[PATCH] D50211: [analyzer] Fix displayed checker name for InnerPointerChecker

rnkovacs closed this revision. rnkovacs added a comment. Committed in r339067, I just messed up the revision-closing line in the commit message. https://reviews.llvm.org/D50211 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.ll

[PATCH] D50211: [analyzer] Fix displayed checker name for InnerPointerChecker

rnkovacs added a comment. In https://reviews.llvm.org/D50211#1190146, @NoQ wrote: > Welcome to the club! :D Thanks, makes me feel better. https://reviews.llvm.org/D50211 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.or

[PATCH] D49570: [analyzer] Improve warning messages and notes of DanglingInternalBufferChecker

rnkovacs updated this revision to Diff 160193. rnkovacs marked 3 inline comments as done. rnkovacs added a comment. Address comments & rebase. https://reviews.llvm.org/D49570 Files: lib/StaticAnalyzer/Checkers/AllocationState.h lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp lib/Stati

[PATCH] D49570: [analyzer] Improve warning messages and notes of DanglingInternalBufferChecker

rnkovacs marked an inline comment as done. rnkovacs added inline comments. Comment at: lib/StaticAnalyzer/Checkers/DanglingInternalBufferChecker.cpp:253 + allocation_state::getContainerObjRegion(N->getState(), PtrToBuf); + const auto *TypedRegion = dyn_cast(ObjRegion); + Q

[PATCH] D48027: [analyzer] Improve `CallDescription` to handle c++ method.

rnkovacs accepted this revision. rnkovacs added a comment. In https://reviews.llvm.org/D48027#1203944, @MTC wrote: > However this approach has limit. Given the code below, we cannot distinguish > whether the `basic_string` is user-defined struct or namespace. That's means > when the user provid

[PATCH] D45517: [analyzer] WIP: False positive refutation with Z3

rnkovacs updated this revision to Diff 145762. rnkovacs marked 4 inline comments as done. rnkovacs edited the summary of this revision. rnkovacs added a comment. Expression chaining is fixed. The visitor now collects constraints that are about to disappear along the bug path and checks them once

[PATCH] D45517: [analyzer] WIP: False positive refutation with Z3

rnkovacs added inline comments. Comment at: lib/StaticAnalyzer/Core/BugReporterVisitors.cpp:2342 +BugReport &BR) { + if (isInvalidated) +return nullptr; george.karpenkov wrote: > Is this field actually necessary? D

[PATCH] D47135: [analyzer][WIP] A checker for dangling string pointers in C++

rnkovacs created this revision. rnkovacs added reviewers: NoQ, xazax.hun, george.karpenkov. Herald added subscribers: a.sidorin, dkrupp, szepet, baloghadamsoftware, whisperity, mgorny. This check marks a raw pointer to a C++ string object's inner buffer "released" when the object itself is destro

[PATCH] D47135: [analyzer][WIP] A checker for dangling string pointers in C++

rnkovacs added a comment. Adding a preliminary test file. F6259981: tests.cpp Repository: rC Clang https://reviews.llvm.org/D47135 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/

[PATCH] D47135: [analyzer][WIP] A checker for dangling string pointers in C++

rnkovacs added a comment. Thanks for your comments! It would be nice if we could reach a consensus on the naming issue before I update the patch. I was wondering, as we plan to support stuff like `std::vector::data()`, which is not a string, and `std::string_view`, which is not strictly a poin

[PATCH] D47135: [analyzer] A checker for dangling internal buffer pointers in C++

rnkovacs updated this revision to Diff 148727. rnkovacs retitled this revision from "[analyzer][WIP] A checker for dangling string pointers in C++" to "[analyzer] A checker for dangling internal buffer pointers in C++". rnkovacs edited the summary of this revision. rnkovacs added a comment. - Al

[PATCH] D47135: [analyzer] A checker for dangling internal buffer pointers in C++

rnkovacs updated this revision to Diff 148732. rnkovacs added a comment. Address (most) comments. https://reviews.llvm.org/D47135 Files: include/clang/StaticAnalyzer/Checkers/Checkers.td lib/StaticAnalyzer/Checkers/AllocationState.h lib/StaticAnalyzer/Checkers/CMakeLists.txt lib/StaticA

[PATCH] D47416: [analyzer] Clean up the program state map of DanglingInternalBufferChecker

rnkovacs created this revision. rnkovacs added reviewers: NoQ, xazax.hun, george.karpenkov. Herald added subscribers: a.sidorin, dkrupp, szepet, baloghadamsoftware, whisperity. Symbols are cleaned up from the program state map when they go out of scope. (This will need to be done individually wh

[PATCH] D47135: [analyzer] A checker for dangling internal buffer pointers in C++

rnkovacs added inline comments. Comment at: lib/StaticAnalyzer/Checkers/MallocChecker.cpp:1661 + case AF_CXXNewArray: + case AF_InternalBuffer: { if (IsALeakCheck) { Is tying this new family to NewDeleteChecker reasonable? I did it because it was NewDelet

[PATCH] D47417: [analyzer] Add missing state transition in IteratorChecker

rnkovacs created this revision. rnkovacs added reviewers: NoQ, xazax.hun, george.karpenkov, baloghadamsoftware. Herald added subscribers: a.sidorin, dkrupp, szepet, whisperity. After cleaning up program state maps in `checkDeadSymbols()`, a transition should be added to generate the new state.

