| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
SimpleSValBuilder. This clears up some
false positives emitted by ArrayBoundCheckerV2
due to the lack of support for pointer arithmetic.
llvm-svn: 122546
|
| |
|
|
|
|
|
|
|
|
|
| |
set the RUN line correctly in a test file!
Mark a bunch of tests for ArrayBoundCheckerV2
as FIXME's, as our current lack of pointer
arithmetic handling causes these to be all
false positives/negatives.
llvm-svn: 122471
|
| |
|
|
|
|
|
| |
checker based on using raw (symbolic) byte offsets
from a base region.
llvm-svn: 122469
|
| |
|
|
|
|
| |
the location (l-value) to it.
llvm-svn: 122396
|
| |
|
|
|
|
|
|
|
|
|
| |
This change is necessary when the variable is a const reference and we need
the l-value of the construct expr. After that, when binding the variable,
recover the lazy compound value when the variable is not a reference.
In Environment, use the value of a no-op cast expression when it has one.
Otherwise, blast-through it.
llvm-svn: 122388
|
| |
|
|
|
|
| |
create a temporary object for it.
llvm-svn: 122161
|
| |
|
|
|
|
| |
when the selector is the string 'mutable'.
llvm-svn: 122046
|
| |
|
|
|
|
|
|
| |
only indicates the create rule if it starts
at the beginning of the method name, not
within the method name.
llvm-svn: 122036
|
| |
|
|
|
|
| |
Fixes rdar://problem/8776586.
llvm-svn: 121992
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
implicit lvalue-to-rvalue casts that John McCall
recently introduced. This causes a whole bunch
of logic in the analyzer for handling lvalues
to vanish. It does, however, raise a few issues
in the analyzer w.r.t to modeling various constructs
(e.g., field accesses to compound literals).
The .c/.m analysis test cases that fail are
due to a missing lvalue-to-rvalue cast that
will get introduced into the AST. The .cpp
failures were more than I could investigate in
one go, and the patch was already getting huge.
I have XFAILED some of these tests, and they
should obviously be further investigated.
Some highlights of this patch include:
- CFG no longer requires an lvalue bit for
CFGElements
- StackFrameContext doesn't need an 'asLValue'
flag
- The "VisitLValue" path from GRExprEngine has
been eliminated.
Besides the test case failures (XFAILed), there
are surely other bugs that are fallout from
this change.
llvm-svn: 121960
|
| |
|
|
| |
llvm-svn: 120796
|
| |
|
|
|
|
|
|
|
|
|
|
| |
label addresses or references to temporaries, e.g:
const int& g2() {
int s1;
int &s2 = s1; // expected-note {{binding reference variable 's2' here}}
return s2; // expected-warning {{reference to stack memory associated with local variable 's1' returned}}
}
llvm-svn: 120483
|
| |
|
|
|
|
| |
hit when self-host.
llvm-svn: 120351
|
| |
|
|
|
|
| |
The issue was brought to our attention by Matthieu Monrocq.
llvm-svn: 120331
|
| |
|
|
| |
llvm-svn: 120173
|
| |
|
|
| |
llvm-svn: 120143
|
| |
|
|
|
|
|
|
|
|
|
| |
to be consistent with the type of 'this' expr in the method.
此行及以下内容将会被忽略--
M test/Analysis/method-call.cpp
M include/clang/Checker/PathSensitive/GRExprEngine.h
M lib/Checker/GRCXXExprEngine.cpp
llvm-svn: 120094
|
| |
|
|
| |
llvm-svn: 119960
|
| |
|
|
| |
llvm-svn: 119897
|
| |
|
|
|
|
|
|
| |
allocation sizes of 0 bytes.
Fixes PR 2899.
llvm-svn: 119364
|
| |
|
|
|
|
|
|
|
| |
- Add a new Kind of ProgramPoint: PostInitializer.
- Still use GRStmtNodeBuilder. But special handling PostInitializer in
GRStmtNodeBuilder::GenerateAutoTransition().
- Someday we should clean up the interface of GRStmtNodeBuilder.
llvm-svn: 119335
|
| |
|
|
|
|
|
|
|
| |
a ternary '?' expression,
it is possible for the confluence block to only have a single predecessor due to calls to 'noreturn'
functions. Fixes assertion failure reported in PR 8619.
llvm-svn: 119284
|
| |
|
|
|
|
|
|
|
| |
via a function pointer that
casts the return value to something completely different. While we need better reasoning here,
we should definately not crash.
llvm-svn: 119177
|
| |
|
|
|
|
|
|
|
| |
Elidable CXXConstructExpr should inhibit calling destructor for temporary
that is copied, not the one created. This is because eliding copy constructor
means that the object that was to be copied will be constructed directly in
memory the copy would be constructed in.
llvm-svn: 119044
|
| |
|
|
|
|
| |
CXXConstructExpr.
llvm-svn: 118991
|
| |
|
|
|
|
|
|
|
|
| |
addresses; instead return UnknownVal. This
leads it up to checkers (e.g., DereferenceChecker) to guard against illegal accesses (e.g., null dereferences).
