summaryrefslogtreecommitdiffstats
path: root/clang/lib/Analysis
Commit message (Collapse)AuthorAgeFilesLines
...
* Implement faux-body-synthesis of well-known functions in the static analyzer ↵Ted Kremenek2012-09-214-6/+160
| | | | | | | | | | | | | | | | | | | | | | | when their implementations are unavailable. Start by simulating dispatch_sync(). This change is largely a bunch of plumbing around something very simple. We use AnalysisDeclContext to conjure up a fake function body (using the current ASTContext) when one does not exist. This is controlled under the analyzer-config option "faux-bodies", which is off by default. The plumbing in this patch is largely to pass the necessary machinery around. CallEvent needs the AnalysisDeclContextManager to get the function definition, as one may get conjured up lazily. BugReporter and PathDiagnosticLocation needed to be relaxed to handle invalid locations, as the conjured body has no real source locations. We do some primitive recovery in diagnostic generation to generate some reasonable locations (for arrows and events), but it can be improved. llvm-svn: 164339
* Thread-safety analysis: fix bug where shared trylock was treatedDeLesley Hutchins2012-09-201-1/+1
| | | | | | as exclusive. llvm-svn: 164332
* Thread safety analysis: properly canonicalize calls to virtual methods withinDeLesley Hutchins2012-09-201-4/+16
| | | | | | lock expressions. llvm-svn: 164324
* Thread-safety analysis: Fix warning when EXCLUSIVE_LOCKS_REQUIREDDeLesley Hutchins2012-09-191-0/+14
| | | | | | is placed on a function that has no path to the exit block. llvm-svn: 164244
* Thread-safety analysis: fix ICE when EXCLUSIVE_LOCKS_REQUIRED orDeLesley Hutchins2012-09-191-2/+5
| | | | | | | LOCKS_EXCLUDED is used on a method with a name that is is not a simple identifier. llvm-svn: 164242
* clang/lib/Analysis/ObjCNoReturn.cpp: Fix [-Wnewline-eof]NAKAMURA Takumi2012-09-131-1/+1
| | | | llvm-svn: 163775
* Format strings: offer a fixit for Darwin's %D/%U/%O to ISO %d/%u/%o.Jordan Rose2012-09-131-0/+23
| | | | | | <rdar://problem/12061922> llvm-svn: 163772
* Format strings: %D, %U, and %O are valid on Darwin (same as %d, %u, %o).Jordan Rose2012-09-133-6/+65
| | | | | | | | | These will warn under -Wformat-non-iso, and will still be rejected outright on other platforms. <rdar://problem/12061922> llvm-svn: 163771
* Teach -Wuninitialized to recognize common "noreturn" idioms inTed Kremenek2012-09-131-4/+16
| | | | | | | | | | | | | Objective-C related to NSException. Fixes <rdar://problem/12287498> I debated whether or not this logic should be sunk into the CFG itself. It's not clear if we should, as different analyses may wish to have different policies. We can re-evaluate this in the future. llvm-svn: 163760
* Refactor logic in ExprEngine for detecting 'noreturn' methodsTed Kremenek2012-09-132-1/+69
| | | | | | | | | | in NSException to a helper object in libAnalysis that can also be used by Sema. Not sure if the predicate name 'isImplicitNoReturn' is the best one, but we can massage that later. No functionality change. llvm-svn: 163759
* Teach -Wuninitialized to recognize __attribute__((analyzer_noreturn))Ted Kremenek2012-09-121-8/+20
| | | | | | | | | | | | | | | | | | for halting the propagation of uninitialized value tracking along a path. Unlike __attribute__((noreturn)), this attribute (which is used by clients of the static analyzer) can be used to annotate functions that essentially never return, but in rare cares may be allowed to return for (special) debugging purposes. This attribute has been shown in reducing false positives in the static analyzer by pruning false postives, and is equally applicable here. Handling this attribute in the CFG itself is another option, but this is not something all clients (e.g., possibly -Wunreachable-code) would want to see. Addresses <rdar://problem/12281583>. llvm-svn: 163681
