c517974e9e
Add test case for <rdar://problem/7770737>.
...
llvm-svn: 98979
2010-03-19 19:45:03 +00:00
c342c9c001
Refactor argument checking in CallAndMessageChecker to be the same
...
for both CallExprs and ObjCMessageExprs.
llvm-svn: 98800
2010-03-18 03:22:29 +00:00
9c05f4ef69
Detect pass-by-value arguments that are structs that contain
...
uninitialized data.
llvm-svn: 98796
2010-03-18 02:17:27 +00:00
e174fda979
Tweak dead stores checker to not emit a warning when initialization
...
a scalar variable with a scalar parameter. This is a
form of defensive programming. If the variable is unused,
it will be caused by -Wunused-variable.
llvm-svn: 98795
2010-03-18 01:22:39 +00:00
1bb6a1a593
Add use-after-free check to MallocChecker.
...
llvm-svn: 98136
2010-03-10 04:58:55 +00:00
575398e29b
When computing in AnalysisContext the variables referenced
...
by a block, also look at the contained blocks.
llvm-svn: 98111
2010-03-10 00:18:11 +00:00
5cb8d9d40f
When profiling Environment, also profile with AnalysisContext*, bacause
...
we now may have identical states with different analysis context.
Set the right AnalysisContext in state when entering and leaving a callee.
With both of the above changes, we can pass the test case.
llvm-svn: 97724
2010-03-04 09:04:52 +00:00
6b11b4e050
Add comments to test case.
...
llvm-svn: 97619
2010-03-03 01:02:48 +00:00
d497e126cb
Register all parameters even if they didn't occur in the function body.
...
We may query their liveness because they are added to store when passing
argument values.
llvm-svn: 97562
2010-03-02 10:08:30 +00:00
e334bb1a66
Add test case for inlining call analysis.
...
llvm-svn: 97300
2010-02-27 02:44:37 +00:00
d98d22b9af
Enhance the unused ivar checker to not consider an ivar to be accidentally unused
...
when it is explicitly marked as unused via __attribute__((unused)).
llvm-svn: 97104
2010-02-25 03:26:55 +00:00
8cf9eeb519
Remove test case dependancy on platform headers.
...
llvm-svn: 97088
2010-02-25 01:16:07 +00:00
d55522f02e
Add UnixAPIChecker, a meta checker to include various precondition checks for calls
...
to various unix/posix functions, e.g. 'open()'.
As a first check, check that when 'open()' is passed 'O_CREAT' that it has
a third argument.
llvm-svn: 97086
2010-02-25 00:20:35 +00:00
b4331a9908
Dead emit dead store warnings when assigning nil to an ObjC object
...
pointer (for defensive programming). This matches the behavior with
assigning NULL to a regular pointer. Fixes <rdar://problem/7631278>.
llvm-svn: 96985
2010-02-23 21:19:33 +00:00
e3c26d8f7e
Add test case for <rdar://problem/7242010>, which appears to have been fixed
...
in the recent changes to RegionStore::InvalidateRegions(). Note that we
are still not yet modeling 'memcpy()' explicitly.
llvm-svn: 96902
2010-02-23 07:17:57 +00:00
1fcc56c57a
Recognize attributes ns_returns_not_retained and cf_returns_not_retained
...
in the static analyzer.
llvm-svn: 96539
2010-02-18 00:06:12 +00:00
3eac2454dc
Add test case showing that a recursive block that captures a block pointer that
...
isn't marked '__block' is bad.
llvm-svn: 96357
2010-02-16 16:55:10 +00:00
228639746a
Add simpler checker to check if variables captured by a block are uninitialized.
...
llvm-svn: 96341
2010-02-16 08:33:59 +00:00
be36ecbb60
Fix pr6293. If ptr is NULL, no operation is preformed.
...
llvm-svn: 96154
2010-02-14 06:49:48 +00:00
1a6672a3d4
Enhance RegionStore::InvalidateRegions() to correctly invalidate bindings
...
by scanning through the values of LazyCompoundVals.
llvm-svn: 96067
2010-02-13 01:52:33 +00:00
499b4e3387
Fix lookup of fields from lazy bindings to check if the region is
...
