maxjhandsome
/
llvm-project
forked from OSchip/llvm-project
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity
88,603 Commits 23 Branches 0 Tags 2.2 GiB
Commit Graph

825 Commits

Author SHA1 Message Date
Zhongxing Xu 396e041f5e add test case. 
llvm-svn: 110408
 2010-08-06 00:04:40 +00:00
Jordy Rose afdb053618 When checking if a buffer access is valid, first make sure the buffer has a valid Loc. Fixes PR7830. 
llvm-svn: 110390
 2010-08-05 23:11:30 +00:00
Tom Care 16ba7c652e Fixed logic error in UnreachableCodeChecker's marking algorithm that would sometimes allow for multiple sequential statements to be flagged. 
llvm-svn: 110353
 2010-08-05 17:53:44 +00:00
Ted Kremenek 1d08fd9b79 Correctly handle 'Class<...>' when examining Cocoa conventions in the static analyzer. Fixes a crash reported in <rdar://problem/8272168>. Patch by Henry Mason! 
llvm-svn: 110289
 2010-08-05 00:19:24 +00:00
Ted Kremenek b786156b01 Teach SemaChecking::CheckReturnStackAddr about ImplicitCastExprs that convert values to an lvalue. This allows us to warn (again) about returning references to stack variables. (fixes PR 7812). 
llvm-svn: 110242
 2010-08-04 20:01:07 +00:00
Ted Kremenek 297e2e5bf6 Fix idempotent operations false positive caused by ivars not being invalidated in function 
calls when the enclosing object had retain/release state.  Fixes <rdar://problem/8261992>.

llvm-svn: 110068
 2010-08-02 21:59:12 +00:00
Ted Kremenek 4b83f753a1 Add test case for <rdar://problem/8258814>. 
llvm-svn: 110058
 2010-08-02 20:33:00 +00:00
Zhongxing Xu fd91d27630 Improve flat store: MemRegion::getAsOffset() computes a region's offset within 
the top-level object. FlatStore now can bind and retrieve element and field
regions.
PR7297 is fixed by flat store.

llvm-svn: 110020
 2010-08-02 04:56:14 +00:00
John McCall a95172baa0 Only run the jump-checker if there's a branch-protected scope *and* there's 
a switch or goto somewhere in the function.  Indirect gotos trigger the
jump-checker regardless, because the conditions there are slightly more
elaborate and it's too marginal a case to be worth optimizing.

Turns off the jump-checker in a lot of cases in C++.  rdar://problem/7702918

llvm-svn: 109962
 2010-08-01 00:26:45 +00:00
Ted Kremenek d21139a34f After a lengthy design discussion, add support for "ownership attributes" for malloc/free checking. Patch by Andrew McGregor! 
llvm-svn: 109939
 2010-07-31 01:52:11 +00:00
Tom Care fe1a4944b1 Test case for PR7763. 
llvm-svn: 109895
 2010-07-30 21:42:31 +00:00
Jordy Rose 23f0f4b7ae Move new test (that requires RegionStore) into its own file. 
llvm-svn: 109736
 2010-07-29 07:11:59 +00:00
Jordy Rose daa1c83413 Use a LazyCompoundVal to handle initialization with a string literal, rather than copying each character. 
llvm-svn: 109734
 2010-07-29 06:40:33 +00:00
Ted Kremenek 8bedb7dd3f Teach GRExprEngine::VisitLValue() about FloatingLiteral, ImaginaryLiteral, and CharacterLiteral. Fixes an assertion failure reported in PR 7675. 
llvm-svn: 109719
 2010-07-29 01:31:59 +00:00
Ted Kremenek 385f71b1f4 Augment RegionStore::BindStruct() to bind symbolicated struct values. This fixes a false path issue reported in <rdar://problem/8243408> and also spurs another cause where the idempotent operations checker fires. 
llvm-svn: 109710
 2010-07-29 00:28:47 +00:00
Tom Care 29a6250bf0 Added some false positive checking to UnreachableCodeChecker 
- Allowed reporting of dead macros
- Added path walking function to search for false positives in conditional statements
- Updated some affected tests
- Added some false positive test cases

llvm-svn: 109561
 2010-07-27 23:30:21 +00:00
Ted Kremenek 83b598c14f Finesse 'idempotent operations' analyzer issues to include the opcode of the binary operator for clearer error reporting. Also remove the 'Idempotent operation' prefix in messages; it's redundant since the bug type is the same. 
llvm-svn: 109527
 2010-07-27 18:49:08 +00:00
Jordy Rose 55442abee6 Don't warn about unreachable code if the block starts with __builtin_unreachable(). 
The next step is to warn if a block labeled unreachable is, in fact, reachable. Somewhat related to PR810.

