Ted Kremenek
0ee2913215
Fix 80 col violation.
...
llvm-svn: 74877
2009-07-06 22:59:23 +00:00
Ted Kremenek
309d3c6db0
Restructure NewCastRegion to use a switch statement that dispatches off the
...
region type. This better shows the logic of the method and allows the compiler
to check if we didn't handle a specific region kind.
llvm-svn: 74876
2009-07-06 22:56:37 +00:00
Ted Kremenek
f45778f425
Fix 80 col violation.
...
llvm-svn: 74875
2009-07-06 22:40:36 +00:00
Ted Kremenek
bb5a62d46e
NewCastRegion: Handle casts to any Objective-C pointer, not just qualified ids.
...
llvm-svn: 74874
2009-07-06 22:39:40 +00:00
Ted Kremenek
83b5ccbecf
Implement FIXME.
...
llvm-svn: 74872
2009-07-06 22:34:50 +00:00
Ted Kremenek
c5ab3a0eab
StoreManager::NewCastRegion:
...
- Refactor logic that creates ElementRegions into a help method 'MakeElementRegion'.
- Fix crash due to not handling StringRegions. Casts of StringRegions now
result in a new ElementRegion layered on the original StringRegion.
llvm-svn: 74867
2009-07-06 22:23:45 +00:00
Ted Kremenek
eea8c29aa3
Make 'BasicStoreManager' + 'NewCastRegion' testable from the command line using '-analyzer-store=basic-new-cast'.
...
llvm-svn: 74865
2009-07-06 21:58:46 +00:00
Ted Kremenek
9848b557c8
NewCastRegion:
...
- Have test for 'CodeTextRegion' dominate other region tests.
- Use 'getAsRecordType' instead of isa<RecordType>
llvm-svn: 74853
2009-07-06 21:01:16 +00:00
Ted Kremenek
3ad4b3bca3
Fix loop so that 'continue' statements actually cause the loop to iterate.
...
llvm-svn: 74852
2009-07-06 20:53:52 +00:00
Ted Kremenek
9e010e11c3
Move the new 'CastRegion' implementation from RegionStoreManager to StoreManager
...
(its superclass). This will allow us to experiment with using the new CastRegion
with BasicStoreManager, and gradually phase out the old implementation.
llvm-svn: 74851
2009-07-06 20:21:51 +00:00
Ted Kremenek
0578e43862
Fix <rdar://problem/7033733>. The CF_RETURNS_RETAINED attribute should work if the return type on an Objective-C method is a CF type reference, not just an Objective-C object reference.
...
llvm-svn: 74841
2009-07-06 18:30:43 +00:00
Zhongxing Xu
e1a3ace8ab
Further cleanup of region invalidation code. No functionality change.
...
llvm-svn: 74816
2009-07-06 06:01:24 +00:00
Zhongxing Xu
1fb1cf4e26
Start to gradually move region invalidation code into store manager.
...
No functionality change.
llvm-svn: 74812
2009-07-06 03:41:27 +00:00
Zhongxing Xu
61e6692993
remove utility methods that are not very useful.
...
llvm-svn: 74762
2009-07-03 06:11:41 +00:00
Ted Kremenek
194f46a11a
Remove unused method.
...
llvm-svn: 74751
2009-07-03 00:41:09 +00:00
Ted Kremenek
24c8513022
BasicStoreManager: Use SymbolManager::canSymbolicate() to determine if a variable can be symbolicated.
...
llvm-svn: 74750
2009-07-03 00:36:16 +00:00
Ted Kremenek
06cc0e31b2
Replace guarded calls in RegionStoreManager to
...
ValueManager::getRegionValueSymbolVal() with unguarded calls to
ValueManager::getRegionValueSymbolValOrUnknown(). This changes centralizes the
decision of what values to symbolicate in SymbolManager rather than having it
scatter in RegionStoreManager.
llvm-svn: 74730
2009-07-02 22:16:42 +00:00
Ted Kremenek
725b4a3a51
Enhance RegionStore to lazily symbolicate fields and array elements for
...
structures passed-by-value as function arguments.
llvm-svn: 74729
2009-07-02 22:02:15 +00:00
Ted Kremenek
df67d426d9
StoreManagers: Use 'hasGlobalsStorage()' and 'hasParametersStorage()' instead of
...
directly consulting if a VarDecl is an implicit or actual parameter, a global,
etc.
llvm-svn: 74716
2009-07-02 18:25:09 +00:00
Ted Kremenek
7e4a9a02c3
Add a separate MemSpaceRegion for function/method arguments passed on the stack.
...
