summaryrefslogtreecommitdiffstats
path: root/clang/lib/StaticAnalyzer
Commit message (Collapse)AuthorAgeFilesLines
...
* [analyzer] Fix assertion in ReturnVisitor for body-farm synthesized gettersDevin Coughlin2016-04-121-0/+3
| | | | | | | Don't emit a path note marking the return site if the return statement does not have a valid location. This fixes an assertion failure I introduced in r265839. llvm-svn: 266031
* Remove redundant conditions of the form (A || (!A && B)) -> (A || B)Benjamin Kramer2016-04-112-7/+5
| | | | | | Found by cppcheck! PR27286 PR27287 PR27288 PR27289 llvm-svn: 265918
* [analyzer] Teach trackNullOrUndefValue about calls to property accessors.Devin Coughlin2016-04-081-0/+6
| | | | | | | | | | | Teach trackNullOrUndefValue() how to look through PseudoObjectExprs to find the underlying method call for property getters. This makes over-suppression of 'return nil' in getters consistent with the similar over-suppression for method and function calls. rdar://problem/24437252 llvm-svn: 265839
* [analyzer] Prefer accessor method in extension over category in CallEvent.Devin Coughlin2016-04-011-2/+24
| | | | | | | | | | | | | | In ObjCMethodCall:getRuntimeDefinition(), if the method is an accessor in a category, and it doesn't have a self declaration, first try to find the method in a class extension. This works around a bug in Sema where multiple accessors are synthesized for properties in class extensions that are redeclared in a category. The implicit parameters are not filled in for the method on the category, which causes a crash when trying to synthesize a getter for the property in BodyFarm. The Sema bug is tracked as rdar://problem/25481164. rdar://problem/25056531 llvm-svn: 265103
* [analyzer] Fix an assertion fail in hash generation.Gabor Horvath2016-03-301-2/+5
| | | | | | | | | | | | | In case the (uniqueing) location of the diagnostic is in a line that only contains whitespaces there was an assertion fail during issue hash generation. Unfortunately I am unable to reproduce this error with the built in checkers, so no there is no failing test case with this patch. It would be possible to write a debug checker for that purpuse but it does not worth the effort. Differential Revision: http://reviews.llvm.org/D18210 llvm-svn: 264851
* [analyzer] Nullability: Don't warn along paths where null returned from ↵Devin Coughlin2016-03-281-55/+79
| | | | | | | | | | | | | | | | non-null. Change the nullability checker to not warn along paths where null is returned from a method with a non-null return type, even when the diagnostic for this return has been suppressed. This prevents warning from methods with non-null return types that inline methods that themselves return nil but that suppressed the diagnostic. Also change the PreconditionViolated state component to be called "InvariantViolated" because it is set when a post-condition is violated, as well. rdar://problem/25393539 llvm-svn: 264647
* [analyzer] Add CIFIlter modeling to DeallocChecker.Devin Coughlin2016-03-251-10/+56
| | | | | | | | | | | | | | | | | | | | The -dealloc method in CIFilter is highly unusual in that it will release instance variables belonging to its *subclasses* if the variable name starts with "input" or backs a property whose name starts with "input". Subclasses should not release these ivars in their own -dealloc method -- doing so could result in an over release. Before this commit, the DeallocChecker would warn about missing releases for such "input" properties -- which could cause users of the analyzer to add over releases to silence the warning. To avoid this, DeallocChecker now treats CIFilter "input-prefixed" ivars as MustNotReleaseDirectly and so will not require a release. Further, it will now warn when such an ivar is directly released in -dealloc. rdar://problem/25364901 llvm-svn: 264463
* [analyzer] Fix typo s/initalize/initialize/Chih-Hung Hsieh2016-03-231-1/+1
| | | | | | Differential Revision: http://reviews.llvm.org/D18363 llvm-svn: 264164
* StaticAnalyzer: Avoid an unintentional copyJustin Bogner2016-03-221-1/+1
| | | | | | | | | | The range here isn't over references, so using `auto &` here incites a copy. Switching to `auto *` would do, but we might as well list an explicit type for clarity. Found by -Wrange-loop-analysis. llvm-svn: 264071
