summaryrefslogtreecommitdiffstats
path: root/clang/lib/StaticAnalyzer/Checkers
Commit message (Collapse)AuthorAgeFilesLines
* Use nullptr to silence -Wsentinel when self-hosting on WindowsReid Kleckner2014-12-011-7/+7
| | | | | | | | | | | Richard rejected my Sema change to interpret an integer literal zero in a varargs context as a null pointer, so -Wsentinel sees an integer literal zero and fires off a warning. Only CodeGen currently knows that it promotes integer literal zeroes in this context to pointer size on Windows. I didn't want to teach -Wsentinel about that compatibility hack. Therefore, I'm migrating to C++11 nullptr. llvm-svn: 223079
* Use the new LLVM_END_WITH_NULL nameReid Kleckner2014-11-041-2/+2
| | | | llvm-svn: 221217
* [analyzer] Move the NewDeleteLeaks checker from CplusplusAlpha to Cplusplus ↵Anton Yartsev2014-10-211-4/+4
| | | | | | package. llvm-svn: 220289
* [analyzer] Tweak MallocSizeOfChecker to not warn when using sizeof(void*) to ↵Ted Kremenek2014-10-191-0/+4
| | | | | | | | | | | allocate a bunch of any pointer type. This suppresses a common false positive when analyzing libc++. Along the way, introduce some tests to show this checker actually works with C++ static_cast<>. llvm-svn: 220160
* [analyzer] Check all 'nonnull' attributes, not just the first one.Jordan Rose2014-10-131-5/+16
| | | | | | Patch by Daniel Fahlgren! llvm-svn: 219625
* Remove stray enum keywords. MSVC sees this as a redeclaration at global scope.Benjamin Kramer2014-10-031-2/+2
| | | | llvm-svn: 219031
* [analyzer] Refactor and cleanup IsCompleteTypeAnna Zaks2014-10-031-12/+1
| | | | | | | | | | There are three copies of IsCompleteType(...) functions in CSA and all of them are incomplete (I experienced crashes in some CSA's test cases). I have replaced these function calls with Type::isIncompleteType() calls. A patch by Aleksei Sidorin! llvm-svn: 219026
* [analyzer] Make Malloc Checker track memory allocated by if_nameindexAnna Zaks2014-10-031-37/+81
| | | | | | | | | | | | | | | The MallocChecker does currently not track the memory allocated by if_nameindex. That memory is dynamically allocated and should be freed by calling if_freenameindex. The attached patch teaches the checker about these functions. Memory allocated by if_nameindex is treated as a separate allocation "family". That way the checker can verify it is freed by the correct function. A patch by Daniel Fahlgren! llvm-svn: 219025
* [analyzer] Make CStringChecker correctly calculate return value of mempcpyAnna Zaks2014-10-031-1/+6
| | | | | | | | | | The return value of mempcpy is only correct when the destination type is one byte in size. This patch casts the argument to a char* so the calculation is also correct for structs, ints etc. A patch by Daniel Fahlgren! llvm-svn: 219024
* Avoid some unnecessary SmallVector copies.Benjamin Kramer2014-09-111-8/+6
| | | | | | No functionality change. llvm-svn: 217586
* Teach the analyzer that __builtin_assume_aligned returns its first argument.Jordan Rose2014-09-091-1/+3
| | | | | | Patch by Daniel Fahlgren! llvm-svn: 217461
* [analyzer] Don't crash if malloc() has an unexpected function prototype.Jordan Rose2014-09-051-4/+4
| | | | | | Patch by Daniel Fahlgren! llvm-svn: 217258
* unique_ptrify BugReporter::visitorsDavid Blaikie2014-09-045-17/+18
| | | | llvm-svn: 217205
* unique_ptr-ify PathDiagnosticPiece ownershipDavid Blaikie2014-08-292-17/+16
| | | | llvm-svn: 216751
* Fix representation of __attribute__((nonnull)) to support correctly modelingRichard Smith2014-08-271-0/+2
| | | | | | | | | | | | | | | the no-arguments case. Don't expand this to an __attribute__((nonnull(A, B, C))) attribute, since that does the wrong thing for function templates and varargs functions. In passing, fix a grammar error in the diagnostic, a crash if __attribute__((nonnull(N))) is applied to a varargs function, a bug where the same null argument could be diagnosed multiple times if there were multiple nonnull attributes referring to it, and a bug where nonnull attributes would not be accumulated correctly across redeclarations. llvm-svn: 216520
* [analyzer] Remove check covered by -Wobjc-missing-super-calls.Jordan Rose2014-08-221-39/+0
| | | | | | | | | The ObjCDealloc checker is currently disabled because it was too aggressive, but this is a good first step in getting it back to a useful state. Patch by David Kilzer! llvm-svn: 216272
* Objective-C. Warn if user has made explicit callFariborz Jahanian2014-08-221-0/+1
