a98358ea13
[analyzer] ObjC message sends to nil receivers that return structs are now okay (compiler zeroes out the data). Fixes <rdar://problem/9151319>.
...
llvm-svn: 143215
2011-10-28 19:05:10 +00:00
0062e74961
Add source-level dominators analysis. Patch by Guoping Long!
...
llvm-svn: 142885
2011-10-25 00:25:24 +00:00
81ce1c8a99
Rename AnalysisContext to AnalysisDeclContext. Not only is this name more accurate, but it frees up the name AnalysisContext for other uses.
...
llvm-svn: 142782
2011-10-24 01:32:45 +00:00
77a0eb20ab
Add test case for analyzer crash reported in <rdar://problem/10308201> (which is already fixed in mainline).
...
llvm-svn: 142606
2011-10-20 19:33:06 +00:00
5450f218a6
Fix the signatures of vfork, __sigsetjmp and sigsetjmp.
...
Patch by Dimitry Andric.
llvm-svn: 142531
2011-10-19 14:50:34 +00:00
9ca5c42582
Update all tests other than Driver/std.cpp to use -std=c++11 rather than
...
-std=c++0x. Patch by Ahmed Charles!
llvm-svn: 141900
2011-10-13 22:29:44 +00:00
2d21ab024e
Add returns_twice to functions that are known to return twice. This implements
...
the same behavior of gcc by keeping the attribute out of the function type.
llvm-svn: 141803
2011-10-12 19:51:18 +00:00
fedf5dfc71
[analyzer] Warn about the use of insecure, deprecated vfork() function PR11053 ( http://llvm.org/bugs/show_bug.cgi?id=11053 ).
...
A patch by Graham Lee!
llvm-svn: 141643
2011-10-11 04:34:54 +00:00
8f34b6999c
[analyzer] Teach the static analyzer about CXXForRangeStmt. Patch by Jim Goodnow II!
...
llvm-svn: 141587
2011-10-10 22:36:31 +00:00
d79719b144
Provide basic static analyzer support for CXXTemporaryObjectExpr. Patch by Jim Goodnow II.
...
llvm-svn: 141433
2011-10-07 22:48:13 +00:00
b7531d622d
[static analyzer] Fix crash in LiveVariables and Environment::getSVal() when analyzing C++ pointer-to-member calls. Fixes <rdar://problem/10243398>.
...
llvm-svn: 141312
2011-10-06 20:53:28 +00:00
f3e3f6645e
Fix major regression in RetainCountChecker. DefaultSummaries were not being used when they were meant to be. Fixes <rdar://problem/10241614>.
...
llvm-svn: 141250
2011-10-05 23:54:29 +00:00
9b0a7cea0f
Make -fobjc-nonfragile-abi the -cc1 default, since it's the
...
increasingly prevailing case to the point that new features
like ARC don't even support the fragile ABI anymore.
This required a little bit of reshuffling with exceptions
because a check was assuming that ObjCNonFragileABI was
only being set in ObjC mode, and that's actually a bit
obnoxious to do.
Most, though, it involved a perl script to translate a ton
of test cases.
Mostly no functionality change for driver users, although
there are corner cases with disabling language-specific
exceptions that we should handle more correctly now.
llvm-svn: 140957
2011-10-02 01:16:38 +00:00
2a14c695eb
Fix LiveVariables analysis bug with MaterializeTemporaryExpr and fix handling in ExprEngine. Fixes <rdar://problem/10201666>.
...
llvm-svn: 140956
2011-10-02 00:54:48 +00:00
79ada929b7
Address PR10616. The crash has already been fixed by Ted in r140725, so just refactor to use existing API + test case.
...
llvm-svn: 140932
2011-10-01 06:35:19 +00:00
525f05597f
Tweak the interface for analyzing the CF conventions for a name
...
to take a FunctionDecl* instead of an llvm::StringRef. Eventually
we might push more logic in there, like using slightly different
conventions for C++ methods.
Also, fix a bug where 'copy' and 'create' were being caught in
non-camel-cased strings. We want copyFoo and CopyFoo and XCopy
but not Xcopy or xcopy.
llvm-svn: 140911
2011-10-01 00:48:56 +00:00
afedc07a9b
Fix crash when analyzing C++ code involving constant enums and switch statements (<rdar://problem/10202899>).
