summaryrefslogtreecommitdiffstats
path: root/clang/lib/StaticAnalyzer
Commit message (Collapse)AuthorAgeFilesLines
...
* unique_ptrify clang::ento::createCheckerManagerDavid Blaikie2014-08-292-18/+11
| | | | llvm-svn: 216765
* unique_ptrify PathDiagnosticConsumer::HandlePathDiagnosticDavid Blaikie2014-08-292-7/+6
| | | | | | | FoldingSet, another intrusive data structure that could use some unique_ptr love on its interfaces. Eventually. llvm-svn: 216764
* Add an option to silence all analyzer warnings.Anna Zaks2014-08-292-2/+10
| | | | | | | | | | | | People have been incorrectly using "-analyzer-disable-checker" to silence analyzer warnings on a file, when analyzing a project. Add the "-analyzer-disable-all-checks" option, which would allow the suppression and suggest it as part of the error message for "-analyzer-disable-checker". The idea here is to compose this with "--analyze" so that users can selectively opt out specific files from static analysis. llvm-svn: 216763
* unique_ptrify thep passing of BugReports to BugReportEquivClassDavid Blaikie2014-08-291-4/+3
| | | | | | | | I suspect llvm::ilist should take elements by unique_ptr, since it does take ownership of the element (by stitching it into the linked list) - one day. llvm-svn: 216761
* unique_ptrify PathDiagnostic::setEndOfPath's argumentDavid Blaikie2014-08-291-4/+4
| | | | | | | | | | | | | | Again, if shared ownership is the right model here (I assume it is, given graph algorithms & such) this could be tidied up (the 'release' call removed in favor of something safer) by having IntrunsiveRefCntPointer constructible from a unique_ptr. (& honestly I'd probably favor taking a page out of shared_ptr's book, allowing implicit construction from a unique_ptr rvalue, and only allow explicit from a raw pointer - currently IntrusiveRefCntPointer can implicitly own from a raw pointer, which seems unsafe) llvm-svn: 216752
* unique_ptr-ify PathDiagnosticPiece ownershipDavid Blaikie2014-08-294-36/+31
| | | | llvm-svn: 216751
* [CMake] clangStaticAnalyzerFrontend: Add clangLex, corresponding to r216550.NAKAMURA Takumi2014-08-281-0/+1
| | | | llvm-svn: 216664
* Add support for the static analyzer to synthesize function implementations ↵Ted Kremenek2014-08-278-24/+281
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | from external model files. Currently the analyzer lazily models some functions using 'BodyFarm', which constructs a fake function implementation that the analyzer can simulate that approximates the semantics of the function when it is called. BodyFarm does this by constructing the AST for such definitions on-the-fly. One strength of BodyFarm is that all symbols and types referenced by synthesized function bodies are contextual adapted to the containing translation unit. The downside is that these ASTs are hardcoded in Clang's own source code. A more scalable model is to allow these models to be defined as source code in separate "model" files and have the analyzer use those definitions lazily when a function body is needed. Among other things, it will allow more customization of the analyzer for specific APIs and platforms. This patch provides the initial infrastructure for this feature. It extends BodyFarm to use an abstract API 'CodeInjector' that can be used to synthesize function bodies. That 'CodeInjector' is implemented using a new 'ModelInjector' in libFrontend, which lazily parses a model file and injects the ASTs into the current translation unit. Models are currently found by specifying a 'model-path' as an analyzer option; if no path is specified the CodeInjector is not used, thus defaulting to the current behavior in the analyzer. Models currently contain a single function definition, and can be found by finding the file <function name>.model. This is an initial starting point for something more rich, but it bootstraps this feature for future evolution. This patch was contributed by Gábor Horváth as part of his Google Summer of Code project. Some notes: - This introduces the notion of a "model file" into FrontendAction and the Preprocessor. This nomenclature is specific to the static analyzer, but possibly could be generalized. Essentially these are sources pulled in exogenously from the principal