summaryrefslogtreecommitdiffstats
path: root/clang/lib/Analysis/GRExprEngineInternalChecks.cpp
Commit message (Collapse)AuthorAgeFilesLines
* Add clang-cc option "--analyzer-experimental-internal-checks". ThisTed Kremenek2009-11-131-7/+0
| | | | | | | option enables new "internal" checks that will eventually be turned on by default but still require broader testing. llvm-svn: 88671
* Remove some stale ErrorNodes variables in GRExprEngine and the old buffer ↵Ted Kremenek2009-11-111-12/+0
| | | | | | overflow logic in GRExprEngineInternalChecks.cpp. llvm-svn: 86877
* Add undefined array subscript checker.Zhongxing Xu2009-11-111-0/+1
| | | | llvm-svn: 86837
* Reimplement out-of-bound array access checker with the new checker interface.Zhongxing Xu2009-11-111-0/+1
| | | | | | Now only one test case is XFAIL'ed. llvm-svn: 86834
* Remove public headers for UndefinedArgChecker, AttrNonNullChecker, and ↵Ted Kremenek2009-11-111-6/+3
| | | | | | BadCallChecker, making their implementations completely private. llvm-svn: 86809
* Refactor DereferenceChecker to use only the new Checker API instead ofTed Kremenek2009-11-111-3/+1
| | | | | | | | | | the old builder API. This percolated a bunch of changes up to the Checker class (where CheckLocation has been renamed VisitLocation) and GRExprEngine. ProgramPoint now has the notion of a "LocationCheck" point (with PreLoad and PreStore respectively), and a bunch of the old ProgramPoints that are no longer used have been removed. llvm-svn: 86798
* Add check for pointer arithmetic on non-array variables.Zhongxing Xu2009-11-091-0/+1
| | | | llvm-svn: 86538
* Add checker for CWE-588: Attempt to Access Child of a Non-structure Pointer.Zhongxing Xu2009-11-091-0/+2
| | | | llvm-svn: 86529
* Add checker for CWE-587: Assignment of a Fixed Address to a Pointer.Zhongxing Xu2009-11-091-1/+1
| | | | llvm-svn: 86523
* Add checker for CWE-469: Use of Pointer Subtraction to Determine Size. ThisZhongxing Xu2009-11-091-0/+1
| | | | | | | checker does not build sink nodes. Because svaluator computes an unknown value for the subtraction now. llvm-svn: 86517
* Make the VLASizeChecker implementation private, and its creation only known ↵Ted Kremenek2009-11-061-10/+8
| | | | | | to GRExprEngineInternalChecks.cpp. llvm-svn: 86292
* Make the implementation of DivZeroChecker private.Ted Kremenek2009-11-061-6/+8
| | | | llvm-svn: 86288
* Add a checker for CWE-466: Return of Pointer Value Outside of Expected Range.Zhongxing Xu2009-11-061-0/+1
| | | | llvm-svn: 86252
* static analyzer: refactor checking logic for returning the address of a ↵Ted Kremenek2009-11-061-75/+3
| | | | | | | | | stack variable or a garbage value into their own respective subclasses of Checker (and put them in .cpp files where their implementation details are hidden from GRExprEngine). llvm-svn: 86215
* Catch uses of undefined values when they are used in assignment, thus ↵Ted Kremenek2009-11-041-8/+10
| | | | | | catching such bugs closer to the source. llvm-svn: 86003
* Merge ZeroSizedVLAChecker and UndefSizedVLAChecker.Zhongxing Xu2009-11-041-2/+1
| | | | llvm-svn: 85996
* Merge NullDerefChecker.[h,cpp] and UndefDerefChecker.[h,cpp]. They are ↵Ted Kremenek2009-11-031-2/+1
| | | | | | essentially two parts of the same check. llvm-svn: 85911
* Pull VLA size checker into its own files. Zhongxing Xu2009-11-031-61/+4
| | | | | | | | Split it to two checkers, one for undefined size, the other for zero size, so that we don't need to query the size when emitting the bug report. llvm-svn: 85895
* Pull AttrNonNullChecker into its own files.Zhongxing Xu2009-11-031-90/+2
| | | | llvm-svn: 85883
* Pull UndefinedArgChecker into its own files.Zhongxing Xu2009-11-031-37/+2
| | | | llvm-svn: 85875
* Pull BadCallChecker into its own files.Zhongxing Xu2009-11-031-43/+2
| | | | llvm-svn: 85868
* Move CheckDivZero into its own files.Zhongxing Xu2009-10-311-70/+2
| | | | llvm-svn: 85651
* Move UndefDerefChecker into its own file.Zhongxing Xu2009-10-311-50/+2
| | | | llvm-svn: 85645
* Move NullDerefChecker.h instead a 'Checkers' subdirectory.Ted Kremenek2009-10-301-1/+1
| | | | llvm-svn: 85596
* Move all logic for the null dereference checker from ↵Ted Kremenek2009-10-301-46/+1
| | | | | | GRExprEngineInternalChecks.cpp to a separate .cpp file. llvm-svn: 85595
* Fix accidental use of CheckSVal instead of CheckLocation, and add aTed Kremenek2009-10-291-2/+2
| | | | | | small test case to show we handle dereferences of undefined values. llvm-svn: 85492
* Move NullDeref and UndefDeref into their own checker. Zhongxing Xu2009-10-291-66/+104
| | | | | | | | Add a CheckLocation() interface to Checker. Now ImplicitNullDeref nodes are cached in NullDerefChecker. More cleanups follow. llvm-svn: 85471
* Rename: CheckBadDiv->CheckDivZero.Zhongxing Xu2009-10-221-7/+8
| | | | llvm-svn: 84824
* Shorten the static analyzer diagnostic for 'use of garbage value'.Ted Kremenek2009-09-241-2/+2
| | | | llvm-svn: 82672
* Have divide-by-zero checker not handled undefined denominators. This is ↵Ted Kremenek2009-09-161-26/+18
| | | | | | handled by the generic checking for undefined operands for BinaryOperators. llvm-svn: 82019