NULL, not the store, to determine if a lookup succeeded. The store
can be null if it contained no bindings. This fixes a false positive
reported to me by a user of the analyzer.
llvm-svn: 95679
2010-02-09 19:11:53 +00:00
000a859f05
Add support for binding and retrieving VarRegions in flat store.
...
llvm-svn: 95529
2010-02-08 05:40:07 +00:00
bdfcacbe8f
Also teach RegionStore::RetrieveVar() to handle 'static' pointers that are implicitly initialized to NULL.
...
llvm-svn: 95479
2010-02-06 04:04:46 +00:00
30fe9ecac2
Fix regression in RegionStore (from BasicStore) where static variables were not treated as being implicitly initialized to 0 (and instead were getting symbolicated).
...
llvm-svn: 95478
2010-02-06 03:57:59 +00:00
5abd69d946
Teach RegionStore::InvalidateRegions() to also invalidate static variables referenced by blocks.
...
llvm-svn: 95459
2010-02-06 00:30:00 +00:00
94e6d98cae
Add test case showing the analyzer invalidates '__block' variables when the block is passed as an argument to an ObjC method.
...
llvm-svn: 95366
2010-02-05 06:10:46 +00:00
2f2692f8ca
Rename -cc1 option '-checker-cfref' to '-analyzer-check-objc-mem'.
...
llvm-svn: 95348
2010-02-05 02:06:54 +00:00
b6e400c87c
Rename -cc1 option '-warn-objc-missing-dealloc' to '-analyzer-check-objc-missing-dealloc'.
...
llvm-svn: 95347
2010-02-05 01:59:21 +00:00
61b506aa8f
Rename -cc1 option '-warn-objc-methodsigs' to '-analyzer-check-objc-methodsigs'.
...
llvm-svn: 95346
2010-02-05 01:57:44 +00:00
2d8ef71ae6
Rename -cc1 option '-warn-objc-unused-ivars' to '-analyzer-check-objc-unused-ivars'.
...
llvm-svn: 95345
2010-02-05 01:55:01 +00:00
d519b83757
Rename -cc1 option '-warn-dead-stores' to '-analyzer-check-dead-stores'.
...
llvm-svn: 95343
2010-02-05 01:52:40 +00:00
ec5b3d45c1
Rename -cc1 option '-warn-security-syntactic' to '-analyzer-check-security-syntactic'.
...
llvm-svn: 95342
2010-02-05 01:50:36 +00:00
fc8dbdf3c7
Add assorted test cases from PR 4172.
...
llvm-svn: 95297
2010-02-04 07:25:56 +00:00
49f878524c
Specially handle casts to 'void' in AdjustedReturnValueChecker.
...
llvm-svn: 95287
2010-02-04 04:18:55 +00:00
1e3b95580c
static analyzer: handle casts of a function to a function pointer with
...
a different return type. While we don't emit any errors (yet), at
least we avoid cases where we might crash because of an assertion
failure later on (when the return type differs from what is expected).
llvm-svn: 95268
2010-02-04 00:47:48 +00:00
d960564b76
Fix regression in RegionStore due to recent changes in
...
RegionStoreManager::InvalidateRegions() by adjusting the worklist to
iterate over BindingKeys instead of MemRegions. We also only need to
do the actual invalidation work on base regions, and for non-base
regions just blow away their bindings.
llvm-svn: 95200
2010-02-03 04:16:00 +00:00
416b923786
Explicitly check for casts to double or complex types instead of possibly asserting in SValuator.
...
llvm-svn: 95128
2010-02-02 21:11:40 +00:00
fab459fc95
Fix bug in GRExprEngine::VisitSizeOfAlignOfExpr() where we do not add
...
'Pred' to 'Dst' for cases we currently don't handle. This fixes
<rdar://problem/7593875>.
llvm-svn: 95048
2010-02-02 02:01:51 +00:00
e36bceb97d
Teach RegionStore to handle initialization of incomplete arrays in structures using a compound value. Fixes <rdar://problem/7515938>.
...
llvm-svn: 94622
2010-01-26 23:51:00 +00:00
0978af83b3
Insulate these from changes to the default for -Wunreachable-code.
...
llvm-svn: 94326
2010-01-23 20:12:18 +00:00
7872d4df93
Add test case.