[PATCH] D47135: [analyzer] A checker for dangling internal buffer pointers in C++

rnkovacs updated this revision to Diff 148827. rnkovacs added a comment. Added a check for `UnknownVal` and two FIXMEs (one for the `OriginExpr` and one for the new `CheckKind`). https://reviews.llvm.org/D47135 Files: include/clang/StaticAnalyzer/Checkers/Checkers.td lib/StaticAnalyzer/Che

[PATCH] D45517: [analyzer] False positive refutation with Z3

rnkovacs added inline comments. Comment at: lib/StaticAnalyzer/Core/Z3ConstraintManager.cpp:1249 +bool Z3ConstraintManager::isModelFeasible() { + return Solver.check() != Z3_L_FALSE; +} george.karpenkov wrote: > solver can also return "unknown", what happens the

[PATCH] D51385: [analyzer] InnerPointerChecker: Fix a segfault.

rnkovacs added a comment. > Return value of `dyn_cast_or_null` should be checked before use. Otherwise we > may put a null pointer into the map as a key and eventually crash in > `checkDeadSymbols`. Hm, so with the last `CallDescription` patch we removed some code here that essentially checked

[PATCH] D49553: [analyzer] Rename DanglingInternalBufferChecker to InnerPointerChecker

rnkovacs created this revision. rnkovacs added reviewers: NoQ, dcoughlin, xazax.hun, george.karpenkov. Herald added subscribers: mikhail.ramalho, a.sidorin, dkrupp, szepet, baloghadamsoftware, whisperity, mgorny. Also, the `AF_InternalBuffer` allocation family is renamed to `AF_InnerBuffer`. I'm

[PATCH] D49568: [analyzer][WIP] Scan the program state map in the visitor only once in DanglingInternalBufferChecker

rnkovacs created this revision. rnkovacs added reviewers: NoQ, xazax.hun, george.karpenkov. Herald added subscribers: mikhail.ramalho, a.sidorin, dkrupp, szepet, baloghadamsoftware, whisperity. In order to avoid scanning the map at each node in the bug reporter visitor, the `MemRegion` represent

[PATCH] D49570: [analyzer] Improve warning messages and notes of DanglingInternalBufferChecker

rnkovacs created this revision. rnkovacs added reviewers: NoQ, dcoughlin, xazax.hun, george.karpenkov. Herald added subscribers: mikhail.ramalho, a.sidorin, dkrupp, szepet, baloghadamsoftware, whisperity. Following the discussion at https://reviews.llvm.org/D49360. Added two more test cases that

[PATCH] D49656: [analyzer] Add support for more pointer invalidating functions in InnerPointerChecker

rnkovacs created this revision. rnkovacs added reviewers: NoQ, xazax.hun, george.karpenkov. Herald added subscribers: mikhail.ramalho, a.sidorin, dkrupp, szepet, baloghadamsoftware, whisperity. According to the standard, pointers referring to the elements of a `basic_string` sequence may also be

[PATCH] D49656: [analyzer] Add support for more pointer invalidating functions in InnerPointerChecker

rnkovacs updated this revision to Diff 156938. rnkovacs marked 11 inline comments as done. rnkovacs added a comment. Addressed comments & added two test cases for function pointers. https://reviews.llvm.org/D49656 Files: lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp lib/StaticAnalyzer

[PATCH] D49656: [analyzer] Add support for more pointer invalidating functions in InnerPointerChecker

rnkovacs added inline comments. Comment at: lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp:213 + if (const auto *FC = dyn_cast(&Call)) { +const FunctionDecl *FD = FC->getDecl(); +for (unsigned I = 0, E = FD->getNumParams(); I != E; ++I) { xazax.hun

[PATCH] D49656: [analyzer] Add support for more pointer invalidating functions in InnerPointerChecker

rnkovacs updated this revision to Diff 157278. rnkovacs marked 2 inline comments as done. rnkovacs added a comment. Fix note for function pointers & handle argument counting in member operator calls. I also refactored the code a little, because after moving things from `checkPreCall` to `checkPo

[PATCH] D49656: [analyzer] Add support for more pointer invalidating functions in InnerPointerChecker

rnkovacs added inline comments. Comment at: lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp:207-208 + +for (unsigned I = 0, E = FD->getNumParams(); I != E; ++I) { + QualType ParamTy = FD->getParamDecl(I)->getType(); + if (!ParamTy->isReferenceType() || -

