Commit Graph

1340 Commits

Author SHA1 Message Date
Ted Kremenek 0ee2913215 Fix 80 col violation.
llvm-svn: 74877
2009-07-06 22:59:23 +00:00
Ted Kremenek 309d3c6db0 Restructure NewCastRegion to use a switch statement that dispatches off the
region type. This better shows the logic of the method and allows the compiler
to check if we didn't handle a specific region kind.

llvm-svn: 74876
2009-07-06 22:56:37 +00:00
Ted Kremenek f45778f425 Fix 80 col violation.
llvm-svn: 74875
2009-07-06 22:40:36 +00:00
Ted Kremenek bb5a62d46e NewCastRegion: Handle casts to any Objective-C pointer, not just qualified ids.
llvm-svn: 74874
2009-07-06 22:39:40 +00:00
Ted Kremenek 83b5ccbecf Implement FIXME.
llvm-svn: 74872
2009-07-06 22:34:50 +00:00
Ted Kremenek c5ab3a0eab StoreManager::NewCastRegion:
- Refactor logic that creates ElementRegions into a help method 'MakeElementRegion'.
- Fix crash due to not handling StringRegions.  Casts of StringRegions now
  result in a new ElementRegion layered on the original StringRegion.

llvm-svn: 74867
2009-07-06 22:23:45 +00:00
Ted Kremenek eea8c29aa3 Make 'BasicStoreManager' + 'NewCastRegion' testable from the command line using '-analyzer-store=basic-new-cast'.
llvm-svn: 74865
2009-07-06 21:58:46 +00:00
Ted Kremenek 9848b557c8 NewCastRegion:
- Have test for 'CodeTextRegion' dominate other region tests.
- Use 'getAsRecordType' instead of isa<RecordType>

llvm-svn: 74853
2009-07-06 21:01:16 +00:00
Ted Kremenek 3ad4b3bca3 Fix loop so that 'continue' statements actually cause the loop to iterate.
llvm-svn: 74852
2009-07-06 20:53:52 +00:00
Ted Kremenek 9e010e11c3 Move the new 'CastRegion' implementation from RegionStoreManager to StoreManager
(its superclass). This will allow us to experiment with using the new CastRegion
with BasicStoreManager, and gradually phase out the old implementation.

llvm-svn: 74851
2009-07-06 20:21:51 +00:00
Ted Kremenek 0578e43862 Fix <rdar://problem/7033733>. The CF_RETURNS_RETAINED attribute should work if the return type on an Objective-C method is a CF type reference, not just an Objective-C object reference.
llvm-svn: 74841
2009-07-06 18:30:43 +00:00
Zhongxing Xu e1a3ace8ab Further cleanup of region invalidation code. No functionality change.
llvm-svn: 74816
2009-07-06 06:01:24 +00:00
Zhongxing Xu 1fb1cf4e26 Start to gradually move region invalidation code into store manager.
No functionality change. 

llvm-svn: 74812
2009-07-06 03:41:27 +00:00
Zhongxing Xu 61e6692993 remove utility methods that are not very useful.
llvm-svn: 74762
2009-07-03 06:11:41 +00:00
Ted Kremenek 194f46a11a Remove unused method.
llvm-svn: 74751
2009-07-03 00:41:09 +00:00
Ted Kremenek 24c8513022 BasicStoreManager: Use SymbolManager::canSymbolicate() to determine if a variable can be symbolicated.
llvm-svn: 74750
2009-07-03 00:36:16 +00:00
Ted Kremenek 06cc0e31b2 Replace guarded calls in RegionStoreManager to
ValueManager::getRegionValueSymbolVal() with unguarded calls to
ValueManager::getRegionValueSymbolValOrUnknown(). This changes centralizes the
decision of what values to symbolicate in SymbolManager rather than having it
scatter in RegionStoreManager.

llvm-svn: 74730
2009-07-02 22:16:42 +00:00
Ted Kremenek 725b4a3a51 Enhance RegionStore to lazily symbolicate fields and array elements for
structures passed-by-value as function arguments.

llvm-svn: 74729
2009-07-02 22:02:15 +00:00
Ted Kremenek df67d426d9 StoreManagers: Use 'hasGlobalsStorage()' and 'hasParametersStorage()' instead of
directly consulting if a VarDecl is an implicit or actual parameter, a global,
etc.

llvm-svn: 74716
2009-07-02 18:25:09 +00:00
Ted Kremenek 7e4a9a02c3 Add a separate MemSpaceRegion for function/method arguments passed on the stack.
This will simplify the logic of StoreManagers that want to specially reason
about the values of parameters.