...
llvm-svn: 93874
2010-01-19 12:11:55 +00:00
228b0d4def
Add support for computing size in elements for symbolic regions obtained from
...
malloc().
llvm-svn: 93722
2010-01-18 08:54:31 +00:00
5fcd99b10f
Add test case for pr6069.
...
llvm-svn: 93708
2010-01-18 04:01:40 +00:00
abf6ba1612
Don't suggest the developer use 'arc4random' instead of 'rand' when that function is not available. Fixes PR 6012.
...
llvm-svn: 93508
2010-01-15 08:20:31 +00:00
d74cc397c8
Teach BugReporter to "escape" the occurance of '%' characters in diagnostic messages when emitted results to the standard Diagnostics output. Fixes PR 6033.
...
llvm-svn: 93507
2010-01-15 07:56:51 +00:00
91df0ec92c
Simplify test case. This test case also applies to PR 6013.
...
llvm-svn: 93444
2010-01-14 19:47:50 +00:00
b9ad45ab60
Associate test case with Bugzilla PR.
...
llvm-svn: 93440
2010-01-14 19:38:41 +00:00
803ade2532
Fix pr6035.
...
llvm-svn: 93422
2010-01-14 03:45:06 +00:00
faa5417264
implement PR6004, warning about divide and remainder by zero.
...
llvm-svn: 93256
2010-01-12 21:23:57 +00:00
e47550e452
Enhance ScanReachableSymbols::scan(). Now another OSAtomic test case passes.
...
The old test case has a little mistake.
llvm-svn: 93148
2010-01-11 07:40:00 +00:00
cbbf855432
Enhance SVals::getAsRegion: get the region that is converted to an integer.
...
This with previous patch fixes a OSAtomic test case.
llvm-svn: 93146
2010-01-11 06:52:53 +00:00
be909b5eff
Switch RegionStore over to using <BaseRegion+raw offset> to store
...
value bindings. Along with a small change to OSAtomicChecker, this
resolves <rdar://problem/7527292> and resolves some long-standing
issues with how values can be bound to the same physical address by
not have the same "key". This change is only a beginning; logically
RegionStore needs to better handle loads from addresses where the
stored value is larger/smaller/different type than the loaded value.
We handle these cases in an approximate fashion now (via
CastRetrievedVal and help in SimpleSValuator), but it could be made
much smarter.
llvm-svn: 93137
2010-01-11 02:33:26 +00:00
ec144538ae
Make sure this test case tests analyzing both x86_64 and i386 archs.
...
llvm-svn: 93133
2010-01-10 22:31:25 +00:00
9635f6f5ef
Enhance test case.
...
llvm-svn: 93101
2010-01-10 02:52:56 +00:00
c6aa800eb3
Fix overzealous assertion in GRExprEngine::VisitLValue(). A
...
CallExpr/ObjCMessageExpr can be visited in an "lvalue" context if it
returns a struct temporary. Currently the analyzer doesn't reason
about struct temporary returned by function calls, but we shouldn't
crash here either.
llvm-svn: 93081
2010-01-09 22:58:54 +00:00
f9895c48fd
add a bunch of missing prototypes to tests
...
llvm-svn: 93072
2010-01-09 20:43:19 +00:00
9aa01441c3
Fix broken diagnostic when returning the address of a stack-allocated array.
...
llvm-svn: 93071
2010-01-09 20:05:00 +00:00
f1eeb78ffc
When binding an rvalue to a reference, create a temporary object. Use
...
CXXObjectRegion to represent it.
In Environment, lookup a literal expression before make up a value for it.
llvm-svn: 93047
2010-01-09 09:16:47 +00:00
b92304b42f
Fix handling in GRExprEngine of 'default' branch in switch statements
...
when the default case is winnowed down to be infeasible. When all
cases were ruled out (and the analysis state for the default case
would be infeasible) we would still consider the default case
possible. This fixes PR 5969.
llvm-svn: 93017
2010-01-08 18:54:04 +00:00
f22afe32f9
Move test case to a more appropriate file.
...
llvm-svn: 92725
2010-01-05 11:49:21 +00:00
e6a238b1df
Add test case.
...
llvm-svn: 92724
2010-01-05 11:47:58 +00:00
acd71a4562
Make static analysis support for C++ 'this' expression context-sensitive. Essentially treat 'this' as a implicit parameter to the method call, and associate a region with it.
