143 Commits (e065b0b0b23c9e5543a5edf76ac4e68d495b6671)

Author SHA1 Message Date
Jules Villard b20c22a5ee [pulse] abduce arithmetic facts
5 years ago
Jules Villard 16c88e282d [pulse] some tests about values
5 years ago
Jules Villard 6a738045fd [pulse] interprocedural histories and traces
5 years ago
Jules Villard 669383d315 [pulse] more details about variable declaration events
5 years ago
Jules Villard 96c96a8dc6 [pulse] remember equalities found in branches
5 years ago
Jules Villard 3ac8e27062 [pulse] use constant equality to prune unfeasible paths
5 years ago
Jules Villard 362e9cc622 [pulse] do not print `()` after functions
5 years ago
Ezgi Çiçek 127902222d [pulse] Filter AddressOfStackVariable from read only heuristic check
5 years ago
Ezgi Çiçek 09ab685c7e [pulse] Handle stack refs escaping their scope via pointer
5 years ago
Jules Villard a504a67ec2 [pulse] model some of `std::basic_string`
5 years ago
Jules Villard 14b9975cf3 [pulse] support modelling destructors
5 years ago
Jules Villard d9aadf5df2 [pulse] allow models in invalidation traces
5 years ago
Jules Villard ef26e8bb28 [clang] NamespaceAliasDecl is just a no-op
5 years ago
Jules Villard 14ce445f81 [pulse] run tests against C++17
6 years ago
Jules Villard 86decb83f6 [pulse] record attributes of address not edge-reachable in the post
6 years ago
Jules Villard d96ab2458d [pulse] model lambda destructor
6 years ago
Jules Villard 91a2e2986b [pulse] model lambda capture by value
6 years ago
Jules Villard 433c144840 [pulse] calling known lambdas calls the corresponding proc name
6 years ago
Jules Villard 2bf6852b95 [pulse] model `std::function::operator=`
6 years ago
Jules Villard f15d9915a0 [pulse] better types to avoid `_fun_` prefix to proc names in bug traces
6 years ago
Jules Villard 7f12ced394 [pulse] move to SIL proper
6 years ago
Jules Villard 04233ee49b [clang] destroy C++ temporaries
6 years ago
Jules Villard 0592bac25e [pulse] explain SIL logical variables in terms of program access paths
6 years ago
Jules Villard c9f4768be7 [pulse] move to SIL
6 years ago
Jules Villard 21f66dd197 [pulse] do not model `operator=` as assignment
6 years ago
Peter O'Hearn 9b8a908ad3 [Pulse] model folly delayed destruction
6 years ago
Jules Villard d586630edf [pules] do not print templated part of function names
6 years ago
Jules Villard 5de9bc29d2 [pulse] better error messages
6 years ago
Jules Villard b700af9ffb [hil] do not put parens around trivial expressions
6 years ago
Jules Villard 6364199b94 [pulse] traces record how values were constructed
6 years ago
Jules Villard b5589661ce [pulse] improve error messages and traces
6 years ago
Jules Villard 9dbbd68472 [pulse] apply summaries to globals too
6 years ago
Jules Villard 31c2a39e81 [pulse] tighten up summaries
6 years ago
Jules Villard 7c90480758 [pulse] do not create `&` back-edges eagerly
6 years ago
Jules Villard ada032ee2c [pulse] improve error messages and traces
6 years ago
Jules Villard db4e1ea433 [pulse] reallocate variables on initialisation
6 years ago
Jules Villard 3ce095a288 [pulse] more efficient representation of attributes
6 years ago
Jules Villard d57ed5086e [pulse] better treatment of variables going out of scope
6 years ago
Jules Villard 53b1577b4c [pulse][interproc 3/3] interproc call
6 years ago
Jules Villard 686231ec6e [SIL] change `variable_initialization()` builtin to a new auxiliary instruction
6 years ago
Jules Villard ebe5028ca1 [SIL] add `Skip` metadata instruction
6 years ago
Jules Villard b665e1c575 [SIL][HIL] distinguish auxiliary instructions as `Metadata`
6 years ago
David Lively 5d4a27ea54 RFC: stop using _ to separate ObjC/C++ class name from method in Typ.Procname.to_string
6 years ago
Jeremy Dubreil 261f1ba171 [infer] update the Pulse tests expected output
6 years ago
Jules Villard 605bc5e01a [pulse] fix some tests and add interproc tests
6 years ago
Jules Villard 4cdb65c237 [pulse] |- is now true only of isomorphic graphs
6 years ago
Jules Villard 4988523104 [AI] make join and widen use the same argument order