This will simplify the logic of StoreManagers that want to specially reason
about the values of parameters.
llvm-svn: 74715
2009-07-02 18:14:59 +00:00
Ted Kremenek
df15d29f17
Remove commented methods. Add MemRegion::printStdErr().
...
llvm-svn: 74709
2009-07-02 17:24:10 +00:00
Ted Kremenek
873db25879
Minor code cleanup: pull variables into scope of 'if' statement, limiting their
...
actual lifetime to their logical lifetime.
llvm-svn: 74665
2009-07-01 23:30:34 +00:00
Ted Kremenek
55e07efeed
Add a FIXME to RegionStore, do some minor code cleanup, and get RegionStore to
...
pass misc-ps.m. Currently RegionStore/BasicStore don't do any special reasoning
about clang-style vectors, so we should return UnknownVal (in all cases) when
accessing their values via an array.
llvm-svn: 74660
2009-07-01 23:19:52 +00:00
Zhongxing Xu
b4ce4fc4ee
add fixme.
...
llvm-svn: 74581
2009-07-01 02:12:57 +00:00
Ted Kremenek
aff66a8a19
Update old CastRegion logic to not assume that ElementRegion's super region is a
...
TypedRegion. While we plan on removing this code at some point, it serves as a
good reference implementation for use with BasicStore until we are sure the new
CastRegion logic (in RegionStore.cpp) is correct.
llvm-svn: 74559
2009-06-30 22:31:23 +00:00
Ted Kremenek
8fd187986d
Combine two conditional branches into one. No functionality change.
...
llvm-svn: 74552
2009-06-30 20:24:11 +00:00
Zhongxing Xu
703db197e3
Instead of r74522, use another approach to fix xfail_regionstore_wine_crash.c.
...
Mark the super region of the binding of block level expr in the Environment
as live.
llvm-svn: 74525
2009-06-30 13:00:53 +00:00
Zhongxing Xu
e205d43c75
When retrieving element region, if its super region has binding, return
...
unknown for it.
Mark the super region of a live region as live, if the live region is pointed
to by a live pointer variable.
These fixes xfail_regionstore_wine_crash.c.
llvm-svn: 74524
2009-06-30 12:32:59 +00:00
Zhongxing Xu
d29e74e658
Block level expr should be visited. Otherwise variables in init expr of
...
DeclStmt would be dead before the DeclStmt.
For example:
int x = 0;
int y = x;
'x' would be dead before 'int y = x'.
llvm-svn: 74522
2009-06-30 12:11:58 +00:00
Zhongxing Xu
d0a246fd08
add utility method.
...
llvm-svn: 74521
2009-06-30 11:52:40 +00:00
Zhongxing Xu
5df79c6642
remove dead code.
...
llvm-svn: 74517
2009-06-30 07:50:26 +00:00
Zhongxing Xu
6377a98774
We do not require the super region of element region be typed. So do not
...
create TypedViewRegion for it.
llvm-svn: 74516
2009-06-30 07:41:27 +00:00
Argyrios Kyrtzidis
cfbfe78e9e
De-ASTContext-ify DeclContext.
...
Remove ASTContext parameter from DeclContext's methods. This change cascaded down to other Decl's methods and changes to call sites started "escalating".
Timings using pre-tokenized "cocoa.h" showed only a ~1% increase in time run between and after this commit.
llvm-svn: 74506
2009-06-30 02:36:12 +00:00
Argyrios Kyrtzidis
ddcd132a5b
Remove the ASTContext parameter from the getBody() methods of Decl and subclasses.
...
Timings showed no significant difference before and after the commit.
llvm-svn: 74504
2009-06-30 02:35:26 +00:00
Argyrios Kyrtzidis
b4b64ca752
Remove the ASTContext parameter from the attribute-related methods of Decl.
...
The implementations of these methods can Use Decl::getASTContext() to get the ASTContext.
This commit touches a lot of files since call sites for these methods are everywhere.
I used pre-tokenized "carbon.h" and "cocoa.h" headers to do some timings, and there was no real time difference between before the commit and after it.
llvm-svn: 74501
2009-06-30 02:34:44 +00:00
Chris Lattner
c61089a6c2
Key decisions about 'bool' vs '_Bool' to be based on a new flag in langoptions.
...
This is simple enough, but then I thought it would be nice to make PrintingPolicy
get a LangOptions so that various things can key off "bool" and "C++" independently.
This spiraled out of control. There are many fixme's, but I think things are slightly
better than they were before.
One thing that can be improved: CFG should probably have an ASTContext pointer in it,
which would simplify its clients.
llvm-svn: 74493
2009-06-30 01:26:17 +00:00
Zhongxing Xu
4744d560b8
Invalidate the alloca region by setting its default value to conjured symbol.