...
llvm-svn: 140844
2011-09-30 03:51:54 +00:00
819b0d8619
[analyzer] Fix a bug in RetainReleaseChecker diagnostics. It gives more precise error message on the modified test case (and prevents duplicate diagnostics when we purge at block granularity).
...
llvm-svn: 140840
2011-09-30 02:19:19 +00:00
8d4c8e1498
[analyzer] Add -analyzer-purge option which can take on multiple values, remove -analyzer-purge=none. (Small refactor as well: move the work of constructing AnalysisManager from the callers to the class itself.)
...
llvm-svn: 140838
2011-09-30 02:03:00 +00:00
0070c6d4db
Fix a crash in MallocOverflowSecurityChecker. Patch by Lei Zhang.
...
llvm-svn: 140648
2011-09-27 22:25:01 +00:00
b9875a984c
[analyzer] Remove target triple from the malloc overflow test.
...
llvm-svn: 140635
2011-09-27 20:41:53 +00:00
15ca5e7a21
[analyzer] Fix a bug where PathDiagnosticLocation did not generate a valid range and add asserts to check validity of locations early on. Ignore invalid ranges in PathDiagnosticPiece (they could be added by checker writers).
...
Addresses radar://10124836 and radar://radar10102244.
llvm-svn: 140218
2011-09-21 00:35:58 +00:00
efd182d992
[analyzer] Refactor: make PathDiagnosticLocation responsible for validation of SourceLocations (commit 5 of ?):
...
- Get rid of PathDiagnosticLocation(SourceRange r,..) constructor by providing a bunch of create methods.
- The PathDiagnosticLocation(SourceLocation L,..), which is used by crate methods, will eventually become private.
- Test difference is in the case when the report starts at the beginning of the function. We used to represent that point as a range of the very first token in the first statement. Now, it's just a single location representing the first character of the first statement.
llvm-svn: 139932
2011-09-16 19:18:30 +00:00
207c68012a
[analyzer] Refactor: make PathDiagnosticLocation responsible for validation of SourceLocations (commit 4 of ?):
...
- The closing brace is always a single location, not a range.
- The test case previously had a location key 57:1 followed by a range [57:1 - 57:1].
llvm-svn: 139832
2011-09-15 20:06:34 +00:00
615e3a69c3
[analyzer] After CFG has been linearized, we can have a situation where an ExpoledNode has an invalid SourceLocation (which has no correspondence in the source code). This commit is the first step to solve this problem.
...
- It adds LocationContext to the PathDiagnosticLocation object and uses it to lookup the enclosing statement with a valid location.
- So far, the LocationContext is only available when the object is constructed from the ExplodedNode.
- Already found some subtle bugs(in plist-output-alternate.m) where the intermediate diagnostic steps were not previously shown.
llvm-svn: 139703
2011-09-14 17:48:01 +00:00
05dda473e6
[analyzer] Simplify the test, use generic/more descriptive names.
...
llvm-svn: 139516
2011-09-12 18:28:35 +00:00
79301b16f3
[analyzer] Fix a failure encountered while analyzing bind (radar://10105448).
...
llvm-svn: 139509
2011-09-12 18:07:30 +00:00
295208d744
[analyzer] Fix a new failure encountered while building Adium exposed as a result of r138196(radar://10087620). ObjectiveC property of type int has a value of type ObjCPropRef, which is a Loc.
...
llvm-svn: 139507
2011-09-12 17:56:08 +00:00
964c186ffe
[analyzer] Test for -analyze-function on ObjectiveC to accompany r139439.
...
llvm-svn: 139506
2011-09-12 17:48:08 +00:00
e007e80fc0
Stop cluttering the test directory with temporary files.
...
llvm-svn: 139114
2011-09-05 07:19:32 +00:00
c49ec53e29
[analyzer] Move the knowledge of whether or not GC is enabled for the current analysis from CFRefCount to ExprEngine.
...
Remove TransferFuncs from ExprEngine and AnalysisConsumer.
Demote RetainReleaseChecker to a regular checker, and give it the name osx.cocoa.RetainCount (class name change coming shortly). Update tests accordingly.
llvm-svn: 138998
2011-09-02 05:55:19 +00:00
bfb8e2fe6e
If size was equal to 0, either NULL or a pointer suitable to be passed to
...
free() is returned by realloc(). Most code expect NULL.
And we only need to transfer one final ProgramState.
llvm-svn: 138937
2011-09-01 04:53:59 +00:00
814adf7752
Fix: Bug 10798 - [analyzer] Crash when analyzing ICU. (A slight improvement on the previous commit.)
