58243
 2008-10-27 12:23:17 +00:00
Zhongxing Xu bb18b57f53 Get the canonical type for struct initialization. The original code would crash on TypedefType. 
llvm-svn: 58236
 2008-10-27 09:24:07 +00:00
Zhongxing Xu 60de6c6c63 Remove loc::StringLiteralVal. Now we allocate regions for string literals in the Store. 
llvm-svn: 58182
 2008-10-26 02:27:21 +00:00
Zhongxing Xu bf47dc85fe Simplify ArrayToPointer conversion. Actually the only thing we need to do is to get the first element region. It is not necessary to care about the kind of the base array region. 
llvm-svn: 58181
 2008-10-26 02:23:57 +00:00
Zhongxing Xu 0d2706f6b8 Add code for get the lvalue for string literals. Now we return a StringRegion 
for StringLiteral lvalue evaluation, instead of directly returning a
loc::StringLiteralVal by the Environment.

llvm-svn: 58138
 2008-10-25 14:18:57 +00:00
Ted Kremenek f3be44f191 Added method "getSelfRegion" to Store. This method returns the region associated with the "this" or "self" object (C++ and Objective-C respectively). 
llvm-svn: 58107
 2008-10-24 20:32:16 +00:00
Zhongxing Xu e834fc1249 The Decl of an array region can be VarDecl or FieldDecl. Handle this in RegionStoreManager::ArrayToPointer(). 
llvm-svn: 58086
 2008-10-24 09:06:51 +00:00
Zhongxing Xu 729518be3a Implement struct initialization. Make it into a recursive function. Also make 
the array initialization code into a function.

llvm-svn: 58083
 2008-10-24 08:42:28 +00:00
Zhongxing Xu 1359e00f9c Add printing method to RegionStoreManager. 
llvm-svn: 58074
 2008-10-24 06:01:33 +00:00
Zhongxing Xu c7796d347d Fix 80-col violation. 
llvm-svn: 58070
 2008-10-24 04:33:15 +00:00
Zhongxing Xu cebb741f68 Add a bunch of dummy methods to make RegionStoreManager non-virtual. 
llvm-svn: 58061
 2008-10-24 01:38:55 +00:00
Zhongxing Xu a8d2cbe47f Added getLValueElement() to RegionStore. Only handle constant array for now. 
llvm-svn: 58058
 2008-10-24 01:09:32 +00:00
Ted Kremenek 6779f893b9 Make the analyzer store (memory model) a command line option. 
llvm-svn: 58056
 2008-10-24 01:04:59 +00:00
Zhongxing Xu 2fbc35443d Add a bunch of getLValue* methods to RegionStore. 
llvm-svn: 57977
 2008-10-22 13:44:38 +00:00
Douglas Gregor 5251f1b283 Preliminary support for function overloading 
llvm-svn: 57909
 2008-10-21 16:13:35 +00:00
Zhongxing Xu 8f6855e642 Modify Store interface: GetSVal/SetSVal => Retrieve/Bind. 
llvm-svn: 57896
 2008-10-21 06:27:32 +00:00
Zhongxing Xu 83aff7079f Process decls in RegionStore. Individual elements of fixed size arrays are 
initialized to UndefinedVal.

llvm-svn: 57892
 2008-10-21 05:29:26 +00:00
Ted Kremenek 8b103c65c6 - constify some uses of MemRegion* (MemRegion should be immutable). 
- Added new region "SymbolicRegion", which maps symbol values to the region domain.
- Enhanced BasicStore::getFieldLValue() to return a FieldRegion (using SymbolicRegion)
- Added some utility methods to GRState for fetch svals from the store.
- Fixed regression in CheckNSError (we weren't getting the value bound to the parameter)

llvm-svn: 57717
 2008-10-17 20:28:54 +00:00