* Thread-safety analysis: fix bug in expression matching code.DeLesley Hutchins2012-09-111-2/+3
| | | | llvm-svn: 163656
* Remove redundant semicolons which are null statements.Dmitri Gribenko2012-09-102-2/+2
| | | | llvm-svn: 163546
* Thread-safety analysis: differentiate between two forms of analysis; a preciseDeLesley Hutchins2012-09-101-3/+39
| | | | | | | | | analysis that may give false positives because it is confused by aliasing, and a less precise analysis that has fewer false positives, but may have false negatives. The more precise warnings are enabled by -Wthread-safety-precise. An additional note clarify the warnings in the precise case. llvm-svn: 163537
* Format strings: suggest %lld instead of %qd and %Ld with -Wformat-non-iso.Jordan Rose2012-09-081-11/+3
| | | | | | | As a corollary to the previous commit, even when an extension is available, we can still offer a fixit to the standard modifier. llvm-svn: 163453
* Format strings: %Ld isn't available on Darwin or Windows.Jordan Rose2012-09-083-9/+37
| | | | | | | | | This seems to be a GNU libc extension; we offer a fixit to %lld on these platforms. <rdar://problem/11518237> llvm-svn: 163452
* Ampersand goes with identifier.Chad Rosier2012-09-071-2/+2
| | | | llvm-svn: 163410
* Bring buildbots back. Fix scoping issue and coding style from r163397.Chad Rosier2012-09-071-6/+8
| | | | llvm-svn: 163403
* Thread-safety analysis: Add support for selectively turning off warningsDeLesley Hutchins2012-09-071-70/+93
| | | | | | within part of a particular method. llvm-svn: 163397
* Dont cast away const needlessly. Found by gcc48 -Wcast-qual.Roman Divacky2012-09-062-3/+3
| | | | llvm-svn: 163325
* [analyzer] Always include destructors in the analysis CFG.Jordan Rose2012-09-052-5/+9
| | | | | | | | | | | | | | | | | | | | | While destructors will continue to not be inlined (unless the analyzer config option 'c++-inlining' is set to 'destructors'), leaving them out of the CFG is an incomplete model of the behavior of an object, and can cause false positive warnings (like PR13751, now working). Destructors for temporaries are still not on by default, since (a) we haven't actually checked this code to be sure it's fully correct (in particular, we probably need to be very careful with regard to lifetime-extension when a temporary is bound to a reference, C++11 [class.temporary]p5), and (b) ExprEngine doesn't actually do anything when it sees a temporary destructor in the CFG -- not even invalidate the object region. To enable temporary destructors, set the 'cfg-temporary-dtors' analyzer config option to '1'. The old -cfg-add-implicit-dtors cc1 option, which controlled all implicit destructors, has been removed. llvm-svn: 163264
* Thread-safety analysis: bugfix for case where a trylock occurs in anDeLesley Hutchins2012-09-051-0/+3
| | | | | | expression involving temporaries. llvm-svn: 163237
* Thread-safety analysis: fix handling of LOCK_RETURNED attribute so that theDeLesley Hutchins2012-08-311-4/+6
| | | | | | latest definition of a function is always used when computing lock expressions. llvm-svn: 163028
* Thread-safety analysis: fix handling of string constants in mutexDeLesley Hutchins2012-08-311-0/+20
| | | | | | expressions, which should be ignored right now. llvm-svn: 163026
* Teach CFG that 'if (x & 0)' and 'if (x * 0)' is an unfeasible branch.Ted Kremenek2012-08-241-0/+24
| | | | | | Fixes <rdar://problem/11005770>. llvm-svn: 162545
* [analyzer] Support C++ default arguments if they are literal values.Jordan Rose2012-08-231-0/+8