llvm-svn: 74715
2009-07-02 18:14:59 +00:00
Ted Kremenek df15d29f17 Remove commented methods. Add MemRegion::printStdErr().
llvm-svn: 74709
2009-07-02 17:24:10 +00:00
Ted Kremenek 873db25879 Minor code cleanup: pull variables into scope of 'if' statement, limiting their
actual lifetime to their logical lifetime.

llvm-svn: 74665
2009-07-01 23:30:34 +00:00
Ted Kremenek 55e07efeed Add a FIXME to RegionStore, do some minor code cleanup, and get RegionStore to
pass misc-ps.m. Currently RegionStore/BasicStore don't do any special reasoning
about clang-style vectors, so we should return UnknownVal (in all cases) when
accessing their values via an array.

llvm-svn: 74660
2009-07-01 23:19:52 +00:00
Zhongxing Xu b4ce4fc4ee add fixme.
llvm-svn: 74581
2009-07-01 02:12:57 +00:00
Ted Kremenek aff66a8a19 Update old CastRegion logic to not assume that ElementRegion's super region is a
TypedRegion. While we plan on removing this code at some point, it serves as a
good reference implementation for use with BasicStore until we are sure the new
CastRegion logic (in RegionStore.cpp) is correct.

llvm-svn: 74559
2009-06-30 22:31:23 +00:00
Ted Kremenek 8fd187986d Combine two conditional branches into one. No functionality change.
llvm-svn: 74552
2009-06-30 20:24:11 +00:00
Zhongxing Xu 703db197e3 Instead of r74522, use another approach to fix xfail_regionstore_wine_crash.c.
Mark the super region of the binding of block level expr in the Environment
as live.

llvm-svn: 74525
2009-06-30 13:00:53 +00:00
Zhongxing Xu e205d43c75 When retrieving element region, if its super region has binding, return
unknown for it.

Mark the super region of a live region as live, if the live region is pointed
to by a live pointer variable.

These fixes xfail_regionstore_wine_crash.c.

llvm-svn: 74524
2009-06-30 12:32:59 +00:00
Zhongxing Xu d29e74e658 Block level expr should be visited. Otherwise variables in init expr of
DeclStmt would be dead before the DeclStmt.
For example:
int x = 0;
int y = x;
'x' would be dead before 'int y = x'.

llvm-svn: 74522
2009-06-30 12:11:58 +00:00
Zhongxing Xu d0a246fd08 add utility method.
llvm-svn: 74521
2009-06-30 11:52:40 +00:00
Zhongxing Xu 5df79c6642 remove dead code.
llvm-svn: 74517
2009-06-30 07:50:26 +00:00
Zhongxing Xu 6377a98774 We do not require the super region of element region be typed. So do not
create TypedViewRegion for it.

llvm-svn: 74516
2009-06-30 07:41:27 +00:00
Argyrios Kyrtzidis cfbfe78e9e De-ASTContext-ify DeclContext.
Remove ASTContext parameter from DeclContext's methods. This change cascaded down to other Decl's methods and changes to call sites started "escalating".
Timings using pre-tokenized "cocoa.h" showed only a ~1% increase in time run between and after this commit.

llvm-svn: 74506
2009-06-30 02:36:12 +00:00
Argyrios Kyrtzidis ddcd132a5b Remove the ASTContext parameter from the getBody() methods of Decl and subclasses.
Timings showed no significant difference before and after the commit.

llvm-svn: 74504
2009-06-30 02:35:26 +00:00
Argyrios Kyrtzidis b4b64ca752 Remove the ASTContext parameter from the attribute-related methods of Decl.
The implementations of these methods can Use Decl::getASTContext() to get the ASTContext.

This commit touches a lot of files since call sites for these methods are everywhere.
I used pre-tokenized "carbon.h" and "cocoa.h" headers to do some timings, and there was no real time difference between before the commit and after it.

llvm-svn: 74501
2009-06-30 02:34:44 +00:00
Chris Lattner c61089a6c2 Key decisions about 'bool' vs '_Bool' to be based on a new flag in langoptions.
This is simple enough, but then I thought it would be nice to make PrintingPolicy
get a LangOptions so that various things can key off "bool" and "C++" independently.
This spiraled out of control.  There are many fixme's, but I think things are slightly
better than they were before.