[PATCH] D49656: [analyzer] Add support for more pointer invalidating functions in InnerPointerChecker

rnkovacs added inline comments. Comment at: lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp:181 - auto *TypeDecl = ObjRegion->getValueType()->getAsCXXRecordDecl(); - if (TypeDecl->getName() != "basic_string") -return; +for (unsigned I = 0, E = FD->getNumParams();

[PATCH] D49656: [analyzer] Add support for more pointer invalidating functions in InnerPointerChecker

rnkovacs updated this revision to Diff 157286. rnkovacs marked an inline comment as done. rnkovacs added a comment. Tiny bit more re-structuring. https://reviews.llvm.org/D49656 Files: lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp lib/StaticAnalyzer/Checkers/MallocChecker.cpp test/A

[PATCH] D49811: [analyzer] Obtain a ReturnStmt from a CFGAutomaticObjDtor

rnkovacs created this revision. rnkovacs added reviewers: NoQ, xazax.hun, george.karpenkov. Herald added subscribers: mikhail.ramalho, a.sidorin, dkrupp, szepet, baloghadamsoftware, whisperity. The `CoreEngine` only gives us a `ReturnStmt` if the last element in the `CFGBlock` is a `CFGStmt`, ot

[PATCH] D49811: [analyzer] Obtain a ReturnStmt from a CFGAutomaticObjDtor

rnkovacs added a comment. I'm not sure how to test this. I'll need it in https://reviews.llvm.org/D49361 when I update it to use the changed `checkEndFunction()` callback, and that will kind of test this too. Repository: rC Clang https://reviews.llvm.org/D49811 ___

[PATCH] D49361: [analyzer] Detect pointers escaped after return statement execution in MallocChecker

rnkovacs updated this revision to Diff 157375. rnkovacs retitled this revision from "[analyzer][WIP] Detect pointers escaped after return statement execution in MallocChecker" to "[analyzer] Detect pointers escaped after return statement execution in MallocChecker". rnkovacs edited the summary of

[PATCH] D49656: [analyzer] Add support for more pointer invalidating functions in InnerPointerChecker

rnkovacs updated this revision to Diff 157809. rnkovacs marked an inline comment as done. https://reviews.llvm.org/D49656 Files: lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp lib/StaticAnalyzer/Checkers/MallocChecker.cpp test/Analysis/inner-pointer.cpp Index: test/Analysis/inner-poin

[PATCH] D49656: [analyzer] Add support for more pointer invalidating functions in InnerPointerChecker

rnkovacs added inline comments. Comment at: lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp:192 - if (Call.isCalled(CStrFn) || Call.isCalled(DataFn)) { -SVal RawPtr = Call.getReturnValue(); -if (SymbolRef Sym = RawPtr.getAsSymbol(/*IncludeBaseRegions=*/true)) { -

[PATCH] D49361: [analyzer] Detect pointers escaped after return statement execution in MallocChecker

rnkovacs updated this revision to Diff 157966. rnkovacs marked an inline comment as done. rnkovacs added a comment. De-duplicate & add comment. https://reviews.llvm.org/D49361 Files: lib/StaticAnalyzer/Checkers/MallocChecker.cpp test/Analysis/inner-pointer.cpp test/Analysis/malloc-free-af

[PATCH] D49058: [analyzer] Move InnerPointerChecker out of alpha

rnkovacs updated this revision to Diff 157987. rnkovacs retitled this revision from "[analyzer] Move DanglingInternalBufferChecker out of alpha" to "[analyzer] Move InnerPointerChecker out of alpha". rnkovacs added a comment. Rebase. https://reviews.llvm.org/D49058 Files: include/clang/Stat

[PATCH] D49811: [analyzer] Obtain a ReturnStmt from a CFGAutomaticObjDtor

rnkovacs updated this revision to Diff 158680. rnkovacs added a comment. In https://reviews.llvm.org/D49811#1175726, @NoQ wrote: > I guess you could write a test with `debug.AnalysisOrder` (by making its > `checkEndFunction` callback (that you'll have to define) print different > things dependi

[PATCH] D49361: [analyzer] Detect pointers escaped after return statement execution in MallocChecker

rnkovacs updated this revision to Diff 158681. rnkovacs marked an inline comment as done. rnkovacs added a comment. Add helper function to be used in both callbacks. https://reviews.llvm.org/D49361 Files: lib/StaticAnalyzer/Checkers/MallocChecker.cpp test/Analysis/inner-pointer.cpp test/A

[PATCH] D50211: [analyzer] Fix displayed checker name for InnerPointerChecker

rnkovacs created this revision. rnkovacs added reviewers: NoQ, xazax.hun, george.karpenkov. Herald added subscribers: mikhail.ramalho, a.sidorin, dkrupp, szepet, baloghadamsoftware, whisperity. For `InnerPointerChecker` to function properly, both the checker itself and `MallocChecker`'s capabili