...
llvm-svn: 92675
2010-01-05 02:18:06 +00:00
b0e15df36b
Let constraint manager inform checkers that some assumption logic has happend.
...
Add new states for symbolic regions tracked by malloc checker. This enables us
to do malloc checking more accurately. See test case.
Based on Lei Zhang's patch and discussion.
llvm-svn: 92342
2009-12-31 06:13:07 +00:00
fd97ce6573
Add analyzer test case for 'ForStmt' with condition variable.
...
llvm-svn: 92120
2009-12-24 02:41:19 +00:00
1ce53c4320
CFG tweak: in a WhileStmt, the condition variable initializer is evaluated every time the condition is checked.
...
llvm-svn: 92111
2009-12-24 01:34:10 +00:00
09bc3b7df6
Teach GRExprEngine to handle the initialization of the condition variable of a WhileStmt.
...
llvm-svn: 92106
2009-12-24 00:54:56 +00:00
284d764418
Add test case for PR 4358.
...
llvm-svn: 92103
2009-12-24 00:48:11 +00:00
589493227b
Teach GRExprEngine to handle the initialization of the condition variable of a SwitchStmt.
...
llvm-svn: 92102
2009-12-24 00:40:03 +00:00
a7bcbde814
Add CFG support for the condition variable that can appear in IfStmts in C++ mode.
...
Add transfer function support in GRExprEngine for IfStmts with initialized condition variables.
llvm-svn: 91987
2009-12-23 04:49:01 +00:00
857f41c650
Suppress dead store warnings involving objects initialized with CXXExprTemporaries.
...
llvm-svn: 91986
2009-12-23 04:11:44 +00:00
25e280bf02
Fix PR 5857. When casting from a symbolic region to an integer back to a pointer value, we were not correctly layering the correct ElementRegion on the original SymbolicRegion.
...
llvm-svn: 91981
2009-12-23 02:52:14 +00:00
343b51271d
Also treat the type of the subexpression as a pointer in GRExprEngine::VisitCast when the expression is handled as an lvalue.
...
llvm-svn: 91969
2009-12-23 01:19:20 +00:00
22cc1a8438
Add basic support for analyzing CastExprs as lvalues.
...
llvm-svn: 91952
2009-12-23 00:26:16 +00:00
e19711d223
Add transfer functions support for visiting an Objective-C message expression as an lvalue when the return type is a C++ reference.
...
llvm-svn: 91926
2009-12-22 22:13:46 +00:00
4794801e27
Use the FunctionDecl's result type to know exactly if it returns a reference.
...
llvm-svn: 91751
2009-12-19 03:17:55 +00:00
af1bdd71af
Enhance GRExprEngine::VisitCallExpr() to be used in an lvalue context. Uncovered a new failing test case along the way, but we're making progress on handling C++ references in the analyzer.
...
llvm-svn: 91710
2009-12-18 20:13:39 +00:00
85bcc986d6
Add failing test case for C++ static analysis.
...
llvm-svn: 91578
2009-12-17 01:44:13 +00:00
53b3cde60f
Add abort() as a builtin. This has two effects: one, we warn for incorrect
...
declarations of abort(), and two, we mark it noreturn. Missing the latter
shows up in one of the "embarassing" tests (from the thread on llvmdev
"detailed comparison of generated code size for LLVM and other compilers").
llvm-svn: 91515
2009-12-16 06:28:21 +00:00
4cad5fc035
Add (initial?) static analyzer support for handling C++ references.
...
This change was a lot bigger than I originally anticipated; among
other things it requires us storing more information in the CFG to
record what block-level expressions need to be evaluated as lvalues.
The big change is that CFGBlocks no longer contain Stmt*'s by
CFGElements. Currently CFGElements just wrap Stmt*, but they also
store a bit indicating whether the block-level expression should be
evalauted as an lvalue. DeclStmts involving the initialization of a
reference require us treating the initialization expression as an
lvalue, even though that information isn't recorded in the AST.
Conceptually this change isn't that complicated, but it required
bubbling up the data through the CFGBuilder, to GRCoreEngine, and
eventually to GRExprEngine.