...
llvm-svn: 74419
2009-06-29 06:43:40 +00:00
Zhongxing Xu
0628f539a8
Adjust retrieve handler priority. If a field is of array type, it should be
...
handled by RetrieveArray().
llvm-svn: 74409
2009-06-28 14:16:39 +00:00
Zhongxing Xu
6f610707cf
Invalidate a field of struct type by setting its default value to conjured
...
symbol.
llvm-svn: 74408
2009-06-28 13:59:24 +00:00
Zhongxing Xu
d260db1238
Do not crash on binding concrete integer location.
...
llvm-svn: 74407
2009-06-28 10:16:11 +00:00
Zhongxing Xu
f7a6de3a12
Simplify some code. As in region store, we always expect the location is a
...
memregion.
llvm-svn: 74406
2009-06-28 09:26:15 +00:00
Ted Kremenek
8e5f6951eb
Remove the last 'GetXXX' methods from GRStateManager.
...
llvm-svn: 74361
2009-06-27 00:24:54 +00:00
Ted Kremenek
bb597cdfc2
Remove '#include <sstream>' from libAnalysis.
...
llvm-svn: 74245
2009-06-26 00:43:22 +00:00
Ted Kremenek
af1ac826f6
Update method signature.
...
llvm-svn: 74244
2009-06-26 00:41:43 +00:00
Ted Kremenek
18e1caa6bf
Unbreak build.
...
llvm-svn: 74238
2009-06-26 00:25:05 +00:00
Ted Kremenek
4ac764d72e
Remove orphaned header file.
...
llvm-svn: 74231
2009-06-26 00:08:20 +00:00
Ted Kremenek
1642bdaaa5
Introduce a new concept to the static analyzer: SValuator.
...
GRTransferFuncs had the conflated role of both constructing SVals (symbolic
expressions) as well as handling checker-specific logic. Now SValuator has the
role of constructing SVals from expressions and GRTransferFuncs just handles
checker-specific logic. The motivation is by separating these two concepts we
will be able to much more easily create richer constraint-generating logic
without coupling it to the main checker transfer function logic.
We now have one implementation of SValuator: SimpleSValuator.
SimpleSValuator is essentially the SVal-related logic that was in GRSimpleVals
(which is removed in this patch). This includes the logic for EvalBinOp,
EvalCast, etc. Because SValuator has a narrower role than the old
GRTransferFuncs, the interfaces are much simpler, and so is the implementation
of SimpleSValuator compared to GRSimpleVals. I also did a line-by-line review of
SVal-related logic in GRSimpleVals and cleaned it up while moving it over to
SimpleSValuator.
As a consequence of removing GRSimpleVals, there is no longer a
'-checker-simple' option. The '-checker-cfref' did everything that option did
but also ran the retain/release checker. Of course a user may not always wish to
run the retain/release checker, nor do we wish core analysis logic buried in the
checker-specific logic. The next step is to refactor the logic in CFRefCount.cpp
to separate out these pieces into the core analysis engine.
llvm-svn: 74229
2009-06-26 00:05:51 +00:00
Ted Kremenek
9ffbd9fb64
Remove declaration for unused and unimplemented static method.
...
llvm-svn: 74182
2009-06-25 17:25:49 +00:00
Zhongxing Xu
c53b444d36
remove RegionKills GDM. Now UnknownVal is bound to regions explicitly.
...
llvm-svn: 74168
2009-06-25 05:52:16 +00:00
Zhongxing Xu
2d16073b50
Move element region retrieving logic into a separate function.
...
llvm-svn: 74166
2009-06-25 05:29:39 +00:00
Zhongxing Xu
e67ea5c784
Move all logic for retrieving ElementRegion binding into a separate method.
...
Revert to setting default value approach for handling struct initialization.
llvm-svn: 74160
2009-06-25 04:50:44 +00:00
Ted Kremenek
799bb6e178
Remove uses of std::ostream from libAnalysis.
...
llvm-svn: 74136
2009-06-24 23:06:47 +00:00
Ted Kremenek
2c6a7b2776
Remove GRStateManager::GetSValAsScalarOrLoc()/GetSVal().
...
llvm-svn: 74128
2009-06-24 22:15:30 +00:00
Owen Anderson
4d9e93c420
Update for LLVM API changes.
...
llvm-svn: 74085
2009-06-24 17:37:55 +00:00
Zhongxing Xu
33420090ae
use a concrete type instead of a trait type to make code more readable.
