summaryrefslogtreecommitdiffstats
path: root/clang/lib/Analysis
Commit message (Collapse)AuthorAgeFilesLines
...
* Implement FIXME: free up BugReportEquivClass objects when deleting BugTypes.Ted Kremenek2009-09-141-4/+10
| | | | llvm-svn: 81783
* Remove unnecessary ASTContext parameter from FunctionDecl::isBuiltinIDDouglas Gregor2009-09-121-1/+1
| | | | llvm-svn: 81590
* Eliminate FunctionDecl::getBodyIfAvailableDouglas Gregor2009-09-121-1/+1
| | | | llvm-svn: 81588
* Introduce "DefinedOrUnknownSVal" into the SVal class hierarchy, providing a wayTed Kremenek2009-09-1110-173/+221
| | | | | | | | | | | | to statically type various methods in SValuator/GRState as required either a defined value or a defined-but-possibly-unknown value. This leads to various logic cleanups in GRExprEngine, and lets the compiler enforce via type checking our assumptions about what symbolic values are possibly undefined and what are not. Along the way, clean up some of the static analyzer diagnostics regarding the uses of uninitialized values. llvm-svn: 81579
* Update CMakeLists.Benjamin Kramer2009-09-111-0/+1
| | | | llvm-svn: 81519
* Start to add a new transfer function that inlines callee. To be continued.Zhongxing Xu2009-09-111-0/+41
| | | | llvm-svn: 81501
* Make AnalysisManager stateless. Now other analyzer components only depends onZhongxing Xu2009-09-105-38/+31
| | | | | | local node information. llvm-svn: 81433
* Implement: <rdar://problem/7185647> [RegionStore] 'self' cannot be NULL ↵Ted Kremenek2009-09-091-4/+22
| | | | | | | | | | | upon entry to a method Here we implement this as a precondition within GRExprEngine, even though it is related to how BasicStoreManager and RegionStoreManager model 'self' differently. Putting this as a high-level precondition is more general, which is why it isn't in RegionStore.cpp. llvm-svn: 81378
* Remove tabs, and whitespace cleanups.Mike Stump2009-09-0939-3252/+3248
| | | | llvm-svn: 81346
* Fix buffer overflow reported in PR 4903.Ted Kremenek2009-09-051-5/+8
| | | | llvm-svn: 81092
* pass the correct predecessor node.Zhongxing Xu2009-09-051-1/+1
| | | | llvm-svn: 81066
* Do not call FlushReports() in GRBugReporter's dtor. We already call it inZhongxing Xu2009-09-051-1/+1
| | | | | | ActionGRExprEngine(). llvm-svn: 81064
* Refactor builtin function evaluation code into its own function.Zhongxing Xu2009-09-051-33/+44
| | | | llvm-svn: 81061
* move the check into MarkNoReturnFunction.Zhongxing Xu2009-09-041-2/+5
| | | | llvm-svn: 80980
* Extract mark-no-return-function code into a function.Zhongxing Xu2009-09-041-80/+84
| | | | llvm-svn: 80979
* Fix 80 column violations.Ted Kremenek2009-09-031-5/+8
| | | | llvm-svn: 80873
* Fix regression introduced in r80786 and reported in PR 4867. We should useTed Kremenek2009-09-031-2/+7
| | | | | | | 'dyn_cast' instead of 'cast' as the denominator value could be UnknownVal (and is not guaranteed to be a DefinedVal). llvm-svn: 80869
* remove a debug output I introduced in the last commit.Zhongxing Xu2009-09-031-2/+0
| | | | llvm-svn: 80865
* Refactor the check for bad divide into a checker.Zhongxing Xu2009-09-023-75/+76
| | | | | | | | | Also fix a checker context bug: the Dst set is not always empty initially. Because in GRExprEngine::CheckerVisit(), *CurrSet is used repeatedly. So we removed the Dst.empty() condition in ~CheckerContext() when deciding whether to do autotransision. llvm-svn: 80786
* Refactor bad callee check into a Checker.Zhongxing Xu2009-09-023-29/+35
| | | | | | Now bad callee is checked as a PreVisit to the CallExpr. llvm-svn: 80771