The addition of CFGElement is also useful for when we want to handle
more control-flow constructs or other data we want to keep in the CFG
that isn't represented well with just a block of statements.
In GRExprEngine, this patch introduces logic for evaluating the
lvalues of references, which currently retrieves the internal "pointer
value" that the reference represents. EvalLoad does a two stage load
to catch null dereferences involving an invalid reference (although
this could possibly be caught earlier during the initialization of a
reference).
Symbols are currently symbolicated using the reference type, instead
of a pointer type, and special handling is required creating
ElementRegions that layer on SymbolicRegions (see the changes to
RegionStoreManager).
Along the way, the DeadStoresChecker also silences warnings involving
dead stores to references. This was the original change I introduced
(which I wrote test cases for) that I realized caused GRExprEngine to
crash.
llvm-svn: 91501
2009-12-16 03:18:58 +00:00
8fbe78f6fc
Update tests to use %clang_cc1 instead of 'clang-cc' or 'clang -cc1'.
...
- This is designed to make it obvious that %clang_cc1 is a "test variable"
which is substituted. It is '%clang_cc1' instead of '%clang -cc1' because it
can be useful to redefine what gets run as 'clang -cc1' (for example, to set
a default target).
llvm-svn: 91446
2009-12-15 20:14:24 +00:00
29f3808667
Until we can make the dead stores checker smarter, dont' emit dead store warnings for C++ objects (whose constructors/destructors have possible side-effects).
...
llvm-svn: 91412
2009-12-15 04:12:12 +00:00
814c416636
Fix: <rdar://problem/7468209> SymbolManager::isLive() should not crash on captured block variables that are passed by reference
...
llvm-svn: 91348
2009-12-14 22:15:06 +00:00
27f686f8ec
Replace clang-cc with clang -cc1.
...
llvm-svn: 91272
2009-12-14 06:34:20 +00:00
c0484fa611
Add initial support for realloc() in MallocChecker.
...
llvm-svn: 91216
2009-12-12 12:29:38 +00:00
f6d9cebafd
Enhance understanding of VarRegions referenced by a block whose declarations are outside the current stack frame. Fixes <rdar://problem/7462324>.
...
llvm-svn: 91107
2009-12-11 06:43:27 +00:00
8573913760
Fix null dereference in OSAtomicChecker and special case SymbolicRegions. We still aren't handling them correctly; I've added to failing test cases to test/Analysis/NSString-failed-cases.m that should pass and then be merged in to test/Analysis/NSString.m.
...
llvm-svn: 90993
2009-12-09 23:29:55 +00:00
1d153328be
OSAtomic simulation: use the original region as the location to load from,
...
instead of the ElementRegion obtained from casts.
Test cast: the leak cannot occur bacause the true branch cannot be taken.
llvm-svn: 90964
2009-12-09 08:32:57 +00:00
39644a62f9
Add notes to a test case.
...
llvm-svn: 90947
2009-12-09 04:22:30 +00:00
32c32892f7
Fix a horrid bug in GRExprEngine::CheckerVisit() that was identified
...
by the test case in PR 5627. Essentially we shouldn't clear the
ExplodedNodeSet where we deposit newly constructed nodes if that set
is the 'Dst' set passed in. It is not okay to clear that set because
it may already contain nodes.
llvm-svn: 90931
2009-12-09 02:45:41 +00:00
efd9ae8a85
Add test case for mktemp. Patch by Lei Zhang.
...
llvm-svn: 90706
2009-12-06 12:45:46 +00:00
2a3dbb5749
Add another blocks test case illustrating how parameters passed-by-reference in block invocations are invalidated (just like function calls).
...
llvm-svn: 90466
2009-12-03 18:29:20 +00:00
5bee5c4ff0
Add value invalidation logic for block-captured variables. Conceptually invoking a block (without specific reasoning of what the block does) can invalidate any value to it by reference when the block was created.
...
llvm-svn: 90431
2009-12-03 08:25:47 +00:00
f66b72094a
Add a heuristic to the dead stores checker to prune dead stores for variables annotated with '__block'. This is overly conservative, but now the analyzer doesn't report dead stores for variables that can be updated by a block call.
...
llvm-svn: 90364
2009-12-03 00:46:16 +00:00
733a3e6104
Added dead-stores test cases that involve the use of blocks.
