| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
| |
BFS should give slightly better performance. Ex: Suppose, we have two
roots R1 and R2. A callee function C is reachable through both. However,
C is not inlined when analyzing R1 due to inline stack depth limit. With
DFS, C will be analyzed as top level even though it would be analyzed as
inlined through R2. On the other hand, BFS could avoid analyzing C as
top level.
llvm-svn: 152652
|
| |
|
|
|
|
| |
collecting function Decls.
llvm-svn: 152651
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
AnalysisConsumer.
As a result:
- We now analyze the C++ methods which are defined within the
class body. These were completely skipped before.
- Ensure that AST checkers are called on functions in the
order they are defined in the Translation unit.
llvm-svn: 152650
|
| |
|
|
|
|
| |
function.
llvm-svn: 152649
|
| |
|
|
| |
llvm-svn: 152648
|
| |
|
|
|
|
| |
multiple files.
llvm-svn: 152586
|
| |
|
|
| |
llvm-svn: 152584
|
| |
|
|
|
|
|
|
|
|
| |
(Lex to AST).
The member variable is always "LangOpts" and the member function is always "getLangOpts".
Reviewed by Chris Lattner
llvm-svn: 152536
|
| |
|
|
| |
llvm-svn: 152521
|
| |
|
|
|
|
|
|
| |
track whether the referenced declaration comes from an enclosing
local context. I'm amenable to suggestions about the exact meaning
of this bit.
llvm-svn: 152491
|
| |
|
|
|
|
|
|
|
|
|
| |
doesn't understand. We registered
as aborted, but didn't treat such cases as sinks in the ExplodedGraph.
Along the way, add basic support for CXXCatchStmt, expanding the set of code we actually analyze (hopefully correctly).
Fixes: <rdar://problem/10892489>
llvm-svn: 152468
|
| |
|
|
|
|
| |
annotations. Fixes <rdar://problem/10824732>.
llvm-svn: 152448
|
| |
|
|
|
|
|
|
|
|
|
| |
We do not reanalyze a function, which has already been analyzed as an
inlined callee. As per PRELIMINARY testing, this gives over
50% run time reduction on some benchmarks without decreasing of the
number of bugs found.
Turning the mode on by default.
llvm-svn: 152440
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
symbols and regions.
Essentially, a bug centers around a story for various symbols and regions. We should only include
the path diagnostic events that relate to those symbols and regions.
The pruning is done by associating a set of interesting symbols and regions with a BugReporter, which
can be modified at BugReport creation or by BugReporterVisitors.
This patch reduces the diagnostics emitted in several of our test cases. I've vetted these as
having desired behavior. The only regression is a missing null check diagnostic for the return
value of realloc() in test/Analysis/malloc-plist.c. This will require some investigation to fix,
and I have added a FIXME to the test case.
llvm-svn: 152361
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
analyzed.
The CallGraph is used when inlining is on, which is the current default.
This alone does not bring any performance improvement. It's a
stepping stone for the upcoming optimization in which we do not
re-analyze a function that has already been analyzed while inlined in
other functions. Using the call graph makes it easier to play with
the order of functions to minimize redundant analyzes.
llvm-svn: 152352
|
| |
|
|
|
|
|
|
|
| |
- Remove -analyzer-inline-call.
- Add -analyzer-ipa=[none|inlining]
- Add -analyzer-inlining-mode to allow experimentation for
different performance tuning methods.
llvm-svn: 152351
|
| |
|
|
|
|
|
|
|
|
| |
The final graph contains a single root node, which is a parent of all externally available functions(and 'main'). As well as a list of Parentless/Unreachable functions, which are either truly unreachable or are unreachable due to our analyses imprecision.
The analyzer checkers debug.DumpCallGraph or debug.ViewGraph can be used to look at the produced graph.
Currently, the graph is not very precise, for example, it entirely skips edges resulted from ObjC method calls.
llvm-svn: 152272
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
analysis to make the AST representation testable. They are represented by a
new UserDefinedLiteral AST node, which is a sugared CallExpr. All semantic
properties, including full CodeGen support, are achieved for free by this
representation.
UserDefinedLiterals can never be dependent, so no custom instantiation
behavior is required. They are mangled as if they were direct calls to the
underlying literal operator. This matches g++'s apparent behavior (but not its
actual mangling, which is broken for literal-operator-ids).
User-defined *string* literals are now fully-operational, but the semantic
analysis is quite hacky and needs more work. No other forms of user-defined
literal are created yet, but the AST support for them is present.
