Commit Graph

451 Commits

Author SHA1 Message Date
Francois Pichet 52bea03e7a Unbreak the CMake build.
llvm-svn: 116164
2010-10-10 09:17:09 +00:00
Zhongxing Xu 271c9c7b6d Add experimental chroot check which checks improper use of chroot(). Patch by
Lei Zhang.

llvm-svn: 116163
2010-10-10 05:45:30 +00:00
Tom Care ea53e82c78 UnreachableCodeChecker cleanup and improvements
- Fixed some iterator style issues
- Don't process blocks that have been visited already
- Fixed a case where a unreachable block cycle was not reported
- Minor test case changes
- Added one test case from flow-sensitive version of the check. More coming.

llvm-svn: 115861
2010-10-06 23:02:25 +00:00
Tom Care 7359459636 UnreachableCodeChecker does not need to inherit from CheckerVisitor, only Checker. It does not use any AST Stmt hooks, only VisitEndAnalysis.
llvm-svn: 115345
2010-10-01 20:52:07 +00:00
Marcin Swiderski 99a9040a1f Added two new command line arguments:
-cfg-add-implicit-dtors - sets CFG::BuildOptions::AddImplicitDtors for AnalysisCosumer to true,
-cfg-add-initializers - sets CFG::BuildOptions::AddInitializers for AnalysisCosumer to true.

llvm-svn: 115142
2010-09-30 07:41:24 +00:00
Ted Kremenek b0e7d77729 Include changes to VisitCXXMemberCallExpr (call visitor functions).
llvm-svn: 115120
2010-09-30 01:06:29 +00:00
Ted Kremenek 3d6c0c0091 Tweak nil receiver checker to not warning about 64-bit return values.
Fixes: <rdar://problem/7513117>
llvm-svn: 115113
2010-09-30 00:37:10 +00:00
Tom Care 2f0419e1f8 AnalyzerStatsChecker improvements:
- Use BlockEntrance rather than BlockEdge to bring in line with UnreachableCodeChecker. Fixes an issue where unreached blocks would still be counted as reachable.
- Added warnings for all BlockAborted locations. This allows us to see where the analyzer stopped analyzing.

llvm-svn: 115110
2010-09-29 23:48:34 +00:00
Tom Care 472205be35 Change -analyzer-max-nodes to allow 0 as a parameter. This allows the analyzer to completely analyze a worklist regardless of time taken.
llvm-svn: 115108
2010-09-29 23:48:13 +00:00
Ted Kremenek fd5856adcb Refactor GRExprEngine::VisitCall() to use EvalArguments(), just like VisitCXXMemberCallExpr(). Ideally we should unify these code paths as much as possible, since they only differ by a few details.
llvm-svn: 114628
2010-09-23 05:14:51 +00:00
Tom Care 14fefab721 Fix an inverse boolean and unnecessary new line in warning output from AnalyzerStatsChecker.
llvm-svn: 114581
2010-09-22 21:07:51 +00:00
Tom Care 0bd3431a5e Revert r114244 since it breaks a test in Analysis.
llvm-svn: 114246
2010-09-18 00:17:17 +00:00
Tom Care 0f99e64305 IdempotentOperationChecker no longer reports errors that are post-dominated by a sink. This fixes some false positives that were flagged because a path was incomplete (usually in a loop).
llvm-svn: 114244
2010-09-18 00:06:34 +00:00
Tom Care 58191966bc Refactored BugReporter to refer to EndNode as ErrorNode. We currently make the assumption that EndNode == ErrorNode, but upcoming changes will break this.
llvm-svn: 114065
2010-09-16 03:50:38 +00:00
Zhongxing Xu 2cd7a78c76 Introduce new CFGElement hierarchy to support C++ CFG, based on Marcin's patch
and discussions with Ted and Jordy.

llvm-svn: 114056
2010-09-16 01:25:47 +00:00
Ted Kremenek c4deb92316 Disallow the use of UnknownVal as the index for ElementRegions. UnknownVals can be used as
the index when the value evaluation isn't powerful enough.  By creating ElementRegions with
UnknownVals as the index, this gives the false impression that they are the same element, when
they really aren't.  This becomes really problematic when deriving symbols from these regions
(e.g., those representing the initial value of the index), since two different indices will
get the same symbol for their binding.

This fixes an issue with the idempotent operations checker that would cause two indices that
are clearly not the same to make it appear as if they always had the same value.

