summaryrefslogtreecommitdiffstats
path: root/clang/lib/StaticAnalyzer/Checkers
Commit message (Collapse)AuthorAgeFilesLines
...
* Fixes a typo in a comment.Enrico Pertoso2015-06-031-1/+1
| | | | llvm-svn: 238910
* Add a missing forward def of CheckerManager. NFC.Pete Cooper2015-04-171-0/+2
| | | | | | This file doesn't include CheckerManager or forward declare it, so is sensitive to include order. llvm-svn: 235209
* Remove the assertion as it was useless and broken.Sylvestre Ledru2015-04-171-4/+0
| | | | | | | | | | | | | Enforcing the assert caused the following tests to fail: Clang :: Analysis__bstring.c Clang :: Analysis__comparison-implicit-casts.cpp Clang :: Analysis__malloc-interprocedural.c Clang :: Analysis__malloc.c Clang :: Analysis__redefined_system.c Clang :: Analysis__string.c Clang :: Analysis__weak-functions.c llvm-svn: 235190
* Fix a bad assert. Found by coverity. CID 1101110Sylvestre Ledru2015-04-171-1/+1
| | | | llvm-svn: 235188
* [analyzer] This implements potential undefbehavior.ZeroAllocDereference checker.Anton Yartsev2015-04-141-11/+155
| | | | | TODO: support realloc(). Currently it is not possible due to the present realloc() handling. Currently RegionState is not being attached to realloc() in case of a zero Size argument. llvm-svn: 234889
* Use 'override/final' instead of 'virtual' for overridden methodsAlexander Kornienko2015-04-114-6/+4
| | | | | | | | | | | | | | | | | | | | Summary: The patch is generated using clang-tidy misc-use-override check. This command was used: tools/clang/tools/extra/clang-tidy/tool/run-clang-tidy.py \ -checks='-*,misc-use-override' -header-filter='llvm|clang' -j=32 -fix Reviewers: dblaikie Reviewed By: dblaikie Subscribers: klimek, cfe-commits Differential Revision: http://reviews.llvm.org/D8926 llvm-svn: 234678
* Reduce dyn_cast<> to isa<> or cast<> where possible. Clang edition.Benjamin Kramer2015-04-101-4/+4
| | | | | | No functional change intended. llvm-svn: 234587
* [analyzer] Disable all retain count diagnostics on values that come from ivars.Jordan Rose2015-03-301-2/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is imitating a pre-r228174 state where ivars are not considered tracked by default, but with the addition that even ivars /with/ retain count information (e.g. "[_ivar retain]; [ivar _release];") are not being tracked as well. This is to ensure that we don't regress on values accessed through both properties and ivars, which is what r228174 was trying to fix. The issue occurs in code like this: [_contentView retain]; [_contentView removeFromSuperview]; [self addSubview:_contentView]; // invalidates 'self' [_contentView release]; In this case, the call to -addSubview: may change the value of self->_contentView, and so the analyzer can't be sure that we didn't leak the original _contentView. This is a correct conservative view of the world, but not a useful one. Until we have a heuristic that allows us to not consider this a leak, not emitting a diagnostic is our best bet. This commit disables all of the ivar-related retain count tests, but does not remove them to ensure that we don't crash trying to evaluate either valid or erroneous code. The next commit will add a new test for the example above so that this commit (and the previous one) can be reverted wholesale when a better solution is implemented. Rest of rdar://problem/20335433 llvm-svn: 233592
* [analyzer] Don't special-case ivars backing +0 properties.Jordan Rose2015-03-301-82/+1
| | | | | | | | | Give up this checking in order to continue tracking that these values came from direct ivar access, which will be important in the next commit. Part of rdar://problem/20335433 llvm-svn: 233591
* [analyzer] RetainCountChecker: Don't assume +0 for ivars backing readonly ↵Jordan Rose2015-03-201-12/+52
| | | | | | | | | | | | properties. Similarly, don't assume +0 if the property's setter is manually implemented. In both cases, if the property's ownership is explicitly written, then we /do/ assume the ivar has the same ownership. rdar://problem/20218183 llvm-svn: 232849
