summaryrefslogtreecommitdiffstats
path: root/clang/lib/Analysis/GRExprEngine.cpp
Commit message (Collapse)AuthorAgeFilesLines
* Fix PR 4631. The compound initializers of unions were not being evaluated, whichTed Kremenek2009-07-281-8/+2
| | | | | | | | | could cause false positives if any the subexpressions had side-effects. These initializers weren't evaluated because the StoreManager would need to handle them, but that's an orthogonal problem of whether or not the StoreManager can handle the binding. llvm-svn: 77361
* Revert r76831, there are many Analyzer test failures on multiple platforms.Daniel Dunbar2009-07-231-16/+3
| | | | | | | | --- Reverse-merging r76831 into '.': U include/clang/Analysis/PathSensitive/GRExprEngine.h U lib/Analysis/GRExprEngine.cpp llvm-svn: 76851
* Add 'previsit' Checker pass for ObjCMessageExprs.Ted Kremenek2009-07-231-3/+16
| | | | llvm-svn: 76831
* Refactor 'PostStmt' and 'PreStmt' to subclass a common parent 'StmtPoint'.Ted Kremenek2009-07-221-5/+6
| | | | | | | | | | | | Educate GRExprEngine::VisitGraph() about 'PreStmt'. Mark the constructor of 'PostStmt' to be explicit, preventing implicit conversions and the selection of the wrong 'generateNode' method in GRStmtNodeBuilder. Constify a bunch of arguments, which falls out of the changes to ProgramPoint. llvm-svn: 76809
* Add support for registering 'Checker' objects with GRExprEngine.Ted Kremenek2009-07-221-5/+48
| | | | | | Add a 'previsit' stage (that dispatches to registered Checkers) when evaluating the effects of CallExprs. llvm-svn: 76794
* Fix PR 4594 by refactoring almost all casting logic from GRExprEngine::VisitCastTed Kremenek2009-07-211-162/+29
| | | | | | | | | to SValuator::EvalCast. In the process, the StoreManagers now use this new cast machinery, and the hack in GRExprEngine::EvalBind to handle implicit casts involving OSAtomicCompareAndSwap and friends has been removed (and replaced with logic closer to the logic specific to those functions). llvm-svn: 76641
* Enhance GRExprEngine::EvalBind to handle some implicit casts from nonlocs toTed Kremenek2009-07-201-1/+18
| | | | | | locs and vis versa. llvm-svn: 76483
* Add FIXME.Ted Kremenek2009-07-201-0/+5
| | | | llvm-svn: 76466
* Enhance GRBranchNodeBuilderImpl (part of GRCoreEngine) to understand the caseTed Kremenek2009-07-201-8/+12
| | | | | | | | where the true or false CFGBlock* for a branch could be NULL. This will handle the case where we can determine during CFG construction that a branch is infeasible. llvm-svn: 76450
* Fix caching bug revealed by analyzing ClamAV using RegionStore.Ted Kremenek2009-07-171-2/+1
| | | | llvm-svn: 76262
* Per offline discussion with Steve Naroff, add back Type::getAsXXXType() methodsTed Kremenek2009-07-171-2/+2
| | | | | | | | | until Doug Gregor's Type smart pointer code lands (or more discussion occurs). These methods just call the new Type::getAs<XXX> methods, so we still have reduced implementation redundancy. Having explicit getAsXXXType() methods makes it easier to set breakpoints in the debugger. llvm-svn: 76193
* Add member template 'Type::getAs<T>', which converts a Type* to a respective T*.Ted Kremenek2009-07-161-2/+2
| | | | | | | | | | | | | | | | | | | | | This method is intended to eventually replace the individual Type::getAsXXXType<> methods. The motivation behind this change is twofold: 1) Reduce redundant implementations of Type::getAsXXXType() methods. Most of them are basically copy-and-paste. 2) By centralizing the implementation of the getAs<Type> logic we can more smoothly move over to Doug Gregor's proposed canonical type smart pointer scheme. Along with this patch: a) Removed 'Type::getAsPointerType()'; now clients use getAs<PointerType>. b) Removed 'Type::getAsBlockPointerTypE()'; now clients use getAs<BlockPointerType>. llvm-svn: 76098
* Two changes:Ted Kremenek2009-07-161-5/+5
| | | | | | | | | | | | | (1) Moved the SValuator object from GRExprEngine to ValueManager. This allows ValueManager to use the SValuator when creating SVals. (2) Added ValueManager::makeArrayIndex() and ValueManager::convertToArrayIndex(), two SVal creation methods that will help RegionStoreManager always have a consistent set of SVals with the same integer size and type when reasoning about array indices. llvm-svn: 75882
* Instead of recovering from a wrong invalidation, this patch aims to Zhongxing Xu2009-07-141-3/+3
| | | | | | | | invalidate the region correctly. It uses the cast-to type to invalidate the region when available. To avoid invalid cast-to type like 'void*' or 'id', region store now only records non-generic casts of regions. llvm-svn: 75580