Fixes <rdar://problem/8431728>.

llvm-svn: 113920
2010-09-15 03:13:30 +00:00
Ted Kremenek 72c9b0d582 Adjust assertion in RegionStoreManager::RetrieveArray() to also take into account typedefs.
llvm-svn: 113893
2010-09-14 23:29:38 +00:00
Ted Kremenek c95589d2e6 Don't divide-by-zero in RegionStoreManager::getSizeInElements() when getting the size of a VLA. We don't track VLA extents yet,
but we should at least not crash.  Fixes <rdar://problem/8424269>.

llvm-svn: 113888
2010-09-14 23:08:34 +00:00
Tom Care c88ed9561e Rename 'MaxLoop' to 'MaxVisit' in AnalysisManager to more correctly reflect that we aborted analysis may not necessarily be due to a loop.
llvm-svn: 113862
2010-09-14 21:35:27 +00:00
Michael J. Spencer 09476212de Revert "CMake: Update to use standard CMake dependency tracking facilities instead"
This reverts commit r113631

Conflicts:

	CMakeLists.txt
	lib/CodeGen/CMakeLists.txt

llvm-svn: 113817
2010-09-13 23:54:41 +00:00
Michael J. Spencer 0881f4a367 CMake: Update to use standard CMake dependency tracking facilities instead
of whatever we were using before...

llvm-svn: 113631
2010-09-10 21:13:16 +00:00
Sebastian Redl 9ac55dd8e4 Serialization support for CXXNoexceptExpr.
llvm-svn: 113627
2010-09-10 20:55:54 +00:00
Ted Kremenek 0a3f523614 Polish diagnostics for null dereferences via ObjC ivar accesses. Finishes up <rdar://problem/6352035>.
llvm-svn: 113612
2010-09-10 20:20:49 +00:00
Ted Kremenek 6c0cc5e69a Add checker implementation for my previous commit!
llvm-svn: 113574
2010-09-10 03:45:29 +00:00
Ted Kremenek e495c99055 Implement: <rdar://problem/6351970> rule request: warn if @synchronized mutex can be nil
llvm-svn: 113573
2010-09-10 03:05:40 +00:00
Ted Kremenek ed12f1b9f9 Add ObjCAtSynchronizedStmt to the CFG and add GRExprEngine support (PreVisit for checkers).
llvm-svn: 113572
2010-09-10 03:05:33 +00:00
Tom Care 4545b2df42 Added AnalyzerStatsChecker, a path sensitive check that reports visitation statistics about analysis. Running clang with the -analyzer-stats flag will emit warnings containing the information. We can then run a postanalysis script to take this data and give useful information about how much the analyzer missed in a project.
llvm-svn: 113568
2010-09-10 00:44:44 +00:00
Ted Kremenek 5cdaeaaa1d Clean up obtuse wording of checker diagnostic of using an uninitialized value in a function call.
Fixes: <rdar://problem/8409480> “warning: Pass-by-value argument in function call is undefined” message can be improved
llvm-svn: 113554
2010-09-09 22:51:55 +00:00
Ted Kremenek ff3a4ff6e9 Use FindReportInEquivalenceClass to identify all the nodes used for the trimmed graph (in BugReporter). This fixes a problem where a leak that happened to occur on both an exit() path and a non-exit() path was getting reported with the exit() path (which users don't care about).
This fixes:

<rdar://problem/8331641> leak reports should not show paths that end with exit() (but ones that don't end with exit())

llvm-svn: 113524
2010-09-09 19:05:34 +00:00
Douglas Gregor c9199f522f Clean up CMake dependencies
llvm-svn: 113489
2010-09-09 15:44:58 +00:00
Benjamin Kramer d4b4b7e8a1 Remove unused variable.
llvm-svn: 113482
2010-09-09 12:27:34 +00:00
Gabor Greif 230ddf37af do not bind temporaries to non-const references
this fixes all analyser test failures in my gcc34-based
environment

how the cast result could bind to the non-const ref is
somewhat mysterious and remains to be investigated; to
avoid similar miscompilations (by gcc34 only?)

llvm-svn: 113480
2010-09-09 10:51:37 +00:00
Ted Kremenek 5f256da834 Rename GRState::getSVal() -> getRawSVal() and getSimplifiedSVal() -> getSVal().
The end result is now we eagarly constant-fold symbols in the analyzer that are perfectly constrained
to be a constant value.  This allows us to recover some path-sensitivity in some cases by lowering
the required level of reasoning power needed to evaluate some expressions.

The net win from this change is that the false positive in PR 8015 is fixed, and we also
find more idempotent operations bugs.