...
llvm-svn: 74047
2009-06-24 01:12:41 +00:00
Zhongxing Xu
9ef415edf2
RegionStore: revert to the default value approach for array initialization.
...
llvm-svn: 74043
2009-06-24 00:56:31 +00:00
Ted Kremenek
8cf2021012
Remove GRStateManager::getRegion/getSelfRegion().
...
llvm-svn: 74006
2009-06-23 21:37:46 +00:00
Ted Kremenek
7df5691d2d
Remove GRStateManager::BindLoc() and GRStateManager::Unbind().
...
llvm-svn: 73996
2009-06-23 20:38:51 +00:00
Ted Kremenek
59ee3f5079
Remove GRStateManager::BindDecl() and GRStateManager::BindDeclWithInit().
...
llvm-svn: 73995
2009-06-23 20:27:53 +00:00
Ted Kremenek
2d99f97c17
- Add MemRegion::getMemorySpace()
...
- Change implementation of MemRegion::hasStackStorage()/hasHeapStorage() to use
'getMemorySpace()'. This avoids a double traversal up the region hierarchy
and is simpler.
- Add MemRegion::hasHeapOrStackStorage() as a slightly more efficient
alternative to 'hasStackStorage() || hasHeapStorage()'.
llvm-svn: 73977
2009-06-23 18:17:08 +00:00
Ted Kremenek
404b132dc0
Move 'hasStackStorage()' and 'hasHeapStorage()' from MemRegionManager to MemRegion.
...
llvm-svn: 73973
2009-06-23 18:05:21 +00:00
Ted Kremenek
ae01dc73af
API cleanup: move more methods from GRStateManager to GRState.
...
llvm-svn: 73968
2009-06-23 17:55:07 +00:00
Ted Kremenek
d363f44c69
Update CMake file.
...
llvm-svn: 73958
2009-06-23 16:54:53 +00:00
Zhongxing Xu
7718ae4701
Move all factory methods from SVal to ValueManager. API cleanup!
...
llvm-svn: 73954
2009-06-23 09:02:15 +00:00
Zhongxing Xu
0808f70912
Split ValueManager method definitions into its own source file.
...
No functionality change.
llvm-svn: 73952
2009-06-23 06:22:22 +00:00
Zhongxing Xu
d09b5205ef
ValueManager::makeNonLoc -> ValueManager::makeIntVal
...
Clean up code with ValueManager.
llvm-svn: 73951
2009-06-23 06:13:19 +00:00
Zhongxing Xu
0442e962d9
If the init list is fewer than the struct fields, bind the rest fields to 0
...
explicitly. Make 0 value with the field type.
llvm-svn: 73949
2009-06-23 05:43:16 +00:00
Zhongxing Xu
b7cf95957d
Instead of setting the default value of the array region, bind the rest of the
...
array elements to 0 explicitly. Create 0 values with the element type.
llvm-svn: 73946
2009-06-23 05:23:38 +00:00
Zhongxing Xu
cbfc7d6c2e
MemRegionManager: Migrate logic for getCodeTextRegion() over to using
...
trait-based MemRegion creation.
llvm-svn: 73941
2009-06-23 03:50:30 +00:00
Zhongxing Xu
1a195b264f
Remove duplicated methods.
...
llvm-svn: 73940
2009-06-23 02:51:21 +00:00
Zhongxing Xu
74fa0bc3de
add a fixme.
...
llvm-svn: 73939
2009-06-23 02:08:56 +00:00
Ted Kremenek
fb87e30815
MemRegions:
...
- Embed a reference to MemRegionManager objects in MemSpaceRegion objects
- Use this embedded reference for MemRegion objects to access ASTContext objects without external help
- Use this access to ASTContext to simplify 'isBoundable' (no ASTContext& argument required)
llvm-svn: 73935
2009-06-23 00:46:41 +00:00
Ted Kremenek
8bae300ade
MemRegionManager: Migrate logic for getAllocaRegion() over to using trait-based MemRegion creation.
...
llvm-svn: 73927
2009-06-23 00:15:41 +00:00
Ted Kremenek
2266640a7a
MemRegionManager: Migrate getObjCObjectRegion() and getTypedViewRegion() to use
...
the new trait-based construction of MemRegion objects.
llvm-svn: 73926
2009-06-23 00:04:09 +00:00
Ted Kremenek
214cdfea84
Migrate factory methods for FieldRegion and ObjCIVarRegion creation to use the
...
new generalized region-construction code.
llvm-svn: 73921
2009-06-22 23:34:21 +00:00
Ted Kremenek
e5e8b0b09b
Refactor some of the logic in MemRegionManager for constructing regions using
...
member template functions and traits. The idea is to allow MemRegionManager to
construct subclasses of MemRegion that aren't declared in MemRegion.h (e.g.,
checker-specific regions).
llvm-svn: 73917
2009-06-22 23:13:13 +00:00
Zhongxing Xu
8077d7eb15
Allow CodeTextRegion to be cast to 'void *'.