* Fix static analyzer regression when emitting undefined value warningsTed Kremenek2009-09-151-9/+16
| | | | | | | with binary operators. The result of a binary operator may be undefined even if its operands are well-defined. llvm-svn: 81874
* Introduce "DefinedOrUnknownSVal" into the SVal class hierarchy, providing a wayTed Kremenek2009-09-111-10/+66
| | | | | | | | | | | | to statically type various methods in SValuator/GRState as required either a defined value or a defined-but-possibly-unknown value. This leads to various logic cleanups in GRExprEngine, and lets the compiler enforce via type checking our assumptions about what symbolic values are possibly undefined and what are not. Along the way, clean up some of the static analyzer diagnostics regarding the uses of uninitialized values. llvm-svn: 81579
* Remove tabs, and whitespace cleanups.Mike Stump2009-09-091-103/+103
| | | | llvm-svn: 81346
* Fix regression introduced in r80786 and reported in PR 4867. We should useTed Kremenek2009-09-031-2/+7
| | | | | | | 'dyn_cast' instead of 'cast' as the denominator value could be UnknownVal (and is not guaranteed to be a DefinedVal). llvm-svn: 80869
* remove a debug output I introduced in the last commit.Zhongxing Xu2009-09-031-2/+0
| | | | llvm-svn: 80865
* Refactor the check for bad divide into a checker.Zhongxing Xu2009-09-021-10/+68
| | | | | | | | | Also fix a checker context bug: the Dst set is not always empty initially. Because in GRExprEngine::CheckerVisit(), *CurrSet is used repeatedly. So we removed the Dst.empty() condition in ~CheckerContext() when deciding whether to do autotransision. llvm-svn: 80786
* Refactor bad callee check into a Checker.Zhongxing Xu2009-09-021-14/+32
| | | | | | Now bad callee is checked as a PreVisit to the CallExpr. llvm-svn: 80771
* Still use BadArg bugtype in the checker. This saves us implement ↵Zhongxing Xu2009-09-021-17/+8
| | | | | | | | | | | | | | registerInitialVisitors in the BugReport. When all internal bug checking logic are moved to checkers, BuiltinBug will not reference GRExprEngine, and FlushReports() will be not necessary, since all bugs are emitted into the equivalent classes immediately. For now just add a ctor with no arguments. llvm-svn: 80770
* Sentence-case bug category.Ted Kremenek2009-09-011-1/+1
| | | | llvm-svn: 80644
* Refactor undefined argument checking into a Checker.Zhongxing Xu2009-08-291-2/+45
| | | | llvm-svn: 80417
* ConstraintManager::AssumeDual now accepts a 'DefinedSVal' instead of 'SVal' forTed Kremenek2009-08-241-2/+7
| | | | | | | the condition. This eliminates a source of bugs where the client doesn't correctly reason about undefined or unknown values. This fixes PR 4759. llvm-svn: 79952
* Enhance static analyzer diagnostics by introducing a new 'EnhancedBugReporter'Ted Kremenek2009-08-181-5/+8
| | | | | | | | | which allows custom checks to register callback creator functions for creating BugReporterVisitor objects. This allows various checks to include diagnostics such as 'assuming value is null' with little extra work. Eventually this API should be refactored to be cleaner and more simple. llvm-svn: 79302
* Last step of template cleanup: merge *BuilderImpl to *Builder.Zhongxing Xu2009-08-061-1/+1
| | | | | | Some Builders need further cleanup. llvm-svn: 78301
* As GRState seems general enough, it is time to merge some template classes Zhongxing Xu2009-08-061-24/+24
| | | | | | | and their impl base classes. This can greatly simply some code of the core analysis engine. This patch merges ExplodedNodeImpl into ExplodedNode. llvm-svn: 78270
* Fix regression in attribute 'nonnull' checking when a transition nodeTed Kremenek2009-07-281-1/+1
| | | | | | was created but not added to the destination NodeSet. This fixes PR 4630. llvm-svn: 77353
* Mark destructor of Checker virtual.Ted Kremenek2009-07-241-0/+1
| | | | llvm-svn: 76924
* Refactor 'PostStmt' and 'PreStmt' to subclass a common parent 'StmtPoint'.Ted Kremenek2009-07-221-8/+8
| | | | | | | | | | | | Educate GRExprEngine::VisitGraph() about 'PreStmt'. Mark the constructor of 'PostStmt' to be explicit, preventing implicit conversions and the selection of the wrong 'generateNode' method in GRStmtNodeBuilder. Constify a bunch of arguments, which falls out of the changes to ProgramPoint. llvm-svn: 76809
* Migrate the path-sensitive checking of 'nonnull' arguments over to the newTed Kremenek2009-07-221-31/+63
| | | | | | | | | 'Checker' interface. An updated test case illustrates that after calling a function with the 'nonnull' attribute we now register the fact that the passed pointer must be non-null. This retention of information was not possible with the previously used GRSimpleAPICheck interface. llvm-svn: 76797
* Move bug reporter "visitors" to their own file and make them part of the publicTed Kremenek2009-07-221-326/+1
| | | | | | BugReporter API. No real functionality change. llvm-svn: 76760
* Remove ASTContext::isObjCObjectPointerType().Steve Naroff2009-07-161-2/+2
| | | | | | Convert all clients to use the new predicate on Type. llvm-svn: 76076
OpenPOWER on IntegriCloud