We do, however, regress with the BugReporterVisitors, which need to be modified to understand
this constant folding (and look past it).  This causes some diagnostic regressions in plist-output.m
which will get addressed in a future patch.  plist-output.m is now marked XFAIL, while
plist-output-alternate.m now tests that the plist output is working, but with the suboptimal
diagnostics.  This second test file will eventually be removed.

llvm-svn: 113477
2010-09-09 07:13:00 +00:00
Tom Care 68df12f0c4 Simplified reachability checking in IdempotentOperationChecker and added a helper function for path display.
- Created private class CFGReachabilityAnalysis, which provides cached reachability lookups in the CFG
- Simplified PathWasCompletelyAnalyzed to use the new reachability class
- Added getLastRelevantNodes function for future use with path displaying in BugReporter

llvm-svn: 113465
2010-09-09 02:04:52 +00:00
Ted Kremenek 8f0e834c4c Static analyzer fix: <rdar://problem/5880430> Switch on enum should not consider default case live if all enum values are covered
llvm-svn: 113457
2010-09-09 00:40:40 +00:00
Francois Pichet 5cc0a67f08 Fix warnings caused by new CXXUuidofExprClass enumerator.
llvm-svn: 113444
2010-09-08 23:47:05 +00:00
Ted Kremenek aba4958db2 Fix null pointer dereference in StreamChecker::Fseek (reported in PR 8081) and simplify surrounding checking logic.
llvm-svn: 113282
2010-09-07 20:45:26 +00:00
Tom Care bc9eaef24c Re-enabled truncation/extension checking in IdempotentOperationChecker and added a test case.
llvm-svn: 113269
2010-09-07 20:27:56 +00:00
Chris Lattner 3dd48bd169 "I see dead code". IdempotentOperationChecker::isTruncationExtensionAssignment
should probably be removed if it has no purpose, but I just #if'd it out
in case it's usefulIdempotentOperationChecker::isTruncationExtensionAssignment
should probably be removed if it has no purpose, but I just #if'd it out
in case it's useful

llvm-svn: 112949
2010-09-03 04:34:38 +00:00
Ted Kremenek ba8752aac8 Support pointer arithmetic in SimpleSValuator involving direct constants.
llvm-svn: 112932
2010-09-03 01:07:06 +00:00
Ted Kremenek 5c0969f027 Remove bogus assertions.
llvm-svn: 112931
2010-09-03 01:07:04 +00:00
Ted Kremenek 5b24adda26 Add optional record of "location" SVals in the environment. When we analyzing loads/stores, we lose the location SVal, which makes it difficult to recover in some cases (e.g., for post diagnostics). This is prep for pending changes to GRExprEngine.
llvm-svn: 112930
2010-09-03 01:07:02 +00:00
Ted Kremenek db4c128f2f Add GRState::getSimplifiedSVal(), which provides an API hook for doing symbol -> constant folding. This isn't used yet, but
is prep for some pending optimizations in GRExprEngine.

llvm-svn: 112929
2010-09-03 01:06:58 +00:00
Tom Care 796ed50433 Reapply 112850 and 112839 with a constructor for the BinaryOperatorData struct. Clang would zero out the enum and pointer in the struct in some conditions, but GCC would never zero out the values.
llvm-svn: 112909
2010-09-02 23:30:22 +00:00
Douglas Gregor 6429f5cf29 Eliminate CXXBindReferenceExpr, which was used in a ton of
well-intentioned but completely unused code.

llvm-svn: 112868
2010-09-02 21:50:02 +00:00
Tom Care 9fbfeea05b Reverting 112850 and 112839 due to test failures on some systems
llvm-svn: 112857
2010-09-02 20:58:38 +00:00
Tom Care a25b273a5b Fixed broken build with GCC
llvm-svn: 112850
2010-09-02 19:00:08 +00:00
Tom Care 1ce2faca05 Improved error reporting in IdempotentOperationChecker
- SourceRange highlighting is only given for the relevant side of the operator (assignments give both)
- Added PostVisitBinaryOperator hook to retrieve the ExplodedNode for an operator
- Added a BugReporterVisitor to display the last store to every VarDecl in a Stmt
- Changed bug reporting to use the new BugReporterVisitor

llvm-svn: 112839
2010-09-02 17:49:20 +00:00
Zhongxing Xu dcf7b3501d update comments.
llvm-svn: 112796
2010-09-02 01:56:39 +00:00
Ted Kremenek 07343c02be For GRExprEngine::EvalBind() (and called visitors), unifiy StoreE and AssignE. Now StoreE (const Stmt*) represents the expression where the store took place, which is the assignment expression if it takes place in an assignment. This removes some conceptual dissidence as well as removes an extra parameter from the Checker::PreVisitBind() visitor. It also improves ranges and source location information in analyzer diagnostics.
llvm-svn: 112789
2010-09-02 00:56:20 +00:00