...
llvm-svn: 138762
2011-08-29 20:43:37 +00:00
cda129eb1c
Fix bug 10797: Crash: "cast<Ty>() argument of incompatible type!" assert when analyzing ICU.
...
Patch by Jean-Daniel Dupas. Thanks for spotting and fixing!
llvm-svn: 138757
2011-08-29 20:05:54 +00:00
6eb83cfacd
[analyzer] Add test case for handling of __bridge_transfer that previously resulted in a 'stack address' warning (that was fixed in r138616). Fixes <rdar://problem/10018376>.
...
llvm-svn: 138710
2011-08-27 21:15:48 +00:00
0e9cdbbb06
Handle CXXTempObjectRegion in StackAddrEscapeChecker.
...
Also convert stack-addr-ps.cpp to use the analyzer instead of just Sema, now
that it doesn't crash, and extract the stack-block test into another file since
it errors, and that prevents the analyzer from running.
llvm-svn: 138613
2011-08-26 00:41:31 +00:00
be460898bb
[analyzer] MacOSKeychainAPIChecker: Provide reacher diagnostic trace by pointing to the allocation site when reporting a leak.
...
llvm-svn: 138479
2011-08-24 20:52:46 +00:00
0897a23517
[analyzer] MacOSKeychainAPIChecker: Add reasoning about functions which MIGHT deallocate the memory region allocated with SecKeychain APIs. Specifically, when the buffer is passed to CFStringCreateWithBytesNoCopy along with a custom deallocator, which might potentially correctly release the memory.
...
llvm-svn: 138417
2011-08-24 00:06:27 +00:00
ee9848e20d
Fix regression in -Wuninitialized involving VLAs. It turns out that we were modeling sizeof(VLAs)
...
incorrectly in the CFG, and also the static analyzer. This patch regresses the analyzer a bit, but
that needs to be followed up with a better solution.
Fixes <rdar://problem/10008112>.
llvm-svn: 138372
2011-08-23 20:30:50 +00:00
bd7972b49e
[analyzer] MacOSKeychainAPIChecker: Users of KeyChain API often use free() to deallocate the password. Catch this error explicitly and generate the error message at the place where free() is called.
...
llvm-svn: 138296
2011-08-22 23:18:12 +00:00
5a3c9ff3a3
[analyzer] Move handling of hardcoded noreturn ("panic") methods from CFRefCount to NoReturnFunctionChecker. No functionality change intended.
...
llvm-svn: 138210
2011-08-20 20:55:40 +00:00
3c06d7f442
Add a test for checking that custom diagnostic visitors are working.
...
llvm-svn: 137970
2011-08-18 19:02:46 +00:00
e1962328f5
[analyzer] teach ExprEngine about loads from static C++ class fields. Fixes <rdar://problem/9948787>.
...
llvm-svn: 137760
2011-08-16 21:37:52 +00:00
a06421a02c
MacOSKeychainAPIChecker: Turn it on by default.
...
llvm-svn: 137740
2011-08-16 20:02:05 +00:00
01ae1e1197
MacOSKeychainAPIChecker: Do not report double allocation if first allocation returned an error.
...
llvm-svn: 137720
2011-08-16 16:30:24 +00:00
80319c1702
MacOSKeychainAPIChecker: Test all APIs.
...
llvm-svn: 137549
2011-08-13 02:10:15 +00:00
59d741fec6
MacOSKeychainAPIChecker: If the allocated data address entered as an enclosing function parameter, skip it to avoid false positives.
...
llvm-svn: 137526
2011-08-12 22:47:22 +00:00
fdd0aca0a5
MacOSKeychainAPIChecker:
...
Report errors earlier: on checkDeadSymbols() and clear the state after the symbol we are tracking goes out of scope.
Also, perform lazy error checking. Instead of forcing the paths to be split depending one the return value of the allocator, make the return symbol depend on the allocated data symbol, which prolongs its life span to the time when the allocated data symbol becomes dead.
llvm-svn: 137523
2011-08-12 21:56:43 +00:00
9f8a02d34e
De-Unicode-ify.
...
llvm-svn: 137430
2011-08-12 05:49:51 +00:00
7765dda06a
[analyzer] add more buffer overflow tests to show we handle sizeof(VLA) in obstruse ways...
...
llvm-svn: 137007
2011-08-06 00:34:48 +00:00
Ted Kremenek