This patch committed after midnight because we had already hit the quota for
new kinds of literal yesterday.
llvm-svn: 152211
|
| |
|
|
| |
llvm-svn: 152139
|
| |
|
|
|
|
| |
the callee, and add an edge.
llvm-svn: 152086
|
| |
|
|
| |
llvm-svn: 152083
|
| |
|
|
| |
llvm-svn: 152080
|
| |
|
|
| |
llvm-svn: 152078
|
| |
|
|
|
|
|
|
|
|
| |
call arguments
when the called function is never inlined.
Fixes <rdar://problem/10977037>.
llvm-svn: 152073
|
| |
|
|
|
|
| |
memory doesn't alias symbolic memory. This is a heuristic/hack, but works well in practice. Fixes <rdar://problem/10978247>.
llvm-svn: 152065
|
| |
|
|
| |
llvm-svn: 152059
|
| |
|
|
|
|
| |
calls with self as a parameter.
llvm-svn: 152039
|
| |
|
|
|
|
| |
calling an ObjC method ending with 'NoCopy'.
llvm-svn: 152037
|
| |
|
|
|
|
| |
the CFG is fully linearized.
llvm-svn: 152007
|
| |
|
|
|
|
| |
from an ancestor stack frame.
llvm-svn: 151964
|
| |
|
|
|
|
|
|
| |
when visiting a CallEnter.
Fixes <rdar://problem/10967815>
llvm-svn: 151938
|
| |
|
|
|
|
|
|
|
|
|
| |
command line options for inlining tuning.
This adds the option for stack depth bound as well as function size
bound.
+ minor doxygenification
llvm-svn: 151930
|
| |
|
|
|
|
|
|
|
|
| |
diagnostics in calls into macro pieces.
Also fix handling of macros within calls in the HTMLDiagnostics.
This also adds a test case for r151774.
llvm-svn: 151872
|
| |
|
|
|
|
| |
special to do with it, since destructors are represented explicitly in the CFG.
llvm-svn: 151856
|
| |
|
|
|
|
|
|
|
|
| |
attributes, introduced in r151188.
+ the test to catch it.
Thanks to Ahmed Charles for pointing this out.
llvm-svn: 151840
|
| |
|
|
|
|
| |
Needs llvm update.
llvm-svn: 151829
|
| |
|
|
|
|
|
| |
will be done by the general cleanup later on.
A Patch by Ted.
llvm-svn: 151784
|
| |
|
|
| |
llvm-svn: 151775
|
| |
|
|
|
|
| |
and macros.
llvm-svn: 151774
|
| |
|
|
|
|
|
|
|
|
|
|
| |
funopen, setvbuf.
Teach the checker and the engine about these APIs to resolve malloc
false positives. As I am adding more of these APIs, it is clear that all
this should be factored out into a separate callback (for example,
region escapes). Malloc, KeyChainAPI and RetainRelease checkers could
all use it.
llvm-svn: 151737
|
| |
|
|
|
|
| |
because the CFG is fully linearized.
llvm-svn: 151711
|
| |
|
|
|
|
| |
unreachable default blocks. Patch by Cyril Roelandt!
llvm-svn: 151709
|
| |
|
|
|
|
|
|
| |
don't support cross-file diagnostics
into a common place. Currently enable this filtration for Plist diagnostics as well.
llvm-svn: 151664
|
| |
|
|
|
|
|
|
|
| |
unnecessary cruft caused by path inlining.
This introduces a concept of a "prunable" PathDiagnosticEvent. Currently this is a flag, but
we may evolve the concept to make this more dynamically inferred.
llvm-svn: 151663
|
| |
|
|
|
|
| |
closest function context (RetainCountChecker).
llvm-svn: 151661
|
| |
|
|
|
|
| |
message.
llvm-svn: 151657
|
| |
|
|
|
|
| |
test.
llvm-svn: 151656
|
| |
|
|
|
|
| |
closest function context (Keychain API).
llvm-svn: 151613
|
| |
|
|
|
|
|
|
| |
When allocated buffer is passed to CF/NS..NoCopy functions, the
ownership is transfered unless the deallocator argument is set to
'kCFAllocatorNull'.
llvm-svn: 151608
|
| |
|
|
|
|
|
|
|
|
| |
positive with the malloc() checker involving
comparing literal addresses to nil.
Fixes <rdar://problem/10579586>
llvm-svn: 151602
|