* Still use BadArg bugtype in the checker. This saves us implement ↵Zhongxing Xu2009-09-021-17/+8
| | | | | | | | | | | | | | registerInitialVisitors in the BugReport. When all internal bug checking logic are moved to checkers, BuiltinBug will not reference GRExprEngine, and FlushReports() will be not necessary, since all bugs are emitted into the equivalent classes immediately. For now just add a ctor with no arguments. llvm-svn: 80770
* Replace uses of ImmutableSet in SymbolReaper with DenseSet. This wasTed Kremenek2009-09-021-4/+4
| | | | | | | | | | | motivated from Shark profiles that shows that 'markLive' was very heavy when using --analyzer-store=region. On my benchmark file, this reduces the analysis time for --analyzer-store=region from 19.5s to 13.5s and for --analyzer-store=basic from 5.3s to 3.5s. For the benchmark file, this is a reduction of about 30% analysis time for both analysis modes (a huge win). llvm-svn: 80765
* Implement: <rdar://problem/6337100> CWE-338: Use of cryptographically weak prngTed Kremenek2009-09-021-8/+105
| | | | | | Patch by Geoff Keating! llvm-svn: 80752
* Sentence-case bug category.Ted Kremenek2009-09-012-2/+2
| | | | llvm-svn: 80644
* Eliminate CXXAdornedMemberExpr entirely. Instead, optionally allocateDouglas Gregor2009-08-311-2/+0
| | | | | | | | space within the MemberExpr for the nested-name-specifier and its source range. We'll do the same thing with explicitly-specified template arguments, assuming I don't flip-flop again. llvm-svn: 80642
* Rename CXXQualifiedMemberExpr -> CXXAdornedMemberExpr, since we willDouglas Gregor2009-08-311-2/+2
| | | | | | | also be adding explicit template arguments as an additional "adornment". No functionality change. llvm-svn: 80628
* Refactor undefined argument checking into a Checker.Zhongxing Xu2009-08-292-26/+46
| | | | llvm-svn: 80417
* retain/release checker: [CIContext createCGImage...] and friends returned CFTed Kremenek2009-08-281-5/+8
| | | | | | | objects that are not automatically garbage collected. This fixes <rdar://problem/7174400>. llvm-svn: 80387
* Use SymbolicRegion instead of CodeTextRegion for symbolic functionTed Kremenek2009-08-284-58/+19
| | | | | | | | pointers. Most logic cares first about whether or not a region is symbolic, and second if represents code. This should fix a series of silent corner case bugs (as well as simplify a bunch of code). llvm-svn: 80335
* Use C++ style comments.Ted Kremenek2009-08-281-2/+2
| | | | llvm-svn: 80320
* Implement: <rdar://problem/6337132> CWE-273: Failure to Check Whether PrivilegesTed Kremenek2009-08-281-2/+80
| | | | | | | | Were Dropped Successfully Patch by Geoff Keating! llvm-svn: 80313
* CFG construction: Abort CFG construction when processing a CompoundStmt if anyTed Kremenek2009-08-271-0/+3
| | | | | | of its subexpressions resulted in a "bad CFG". llvm-svn: 80298
* Rename 'bindExpr' to 'BindExpr'.Ted Kremenek2009-08-273-58/+58
| | | | llvm-svn: 80294
* Move the AnalysisContext* from GRState to Environment.Ted Kremenek2009-08-272-11/+9
| | | | llvm-svn: 80293
* Remove a unused member variable. Instead query the option from AnalysisManager.Zhongxing Xu2009-08-271-3/+3
| | | | llvm-svn: 80226
* Simplify 'Environment' to contain only one map from 'const Stmt*' to SVals, ↵Ted Kremenek2009-08-274-172/+131
| | | | | | greatly simplifying the logic of the analyzer in many places. We now only distinguish between block-level expressions and subexpressions in Environment::RemoveDeadBindings and GRState pretty-printing. llvm-svn: 80194
* When a member reference expression includes a qualifier on the memberDouglas Gregor2009-08-261-0/+2
