summaryrefslogtreecommitdiffstats
path: root/clang/lib/Analysis/GRExprEngineInternalChecks.cpp
Commit message (Collapse)AuthorAgeFilesLines
* New static analyzer check by Nikita Zhuk!Ted Kremenek2009-04-081-0/+32
| | | | | | | | | "The attached patch generates warnings of cases where an ObjC message is sent to a nil object and the size of return type of that message is larger than the size of void pointer. This may result in undefined return values as described in PR 2718. The patch also includes test cases." llvm-svn: 68585
* Remove period.Ted Kremenek2009-04-071-1/+1
| | | | llvm-svn: 68497
* Title-case the names of bug types.Ted Kremenek2009-04-021-18/+22
| | | | llvm-svn: 68273
* Adjust wording of bug names.Ted Kremenek2009-03-011-8/+8
| | | | llvm-svn: 65763
* Implemented simple check in <rdar://problem/6600344>: When the receiver of aTed Kremenek2009-02-191-1/+31
| | | | | | | message expression is nil and the return type is struct then the returned value is undefined or potentially garbage. llvm-svn: 65003
* Tidy up bug descriptions.Ted Kremenek2009-02-071-1/+1
| | | | llvm-svn: 64039
* Overhaul BugReporter interface and implementation. The new interface cleans upTed Kremenek2009-02-041-132/+117
| | | | | | | | | | | | | | | | | | | | | the ownership of BugTypes and BugReports. Now BugReports are owned by BugTypes, and BugTypes are owned by the BugReporter object. The major functionality change in this patch is that reports are not immediately emitted by a call to BugReporter::EmitWarning (now called EmitReport), but instead of queued up in report "equivalence classes". When BugReporter::FlushReports() is called, it emits one diagnostic per report equivalence class. This provides a nice cleanup with the caching of reports as well as enables the BugReporter engine to select the "best" path for reporting a path-sensitive bug based on all the locations in the ExplodedGraph that the same bug could occur. Along with this patch, Leaks are now coalesced into a common equivalence class by their allocation site, and the "summary" diagnostic for leaks now reports the allocation site as the location of the bug (this may later be augmented to also provide an example location where the leak occurs). llvm-svn: 63796
* more SourceLocation lexicon change: instead of referring to theChris Lattner2009-01-161-2/+3
| | | | | | "logical" location, refer to the "instantiation" location. llvm-svn: 62316
* [static analyzer] Extend VLA size checking to look for undefined sizes.Ted Kremenek2008-12-091-10/+30
| | | | llvm-svn: 60734
* Add checking for zero-sized VLAs.Ted Kremenek2008-12-081-1/+29
| | | | llvm-svn: 60726
* Add out-of-bound memory access warning report code.Zhongxing Xu2008-11-231-0/+11
| | | | llvm-svn: 59903
* - Clean up transfer function logic for 'return' statements.Ted Kremenek2008-11-211-2/+12
| | | | | | - Add check for returning an undefined value to a caller. llvm-svn: 59764
* Enhance return-of-stack-address checker to recognize regions created by ↵Ted Kremenek2008-11-021-0/+9
| | | | | | alloca(). llvm-svn: 58553
* Use llvm::raw_string_ostream instead of std::ostringstream.Ted Kremenek2008-10-311-4/+4
| | | | llvm-svn: 58479
* Enhance path-sensitive return-of-stack-address check to print out the line ↵Ted Kremenek2008-10-311-3/+20
| | | | | | number of a compound literal (whose address is being returned) instead of printing out the hex representation of the pointer address of the CompoundLiteralExpr. llvm-svn: 58478
* This patch did the following renaming. There should be no functional changes.Zhongxing Xu2008-10-171-6/+6
| | | | | | | | | | RVal => SVal LVal => Loc NonLVal => NonLoc lval => loc nonlval => nonloc llvm-svn: 57671
* This is a big patch, but the functionality change is small and the rest of ↵Ted Kremenek2008-10-041-3/+4
| | | | | | | | | | | | | | the patch consists of deltas due to API changes. This patch overhauls the "memory region" abstraction that was prototyped (but never really used) as part of the Store.h. This patch adds MemRegion.h and MemRegion.cpp, which defines the class MemRegion and its subclasses. This classes serve to define an abstract representation of memory, with regions being layered on other regions to to capture the relationships between fields and variables, variables and the address space they are allocated in, and so on. The main motivation of this patch is that key parts of the analyzer assumed that all value bindings were to VarDecls. In the future this won't be the case, and this patch removes lval::DeclVal and replaces it with lval::MemRegionVal. Now all pieces of the analyzer must reason about abstract memory blocks instead of just variables. There should be no functionality change from this patch, but it opens the door for significant improvements to the analyzer such as field-sensitivity and object-sensitivity, both which were on hold until the memory abstraction got generalized. The memory region abstraction also allows type-information to literally be affixed to a memory region. This will allow the some now redundant logic to be removed from the retain/release checker. llvm-svn: 57042
* Built-in checks now have a category: "Logic Errors"Ted Kremenek2008-09-211-4/+6
| | | | llvm-svn: 56401
* Add "category" to BugTypes, allowing bugs to be grouped.Ted Kremenek2008-09-201-1/+1
| | | | | | Changed casing of many bug names. The convention will be to have bug names (mostly) lower cased, and categories use some capitalization. llvm-svn: 56385
* Rename ValueState -> GRState.Ted Kremenek2008-08-131-11/+11
| | | | | | Rename ValueStateManager -> GRStateManager. llvm-svn: 54721
* Enhanced path-sensitive return-of-stack-address check to print out the name ↵Ted Kremenek2008-07-311-9/+21
| | | | | | of the variable whose address was returned. llvm-svn: 54253
* Add range highlighting for path-sensitive return-of-stack-address check.Ted Kremenek2008-07-301-5/+18
| | | | llvm-svn: 54219
* Moved registration of basic path-sensitive checks from GRSimpleVals.cpp to ↵Ted Kremenek2008-07-221-0/+332
GRExprEngineInternalChecks.cpp. llvm-svn: 53909
OpenPOWER on IntegriCloud