llvm-svn: 109487
 2010-07-27 03:39:53 +00:00
Jordy Rose b052e8f436 Groundwork for C string length tracking. Currently only handles the length of constant string literals, which is not too helpful, and only calls to strlen() are checked. 
llvm-svn: 109480
 2010-07-27 01:37:31 +00:00
Tom Care cba9f517ac Added an path-sensitive unreachable code checker to the experimental analyzer checks. 
- Created a new class to do post-analysis
- Updated several test cases with unreachable code to expect a warning
- Added some general tests

llvm-svn: 109286
 2010-07-23 23:04:53 +00:00
Zhongxing Xu 5e6ef6d957 Add FILE* leak check to StreamChecker. Patch by Lei Zhang. 
llvm-svn: 109225
 2010-07-23 14:14:59 +00:00
Zhongxing Xu f0c133fe88 This patch adds support for tmpfile in StreamChecker. Patch by Lei Zhang. 
llvm-svn: 109106
 2010-07-22 14:01:01 +00:00
Zhongxing Xu cf144c6322 fix test case. 
llvm-svn: 108671
 2010-07-19 02:06:14 +00:00
Zhongxing Xu ec5623570e Add double close check to StreamChecker. Patch by Lei Zhang. 
llvm-svn: 108669
 2010-07-19 01:52:29 +00:00
Ted Kremenek b32964d02d Fix '<rdar://problem/8202272> __imag passed non-complex should not crash' by removing a bogus assertion. 
llvm-svn: 108602
 2010-07-17 01:28:55 +00:00
Ted Kremenek 8b9fd890e3 Fix APFloat assertion failure in IdempotentOperationChecker resulting in having 
an APFloat with different "float semantics" than the compared float literal.

llvm-svn: 108590
 2010-07-17 00:40:32 +00:00
Tom Care 826e6b4023 Improved false positive rate for the idempotent operations checker and moved it into the default path-sensitive analysis options. 
- Added checks for static local variables, self assigned parameters, and truncating/extending self assignments
- Removed command line option (now default with --analyze)
- Updated test cases to pass with idempotent operation warnings

llvm-svn: 108550
 2010-07-16 20:41:41 +00:00
Chris Lattner 33919e7450 fix PR7280 by making the warning on code like this: 
int test1() {
  return;
}

default to an error.

llvm-svn: 108108
 2010-07-11 23:34:02 +00:00
Jordy Rose d5d2e50f3e Cleanup in CStringChecker. Now properly bifurcates the state for zero/nonzero sizes. 
llvm-svn: 107935
 2010-07-08 23:57:29 +00:00
Jordy Rose 65136fb669 Add memcmp() and bcmp() to CStringChecker. These check for valid access to the buffer arguments and have a special-case for when the buffer arguments are known to be the same address, or when the size is zero. 
llvm-svn: 107761
 2010-07-07 08:15:01 +00:00
Jordy Rose 33c829a6fd Cleanup on CStringChecker and its associated tests. Also check for null arguments...which are allowed if the access length is 0! 
llvm-svn: 107759
 2010-07-07 07:48:06 +00:00
Chris Lattner 3956106543 implement PR7569, warning about assignment to null, which 
people seem to write when they want a deterministic trap.
Suggest instead that they use a volatile pointer or 
__builtin_trap.

llvm-svn: 107756
 2010-07-07 06:14:23 +00:00
Tom Care 49f1e908b2 Fix idempotent operations test command line arguments. 
llvm-svn: 107735
 2010-07-06 23:47:26 +00:00
Jordy Rose 134a236a14 Add a new path-sensitive checker for functions in <string.h>, for both null-terminated strings and memory blocks. Currently only checks memcpy(), memmove(), and bcopy(), but this is intended to be expanded soon. 
llvm-svn: 107722
 2010-07-06 23:11:01 +00:00
Tom Care 3ff08a8e76 Added a path-sensitive idempotent operation checker (-analyzer-idempotent-operation). Finds idempotent and/or tautological operations in a path sensitive context, flagging operations that have no effect or a predictable effect. 
Example:
{
int a = 1;
int b = 5;
int c = b / a; // a is 1 on all paths
}

