User Details
- User Since
- Dec 25 2017, 5:51 AM (299 w, 6 d)
Jul 30 2021
@NoQ, what do you think?
Apr 7 2021
Thank you guys for investigating it!
Apr 6 2021
Apr 5 2021
Debug facility NFC: https://reviews.llvm.org/rG89d210fe1a7a1c6cbf926df0595b6f107bc491d5
size -> extent conversion: https://reviews.llvm.org/rG9b3df78b4c2ab7a7063e532165492e1ffa38d401
Mar 21 2021
Mar 16 2021
Great idea!
@NoQ, could you upstream it and move this idea forward please?
Feb 9 2021
Jan 28 2021
Hey, I am back.
- Fix everything.
Jan 22 2021
Dec 18 2020
Dec 14 2020
Hey! We are somewhat slow in reviews, please understand that.
Dec 4 2020
Nov 27 2020
Jul 17 2020
I do not get why my solution -analyzer-config silence-checkers=core.NullDereference -analyzer-config silence-checkers=core.DivideZero was insufficient, whereas -analyzer-config silence-checkers=core.NullDereference;core.DivideZero is working. One funny thing to note here: LLDB cannot parse "a;b", so that it stops to parse the compiler flags at ;... It is mostly LLDB's fault, but that is why I wanted to avoid the character ;. If I remember right I have picked ; over ,, because the Clang's flag-parser cannot parse ,, but may , is working now. Could you try that and overwrite these silly behaviors, please?
Jul 15 2020
Thanks for the reviews!
- Resolve most of the review comments.
- We really need to specify the design of future checkers.
Jul 14 2020
Jun 3 2020
Okay! Thanks for the review.
- Using getNameAsString().
I do not see any debug burden because there were no information to begin the debug. The *new* information occurs at the appropriate place now.
Story: I was looking at the va_list test files and I was very curious why I cannot catch its binding as a struct. So I have checked out an implementation:
typedef struct { unsigned int gp_offset; unsigned int fp_offset; void *overflow_arg_area; void *reg_save_area; } va_list[1];
The answer was: bindArray(). I believe it is convenient to see immediately what we model.
May this is somewhat hand-waving, but this double-binding does not seem useful.
- Refactor.
May 24 2020
- Refactor.
- Refactor.
- State out explicitly whether the Analyzer models the dynamic size.
Way more sophisticated matching: https://reviews.llvm.org/D77745
- Refactor.
May 19 2020
Apr 7 2020
I believe it is very strange on a Windows system to have multiple dots in a file. The other issue could be the wildcard /*/ in a path full of \s. The LLVM lit (https://llvm.org/docs/CommandGuide/lit.html) has tons of Windows-related shortcuts, which I have never seen being used, but could be useful.
Apr 5 2020
Apr 3 2020
Apr 1 2020
- Simplify tests.
- Remove dead code, they are far away to being used.
- Add an extra test case.
- Remove the last dead comment.
Thanks for the review, hopefully if I ping @NoQ in every round, it will be green-marked soon.
Hm, the MemRegion's offset should be great. I was thinking about if we would store SVal offsets in the Store.
Mar 31 2020
Given that the secondary behavior confuse people I have removed it for now. May if someone introduce a NullTerminationChecker then we introduce such option to warn on insecure calls instant. Thanks @balazske for influencing that change. @NoQ this project had a deadline like half year ago, could you smash that green button please?
- Get rid of the secondary behavior for now.
- Fix review comments.
- Remove the last gymnastic.
- Rebase.
Please avoid to stuff in CheckerContext because this facility should be used by ExprEngine/Store as well.
Let us reword your API: getDynamicSizeWithOffset(ProgramStateRef, SVal, SValBuilder &). Of course we are trying to obtain some buffer-ish size, that is the purpose of the entire API.
I also could imagine something like getDynamicSizeMul(ProgramStateRef, const MemRegion &, const MemRegion &, SValBuilder &), as it is very common.
Each class has its own dumpJson method which builds up the graph together. The actual dot creation happens in ExprEngine.cpp's struct DOTGraphTraits<ExplodedGraph*>, changed in: D62346
Mar 30 2020
- Remove the test of creating a live checker, instead copy over the live checker when the script runs.
- Simplify the script by adding the new package to the end of the file.
- In case of the checkers.rst a non-alpha package is going to be added before the alpha packages.
- According to this change simplify the tests.
- DummyChecker -> ExampleChecker.
Mar 29 2020
Mar 28 2020
- Fix VLASizeChecker's multi-dimensional array early return.
- So that fix the regression in test misc-ps-region-store.m.
- Fix tests that need regex.
- Add documentation about dumpExtent, dumpElementCount.
Mar 25 2020
"To prevent such errors, either limit copies through truncation or, preferably, ensure that the destination is of sufficient size to hold the character data" - from the rule's page.
Most of the projects are fine truncating by hand because the write happens in somewhat well-bounded strings: IP-addresses, names, numbers... I wanted to make this as practical as possible. Until you are having a null-terminated string without being read, you are most likely fine. Feel free to try this out, probably you would already understand the WarnOnCall option very well.
Mar 24 2020
Mar 23 2020
Thanks for the feedback! Given that it will remain an alpha checker for a long time (~1 year), no one really should use it.
Nice catch, thanks! We have some FIXMEs about MSVC sadly and I was thinking about the same change back in the days.
Mar 17 2020
Mar 13 2020
Mar 12 2020
- Try to invoke TableGen, if that fails the user need to specify the path to it.
- The script actually creates a real world (hidden) checker.
- This checker always made with the build invocation.
- Its test file always made with the build invocation.
- Everything else remain as is.
- (calculated: DummyChecker.cpp (100 lines))
Mar 9 2020
Mar 4 2020
Could you mention how to use this feature in the Summary please?
cd reports scan-build --generate-index-only .
Mar 3 2020
- Make the tags robust and more unique.
Done, thanks! I will eventually document more. "Some day"... jk.
[Achievement unlocked] 3 green marks.
Thanks everyone! I hope the Analyzer developers start to use the wonderful features from Clang-Tidy.
- Set the size properly.
- Add new debug.ExprInspection patterns: region, size, element count.
- clang-format -i ExprInspectionChecker.cpp.
- Having no idea what is the single regression in tests.
Could you add a test please? We really need tests for every patch.