| | | | | | | | | | | | | | | | | | A CXXDefaultArgExpr wraps an Expr owned by a ParmVarDecl belonging to the called function. In general, ExprEngine and Environment ought to treat this like a ParenExpr or other transparent wrapper expression, with the inside expression evaluated first. However, if we call the same function twice, we'd produce a CFG that contains the same wrapped expression twice, and we're not set up to handle that. I've added a FIXME to the CFG builder to come back to that, but meanwhile we can at least handle expressions that don't need to be explicitly evaluated: literals. This probably handles many common uses of default parameters: true/false, null, etc. Part of PR13385 / <rdar://problem/12156507> llvm-svn: 162453
* Fix an assortment of doxygen comment issues found by -Wdocumentation.Ted Kremenek2012-08-221-19/+19
| | | | llvm-svn: 162412
* Rename 'currentX' to 'currX' throughout analyzer and libAnalysis.Ted Kremenek2012-08-221-5/+5
| | | | | | | | | Also rename 'getCurrentBlockCounter()' to 'blockCount()'. This ripples a bunch of code simplifications; mostly aesthetic, but makes the code a bit tighter. llvm-svn: 162349
* [analyzer] Teach live variable analyzes that super uses self pointer.Anna Zaks2012-08-141-0/+8
| | | | llvm-svn: 161822
* Thread-safety-analysis: adds existential quantification over lockDeLesley Hutchins2012-08-101-14/+61
| | | | | | | expressions. The syntax &MyClass::mutex is interpreted as a pattern that matches m->mutex for any object m of type MyClass. llvm-svn: 161691
* Thread safety analysis: refactor to support more sophisticated handlingDeLesley Hutchins2012-08-101-170/+404
| | | | | | of expressions, and better error messages. llvm-svn: 161690
* Refactor thread safety analysis to use a different data structureDeLesley Hutchins2012-08-101-117/+213
| | | | | | to track locksets. This is in preparation for further changes. llvm-svn: 161680
* Add missing cctype includes.Joerg Sonnenberger2012-08-101-0/+2
| | | | llvm-svn: 161660
* Properly check length modfiers for %n in format strings.Hans Wennborg2012-08-072-3/+51
| | | | llvm-svn: 161408
* Remove ScanfArgType and bake that logic into ArgType.Hans Wennborg2012-08-073-111/+104
| | | | | | | | This is useful for example for %n in printf, which expects a pointer to int with the same logic for checking as %d would have in scanf. llvm-svn: 161407
* Rename analyze_format_string::ArgTypeResult to ArgTypeHans Wennborg2012-08-073-85/+85
| | | | | | Also remove redundant constructors and unused member functions. llvm-svn: 161403
* -Wformat: better handling of qualifiers on pointer argumentsHans Wennborg2012-07-312-3/+16
| | | | | | | Warn about using pointers to const-qualified types as arguments to scanf. Ignore the volatile qualifier when checking if types match. llvm-svn: 161052
* Make -Wformat check the argument type for %n.Hans Wennborg2012-07-302-0/+13
| | | | | | | This makes Clang check that the corresponding argument for "%n" in a format string is a pointer to int. llvm-svn: 160966
* Make -Wformat walk the typedef chain when looking for size_t, etc.Hans Wennborg2012-07-273-30/+38
| | | | | | | | | | | | | | Clang's -Wformat fix-its currently suggest using "%zu" for values of type size_t (in C99 or C++11 mode). However, for a type such as std::vector<T>::size_type, it does not notice that type is actually typedeffed to size_t, and instead suggests a format for the underlying type, such as "%lu" or "%u". This commit makes the format string fix mechanism walk the typedef chain so that it notices if the type is size_t, even if that isn't "at the top". llvm-svn: 160886
* clang/lib: [CMake] Update tblgen'd dependencies.NAKAMURA Takumi2012-07-271-0/+1
| | | | llvm-svn: 160851
* clang/lib: [CMake] Reformat, alphabetize lists.NAKAMURA Takumi2012-07-271-1/+1
| | | | llvm-svn: 160850