One thing that can be improved: CFG should probably have an ASTContext pointer in it,
which would simplify its clients.

llvm-svn: 74493
2009-06-30 01:26:17 +00:00
Zhongxing Xu 4744d560b8 Invalidate the alloca region by setting its default value to conjured symbol.
llvm-svn: 74419
2009-06-29 06:43:40 +00:00
Zhongxing Xu 0628f539a8 Adjust retrieve handler priority. If a field is of array type, it should be
handled by RetrieveArray().

llvm-svn: 74409
2009-06-28 14:16:39 +00:00
Zhongxing Xu 6f610707cf Invalidate a field of struct type by setting its default value to conjured
symbol.

llvm-svn: 74408
2009-06-28 13:59:24 +00:00
Zhongxing Xu d260db1238 Do not crash on binding concrete integer location.
llvm-svn: 74407
2009-06-28 10:16:11 +00:00
Zhongxing Xu f7a6de3a12 Simplify some code. As in region store, we always expect the location is a
memregion.

llvm-svn: 74406
2009-06-28 09:26:15 +00:00
Ted Kremenek 8e5f6951eb Remove the last 'GetXXX' methods from GRStateManager.
llvm-svn: 74361
2009-06-27 00:24:54 +00:00
Ted Kremenek bb597cdfc2 Remove '#include <sstream>' from libAnalysis.
llvm-svn: 74245
2009-06-26 00:43:22 +00:00
Ted Kremenek af1ac826f6 Update method signature.
llvm-svn: 74244
2009-06-26 00:41:43 +00:00
Ted Kremenek 18e1caa6bf Unbreak build.
llvm-svn: 74238
2009-06-26 00:25:05 +00:00
Ted Kremenek 4ac764d72e Remove orphaned header file.
llvm-svn: 74231
2009-06-26 00:08:20 +00:00
Ted Kremenek 1642bdaaa5 Introduce a new concept to the static analyzer: SValuator.
GRTransferFuncs had the conflated role of both constructing SVals (symbolic
expressions) as well as handling checker-specific logic. Now SValuator has the
role of constructing SVals from expressions and GRTransferFuncs just handles
checker-specific logic. The motivation is by separating these two concepts we
will be able to much more easily create richer constraint-generating logic
without coupling it to the main checker transfer function logic.

We now have one implementation of SValuator: SimpleSValuator.

SimpleSValuator is essentially the SVal-related logic that was in GRSimpleVals
(which is removed in this patch). This includes the logic for EvalBinOp,
EvalCast, etc. Because SValuator has a narrower role than the old
GRTransferFuncs, the interfaces are much simpler, and so is the implementation
of SimpleSValuator compared to GRSimpleVals. I also did a line-by-line review of
SVal-related logic in GRSimpleVals and cleaned it up while moving it over to
SimpleSValuator.

As a consequence of removing GRSimpleVals, there is no longer a
'-checker-simple' option. The '-checker-cfref' did everything that option did
but also ran the retain/release checker. Of course a user may not always wish to
run the retain/release checker, nor do we wish core analysis logic buried in the
checker-specific logic. The next step is to refactor the logic in CFRefCount.cpp
to separate out these pieces into the core analysis engine.

llvm-svn: 74229
2009-06-26 00:05:51 +00:00
Ted Kremenek 9ffbd9fb64 Remove declaration for unused and unimplemented static method.
llvm-svn: 74182
2009-06-25 17:25:49 +00:00
Zhongxing Xu c53b444d36 remove RegionKills GDM. Now UnknownVal is bound to regions explicitly.
llvm-svn: 74168
2009-06-25 05:52:16 +00:00
Zhongxing Xu 2d16073b50 Move element region retrieving logic into a separate function.
llvm-svn: 74166
2009-06-25 05:29:39 +00:00
Zhongxing Xu e67ea5c784 Move all logic for retrieving ElementRegion binding into a separate method.
Revert to setting default value approach for handling struct initialization.

