906 Commits (2decf834ed4d0e54231f4dd93dec40d580d55144)

Author SHA1 Message Date
Jules Villard 9dbbd68472 [pulse] apply summaries to globals too
6 years ago
Jules Villard 3ba05b8cee [pulse] be more careful about what to consider as a variable going out of scope
6 years ago
Jules Villard 31c2a39e81 [pulse] tighten up summaries
6 years ago
Jules Villard 7c90480758 [pulse] do not create `&` back-edges eagerly
6 years ago
Jules Villard ada032ee2c [pulse] improve error messages and traces
6 years ago
Jules Villard db4e1ea433 [pulse] reallocate variables on initialisation
6 years ago
Jules Villard 3ce095a288 [pulse] more efficient representation of attributes
6 years ago
Jules Villard d57ed5086e [pulse] better treatment of variables going out of scope
6 years ago
Jules Villard 53b1577b4c [pulse][interproc 3/3] interproc call
6 years ago
Jules Villard 686231ec6e [SIL] change `variable_initialization()` builtin to a new auxiliary instruction
6 years ago
Jules Villard 2151be9c25 [issues] do not dedup issues when `Config.filtering` is unset
6 years ago
David Lively 996f7c4f02 Allow Cxx annotation-reachability src/sink/override w/paths AND symbols
6 years ago
Jules Villard ebe5028ca1 [SIL] add `Skip` metadata instruction
6 years ago
Jules Villard b665e1c575 [SIL][HIL] distinguish auxiliary instructions as `Metadata`
6 years ago
David Lively f12bbacbdd [annotation-reachability] stop merging sanitized nodes' callees
6 years ago
David Lively 87391f6f2f [annotation-reachability] make CxxAnnotationSpecs.report more user-friendly
6 years ago
David Lively 5d4a27ea54 RFC: stop using _ to separate ObjC/C++ class name from method in Typ.Procname.to_string
6 years ago
David Lively 20b21698f6 [checkers] enable config-driven annotation reachability for Cxx
6 years ago
Sungkeun Cho 5762c47ef2 [inferbo] Accumulate LatestPrune in sequential prunings
6 years ago
Jeremy Dubreil 261f1ba171 [infer] update the Pulse tests expected output
6 years ago
Jules Villard 605bc5e01a [pulse] fix some tests and add interproc tests
6 years ago
Jules Villard 4cdb65c237 [pulse] |- is now true only of isomorphic graphs
6 years ago
Jules Villard 4988523104 [AI] make join and widen use the same argument order
6 years ago
Sungkeun Cho 3b5ef0b31b [inferbo] Translate re-declared globals to point to original ones
6 years ago
Sungkeun Cho a46130655e [inferbo] Address __return_param on function calls
6 years ago
David Lively 692a844e0c [AL] use found_decl_ref in recently added predicates/placeholders
6 years ago
Ezgi Çiçek 9790eb5a78 [cpp][linters] Hotfix: linter error
6 years ago
Lee Howes 5c2ef731ff Add support for qualified functions and a call_qualified_function predicate
6 years ago
David Lively 5aedc7e71c [AL] expose source loc of decl referenced by decl_ref
6 years ago
David Lively f00950a3c8 [AL] fix ast_node_cxx_fully_qualified_name for constructor exprs
6 years ago
David Lively 96beec5e53 [AL] fix ast_node_cxx_fully_qualified_name w/non-global vars
6 years ago
Radu Grigore 86861498a5 Slightly more precise pi_partial_meet
6 years ago
Jules Villard c3cadace86 [SIL][3/3] add CallFlag for synthetised destructor calls
6 years ago
Jules Villard 363d69430d [ai][pulse] use subgraph-based implication between states
6 years ago
Sungkeun Cho 22aea43f76 [inferbo] Assign unknown value for unknown functions
6 years ago
Jules Villard a19db6605c [AI][pulse] lists of disjuncts instead of sets
6 years ago
Jules Villard 44007f054c [pulse] collect garbage (unreachable) heap parts from time to time
6 years ago