* Fix another ternary Visual C++ is OK wiht but gcc not.Yaron Keren2015-03-181-1/+1
| | | | llvm-svn: 232624
* Remove many superfluous SmallString::str() calls.Yaron Keren2015-03-182-2/+2
| | | | | | | | | | | | | | | Now that SmallString is a first-class citizen, most SmallString::str() calls are not required. This patch removes a whole bunch of them, yet there are lots more. There are two use cases where str() is really needed: 1) To use one of StringRef member functions which is not available in SmallString. 2) To convert to std::string, as StringRef implicitly converts while SmallString do not. We may wish to change this, but it may introduce ambiguity. llvm-svn: 232622
* Enable security checks for arc4random() on CloudABI as well.Ed Schouten2015-03-111-0/+1
| | | | | | | CloudABI also supports the arc4random() function. We can enable compiler warnings for rand(), random() and *rand48() on this system as well. llvm-svn: 231914
* [analyzer] Make getCheckIfTracked() return either leak or regular checker.Anton Yartsev2015-03-101-19/+29
| | | | llvm-svn: 231863
* [analyzer] RetainCountChecker: CF properties are always manually retain-counted.Jordan Rose2015-03-071-8/+13
| | | | | | | | | | | In theory we could assume a CF property is stored at +0 if there's not a custom setter, but that's not really worth the complexity. What we do know is that a CF property can't have ownership attributes, and so we shouldn't assume anything about the ownership of the ivar. rdar://problem/20076963 llvm-svn: 231553
* [analyzer] Remove unused type (addition to r231540: "Revert changes from ↵Anton Yartsev2015-03-071-1/+0
| | | | | | r229593") llvm-svn: 231548
* [analyzer] Revert changes from r229593; an enhancement is under discussionAnton Yartsev2015-03-071-87/+67
| | | | llvm-svn: 231540
* [analyzer] Bug fix: do not report leaks for alloca()Anton Yartsev2015-03-041-0/+5
| | | | llvm-svn: 231314
* [analyzer] Individual configuration options can be specified for checkers.Gabor Horvath2015-03-042-30/+20
| | | | | | | | | | Reviewed by: Anna Zaks Original patch by: Aleksei Sidorin Differential Revision: http://reviews.llvm.org/D7905 llvm-svn: 231266
* [analyzer] unix.Malloc: preserve AllocaRegion bound to __builtin_alloca().Anton Yartsev2015-03-031-13/+17
| | | | | | Binding __builtin_alloca() return value to the symbolic value kills previous binding to a AllocaRegion established by the core.BuiltinFunctions checker. Other checkers may rely upon this information. Rollback handling of __builtin_alloca() to the way prior to r229850. llvm-svn: 231160
* Sema: Parenthesized bound destructor member expressions can be calledDavid Majnemer2015-02-251-1/+1
| | | | | | | | | We would wrongfully reject (a.~A)() in both the destructor and pseudo-destructor cases. This fixes PR22668. llvm-svn: 230512
* [analyzer] RetainCountChecker: don't try to track ivars known to be nil.Jordan Rose2015-02-191-2/+4
| | | | | | | | | | | We expect in general that any nil value has no retain count information associated with it; violating this results in unexpected state unification /later/ when we decide to throw the information away. Unexpectedly caching out can lead to an assertion failure or crash. rdar://problem/19862648 llvm-svn: 229934
* [analyzer] Different handling of alloca().Anton Yartsev2015-02-191-30/+78
| | | | | | | | | | + separate bug report for "Free alloca()" error to be able to customize checkers responsible for this error. + Muted "Free alloca()" error for NewDelete checker that is not responsible for c-allocated memory, turned on for unix.MismatchedDeallocator checker. + RefState for alloca() - to be able to detect usage of zero-allocated memory by upcoming ZeroAllocDereference checker. + AF_Alloca family to handle alloca() consistently - keep proper family in RefState, handle 'alloca' by getCheckIfTracked() facility, etc. + extra tests. llvm-svn: 229850
* [analyzer] Refactoring: clarified the way the proper check kind is chosen.Anton Yartsev2015-02-181-64/+86
| | | | llvm-svn: 229593
