Kristof Umann
8cffa84850
[analyzer][NFC] Prettify some RUN: lines in test files.
...
This is a test commit in disguise.
llvm-svn: 361505
2019-05-23 15:49:04 +00:00
Erik Pilkington
b6e16ea006
[Sema] Add some compile time _FORTIFY_SOURCE diagnostics
...
These diagnose overflowing calls to subset of fortifiable functions. Some
functions, like sprintf or strcpy aren't supported right not, but we should
probably support these in the future. We previously supported this kind of
functionality with -Wbuiltin-memcpy-chk-size, but that diagnostic doesn't work
with _FORTIFY implementations that use wrapper functions. Also unlike that
diagnostic, we emit these warnings regardless of whether _FORTIFY_SOURCE is
actually enabled, which is nice for programs that don't enable the runtime
checks.
Why not just use diagnose_if, like Bionic does? We can get better diagnostics in
the compiler (i.e. mention the sizes), and we have the potential to diagnose
sprintf and strcpy which is impossible with diagnose_if (at least, in languages
that don't support C++14 constexpr). This approach also saves standard libraries
from having to add diagnose_if.
rdar://48006655
Differential revision: https://reviews.llvm.org/D58797
llvm-svn: 356397
2019-03-18 19:23:45 +00:00
Clement Courbet
8c3343dfd5
[Builtins] Treat `bcmp` as a builtin.
...
Summary:
This makes it consistent with `memcmp` and `__builtin_bcmp`.
Also see the discussion in https://reviews.llvm.org/D56593 .
Reviewers: jyknight
Subscribers: kristina, cfe-commits
Tags: #clang
Differential Revision: https://reviews.llvm.org/D58120
llvm-svn: 354023
2019-02-14 12:00:34 +00:00
George Karpenkov
a393e68b27
[analyzer] Move analyzer-eagerly-assume to AnalyzerOptions, enable by default
...
Differential Revision: https://reviews.llvm.org/D51251
llvm-svn: 340963
2018-08-29 20:29:17 +00:00
George Karpenkov
96871864d2
[analyzer] Hopefully fix the ARM buildbot.
...
llvm-svn: 328913
2018-03-31 02:17:15 +00:00
Dominic Chen
184c6242fa
Reland 4: [analyzer] NFC: Update test infrastructure to support multiple constraint managers
...
Summary: Replace calls to %clang/%clang_cc1 with %clang_analyze_cc1 when invoking static analyzer, and perform runtime substitution to select the appropriate constraint manager, per D28952.
Reviewers: xazax.hun, NoQ, zaks.anna, dcoughlin
Subscribers: mgorny, rgov, mikhail.ramalho, a.sidorin, cfe-commits
Differential Revision: https://reviews.llvm.org/D30373
llvm-svn: 296895
2017-03-03 18:02:02 +00:00
Dominic Chen
09d66f7528
Revert "Reland 3: [analyzer] NFC: Update test infrastructure to support multiple constraint managers"
...
This reverts commit ea36f1406e1f36bf456c3f3929839b024128e468.
llvm-svn: 296841
2017-03-02 23:30:53 +00:00
Dominic Chen
feaf9ff5ee
Reland 3: [analyzer] NFC: Update test infrastructure to support multiple constraint managers
...
Summary: Replace calls to %clang/%clang_cc1 with %clang_analyze_cc1 when invoking static analyzer, and perform runtime substitution to select the appropriate constraint manager, per D28952.
Reviewers: xazax.hun, NoQ, zaks.anna, dcoughlin
Subscribers: mgorny, rgov, mikhail.ramalho, a.sidorin, cfe-commits
Differential Revision: https://reviews.llvm.org/D30373
llvm-svn: 296837
2017-03-02 23:05:45 +00:00
Dominic Chen
4a90bf8c3f
Revert "Reland 2: [analyzer] NFC: Update test infrastructure to support multiple constraint managers"
...
This reverts commit f93343c099fff646a2314cc7f4925833708298b1.
llvm-svn: 296836
2017-03-02 22:58:06 +00:00
Dominic Chen
1cb0256a3c
Reland 2: [analyzer] NFC: Update test infrastructure to support multiple constraint managers
...
Summary: Replace calls to %clang/%clang_cc1 with %clang_analyze_cc1 when invoking static analyzer, and perform runtime substitution to select the appropriate constraint manager, per D28952.
Reviewers: xazax.hun, NoQ, zaks.anna, dcoughlin
Subscribers: mgorny, rgov, mikhail.ramalho, a.sidorin, cfe-commits
Differential Revision: https://reviews.llvm.org/D30373
llvm-svn: 296835
2017-03-02 22:45:24 +00:00
Dominic Chen
00355a51d0
Revert "Reland: [analyzer] NFC: Update test infrastructure to support multiple constraint managers"
...