...
llvm-svn: 73880
2009-06-22 08:36:10 +00:00
Zhongxing Xu
540c009fbe
Return UnknownVal for pointer arithmetic on struct fields.
...
llvm-svn: 73851
2009-06-21 13:24:24 +00:00
Ted Kremenek
c55f0cdaa0
Remove more GetSVal/GetLValue methods in GRExprEngine/GRState, instead
...
preferring to use their replacements in GRState. This further unifies the code
paths for such logic and leads to some code reduction.
llvm-svn: 73771
2009-06-19 17:10:32 +00:00
Zhongxing Xu
54fb536b5c
A further step of r73690: associate the cast-to type with the created symbol,
...
because the type of the symbol is used to create the default range. We need the
sign to be consistent.
llvm-svn: 73756
2009-06-19 06:00:32 +00:00
Zhongxing Xu
cc45762253
If the SymbolicRegion was cast to another type, use that type to create the
...
ElementRegion.
llvm-svn: 73754
2009-06-19 04:51:14 +00:00
Ted Kremenek
095f1a9848
Move clients over from using GRStateManager::BindXXX and friends to
...
GRState->bindXXX and friends (and constify some arguments along the way).
llvm-svn: 73740
2009-06-18 23:58:37 +00:00
Ted Kremenek
4c6a367182
Remove GRStateManager& field from SimpleConstraintManager.
...
llvm-svn: 73735
2009-06-18 23:20:05 +00:00
Ted Kremenek
f9906843b7
libAnalysis:
...
- Remove the 'isFeasible' flag from all uses of 'Assume'.
- Remove the 'Assume' methods from GRStateManager. Now the only way to
create a new GRState with an assumption is to use the new 'assume' methods
in GRState.
llvm-svn: 73731
2009-06-18 22:57:13 +00:00
Douglas Gregor
78bd61f661
Move the static DeclAttrs map into ASTContext. Fixes <rdar://problem/6983177>.
...
llvm-svn: 73702
2009-06-18 16:11:24 +00:00
Zhongxing Xu
cea6578078
When casting region, if we do not create an element region, record the cast-to
...
type.
When retrieving the region value, if we are going to create a symbol value, use
the cast-to type if possible.
llvm-svn: 73690
2009-06-18 06:29:10 +00:00
Ted Kremenek
6a667ab710
Remove GRStateRef.
...
llvm-svn: 73670
2009-06-18 01:33:24 +00:00
Ted Kremenek
d93c6e3fd6
Remove more dependencies on GRStateRef. As a consequence, we can now
...
pretty-print a GRState object anywhere it is referenced (instead of
needing a GRStateRef of a GRStateManager handy).
llvm-svn: 73669
2009-06-18 01:23:53 +00:00
Ted Kremenek
89a303caac
Remove another dependency on GRStateRef.
...
llvm-svn: 73667
2009-06-18 00:49:02 +00:00
Steve Naroff
fb4330f255
First step toward fixing <rdar://problem/6613046> refactor clang objc type representation.
...
Add a type (ObjCObjectPointerType) and remove a type (ObjCQualifiedIdType).
This large/tedious patch is just a first step. Next step is to remove ObjCQualifiedInterfaceType. After that, I will remove the magic TypedefType for 'id' (installed by Sema). This work will enable various simplifications throughout clang (when dealing with ObjC types).
No functionality change.
llvm-svn: 73649
2009-06-17 22:40:22 +00:00
Ted Kremenek
b35e2caab5
Remove more uses of GRStateRef.
...
llvm-svn: 73648
2009-06-17 22:28:13 +00:00
Ted Kremenek
609df30929
Start moving in the direction of removing GRStateRef. Now each
...
GRState object has a direct reference to its GRStateManager, making
the functionality of GRStateRef redunandant. This will lead to some
nice API cleanup and code shrinking across libAnalysis.
llvm-svn: 73644
2009-06-17 22:02:04 +00:00
Ted Kremenek
4533a55696
RegionStoreManager:
...
- Add "sections" to RegionStoreManager.cpp to delineate functionality.