translation. Preprocessor gets a 'InitializeForModelFile' and 'FinalizeForModelFile' which could possibly be hoisted out of Preprocessor if Preprocessor exposed a new API to change the PragmaHandlers and some other internal pieces. This can be revisited. FrontendAction gets a 'isModelParsingAction()' predicate function used to allow a new FrontendAction to recycle the Preprocessor and ASTContext. This name could probably be made something more general (i.e., not tied to 'model files') at the expense of losing the intent of why it exists. This can be revisited. - This is a moderate sized patch; it has gone through some amount of offline code review. Most of the changes to the non-analyzer parts are fairly small, and would make little sense without the analyzer changes. - Most of the analyzer changes are plumbing, with the interesting behavior being introduced by ModelInjector.cpp and ModelConsumer.cpp. - The new functionality introduced by this change is off-by-default. It requires an analyzer config option to enable. llvm-svn: 216550
* Simplify creation of a bunch of ArrayRefs by using None, makeArrayRef or ↵Craig Topper2014-08-271-1/+1
| | | | | | just letting them be implicitly created. llvm-svn: 216528
* Fix representation of __attribute__((nonnull)) to support correctly modelingRichard Smith2014-08-271-0/+2
| | | | | | | | | | | | | | | the no-arguments case. Don't expand this to an __attribute__((nonnull(A, B, C))) attribute, since that does the wrong thing for function templates and varargs functions. In passing, fix a grammar error in the diagnostic, a crash if __attribute__((nonnull(N))) is applied to a varargs function, a bug where the same null argument could be diagnosed multiple times if there were multiple nonnull attributes referring to it, and a bug where nonnull attributes would not be accumulated correctly across redeclarations. llvm-svn: 216520
* Update for llvm api change.Rafael Espindola2014-08-251-4/+4
| | | | llvm-svn: 216397
* [analyzer] Remove check covered by -Wobjc-missing-super-calls.Jordan Rose2014-08-221-39/+0
| | | | | | | | | The ObjCDealloc checker is currently disabled because it was too aggressive, but this is a good first step in getting it back to a useful state. Patch by David Kilzer! llvm-svn: 216272
* Objective-C. Warn if user has made explicit callFariborz Jahanian2014-08-221-0/+1
| | | | | | | to +initilize as this results in an extra call to this method. rdar://16628028 llvm-svn: 216271
* [analyzer] Don't warn on virtual calls in ctors to final methods.Benjamin Kramer2014-08-211-3/+10
| | | | | | | The call will never go to a more derived class, but that's intentional in those cases. llvm-svn: 216167
* [analyzer] UnixAPI: Check that the third argument to open(2) (if present) is ↵Jordan Rose2014-08-201-0/+9
| | | | | | | | an integer. Patch by Daniel Fahlgren. llvm-svn: 216079
* [analyzer] UnixAPI: Check when open(2) is called with more than three arguments.Jordan Rose2014-08-201-21/+36
| | | | | | Patch by Daniel Fahlgren. llvm-svn: 216078
* [analyzer] IdenticalExpr: don't try to compare integer literals with ↵Jordan Rose2014-08-201-1/+6
| | | | | | | | different widths. PR20659. Patch by Anders Rönnholm. llvm-svn: 216076
* [analyzer] IdenticalExpr: use getBytes rather than getString to compare ↵Jordan Rose2014-08-201-1/+1
| | | | | | | | string literals. PR20693. Patch by Anders Rönnholm. llvm-svn: 216075
* Header guard canonicalization, clang part.Benjamin Kramer2014-08-136-12/+12
| | | | | | Modifications made by clang-tidy with minor tweaks. llvm-svn: 215557
* Work around missing handling of temporaries bound to default arguments.Manuel Klimek2014-08-131-6/+15
| | | | | | | | | | | Yet more problems due to the missing CXXBindTemporaryExpr in the CFG for default arguments. Unfortunately we cannot just switch off inserting temporaries for the corresponding default arguments, as that breaks existing tests (test/SemaCXX/return-noreturn.cpp:245). llvm-svn: 215554
* [analyzer] Check for negative values used as the size of a C variable-length ↵Jordan Rose2014-08-121-2/+24
| | | | | | | | array. Patch by Daniel Fahlgren! llvm-svn: 215456
* Work around default parameter problem in the static analyzer.Manuel Klimek2014-08-111-4/+7