Sungkeun Cho 4a013f5bf6 [inferbo] Add FN test of using global constant
6 years ago
Mehdi Bouaziz f20e0737fd [inferbo] Extract abstract domain functor for 'set represented by its smallest element'
6 years ago
Sungkeun Cho 8ea92c51e0 [inferbo] Suppress ALLOC_IS_ZERO for C++'s array object
6 years ago
Jeremy Dubreil a3ecfdb8ad [infer][nullsafe] add a NULLSAFE_ prefix to the internal name of the Nullsafe errors
6 years ago
Nikos Gorogiannis b243fae86c [starvation] template filters
6 years ago
Jules Villard 4c4bb84e2c [liveness] blacklist of dangerous classes
6 years ago
Jules Villard 41abbe363d [clang] do not add extra dereferences
6 years ago
Jules Villard f8338d8faf [clang] ignore `__attribute__((unused))` variable initialisations
6 years ago
David Lively c5890238f0 [Config] support arbitrary named symbol lists
6 years ago
Sungkeun Cho caf61461ac [inferbo] Update reachability conditions at function call
6 years ago
Daiva Naudziuniene 6d562fc7b0 [dead store] Dead store false positive caused by forgetting expression inside decltype
6 years ago
Sungkeun Cho 0447c5b8d5 [inferbo] Give a widening threshold for array offset
6 years ago
Sungkeun Cho 7b7e6990e4 [inferbo] Add models for basic array iterator
6 years ago
Sungkeun Cho 7a4862b994 [inferbo] Revise std::array::at model
6 years ago
David Lively a8c946f1d9 new predicate is_in_source_file and placeholders %source_file% and %kind%
6 years ago
Sungkeun Cho 9bb5738675 [inferbo] Add test for contents of std::array
6 years ago
Sungkeun Cho 1bcdc6e761 [inferbo] Extend conditional proof obligation for inequalities
6 years ago
David Lively d390a6f08a [CType_decl] Add missing case to `get_record_typename`
6 years ago
Sungkeun Cho 09a5671ef4 [inferbo] Add a test for conditional inequality
6 years ago
Sungkeun Cho 5aa26dc32e [inferbo] Add an allocsite type for literal strings
6 years ago
Jeremy Dubreil 87a8ddc8fa [nullsafe] merge the option names
6 years ago
Mehdi Bouaziz 405dee5ceb [inferbo] Consider `this` to never be a pointer inside an array
6 years ago
Sungkeun Cho 05ec029e50 [inferbo] Suppress intended integer overflow
6 years ago
David Lively 322066d248 Rename {has_,}cxx_full_name to {has_,}cxx_fully_qualified_name.
6 years ago
Sungkeun Cho d5faf2de52 [inferbo] Ignore encoding error in the snprintf model
6 years ago
Sungkeun Cho 05ceaebb7d [inferbo] Add model of String::operator==
6 years ago
Sungkeun Cho 0e5a902ac6 [inferbo] Add model of String::length
6 years ago
Jules Villard 4c1ee2a485 [pulse] add traces to the domain
6 years ago
Sungkeun Cho b84c519070 [inferbo] Add model of String::empty
6 years ago
Sungkeun Cho 196a602c25 [inferbo] Add model of basic_string
6 years ago
Sungkeun Cho 0f8444e235 [inferbo] Substitute conditions of proof obligations strictly
6 years ago
Sungkeun Cho a48421aa0a [inferbo] XML escape in L.d_printfln
6 years ago
Mehdi Bouaziz 1827b42f68 [inferbo] Improve traces of binary operators when nothing changes
6 years ago
Daiva Naudziuniene b19ad38dae [pulse] Example of use after destructor for temporaries
6 years ago
Jules Villard 8d3363f677 [pulse] record simple double free test
6 years ago
David Lively 1f2b0d4152 Add new predicate has_cxx_qual_name and macro %cxx_full_name%
6 years ago
Jules Villard 9868f7f763 [pulse] warn on returning address of C++ temporary
6 years ago
Jules Villard db1814b1d1 [pulse] detect stack variable address escape
6 years ago
Jules Villard c77f22310a [pulse] rewrite test to avoid stack variable address escape
6 years ago
Jules Villard 1b79f13a18 [ownership] make heuristic for reporting on lambdas more shareable