llvm-svn: 74160
2009-06-25 04:50:44 +00:00
Ted Kremenek 799bb6e178 Remove uses of std::ostream from libAnalysis.
llvm-svn: 74136
2009-06-24 23:06:47 +00:00
Ted Kremenek 2c6a7b2776 Remove GRStateManager::GetSValAsScalarOrLoc()/GetSVal().
llvm-svn: 74128
2009-06-24 22:15:30 +00:00
Owen Anderson 4d9e93c420 Update for LLVM API changes.
llvm-svn: 74085
2009-06-24 17:37:55 +00:00
Zhongxing Xu 33420090ae use a concrete type instead of a trait type to make code more readable.
llvm-svn: 74047
2009-06-24 01:12:41 +00:00
Zhongxing Xu 9ef415edf2 RegionStore: revert to the default value approach for array initialization.
llvm-svn: 74043
2009-06-24 00:56:31 +00:00
Ted Kremenek 8cf2021012 Remove GRStateManager::getRegion/getSelfRegion().
llvm-svn: 74006
2009-06-23 21:37:46 +00:00
Ted Kremenek 7df5691d2d Remove GRStateManager::BindLoc() and GRStateManager::Unbind().
llvm-svn: 73996
2009-06-23 20:38:51 +00:00
Ted Kremenek 59ee3f5079 Remove GRStateManager::BindDecl() and GRStateManager::BindDeclWithInit().
llvm-svn: 73995
2009-06-23 20:27:53 +00:00
Ted Kremenek 2d99f97c17 - Add MemRegion::getMemorySpace()
- Change implementation of MemRegion::hasStackStorage()/hasHeapStorage() to use
  'getMemorySpace()'.  This avoids a double traversal up the region hierarchy
  and is simpler.
- Add MemRegion::hasHeapOrStackStorage() as a slightly more efficient
  alternative to 'hasStackStorage() || hasHeapStorage()'.

llvm-svn: 73977
2009-06-23 18:17:08 +00:00
Ted Kremenek 404b132dc0 Move 'hasStackStorage()' and 'hasHeapStorage()' from MemRegionManager to MemRegion.
llvm-svn: 73973
2009-06-23 18:05:21 +00:00
Ted Kremenek ae01dc73af API cleanup: move more methods from GRStateManager to GRState.
llvm-svn: 73968
2009-06-23 17:55:07 +00:00
Ted Kremenek d363f44c69 Update CMake file.
llvm-svn: 73958
2009-06-23 16:54:53 +00:00
Zhongxing Xu 7718ae4701 Move all factory methods from SVal to ValueManager. API cleanup!
llvm-svn: 73954
2009-06-23 09:02:15 +00:00
Zhongxing Xu 0808f70912 Split ValueManager method definitions into its own source file.
No functionality change.

llvm-svn: 73952
2009-06-23 06:22:22 +00:00
Zhongxing Xu d09b5205ef ValueManager::makeNonLoc -> ValueManager::makeIntVal
Clean up code with ValueManager.

llvm-svn: 73951
2009-06-23 06:13:19 +00:00
Zhongxing Xu 0442e962d9 If the init list is fewer than the struct fields, bind the rest fields to 0
explicitly. Make 0 value with the field type.

llvm-svn: 73949
2009-06-23 05:43:16 +00:00
Zhongxing Xu b7cf95957d Instead of setting the default value of the array region, bind the rest of the
array elements to 0 explicitly. Create 0 values with the element type.

llvm-svn: 73946
2009-06-23 05:23:38 +00:00
Zhongxing Xu cbfc7d6c2e MemRegionManager: Migrate logic for getCodeTextRegion() over to using
trait-based MemRegion creation.

llvm-svn: 73941
2009-06-23 03:50:30 +00:00
Zhongxing Xu 1a195b264f Remove duplicated methods.
llvm-svn: 73940
2009-06-23 02:51:21 +00:00
Zhongxing Xu 74fa0bc3de add a fixme.
llvm-svn: 73939
2009-06-23 02:08:56 +00:00
Ted Kremenek fb87e30815 MemRegions:
- Embed a reference to MemRegionManager objects in MemSpaceRegion objects
- Use this embedded reference for MemRegion objects to access ASTContext objects without external help
- Use this access to ASTContext to simplify 'isBoundable' (no ASTContext& argument required)

llvm-svn: 73935
2009-06-23 00:46:41 +00:00
Ted Kremenek 8bae300ade MemRegionManager: Migrate logic for getAllocaRegion() over to using trait-based MemRegion creation.
llvm-svn: 73927
2009-06-23 00:15:41 +00:00
Ted Kremenek 2266640a7a MemRegionManager: Migrate getObjCObjectRegion() and getTypedViewRegion() to use
the new trait-based construction of MemRegion objects.

llvm-svn: 73926
2009-06-23 00:04:09 +00:00
Ted Kremenek 214cdfea84 Migrate factory methods for FieldRegion and ObjCIVarRegion creation to use the
new generalized region-construction code.

