Commit Graph

1061 Commits

Author SHA1 Message Date
Aaron Ballman 8d3a7a56a9 Clarify pointer ownership semantics by hoisting the std::unique_ptr creation to the caller instead of hiding it in emitReport. NFC.
llvm-svn: 240400
2015-06-23 13:15:32 +00:00
Alexander Kornienko ab9db51042 Revert r240270 ("Fixed/added namespace ending comments using clang-tidy").
llvm-svn: 240353
2015-06-22 23:07:51 +00:00
Aaron Ballman ff661394ce Don't use &* when get() will suffice; NFC.
llvm-svn: 240279
2015-06-22 13:28:21 +00:00
Alexander Kornienko 3d9d929e42 Fixed/added namespace ending comments using clang-tidy. NFC
The patch is generated using this command:

  $ tools/extra/clang-tidy/tool/run-clang-tidy.py -fix \
      -checks=-*,llvm-namespace-comment -header-filter='llvm/.*|clang/.*' \
      work/llvm/tools/clang

To reduce churn, not touching namespaces spanning less than 10 lines.

llvm-svn: 240270
2015-06-22 09:47:44 +00:00
Douglas Gregor eb6e64ca8f Allow the cf_returns_[not_]retained attributes to appear on out-parameters.
Includes a simple static analyzer check and not much else, but we'll also
be able to take advantage of this in Swift.

This feature can be tested for using __has_feature(cf_returns_on_parameters).

This commit also contains two fixes:
- Look through non-typedef sugar when deciding whether something is a CF type.
- When (cf|ns)_returns(_not)?_retained is applied to invalid properties,
  refer to "property" instead of "method" in the error message.

rdar://problem/18742441

llvm-svn: 240185
2015-06-19 23:17:46 +00:00
Devin Coughlin 0bee1d7ff1 [analyzer] Remove ObjCContainersChecker size information when a CFMutableArrayRef escapes
Update ObjCContainersChecker to be notified when pointers escape so it can
remove size information for escaping CFMutableArrayRefs. When such pointers
escape, un-analyzed code could mutate the array and cause the size information
to be incorrect.

rdar://problem/19406485

llvm-svn: 239709
2015-06-15 01:00:42 +00:00
Devin Coughlin d7112c391c [analyzer]Test commit fixing 80-column violation in comment. NFC.
llvm-svn: 238993
2015-06-04 00:18:10 +00:00
Enrico Pertoso 4432d87578 Fixes a typo in a comment.
llvm-svn: 238910
2015-06-03 09:10:58 +00:00
Pete Cooper f9db5737d0 Add a missing forward def of CheckerManager. NFC.
This file doesn't include CheckerManager or forward declare it, so is sensitive to include order.

llvm-svn: 235209
2015-04-17 17:00:16 +00:00
Sylvestre Ledru 3dbaf8534a Remove the assertion as it was useless and broken.
Enforcing the assert caused the following tests to fail:
Clang :: Analysis__bstring.c
Clang :: Analysis__comparison-implicit-casts.cpp
Clang :: Analysis__malloc-interprocedural.c
Clang :: Analysis__malloc.c
Clang :: Analysis__redefined_system.c
Clang :: Analysis__string.c
Clang :: Analysis__weak-functions.c

llvm-svn: 235190
2015-04-17 13:21:39 +00:00
Sylvestre Ledru 91ba4b1af6 Fix a bad assert. Found by coverity. CID 1101110
llvm-svn: 235188
2015-04-17 13:08:54 +00:00
Anton Yartsev b50f4ba461 [analyzer] This implements potential undefbehavior.ZeroAllocDereference checker.
TODO: support realloc(). Currently it is not possible due to the present realloc() handling. Currently RegionState is not being attached to realloc() in case of a zero Size argument. 
llvm-svn: 234889
2015-04-14 14:18:04 +00:00
Alexander Kornienko 34eb20725d Use 'override/final' instead of 'virtual' for overridden methods
Summary:
The patch is generated using clang-tidy misc-use-override check.