* [analyzer] Fix missed leak from MSVC specific allocation functionsAnna Zaks2016-03-081-13/+23
| | | | | | | | | | | | Add the wide character strdup variants (wcsdup, _wcsdup) and the MSVC version of alloca (_alloca) and other differently named function used by the Malloc checker. A patch by Alexander Riccio! Differential Revision: http://reviews.llvm.org/D17688 llvm-svn: 262894
* [analyzer] Nullability: add option to not report on calls to system headers.Devin Coughlin2016-03-051-2/+25
| | | | | | | | | | | | | | Add an -analyzer-config 'nullability:NoDiagnoseCallsToSystemHeaders' option to the nullability checker. When enabled, this option causes the analyzer to not report about passing null/nullable values to functions and methods declared in system headers. This option is motivated by the observation that large projects may have many nullability warnings. These projects may find warnings about nullability annotations that they have explicitly added themselves higher priority to fix than warnings on calls to system libraries. llvm-svn: 262763
* [analyzer] Add diagnostic in ObjCDeallocChecker for use of -dealloc instead ↵Devin Coughlin2016-03-041-32/+92
| | | | | | | | | | | | | | | | | | of -release. In dealloc methods, the analyzer now warns when -dealloc is called directly on a synthesized retain/copy ivar instead of -release. This is intended to find mistakes of the form: - (void)dealloc { [_ivar dealloc]; // Mistaken call to -dealloc instead of -release [super dealloc]; } rdar://problem/16227989 llvm-svn: 262729
* Move class into anonymous namespace. NFC.Benjamin Kramer2016-03-041-0/+2
| | | | llvm-svn: 262716
* [analyzer] ObjCDeallocChecker: Only check for nil-out when type is retainable.Devin Coughlin2016-03-031-1/+5
| | | | | | This fixes a crash when setting a property of struct type in -dealloc. llvm-svn: 262659
* [analyzer] Move ObjCSuperDeallocChecker out of the alpha package.Devin Coughlin2016-03-021-4/+4
| | | | | | | | It will now be on by default on Darwin. rdar://problem/6953275 llvm-svn: 262526
* [analyzer] Move ObjCDeallocChecker out of the alpha package.Devin Coughlin2016-03-021-4/+4
| | | | | | | | It will now be on by default on Darwin. rdar://problem/6927496 llvm-svn: 262524
* [analyzer] Fix capitalization in ObjCSuperDeallocChecker diagnostic.Devin Coughlin2016-03-021-1/+1
| | | | llvm-svn: 262520
* [analyzer] Update CheckObjCDealloc diagnostic for missing -dealloc.Devin Coughlin2016-03-011-10/+18
| | | | | | | Update the diagnostic for classes missing -dealloc to mention an instance variable that needs to be released. llvm-svn: 262277
* [analyzer] Teach CheckObjCDealloc about Block_release().Devin Coughlin2016-02-291-10/+38
| | | | | | It now treats Block_release(b) as a release in addition to [b release]. llvm-svn: 262272
* [analyzer] Don't treat calls to system headers as escaping in CheckObjCDealloc.Devin Coughlin2016-02-291-21/+96
| | | | | | | | | | | | | | | | | | | This prevents false negatives when a -dealloc method, for example, removes itself as as an observer with [[NSNotificationCenter defaultCenter] removeObserver:self]. It is unlikely that passing 'self' to a system header method will release 'self''s instance variables, so this is unlikely to produce false positives. A challenge here is that while CheckObjCDealloc no longer treats these calls as escaping, the rest of the analyzer still does. In particular, this means that loads from the same instance variable before and after a call to a system header will result in different symbols being loaded by the region store. To account for this, the checker now treats different ivar symbols with the same instance and ivar decl as the same for the purpose of release checking and more eagerly removes a release requirement when an instance variable is assumed to be nil. This was not needed before because when an ivar escaped its release requirement was always removed -- now the requirement is not removed for calls to system headers. llvm-svn: 262261
* [analyzer] Prune some incorrect \param doc comment annotations.Devin Coughlin2016-02-262-15/+15
| | | | llvm-svn: 261970
* Checkers/CheckObjCDealloc.cpp: Prune "\param". [-Wdocumentation]NAKAMURA Takumi2016-02-261-1/+1
| | | | llvm-svn: 261963
* [analyzer] Shorten ObjcSuperDeallocChecker diagnostics.Devin Coughlin2016-02-261-2/+2