* Handle insidious corner case exposed by RegionStoreManager when handling ↵Ted Kremenek2009-07-111-0/+13
| | | | | | | | void* values that are bound to symbolic regions and then treated like integers. llvm-svn: 75356
* Remove the ASTContext parameter from the attribute-related methods of Decl.Argyrios Kyrtzidis2009-06-301-2/+2
| | | | | | | | | The implementations of these methods can Use Decl::getASTContext() to get the ASTContext. This commit touches a lot of files since call sites for these methods are everywhere. I used pre-tokenized "carbon.h" and "cocoa.h" headers to do some timings, and there was no real time difference between before the commit and after it. llvm-svn: 74501
* Key decisions about 'bool' vs '_Bool' to be based on a new flag in langoptions.Chris Lattner2009-06-301-4/+7
| | | | | | | | | | | | This is simple enough, but then I thought it would be nice to make PrintingPolicy get a LangOptions so that various things can key off "bool" and "C++" independently. This spiraled out of control. There are many fixme's, but I think things are slightly better than they were before. One thing that can be improved: CFG should probably have an ASTContext pointer in it, which would simplify its clients. llvm-svn: 74493
* Remove '#include <sstream>' from libAnalysis.Ted Kremenek2009-06-261-1/+0
| | | | llvm-svn: 74245
* Introduce a new concept to the static analyzer: SValuator.Ted Kremenek2009-06-261-47/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | GRTransferFuncs had the conflated role of both constructing SVals (symbolic expressions) as well as handling checker-specific logic. Now SValuator has the role of constructing SVals from expressions and GRTransferFuncs just handles checker-specific logic. The motivation is by separating these two concepts we will be able to much more easily create richer constraint-generating logic without coupling it to the main checker transfer function logic. We now have one implementation of SValuator: SimpleSValuator. SimpleSValuator is essentially the SVal-related logic that was in GRSimpleVals (which is removed in this patch). This includes the logic for EvalBinOp, EvalCast, etc. Because SValuator has a narrower role than the old GRTransferFuncs, the interfaces are much simpler, and so is the implementation of SimpleSValuator compared to GRSimpleVals. I also did a line-by-line review of SVal-related logic in GRSimpleVals and cleaned it up while moving it over to SimpleSValuator. As a consequence of removing GRSimpleVals, there is no longer a '-checker-simple' option. The '-checker-cfref' did everything that option did but also ran the retain/release checker. Of course a user may not always wish to run the retain/release checker, nor do we wish core analysis logic buried in the checker-specific logic. The next step is to refactor the logic in CFRefCount.cpp to separate out these pieces into the core analysis engine. llvm-svn: 74229
* Remove uses of std::ostream from libAnalysis.Ted Kremenek2009-06-241-13/+7
| | | | llvm-svn: 74136
* Update for LLVM API changes.Owen Anderson2009-06-241-1/+2
| | | | llvm-svn: 74085
* Remove GRStateManager::getRegion/getSelfRegion().Ted Kremenek2009-06-231-2/+2
| | | | llvm-svn: 74006
* Remove GRStateManager::BindLoc() and GRStateManager::Unbind().Ted Kremenek2009-06-231-1/+1
| | | | llvm-svn: 73996
* Remove GRStateManager::BindDecl() and GRStateManager::BindDeclWithInit().Ted Kremenek2009-06-231-2/+2
| | | | llvm-svn: 73995
* Move 'hasStackStorage()' and 'hasHeapStorage()' from MemRegionManager to ↵Ted Kremenek2009-06-231-1/+1
| | | | | | MemRegion. llvm-svn: 73973
* Move all factory methods from SVal to ValueManager. API cleanup!Zhongxing Xu2009-06-231-17/+20
| | | | llvm-svn: 73954
* ValueManager::makeNonLoc -> ValueManager::makeIntValZhongxing Xu2009-06-231-2/+1
| | | | | | Clean up code with ValueManager. llvm-svn: 73951
* Remove more GetSVal/GetLValue methods in GRExprEngine/GRState, insteadTed Kremenek2009-06-191-110/+106
| | | | | | | preferring to use their replacements in GRState. This further unifies the code paths for such logic and leads to some code reduction. llvm-svn: 73771
* Move clients over from using GRStateManager::BindXXX and friends toTed Kremenek2009-06-181-5/+3
| | | | | | GRState->bindXXX and friends (and constify some arguments along the way). llvm-svn: 73740
* libAnalysis:Ted Kremenek2009-06-181-124/+70
| | | | | | | | | - Remove the 'isFeasible' flag from all uses of 'Assume'. - Remove the 'Assume' methods from GRStateManager. Now the only way to create a new GRState with an assumption is to use the new 'assume' methods in GRState. llvm-svn: 73731