This command was used:

  tools/clang/tools/extra/clang-tidy/tool/run-clang-tidy.py \
    -checks='-*,misc-use-override' -header-filter='llvm|clang' -j=32 -fix

Reviewers: dblaikie

Reviewed By: dblaikie

Subscribers: klimek, cfe-commits

Differential Revision: http://reviews.llvm.org/D8926

llvm-svn: 234678
2015-04-11 02:00:23 +00:00
Benjamin Kramer a008d3a9f9 Reduce dyn_cast<> to isa<> or cast<> where possible. Clang edition.
No functional change intended.

llvm-svn: 234587
2015-04-10 11:37:55 +00:00
Jordan Rose 3da3f8e045 [analyzer] Disable all retain count diagnostics on values that come from ivars.
This is imitating a pre-r228174 state where ivars are not considered tracked by
default, but with the addition that even ivars /with/ retain count information
(e.g. "[_ivar retain]; [ivar _release];") are not being tracked as well. This is
to ensure that we don't regress on values accessed through both properties and
ivars, which is what r228174 was trying to fix.

The issue occurs in code like this:

  [_contentView retain];
  [_contentView removeFromSuperview];
  [self addSubview:_contentView]; // invalidates 'self'
  [_contentView release];

In this case, the call to -addSubview: may change the value of self->_contentView,
and so the analyzer can't be sure that we didn't leak the original _contentView.
This is a correct conservative view of the world, but not a useful one. Until we
have a heuristic that allows us to not consider this a leak, not emitting a
diagnostic is our best bet.

This commit disables all of the ivar-related retain count tests, but does not
remove them to ensure that we don't crash trying to evaluate either valid or
erroneous code. The next commit will add a new test for the example above so
that this commit (and the previous one) can be reverted wholesale when a better
solution is implemented.

Rest of rdar://problem/20335433

llvm-svn: 233592
2015-03-30 20:18:00 +00:00
Jordan Rose 218772f87e [analyzer] Don't special-case ivars backing +0 properties.
Give up this checking in order to continue tracking that these values came from
direct ivar access, which will be important in the next commit.

Part of rdar://problem/20335433

llvm-svn: 233591
2015-03-30 20:17:47 +00:00
Jordan Rose 03ad616143 [analyzer] RetainCountChecker: Don't assume +0 for ivars backing readonly properties.
Similarly, don't assume +0 if the property's setter is manually implemented.
In both cases, if the property's ownership is explicitly written, then we /do/
assume the ivar has the same ownership.

rdar://problem/20218183

llvm-svn: 232849
2015-03-20 21:12:27 +00:00
Yaron Keren 1a9f58b32d Fix another ternary Visual C++ is OK wiht but gcc not.
llvm-svn: 232624
2015-03-18 10:30:57 +00:00
Yaron Keren 92e1b62d45 Remove many superfluous SmallString::str() calls.
Now that SmallString is a first-class citizen, most SmallString::str()
calls are not required. This patch removes a whole bunch of them, yet
there are lots more.

There are two use cases where str() is really needed:
1) To use one of StringRef member functions which is not available in
SmallString.
2) To convert to std::string, as StringRef implicitly converts while 
SmallString do not. We may wish to change this, but it may introduce
ambiguity.

llvm-svn: 232622
2015-03-18 10:17:07 +00:00
Ed Schouten e5bdc8516e Enable security checks for arc4random() on CloudABI as well.
CloudABI also supports the arc4random() function. We can enable compiler
warnings for rand(), random() and *rand48() on this system as well.

llvm-svn: 231914
2015-03-11 08:48:55 +00:00
Anton Yartsev 2487dd6501 [analyzer] Make getCheckIfTracked() return either leak or regular checker.
llvm-svn: 231863
2015-03-10 22:24:21 +00:00
Jordan Rose 58f8cc15c9 [analyzer] RetainCountChecker: CF properties are always manually retain-counted.
In theory we could assume a CF property is stored at +0 if there's not a custom
setter, but that's not really worth the complexity. What we do know is that a
CF property can't have ownership attributes, and so we shouldn't assume anything
about the ownership of the ivar.

rdar://problem/20076963

llvm-svn: 231553
2015-03-07 05:47:24 +00:00
Anton Yartsev 80fce4e7da [analyzer] Remove unused type (addition to r231540: "Revert changes from r229593")
llvm-svn: 231548
2015-03-07 01:57:31 +00:00
Anton Yartsev 4eb394d6c1 [analyzer] Revert changes from r229593; an enhancement is under discussion
llvm-svn: 231540
2015-03-07 00:31:53 +00:00
Anton Yartsev 9907fc9053 [analyzer] Bug fix: do not report leaks for alloca()
llvm-svn: 231314
2015-03-04 23:18:21 +00:00
Gabor Horvath e40c71c10a [analyzer] Individual configuration options can be specified for checkers.
Reviewed by: Anna Zaks