[PATCH] D50211: [analyzer] Fix displayed checker name for InnerPointerChecker

rnkovacs added a comment. In https://reviews.llvm.org/D50211#1186630, @NoQ wrote: > I see, so that's how it's done! > > I also noticed that checker name was weird in exploded graph dumps, i.e. it > was showing regular new/delete stuff as if it was done by InnerPointer > checker. I'll check if t

[PATCH] D50211: [analyzer] Fix displayed checker name for InnerPointerChecker

rnkovacs updated this revision to Diff 159244. rnkovacs marked an inline comment as done. rnkovacs added a comment. Replace empty `Optional`s with `None`s. https://reviews.llvm.org/D50211 Files: lib/StaticAnalyzer/Checkers/InnerPointerChecker.cpp lib/StaticAnalyzer/Checkers/InterCheckerAPI.

[PATCH] D41816: [analyzer] Model and check unrepresentable left shifts

rnkovacs created this revision. rnkovacs added reviewers: NoQ, dcoughlin, xazax.hun. Herald added subscribers: a.sidorin, szepet, baloghadamsoftware, whisperity. Left shifting a signed positive value is undefined if the result is not representable in the unsigned version of the return type. The

[PATCH] D41816: [analyzer] Model and check unrepresentable left shifts

rnkovacs updated this revision to Diff 129071. rnkovacs marked an inline comment as done. https://reviews.llvm.org/D41816 Files: lib/StaticAnalyzer/Checkers/UndefResultChecker.cpp lib/StaticAnalyzer/Core/BasicValueFactory.cpp test/Analysis/bitwise-ops.c Index: test/Analysis/bitwise-ops.c

[PATCH] D41816: [analyzer] Model and check unrepresentable left shifts

rnkovacs added a comment. In https://reviews.llvm.org/D41816#970845, @xazax.hun wrote: > Overall looks good to me, one comment inline. I think it is good to have > these checks to prevent the analyzer executing undefined behavior. Maybe this > would make it more feasible to run the analyzer wit

[PATCH] D41816: [analyzer] Model and check unrepresentable left shifts

rnkovacs updated this revision to Diff 129448. rnkovacs added a comment. I extended the warning message to include more information. What do you think? https://reviews.llvm.org/D41816 Files: lib/StaticAnalyzer/Checkers/UndefResultChecker.cpp lib/StaticAnalyzer/Core/BasicValueFactory.cpp t

[PATCH] D45517: [analyzer] False positive refutation with Z3

rnkovacs added a comment. In https://reviews.llvm.org/D45517#1117898, @mikhail.ramalho wrote: > Just want to comment here and give thanks again for the first version of > the refutation code. It's being really helpful to develop the approach this > code as a base; things would definitely be slo

[PATCH] D47416: [analyzer] Clean up the program state map of DanglingInternalBufferChecker

rnkovacs updated this revision to Diff 150625. rnkovacs marked an inline comment as done. rnkovacs edited the summary of this revision. rnkovacs added a comment. Herald added a subscriber: mikhail.ramalho. Fixed naming and added an extra pass for regions left behind by incomplete destructors. h

[PATCH] D47416: [analyzer] Clean up the program state map of DanglingInternalBufferChecker

rnkovacs updated this revision to Diff 150637. rnkovacs marked 3 inline comments as done. rnkovacs added a comment. Addressed comments. https://reviews.llvm.org/D47416 Files: lib/StaticAnalyzer/Checkers/DanglingInternalBufferChecker.cpp Index: lib/StaticAnalyzer/Checkers/DanglingInternalBuf

[PATCH] D48521: [analyzer] Highlight STL object destruction in MallocChecker

rnkovacs created this revision. rnkovacs added reviewers: NoQ, xazax.hun, george.karpenkov, dcoughlin. Herald added subscribers: mikhail.ramalho, a.sidorin, dkrupp, szepet, baloghadamsoftware, whisperity. Extend `MallocBugVisitor` to place a note at the point where objects with `AF_InternalBuffe

[PATCH] D48522: [analyzer] Highlight c_str() call in DanglingInternalBuffer checker

rnkovacs created this revision. rnkovacs added reviewers: NoQ, xazax.hun, george.karpenkov, dcoughlin. Herald added subscribers: mikhail.ramalho, a.sidorin, dkrupp, szepet, baloghadamsoftware, whisperity. Add a bug visitor to `DanglingInternalBuffer` checker that places a note at the point where

[PATCH] D48522: [analyzer] Highlight c_str() call in DanglingInternalBuffer checker

rnkovacs updated this revision to Diff 152604. rnkovacs marked an inline comment as done. rnkovacs added a comment. Um, sorry, I totally forgot about that. Added your case to the tests. https://reviews.llvm.org/D48522 Files: lib/StaticAnalyzer/Checkers/AllocationState.h lib/StaticAnalyzer/C