6 years ago
Jules Villard 2bb9e5ad85 [pulse] rename function that was never a pulse FP
6 years ago
Jeremy Dubreil 61d75d9991 [infer][nullsafe] use the same human readable error message for Eradicate and the new Nullsafe backend
6 years ago
Sungkeun Cho 6920532e12 [inferbo] Forget only updated locations from latest prune at Store
6 years ago
Sungkeun Cho e52b1e077e [inferbo] Conditional proof obligation
6 years ago
Nikos Gorogiannis 9d6a9f52ec [starvation] improve 2-way deadlock reports
6 years ago
Daiva Naudziuniene e2b5a6f941 [pulse] Allow taking address of a field of an invalid object
6 years ago
Daiva Naudziuniene 220d29766d [pulse] Model stack as a map from addresses of variables
6 years ago
Nikos Gorogiannis 101283f9d0 [starvation] fix trace description strings for taking locks
6 years ago
Jules Villard 65d031af66 [pulse] model lambda captures
6 years ago
David Lively 5a531ac755 Make is_cxx_method_overriding predicate take regex matching class/name
6 years ago
Daiva Naudziuniene fcfb6cc361 [pulse] Model more std::vector functions that can invalid references to elements
6 years ago
Jules Villard 95fab102bf [pulse] do not destroy `this` even if asked to
6 years ago
Sungkeun Cho f409450d8b [inferbo] Add tests for conditional proof obligations
6 years ago
Nikos Gorogiannis f8fc40cea9 [starvation] improve debugging output
6 years ago
Nikos Gorogiannis 2701073b3e [starvation] C++ deadlock FPs due to recursive and unknown mutexes
6 years ago
Nikos Gorogiannis 9c240ed978 [starvation] skip analysis option should be used at top level too
6 years ago
Sungkeun Cho a8dbaf082d [inferbo] Weak update for array contents
6 years ago
Sungkeun Cho f9161b164f [inferbo] On-demand heap symbol using path
6 years ago
Nikos Gorogiannis 27d8a65906 [starvation][concurrency] split guard lock treatment and add support for non-recursive locks (per language)
6 years ago
Jeremy Dubreil 69af58506d [infer][nullsafe] rename the option to run the Nullsafe checker
6 years ago
Daiva Naudziuniene 332b150be9 [pulse] Model std::vector::reserve to invalidate references to elements
6 years ago
Ted Reed 28b346a903 quandary: Detect flows to EnvironmentChange that includes putenv only
6 years ago
Sungkeun Cho 4b2c65f2e2 Revert "[inferbo] Instantiate symbolic locations in function parameters"
6 years ago
Sungkeun Cho 9013e38594 [inferbo] Add/remove _FP in repro1.cpp test
6 years ago
Sungkeun Cho 2a94e907e2 [inferbo] Revise pp of Symb.partial
6 years ago
Daiva Naudziuniene 485b9c7bf5 [pulse] Abstract Location Set
6 years ago
Sungkeun Cho 62d45f9c01 [inferbo] Copy callee's values that are reachable from parameters
6 years ago
Sungkeun Cho 4e166f3375 [inferbo] Instantiate symbolic locations in function parameters
6 years ago
David Lively 33eabe6bfd New is_cxx_method_overriding predicate
6 years ago
Daiva Naudziuniene e59d9632b1 [Pulse] Improve example to illustrate FP caused by an allocation in a branch
6 years ago
Jules Villard 1c668c4d41 [SIL][preanalysis] add call flag for functions treating first formal as return
6 years ago
Jules Villard f3411a2203 [HIL] Add `ExitScope` instruction
6 years ago
Jules Villard 0b2dcbf406 [pulse] add non-passing tests about join
6 years ago
Jules Villard 55586b581b [preanalysis] do not delay killing variables taken by reference
6 years ago
Sungkeun Cho 15b77ee8c8 [inferbo] Give semantics for unsigned int casting of minus one
6 years ago
Sungkeun Cho 5f925869b6 [infer] Translate more casts (unsigned int)
6 years ago
Sungkeun Cho 442fecc030 [inferbo] Fix performance of issue deduplication