This reverts commit 1b28d0b10e1c8feccb971abb6ef7a18bee589830.
llvm-svn: 296422
2017-02-28 01:50:23 +00:00
Dominic Chen
59cd893320
Reland: [analyzer] NFC: Update test infrastructure to support multiple constraint managers
...
Summary: Replace calls to %clang/%clang_cc1 with %clang_analyze_cc1 when invoking static analyzer, and perform runtime substitution to select the appropriate constraint manager, per D28952.
Reviewers: xazax.hun, NoQ, zaks.anna, dcoughlin
Subscribers: mgorny, rgov, mikhail.ramalho, a.sidorin, cfe-commits
Differential Revision: https://reviews.llvm.org/D30373
llvm-svn: 296414
2017-02-28 00:02:36 +00:00
Dominic Chen
8589e10c30
Revert "[analyzer] NFC: Update test infrastructure to support multiple constraint managers"
...
This reverts commit 8e7780b9e59ddaad1800baf533058d2c064d4787.
llvm-svn: 296317
2017-02-27 03:29:25 +00:00
Dominic Chen
02064a3076
[analyzer] NFC: Update test infrastructure to support multiple constraint managers
...
Summary: Replace calls to %clang/%clang_cc1 with %clang_analyze_cc1 when invoking static analyzer, and perform runtime substitution to select the appropriate constraint manager, per D28952.
Reviewers: xazax.hun, NoQ, zaks.anna, dcoughlin
Subscribers: mgorny, rgov, mikhail.ramalho, a.sidorin, cfe-commits
Differential Revision: https://reviews.llvm.org/D30373
llvm-svn: 296312
2017-02-27 02:36:15 +00:00
Anna Zaks
2d2f137ed4
[analyzer] Make CStringChecker correctly calculate return value of mempcpy
...
The return value of mempcpy is only correct when the destination type is
one byte in size. This patch casts the argument to a char* so the
calculation is also correct for structs, ints etc.
A patch by Daniel Fahlgren!
llvm-svn: 219024
2014-10-03 21:48:54 +00:00
Ted Kremenek
722398f1d4
Fix analyzer tests.
...
llvm-svn: 162588
2012-08-24 20:39:55 +00:00
Jordy Rose
6d5a8caac3
[analyzer] Convert many existing tests to use clang_analyzer_eval.
...
llvm-svn: 156920
2012-05-16 16:01:10 +00:00
Anna Zaks
b3b56bb960
[analyzer] CString Checker: Do not split the path unless the user
...
specifically checks for equality to null.
Enforcing this general practice, which keeps the analyzer less
noisy, in the CString Checker. This change suppresses "Assigned value is
garbage or undefined" warning in the added test case.
llvm-svn: 156085
2012-05-03 18:21:28 +00:00
Anna Zaks
0cdce4df76
[analyzer] Turn on by default the Malloc Checker and a couple of CString
...
checks:
- unix.Malloc - Checks for memory leaks, double free, use-after-free.
- unix.cstring.NullArg - Checks for null pointers passed as arguments to
CString functions + evaluates CString functions.
- unix.cstring.BadSizeArg - Checks for common anti-patterns in
strncat size argument.
llvm-svn: 150988
2012-02-20 21:10:37 +00:00
Anna Zaks
e0c7c27473
[analyzer] Allow each CString check to be enabled/disabled
...
separately.
llvm-svn: 149947
2012-02-07 00:56:14 +00:00
Anna Zaks
87b6ff09f9
[analyzer] Add checks for common anti-patterns in strncat.
...
(Since this is syntax only, might be a good candidate for turning into a
compiler warning.)
llvm-svn: 149407
2012-01-31 19:33:39 +00:00
Ted Kremenek
3f955e6d89
[analyzer] rename all experimental checker packages to have 'experimental' be the common root package.
...
llvm-svn: 136835
2011-08-03 23:14:55 +00:00
Jordy Rose
dceb0cf3f3
[analyzer] Eliminate "byte string function" from CStringChecker's diagnostics, and make it easier to provide custom messages for overflow checking, in preparation for re-enabling strncpy checking.
...
llvm-svn: 133406
2011-06-20 02:06:40 +00:00
Jordy Rose
bc7483f505
[analyzer] CStringChecker checks functions in the C standard library, not C++. Its external name is now unix.experimental.CString.
...
llvm-svn: 132958
2011-06-14 01:40:43 +00:00
Jordy Rose
097c5397a8
[analyzer] Don't crash when copying an unknown number of bytes with memcpy(). Also handle all memcpy-family return values in evalCopyCommon(), rather than having some outside and some inside.
...
llvm-svn: 132617
2011-06-04 01:47:27 +00:00
Jordy Rose
63b84be6cb
[analyzer] Fix handling of "copy zero bytes" for memcpy and friends.
