const theme &get_theme () const { return m_theme; }
private:
- /* Figure out all of the boundaries of interest when visualizing ths op. */
+ /* Figure out all of the boundaries of interest when visualizing the op. */
std::unique_ptr<boundaries>
find_boundaries () const
{
static tree
fixup_tree_for_diagnostic_1 (tree expr, hash_set<tree> *visited);
-/* Attemp to generate a tree for the LHS of ASSIGN_STMT.
+/* Attempt to generate a tree for the LHS of ASSIGN_STMT.
VISITED must be non-NULL; it is used to ensure termination. */
static tree
/* Generate a JSON value for EVENT_ID.
This is intended for debugging the analyzer rather than serialization and
- thus is a string matching those seen in event messags (or null,
+ thus is a string matching those seen in event messages (or null,
for unknown). */
std::unique_ptr<json::value>
bit_range m_out_of_bounds_bits;
};
-/* Abstract subclass to complaing about concrete out-of-bounds
+/* Abstract subclass to complain about concrete out-of-bounds
past the end of the buffer. */
class concrete_past_the_end : public concrete_out_of_bounds
&& iter_binop->get_type ())
if (iter_binop->get_arg1 ()->get_kind () == SK_CONSTANT)
{
- /* Try evalating EC_SVAL with LHS
+ /* Try evaluating EC_SVAL with LHS
as the value of EC_SVAL's lhs, and see if it's
consistent with existing knowledge. */
const svalue *subst_bin_op
/* Handle interactions between the dedupe winners, so that some
diagnostics can supercede others (of different kinds).
- We want use-after-free to supercede use-of-unitialized-value,
+ We want use-after-free to supercede use-of-uninitialized-value,
so that if we have these at the same stmt, we don't emit
a use-of-uninitialized, just the use-after-free. */
is disabled and will prune the diagnostic of all events within a
system header, only keeping the entry and exit events to the header.
This should be called after diagnostic_manager::prune_interproc_events
- so that sucessive events [system header call, system header return]
+ so that successive events [system header call, system header return]
are preserved thereafter.
Given a diagnostics path diving into a system header in the form
return nullptr;
}
-/* Given THROWN_ENODE, which expreses a throw or rethrow occurring at
+/* Given THROWN_ENODE, which expresses a throw or rethrow occurring at
THROW_STMT, unwind intraprocedurally and interprocedurally to find
the next eh_dispatch statement to handle exceptions, if any.
return false;
if (logger)
- logger->log ("got run of %i bulk-mergable enodes going to SN: %i",
+ logger->log ("got run of %i bulk-mergeable enodes going to SN: %i",
enodes.length (), dst_snode->m_id);
/* All of these enodes have a shared intraprocedural successor point
The early inliner runs before the analyzer, which can lead to confusing
output.
- Tne base fndecl and depth within a checker_event are from call strings
+ The base fndecl and depth within a checker_event are from call strings
in program_points, which reflect the call strings after inlining.
This class lets us offset the depth and fix up the reported fndecl and
stack depth to better reflect the user's original code. */
call_and_return_op::execute (operation_context &op_ctxt) const
{
/* Can we turn this into an interprocedural call, and execute within
- the called fuction? */
+ the called function? */
const program_state &old_state = op_ctxt.get_initial_state ();
program_state dst_state (old_state);
op_region_model_context ctxt (op_ctxt, dst_state);
}
/* Precision-of-wording vfunc for describing an interprocedural call
- carrying critial state for the diagnostic, from caller to callee.
+ carrying critical state for the diagnostic, from caller to callee.
For example a double-free diagnostic might use:
- "passing freed pointer 'ptr' in call to 'deallocator' from 'test'"
}
/* Precision-of-wording vfunc for describing an interprocedural return
- within the diagnostic path that carries critial state for the
+ within the diagnostic path that carries critical state for the
diagnostic, from callee back to caller.
For example, a deref-of-unchecked-malloc diagnostic might use:
Specifically, we want to:
(a) mark asm outputs and certain other regions as having been written to,
- to avoid false postives from -Wanalyzer-use-of-uninitialized-value.
+ to avoid false positives from -Wanalyzer-use-of-uninitialized-value.
(b) identify some of these stmts as "deterministic" so that we can
write consistent outputs given consistent inputs, so that we can
}
/* Check CALL a call to external function CALLEE_FNDECL for any uses
- of __attribute__ ((null_terminated_string_arg)), compaining
+ of __attribute__ ((null_terminated_string_arg)), complaining
to CTXT about any issues.
Use RDWR_IDX for tracking uses of __attribute__ ((access, ....). */
{
case POINTER_PLUS_EXPR:
{
- /* If we have a symbolic value expressing pointer arithmentic,
+ /* If we have a symbolic value expressing pointer arithmetic,
try to convert it to a suitable region. */
const region *parent_region
= deref_rvalue (binop_sval->get_arg0 (), NULL_TREE, ctxt);
Complain and return nullptr if:
- the buffer pointed to isn't null-terminated
- - the buffer pointed to has any uninitalized bytes before any 0-terminator
+ - the buffer pointed to has any uninitialized bytes before any 0-terminator
- any of the reads aren't within the bounds of the underlying base region
Otherwise, return a svalue for strlen of the buffer (*not* including
Complain and return nullptr if:
- the buffer pointed to isn't null-terminated
- - the buffer pointed to has any uninitalized bytes before any 0-terminator
+ - the buffer pointed to has any uninitialized bytes before any 0-terminator
- any of the reads aren't within the bounds of the underlying base region
Otherwise, return a svalue. This will be the number of bytes read
void visit_constant_svalue (const constant_svalue *sval) final override
{
/* At the point the analyzer runs, constant integer operands in a floating
- point expression are already implictly converted to floating-points.
