Commit Graph

1105 Commits

Author SHA1 Message Date
Jordy Rose b72bd53f7d [analyzer] GNU __null is a pointer-sized integer, not a pointer. Fixes PR10372.
llvm-svn: 135294
2011-07-15 20:29:02 +00:00
Douglas Gregor 5c70b06feb Teach the static analyzer's interpretation of Cocoa conventions to
obey the objc_method_family attribute when provided. Fixes
<rdar://problem/9726279>.

llvm-svn: 134493
2011-07-06 16:00:34 +00:00
Jordy Rose 7770a8c6c5 [analyzer] strnlen isn't a builtin, don't test for it
llvm-svn: 133994
2011-06-28 05:34:40 +00:00
Jordy Rose 4d3c1511ac [analyzer] Use UnknownVal when default-initializing arrays whose element types we don't model, to distinguish them from uninitialized arrays (PR10163).
llvm-svn: 133937
2011-06-27 20:36:38 +00:00
Jordy Rose b41f7c55f5 [analyzer] Finish size argument checking for strncat (and strncpy).
llvm-svn: 133472
2011-06-20 21:55:40 +00:00
Jordy Rose 328deeed7f [analyzer] Re-enable checking for strncpy, along with a new validation of the size argument. strncat is not yet up-to-date, but I'm leaving it enabled for now (there shouldn't be any false positives, at least...)
llvm-svn: 133408
2011-06-20 03:49:16 +00:00
Jordy Rose dceb0cf3f3 [analyzer] Eliminate "byte string function" from CStringChecker's diagnostics, and make it easier to provide custom messages for overflow checking, in preparation for re-enabling strncpy checking.
llvm-svn: 133406
2011-06-20 02:06:40 +00:00
Jordy Rose c026370858 [analyzer] Clean up modeling of strcmp, including cases where a string literal has an embedded null character, and where both arguments are the same buffer. Also use nested ifs rather than early returns; in this case early returns will lose any assumptions we've made earlier in the function.
llvm-svn: 133154
2011-06-16 07:13:34 +00:00
John McCall 31168b077c Automatic Reference Counting.
Language-design credit goes to a lot of people, but I particularly want
to single out Blaine Garst and Patrick Beard for their contributions.

Compiler implementation credit goes to Argyrios, Doug, Fariborz, and myself,
in no particular order.

llvm-svn: 133103
2011-06-15 23:02:42 +00:00
Jordy Rose 634c12d23f [analyzer] Revise CStringChecker's modelling of strcpy() and strcat():
- (bounded copies) Be more conservative about how much is being copied.
- (str(n)cat) If we can't compute the exact final length of an append operation, we can still lower-bound it.
- (stpcpy) Fix the conjured return value at the end to actually be returned.

This requires these supporting changes:
- C string metadata symbols are still live even when buried in a SymExpr.
- "Hypothetical" C string lengths, to represent a value that /will/ be passed to setCStringLength() if all goes well. (The idea is to allow for temporary constrainable symbols that may end up becoming permanent.)
- The 'checkAdditionOverflow' helper makes sure that the two strings being appended in a strcat don't overflow size_t. This should never *actually* happen; the real effect is to keep the final string length from "wrapping around" in the constraint manager.

This doesn't actually test the "bounded" operations (strncpy and strncat) because they can leave strings unterminated. Next on the list!

llvm-svn: 133046
2011-06-15 05:52:56 +00:00
Jordy Rose bc7483f505 [analyzer] CStringChecker checks functions in the C standard library, not C++. Its external name is now unix.experimental.CString.
llvm-svn: 132958
2011-06-14 01:40:43 +00:00
Jordy Rose d359289669 [analyzer] Fix modeling of strnlen to be more conservative. Move tests we can't properly model (yet?) to string-fail.c.
llvm-svn: 132955
2011-06-14 01:15:31 +00:00
Douglas Gregor c9224d6714 Eliminate the -f[no]objc-infer-related-result-type flags; there's no
reason to allow the user to control these semantics through a flag.