[PATCH] D48521: [analyzer] Highlight container object destruction in MallocChecker

rnkovacs updated this revision to Diff 152615. rnkovacs marked 7 inline comments as done. rnkovacs retitled this revision from "[analyzer] Highlight STL object destruction in MallocChecker" to "[analyzer] Highlight container object destruction in MallocChecker". rnkovacs added a comment. Thanks

[PATCH] D48522: [analyzer] Highlight c_str() call in DanglingInternalBuffer checker

rnkovacs updated this revision to Diff 152616. rnkovacs marked 4 inline comments as done. rnkovacs added a comment. Thanks! Addressed comments. https://reviews.llvm.org/D48522 Files: lib/StaticAnalyzer/Checkers/AllocationState.h lib/StaticAnalyzer/Checkers/DanglingInternalBufferChecker.cpp

[PATCH] D48522: [analyzer] Highlight c_str() call in DanglingInternalBuffer checker

rnkovacs updated this revision to Diff 152627. rnkovacs marked an inline comment as done. rnkovacs added a comment. Fixed variable name inside the visitor. I also clang-formatted the file, sorry for any line number shifting. https://reviews.llvm.org/D48522 Files: lib/StaticAnalyzer/Checkers/A

[PATCH] D48532: [analyzer] Add support for std::basic_string::data() in DanglingInternalBufferChecker

rnkovacs created this revision. rnkovacs added reviewers: NoQ, xazax.hun, george.karpenkov, dcoughlin. Herald added subscribers: mikhail.ramalho, a.sidorin, dkrupp, szepet, baloghadamsoftware, whisperity. + Cleaned up test file a bit. Repository: rC Clang https://reviews.llvm.org/D48532 Fil

[PATCH] D53069: [analyzer][www] Update avaible_checks.html

rnkovacs added inline comments. Comment at: www/analyzer/available_checks.html:376-393 + +cplusplus.InnerPointer +(C++) +Check for inner pointers of C++ containers used after re/deallocation. + + + Szelethus wrote: > @rnkovacs Is this a good description of your c

[PATCH] D53856: [analyzer] Put llvm.Conventions back in alpha

rnkovacs added a comment. In https://reviews.llvm.org/D53856#1280408, @Szelethus wrote: > In https://reviews.llvm.org/D53856#1279887, @NoQ wrote: > > > This might be also covered by @rnkovacs's string buffer escape checker - > > either already or eventually, it'll become just yet another string

[PATCH] D59279: [Analyzer] Checker for non-determinism caused by iteration of unordered container of pointers

rnkovacs added a comment. In D59279#1427017 , @mgrang wrote: > Following are the assumptions/limitations of this patch: > > 1. The assumption is that iteration of ordered containers of pointers is > not non-deterministic. > Could you please explain wh

[PATCH] D59195: [analyzer] Remove the default value arg from getChecker*Option

rnkovacs added inline comments. Comment at: lib/StaticAnalyzer/Core/AnalyzerOptions.cpp:148-150 + assert(Ret && + "This option should be either 'true' or 'false', and should've been " + "validated by CheckerRegisrty!"); NoQ wrote: > Even though `

[PATCH] D59279: [Analyzer] Checker for non-determinism caused by iteration of unordered container of pointers

rnkovacs added a comment. In D59279#1438514 , @mgrang wrote: > Yes, the reason we limit the checks only to //unordered// containers is to > reduce the false positive rate. Although, as you rightly pointed out that > //ordered// sets of pointers are as no

[PATCH] D60281: [analyzer] Add docs for cplusplus.InnerPointer

rnkovacs created this revision. rnkovacs added reviewers: NoQ, xazax.hun, Szelethus, dcoughlin, dkrupp. Herald added subscribers: cfe-commits, Charusso, gamesh411, donat.nagy, mikhail.ramalho, a.sidorin, szepet, baloghadamsoftware, whisperity. Herald added a project: clang. Tried to pick two inte

[PATCH] D35796: [analyzer] Misused polymorphic object checker

rnkovacs marked 3 inline comments as done. rnkovacs added inline comments. Comment at: include/clang/StaticAnalyzer/Checkers/Checkers.td:296 +def MisusedPolymorphicObjectChecker: Checker<"MisusedPolymorphicObject">, + HelpText<"Reports deletions of polymorphic objects with

[PATCH] D35796: [analyzer] Delete with non-virtual destructor check

rnkovacs updated this revision to Diff 115198. rnkovacs marked an inline comment as done. rnkovacs retitled this revision from "[analyzer] Misused polymorphic object checker" to "[analyzer] Delete with non-virtual destructor check". rnkovacs edited the summary of this revision. rnkovacs added a co

[PATCH] D35796: [analyzer] Delete with non-virtual destructor check

rnkovacs updated this revision to Diff 116060. rnkovacs added a comment. - Accidentally left-in comment removed. - Checker file clang-formatted. https://reviews.llvm.org/D35796 Files: include/clang/StaticAnalyzer/Checkers/Checkers.td lib/StaticAnalyzer/Checkers/CMakeLists.txt lib/StaticAn

