maxjhandsome
/
llvm-project
forked from OSchip/llvm-project
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity
124,387 Commits 23 Branches 0 Tags 2.2 GiB
Commit Graph

101 Commits

Author SHA1 Message Date
Anna Zaks d5c3027473 [analyzer] Turn inlining on by default for better testing exposure. 
Fix a test, which was most likely an unintended recursive call.

llvm-svn: 151848
 2012-03-01 22:37:46 +00:00
Ted Kremenek b9ff6b2302 Reenable DeadStoresChecker under --analyze, and move the IdempotentOperationsChecker to the 'experimental' category. Fixes <rdar://problem/10146347>. 
llvm-svn: 148533
 2012-01-20 06:00:17 +00:00
Fariborz Jahanian 28324b0066 objc: deprecate direct usage of 'isa' of objc objects 
in favor of usage of api's intended for.
// rdar://8290002

llvm-svn: 148404
 2012-01-18 19:08:56 +00:00
Ted Kremenek 3f955e6d89 [analyzer] rename all experimental checker packages to have 'experimental' be the common root package. 
llvm-svn: 136835
 2011-08-03 23:14:55 +00:00
Ted Kremenek 109b127e02 Fix regression in static analyzer's handling of prefix '--' operator. It was being treated as postfix '--' in C mode. 
llvm-svn: 131770
 2011-05-20 23:40:06 +00:00
Ted Kremenek 850d35be16 Fix RegionStore bug when doing a field load whose parent is also a field assigned a LazyCompoundValue. Fixes <rdar://problem/9163742> and PR 9522. 
llvm-svn: 128783
 2011-04-03 04:09:15 +00:00
Ted Kremenek 49c79790de Rework checker "packages" and groups to be more hierarchical. 
llvm-svn: 128187
 2011-03-24 00:28:47 +00:00
Ted Kremenek 3e5ad5932e Tweak RegionStore's handling of lazy compound values to use the 'Default' versus 'Direct' binding key, thus allowing specific elements of an array/struct to be overwritten without 
invalidating the entire binding.  Fixes PR 9455.

llvm-svn: 127796
 2011-03-17 03:51:51 +00:00
Ted Kremenek a4a57c10da Re-enable the IdempotentOperations checker for --analyze, and put it and the DeadStores checker into the "deadcode" group. 
llvm-svn: 127531
 2011-03-12 06:14:28 +00:00
Ted Kremenek 4bb6c6b37e static analyzer: Fix use-after-free bug in RegionStore involving LazyCompoundValueData not reference counting Store objects. 
llvm-svn: 127288
 2011-03-08 23:18:00 +00:00
Argyrios Kyrtzidis 9eb02dfa89 [analyzer] Remove '-analyzer-check-objc-mem' flag, the nominee for best misnomer award. 
llvm-svn: 126676
 2011-02-28 19:49:42 +00:00
Argyrios Kyrtzidis d4d3cee6e4 [analyzer] Migrate UndefResultChecker to CheckerV2. 
llvm-svn: 126614
 2011-02-28 01:27:22 +00:00
Argyrios Kyrtzidis b388f77ad9 [analyzer] Remove '-analyzer-experimental-internal-checks' flag, it doesn't have any checkers associated with it anymore. 
llvm-svn: 126440
 2011-02-24 21:43:08 +00:00
Argyrios Kyrtzidis c08d89e6c2 Allow passing a list of comma separated checker names to -analyzer-checker, e.g: 
-analyzer-checker=cocoa,unix

llvm-svn: 126372
 2011-02-24 08:42:20 +00:00
Argyrios Kyrtzidis dd407f423b [analyzer] Migrate ArrayBoundChecker to CheckerV2. 
llvm-svn: 126371
 2011-02-24 08:42:12 +00:00
Argyrios Kyrtzidis 7bc0141043 [analyzer] Migrate ReturnPointerRangeChecker to CheckerV2. 
llvm-svn: 126369
 2011-02-24 08:41:57 +00:00
Argyrios Kyrtzidis a9215281de [analyzer] Use the new registration mechanism on some of the experimental internal checkers: 
CastToStructChecker
  FixedAddressChecker
  PointerArithChecker
  PointerSubChecker

llvm-svn: 125612
 2011-02-15 22:55:20 +00:00
Argyrios Kyrtzidis b2400924d9 [analyzer] Use the new registration mechanism on the IdempotentOperationChecker. 
llvm-svn: 125611
 2011-02-15 22:55:14 +00:00
Ted Kremenek fedad3c668 Don't try and symbolicate unions; we don't reason 
about them yet.  Fixes crash reported in PR 9049.

llvm-svn: 124228
 2011-01-25 21:08:47 +00:00
Ted Kremenek 304b6e4aa1 Fix a corner case in RegionStore where we assign 
a struct value to a symbolic index into array.
RegionStore can't actually reason about this,
so we were getting bogus warnings about loading
uninitialized values from the array.  The solution
is invalidate the entire array when we cannot
represent the binding explicitly.