llvm-svn: 132919
2011-06-13 16:42:53 +00:00
Jordy Rose 1734737d9f [analyzer] PR8962 again. Ban ParenExprs (and friends) from block-level expressions (by calling IgnoreParens before adding expressions to blocks). Undo 132769 (LiveVariables' local IgnoreParens), since it's no longer necessary.
Also, have Environment stop looking through NoOp casts; it didn't match the behavior of LiveVariables. And once that's gone, the whole cast block of that switch is unnecessary.

llvm-svn: 132840
2011-06-10 08:49:37 +00:00
Jordy Rose 891d613289 [analyzer] Ignore parentheses around block-level expressions when computing liveness. Fixes the other half of PR8962.
llvm-svn: 132769
2011-06-09 05:44:04 +00:00
Jordy Rose ab8a668849 [analyzer] Look through __extension__ expressions in a GRState's Environment. Fixes PR8962.
llvm-svn: 132762
2011-06-08 22:47:39 +00:00
Jordy Rose 097c5397a8 [analyzer] Don't crash when copying an unknown number of bytes with memcpy(). Also handle all memcpy-family return values in evalCopyCommon(), rather than having some outside and some inside.
llvm-svn: 132617
2011-06-04 01:47:27 +00:00
Jordy Rose 63b84be6cb [analyzer] Fix handling of "copy zero bytes" for memcpy and friends.
llvm-svn: 132607
2011-06-04 00:04:22 +00:00
Jordy Rose aee7fb9e64 [analyzer] __mempcpy_chk is the same as mempcpy (at least to CStringChecker)
llvm-svn: 132605
2011-06-03 23:42:56 +00:00
Ted Kremenek f230198f15 Tighen analyzer diagnostics w.r.t ObjC/CF leaks.
llvm-svn: 132130
2011-05-26 18:45:44 +00:00
Ted Kremenek 4c5d2888f4 static analyzer: when conservatively evaluating functions, don't invalidate the values of globals when the called function is strlen.
llvm-svn: 132100
2011-05-25 23:57:29 +00:00
Ted Kremenek 86d49ce20c Teach analyzer about cf_returns_not_retained for C functions.
llvm-svn: 132049
2011-05-25 06:29:39 +00:00
Ted Kremenek 8e2c9b0180 Enhance retain/release checker to flag warnings when functions returning CG types do not follow the Core Foundation naming conventions.
llvm-svn: 132048
2011-05-25 06:19:45 +00:00
Ted Kremenek 3a60114085 Add explicit CFG support for ignoring static_asserts.
llvm-svn: 132001
2011-05-24 20:41:31 +00:00
Ted Kremenek 109b127e02 Fix regression in static analyzer's handling of prefix '--' operator. It was being treated as postfix '--' in C mode.
llvm-svn: 131770
2011-05-20 23:40:06 +00:00
Ted Kremenek f377cb82f9 Teach RegionStore not to symbolic array values whose indices it cannot reason about.
llvm-svn: 131702
2011-05-19 23:37:58 +00:00
Ted Kremenek 5f06955aa0 Teach static analyzer to analyze Objective-C methods in category implementations.
llvm-svn: 131614
2011-05-19 00:56:53 +00:00
Ted Kremenek 6878c36328 Elide __label__ declarations from the CFG. This resolves a crash in CFGRecStmtDeclVisitor (crash in static analyzer).
llvm-svn: 131141
2011-05-10 18:42:15 +00:00
Lenny Maiorani 5066858bcd Removing strncpy() checking in CString checker for now. Some significant changes need to be made to properly support modeling of it since it potentially leaves strings non-null terminated.
llvm-svn: 130758
2011-05-03 16:34:26 +00:00
Ted Kremenek e9f364f658 Tweak the retain/release checker to not stop tracking retained objects when calling C++ methods. This is a temporary solution to prune false positives until we have a general story using annotations.
llvm-svn: 130726
2011-05-02 21:21:42 +00:00
Ted Kremenek aa181174e7 Augment retain/release checker to not warn about tracked objects passed as arguments to C++ constructors. This is a stop-gap measure for Objective-C++ code that uses smart pointers to manage reference counts.
llvm-svn: 130711
2011-05-02 19:42:42 +00:00
Lenny Maiorani 0b510279c6 Implements strncasecmp() checker and simplifies some of the logic around creating substrings if necessary and calling the appropriate StringRef::compare/compare_lower().
llvm-svn: 130708
2011-05-02 19:05:49 +00:00
Ted Kremenek 8067746554 Move the SelfInit checker to the 'cocoa.experimental' package.
llvm-svn: 130598
2011-04-30 06:46:45 +00:00
Ted Kremenek e8e565ab81 Adjust test/Analysis/retain-release.m to also test the retain/release checker in Objective-C++ mode.
llvm-svn: 130559
2011-04-29 23:15:53 +00:00
Lenny Maiorani 4af23c8159 Implements strcasecmp() checker in Static Analyzer.
llvm-svn: 130398
2011-04-28 15:09:11 +00:00
Lenny Maiorani 005b5c1aee More accurately model realloc() when the size argument is 0. realloc() with a size of 0 is equivalent to free(). The memory region should be marked as free and not used again.
Unit tests f2_realloc_0(), f6_realloc(), and f7_realloc() contributed by Marshall Clow <mclow.lists@gmail.com>. Thanks! 