[PATCH] D35796: [analyzer] Delete with non-virtual destructor check

rnkovacs added a comment. In https://reviews.llvm.org/D35796#878200, @dcoughlin wrote: > This looks good to me! Do you have commit access, or do you need someone to > commit it for you? Thanks! I don't, so it would be nice if someone committed it for me. https://reviews.llvm.org/D35796 __

[PATCH] D60281: [analyzer] Add docs for cplusplus.InnerPointer

rnkovacs added a comment. In D60281#1630337 , @Szelethus wrote: > I'll gladly add the finishing touches :) So sorry for leaving this hanging! Thanks Husi, you da best :) Repository: rC Clang CHANGES SINCE LAST ACTION https://reviews.llvm.org/D6028

[PATCH] D45517: [analyzer] WIP: False positive refutation with Z3

rnkovacs updated this revision to Diff 143287. rnkovacs edited the summary of this revision. rnkovacs added a comment. Fixed logical operator in the `Z3ConstraintManager::checkRangedStateConstraints()` function. https://reviews.llvm.org/D45517 Files: include/clang/StaticAnalyzer/Core/Analyze

[PATCH] D45920: [analyzer] Move RangeSet related declarations into the RangedConstraintManager header.

rnkovacs created this revision. rnkovacs added reviewers: NoQ, george.karpenkov, dcoughlin. Herald added subscribers: dkrupp, a.sidorin, szepet, baloghadamsoftware, xazax.hun, whisperity. I could also move `RangedConstraintManager.h` under `include/` if you agree as it seems slightly out of plac

[PATCH] D45517: [analyzer] WIP: False positive refutation with Z3

rnkovacs updated this revision to Diff 143440. https://reviews.llvm.org/D45517 Files: include/clang/StaticAnalyzer/Core/AnalyzerOptions.h include/clang/StaticAnalyzer/Core/BugReporter/BugReporterVisitors.h include/clang/StaticAnalyzer/Core/PathSensitive/ConstraintManager.h include/clang/S

[PATCH] D45517: [analyzer] WIP: False positive refutation with Z3

rnkovacs added a comment. In https://reviews.llvm.org/D45517#1074057, @NoQ wrote: > > The visitor currently checks states appearing as block edges in the > > exploded graph. The first idea was to filter states based on the shape of > > the exploded graph, by checking the number of successors of

[PATCH] D45517: [analyzer] WIP: False positive refutation with Z3

rnkovacs added a comment. In https://reviews.llvm.org/D45517#1074057, @NoQ wrote: > > The visitor currently checks states appearing as block edges in the > > exploded graph. The first idea was to filter states based on the shape of > > the exploded graph, by checking the number of successors of

[PATCH] D48522: [analyzer] Highlight c_str() call in DanglingInternalBuffer checker

rnkovacs updated this revision to Diff 152719. rnkovacs added a comment. Fixed the constness of `c_str()` in the test file. https://reviews.llvm.org/D48522 Files: lib/StaticAnalyzer/Checkers/AllocationState.h lib/StaticAnalyzer/Checkers/DanglingInternalBufferChecker.cpp lib/StaticAnalyzer

[PATCH] D48532: [analyzer] Add support for std::basic_string::data() in DanglingInternalBufferChecker

rnkovacs updated this revision to Diff 152737. rnkovacs marked an inline comment as done. https://reviews.llvm.org/D48532 Files: lib/StaticAnalyzer/Checkers/DanglingInternalBufferChecker.cpp test/Analysis/dangling-internal-buffer.cpp Index: test/Analysis/dangling-internal-buffer.cpp

[PATCH] D48532: [analyzer] Add support for std::basic_string::data() in DanglingInternalBufferChecker

rnkovacs added inline comments. Comment at: test/Analysis/dangling-internal-buffer.cpp:10 const CharT *c_str(); + const CharT *data(); }; xazax.hun wrote: > Note that these methods are const according to the standard. Even if it does > not make any differen

[PATCH] D48521: [analyzer] Highlight container object destruction in MallocChecker

rnkovacs added a comment. No crashes on Harfbuzz, ICU, Bitcoin, and LLVM. I'll commit. https://reviews.llvm.org/D48521 ___ cfe-commits mailing list cfe-commits@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

[PATCH] D49057: [analyzer] Track multiple raw pointer symbols in DanglingInternalBufferChecker

rnkovacs created this revision. rnkovacs added reviewers: NoQ, xazax.hun, george.karpenkov. Herald added subscribers: mikhail.ramalho, a.sidorin, dkrupp, szepet, baloghadamsoftware, whisperity. Previously, the checker only tracked one raw pointer symbol for each container object. But member func

[PATCH] D49057: [analyzer] Track multiple raw pointer symbols in DanglingInternalBufferChecker

rnkovacs updated this revision to Diff 154519. rnkovacs marked 5 inline comments as done. rnkovacs edited the summary of this revision. rnkovacs added a comment. Addressed comments. https://reviews.llvm.org/D49057 Files: lib/StaticAnalyzer/Checkers/DanglingInternalBufferChecker.cpp test/Ana