Fixes PR 5272 and <rdar://problem/6839683>.
llvm-svn: 118852
|
| |
|
|
|
|
| |
<rdar://problem/8642434>.
llvm-svn: 118473
|
| |
|
|
| |
llvm-svn: 118166
|
| |
|
|
|
|
|
|
|
| |
that are not handled properly:
1. For statement: const C& c = C(0) ?: C(1) destructors generated for condition will not differ from those generated for case without prolonged lifetime of temporary,
2. There will be no destructor for constant reference member bound to temporary at the exit from constructor.
llvm-svn: 118158
|
| |
|
|
| |
llvm-svn: 117974
|
| |
|
|
|
|
| |
declaration names, from Jim Goodnow II!
llvm-svn: 117970
|
| |
|
|
|
|
|
| |
Let the destination of AggExprVisitor be an explicit MemRegion.
Reenable the test case.
llvm-svn: 117908
|
| |
|
|
|
|
| |
method inlining. Temporarily fail a test case.
llvm-svn: 117907
|
| |
|
|
|
|
| |
Clang PR 8426, 8427, & 8433. Reviewed by Ted Kremenek and Doug Gregor.
llvm-svn: 117853
|
| |
|
|
|
|
|
|
| |
false positives).
Fixes <rdar://problem/8601243>.
llvm-svn: 117635
|
| |
|
|
| |
llvm-svn: 117525
|
| |
|
|
|
|
| |
<rdar://problem/8481311>.
llvm-svn: 117521
|
| |
|
|
|
|
|
|
|
| |
containing a DoStmt, and the LHS doesn't create a new block, then we should
return RBlock. Otherwise we'll incorrectly return NULL.
Also relax an assertion in VisitWhileStmt(). Reset 'Block' when it is finished.
llvm-svn: 117436
|
| |
|
|
|
|
|
|
|
|
|
| |
variables. When invalidated, the entire
globals memory space gets assigned a symbolic value, but that value was not being used for lazy symbolication
of fields of globals. This could result in cases where bogus null dereferences were being reported.
Fixes PR 8440.
llvm-svn: 117336
|
| |
|
|
|
|
| |
dereferences resulting from array accesses.
llvm-svn: 117334
|
| |
|
|
|
|
| |
reported in PR 8458.
llvm-svn: 117300
|
| |
|
|
|
|
| |
There's only one destructor call generated for each not empty array (at least for now this should be enough).
llvm-svn: 117252
|
| |
|
|
|
|
| |
There's only one destructor call generated for each not empty array (at least for now this should be enough).
llvm-svn: 117251
|
| |
|
|
|
|
| |
Darin Adler!
llvm-svn: 117184
|
| |
|
|
|
|
|
|
|
| |
(including live variables analysis).
We shouldn't recurse into CompoundStmts since they are already inlined in the CFG. This could result in
bogus dead stores warnings (among other things).
llvm-svn: 117162
|
| |
|
|
|
|
|
|
|
| |
that it is
nil. Otherwise we can get false paths where a second @synchronized using the mutex
can have a bogus warning. Fixes <rdar://problem/8578650>.
llvm-svn: 117016
|
| |
|
|
|
|
|
|
|
|
| |
unrolling enough loops to show that an invariant
doesn't hold. This fix is to increase the loop unrolling count to 4, which experiments show doesn't typically impact
analysis time. The real fix is to modify the IdempotentOperationsChecker to suppress warnings where an analysis point
could be preceded by a point where we gave up due to loop unrolling.
llvm-svn: 116769
|
| |
|
|
|
|
|
|
| |
object is not referenced later in the path,
not that it isn't referenced later in the code. Fixes <rdar://problem/8527839>.
llvm-svn: 116636
|
| |
|
|
|
|
| |
Lei Zhang.
llvm-svn: 116163
|
| |
|
|
|
|
|
|
|
|
| |
- Fixed some iterator style issues
- Don't process blocks that have been visited already
- Fixed a case where a unreachable block cycle was not reported
- Minor test case changes
- Added one test case from flow-sensitive version of the check. More coming.
llvm-svn: 115861
|