llvm-svn: 73921
2009-06-22 23:34:21 +00:00
Ted Kremenek e5e8b0b09b Refactor some of the logic in MemRegionManager for constructing regions using
member template functions and traits. The idea is to allow MemRegionManager to
construct subclasses of MemRegion that aren't declared in MemRegion.h (e.g.,
checker-specific regions).

llvm-svn: 73917
2009-06-22 23:13:13 +00:00
Zhongxing Xu 8077d7eb15 Allow CodeTextRegion to be cast to 'void *'.
llvm-svn: 73880
2009-06-22 08:36:10 +00:00
Zhongxing Xu 540c009fbe Return UnknownVal for pointer arithmetic on struct fields.
llvm-svn: 73851
2009-06-21 13:24:24 +00:00
Ted Kremenek c55f0cdaa0 Remove more GetSVal/GetLValue methods in GRExprEngine/GRState, instead
preferring to use their replacements in GRState. This further unifies the code
paths for such logic and leads to some code reduction.

llvm-svn: 73771
2009-06-19 17:10:32 +00:00
Zhongxing Xu 54fb536b5c A further step of r73690: associate the cast-to type with the created symbol,
because the type of the symbol is used to create the default range. We need the
sign to be consistent.

llvm-svn: 73756
2009-06-19 06:00:32 +00:00
Zhongxing Xu cc45762253 If the SymbolicRegion was cast to another type, use that type to create the
ElementRegion.

llvm-svn: 73754
2009-06-19 04:51:14 +00:00
Ted Kremenek 095f1a9848 Move clients over from using GRStateManager::BindXXX and friends to
GRState->bindXXX and friends (and constify some arguments along the way).

llvm-svn: 73740
2009-06-18 23:58:37 +00:00
Ted Kremenek 4c6a367182 Remove GRStateManager& field from SimpleConstraintManager.
llvm-svn: 73735
2009-06-18 23:20:05 +00:00
Ted Kremenek f9906843b7 libAnalysis:
- Remove the 'isFeasible' flag from all uses of 'Assume'.
- Remove the 'Assume' methods from GRStateManager.  Now the only way to
  create a new GRState with an assumption is to use the new 'assume' methods
  in GRState.

llvm-svn: 73731
2009-06-18 22:57:13 +00:00
Douglas Gregor 78bd61f661 Move the static DeclAttrs map into ASTContext. Fixes <rdar://problem/6983177>.
llvm-svn: 73702
2009-06-18 16:11:24 +00:00
Zhongxing Xu cea6578078 When casting region, if we do not create an element region, record the cast-to
type. 

When retrieving the region value, if we are going to create a symbol value, use
the cast-to type if possible.

llvm-svn: 73690
2009-06-18 06:29:10 +00:00
Ted Kremenek 6a667ab710 Remove GRStateRef.
llvm-svn: 73670
2009-06-18 01:33:24 +00:00
Ted Kremenek d93c6e3fd6 Remove more dependencies on GRStateRef. As a consequence, we can now
pretty-print a GRState object anywhere it is referenced (instead of
needing a GRStateRef of a GRStateManager handy).

llvm-svn: 73669
2009-06-18 01:23:53 +00:00
Ted Kremenek 89a303caac Remove another dependency on GRStateRef.
llvm-svn: 73667
2009-06-18 00:49:02 +00:00
Steve Naroff fb4330f255 First step toward fixing <rdar://problem/6613046> refactor clang objc type representation.
Add a type (ObjCObjectPointerType) and remove a type (ObjCQualifiedIdType).

This large/tedious patch is just a first step. Next step is to remove ObjCQualifiedInterfaceType. After that, I will remove the magic TypedefType for 'id' (installed by Sema). This work will enable various simplifications throughout clang (when dealing with ObjC types). 

No functionality change.

llvm-svn: 73649
2009-06-17 22:40:22 +00:00
Ted Kremenek b35e2caab5 Remove more uses of GRStateRef.
llvm-svn: 73648
2009-06-17 22:28:13 +00:00
Ted Kremenek 609df30929 Start moving in the direction of removing GRStateRef. Now each
GRState object has a direct reference to its GRStateManager, making
the functionality of GRStateRef redunandant.  This will lead to some
nice API cleanup and code shrinking across libAnalysis.

llvm-svn: 73644
2009-06-17 22:02:04 +00:00
Ted Kremenek 4533a55696 RegionStoreManager:
- Add "sections" to RegionStoreManager.cpp to delineate functionality.
- Add new function "CreateFieldsOnlyRegionStoreManager" that uses the new
  RegionStoreFeatures class to use a reduced set of features from
  RegionStoreManager (in this case, only field-sensitivity). This isn't
  completely hooked up yet.