[PATCH] D49057: [analyzer] Track multiple raw pointer symbols in DanglingInternalBufferChecker

rnkovacs added inline comments. Comment at: lib/StaticAnalyzer/Checkers/DanglingInternalBufferChecker.cpp:126 + NewSet = F.add(NewSet, RawPtr.getAsSymbol()); + if (!NewSet.isEmpty()) { +State = State->set(ObjRegion, NewSet); xazax.hun wrote: > I

[PATCH] D49057: [analyzer] Track multiple raw pointer symbols in DanglingInternalBufferChecker

rnkovacs updated this revision to Diff 154520. rnkovacs marked an inline comment as done. https://reviews.llvm.org/D49057 Files: lib/StaticAnalyzer/Checkers/DanglingInternalBufferChecker.cpp test/Analysis/dangling-internal-buffer.cpp Index: test/Analysis/dangling-internal-buffer.cpp

[PATCH] D49057: [analyzer] Track multiple raw pointer symbols in DanglingInternalBufferChecker

rnkovacs added inline comments. Comment at: lib/StaticAnalyzer/Checkers/DanglingInternalBufferChecker.cpp:121 + if (State->contains(ObjRegion)) { +NewSet = *State->get(ObjRegion); +if (NewSet.contains(RawPtr.getAsSymbol())) xazax.hun wrote: >

[PATCH] D49058: [analyzer] Move DanglingInternalBufferChecker out of alpha

rnkovacs created this revision. rnkovacs added reviewers: NoQ, xazax.hun, george.karpenkov. Herald added subscribers: mikhail.ramalho, a.sidorin, dkrupp, szepet, baloghadamsoftware, whisperity. Repository: rC Clang https://reviews.llvm.org/D49058 Files: include/clang/StaticAnalyzer/Checkers

[PATCH] D49057: [analyzer] Track multiple raw pointer symbols in DanglingInternalBufferChecker

rnkovacs added inline comments. Comment at: lib/StaticAnalyzer/Checkers/DanglingInternalBufferChecker.cpp:32-40 +namespace clang { +namespace ento { +template<> struct ProgramStateTrait + : public ProgramStatePartialTrait { + static void *GDMIndex() { +static int Index = 0;

[PATCH] D49057: [analyzer] Track multiple raw pointer symbols in DanglingInternalBufferChecker

rnkovacs updated this revision to Diff 154556. rnkovacs marked 5 inline comments as done. rnkovacs added a comment. Thanks very much for your review! https://reviews.llvm.org/D49057 Files: lib/StaticAnalyzer/Checkers/DanglingInternalBufferChecker.cpp test/Analysis/dangling-internal-buffer.c

[PATCH] D49058: [analyzer] Move DanglingInternalBufferChecker out of alpha

rnkovacs updated this revision to Diff 154760. rnkovacs added a comment. Fix test run line. https://reviews.llvm.org/D49058 Files: include/clang/StaticAnalyzer/Checkers/Checkers.td test/Analysis/dangling-internal-buffer.cpp Index: test/Analysis/dangling-internal-buffer.cpp ===

[PATCH] D49360: [analyzer] Add support for more basic_string API in DanglingInternalBufferChecker

rnkovacs created this revision. rnkovacs added reviewers: NoQ, xazax.hun, george.karpenkov. Herald added subscribers: mikhail.ramalho, a.sidorin, dkrupp, szepet, baloghadamsoftware, whisperity. A pointer referring to the elements of a `basic_string` may be invalidated by calling a non-const memb

[PATCH] D49361: [analyzer][WIP] Detect pointers escaped after return statement execution in MallocChecker

rnkovacs created this revision. rnkovacs added reviewers: NoQ, xazax.hun, george.karpenkov. Herald added subscribers: mikhail.ramalho, a.sidorin, dkrupp, szepet, baloghadamsoftware, whisperity. Sometimes an object is destroyed right after the statement returning it is executed. This patch aims t

[PATCH] D49058: [analyzer] Move DanglingInternalBufferChecker out of alpha

rnkovacs added a comment. In https://reviews.llvm.org/D49058#1159533, @george.karpenkov wrote: > @rnkovacs Do you have evaluation statistics handy for this checker? How many > bugs it finds, on which projects? How many of those are real bugs? In its present form, it does not produce many repor

[PATCH] D49387: [analyzer] Make checkEndFunction() give access to the return statement

rnkovacs created this revision. rnkovacs added reviewers: NoQ, xazax.hun, george.karpenkov. Herald added subscribers: mikhail.ramalho, a.sidorin, dkrupp, szepet, baloghadamsoftware, whisperity. Repository: rC Clang https://reviews.llvm.org/D49387 Files: include/clang/StaticAnalyzer/Core/Che