...
llvm-svn: 132607
2011-06-04 00:04:22 +00:00
Jordy Rose
aee7fb9e64
[analyzer] __mempcpy_chk is the same as mempcpy (at least to CStringChecker)
...
llvm-svn: 132605
2011-06-03 23:42:56 +00:00
Argyrios Kyrtzidis
a9b630e4d7
Emit a -Wnull-dereference warning for "*null" not just "*null = something". Addresses rdar://9269271.
...
llvm-svn: 130207
2011-04-26 17:41:22 +00:00
Chris Lattner
57540c5be0
fix a bunch of comment typos found by codespell. Patch by
...
Luis Felipe Strano Moraes!
llvm-svn: 129559
2011-04-15 05:22:18 +00:00
Lenny Maiorani
79d74141b1
Adding Static Analyzer checker for mempcpy().
...
Models mempcpy() so that if length is NULL the destination pointer is returned. Otherwise, the source and destination are confirmed not to be NULL and not overlapping. Finally the copy is validated to not cause a buffer overrun and the return value is bound to the address of the byte after the last byte copied.
llvm-svn: 128677
2011-03-31 21:36:53 +00:00
Ted Kremenek
49c79790de
Rework checker "packages" and groups to be more hierarchical.
...
llvm-svn: 128187
2011-03-24 00:28:47 +00:00
Argyrios Kyrtzidis
9eb02dfa89
[analyzer] Remove '-analyzer-check-objc-mem' flag, the nominee for best misnomer award.
...
llvm-svn: 126676
2011-02-28 19:49:42 +00:00
Argyrios Kyrtzidis
2c49ec7f1d
[analyzer] Migrate NSErrorChecker and DereferenceChecker to CheckerV2.
...
They cooperate in that NSErrorChecker listens for ImplicitNullDerefEvent events that
DereferenceChecker can dispatch.
ImplicitNullDerefEvent is when we dereferenced a location that may be null.
llvm-svn: 126659
2011-02-28 17:36:18 +00:00
Argyrios Kyrtzidis
21c9423ef4
[analyzer] Remove '-analyzer-experimental-checks' flag.
...
llvm-svn: 126607
2011-02-28 01:26:43 +00:00
Argyrios Kyrtzidis
2d3905ffac
[analyzer] Use the new registration mechanism on some of the experimental checks. These are:
...
CStringChecker
ChrootChecker
MallocChecker
PthreadLockChecker
StreamChecker
UnreachableCodeChecker
MallocChecker creates implicit dependencies between checkers and needs to be handled differently.
llvm-svn: 125598
2011-02-15 21:25:03 +00:00
Jordy Rose
722f558f07
Model the effects of strcpy() and stpcpy() in CStringChecker. Other changes:
...
- Fix memcpy() and friends to actually invalidate the destination buffer.
- Emit a different message for out-of-bounds buffer accesses if the buffer is being written to.
- When conjuring symbols, let ValueManager figure out the type.
llvm-svn: 111120
2010-08-16 07:51:42 +00:00
Jordy Rose
afdb053618
When checking if a buffer access is valid, first make sure the buffer has a valid Loc. Fixes PR7830.
...
llvm-svn: 110390
2010-08-05 23:11:30 +00:00
Tom Care
29a6250bf0
Added some false positive checking to UnreachableCodeChecker
...
- Allowed reporting of dead macros
- Added path walking function to search for false positives in conditional statements
- Updated some affected tests
- Added some false positive test cases
llvm-svn: 109561
2010-07-27 23:30:21 +00:00
Tom Care
cba9f517ac
Added an path-sensitive unreachable code checker to the experimental analyzer checks.
...
- Created a new class to do post-analysis
- Updated several test cases with unreachable code to expect a warning
- Added some general tests
llvm-svn: 109286
2010-07-23 23:04:53 +00:00
Jordy Rose
d5d2e50f3e
Cleanup in CStringChecker. Now properly bifurcates the state for zero/nonzero sizes.
...
llvm-svn: 107935
2010-07-08 23:57:29 +00:00
Jordy Rose
65136fb669
Add memcmp() and bcmp() to CStringChecker. These check for valid access to the buffer arguments and have a special-case for when the buffer arguments are known to be the same address, or when the size is zero.
...
llvm-svn: 107761
2010-07-07 08:15:01 +00:00
Jordy Rose
33c829a6fd
Cleanup on CStringChecker and its associated tests. Also check for null arguments...which are allowed if the access length is 0!
...
llvm-svn: 107759
2010-07-07 07:48:06 +00:00
Jordy Rose
134a236a14
Add a new path-sensitive checker for functions in <string.h>, for both null-terminated strings and memory blocks. Currently only checks memcpy(), memmove(), and bcopy(), but this is intended to be expanded soon.
...
llvm-svn: 107722
2010-07-06 23:11:01 +00:00