...
llvm-svn: 90277
2009-12-01 23:04:14 +00:00
b2dc72d2d0
Add new test case file that focuses on testing analyzer support for blocks.
...
llvm-svn: 90274
2009-12-01 22:47:46 +00:00
4e7596cc3a
Normalize options to use '-FOO' instead of '--FOO'.
...
llvm-svn: 90071
2009-11-29 09:33:10 +00:00
2350e0c3ba
Improve diagnostics in ReturnStackAddressChecker for returning a stack-allocated block. Implements the rest of <rdar://problem/7387385>.
...
llvm-svn: 89940
2009-11-26 07:14:50 +00:00
e5d8dd808e
Add test case that shows that dead stores checking now works in the presence of blocks.
...
llvm-svn: 89939
2009-11-26 06:55:36 +00:00
f89dcdaf19
Add a PostVisitBlockExpr() method to RetainReleaseChecker to query for
...
the set of variables "captured" by a block. Until the analysis gets
more sophisticated, for now we stop the retain count tracking of any
objects (transitively) referenced by these variables.
llvm-svn: 89929
2009-11-26 02:38:19 +00:00
e6a2780c96
Add really basic support for blocks in the retain/release checker. For now, anytime we pass a tracked object to a block call we stop tracking it.
...
llvm-svn: 89831
2009-11-25 01:35:18 +00:00
239b930ae1
Convert test case to FileCheck to test the behavior of the nil-receiver checker when the code is targetted for either Tiger or Leopard.
...
llvm-svn: 89810
2009-11-24 22:56:53 +00:00
1fc1f20efd
For the nil-receiver checker, take into account the behavioral changes that got introduced in Mac OS X 10.5 and later, notably return values of double, float, etc., will not be garbage. Fixes <rdar://problem/6829160>.
...
llvm-svn: 89809
2009-11-24 22:48:18 +00:00
005e8a06f2
Cleanups and fixes to the nil-receiver checker, some of it fallout the
...
initial transition of the nil-receiver checker to the Checker
interface as done in r89745. Some important changes include:
1) We consolidate the BugType object used for nil receiver bug
reports, and don't include the type of the returned value in the
BugType (which would be wrong if a nil receiver bug was reported more
than once)
2) Added a new (temporary) flag to CheckerContext: DoneEvauating.
This is used by GRExprEngine when evaluating message expressions to
not continue evaluating the message expression if this flag is set.
This flag is currently set by the nil receiver checker. This is an
intermediate solution to allow the nil-receiver checker to properly
work as a plug-in outside of GRExprEngine. Basically, this flag
indicates that the entire message expression has been evaluated, not
just a precondition (which is what the nil-receiver checker does).
This flag *should not* be repurposed for general use, but just to pull
more things out of GRExprEngine that already in there as we devise a
better interface in the Checker class.
3) Cleaned up the logic in the nil-receiver checker, making the
control-flow a lot easier to read.
llvm-svn: 89804
2009-11-24 21:41:28 +00:00
c0229557dd
Enhance null dereference diagnostics by indicating what variable (if any) was dereferenced. Addresses <rdar://problem/7039161>.
...
llvm-svn: 89726
2009-11-24 01:33:10 +00:00
02d6aca867
Tweak UndefBranchChecker to register the most nested "undefined" expression with bugreporter::registerTrackNullOrUndefValue instead of the condition itself.
...
llvm-svn: 89682
2009-11-23 18:12:03 +00:00
0afc555196
Make 'SEL' pointer to a builtin type and not an
...
objective-c pointer type. This was a serious mishap and
luckily, Ted's test caught that (and patch fixes the test case).
llvm-svn: 89680
2009-11-23 18:04:25 +00:00
d4dca6fde6
Cleanup title/description of "undefined branch" BugType and add some test cases for this check.
...
llvm-svn: 89679
2009-11-23 17:58:48 +00:00
12b64959ce
Change CheckDeadStores to use Expr::isNullPointerConstant, which will correctly determine whether an expression is a null pointer constant.
...
Patch by Kovarththanan Rajaratnam!
llvm-svn: 89621
2009-11-22 20:26:21 +00:00
252ba5fb6f
This patch implements objective-c's 'SEL' type as a built-in
...
type and fixes a long-standing code gen. crash reported in
at least two PRs and a radar. (radar 7405040 and pr5025).