6 years ago
Nikos Gorogiannis bbd26769c9 [starvation] c++/Obj C deadlocks
6 years ago
Mehdi Bouaziz 5f60ffaa8f [inferbo] Trace refactoring
6 years ago
Sungkeun Cho edc090544a [inferbo] Improve pp of Inferbo in traceview
6 years ago
Daiva Naudziuniene b640d69021 [pulse] An example of false positive caused by an allocation in a branch
6 years ago
Mehdi Bouaziz d6423cf598 [inferbo] Preparing for trace rewrite
6 years ago
Martino Luca 664978d654 Revert D12819709 to patch OOM events
6 years ago
Sungkeun Cho b4683d965d [inferbo] Resize array on casting
6 years ago
Sungkeun Cho 1486a5f105 [infer] Translate casting expressions of integer pointers
6 years ago
Jules Villard 646aa30797 [cfg] print dotty *after* pre-analysis
6 years ago
Mehdi Bouaziz 8fcbfcb741 [inferbo] Pretty-print more abstract locations
6 years ago
Mehdi Bouaziz fac9932168 [inferbo] Add traces to Conditions always true/false and Unreachable code
6 years ago
Mehdi Bouaziz 42b16d45fa [inferbo] New tests
6 years ago
Mehdi Bouaziz a7921536da [quandaryBO] New test
6 years ago
Daiva Naudziuniene 2c06254800 [pulse] False positive caused by multiple variables captured by value in lambda
6 years ago
Jules Villard 67ff14b4ed [pulse] record attributes inside memory cells instead of separately
6 years ago
Jules Villard 6f9028a77f [pulse] use WTO scheduler
6 years ago
Sungkeun Cho b3bfa8100b [inferbo] Add test
6 years ago
Sungkeun Cho 72ce05c039 [inferbo] Fix width of bool
6 years ago
Daiva Naudziuniene 86f52e52ed [pulse] Operator= copy assignment
6 years ago
Jules Villard f30e97f072 [pulse] add model for `std::vector::reserve` using additional memory attribute
6 years ago
Jules Villard 1c8143898e [pulse] generalise "invalid" addresses as sets of attributes
6 years ago
Jules Villard 637018a330 [pulse] model some early exit functions
6 years ago
Jules Villard 9aa5582caa [clang] leave markers of variable initialization for pulse
6 years ago
Jules Villard 165cb1cf73 [pulse] back to sounder joins
6 years ago
Jules Villard f400d4c5c5 [pulse] always register havoc'd variables
6 years ago
Sungkeun Cho bf29bd9772 [inferbo] Fix xcompare of Itv
6 years ago
Sungkeun Cho fed56fd0d8 [inferbo] Revise deduplication
6 years ago
Sungkeun Cho 9e9deb93be [inferbo] Use set instead of list on get_symbols
6 years ago
Daiva Naudziuniene 4954d3da4b [pulse] Model operator=
6 years ago
Daiva Naudziuniene 881bcb8fce [pulse] Clean up placement new model
6 years ago
Sungkeun Cho e5ee023aa3 [infer] Add integral constant expression info
6 years ago
Jules Villard 0a2cb44667 [pulse] introduce the more precise `VECTOR_INVALIDATION` issue type
6 years ago
Jules Villard f627812541 [pulse] new issue type `USE_AFTER_DESTRUCTOR`
6 years ago
Jules Villard c6b2126c3f [pulse] forget about addresses that are invalid on only one side of a join
6 years ago
Daiva Naudziuniene 8b54879b07 [pulse] Constructors
6 years ago
Sungkeun Cho 87dd2047ec [infer] Use big int in IntLit
6 years ago
Sungkeun Cho 120c8785eb [inferbo] Update pp of buffer overflow condition
6 years ago
Daiva Naudziuniene 1094a8224c [pulse] Invalidate object rather than address in destructor call
6 years ago
Mehdi Bouaziz 10804588b2 New function pointer preanalysis without recursion
6 years ago
Sungkeun Cho 0ce0ec03d9 [inferbo] Support global constant
6 years ago
Jules Villard 6cce767d19 [pulse] copy tests from ownership
6 years ago
Jules Villard cf66ea0afb [pulse] havoc vector array on push_back
6 years ago
Jules Villard 6d6ac1d368 [pulse] do not use access paths as they forget about &/*