| | | | | | | | | Change "use of 'self' after it has been freed with call to [super dealloc]" to "use of 'self' after it has been deallocated" and "use of instance variable '_ivar' after the instance has been freed with call to [super dealloc]" to "use of instance variable '_ivar' after 'self' has been deallocated". llvm-svn: 261945
* [analyzer] Fix a memory error in r261935 caught by the Windows bots.Devin Coughlin2016-02-261-2/+2
| | | | | | It was using a temporary StringRef after its underlying storage was freed. llvm-svn: 261944
* [analyzer] Warn on use of 'self' after call to to [super dealloc].Devin Coughlin2016-02-251-24/+119
| | | | | | | | | | | | Referring to 'self' after a call to [super dealloc] is a use-after-free in Objective-C because NSObject's -dealloc frees the memory pointed to by self. This patch extends the ObjCSuperDeallocChecker to catch this error. rdar://problem/6953275 Differential Revision: http://reviews.llvm.org/D17528 llvm-svn: 261935
* [analyzer] Reapply r261917 with a fix.Devin Coughlin2016-02-251-175/+752
| | | | | | | | This reapplies "[analyzer] Make ObjCDeallocChecker path sensitive." (r261917) with a fix for an error on some bots about specializing a template from another namespace. llvm-svn: 261929
* Revert "[analyzer] Make ObjCDeallocChecker path sensitive."Devin Coughlin2016-02-251-748/+175
| | | | | | This reverts commit r261917. It broke the bots. llvm-svn: 261921
* [analyzer] Make ObjCDeallocChecker path sensitive.Devin Coughlin2016-02-251-175/+748
| | | | | | | | | | | | | | Convert the ObjCDeallocChecker to be path sensitive. The primary motivation for this change is to prevent false positives when -dealloc calls helper invalidation methods to release instance variables, but it additionally improves precision when -dealloc contains control flow. It also reduces the need for pattern matching. The check for missing -dealloc methods remains AST-based. Part of rdar://problem/6927496 Differential Revision: http://reviews.llvm.org/D17511 llvm-svn: 261917
* [analyzer] Improve pointer arithmetic checker.Gabor Horvath2016-02-231-25/+299
| | | | | | | | | | | This patch is intended to improve pointer arithmetic checker. From now on it only warns when the pointer arithmetic is likely to cause an error. For example when the pointer points to a single object, or an array of derived types. Differential Revision: http://reviews.llvm.org/D14203 llvm-svn: 261632
* [analyzer] Detect duplicate [super dealloc] callsDevin Coughlin2016-02-223-0/+202
| | | | | | | | | | | | | | Add an alpha path checker that warns about duplicate calls to [super dealloc]. This will form the foundation of a checker that will detect uses of 'self' after calling [super dealloc]. Part of rdar://problem/6953275. Based on a patch by David Kilzer! Differential Revision: http://reviews.llvm.org/D5238 llvm-svn: 261545
* [analyzer] Add checker callback for beginning of function.Devin Coughlin2016-02-196-14/+90
| | | | | | | | | | Add a checker callback that is called when the analyzer starts analyzing a function either at the top level or when inlined. This will be used by a follow-on patch making the DeallocChecker path sensitive. Differential Revision: http://reviews.llvm.org/D17418 llvm-svn: 261293
* [analyzer] Improve modeling of ObjC synthesized property setters.Devin Coughlin2016-02-181-9/+54
| | | | | | | | | | | | | When modeling a call to a setter for a property that is synthesized to be backed by an instance variable, don't invalidate the entire instance but rather only the storage for the updated instance variable itself. This still doesn't model the effect of the setter completely. It doesn't bind the set value to the ivar storage location because doing so would cause the set value to escape, removing valuable diagnostics about potential leaks of the value from the retain count checker. llvm-svn: 261243
* Simplify users of StringRef::{l,r}trim (clang) (NFC)Vedant Kumar2016-02-162-2/+2
| | | | | | | r260925 introduced a version of the *trim methods which is preferable when trimming a single kind of character. Update all users in clang. llvm-svn: 260927
* Reduce the number of implicit StringRef->std::string conversions by ↵Benjamin Kramer2016-02-132-4/+4
| | | | | | | | threading StringRef through more APIs. No functionality change intended. llvm-svn: 260815
* [analyzer] Improve pattern matching in ObjCDealloc checker.Devin Coughlin2016-02-111-8/+17