- Add new function "CreateFieldsOnlyRegionStoreManager" that uses the new
RegionStoreFeatures class to use a reduced set of features from
RegionStoreManager (in this case, only field-sensitivity). This isn't
completely hooked up yet.
llvm-svn: 73572
2009-06-16 22:36:44 +00:00
Zhongxing Xu
838a0db0ba
Use canonical type for building ElementRegion. Otherwise ElementRegions cannot
...
be unique.
llvm-svn: 73482
2009-06-16 09:55:50 +00:00
Zhongxing Xu
e531f048f8
Do not invalidate unboundable regions in GRSimpleVals::EvalCall().
...
llvm-svn: 73474
2009-06-16 06:18:21 +00:00
Ted Kremenek
96aa146d90
Fix: <rdar://problem/6945561> -[CIContext createCGLayerWithSize:info:] misinterpreted by clang scan-build
...
llvm-svn: 73415
2009-06-15 20:58:58 +00:00
Ted Kremenek
3092e9c5c2
Fix: <rdar://problem/6961230> add knowledge of IOKit functions to retain/release checker
...
llvm-svn: 73411
2009-06-15 20:36:07 +00:00
Chris Lattner
15ba94987a
Sink the BuiltinInfo object from ASTContext into the
...
preprocessor and initialize it early in clang-cc. This
ensures that __has_builtin works in all modes, not just
when ASTContext is around.
llvm-svn: 73319
2009-06-14 01:54:56 +00:00
Zhongxing Xu
70b27e6f8b
Stop tracking non-compound value for struct. It may be caused by imprecise cast
...
logic.
llvm-svn: 73279
2009-06-13 01:31:11 +00:00
Zhongxing Xu
2693c504c2
use getAsPointerType() method.
...
llvm-svn: 73218
2009-06-12 03:59:12 +00:00
Ted Kremenek
ea675cf6a3
Add summary lookup for IOServiceGetMatchingService.
...
Convert tabs to spaces.
llvm-svn: 73198
2009-06-11 18:17:24 +00:00
Ted Kremenek
a74ead4103
Refactor some function name -> summary lookup using a switch statement.
...
llvm-svn: 73197
2009-06-11 18:10:48 +00:00
Zhongxing Xu
519a47d4bd
Bind the mistakenly generated nonloc::SymbolVal to struct correctly. See the
...
comments for added test case for details.
llvm-svn: 73189
2009-06-11 09:11:27 +00:00
Zhongxing Xu
d85a991253
Use more robust getAsRecordType() method.
...
llvm-svn: 73186
2009-06-11 07:27:30 +00:00
Ted Kremenek
a03705c82d
Fix:
...
<rdar://problem/6948053> False positive: object substitution during -init* methods warns about returning +0 when using -fobjc-gc-only
llvm-svn: 72971
2009-06-05 23:18:01 +00:00
Ted Kremenek
ea1c221334
Enhance attribute cf_returns_retained to also work (in the analyzer)
...
for non-Objctive-C pointer types. This implicitly documents that the
return type is a CF object reference.
llvm-svn: 72968
2009-06-05 23:00:33 +00:00
Ted Kremenek
1036912118
Add special cases to retain checker for 'create' methods in QCView, QCRenderer, and CIContext (Apple APIs).
...
This fixes:
<rdar://problem/6902710> clang: false positives w/QC and CoreImage methods.
llvm-svn: 72187
2009-05-20 22:39:57 +00:00
Zhongxing Xu
1075cc0b02
Treat AllocaRegion as SymbolicRegion in RegionStore::Retrieve().
...
llvm-svn: 72166
2009-05-20 09:18:48 +00:00
Zhongxing Xu
a7907608fb
* API change: we need to pass GRState to GRExprEngine::EvalBinOp() because
...
RegionStore needs to know the type of alloca region.
* RegionStoreManager::EvalBinOp() now converts the alloca region to its first
element region, as what is done to symbolic region.
llvm-svn: 72164
2009-05-20 09:00:16 +00:00
Ted Kremenek
501ba0365a
Fix PR 4230: Don't flag leaks of NSAutoreleasePools until we know that we aren' at the top-most scope of autorelease pools.
...
llvm-svn: 72065
2009-05-18 23:14:34 +00:00
Daniel Dunbar
29f36b4c9a
Silence a Release-Asserts warning.
...
llvm-svn: 72013
2009-05-18 16:48:48 +00:00
Ted Kremenek
e4302ee3bb
Fix: <rdar://problem/6893565> False positive: don't flag leaks for return types that cannot be determined to be CF types
...
llvm-svn: 71921
2009-05-16 01:38:01 +00:00
Ted Kremenek
a28565ac62
Fix another bug in BugReporter where we wouldn't always select the bug report in a bug equivalence class with the shortest path.
