summaryrefslogtreecommitdiffstats
path: root/clang/lib/StaticAnalyzer/Checkers
Commit message (Collapse)AuthorAgeFilesLines
...
* [analyzer] MacOSKeychainAPIChecker: Add the custom BugReport visitor(which ↵Anna Zaks2011-08-251-11/+16
| | | | | | highlights the allocation site) to all the relevant reports within the checker. llvm-svn: 138531
* [analyzer] Do not use references in std::pair.Anna Zaks2011-08-241-4/+4
| | | | llvm-svn: 138497
* [analyzer] Unbreak the release buildbot.Anna Zaks2011-08-241-2/+1
| | | | llvm-svn: 138493
* [analyzer] MacOSKeychainAPIChecker: Provide reacher diagnostic trace by ↵Anna Zaks2011-08-241-18/+73
| | | | | | pointing to the allocation site when reporting a leak. llvm-svn: 138479
* [analyzer] MacOSKeychainAPIChecker: Add reasoning about functions which ↵Anna Zaks2011-08-241-18/+59
| | | | | | MIGHT deallocate the memory region allocated with SecKeychain APIs. Specifically, when the buffer is passed to CFStringCreateWithBytesNoCopy along with a custom deallocator, which might potentially correctly release the memory. llvm-svn: 138417
* [analyzer] MacOSKeychainAPIChecker: Retrieve the memory region which we are ↵Anna Zaks2011-08-231-2/+8
| | | | | | tracking even when it's no longer a SymbolicRegion, for example, when it is cast to char*. llvm-svn: 138415
* Move creation of the deallocation mismatch report into a separate function ↵Anna Zaks2011-08-231-15/+32
| | | | | | for future reuse. llvm-svn: 138414
* [analyzer] MacOSKeychainAPIChecker: Users of KeyChain API often use free() ↵Anna Zaks2011-08-221-10/+18
| | | | | | to deallocate the password. Catch this error explicitly and generate the error message at the place where free() is called. llvm-svn: 138296
* [analyzer] Replace calls to getNameAsString() with StringRef equivalents.Jordy Rose2011-08-212-10/+9
| | | | llvm-svn: 138215
* Fix compile on platforms that don't implicitly include stdarg.h here.Benjamin Kramer2011-08-201-1/+1
| | | | llvm-svn: 138214
* [analyzer] Move handling of hardcoded noreturn ("panic") methods from ↵Jordy Rose2011-08-201-1/+65
| | | | | | CFRefCount to NoReturnFunctionChecker. No functionality change intended. llvm-svn: 138210
* Remove dead code.Ted Kremenek2011-08-201-12/+0
| | | | llvm-svn: 138183
* Static Analyzer Diagnostics: Kill the addVisitorCreator(callbackTy, void*) ↵Anna Zaks2011-08-1916-39/+38
| | | | | | | | | | | | API in favor of addVisitor(BugReporterVisitor*). 1) Create a header file to expose the predefined visitors. And move the parent(BugReporterVisitor) there as well. 2) Remove the registerXXXVisitor functions - the Visitor constructors/getters can be used now to create the object. One exception is registerVarDeclsLastStore(), which registers more then one visitor, so make it static member of FindLastStoreBRVisitor. 3) Modify all the checkers to use the new API. llvm-svn: 138126
* Remove EnhancedBugReport and RangedBugReport - pull all the extra ↵Anna Zaks2011-08-1732-80/+79
| | | | | | functionality they provided into their parent BugReport. The only functional changes are: made getRanges() non const - it adds default range to Ranges if none are supplied, made getStmt() private, which was another FIXME. llvm-svn: 137894
* [analyzer] Overhaul of checker registration in preparation for basic plugin ↵Jordy Rose2011-08-165-319/+34
| | | | | | support. Removes support for checker groups (we can add them back in later if we decide they are still useful), and -analyzer-checker-help output is a little worse for the time being (no packages). llvm-svn: 137758
* MacOSKeychainAPIChecker: Turn it on by default.Anna Zaks2011-08-161-7/+3
| | | | llvm-svn: 137740
* MacOSKeychainAPIChecker: Do not report double allocation if first allocation ↵Anna Zaks2011-08-161-17/+19
| | | | | | returned an error. llvm-svn: 137720
* MacOSKeychainAPIChecker: The security API/memory leak checker should always ↵Anna Zaks2011-08-151-10/+17
| | | | | | generate regular nodes instead of sink nodes. llvm-svn: 137681
* Rename GRState to ProgramState, and cleanup some code formatting along the way.Ted Kremenek2011-08-1535-301/+342