+ point expression are already implicitly converted to floating-points.
Thus, we do prefer to report non-constants such that the diagnostic
always reports a floating-point operand. */
tree type = sval->get_type ();
{
if (m_ext_state)
{
- /* Reject merging svalues that have non-purgable sm-state,
+ /* Reject merging svalues that have non-purgeable sm-state,
to avoid falsely reporting memory leaks by merging them
with something else. For example, given a local var "p",
reject the merger of a:
/* Assert that if we have two region_model instances
with values VAL_A and VAL_B for EXPR that they are
- mergable. Write the merged model to *OUT_MERGED_MODEL,
+ mergeable. Write the merged model to *OUT_MERGED_MODEL,
and the merged svalue ptr to *OUT_MERGED_SVALUE.
If VAL_A or VAL_B are nullptr_TREE, don't populate EXPR
for that region_model. */
m_parent->accept (v);
}
-/* Return true if this is a symbolic region for deferencing an
+/* Return true if this is a symbolic region for dereferencing an
unknown ptr.
We shouldn't attempt to bind values for this region (but
can unbind values for other regions). */
/* Decorate the return value from setjmp as being unmergeable,
so that we don't attempt to merge states with it as zero
with states in which it's nonzero, leading to a clean distinction
- in the exploded_graph betweeen the first return and the second
+ in the exploded_graph between the first return and the second
return. */
fake_retval_sval = m_mgr->get_or_create_unmergeable (fake_retval_sval);
/* A bound socket after a successful call to "listen" (stream or unknown). */
state_t m_listening_stream_socket;
- /* (i) the new FD as a result of a succesful call to "accept" on a
+ /* (i) the new FD as a result of a successful call to "accept" on a
listening socket (via a passive open), or
(ii) an active socket after a successful call to "connect"
(via an active open). */
/* Implementation of pending_diagnostic::supercedes_p for
null-deref.
- We want null-deref to supercede use-of-unitialized-value,
+ We want null-deref to supercede use-of-uninitialized-value,
so that if we have these at the same stmt, we don't emit
a use-of-uninitialized, just the null-deref. */
/* Implementation of pending_diagnostic::supercedes_p for
use_after_free.
- We want use-after-free to supercede use-of-unitialized-value,
+ We want use-after-free to supercede use-of-uninitialized-value,
so that if we have these at the same stmt, we don't emit
a use-of-uninitialized, just the use-after-free.
(this is because we fully purge information about freed
return false;
}
- /* Reject the warning if the check occurs within a macro defintion.
+ /* Reject the warning if the check occurs within a macro definition.
This avoids false positives for such code as:
#define throw_error \
diagnostic. */
return expansion_point_location_if_in_system_header (loc);
else if (in_system_header_at (loc))
- /* For events, we want to show the implemenation of the assert
+ /* For events, we want to show the implementation of the assert
macro when we're describing them. */
return linemap_resolve_location (line_table, loc,
LRK_SPELLING_LOCATION,
Add it to result_map, offsetting accordingly. */
result_map.insert (subrange, sval);
- /* Clobber default_map, removing/trimming/spliting where
+ /* Clobber default_map, removing/trimming/splitting where
it overlaps with offset_concrete_key. */
default_map.remove_overlapping_bindings (mgr, subrange);
}
result_map.insert (reg_subrange, overlap_sval);
- /* Clobber default_map, removing/trimming/spliting where
+ /* Clobber default_map, removing/trimming/splitting where
it overlaps with overlap_concrete_key. */
default_map.remove_overlapping_bindings (mgr, reg_subrange);
}
= mgr->get_svalue_manager ()->get_or_create_unknown_svalue (type);
/* ...but reject the merger if this sval shouldn't be mergeable
- (e.g. reject merging svalues that have non-purgable sm-state,
+ (e.g. reject merging svalues that have non-purgeable sm-state,
to avoid falsely reporting memory leaks by merging them
with something else). */
if (!bound_sval->can_merge_p (unknown_sval, sval_mgr, merger))
if (summary.m_called_unknown_fn)
{
/* A call to an external function occurred in the summary.
- Hence we need to invalidate our knownledge of globals,
+ Hence we need to invalidate our knowledge of globals,
escaped regions, etc. */
on_unknown_fncall (r.get_call_stmt (),
r.get_store_manager (),
return nullptr;
}
- /* Reject merging svalues that have non-purgable sm-state,
+ /* Reject merging svalues that have non-purgeable sm-state,
to avoid falsely reporting memory leaks by merging them
with something else. */
if (!merger->mergeable_svalue_p (this))
case LT_EXPR:
{
/* [BASE, +INF) OP RHS:
- This is either true or false at +ve ininity,
+ This is either true or false at +ve infinity,
It can be true for points X where X OP RHS, so we have either
"false", or "unknown". */
tree base_op_rhs = fold_binary (op, boolean_type_node,
projects / thirdparty / gcc.git / commitdiff