Original patch by: Aleksei Sidorin

Differential Revision: http://reviews.llvm.org/D7905

llvm-svn: 231266
2015-03-04 17:59:34 +00:00
Anton Yartsev c38d7952b2 [analyzer] unix.Malloc: preserve AllocaRegion bound to __builtin_alloca().
Binding __builtin_alloca() return value to the symbolic value kills previous binding to a AllocaRegion established by the core.BuiltinFunctions checker. Other checkers may rely upon this information. Rollback handling of __builtin_alloca() to the way prior to r229850.

llvm-svn: 231160
2015-03-03 22:58:46 +00:00
David Majnemer ced8bdf74a Sema: Parenthesized bound destructor member expressions can be called
We would wrongfully reject (a.~A)() in both the destructor and
pseudo-destructor cases.

This fixes PR22668.

llvm-svn: 230512
2015-02-25 17:36:15 +00:00
Jordan Rose 000bac5e17 [analyzer] RetainCountChecker: don't try to track ivars known to be nil.
We expect in general that any nil value has no retain count information
associated with it; violating this results in unexpected state unification
/later/ when we decide to throw the information away. Unexpectedly caching
out can lead to an assertion failure or crash.

rdar://problem/19862648

llvm-svn: 229934
2015-02-19 23:57:04 +00:00
Anton Yartsev 5b5c7cec08 [analyzer] Different handling of alloca().
+ separate bug report for "Free alloca()" error to be able to customize checkers responsible for this error.
+ Muted "Free alloca()" error for NewDelete checker that is not responsible for c-allocated memory, turned on for unix.MismatchedDeallocator checker.
+ RefState for alloca() - to be able to detect usage of zero-allocated memory by upcoming ZeroAllocDereference checker.
+ AF_Alloca family to handle alloca() consistently - keep proper family in RefState, handle 'alloca' by getCheckIfTracked() facility, etc.
+ extra tests.

llvm-svn: 229850
2015-02-19 13:36:20 +00:00
Anton Yartsev e5c0c14213 [analyzer] Refactoring: clarified the way the proper check kind is chosen.
llvm-svn: 229593
2015-02-18 00:39:06 +00:00
Anton Yartsev b3fa86d6f3 [analyzer] Pass actual state to alloc/dealloc handling functions.
The state obtained from CheckerContext::getState() may be outdated by the time the alloc/dealloc handling function is called (e.g. the state was modified but the transition was not performed). State argument was added to all alloc/dealloc handling functions in order to get the latest state and to allow sequential calls to those functions.

llvm-svn: 228737
2015-02-10 20:13:08 +00:00
Benjamin Kramer b4ef66832d Update APIs that return a pair of iterators to return an iterator_range instead.
Convert uses of those APIs into ranged for loops. NFC.

llvm-svn: 228404
2015-02-06 17:25:10 +00:00
Anna Zaks 33f0632640 [analyzer] Do not crash in the KeychainAPI checker on user defined 'free()'.
llvm-svn: 228248
2015-02-05 01:02:56 +00:00
Anna Zaks 486a0ff4b7 [analyzer] Look for allocation site in the parent frames as well as the current one.
Instead of handling edge cases (mostly involving blocks), where we have difficulty finding
an allocation statement, allow the allocation site to be in a parent node.

Previously we assumed that the allocation site can always be found in the same frame
as allocation, but there are scenarios in which an element is leaked in a child
frame but is allocated in the parent.

llvm-svn: 228247
2015-02-05 01:02:53 +00:00
Jordan Rose cb5386cbfc [analyzer] RetainCountChecker: be forgiving when ivars are accessed directly.
A refinement of r204730, itself a refinement of r198953, to better handle
cases where an object is accessed both through a property getter and
through direct ivar access. An object accessed through a property should
always be treated as +0, i.e. not owned by the caller. However, an object
accessed through an ivar may be at +0 or at +1, depending on whether the
ivar is a strong reference. Outside of ARC, we don't always have that
information.

The previous attempt would clear out the +0 provided by a getter, but only
if that +0 hadn't already participated in other retain counting operations.
(That is, "self.foo" is okay, but "[[self.foo retain] autorelease]" is
problematic.) This turned out to not be good enough when our synthesized
getters get involved.