llvm-svn: 73572
2009-06-16 22:36:44 +00:00
Zhongxing Xu 838a0db0ba Use canonical type for building ElementRegion. Otherwise ElementRegions cannot
be unique.

llvm-svn: 73482
2009-06-16 09:55:50 +00:00
Zhongxing Xu e531f048f8 Do not invalidate unboundable regions in GRSimpleVals::EvalCall().
llvm-svn: 73474
2009-06-16 06:18:21 +00:00
Ted Kremenek 96aa146d90 Fix: <rdar://problem/6945561> -[CIContext createCGLayerWithSize:info:] misinterpreted by clang scan-build
llvm-svn: 73415
2009-06-15 20:58:58 +00:00
Ted Kremenek 3092e9c5c2 Fix: <rdar://problem/6961230> add knowledge of IOKit functions to retain/release checker
llvm-svn: 73411
2009-06-15 20:36:07 +00:00
Chris Lattner 15ba94987a Sink the BuiltinInfo object from ASTContext into the
preprocessor and initialize it early in clang-cc.  This
ensures that __has_builtin works in all modes, not just
when ASTContext is around.

llvm-svn: 73319
2009-06-14 01:54:56 +00:00
Zhongxing Xu 70b27e6f8b Stop tracking non-compound value for struct. It may be caused by imprecise cast
logic.

llvm-svn: 73279
2009-06-13 01:31:11 +00:00
Zhongxing Xu 2693c504c2 use getAsPointerType() method.
llvm-svn: 73218
2009-06-12 03:59:12 +00:00
Ted Kremenek ea675cf6a3 Add summary lookup for IOServiceGetMatchingService.
Convert tabs to spaces.

llvm-svn: 73198
2009-06-11 18:17:24 +00:00
Ted Kremenek a74ead4103 Refactor some function name -> summary lookup using a switch statement.
llvm-svn: 73197
2009-06-11 18:10:48 +00:00
Zhongxing Xu 519a47d4bd Bind the mistakenly generated nonloc::SymbolVal to struct correctly. See the
comments for added test case for details.

llvm-svn: 73189
2009-06-11 09:11:27 +00:00
Zhongxing Xu d85a991253 Use more robust getAsRecordType() method.
llvm-svn: 73186
2009-06-11 07:27:30 +00:00
Ted Kremenek a03705c82d Fix:
<rdar://problem/6948053> False positive: object substitution during -init* methods warns about returning +0 when using -fobjc-gc-only

llvm-svn: 72971
2009-06-05 23:18:01 +00:00
Ted Kremenek ea1c221334 Enhance attribute cf_returns_retained to also work (in the analyzer)
for non-Objctive-C pointer types.  This implicitly documents that the
return type is a CF object reference.

llvm-svn: 72968
2009-06-05 23:00:33 +00:00
Ted Kremenek 1036912118 Add special cases to retain checker for 'create' methods in QCView, QCRenderer, and CIContext (Apple APIs).
This fixes:

<rdar://problem/6902710> clang: false positives w/QC and CoreImage methods.

llvm-svn: 72187
2009-05-20 22:39:57 +00:00
Zhongxing Xu 1075cc0b02 Treat AllocaRegion as SymbolicRegion in RegionStore::Retrieve().
llvm-svn: 72166
2009-05-20 09:18:48 +00:00
Zhongxing Xu a7907608fb * API change: we need to pass GRState to GRExprEngine::EvalBinOp() because
RegionStore needs to know the type of alloca region. 
* RegionStoreManager::EvalBinOp() now converts the alloca region to its first
  element region, as what is done to symbolic region.