- New IdempotentOperationChecker class
- Moved recursive Stmt functions in r107675 to IdempotentOperationChecker
- Minor refactoring of SVal to allow checking for any integer
- Added command line option for check
- Added basic test cases

llvm-svn: 107706
 2010-07-06 21:43:29 +00:00
Jordy Rose 4c0a919732 Oops, tabs --> spaces in test. 
llvm-svn: 107634
 2010-07-06 02:42:09 +00:00
Jordy Rose 40c5c24c06 Improve NULL-checking for CFRetain/CFRelease. We now remember that the argument was non-NULL, and we report where the null assumption came from (like AttrNonNullChecker already did). 
llvm-svn: 107633
 2010-07-06 02:34:42 +00:00
Jordy Rose 0704a7fe43 Support sizeof for VLA expressions (sizeof(someVLA)). sizeof(int[n]) still unimplemented. A VLA region's sizeof value matches its extent. 
llvm-svn: 107611
 2010-07-05 04:42:43 +00:00
Jordy Rose e6b999bf9a Track extents for VLAs. 
llvm-svn: 107603
 2010-07-05 00:50:15 +00:00
Jordy Rose 674bd55f02 Add a new symbol type, SymbolExtent, to represent the extents of memory regions that may not be known at compile-time (such as those created by malloc). This replaces the old setExtent/getExtent API on Store, which used the GRState's GDM to store SVals. 
Also adds a getKnownValue() method to SValuator, which gets the integer value of an SVal if it is known to only have one possible value. There are more places in the code that could be using this, but in general we want to be dealing entirely in SVals, so its usefulness is limited.

The only visible functionality change is that extents are now honored for any DeclRegion, such as fields and Objective-C ivars, rather than just variables. This shows up in bounds-checking and cast-size-checking.

llvm-svn: 107577
 2010-07-04 00:00:41 +00:00
Ted Kremenek bd862711fd Fix PR 7475 by enhancing the static analyzer to also invalidate bindings for non-static global variables 
when calling a function/method whose impact on global variables we cannot accurately estimate.
This change introduces two new MemSpaceRegions that divide up the memory space of globals, and causes
RegionStore and BasicStore to consult a binding to the NonStaticGlobalsMemSpaceRegion when lazily
determining the value of a global.

llvm-svn: 107423
 2010-07-01 20:16:50 +00:00
Argyrios Kyrtzidis 639ffb0c07 Fix rdar://8139785 "implement warning on dead expression in comma operator" 
As a bonus, fix the warning for || and && operators; it was emitted even if one of the operands had side effects, e.g:

x || test_logical_foo1();

emitted a bogus "expression result unused" for 'x'.

llvm-svn: 107274
 2010-06-30 10:53:14 +00:00
Jordy Rose dc48471861 Pointers casted as integers still count as locations to SimpleSValuator, so don't crash if we do a funny thing like ((int)ptr)&1. Fixes PR7527. 
llvm-svn: 107236
 2010-06-30 01:35:20 +00:00
Jordy Rose 61176897ba Pointer comparisons (and pointer-pointer subtraction). Basically filling in SimpleSValuator::EvalBinOpLL(). 
llvm-svn: 106992
 2010-06-28 08:26:15 +00:00
Jordy Rose 7f8ea4d677 Implicitly compare symbolic expressions to zero when they're being used as constraints. Part of PR7491. 
llvm-svn: 106972
 2010-06-27 01:20:56 +00:00
Jordy Rose c3bcc36a0b When a constant size array is casted to another type, its length should be scaled as well. 
llvm-svn: 106911
 2010-06-25 23:23:04 +00:00
Ted Kremenek da42d523cf Add dead stores C++ test case that was previously asserting due to an 
invalid source range for CXXNewExpr.

llvm-svn: 106904
 2010-06-25 22:48:52 +00:00
Ted Kremenek 76abf19ea6 Fix -analyze-display-progress (once again), this time with an additional regression test. 
llvm-svn: 106883
 2010-06-25 20:59:24 +00:00
Benjamin Kramer 9aa0d39443 A bug I've introduced in STDIN handling surfaced a few broken tests, fix them. 
Lexer/hexfloat.cpp is now XFAIL'd, I'd appreciate if someone could look into it.

llvm-svn: 106840
 2010-06-25 12:48:07 +00:00
Zhongxing Xu facf8a8e74 Add check for illegal whence argument of fseek. 
llvm-svn: 106742
 2010-06-24 13:36:41 +00:00