Fixes <rdar://problem/8848957>

llvm-svn: 123368
 2011-01-13 06:58:15 +00:00
Ted Kremenek dcf85a8d18 Teach AttrNonNullChecker about transparent unions. Fixes crash reported in <rdar://problem/8642434>. 
llvm-svn: 118473
 2010-11-09 02:11:43 +00:00
Zhongxing Xu d95ccd58a9 If visiting RHS causes us to finish 'Block', e.g. the RHS is a StmtExpr 
containing a DoStmt, and the LHS doesn't create a new block, then we should
return RBlock.  Otherwise we'll incorrectly return NULL.

Also relax an assertion in VisitWhileStmt(). Reset 'Block' when it is finished.

llvm-svn: 117436
 2010-10-27 03:23:10 +00:00
Ted Kremenek c95589d2e6 Don't divide-by-zero in RegionStoreManager::getSizeInElements() when getting the size of a VLA. We don't track VLA extents yet, 
but we should at least not crash.  Fixes <rdar://problem/8424269>.

llvm-svn: 113888
 2010-09-14 23:08:34 +00:00
Ted Kremenek 8abff774aa Fix CFGBuilder crash reported in PR 8141. 
llvm-svn: 113826
 2010-09-14 01:13:32 +00:00
Ted Kremenek 5cdaeaaa1d Clean up obtuse wording of checker diagnostic of using an uninitialized value in a function call. 
Fixes: <rdar://problem/8409480> “warning: Pass-by-value argument in function call is undefined” message can be improved
llvm-svn: 113554
 2010-09-09 22:51:55 +00:00
Ted Kremenek 5f256da834 Rename GRState::getSVal() -> getRawSVal() and getSimplifiedSVal() -> getSVal(). 
The end result is now we eagarly constant-fold symbols in the analyzer that are perfectly constrained
to be a constant value.  This allows us to recover some path-sensitivity in some cases by lowering
the required level of reasoning power needed to evaluate some expressions.

The net win from this change is that the false positive in PR 8015 is fixed, and we also
find more idempotent operations bugs.

We do, however, regress with the BugReporterVisitors, which need to be modified to understand
this constant folding (and look past it).  This causes some diagnostic regressions in plist-output.m
which will get addressed in a future patch.  plist-output.m is now marked XFAIL, while
plist-output-alternate.m now tests that the plist output is working, but with the suboptimal
diagnostics.  This second test file will eventually be removed.

llvm-svn: 113477
 2010-09-09 07:13:00 +00:00
Zhongxing Xu ef94284f2f Tweak test case. 'int' would introduce out-of-bound issues. We focus on array 
index constraints in this case.

llvm-svn: 112794
 2010-09-02 01:42:44 +00:00
Ted Kremenek f3a734d8ee Add yet another test case for PR 8015, showing how reasoning over symbolic indices should exactly resolve over multiple index possibilities (and thus suppress the false positive in the test). 
llvm-svn: 112770
 2010-09-01 23:37:38 +00:00
Ted Kremenek 121ddd6a5c Add another test case for PR 8015, here with the array index being within a valid range and not just a single constant. 
llvm-svn: 112769
 2010-09-01 23:37:36 +00:00
Ted Kremenek 0e12f9cc7b Partial fix for PR 8015 (fix is actually by Jordy Rose, and I added a test case for follow-on work). This patch adds a bandaid for RegionStore's limited reasoning about symbolic array values. 
llvm-svn: 112766
 2010-09-01 23:27:26 +00:00
Ted Kremenek d588e78b95 Don't assert in the analyzer when analyze code does a byte load from a function's address. Fixes PR 8052. 
llvm-svn: 112761
 2010-09-01 23:00:46 +00:00
Tom Care 9026d4b488 Adjusted the semantics of assign checking in IdempotentOperationChecker 
- Fixed a regression where assigning '0' would be reported
- Changed the way self assignments are filtered to allow constant testing
- Added a test case for assign ops
- Fixed one test case where a function pointer was not considered constant
- Fixed test cases relating to 0 assignment