| | | | | | | | Look through PseudoObjectExpr and OpaqueValueExprs when scanning for release-like operations. This commit also adds additional tests in anticipation of re-writing this as a path-sensitive checker. llvm-svn: 260608
* Fix some Clang-tidy readability-redundant-control-flow warnings; other minor ↵Eugene Zelenko2016-02-1010-83/+42
| | | | | | | | fixes. Differential revision: http://reviews.llvm.org/D17060 llvm-svn: 260414
* [analyzer] Avoid crash when attempting to evaluate binary operation on ↵Devin Coughlin2016-02-081-0/+5
| | | | | | | | | | | LazyCompoundVal. Instead, return UnknownValue if either operand is a nonloc::LazyCompoundVal. This is a spot fix for PR 24951. rdar://problem/23682244 llvm-svn: 260066
* [analyzer] Invalidate destination of std::copy() and std::copy_backward().Devin Coughlin2016-02-073-31/+60
| | | | | | | | | Now that the libcpp implementations of these methods has a branch that doesn't call memmove(), the analyzer needs to invalidate the destination for these methods explicitly. rdar://problem/23575656 llvm-svn: 260043
* [analyzer] DeallocChecker: Don't warn on release of readonly assign property ↵Devin Coughlin2016-02-061-0/+6
| | | | | | | | | in dealloc. It is common for the ivars for read-only assign properties to always be stored retained, so don't warn for a release in dealloc for the ivar backing these properties. llvm-svn: 259998
* [analyzer] Suppress localization diagnostics in debug classes and methods.Devin Coughlin2016-02-051-0/+35
| | | | | | | If the class or method name case-insensitively contains the term "debug", suppress warnings about string constants flowing to user-facing UI APIs. llvm-svn: 259875
* [OpenMP] Parsing + sema for target parallel for directive.Arpith Chacko Jacob2016-02-031-0/+1
| | | | | | | | | | | Summary: This patch adds parsing + sema for the target parallel for directive along with testcases. Reviewers: ABataev Differential Revision: http://reviews.llvm.org/D16759 llvm-svn: 259654
* Minor cleanup to remove casts and improve some const correctness. NFC.Aaron Ballman2016-02-031-26/+26
| | | | | | Patch by Alexander Riccio. llvm-svn: 259652
* [analyzer] AnalysisConsumer: print fully-qualified function name while ↵Yury Gribov2016-02-031-1/+1
| | | | | | | | | | | displaying progress -analyzer-display progress option prints only function names which may be ambiguous. This patch forces AnalysisConsumer to print fully-qualified function names. Patch by Alex Sidorin! Differential Revision: http://reviews.llvm.org/D16804 llvm-svn: 259646
* Code clean up; NFC.Aaron Ballman2016-02-011-4/+4
| | | | | | Patch by Alexander Riccio. llvm-svn: 259409
* Convert an unsigned to Twine instead of using utostr since we're already ↵Craig Topper2016-01-311-1/+1
| | | | | | building a Twine. NFC llvm-svn: 259309
* [analyzer] Make suppression of macro defensive checks work with ↵Devin Coughlin2016-01-301-8/+29
| | | | | | | | | -analyzer-eagerly-assume. This is the default for the analyzer but the flag is added by the driver so our suppression tests didn't cover this case. llvm-svn: 259288
* Avoid overly large SmallPtrSet/SmallSetMatthias Braun2016-01-302-6/+2
| | | | | | | | | These sets perform linear searching in small mode so it is never a good idea to use SmallSize/N bigger than 32. Differential Revision: http://reviews.llvm.org/D16705 llvm-svn: 259284
* Annotate dump() methods with LLVM_DUMP_METHOD, addressing Richard Smith ↵Yaron Keren2016-01-296-11/+11
| | | | | | r259192 post commit comment. llvm-svn: 259232
* [analyzer] Suppress null reports from defensive checks in function-like macros.Devin Coughlin2016-01-291-1/+26
| | | | | | | | | We already do this for case splits introduced as a result of defensive null checks in functions and methods, so do the same for function-like macros. rdar://problem/19640441 llvm-svn: 259222
* [analyzer] Improve Nullability checker diagnosticsAnna Zaks2016-01-293-34/+69
| | | | | | | | | - Include the position of the argument on which the nullability is violated - Differentiate between a 'method' and a 'function' in the message wording - Test for the error message text in the tests - Fix a bug with setting 'IsDirectDereference' which resulted in regular dereferences assumed to have call context. llvm-svn: 259221
OpenPOWER on IntegriCloud