...
llvm-svn: 71920
2009-05-16 01:11:58 +00:00
Ted Kremenek
3281977dbb
Fix crash when deriving the enclosing summary of a method whose first selector slot has a null IdentifierInfo*. This happens when analyzing Growl.
...
llvm-svn: 71857
2009-05-15 15:49:00 +00:00
Ted Kremenek
4785e41c12
Remove extra whitespace character in string literal. Purely cosmetic.
...
llvm-svn: 71847
2009-05-15 06:02:08 +00:00
Ted Kremenek
3d436c7b35
Use dyn_cast instead of cast to allow our assumptions to be safely wrong.
...
llvm-svn: 71843
2009-05-15 05:34:49 +00:00
Ted Kremenek
608a6176a1
Cleanup internal checks bug reporting, allowing intermediate diagnostics to be generated for bad argument warnings, bad branches, etc.
...
llvm-svn: 71838
2009-05-15 05:25:09 +00:00
Ted Kremenek
73777059f0
BugReporter (extensive diagnostics): Do not include the range of target '}'
...
llvm-svn: 71832
2009-05-15 02:46:13 +00:00
Ted Kremenek
18665fe3c9
PathDiagnosticLocation::asRange(): for a PathDiagnosticLocation, the range of a DeclStmt is only the decl, not
...
the decl + initializer.
llvm-svn: 71831
2009-05-15 02:05:25 +00:00
Ted Kremenek
cfe7d02b2c
BugReporter (extensive diagnostics): Add control-flow piece to '}' in
...
loop body when generating 'Looping back to the head of the loop'
diagnostics.
llvm-svn: 71829
2009-05-15 01:50:15 +00:00
Ted Kremenek
f9fa3cb78a
Fix <rdar://problem/6859457> [NSData dataWithBytesNoCopy] does not return a retained object.
...
llvm-svn: 71797
2009-05-14 21:29:16 +00:00
Ted Kremenek
bae777254a
Enhance diagnostics value tracking logic for null dereferences and uninitialized values.
...
llvm-svn: 71700
2009-05-13 19:16:35 +00:00
Ted Kremenek
5801f65a52
Fix crasher reported in PR 4209 caused by an invalid summary
...
generation when EvalObjCMessageExpr() did not resolve the
ObjCInterfaceDecl* for a receiver when the receiver's symbolic value
wasn't being explicitly tracked.
llvm-svn: 71685
2009-05-13 18:16:01 +00:00
Ted Kremenek
051a03d698
Fix crasher in CFRefCount.cpp reported by Nikita Zhuk due to recently added autorelease tracking.
...
llvm-svn: 71647
2009-05-13 07:12:33 +00:00
Ted Kremenek
1272f706ca
Fix: <rdar://problem/6320065> false positive - init method returns an object owned by caller
...
Now 'init' methods are treated by the retain/release checker as
claiming their receiver and allocating a new object.
llvm-svn: 71579
2009-05-12 20:06:54 +00:00
Zhongxing Xu
08a2ede018
Add logic for invalidating array region to CFRefCount.cpp. When invalidating
...
array region, set its default value to conjured symbol. When retrieving its
element, create new region value symbol for the element.
Also fix some 80 columns violations.
llvm-svn: 71548
2009-05-12 10:10:00 +00:00
Ted Kremenek
95d181936a
Fix <rdar://problem/6877235> Classes typedef-ed to CF objects should get the same treatment as CF objects
...
This was accomplished by having 'isTypeRef' recursively walk the typedef stack.
llvm-svn: 71538
2009-05-12 04:53:03 +00:00
Ted Kremenek
5fb7847fbf
BugReport::getEndPath() - Only add a Stmt's range to the constructed PathDiagnosticEventPiece if the BugReport contained no explicit ranges.
...
llvm-svn: 71516
2009-05-11 23:50:59 +00:00
Ted Kremenek
97f75f8bda
When stripping element regions for invalidating region values, treat FieldRegions and ObjCIvarRegions as "base" regions in addition to VarRegions.
...
llvm-svn: 71488
2009-05-11 22:55:17 +00:00
Ted Kremenek
2ee73b86c0
EdgeBuilder: DeclStmts and BinaryOperators are not the enclosing location context when they are used as initialization code for loops.
...
llvm-svn: 71480
2009-05-11 22:19:32 +00:00
Ted Kremenek
c0b879b4a7
EdgeBuilder::cleanUpLocation() should used the PathDiagnosticLocation constructor for a single point, not a range.