| | | | | | | to +initilize as this results in an extra call to this method. rdar://16628028 llvm-svn: 216271
* [analyzer] Don't warn on virtual calls in ctors to final methods.Benjamin Kramer2014-08-211-3/+10
| | | | | | | The call will never go to a more derived class, but that's intentional in those cases. llvm-svn: 216167
* [analyzer] UnixAPI: Check that the third argument to open(2) (if present) is ↵Jordan Rose2014-08-201-0/+9
| | | | | | | | an integer. Patch by Daniel Fahlgren. llvm-svn: 216079
* [analyzer] UnixAPI: Check when open(2) is called with more than three arguments.Jordan Rose2014-08-201-21/+36
| | | | | | Patch by Daniel Fahlgren. llvm-svn: 216078
* [analyzer] IdenticalExpr: don't try to compare integer literals with ↵Jordan Rose2014-08-201-1/+6
| | | | | | | | different widths. PR20659. Patch by Anders Rönnholm. llvm-svn: 216076
* [analyzer] IdenticalExpr: use getBytes rather than getString to compare ↵Jordan Rose2014-08-201-1/+1
| | | | | | | | string literals. PR20693. Patch by Anders Rönnholm. llvm-svn: 216075
* Header guard canonicalization, clang part.Benjamin Kramer2014-08-134-8/+8
| | | | | | Modifications made by clang-tidy with minor tweaks. llvm-svn: 215557
* [analyzer] Check for negative values used as the size of a C variable-length ↵Jordan Rose2014-08-121-2/+24
| | | | | | | | array. Patch by Daniel Fahlgren! llvm-svn: 215456
* [Analyzer] fix for PR19102Anton Yartsev2014-08-051-0/+41
| | | | | | Newly-created unconsumed instance is now assumed escaped if an invoked constructor has an argument of a pointer-to-record type. llvm-svn: 214909
* TestAfterDivZeroChecker.cpp: Avoid member initializer. It is unsupported in ↵NAKAMURA Takumi2014-07-111-2/+2
| | | | | | msc17. llvm-svn: 212789
* [analyzer] Check for code testing a variable for 0 after using it as a ↵Jordan Rose2014-07-103-0/+269
| | | | | | | | | | | | | | | | | | | denominator. This new checker, alpha.core.TestAfterDivZero, catches issues like this: int sum = ... int avg = sum / count; // potential division by zero... if (count == 0) { ... } // ...caught here Because the analyzer does not necessarily explore /all/ paths through a program, this check is restricted to only work on zero checks that immediately follow a division operation (/ % /= %=). This could later be expanded to handle checks dominated by a division operation but not necessarily in the same CFG block. Patch by Anders Rönnholm! (with very minor modifications by me) llvm-svn: 212731
* Track IntrusiveRefCntPtr::get() changes from LLVM r212366Alp Toker2014-07-051-4/+4
| | | | llvm-svn: 212369
* [analyzer] Check for NULL passed to CFAutorelease.Jordan Rose2014-06-211-6/+11
| | | | | | Patch by Sean McBride, tests adjusted by me. llvm-svn: 211453
* Fix a crash in Retain Count checker error reportingAnna Zaks2014-06-131-5/+18
| | | | | | | | | Fixes a crash in Retain Count checker error reporting logic by handing the allocation statement retrieval from a BlockEdge program point. Also added a simple CFG dump routine for debugging. llvm-svn: 210960
* Move the logic for testing for namespace std into one location. This check canRichard Trieu2014-05-281-1/+1
| | | | | | be performed by using Decl::isInStdNamespace or DeclContext::isStdNamespace llvm-svn: 209708
* [C++11] Use 'nullptr'. StaticAnalyzer edition.Craig Topper2014-05-2736-229/+239
| | | | llvm-svn: 209642
* Clean up language and grammar.Eric Christopher2014-05-201-1/+1
| | | | | | | Based on a patch by jfcaron3@gmail.com! PR19806 llvm-svn: 209215
* Fix typosAlp Toker2014-05-151-1/+1
| | | | llvm-svn: 208838
* NSOrCFErrorDerefChecker: Don't leak bug type. Similar to r208110/r208155. ↵Nico Weber2014-05-071-4/+12
| | | | | | Found by LSan. llvm-svn: 208251
* [analyzer] Use a lazily-initialized BugType in ObjCSelfInitChecker.Jordan Rose2014-05-071-10/+6
| | | | | | Follow-up to Nico's leak-stopping patch in r208110. llvm-svn: 208155
* Fix leak in ObjCSelfInitChecker, found by LSan.Nico Weber2014-05-061-19/+18
| | | | | | | | BugReport doesn't take ownership of the bug type, so let the checker own the the bug type. (Requires making the bug type mutable, which is icky, but which is also what other checkers do.) llvm-svn: 208110
* Updated the attribute tablegen emitter for variadic arguments to emit a ↵Aaron Ballman2014-05-021-3/+2
| | | | | | range accessor in addition to the iterators. Updated code using iterators to use range-based for loops. llvm-svn: 207837
* [Modules] Fix potential ODR violations by sinking the DEBUG_TYPEChandler Carruth2014-04-221-2/+2