6 years ago
Jules Villard f5786c444b [pulse] use after free
6 years ago
Jules Villard 38ced865f3 [pulse] more issue types and add details about why locations get invalidated
6 years ago
Mehdi Bouaziz ecedb27d77 Add missing FB copyrights
6 years ago
Daiva Naudziuniene 5dab665fc2 [pulse] Model placement new
6 years ago
Daiva Naudziuniene 50da07e922 [pulse] Invalidate addresses for destructors
6 years ago
Sungkeun Cho 85ef451701 [infer] Use integer widths on constructing Sizeof exp
6 years ago
Jules Villard 497720386e [pulse] join of memory graphs
6 years ago
Sungkeun Cho cd1981a567 [inferbo] Change pp of BinaryOperationCondition
6 years ago
Jules Villard 47867a8fdc [pulse] rename `Location` -> `Address` and better reporting
6 years ago
Jules Villard dd220a0fb4 [pulse] vector models
6 years ago
Jules Villard ad98ffa22b [pulse] more aggressive join
6 years ago
Sungkeun Cho fb4086c6f6 [inferbo] Add integer overflow issue type
6 years ago
Jules Villard 3821be4b7f [pulse] fix compilation error in test
6 years ago
Jules Villard d28d0528d1 [pulse] initial commit
6 years ago
Sungkeun Cho fd660f42f5 [inferbo] Suppress exception on placement new
6 years ago
Mehdi Bouaziz 5679105c15 [Uninit][7/13] Add new tests
6 years ago
Mehdi Bouaziz 8cac7df447 [Uninit][1/13] Move interproc tests
6 years ago
Sungkeun Cho 1330475032 [infer] Fix placement_new translation
6 years ago
Sungkeun Cho f4ee2a0234 [inferbo] Revise placement new model
6 years ago
Jules Villard 7615963bf4 [proc-cfg][2/5] fix duplicate symbols detection
6 years ago
Jules Villard 116ec5ae55 [clang] changes to accomodate the new version of clang
6 years ago
Julian Sutherland 93690dfa0e Check that the end the traces of inferBO and quandary issues match before matching them to form an quandaryBO issue
6 years ago
Jules Villard a29e769b61 [kill -a][1/4] stop using `-a foo` in the infer repo
6 years ago
Mehdi Bouaziz 82a7f14f90 QuandaryBO issue filtering: fix --no-filtering behavior
6 years ago
Julian Sutherland 0e9d8380c2 filter issues correctly
6 years ago
Dino Distefano 3c04f32709 hadoc const version
6 years ago
Julian Sutherland 60784ad045 Updated QuandaryBO issue matching.
6 years ago
Julian Sutherland f6afe3a092 quandaryBO now filters out quandary and inferBO errors if they are not enabled.
6 years ago
Julian Sutherland 949aae560b Added traces to QuandaryBO errors
6 years ago
Mehdi Bouaziz d9fb7b3004 ProcAttributes: removed unused by_vals
6 years ago
Julian Sutherland 16c70d1c23 Fixed a bug that caused the stride of symbolic arrays to not be set.
6 years ago
Dino Distefano 21145c75c9 Added new predicate is_const_expr()
6 years ago
Daiva Naudziuniene 0bbeb85295 [ownership] Stack reference wrapper example
6 years ago
Julian Sutherland e715d48c12 QuandaryBO
6 years ago
Mehdi Bouaziz 9318a22b29 Update plugin
6 years ago
Daiva Naudziuniene e5b38a42d8 [ownership] More examples
6 years ago
Daiva Naudziuniene 2a35d6579b [dead store] Removed special case for constexpr in lambda captures
6 years ago
Julian Sutherland 34b0a6165c Added new issues to differentiate tainted buffer accesses and heap allocations
6 years ago
Julian Sutherland 7fc29b3248 Added unit tests for function pointers
6 years ago
Daiva Naudziuniene bfab195d08 [dead store] Do not report dead stores on constexpr
6 years ago
Jules Villard 5894258f43 [ownership] do not warn on returning ref to outer local
6 years ago
Daiva Naudziuniene 8e753c2b74 [deadstore] Do not report on __tmp
6 years ago
Mehdi Bouaziz b4b54025bf Remove C++ mutex DOUBLE_LOCK checker
6 years ago