llvm-svn: 72164
2009-05-20 09:00:16 +00:00
Ted Kremenek 501ba0365a Fix PR 4230: Don't flag leaks of NSAutoreleasePools until we know that we aren' at the top-most scope of autorelease pools.
llvm-svn: 72065
2009-05-18 23:14:34 +00:00
Daniel Dunbar 29f36b4c9a Silence a Release-Asserts warning.
llvm-svn: 72013
2009-05-18 16:48:48 +00:00
Ted Kremenek e4302ee3bb Fix: <rdar://problem/6893565> False positive: don't flag leaks for return types that cannot be determined to be CF types
llvm-svn: 71921
2009-05-16 01:38:01 +00:00
Ted Kremenek a28565ac62 Fix another bug in BugReporter where we wouldn't always select the bug report in a bug equivalence class with the shortest path.
llvm-svn: 71920
2009-05-16 01:11:58 +00:00
Ted Kremenek 3281977dbb Fix crash when deriving the enclosing summary of a method whose first selector slot has a null IdentifierInfo*. This happens when analyzing Growl.
llvm-svn: 71857
2009-05-15 15:49:00 +00:00
Ted Kremenek 4785e41c12 Remove extra whitespace character in string literal. Purely cosmetic.
llvm-svn: 71847
2009-05-15 06:02:08 +00:00
Ted Kremenek 3d436c7b35 Use dyn_cast instead of cast to allow our assumptions to be safely wrong.
llvm-svn: 71843
2009-05-15 05:34:49 +00:00
Ted Kremenek 608a6176a1 Cleanup internal checks bug reporting, allowing intermediate diagnostics to be generated for bad argument warnings, bad branches, etc.
llvm-svn: 71838
2009-05-15 05:25:09 +00:00
Ted Kremenek 73777059f0 BugReporter (extensive diagnostics): Do not include the range of target '}'
llvm-svn: 71832
2009-05-15 02:46:13 +00:00
Ted Kremenek 18665fe3c9 PathDiagnosticLocation::asRange(): for a PathDiagnosticLocation, the range of a DeclStmt is only the decl, not
the decl + initializer.

llvm-svn: 71831
2009-05-15 02:05:25 +00:00
Ted Kremenek cfe7d02b2c BugReporter (extensive diagnostics): Add control-flow piece to '}' in
loop body when generating 'Looping back to the head of the loop'
diagnostics.

llvm-svn: 71829
2009-05-15 01:50:15 +00:00
Ted Kremenek f9fa3cb78a Fix <rdar://problem/6859457> [NSData dataWithBytesNoCopy] does not return a retained object.
llvm-svn: 71797
2009-05-14 21:29:16 +00:00
Ted Kremenek bae777254a Enhance diagnostics value tracking logic for null dereferences and uninitialized values.
llvm-svn: 71700
2009-05-13 19:16:35 +00:00
Ted Kremenek 5801f65a52 Fix crasher reported in PR 4209 caused by an invalid summary
generation when EvalObjCMessageExpr() did not resolve the
ObjCInterfaceDecl* for a receiver when the receiver's symbolic value
wasn't being explicitly tracked.

llvm-svn: 71685
2009-05-13 18:16:01 +00:00
Ted Kremenek 051a03d698 Fix crasher in CFRefCount.cpp reported by Nikita Zhuk due to recently added autorelease tracking.
llvm-svn: 71647
2009-05-13 07:12:33 +00:00
Ted Kremenek 1272f706ca Fix: <rdar://problem/6320065> false positive - init method returns an object owned by caller
Now 'init' methods are treated by the retain/release checker as
claiming their receiver and allocating a new object.

llvm-svn: 71579
2009-05-12 20:06:54 +00:00
Zhongxing Xu 08a2ede018 Add logic for invalidating array region to CFRefCount.cpp. When invalidating
array region, set its default value to conjured symbol. When retrieving its
element, create new region value symbol for the element.

Also fix some 80 columns violations.

llvm-svn: 71548
2009-05-12 10:10:00 +00:00
Ted Kremenek 95d181936a Fix <rdar://problem/6877235> Classes typedef-ed to CF objects should get the same treatment as CF objects
This was accomplished by having	'isTypeRef' recursively walk the typedef stack.

llvm-svn: 71538
2009-05-12 04:53:03 +00:00
Ted Kremenek 5fb7847fbf BugReport::getEndPath() - Only add a Stmt's range to the constructed PathDiagnosticEventPiece if the BugReport contained no explicit ranges.
llvm-svn: 71516
2009-05-11 23:50:59 +00:00
Ted Kremenek 97f75f8bda When stripping element regions for invalidating region values, treat FieldRegions and ObjCIvarRegions as "base" regions in addition to VarRegions.
llvm-svn: 71488
2009-05-11 22:55:17 +00:00
Ted Kremenek 2ee73b86c0 EdgeBuilder: DeclStmts and BinaryOperators are not the enclosing location context when they are used as initialization code for loops.
llvm-svn: 71480
2009-05-11 22:19:32 +00:00
Ted Kremenek c0b879b4a7 EdgeBuilder::cleanUpLocation() should used the PathDiagnosticLocation constructor for a single point, not a range.
llvm-svn: 71477
2009-05-11 21:42:34 +00:00
Ted Kremenek c14b594b14 BugReporter (extensive diagnostics): Add EdgeBuilder::cleanUpLocation for canonicalization locations and use this in both popLocation and rawAddEdge.
llvm-svn: 71470
2009-05-11 19:50:47 +00:00
Ted Kremenek d0e3ab2196 Fix regression reported in <rdar://problem/6866843>. The analyzer should extend the lifetime of an object stored to a container.
llvm-svn: 71452
2009-05-11 18:30:24 +00:00
Ted Kremenek dc7853cd98 Fix a bug found by Thomas Clement where 'return [[[NSString alloc] init] autorelease]' would emit a false 'too many overreleases' error.
llvm-svn: 71432
2009-05-11 15:26:06 +00:00
Zhongxing Xu 52091db11f TypedRegion is a too general assumption. Usually we only want to invalidate
the VarRegion as a super region of an ElementRegion.