* [analyzer] Pass actual state to alloc/dealloc handling functions.Anton Yartsev2015-02-101-43/+78
| | | | | | The state obtained from CheckerContext::getState() may be outdated by the time the alloc/dealloc handling function is called (e.g. the state was modified but the transition was not performed). State argument was added to all alloc/dealloc handling functions in order to get the latest state and to allow sequential calls to those functions. llvm-svn: 228737
* Update APIs that return a pair of iterators to return an iterator_range instead.Benjamin Kramer2015-02-061-3/+2
| | | | | | Convert uses of those APIs into ranged for loops. NFC. llvm-svn: 228404
* [analyzer] Do not crash in the KeychainAPI checker on user defined 'free()'.Anna Zaks2015-02-051-2/+10
| | | | llvm-svn: 228248
* [analyzer] Look for allocation site in the parent frames as well as the ↵Anna Zaks2015-02-053-26/+23
| | | | | | | | | | | | | current one. Instead of handling edge cases (mostly involving blocks), where we have difficulty finding an allocation statement, allow the allocation site to be in a parent node. Previously we assumed that the allocation site can always be found in the same frame as allocation, but there are scenarios in which an element is leaked in a child frame but is allocated in the parent. llvm-svn: 228247
* [analyzer] RetainCountChecker: be forgiving when ivars are accessed directly.Jordan Rose2015-02-041-82/+216
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | A refinement of r204730, itself a refinement of r198953, to better handle cases where an object is accessed both through a property getter and through direct ivar access. An object accessed through a property should always be treated as +0, i.e. not owned by the caller. However, an object accessed through an ivar may be at +0 or at +1, depending on whether the ivar is a strong reference. Outside of ARC, we don't always have that information. The previous attempt would clear out the +0 provided by a getter, but only if that +0 hadn't already participated in other retain counting operations. (That is, "self.foo" is okay, but "[[self.foo retain] autorelease]" is problematic.) This turned out to not be good enough when our synthesized getters get involved. This commit drops the notion of "overridable" reference counting and instead just tracks whether a value ever came from a (strong) ivar. If it has, we allow one more release than we otherwise would. This has the added benefit of being able to catch /some/ overreleases of instance variables, though it's not likely to come up in practice. We do still get some false negatives because we currently throw away refcount state upon assigning a value into an ivar. We should probably improve on that in the future, especially once we synthesize setters as well as getters. rdar://problem/18075108 llvm-svn: 228174
* Use nullptr to silence -Wsentinel when self-hosting on WindowsReid Kleckner2014-12-011-7/+7
| | | | | | | | | | | Richard rejected my Sema change to interpret an integer literal zero in a varargs context as a null pointer, so -Wsentinel sees an integer literal zero and fires off a warning. Only CodeGen currently knows that it promotes integer literal zeroes in this context to pointer size on Windows. I didn't want to teach -Wsentinel about that compatibility hack. Therefore, I'm migrating to C++11 nullptr. llvm-svn: 223079
* Use the new LLVM_END_WITH_NULL nameReid Kleckner2014-11-041-2/+2
| | | | llvm-svn: 221217
* [analyzer] Move the NewDeleteLeaks checker from CplusplusAlpha to Cplusplus ↵Anton Yartsev2014-10-211-4/+4
| | | | | | package. llvm-svn: 220289
* [analyzer] Tweak MallocSizeOfChecker to not warn when using sizeof(void*) to ↵Ted Kremenek2014-10-191-0/+4
| | | | | | | | | | | allocate a bunch of any pointer type. This suppresses a common false positive when analyzing libc++. Along the way, introduce some tests to show this checker actually works with C++ static_cast<>. llvm-svn: 220160
* [analyzer] Check all 'nonnull' attributes, not just the first one.Jordan Rose2014-10-131-5/+16