* Move the static DeclAttrs map into ASTContext. Fixes <rdar://problem/6983177>.Douglas Gregor2009-06-181-1/+2
| | | | llvm-svn: 73702
* Remove more dependencies on GRStateRef. As a consequence, we can nowTed Kremenek2009-06-181-10/+9
| | | | | | | pretty-print a GRState object anywhere it is referenced (instead of needing a GRStateRef of a GRStateManager handy). llvm-svn: 73669
* Sink the BuiltinInfo object from ASTContext into theChris Lattner2009-06-141-0/+1
| | | | | | | | preprocessor and initialize it early in clang-cc. This ensures that __has_builtin works in all modes, not just when ASTContext is around. llvm-svn: 73319
* * API change: we need to pass GRState to GRExprEngine::EvalBinOp() becauseZhongxing Xu2009-05-201-14/+16
| | | | | | | | RegionStore needs to know the type of alloca region. * RegionStoreManager::EvalBinOp() now converts the alloca region to its first element region, as what is done to symbolic region. llvm-svn: 72164
* As discussed with Ted, rename TypedRegion::getObjectType() to Zhongxing Xu2009-05-091-1/+1
| | | | | | TypedRegion::getValueType(). llvm-svn: 71321
* rename: MemRegion:Zhongxing Xu2009-05-091-1/+1
| | | | | | | | | RValueType => ObjectType LValueType => LocationType No functionality change. llvm-svn: 71304
* analyzer: Add ProgramPoint 'PostLValue' just to distinguish (forTed Kremenek2009-05-071-5/+21
| | | | | | | analysis introspection) when we computed an lvalue. This shouldn't effect the current analysis results in any way. llvm-svn: 71169
* Per conversations with Zhongxing, add an 'element type' toTed Kremenek2009-05-041-1/+2
| | | | | | | | | | | | | | | | | | | ElementRegion. I also removed 'ElementRegion::getArrayRegion', although we may need to add this back. This breaks a few test cases with RegionStore: - 'array-struct.c' triggers an infinite recursion in RegionStoreManager. Need to investigate. - misc-ps.m triggers a failure with RegionStoreManager as we now get the diagnostic: 'Line 159: Uninitialized or undefined return value returned to caller.' There were a bunch of places that needed to be edit RegionStoreManager, and we may not be passing all the correct 'element types' down from GRExprEngine. Zhongxing: When you get a chance, could you review this? I could have easily screwed up something basic in RegionStoreManager. llvm-svn: 70830
* split ObjC and C++ Statements out into their own headers.Chris Lattner2009-04-261-1/+3
| | | | llvm-svn: 70105
* Fix PR 4033: the analyzer shouldn't crash on computed gotos involving symbolicTed Kremenek2009-04-231-2/+1
| | | | | | target addresses. llvm-svn: 69900
* Fix crash reported in PR 3991. The analyzer doesn't reason about ObjCKVCExpr.Ted Kremenek2009-04-211-0/+1
| | | | llvm-svn: 69754
* Fix: <rdar://problem/6777209> false Dereference of null pointer in loop: ↵Ted Kremenek2009-04-211-1/+25
| | | | | | | | | | pointer increment/decrement preserves non-nullness When the StoreManager doesn't reason well about pointer-arithmetic, propagate the non-nullness constraint on a pointer value when performing pointer arithmetic uisng ++/--. llvm-svn: 69741
* get a CodeTextRegion when visiting FunctionDecl reference.Zhongxing Xu2009-04-201-13/+8
| | | | | | get FunctionDecl with more general utility method. llvm-svn: 69570
* Add analyzer support for objc_atomicCompareAndSwap()Ted Kremenek2009-04-111-2/+3
| | | | llvm-svn: 68849
* Implement analyzer support for OSCompareAndSwap. This required pushing "tagged"Ted Kremenek2009-04-111-11/+172
| | | | | | | | | ProgramPoints all the way through to GRCoreEngine. NSString.m now fails with RegionStoreManager because of the void** cast. Disabling use of region store for that test for now. llvm-svn: 68845
* Finally nuke loc::SymbolVal.Zhongxing Xu2009-04-101-37/+1
| | | | llvm-svn: 68771
* Fix: <rdar://problem/6776949> Branch condition evaluates to an uninitialized ↵Ted Kremenek2009-04-101-1/+25
| | | | | | | | value (argc is guaranteed to be >= 1) The analyzer now adds the precondition that the first argument of 'main' is > 0. llvm-svn: 68757
* Implement attribute "analyzer_noreturn" (<rdar://problem/6777003>). This allowsTed Kremenek2009-04-101-1/+1
| | | | | | | clients of the analyzer to designate custom assertion routines as "noreturn" functions from the analyzer's perspective but not the compiler's. llvm-svn: 68746
* - Move ownership of MemRegionManager into ValueManager.Ted Kremenek2009-04-091-11/+6
| | | | | | | - Pull SVal::GetConjuredSymbol() and friends into ValueManager. This greatly simplifies the calling interface to clients. llvm-svn: 68731
* Remove SVal::MakeZero and replace it with ValueManager::makeZeroVal.Ted Kremenek2009-04-091-1/+2
| | | | llvm-svn: 68711
OpenPOWER on IntegriCloud