| | | | | | | | | | | | | | | | | In cases like: struct C { ~C(); } void f(C c = C()); void t() { f(); } We currently do not add the CXXBindTemporaryExpr for the temporary (the code mentions that as the default parameter expressions are owned by the declaration, we'd otherwise add the same expression multiple times), but we add the temporary destructor pointing to the CXXBindTemporaryExpr. We need to fix that before we can re-enable the assertion. llvm-svn: 215357
* Recommit 213307: unique_ptr-ify ownership of ASTConsumers (reverted in r213325)David Blaikie2014-08-102-4/+4
| | | | | | | | After post-commit review and community discussion, this seems like a reasonable direction to continue, making ownership semantics explicit in the source using the type system. llvm-svn: 215323
* Simplify ownership of ExplodedGraph in the CoreEngine by removing unique_ptr ↵David Blaikie2014-08-081-25/+25
| | | | | | | | | | | | indirection. Summary: I was going to fix the use of raw pointer ownership in "takeGraph" when I realized that function was unused and the whole ExplodedGraph could just be owned by value without the std::unique_ptr indirection at all. Reviewers: jordan_rose Differential Revision: http://reviews.llvm.org/D4833 llvm-svn: 215257
* Re-applying r214962.Manuel Klimek2014-08-072-10/+110
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes to the original patch: - model the CFG for temporary destructors in conditional operators so that the destructors of the true and false branch are always exclusive. This is necessary because we must not have impossible paths for the path based analysis to work. - add multiple regression tests with ternary operators Original description: Fix modelling of non-lifetime-extended temporary destructors in the analyzer. Changes to the CFG: When creating the CFG for temporary destructors, we create a structure that mirrors the branch structure of the conditionally executed temporary constructors in a full expression. The branches we create use a CXXBindTemporaryExpr as terminator which corresponds to the temporary constructor which must have been executed to enter the destruction branch. 2. Changes to the Analyzer: When we visit a CXXBindTemporaryExpr we mark the CXXBindTemporaryExpr as executed in the state; when we reach a branch that contains the corresponding CXXBindTemporaryExpr as terminator, we branch out depending on whether the corresponding CXXBindTemporaryExpr was marked as executed. llvm-svn: 215096
* Revert "Fix modelling of non-lifetime-extended temporary destructors in the ↵Rui Ueyama2014-08-062-110/+10
| | | | | | | | | | | | | | | | | | | | analyzer." This reverts commit r214962 because after the change the following code doesn't compile with -Wreturn-type -Werror. #include <cstdlib> class NoReturn { public: ~NoReturn() __attribute__((noreturn)) { exit(1); } }; int check() { true ? NoReturn() : NoReturn(); } llvm-svn: 214998
* Remove unnecessary semicolon.Manuel Klimek2014-08-061-1/+1
| | | | llvm-svn: 214970
* Fix modelling of non-lifetime-extended temporary destructors in the analyzer.Manuel Klimek2014-08-062-10/+110
| | | | | | | | | | | | | | | | | | | 1. Changes to the CFG: When creating the CFG for temporary destructors, we create a structure that mirrors the branch structure of the conditionally executed temporary constructors in a full expression. The branches we create use a CXXBindTemporaryExpr as terminator which corresponds to the temporary constructor which must have been executed to enter the destruction branch. 2. Changes to the Analyzer: When we visit a CXXBindTemporaryExpr we mark the CXXBindTemporaryExpr as executed in the state; when we reach a branch that contains the corresponding CXXBindTemporaryExpr as terminator, we branch out depending on whether the corresponding CXXBindTemporaryExpr was marked as executed. llvm-svn: 214962
* [Analyzer] fix for PR19102Anton Yartsev2014-08-051-0/+41
| | | | | | Newly-created unconsumed instance is now assumed escaped if an invoked constructor has an argument of a pointer-to-record type. llvm-svn: 214909
* [OPENMP] Initial parsing and sema analysis for 'atomic' directive.Alexey Bataev2014-07-221-0/+1
| | | | llvm-svn: 213639
* [OPENMP] Initial parsing and sema analysis for 'ordered' directive.Alexey Bataev2014-07-221-0/+1