[PATCH] D49360: [analyzer] Add support for more basic_string API in DanglingInternalBufferChecker

rnkovacs updated this revision to Diff 155770. rnkovacs marked an inline comment as done. rnkovacs edited the summary of this revision. rnkovacs added a comment. Added standard quote, marking the section about non-member functions that may also invalidate the buffer as a TODO. Also changed the no

[PATCH] D49360: [analyzer] Add support for more basic_string API in DanglingInternalBufferChecker

rnkovacs added a comment. In https://reviews.llvm.org/D49360#1163113, @NoQ wrote: > Also we rarely commit to adding a test for every single supported API > function; bonus points for that, but usually 2-3 functions from a series of > similar functions is enough :) Um, okay, noted for next tim

[PATCH] D49360: [analyzer] Add support for more basic_string API in DanglingInternalBufferChecker

rnkovacs added inline comments. Comment at: test/Analysis/dangling-internal-buffer.cpp:175 std::string s; - { -c = s.c_str(); - } - consume(c); // no-warning + c = s.c_str(); // expected-note {{Pointer to dangling buffer was obtained here}} + s.clear(); // expect

[PATCH] D49360: [analyzer] Add support for more basic_string API in DanglingInternalBufferChecker

rnkovacs updated this revision to Diff 155944. rnkovacs marked 2 inline comments as done. rnkovacs added a reviewer: dcoughlin. rnkovacs added a comment. Note messages updated. https://reviews.llvm.org/D49360 Files: lib/StaticAnalyzer/Checkers/DanglingInternalBufferChecker.cpp lib/StaticAna

[PATCH] D49058: [analyzer] Move DanglingInternalBufferChecker out of alpha

rnkovacs added a comment. Two more reports on Ceph that seem to be true positives (no other reports from this checker): 1. Here (or if it does not work, the bug is on L130 here ). 2. Here

[PATCH] D35932: [clang-tidy] Add integer division check

rnkovacs updated this revision to Diff 108605. rnkovacs edited the summary of this revision. https://reviews.llvm.org/D35932 Files: clang-tidy/bugprone/BugproneTidyModule.cpp clang-tidy/bugprone/CMakeLists.txt clang-tidy/bugprone/IntegerDivisionCheck.cpp clang-tidy/bugprone/IntegerDivisio

[PATCH] D35932: [clang-tidy] Add integer division check

rnkovacs added a comment. I run the check on LLVM-Clang, and got this one hit: /home/reka/codechecker_dev_env/llvm/lib/CodeGen/SelectionDAG/LegalizeVectorOps.cpp:1000:43: warning: integer division; possible precision loss [bugprone-integer-division] SDValue TWOHW = DAG.getConstantFP(1 <<

[PATCH] D35932: [clang-tidy] Add integer division check

rnkovacs updated this revision to Diff 109497. rnkovacs edited the summary of this revision. rnkovacs added a comment. Uploaded a more thought-out version of the check with more cases covered and hopefully clearer docs. It produces no hits on LLVM&Clang. https://reviews.llvm.org/D35932 Files:

[PATCH] D36407: [Sema] Extend -Wenum-compare to handle mixed enum comparisons in switch statements

rnkovacs created this revision. `-Wenum-compare` warns if two values with different enumeration types are compared in expressions with binary operators. This patch extends this diagnostic so that comparisons of mixed enumeration types are recognized in switch statements as well. Example: en

[PATCH] D36407: [Sema] Extend -Wenum-compare to handle mixed enum comparisons in switch statements

rnkovacs updated this revision to Diff 110219. rnkovacs marked 2 inline comments as done. rnkovacs added a comment. Uploaded the full diff and addressed comments. Added `const` qualifiers to `GetTypeBeforeIntegralPromotion()` function. https://reviews.llvm.org/D36407 Files: lib/Sema/SemaStmt

[PATCH] D36526: [Sema] Assign new flag -Wenum-compare-switch to switch-related parts of -Wenum-compare

rnkovacs created this revision. This patch assigns switch-related parts of the `-Wenum-compare` diagnostic to a new flag `-Wenum-compare-switch`. `-Wenum-compare-switch` is put into the same group as `-Wenum-compare` so that `-W(no-)enum-compare` affects both. https://reviews.llvm.org/D36526

[PATCH] D35932: [clang-tidy] Add integer division check

rnkovacs updated this revision to Diff 110539. rnkovacs marked 3 inline comments as done. rnkovacs edited the summary of this revision. rnkovacs added a comment. Thanks for the comments. I improved the docs and truncated the messages in the test file. We also had concerns about the nested `hasAn

[PATCH] D45517: [analyzer] WIP: False positive refutation with Z3

rnkovacs created this revision. rnkovacs added reviewers: george.karpenkov, NoQ, dcoughlin. Herald added subscribers: a.sidorin, szepet, baloghadamsoftware, whisperity, fhahn. This is a prototype of a bug reporter visitor that invalidates bug reports by re-checking constraints of certain states

  1   2   >