This commit drops the notion of "overridable" reference counting and instead
just tracks whether a value ever came from a (strong) ivar. If it has, we
allow one more release than we otherwise would. This has the added benefit
of being able to catch /some/ overreleases of instance variables, though
it's not likely to come up in practice.

We do still get some false negatives because we currently throw away
refcount state upon assigning a value into an ivar. We should probably
improve on that in the future, especially once we synthesize setters as
well as getters.

rdar://problem/18075108

llvm-svn: 228174
2015-02-04 19:24:52 +00:00
Reid Kleckner ee7cf84c8f Use nullptr to silence -Wsentinel when self-hosting on Windows
Richard rejected my Sema change to interpret an integer literal zero in
a varargs context as a null pointer, so -Wsentinel sees an integer
literal zero and fires off a warning. Only CodeGen currently knows that
it promotes integer literal zeroes in this context to pointer size on
Windows.  I didn't want to teach -Wsentinel about that compatibility
hack. Therefore, I'm migrating to C++11 nullptr.

llvm-svn: 223079
2014-12-01 22:02:27 +00:00
Reid Kleckner 8cd0079d16 Use the new LLVM_END_WITH_NULL name
llvm-svn: 221217
2014-11-04 01:13:43 +00:00
Anton Yartsev 6ca45c92a9 [analyzer] Move the NewDeleteLeaks checker from CplusplusAlpha to Cplusplus package.
llvm-svn: 220289
2014-10-21 12:41:36 +00:00
Ted Kremenek 0c28bc20da [analyzer] Tweak MallocSizeOfChecker to not warn when using sizeof(void*) to allocate a bunch of any pointer type.
This suppresses a common false positive when analyzing libc++.

Along the way, introduce some tests to show this checker actually
works with C++ static_cast<>.

llvm-svn: 220160
2014-10-19 07:30:55 +00:00
Jordan Rose 679659f58c [analyzer] Check all 'nonnull' attributes, not just the first one.
Patch by Daniel Fahlgren!

llvm-svn: 219625
2014-10-13 19:38:02 +00:00
Benjamin Kramer 719772c269 Remove stray enum keywords. MSVC sees this as a redeclaration at global scope.
llvm-svn: 219031
2014-10-03 22:20:30 +00:00
Anna Zaks 0820e13e2a [analyzer] Refactor and cleanup IsCompleteType
There are three copies of IsCompleteType(...) functions in CSA and all
of them are incomplete (I experienced  crashes in some CSA's test cases).
I have replaced these function calls with Type::isIncompleteType() calls.

A patch by Aleksei Sidorin!

llvm-svn: 219026
2014-10-03 21:49:03 +00:00
Anna Zaks d79b840716 [analyzer] Make Malloc Checker track memory allocated by if_nameindex
The MallocChecker does currently not track the memory allocated by
if_nameindex. That memory is dynamically allocated and should be freed
by calling if_freenameindex. The attached patch teaches the checker
about these functions.

Memory allocated by if_nameindex is treated as a separate allocation
"family". That way the checker can verify it is freed by the correct
function.

A patch by Daniel Fahlgren!

llvm-svn: 219025
2014-10-03 21:48:59 +00:00
Anna Zaks 2d2f137ed4 [analyzer] Make CStringChecker correctly calculate return value of mempcpy
The return value of mempcpy is only correct when the destination type is
one byte in size. This patch casts the argument to a char* so the
calculation is also correct for structs, ints etc.

A patch by Daniel Fahlgren!

llvm-svn: 219024
2014-10-03 21:48:54 +00:00
Benjamin Kramer 22c68ef845 Avoid some unnecessary SmallVector copies.
No functionality change.

llvm-svn: 217586
2014-09-11 14:13:49 +00:00
Jordan Rose 21933ccdd7 Teach the analyzer that __builtin_assume_aligned returns its first argument.
Patch by Daniel Fahlgren!

llvm-svn: 217461
2014-09-09 21:42:16 +00:00
Jordan Rose f69e65f75c [analyzer] Don't crash if malloc() has an unexpected function prototype.
Patch by Daniel Fahlgren!

llvm-svn: 217258
2014-09-05 16:33:51 +00:00
David Blaikie 91e7902622 unique_ptrify BugReporter::visitors
llvm-svn: 217205
2014-09-04 23:54:33 +00:00
David Blaikie d15481ccea unique_ptr-ify PathDiagnosticPiece ownership
llvm-svn: 216751
2014-08-29 18:18:43 +00:00