| | | | | | Patch by Daniel Fahlgren! llvm-svn: 219625
* Remove stray enum keywords. MSVC sees this as a redeclaration at global scope.Benjamin Kramer2014-10-031-2/+2
| | | | llvm-svn: 219031
* [analyzer] Refactor and cleanup IsCompleteTypeAnna Zaks2014-10-031-12/+1
| | | | | | | | | | There are three copies of IsCompleteType(...) functions in CSA and all of them are incomplete (I experienced crashes in some CSA's test cases). I have replaced these function calls with Type::isIncompleteType() calls. A patch by Aleksei Sidorin! llvm-svn: 219026
* [analyzer] Make Malloc Checker track memory allocated by if_nameindexAnna Zaks2014-10-031-37/+81
| | | | | | | | | | | | | | | The MallocChecker does currently not track the memory allocated by if_nameindex. That memory is dynamically allocated and should be freed by calling if_freenameindex. The attached patch teaches the checker about these functions. Memory allocated by if_nameindex is treated as a separate allocation "family". That way the checker can verify it is freed by the correct function. A patch by Daniel Fahlgren! llvm-svn: 219025
* [analyzer] Make CStringChecker correctly calculate return value of mempcpyAnna Zaks2014-10-031-1/+6
| | | | | | | | | | The return value of mempcpy is only correct when the destination type is one byte in size. This patch casts the argument to a char* so the calculation is also correct for structs, ints etc. A patch by Daniel Fahlgren! llvm-svn: 219024
* Avoid some unnecessary SmallVector copies.Benjamin Kramer2014-09-111-8/+6
| | | | | | No functionality change. llvm-svn: 217586
* Teach the analyzer that __builtin_assume_aligned returns its first argument.Jordan Rose2014-09-091-1/+3
| | | | | | Patch by Daniel Fahlgren! llvm-svn: 217461
* [analyzer] Don't crash if malloc() has an unexpected function prototype.Jordan Rose2014-09-051-4/+4
| | | | | | Patch by Daniel Fahlgren! llvm-svn: 217258
* unique_ptrify BugReporter::visitorsDavid Blaikie2014-09-045-17/+18
| | | | llvm-svn: 217205
* unique_ptr-ify PathDiagnosticPiece ownershipDavid Blaikie2014-08-292-17/+16
| | | | llvm-svn: 216751
* Fix representation of __attribute__((nonnull)) to support correctly modelingRichard Smith2014-08-271-0/+2
| | | | | | | | | | | | | | | the no-arguments case. Don't expand this to an __attribute__((nonnull(A, B, C))) attribute, since that does the wrong thing for function templates and varargs functions. In passing, fix a grammar error in the diagnostic, a crash if __attribute__((nonnull(N))) is applied to a varargs function, a bug where the same null argument could be diagnosed multiple times if there were multiple nonnull attributes referring to it, and a bug where nonnull attributes would not be accumulated correctly across redeclarations. llvm-svn: 216520
* [analyzer] Remove check covered by -Wobjc-missing-super-calls.Jordan Rose2014-08-221-39/+0
| | | | | | | | | The ObjCDealloc checker is currently disabled because it was too aggressive, but this is a good first step in getting it back to a useful state. Patch by David Kilzer! llvm-svn: 216272
* Objective-C. Warn if user has made explicit callFariborz Jahanian2014-08-221-0/+1
| | | | | | | to +initilize as this results in an extra call to this method. rdar://16628028 llvm-svn: 216271
* [analyzer] Don't warn on virtual calls in ctors to final methods.Benjamin Kramer2014-08-211-3/+10
| | | | | | | The call will never go to a more derived class, but that's intentional in those cases. llvm-svn: 216167
* [analyzer] UnixAPI: Check that the third argument to open(2) (if present) is ↵Jordan Rose2014-08-201-0/+9
| | | | | | | | an integer. Patch by Daniel Fahlgren. llvm-svn: 216079
* [analyzer] UnixAPI: Check when open(2) is called with more than three arguments.Jordan Rose2014-08-201-21/+36
| | | | | | Patch by Daniel Fahlgren. llvm-svn: 216078
* [analyzer] IdenticalExpr: don't try to compare integer literals with ↵Jordan Rose2014-08-201-1/+6
| | | | | | | | different widths. PR20659. Patch by Anders Rönnholm. llvm-svn: 216076
OpenPOWER on IntegriCloud