llvm-svn: 112501
 2010-08-30 19:25:43 +00:00
Tom Care 98e679508d Enabled relaxed LiveVariables analysis in the path-sensitive engine to increase the coverage of bugs. Primarily affects IdempotentOperationChecker. 
- Migrated a temporarily separated test back to its original file (bug has been fixed, null-deref-ps-temp.c -> null-deref-ps.c)
- Changed SymbolManager to use relaxed LiveVariables
- Updated several test cases that the IdempotentOperationChecker class now flags
- Added test case to test relaxed LiveVariables use by the IdempotentOperationChecker

llvm-svn: 112312
 2010-08-27 22:46:32 +00:00
Ted Kremenek 4b83f753a1 Add test case for <rdar://problem/8258814>. 
llvm-svn: 110058
 2010-08-02 20:33:00 +00:00
Ted Kremenek 385f71b1f4 Augment RegionStore::BindStruct() to bind symbolicated struct values. This fixes a false path issue reported in <rdar://problem/8243408> and also spurs another cause where the idempotent operations checker fires. 
llvm-svn: 109710
 2010-07-29 00:28:47 +00:00
Ted Kremenek 2a33a0deef Correctly construct an ElementRegion for alloca() + pointer arithmetic. Fixes analyzer 
crash reported in PR 7450.

llvm-svn: 106609
 2010-06-22 23:58:31 +00:00
Ted Kremenek 15a0abd399 Discard qualifiers for ElementRegions so that a 'const' doesn't change the lookup semantics 
in the symbol store.  We may wish to push this down into the StoreManager itself.

llvm-svn: 104788
 2010-05-27 00:29:00 +00:00
Ted Kremenek ef55dd17ec Static analyzer: Don't crash when casting a symbolic region address to a float. Fixes PR 6854. 
llvm-svn: 101499
 2010-04-16 17:54:33 +00:00
Ted Kremenek 8db54ff1de Fix PR 6844, a regression caused by the introduction of llvm_unreachable for the default 
case in GRExprEngine::Visit (in r101129).  Instead, enumerate all Stmt cases and have
no 'default' case in the switch statement.  When we encounter a Stmt we don't handle,
we should explicitly add it to the switch statement.

llvm-svn: 101378
 2010-04-15 17:33:31 +00:00
Ted Kremenek 5868ec6e3d Fix CFG bug where bases of member expressions were not always evaluated in a lvalue context. Fixes <rdar://problem/7813989>. 
llvm-svn: 100966
 2010-04-11 17:02:10 +00:00
Ted Kremenek 6e95bfc6a5 Fix crash in StoreManager::CastRegion() when the base region is a type with 0 size. 
llvm-svn: 100594
 2010-04-07 00:46:49 +00:00
Ted Kremenek f969841a1a Teach MemRegion::getBaseRegion() about ObjCIvarRegions. We want to treat 
them the same way as fields.  This fixes a regression in RegionStore::RemoveDeadbindings()
that emerged from going to the cluster-based analysis.

llvm-svn: 100570
 2010-04-06 22:06:03 +00:00
Ted Kremenek 2d107f9d1d RegionStore: specially handle loads from integer global variables declared 'const'. 
Fixes a false positive reported in PR 6288.

llvm-svn: 99922
 2010-03-30 20:31:04 +00:00
Ted Kremenek 4be6a75884 Change the analyzer to recognize (but ignore) assignments to isa. Fixes PR 6302. 
llvm-svn: 99904
 2010-03-30 18:24:54 +00:00
Ted Kremenek c517974e9e Add test case for <rdar://problem/7770737>. 
llvm-svn: 98979
 2010-03-19 19:45:03 +00:00
Ted Kremenek e3c26d8f7e Add test case for <rdar://problem/7242010>, which appears to have been fixed 
in the recent changes to RegionStore::InvalidateRegions().  Note that we
are still not yet modeling 'memcpy()' explicitly.

llvm-svn: 96902
 2010-02-23 07:17:57 +00:00
Ted Kremenek 1a6672a3d4 Enhance RegionStore::InvalidateRegions() to correctly invalidate bindings 
by scanning through the values of LazyCompoundVals.

llvm-svn: 96067
 2010-02-13 01:52:33 +00:00
Ted Kremenek 5abd69d946 Teach RegionStore::InvalidateRegions() to also invalidate static variables referenced by blocks. 
llvm-svn: 95459
 2010-02-06 00:30:00 +00:00
Ted Kremenek 94e6d98cae Add test case showing the analyzer invalidates '__block' variables when the block is passed as an argument to an ObjC method. 
llvm-svn: 95366
 2010-02-05 06:10:46 +00:00
Ted Kremenek 2f2692f8ca Rename -cc1 option '-checker-cfref' to '-analyzer-check-objc-mem'. 
llvm-svn: 95348
 2010-02-05 02:06:54 +00:00