6 years ago
Jules Villard 363d69430d [ai][pulse] use subgraph-based implication between states
6 years ago
Jules Villard a19db6605c [AI][pulse] lists of disjuncts instead of sets
6 years ago
Jules Villard 44007f054c [pulse] collect garbage (unreachable) heap parts from time to time
6 years ago
Sungkeun Cho 0e5a902ac6 [inferbo] Add model of String::length
6 years ago
Jules Villard 4c1ee2a485 [pulse] add traces to the domain
6 years ago
Jules Villard 8d3363f677 [pulse] record simple double free test
6 years ago
Jules Villard 9868f7f763 [pulse] warn on returning address of C++ temporary
6 years ago
Jules Villard db1814b1d1 [pulse] detect stack variable address escape
6 years ago
Daiva Naudziuniene e2b5a6f941 [pulse] Allow taking address of a field of an invalid object
6 years ago
Daiva Naudziuniene 220d29766d [pulse] Model stack as a map from addresses of variables
6 years ago
Jules Villard 65d031af66 [pulse] model lambda captures
6 years ago
Daiva Naudziuniene fcfb6cc361 [pulse] Model more std::vector functions that can invalid references to elements
6 years ago
Daiva Naudziuniene 332b150be9 [pulse] Model std::vector::reserve to invalidate references to elements
6 years ago
Daiva Naudziuniene 485b9c7bf5 [pulse] Abstract Location Set
6 years ago
Daiva Naudziuniene e59d9632b1 [Pulse] Improve example to illustrate FP caused by an allocation in a branch
6 years ago
Jules Villard 1c668c4d41 [SIL][preanalysis] add call flag for functions treating first formal as return
6 years ago
Jules Villard f3411a2203 [HIL] Add `ExitScope` instruction
6 years ago
Jules Villard 0b2dcbf406 [pulse] add non-passing tests about join
6 years ago
Daiva Naudziuniene b640d69021 [pulse] An example of false positive caused by an allocation in a branch
6 years ago
Jules Villard 6f9028a77f [pulse] use WTO scheduler
6 years ago
Daiva Naudziuniene 86f52e52ed [pulse] Operator= copy assignment
6 years ago
Jules Villard f30e97f072 [pulse] add model for `std::vector::reserve` using additional memory attribute
6 years ago
Jules Villard 1c8143898e [pulse] generalise "invalid" addresses as sets of attributes
6 years ago
Jules Villard 637018a330 [pulse] model some early exit functions
6 years ago
Jules Villard 9aa5582caa [clang] leave markers of variable initialization for pulse
6 years ago
Jules Villard 165cb1cf73 [pulse] back to sounder joins
6 years ago
Jules Villard f400d4c5c5 [pulse] always register havoc'd variables
6 years ago
Daiva Naudziuniene 4954d3da4b [pulse] Model operator=
6 years ago
Daiva Naudziuniene 881bcb8fce [pulse] Clean up placement new model
6 years ago
Jules Villard 0a2cb44667 [pulse] introduce the more precise `VECTOR_INVALIDATION` issue type
6 years ago
Jules Villard f627812541 [pulse] new issue type `USE_AFTER_DESTRUCTOR`
6 years ago
Jules Villard c6b2126c3f [pulse] forget about addresses that are invalid on only one side of a join
6 years ago
Daiva Naudziuniene 8b54879b07 [pulse] Constructors
6 years ago
Daiva Naudziuniene 1094a8224c [pulse] Invalidate object rather than address in destructor call
6 years ago
Jules Villard 6cce767d19 [pulse] copy tests from ownership
6 years ago
Jules Villard cf66ea0afb [pulse] havoc vector array on push_back
6 years ago
Jules Villard 6d6ac1d368 [pulse] do not use access paths as they forget about &/*
6 years ago
Jules Villard f5786c444b [pulse] use after free
6 years ago
Jules Villard 38ced865f3 [pulse] more issue types and add details about why locations get invalidated
6 years ago
Daiva Naudziuniene 5dab665fc2 [pulse] Model placement new
6 years ago
Daiva Naudziuniene 50da07e922 [pulse] Invalidate addresses for destructors
6 years ago
Jules Villard 497720386e [pulse] join of memory graphs
6 years ago
Jules Villard 47867a8fdc [pulse] rename `Location` -> `Address` and better reporting
6 years ago
Jules Villard dd220a0fb4 [pulse] vector models
6 years ago
Jules Villard ad98ffa22b [pulse] more aggressive join
6 years ago
Jules Villard d28d0528d1 [pulse] initial commit
6 years ago