* Final piece of core issue 1330: delay computing the exception specification ofRichard Smith2012-07-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a defaulted special member function until the exception specification is needed (using the same criteria used for the delayed instantiation of exception specifications for function temploids). EST_Delayed is now EST_Unevaluated (using 1330's terminology), and, like EST_Uninstantiated, carries a pointer to the FunctionDecl which will be used to resolve the exception specification. This is enabled for all C++ modes: it's a little faster in the case where the exception specification isn't used, allows our C++11-in-C++98 extensions to work, and is still correct for C++98, since in that mode the computation of the exception specification can't fail. The diagnostics here aren't great (in particular, we should include implicit evaluation of exception specifications for defaulted special members in the template instantiation backtraces), but they're not much worse than before. Our approach to the problem of cycles between in-class initializers and the exception specification for a defaulted default constructor is modified a little by this change -- we now reject any odr-use of a defaulted default constructor if that constructor uses an in-class initializer and the use is in an in-class initialzer which is declared lexically earlier. This is a closer approximation to the current draft solution in core issue 1351, but isn't an exact match (but the current draft wording isn't reasonable, so that's to be expected). llvm-svn: 160847
* [analyzer] Don't crash on implicit statements inside initializers.Jordan Rose2012-07-261-1/+9
| | | | | | | | | | | | | | | | | | | Our BugReporter knows how to deal with implicit statements: it looks in the ParentMap until it finds a parent with a valid location. However, since initializers are not in the body of a constructor, their sub-expressions are not in the ParentMap. That was easy enough to fix in AnalysisDeclContext. ...and then even once THAT was fixed, there's still an extra funny case of Objective-C object pointer fields under ARC, which are initialized with a top-level ImplicitValueInitExpr. To catch these cases, PathDiagnosticLocation will now fall back to the start of the current function if it can't find any other valid SourceLocations. This isn't great, but it's miles better than a crash. (All of this is only relevant when constructors and destructors are being inlined, i.e. under -cfg-add-initializers and -cfg-add-implicit-dtors.) llvm-svn: 160810
* [analyzer] Variables with destructors are live until the destructor is run.Jordan Rose2012-07-261-0/+6
| | | | | | | Test case in the next commit, which enables destructors under certain circumstances. llvm-svn: 160805
* When a && or || appears as the condition of a ?:, perform appropriateRichard Smith2012-07-241-10/+13
| | | | | | | | | short-circuiting when building the CFG. Also be sure to skip parens before checking for the && / || special cases. Finally, fix some crashes in CFG printing in the presence of calls to destructors for array of array of class type. llvm-svn: 160691
* Fix a typo (the the => the)Sylvestre Ledru2012-07-231-1/+1
| | | | llvm-svn: 160622
* Add a reverse iterator to DeclStmt, and use it when building a CFG.Jordan Rose2012-07-201-5/+4
| | | | | | | The CFG creates dummy DeclStmts with one Decl per statement, and it has to do so from last to first in order to build the graph correctly. llvm-svn: 160560
* Simplify UninitializedValues.cpp by removing logic to handle the previous ↵Ted Kremenek2012-07-191-142/+25
| | | | | | | | (imprecise) representation of '&&' and '||' in the CFG. This is no longer needed, and greatly simplifies the code. llvm-svn: 160494
* Teach CFG construction about destructors resulting from references to array ↵Ted Kremenek2012-07-181-5/+4
| | | | | | types. Fixes crash in <rdar://problem/11671507>. llvm-svn: 160424
* Uninitialized variables: two little changes:Richard Smith2012-07-171-1/+3
| | | | | | | * Treat compound assignment as a use, at Jordy's request. * Always add compound assignments into the CFG, so we can correctly diagnose the use in 'return x += 1;' llvm-svn: 160334
OpenPOWER on IntegriCloud