| | | | | | | | | | definition below all of the header #include lines, clang edition. If you want more details about this, you can see some of the commits to Debug.h in LLVM recently. This is just the clang section of a cleanup I've done for all uses of DEBUG_TYPE in LLVM. llvm-svn: 206849
* Add missing include.Richard Trieu2014-04-091-0/+1
| | | | llvm-svn: 205828
* [analyzer] When checking Foundation method calls, match the selectors exactly.Jordan Rose2014-04-094-76/+154
| | | | | | | | | | This also includes some infrastructure to make it easier to build multi-argument selectors, rather than trying to use string matching on each piece. There's a bit more setup code, but less cost at runtime. PR18908 llvm-svn: 205827
* [analyzer] Lock checker: Allow pthread_mutex_init to reinitialize a ↵Jordan Rose2014-04-011-0/+39
| | | | | | | | destroyed lock. Patch by Daniel Fahlgren! llvm-svn: 205276
* [analyzer] Lock checker: make sure locks aren't used after being destroyed.Jordan Rose2014-04-011-29/+121
| | | | | | Patch by Daniel Fahlgren! llvm-svn: 205275
* [analyzer] Add double-unlock detection to PthreadLockChecker.Jordan Rose2014-04-011-17/+36
| | | | | | | | | We've decided to punt on supporting recursive locks for now; the common case is non-recursive. Patch by Daniel Fahlgren! llvm-svn: 205274
* [analyzer] Handle the M_ZERO and __GFP_ZERO flags in kernel mallocs.Jordan Rose2014-03-262-5/+115
| | | | | | | | | | | | | | | | | | | | | Add M_ZERO awareness to malloc() static analysis in Clang for FreeBSD, NetBSD, and OpenBSD in a similar fashion to O_CREAT for open(2). These systems have a three-argument malloc() in the kernel where the third argument contains flags; the M_ZERO flag will zero-initialize the allocated buffer. This should reduce the number of false positives when running static analysis on BSD kernels. Additionally, add kmalloc() (Linux kernel malloc()) and treat __GFP_ZERO like M_ZERO on Linux. Future work involves a better method of checking for named flags without hardcoding values. Patch by Conrad Meyer, with minor modifications by me. llvm-svn: 204832
* [analyzer] Don't track retain counts of objects directly accessed through ivars.Jordan Rose2014-03-251-22/+111
| | | | | | | | | | | | | | | | | | | | | A refinement of r198953 to handle cases where an object is accessed both through a property getter and through direct ivar access. An object accessed through a property should always be treated as +0, i.e. not owned by the caller. However, an object accessed through an ivar may be at +0 or at +1, depending on whether the ivar is a strong reference. Outside of ARC, we don't have that information, so we just don't track objects accessed through ivars. With this change, accessing an ivar directly will deliberately override the +0 provided by a getter, but only if the +0 hasn't participated in other retain counting yet. That isn't perfect, but it's already unusual for people to be mixing property access with direct ivar access. (The primary use case for this is in setters, init methods, and -dealloc.) Thanks to Ted for spotting a few mistakes in private review. <rdar://problem/16333368> llvm-svn: 204730
* remove a bunch of unused private methodsNuno Lopes2014-03-231-1/+0
| | | | | | | | | | | | | | | | | | found with a smarter version of -Wunused-member-function that I'm playwing with. Appologies in advance if I removed someone's WIP code. ARCMigrate/TransProperties.cpp | 8 ----- AST/MicrosoftMangle.cpp | 1 Analysis/AnalysisDeclContext.cpp | 5 --- Analysis/LiveVariables.cpp | 14 ---------- Index/USRGeneration.cpp | 10 ------- Sema/Sema.cpp | 33 +++++++++++++++++++++--- Sema/SemaChecking.cpp | 3 -- Sema/SemaDecl.cpp | 20 ++------------ StaticAnalyzer/Checkers/GenericTaintChecker.cpp | 1 9 files changed, 34 insertions(+), 61 deletions(-) llvm-svn: 204561
* [C++11] Add 'override' keyword to virtual methods that override their base ↵Craig Topper2014-03-157-37/+38
| | | | | | class. llvm-svn: 203999
* [C++11] Replacing DeclStmt iterators decl_begin() and decl_end() with ↵Aaron Ballman2014-03-144-12/+8
| | | | | | iterator_range decls(). Updating all of the usages of the iterators with range-based for loops. llvm-svn: 203947
* [C++11] Replacing ObjCCategoryDecl iterators propimpl_begin() and ↵Aaron Ballman2014-03-142-7/+4
| | | | | | propimpl_end() with iterator_range property_impls(). Updating all of the usages of the iterators with range-based for loops. llvm-svn: 203930
OpenPOWER on IntegriCloud