There are couple of remaining issues that I would like for
Ted. and Doug to look at:
Ted, please look at failure in Analysis/MissingDealloc.m.
I have temporarily added an expected-warning to make the
test pass. This tests has a declaration of 'SEL' type which
may not co-exist with the new changes.
Doug, please look at a FIXME in PCHWriter.cpp/PCHReader.cpp.
I think the changes which I have ifdef'ed out are correct. They
need be considered for in a few Indexer/PCH test cases.
llvm-svn: 89561
2009-11-21 19:53:08 +00:00
775d9c149d
Add RegionStore test case that shows that floating point values are also implicitly tracked for undefined values. (test case for <rdar://problem/6811085>).
...
llvm-svn: 89538
2009-11-21 02:52:12 +00:00
f3febe4bdc
Add another test case to show the precision of RegionStore over
...
BasicStore. In this example, BasicStore would lose information about
the pointer in path after '*path++', causing the analyzer to falsely
flag a null dereference. This addresses <rdar://problem/7191542>.
llvm-svn: 89533
2009-11-21 02:17:47 +00:00
caf2c51fad
Pull BadCallChecker int UndefinedArgChecker, and have UndefinedArgChecker also handled undefined receivers in message expressions.
...
llvm-svn: 89524
2009-11-21 01:25:37 +00:00
f7adea43b4
More checker refactoring. Passing undefined values in a message expression is now handled by UndefinedArgChecker.
...
llvm-svn: 89519
2009-11-21 00:49:41 +00:00
a4f7c180ae
Add simple static analyzer checker to check for sending 'release', 'retain', etc. directly to a class. Fixes <rdar://problem/7252064>.
...
llvm-svn: 89449
2009-11-20 05:27:05 +00:00
c1f161c012
Unused ivar checker: ivars referenced by lexically nested functions should not be flagged as unused. Fixes <rdar://problem/7254495>.
...
llvm-svn: 89448
2009-11-20 04:31:57 +00:00
a96d02c76b
Really fix test case.
...
llvm-svn: 89430
2009-11-20 01:20:12 +00:00
4b412f51df
Fix test case.
...
llvm-svn: 89429
2009-11-20 01:19:22 +00:00
dd2b2b23c8
Fix null dereference in NSAutoreleasePoolChecker when analyzing messages sent to blocks.
...
llvm-svn: 89413
2009-11-20 00:12:36 +00:00
439a6d146c
Fix crash when using --analyzer-store=region when handling initializers with nested arrays/structs whose values are not explicitly specified. Fixes <rdar://problem/7403269>.
...
llvm-svn: 89384
2009-11-19 20:20:24 +00:00
484afa2d3b
Switch -f{builtin,math-errno,rtti} and -analyzer-purge-dead to -...no... variants instead of using llvm: 🆑 :init(true) arguments.
...
llvm-svn: 89315
2009-11-19 04:55:23 +00:00
f6e32e4abe
Drop unnecessary #include.
...
llvm-svn: 89154
2009-11-17 22:25:16 +00:00
fba0b44d35
Use -fblocks and -fobjc-nonfragile-abi when that is what is being tested, instead of forcing the triple.
...
llvm-svn: 89072
2009-11-17 09:04:12 +00:00
23baa01af4
Add PreVisitReturn to Malloc checker. Now we can recognize returned memory
...
block.
llvm-svn: 89071
2009-11-17 08:58:18 +00:00
feedba68b5
Don't #include <stdio.h> when tests don't need it, or use clang instead of clang-cc when they do.
...
llvm-svn: 89070
2009-11-17 08:57:36 +00:00
4668c7ed1c
Add EvalEndPath interface to Checker. Now we can check memory leaked at the
...
end of the path. Need to unify interfaces.
llvm-svn: 89063
2009-11-17 07:54:15 +00:00
99b944c037
Add newline at the end of the file.
...
llvm-svn: 89052
2009-11-17 06:34:24 +00:00
5b2592ed65
Add test to verify that the analyzer plist output is what we expect.