...
llvm-svn: 71477
2009-05-11 21:42:34 +00:00
Ted Kremenek
c14b594b14
BugReporter (extensive diagnostics): Add EdgeBuilder::cleanUpLocation for canonicalization locations and use this in both popLocation and rawAddEdge.
...
llvm-svn: 71470
2009-05-11 19:50:47 +00:00
Ted Kremenek
d0e3ab2196
Fix regression reported in <rdar://problem/6866843>. The analyzer should extend the lifetime of an object stored to a container.
...
llvm-svn: 71452
2009-05-11 18:30:24 +00:00
Ted Kremenek
dc7853cd98
Fix a bug found by Thomas Clement where 'return [[[NSString alloc] init] autorelease]' would emit a false 'too many overreleases' error.
...
llvm-svn: 71432
2009-05-11 15:26:06 +00:00
Zhongxing Xu
52091db11f
TypedRegion is a too general assumption. Usually we only want to invalidate
...
the VarRegion as a super region of an ElementRegion.
llvm-svn: 71431
2009-05-11 14:28:14 +00:00
Zhongxing Xu
c012656266
When retrieving an ElementRegion, if its super region is a StringRegion,
...
retrieve the string value.
llvm-svn: 71430
2009-05-11 14:23:36 +00:00
Zhongxing Xu
bf938d3160
Fix a bug that leads to infinite loop. Set the correct element type to
...
ElementRegion.
llvm-svn: 71428
2009-05-11 12:48:56 +00:00
Ted Kremenek
1f8e4346fa
Add special warning about returning a retained object where a GC'ed object is expected.
...
llvm-svn: 71397
2009-05-10 16:52:15 +00:00
Ted Kremenek
dee56e37fc
retain/release checker: Flag a warning for non-owned objects returned
...
where an owned one is expected. Also add preliminary checking for
returning a positive retain count object in GC mode where an owned GC
object is expected.
llvm-svn: 71388
2009-05-10 06:25:57 +00:00
Ted Kremenek
3978f7972d
analyzer:
...
- Improve -autorelease diagnostics.
- Improve VLA diagnostics.
- Use "short description" for bug when outputting to TextDiagnostics
llvm-svn: 71383
2009-05-10 05:11:21 +00:00
Zhongxing Xu
c9c3dab491
When casting VarRegion, if the var type is aggregate type and the cast-to
...
pointee type is scalar type, create element region regardless with the sizes
of types.
llvm-svn: 71360
2009-05-09 15:34:29 +00:00
Zhongxing Xu
4131114d99
Remove the rest TypedViewRegion processing code. There should be no
...
TypedViewRegion usage in region store.
llvm-svn: 71359
2009-05-09 15:23:42 +00:00
Zhongxing Xu
d6daef9165
When evaluating pointer arithmetic, if the base location is a symbolic region,
...
convert it to the first element region.
Also do not assume the array region is typed.
llvm-svn: 71358
2009-05-09 15:18:12 +00:00
Zhongxing Xu
b18d7cab0c
Do not create a TypedViewRegion when the base struct region is a symbolic
...
region. In the future we may set the cast-to type as the same time. But for
now, we simply leave it as it is.
llvm-svn: 71357
2009-05-09 13:36:16 +00:00
Zhongxing Xu
7c3826484e
Do not layer a TypedViewRegion when casting symbolic or alloca regions.
...
Modify getLValueElement accordingly. Now we don't require base region
to be a typed region. Do not create TypedViewRegion when base region is
symbolic or alloca region. We can do so because each element region has
its type information.
llvm-svn: 71355
2009-05-09 13:20:07 +00:00
Zhongxing Xu
e3e94bbf19
Remove the case for casting to compatible type in
...
RegionStoreManager::CastRegion(). This case should be subsumed by others.
llvm-svn: 71353
2009-05-09 10:03:08 +00:00
Zhongxing Xu
91e2ab496f
Rename:
...
SymbolRegionRValue => SymbolRegionValue
SymExpr::RegionRValue => SymExpr::RegionValueKind
llvm-svn: 71322
2009-05-09 04:08:27 +00:00
Zhongxing Xu
34d04b3ca9
As discussed with Ted, rename TypedRegion::getObjectType() to
...
TypedRegion::getValueType().
llvm-svn: 71321
2009-05-09 03:57:34 +00:00
Ted Kremenek
c2de72776c
Add back analyzer support for ns_returns_retained and cf_returns_retained.
...
llvm-svn: 71309
2009-05-09 02:58:13 +00:00
Ted Kremenek
2d0ff62a0d
It lives! The retain/release checker now tracks objects that are sent
...
'autorelease'.
llvm-svn: 71307
2009-05-09 01:50:57 +00:00