| | | | llvm-svn: 137665
* MacOSKeychainAPIChecker: Use llvm::SmallString instead of std::string (as ↵Anna Zaks2011-08-151-7/+7
| | | | | | per code review for r137523). llvm-svn: 137633
* Cleanup various declarations of 'Stmt*' to be 'Stmt *', etc. in libAnalyzer ↵Ted Kremenek2011-08-1220-95/+95
| | | | | | and libStaticAnalyzer[*]. It was highly inconsistent, and very ugly to look at. llvm-svn: 137537
* [analyzer] change "tag" in ProgramPoint from "void*" to a ProgramPointTag*.Ted Kremenek2011-08-121-9/+7
| | | | | | | Having a notion of an actual ProgramPointTag will aid in introspection of the analyzer's behavior. For example, the GraphViz output of the analyzer will pretty-print the tags in a useful manner. llvm-svn: 137529
* MacOSKeychainAPIChecker: If the allocated data address entered as an ↵Anna Zaks2011-08-121-0/+5
| | | | | | enclosing function parameter, skip it to avoid false positives. llvm-svn: 137526
* MacOSKeychainAPIChecker: Anna Zaks2011-08-121-38/+150
| | | | | | | | Report errors earlier: on checkDeadSymbols() and clear the state after the symbol we are tracking goes out of scope. Also, perform lazy error checking. Instead of forcing the paths to be split depending one the return value of the allocator, make the return symbol depend on the allocated data symbol, which prolongs its life span to the time when the allocated data symbol becomes dead. llvm-svn: 137523
* [analyzer] Nitpicks on Olaf's patch, which I meant to e-mail but then didn't inJordy Rose2011-08-121-3/+2
| | | | | | time. One is cleanup, the other is me being OCD about enum group nesting. llvm-svn: 137517
* MacOSKeychainAPIChecker: There is no need to use SymbolMetadata to represent ↵Anna Zaks2011-08-121-44/+70
| | | | | | | | the allocated data symbol, we can just use the symbol corresponding to the SymbolicRegion. This simplifies tracking of the symbol, for example, SymbolMetadata needs to go through extra hoops to stay alive. Make AllocationState internal to the MacOSKeychainAPIChecker class. llvm-svn: 137514
* [analyzer] Introduce new MemRegion, "TypedValueRegion", so that we can ↵Ted Kremenek2011-08-124-12/+11
| | | | | | | | separate TypedRegions that implement getValueType() from those that don't. Patch by Olaf Krzikalla! llvm-svn: 137498
* KeychainAPI checker: Track SymbolMetadata instead of MemRegion in checker ↵Anna Zaks2011-08-051-15/+33
| | | | | | state so that we could clear the state on evalDeadSymbols; also track the return value. llvm-svn: 137003
* KeychainAPI checker: Generate an error on double allocation. Pull out ↵Anna Zaks2011-08-051-12/+47
| | | | | | getAsPointeeMemoryRegion so that it could be reused. llvm-svn: 136952
* KeychainAPI checker: Track additional pair of SecKeychain APIs. Also, keep ↵Anna Zaks2011-08-041-14/+45
| | | | | | exploring the transition on which a call to allocator function failed (to be able to find errors in examples like ErrorCodesFromDifferentAPISDoNotInterfere). llvm-svn: 136930
* KeychainAPI checker: Refactor to make it easier to add more ↵Anna Zaks2011-08-041-36/+67
| | | | | | allocator/deallocator API pairs. Add the allocator function ID to the checker state. Better comments. llvm-svn: 136889
* KeychainAPI checker: refactor to use early exit.Anna Zaks2011-08-041-50/+52
| | | | llvm-svn: 136852
* KeychainAPI checker: Add basic diagnostics. Track MemoryRegion istead of ↵Anna Zaks2011-08-041-16/+80
| | | | | | SymbolicRef since the address might not be a symbolic value in some cases, for example in fooOnlyFree() test. llvm-svn: 136851
* [analyzer] Remove 'all-experimental' checker group.Ted Kremenek2011-08-041-20/+7
| | | | llvm-svn: 136849
* [analyzer] rename all experimental checker packages to have 'experimental' ↵Ted Kremenek2011-08-031-7/+9
| | | | | | be the common root package. llvm-svn: 136835
* [analyzer] Introduce MallocOverflowSecurityChecker, a simple flow-sensitive ↵Ted Kremenek2011-08-033-0/+267
| | | | | | checker that may be useful for security auditing. This checker is currently too noisy to be on by default. llvm-svn: 136804