...
llvm-svn: 89029
2009-11-17 02:31:39 +00:00
9290ede494
Handle case of missing '@end' in implementation context
...
gracefully, on par with gcc, by: Issuing a warning,
doing final sematinc check of its definitions and generating
its meta-data.
llvm-svn: 88934
2009-11-16 18:57:01 +00:00
b774685c08
Fix a couple of tests.
...
llvm-svn: 88756
2009-11-14 04:23:25 +00:00
9430bf20ff
Remove test case's dependency on header file.
...
llvm-svn: 88685
2009-11-13 20:03:22 +00:00
e5e977013c
Add two new test cases for the Malloc/Free checker. Both have to do with
...
storing malloc'ed memory to global storage.
llvm-svn: 88684
2009-11-13 20:00:28 +00:00
c2675568a1
Add test case that shows a leak we don't catch.
...
llvm-svn: 88683
2009-11-13 19:53:32 +00:00
4ef13f8ac9
Add clang-cc option "--analyzer-experimental-internal-checks". This
...
option enables new "internal" checks that will eventually be turned on
by default but still require broader testing.
llvm-svn: 88671
2009-11-13 18:46:29 +00:00
c7460964ac
Malloc checker basically works now.
...
llvm-svn: 87094
2009-11-13 07:48:11 +00:00
91989d166a
Split buffer overflow test case into two test cases, removing out logic that was commented out.
...
llvm-svn: 86845
2009-11-11 17:17:06 +00:00
b166712d02
Add undefined array subscript checker.
...
llvm-svn: 86837
2009-11-11 13:42:54 +00:00
4f7759a339
Reimplement out-of-bound array access checker with the new checker interface.
...
Now only one test case is XFAIL'ed.
llvm-svn: 86834
2009-11-11 12:33:27 +00:00
04552cbef0
CastToStructChecker: use 'isStructureType()' instead of 'isRecordType()' to determine if a pointer is casted to a struct pointer. This fixes an observed false positive when a value is casted to a union.
...
llvm-svn: 86813
2009-11-11 06:43:42 +00:00
70ba4908d0
Add test case for PointerSubChecker.
...
llvm-svn: 86657
2009-11-10 02:45:49 +00:00
80bbc6d138
Refine PointerSubChecker: compare the base region instead of the original
...
region, so that arithmetic within a memory chunk is allowed.
llvm-svn: 86652
2009-11-10 02:37:53 +00:00
6d967cbd8e
update test case.
...
llvm-svn: 86541
2009-11-09 13:56:44 +00:00
ab0e27ff0c
Add check for pointer arithmetic on non-array variables.
...
llvm-svn: 86538
2009-11-09 13:23:31 +00:00
d6e7f9d4b2
Add check for obsolete function call of getpw().
...
llvm-svn: 86537
2009-11-09 12:19:26 +00:00
f06c684a33
Add checker for CWE-588: Attempt to Access Child of a Non-structure Pointer.
...
llvm-svn: 86529
2009-11-09 08:07:38 +00:00
6c306c8b89
Add checker for CWE-587: Assignment of a Fixed Address to a Pointer.
...
llvm-svn: 86523
2009-11-09 06:52:44 +00:00
86b1e01c13
Add checker for CWE-469: Use of Pointer Subtraction to Determine Size. This
...
checker does not build sink nodes. Because svaluator computes an unknown value
for the subtraction now.
llvm-svn: 86517
2009-11-09 05:34:10 +00:00
0f92ec6ebd
Add a test case for CWE-467, and simplify the wording of the warning.
...
llvm-svn: 86504
2009-11-09 02:28:12 +00:00
8b57697954
Eliminate &&s in tests.
...
- 'for i in $(find . -type f); do sed -e 's#\(RUN:.*[^ ]\) *&& *$#\1#g' $i | FileUpdate $i; done', for the curious.
llvm-svn: 86430
2009-11-08 01:45:36 +00:00
fceb64bd04
Implement -Wconversion. Off by default, in the non-gcc group. There's
...
significant work left to be done to reduce the false-positive rate here.
llvm-svn: 86326
2009-11-07 03:30:10 +00:00
e3423e84a9
testing: Merge PR3135.c into misc-ps-region-store.m.
...
llvm-svn: 86286
2009-11-06 20:32:38 +00:00
Ted Kremenek