llvm-svn: 130303
2011-04-27 14:49:29 +00:00
Ted Kremenek 08b434f450 Allow 'Environment::getSVal()' to allow an optional way for checkers to do a direct lookup to values bound to expressions, without
resulting to lazy logic.  This is critical for the OSAtomicChecker that does a simulated load on any arbitrary expression.

llvm-svn: 130292
2011-04-27 05:34:09 +00:00
Argyrios Kyrtzidis a9b630e4d7 Emit a -Wnull-dereference warning for "*null" not just "*null = something". Addresses rdar://9269271.
llvm-svn: 130207
2011-04-26 17:41:22 +00:00
Lenny Maiorani e553e40467 Implements the strncmp() checker just like the strcmp() checker, but with bounds. Requires LLVM svn r129582.
llvm-svn: 130161
2011-04-25 22:21:00 +00:00
Ted Kremenek 11e5c8b31a Add static analyzer support for C++'0X nullptr. Patch by Jim Goodnow II.
llvm-svn: 130003
2011-04-22 18:01:30 +00:00
Anders Carlsson d1f65f61ee Make the VariadicMethodTypeChecker accept block pointers as Objective-C pointers. Fixes PR9746.
llvm-svn: 129741
2011-04-19 01:16:46 +00:00
Richard Smith 0c502d2a62 Fix PR9741. The implicit declarations created for range-based for loops weren't being added to the DeclContext (nor were they being marked as implicit). Also, the declarations were being emitted in the wrong order when building the CFG.
llvm-svn: 129700
2011-04-18 15:49:25 +00:00
Chris Lattner 57540c5be0 fix a bunch of comment typos found by codespell. Patch by
Luis Felipe Strano Moraes!

llvm-svn: 129559
2011-04-15 05:22:18 +00:00
Ted Kremenek ced5feaec9 Teach VariadicMethodTypeChecker to not crash when processing methods declared in protocols.
llvm-svn: 129395
2011-04-12 21:47:05 +00:00
Ted Kremenek 8a4c760c20 ArrayBoundCheckerV2: don't arbitrarily warn about indexing before the 0-index of a symbolic region. In many cases that isn't really the base offset.
llvm-svn: 129366
2011-04-12 17:21:33 +00:00
Lenny Maiorani f3539ad5c7 This patch adds modeling of strcmp() to the CString checker. Validates inputs are not NULL and are real C strings, then does the comparison and binds the proper return value. Unit tests included.
llvm-svn: 129364
2011-04-12 17:08:43 +00:00
Ted Kremenek f52718899f static analyzer: invalidate by-ref arguments passed to constructors in a 'new' expression.
llvm-svn: 129349
2011-04-12 05:12:39 +00:00
Ted Kremenek 57a4a152b2 Fix bug in SimpleSValBuilder where '--' pointer arithmetic was treated like '++' pointer arithmetic.
llvm-svn: 129348
2011-04-12 03:49:37 +00:00
Ted Kremenek 4f939da02d RegionStoreManager::invalidateRegions: treat classes the same as structs.
llvm-svn: 129333
2011-04-12 00:44:31 +00:00
Ted Kremenek e0d2b8c58c Teach GRState::getSValAsScalarOrLoc() about C++ references.
llvm-svn: 129329
2011-04-12 00:28:12 +00:00