ExplodedNodeImpl::NodeGroup from being defined inline to being defined
"out-of-line" in ExplodedGraph.cpp. This removes a dependence on including
<vector> in ExplodedGraph.h, and will hopefully result in smaller generated code
with negligible performance impact.
llvm-svn: 45928
ExplodedNode, ExplodedGraph (to match the vocabulary in the RHS paper)
ReachabilityEngine
The implementation of the core of the path-sensitive dataflow solver has
been de-templatized and places in ReachabilityEngine.cpp.
The solver is still incomplete.
llvm-svn: 45711
"GREngine" (Graph Reachability Engine). The idea is to provide a separation
of concerns between the constant prop. details and the core analysis engine.
llvm-svn: 45555
propagation analysis via graph reachability. This analysis (which is incomplete)
will be the basis for later developments on the core engine for path-sensitive
analysis analysis.
llvm-svn: 45552
Created include/clang/Analysis/Analyses directory.
- Moved LiveVariables.h and UninitializedValues.h into this dir.
Moved ExprDeclBitVector.h into Analysis/Support.
Updated all clients who use these headers to reflect the new paths.
llvm-svn: 45292
of array types. For things like:
char x[10];
we should treat "x" as being initialized, because the variable "x" really
refers to the memory block of the array. Clearly x[1] is uninitialized, but
expressions like "(char*) x" really do refer to an initialized value. This
simple dataflow analysis does not reason about the contents of arrays.
This fixes: PR 1859 (http://llvm.org/bugs/show_bug.cgi?id=1859)
llvm-svn: 44984
we incorrectly examine the expression within a sizeof() for use in computing
dataflow values.
This fixes: PR 1858 (http://llvm.org/bugs/show_bug.cgi?id=1858)
llvm-svn: 44982
Moved all clients of Diagnostics to use FullSourceLoc instead of SourceLocation.
Added many utility methods to FullSourceLoc to provide shorthand for:
FullLoc.getManager().someMethod(FullLoc.getLocation());
instead we have:
FullLoc.someMethod();
Modified TextDiagnostics (and related classes) to use this short-hand.
llvm-svn: 44957
SourceManager is passed by reference, allowing the SourceManager to be
associated with a specific translation unit, and not the entire execution
of the driver.
Modified all users of Diagnostics to comply with this new interface.
Integrated SourceManager as a member variable of TargetInfo. TargetInfo will
eventually be associated with a single translation unit (just like
SourceManager).
Made the SourceManager reference in ASTContext private. Provided accessor
getSourceManager() for clients to use instead. Modified clients to comply with
new interface.
llvm-svn: 44878
We accidentally were throttling the propagation of uninitialized state across
assignments (e.g. x = y). Thanks to Anders Carlsson for spotting this problem.
Added test cases to test suite to provide regression testing for the
uninitialized values analysis.
llvm-svn: 44306
"block-expressions" when visiting arbitrary expressions (via calls to
"Visit()"). This results in a refactoring where a dataflow analysis no
longer needs to always special case when handling block-expressions versus
non-block expressions.
Updated LiveVariables and UninitializedValues to conform to the slightly
altered interface of these visitor classes.
Thanks to Nuno Lopes for providing a test case that illustrated some
fundamental problems in the current design of the CFGXXXStmtVisitor classes
and how they were used.
llvm-svn: 44246
Rename SourceRange::Begin()/End() to getBegin()/getEnd() for
consistency with other code.
Start building the rewriter towards handling @encode.
llvm-svn: 43047
taintness across expressions.
Made "smart-culling" of taint propagation (for error reporting)
correctly handle conditional expressions and a few other edge cases.
llvm-svn: 42421
values associated with ScopedDecls and CFGBlock-level Exprs. This is the common
boilerplate needed by UninitializedValues and LiveVariables.
Refactored UninitializedValues to use ExprDeclBitVector.
Shortened the string diagnostic for UninitializedValues.
llvm-svn: 42408
code that uses the solver to reflect the new location.
Created "FlowSensitive" subdirectory in include/clang/Analysis to hold
header files relating to flow-sensitive analyses. Moved
"DataflowValues.h" into this subdirectory.
llvm-svn: 42320
between forward and backward analyses, with trait classes being used
to implement the key differences in operations/functionality.
Converted the LiveVariables analysis to use the generic DataflowSolver. This,
along with removing some extra functionality that was not needed, reduced
the code for LiveVariables by over half.
Modified Driver code to handle the updated interface to LiveVariables.
Modified the DeadStores checker to handle the update interface to
LiveVariables.
Updated DataflowValues (generic ADT to store dataflow values) to also
store values for blocks. This is used by DeadStores. Updated some comments.
llvm-svn: 42293
invocation of the solver.
UninitializedValues checker now uses CFG::runOnAllBlocks to query the
computed dataflow values (tighter code).
llvm-svn: 42107
with CFG *edges* instead of blocks. This will fascilitate dataflow
analyses that are sensitive to block terminators, and also simplifies
some reasoning.
Updated UninitializedValues to comply to this new interface.
llvm-svn: 42099
too "conservative").
Several revisions to UninitializedValues checker after testing. We
now appear to be working correctly (probably some bugs still, but main
functionality appears to be there). Implemented careful emitting of
warnings so that we wouldn't get a cascade of warnings for simply not
defining a single variable and using it everywhere. This way the
warnings point closer to the root cause rather than "symptoms" from
using values derived from uninitialized variables.
llvm-svn: 42067
mechanism can be implemented simply by affixing the Observer to an
analysis meta data, so it doesn't need to be a required type. This
also permits analyses not to implement an Observer if it doesn't make
sense.
Changed "DataflowValues::MetaDataTy" to
"DataflowValues::AnalysisDataTy" to reflect that the type
enscapsulated the data associated with analyzing a given CFG.
Changed CFGStmtVisitor::BlockStmt_VisitImplicitControlFlowStmt(Stmt*)
to ...VisitImplicitControlFlowExpr(Expr*). The type narrowing is more
precise and more useful to clients.
Added CFGStmtVisitor::BlockStmt_VisitExpr to reflect the visitation of
expressions at the block statement level. This captures all implicit
control-flow statements as well as other expressions that are hoisted
to the block level (such as conditions for terminators and function
calls). This is especially useful for dataflow analysis.
llvm-svn: 42034
if the assigned value is a constant expression, e.g.:
int x = 0;
We then check to see if "x" is ever reassigned later. If so, we don't
emit a warning. This is because programmers frequently use defensive
programming to make sure a variable has a defined value.
llvm-svn: 41853
that refer to direct function calls.
Modified interface of LiveVariables to only track liveness of VarDecls.
This cleans up a bunch of edge cases, and removed the bug just mentioned.
llvm-svn: 41797
but never used.
Fix a bug in LiveVariables where uses on the LHS of self-assign
operators (e.g +=, *=, etc) would not be properly recorded in the
liveness state of the variable.
llvm-svn: 41757
to variables that are no longer live. This analysis is built on top
of CFGs and the LiveVariables analysis.
changes to driver:
added driver option "-check-dead-stores" to run the analysis
llvm-svn: 41754
source-level CFGs. This code may change significantly in the near
future as we explore different means to implement dataflow analyses.
Added a driver option, -dump-live-variables, to view the output of
live variable analysis. This output is very ALPHA; it will be improved shortly.
llvm-svn: 41737
Ted Kremenek