llvm-svn: 71431
2009-05-11 14:28:14 +00:00
Zhongxing Xu c012656266 When retrieving an ElementRegion, if its super region is a StringRegion,
retrieve the string value.

llvm-svn: 71430
2009-05-11 14:23:36 +00:00
Zhongxing Xu bf938d3160 Fix a bug that leads to infinite loop. Set the correct element type to
ElementRegion.

llvm-svn: 71428
2009-05-11 12:48:56 +00:00
Ted Kremenek 1f8e4346fa Add special warning about returning a retained object where a GC'ed object is expected.
llvm-svn: 71397
2009-05-10 16:52:15 +00:00
Ted Kremenek dee56e37fc retain/release checker: Flag a warning for non-owned objects returned
where an owned one is expected.  Also add preliminary checking for
returning a positive retain count object in GC mode where an owned GC
object is expected.

llvm-svn: 71388
2009-05-10 06:25:57 +00:00
Ted Kremenek 3978f7972d analyzer:
- Improve -autorelease diagnostics.
- Improve VLA diagnostics.
- Use "short description" for bug when outputting to TextDiagnostics

llvm-svn: 71383
2009-05-10 05:11:21 +00:00
Zhongxing Xu c9c3dab491 When casting VarRegion, if the var type is aggregate type and the cast-to
pointee type is scalar type, create element region regardless with the sizes
of types.

llvm-svn: 71360
2009-05-09 15:34:29 +00:00
Zhongxing Xu 4131114d99 Remove the rest TypedViewRegion processing code. There should be no
TypedViewRegion usage in region store.

llvm-svn: 71359
2009-05-09 15:23:42 +00:00
Zhongxing Xu d6daef9165 When evaluating pointer arithmetic, if the base location is a symbolic region,
convert it to the first element region.
Also do not assume the array region is typed.

llvm-svn: 71358
2009-05-09 15:18:12 +00:00
Zhongxing Xu b18d7cab0c Do not create a TypedViewRegion when the base struct region is a symbolic
region. In the future we may set the cast-to type as the same time. But for
now, we simply leave it as it is.

llvm-svn: 71357
2009-05-09 13:36:16 +00:00
Zhongxing Xu 7c3826484e Do not layer a TypedViewRegion when casting symbolic or alloca regions.
Modify getLValueElement accordingly. Now we don't require base region 
to be a typed region. Do not create TypedViewRegion when base region is 
symbolic or alloca region. We can do so because each element region has 
its type information.

llvm-svn: 71355
2009-05-09 13:20:07 +00:00
Zhongxing Xu e3e94bbf19 Remove the case for casting to compatible type in
RegionStoreManager::CastRegion(). This case should be subsumed by others.

llvm-svn: 71353
2009-05-09 10:03:08 +00:00
Zhongxing Xu 91e2ab496f Rename:
SymbolRegionRValue => SymbolRegionValue
  SymExpr::RegionRValue => SymExpr::RegionValueKind

llvm-svn: 71322
2009-05-09 04:08:27 +00:00
Zhongxing Xu 34d04b3ca9 As discussed with Ted, rename TypedRegion::getObjectType() to
TypedRegion::getValueType().

llvm-svn: 71321
2009-05-09 03:57:34 +00:00
Ted Kremenek c2de72776c Add back analyzer support for ns_returns_retained and cf_returns_retained.
llvm-svn: 71309
2009-05-09 02:58:13 +00:00
Ted Kremenek 2d0ff62a0d It lives! The retain/release checker now tracks objects that are sent
'autorelease'.

llvm-svn: 71307
2009-05-09 01:50:57 +00:00