* KeychainAPI checker: only check the paths on which the allocator function ↵Anna Zaks2011-08-022-2/+13
| | | | | | returned noErr. (+ minor cleanup) llvm-svn: 136694
* Add a skeleton for the Keychain Services API Checker. Register it as OSX ↵Anna Zaks2011-08-013-0/+172
| | | | | | experimental for now. Note, the checker still does not handle tracking of escaped values, taking into account the return value of the allocator functions, nor the actual bug reporting.. llvm-svn: 136659
* Remove dead code flagged by GCC's -Wunused-but-set-variable.Benjamin Kramer2011-07-311-2/+0
| | | | llvm-svn: 136581
* [analyzer] Overhaul how the static analyzer expects CFGs by forcing CFGs to ↵Ted Kremenek2011-07-282-38/+42
| | | | | | | | | | | | be linearized only when used by the static analyzer. This required a rewrite of LiveVariables, and exposed a ton of subtle bugs. The motivation of this large change is to drastically simplify the logic in ExprEngine going forward. Some fallout is that the output of some BugReporterVisitors is not as accurate as before; those will need to be fixed over time. There is also some possible performance regression as RemoveDeadBindings will be called frequently; this can also be improved over time. llvm-svn: 136419
* [analyzer] fix bug in malloc checker where the tracked symbol would not ↵Ted Kremenek2011-07-281-11/+18
| | | | | | properly be removed from the state. llvm-svn: 136418
* Rename getInstantiationLineNumber to getExpansionLineNumber in bothChandler Carruth2011-07-251-3/+3
| | | | | | SourceManager and FullSourceLoc. llvm-svn: 135969
* remove unneeded llvm:: namespace qualifiers on some core types now that ↵Chris Lattner2011-07-2315-46/+46
| | | | | | | | LLVM.h imports them into the clang namespace. llvm-svn: 135852
* [analyzer] Very minor cleanup in PthreadLockChecker. No functionality change.Jordy Rose2011-07-191-9/+9
| | | | llvm-svn: 135518
* [analysis] Add checks for double-locking and lock order reversal bugs forJordy Rose2011-07-191-44/+105
| | | | | | pthread and XNU locks. Patch by Rui Paulo! llvm-svn: 135515
* [analyzer] Place checking for Core Foundation "Create" rule into a proper ↵Ted Kremenek2011-07-161-1/+1
| | | | | | API. No functionality change. llvm-svn: 135349
* Clean up UnixAPIChecker, including switching its array of BugTypes to ↵Jordy Rose2011-07-151-70/+40
| | | | | | llvm::OwningPtr<BugType> vars (the new convention). No functionality change. llvm-svn: 135255
* Clean up MacOSXAPIChecker, including switching its array of BugTypes to a ↵Jordy Rose2011-07-151-53/+26
| | | | | | single llvm::OwningPtr<BugType> (the new convention). No functionality change. llvm-svn: 135250
* Update for llvm commit r134291.Eric Christopher2011-07-021-1/+1
| | | | | | Fixes rdar://9714064 llvm-svn: 134292
* Introduce a new AST node describing reference binding to temporaries.Douglas Gregor2011-06-211-8/+19
| | | | | | | | | | | | | | | | | | | | | | | | | MaterializeTemporaryExpr captures a reference binding to a temporary value, making explicit that the temporary value (a prvalue) needs to be materialized into memory so that its address can be used. The intended AST invariant here is that a reference will always bind to a glvalue, and MaterializeTemporaryExpr will be used to convert prvalues into glvalues for that binding to happen. For example, given const int& r = 1.0; The initializer of "r" will be a MaterializeTemporaryExpr whose subexpression is an implicit conversion from the double literal "1.0" to an integer value. IR generation benefits most from this new node, since it was previously guessing (badly) when to materialize temporaries for the purposes of reference binding. There are likely more refactoring and cleanups we could perform there, but the introduction of MaterializeTemporaryExpr fixes PR9565, a case where IR generation would effectively bind a const reference directly to a bitfield in a struct. Addresses <rdar://problem/9552231>. llvm-svn: 133521
OpenPOWER on IntegriCloud