| | | | | | | | | | | | | | | | | name, e.g., x->Base::f() retain the qualifier (and its source range information) in a new subclass of MemberExpr called CXXQualifiedMemberExpr. Provide construction, transformation, profiling, printing, etc., for this new expression type. When a virtual function is called via a qualified name, don't emit a virtual call. Instead, call that function directly. Mike, could you add a CodeGen test for this, too? llvm-svn: 80167
* Fix regression in BasicStoreManager caused by implicitly casting loaded ↵Ted Kremenek2009-08-251-5/+9
| | | | | | values and trying to load/store from arrays. RegionStoreManager already properly handles these cases well; we just need to gracefully not handle this case in BasicStoreManager. This fixes PR 4781. llvm-svn: 80051
* Handle pointer arithmetic in RegionStoreManager involving Objective-C pointersTed Kremenek2009-08-251-2/+8
| | | | | | when using the non-fragile Objective-C ABI. This fixes <rdar://problem/7168531>. llvm-svn: 80047
* Fix crash reported in <rdar://problem/7124210> by "back-porting" some of theTed Kremenek2009-08-253-17/+23
| | | | | | | implicit cast logic in RegionStoreManager to BasicStoreManager. This involved moving CastRetriedVal from RegionStoreManager to StoreManager. llvm-svn: 80026
* Move logic of GRExprEngine::EvalBinOp to SValuator::EvalBinOp.Ted Kremenek2009-08-252-37/+34
| | | | llvm-svn: 80018
* Remove CodeDecl and CFG from GRExprEngine and GRStateManager.Zhongxing Xu2009-08-255-73/+88
| | | | | | | Now AnalysisManager is the only place we can get CodeDecl. This leads to an API change: GRState::bindExpr() now takes the CFG argument. llvm-svn: 79980
* Remove Decl and CFG from ExplodedGraph. This leads to a series small changes.Zhongxing Xu2009-08-254-11/+10
| | | | llvm-svn: 79973
* ConstraintManager::AssumeDual now accepts a 'DefinedSVal' instead of 'SVal' forTed Kremenek2009-08-241-2/+7
| | | | | | | the condition. This eliminates a source of bugs where the client doesn't correctly reason about undefined or unknown values. This fixes PR 4759. llvm-svn: 79952
* Don't try to evaluate an expression that is type- or value-dependent while ↵Douglas Gregor2009-08-241-1/+2
| | | | | | building the CFG llvm-svn: 79941
* Replace cerr with errs().Benjamin Kramer2009-08-236-17/+11
| | | | llvm-svn: 79854
* Don't install Clang libraries.Douglas Gregor2009-08-231-0/+3
| | | | llvm-svn: 79824
* Remove 'AnalysisContext::setDecl()', as we the Decl associated with anTed Kremenek2009-08-217-24/+28
| | | | | | | AnalysisContext should never change. Along the way, propagate some constness around. llvm-svn: 79701
* Constify LocationContext* (parent) and Stmt* fields in LocationContext.Ted Kremenek2009-08-211-6/+10
| | | | llvm-svn: 79700
* Remove 'SelfRegion' field from both BasicStoreManager and RegionStoreManager.Ted Kremenek2009-08-215-76/+48
| | | | | | | | | | | | | | | | | | SelfRegion represented the object bound to 'self' (when analyzing Objective-C methods) upon entry to a method. Having this region stored on the side ignores the current stack frame that we might be analyzing (among other things), and is a problem for interprocedural analysis. For RegionStoreManager, the value for SelfRegion is just lazily created. For BasicStoreManager, the value for SelfRegion is bound eagerly to 'self', but no explicit tracking of SelfRegion on the side is made. As part of this change, remove the restriction in BasicStoreManager that we only track ivars for 'self'. This shouldn't actually change anything in terms of precision, and simplifies the logic. llvm-svn: 79694
OpenPOWER on IntegriCloud