| | | | llvm-svn: 213616
* [OPENMP] Initial parsing and sema analysis for 'flush' directive.Alexey Bataev2014-07-211-0/+1
| | | | llvm-svn: 213512
* [OPENMP] Parsing/Sema of the OpenMP directive 'critical'.Alexander Musman2014-07-211-0/+1
| | | | llvm-svn: 213510
* Remove uses of the redundant ".reset(nullptr)" of unique_ptr, in favor of ↵David Blaikie2014-07-191-8/+7
| | | | | | | | | | | ".reset()" It's also possible to just write "= nullptr", but there's some question of whether that's as readable, so I leave it up to authors to pick which they prefer for now. If we want to discuss standardizing on one or the other, we can do that at some point in the future. llvm-svn: 213439
* [OPENMP] Initial parsing and sema analysis for 'taskwait' directive.Alexey Bataev2014-07-181-0/+1
| | | | llvm-svn: 213363
* [OPENMP] Initial parsing and sema analysis for 'barrier' directive.Alexey Bataev2014-07-181-0/+1
| | | | llvm-svn: 213360
* [OPENMP] Initial parsing and sema analysis of 'taskyield' directive.Alexey Bataev2014-07-181-0/+1
| | | | llvm-svn: 213355
* Revert "unique_ptr-ify ownership of ASTConsumers"David Blaikie2014-07-172-4/+4
| | | | | | | | | This reverts commit r213307. Reverting to have some on-list discussion/confirmation about the ongoing direction of smart pointer usage in the LLVM project. llvm-svn: 213325
* unique_ptr-ify ownership of ASTConsumersDavid Blaikie2014-07-172-4/+4
| | | | | | | | | (after fixing a bug in MultiplexConsumer I noticed the ownership of the nested consumers was implemented with raw pointers - so this fixes that... and follows the source back to its origin pushing unique_ptr ownership up through there too) llvm-svn: 213307
* [OPENMP] Parsing/Sema analysis of directive 'master'Alexander Musman2014-07-171-0/+1
| | | | llvm-svn: 213237
* Make clang's rewrite engine a core featureAlp Toker2014-07-161-1/+1
| | | | | | | | | | | | | | | The rewrite facility's footprint is small so it's not worth going to these lengths to support disabling at configure time, particularly since key compiler features now depend on it. Meanwhile the Objective-C rewriters have been moved under the ENABLE_CLANG_ARCMT umbrella for now as they're comparatively heavy and still potentially worth excluding from lightweight builds. Tests are now passing with any combination of feature flags. The flags historically haven't been tested by LLVM's build servers so caveat emptor. llvm-svn: 213171
* [OPENMP] Parsing and sema analysis for 'omp task' directive.Alexey Bataev2014-07-111-0/+1
| | | | llvm-svn: 212804
* TestAfterDivZeroChecker.cpp: Avoid member initializer. It is unsupported in ↵NAKAMURA Takumi2014-07-111-2/+2
| | | | | | msc17. llvm-svn: 212789
* [analyzer] Check for code testing a variable for 0 after using it as a ↵Jordan Rose2014-07-103-0/+269
| | | | | | | | | | | | | | | | | | | denominator. This new checker, alpha.core.TestAfterDivZero, catches issues like this: int sum = ... int avg = sum / count; // potential division by zero... if (count == 0) { ... } // ...caught here Because the analyzer does not necessarily explore /all/ paths through a program, this check is restricted to only work on zero checks that immediately follow a division operation (/ % /= %=). This could later be expanded to handle checks dominated by a division operation but not necessarily in the same CFG block. Patch by Anders Rönnholm! (with very minor modifications by me) llvm-svn: 212731
* [OPENMP] Parsing and sema analysis for 'omp parallel sections' directive.Alexey Bataev2014-07-081-0/+1
| | | | llvm-svn: 212516
* [OPENMP] Added initial support for 'omp parallel for'.Alexey Bataev2014-07-071-0/+1
| | | | llvm-svn: 212453
* StaticAnalyzer: Silence a warningDavid Majnemer2014-07-071-0/+1
| | | | | | | ExprEngine wasn't ready for SEHLeaveStmtClass. Handle it like all the other SEH constructs by aborting. llvm-svn: 212436
* PlistSupport.h: avoid gcc 'defined but not used' warningAlp Toker2014-07-061-2/+1
| | | | llvm-svn: 212396
* Modernize a couple of loopsAlp Toker2014-07-061-5/+2
| | | | llvm-svn: 212394
* Use PlistSupport in a few more placesAlp Toker2014-07-061-2/+2
| | | | | | Switch over LogDiagnosticPrinter and introduce an integer helper. llvm-svn: 212384
OpenPOWER on IntegriCloud