summaryrefslogtreecommitdiffstats
path: root/clang/test/Analysis
Commit message (Collapse)AuthorAgeFilesLines
* Revert r114316, -Wunused-value enabled by default was intended.Argyrios Kyrtzidis2010-09-192-4/+4
| | | | llvm-svn: 114318
* Make -Wunused-value off by default, matching GCC. Fixes rdar://7126194.Argyrios Kyrtzidis2010-09-192-4/+4
| | | | llvm-svn: 114316
* Relax assertion in CFG builder when processing ForStmts. This fixes an ↵Ted Kremenek2010-09-151-0/+6
| | | | | | | | assertion failure on code containing GNU statement expressions reported in PR 8141. llvm-svn: 113953
* Disallow the use of UnknownVal as the index for ElementRegions. UnknownVals ↵Ted Kremenek2010-09-151-0/+30
| | | | | | | | | | | | | | | | | can be used as the index when the value evaluation isn't powerful enough. By creating ElementRegions with UnknownVals as the index, this gives the false impression that they are the same element, when they really aren't. This becomes really problematic when deriving symbols from these regions (e.g., those representing the initial value of the index), since two different indices will get the same symbol for their binding. This fixes an issue with the idempotent operations checker that would cause two indices that are clearly not the same to make it appear as if they always had the same value. Fixes <rdar://problem/8431728>. llvm-svn: 113920
* Don't divide-by-zero in RegionStoreManager::getSizeInElements() when getting ↵Ted Kremenek2010-09-141-0/+27
| | | | | | | | the size of a VLA. We don't track VLA extents yet, but we should at least not crash. Fixes <rdar://problem/8424269>. llvm-svn: 113888
* Fix CFGBuilder crash reported in PR 8141.Ted Kremenek2010-09-141-0/+14
| | | | llvm-svn: 113826
* Polish diagnostics for null dereferences via ObjC ivar accesses. Finishes ↵Ted Kremenek2010-09-101-0/+19
| | | | | | up <rdar://problem/6352035>. llvm-svn: 113612
* Implement: <rdar://problem/6351970> rule request: warn if @synchronized ↵Ted Kremenek2010-09-101-0/+15
| | | | | | mutex can be nil llvm-svn: 113573
* Added AnalyzerStatsChecker, a path sensitive check that reports visitation ↵Tom Care2010-09-101-0/+14
| | | | | | statistics about analysis. Running clang with the -analyzer-stats flag will emit warnings containing the information. We can then run a postanalysis script to take this data and give useful information about how much the analyzer missed in a project. llvm-svn: 113568
* Clean up obtuse wording of checker diagnostic of using an uninitialized ↵Ted Kremenek2010-09-096-9/+9
| | | | | | | value in a function call. Fixes: <rdar://problem/8409480> “warning: Pass-by-value argument in function call is undefined” message can be improved llvm-svn: 113554
* Use FindReportInEquivalenceClass to identify all the nodes used for the ↵Ted Kremenek2010-09-091-1/+259
| | | | | | | | | | trimmed graph (in BugReporter). This fixes a problem where a leak that happened to occur on both an exit() path and a non-exit() path was getting reported with the exit() path (which users don't care about). This fixes: <rdar://problem/8331641> leak reports should not show paths that end with exit() (but ones that don't end with exit()) llvm-svn: 113524
* Rename GRState::getSVal() -> getRawSVal() and getSimplifiedSVal() -> getSVal().Ted Kremenek2010-09-094-5/+764
| | | | | | | | | | | | | | | | | The end result is now we eagarly constant-fold symbols in the analyzer that are perfectly constrained to be a constant value. This allows us to recover some path-sensitivity in some cases by lowering the required level of reasoning power needed to evaluate some expressions. The net win from this change is that the false positive in PR 8015 is fixed, and we also find more idempotent operations bugs. We do, however, regress with the BugReporterVisitors, which need to be modified to understand this constant folding (and look past it). This causes some diagnostic regressions in plist-output.m which will get addressed in a future patch. plist-output.m is now marked XFAIL, while plist-output-alternate.m now tests that the plist output is working, but with the suboptimal diagnostics. This second test file will eventually be removed. llvm-svn: 113477
* Include test case for <rdar://problem/5880430>.Ted Kremenek2010-09-091-0/+27
| | | | llvm-svn: 113458
* Put the tautological-comparison-of-unsigned-against-zero warnings inJohn McCall2010-09-082-3/+3
| | | | | | | | | -Wtautological-compare instead of -Wsign-compare, which also implies turning them on by default. Restoration of r112877. llvm-svn: 113334
* tests: Use -ffreestanding when including stdint.h, to avoid platform ↵Daniel Dunbar2010-09-071-4/+4
| | | | | | dependencies. llvm-svn: 113301
* Fix null pointer dereference in StreamChecker::Fseek (reported in PR 8081) ↵Ted Kremenek2010-09-071-0/+6
| | | | | | and simplify surrounding checking logic. llvm-svn: 113282
* Re-enabled truncation/extension checking in IdempotentOperationChecker and ↵Tom Care2010-09-071-0/+7
| | | | | | added a test case. llvm-svn: 113269
* make clang print types as "const int *" instead of "int const*",Chris Lattner2010-09-053-3/+3
| | | | | | | which is should have done from the beginning. As usual, the most fun with this sort of change is updating all the testcases. llvm-svn: 113090
* Get rid of the "functions declared 'noreturn' should have a 'void' result ↵Anders Carlsson2010-09-031-1/+1
| | | | | | | | | type" warning. The rationale behind this is that it is normal for callback functions to have a non-void return type and it should still be possible to mark them noreturn. (JavaScriptCore is a good example of this). llvm-svn: 112918
* sabre points out that the timing here is pretty pessimal; I'll retry theJohn McCall2010-09-022-3/+3
| | | | | | experiment in a few days. llvm-svn: 112882
* Experimentally move the tautological comparison warnings from -Wsign-compareJohn McCall2010-09-022-3/+3
| | | | | | | to -Wtautological-compare. This implies that they're now on by default. If this causes chaos, I'll figure something else out. llvm-svn: 112877
* Tweak test case. 'int' would introduce out-of-bound issues. We focus on arrayZhongxing Xu2010-09-021-1/+1
| | | | | | index constraints in this case. llvm-svn: 112794
* For GRExprEngine::EvalBind() (and called visitors), unifiy StoreE and ↵Ted Kremenek2010-09-021-1/+1
| | | | | | AssignE. Now StoreE (const Stmt*) represents the expression where the store took place, which is the assignment expression if it takes place in an assignment. This removes some conceptual dissidence as well as removes an extra parameter from the Checker::PreVisitBind() visitor. It also improves ranges and source location information in analyzer diagnostics. llvm-svn: 112789
* Add yet another test case for PR 8015, showing how reasoning over symbolic ↵Ted Kremenek2010-09-011-0/+15
| | | | | | indices should exactly resolve over multiple index possibilities (and thus suppress the false positive in the test). llvm-svn: 112770
* Add another test case for PR 8015, here with the array index being within a ↵Ted Kremenek2010-09-011-0/+9
| | | | | | valid range and not just a single constant. llvm-svn: 112769
* Partial fix for PR 8015 (fix is actually by Jordy Rose, and I added a test ↵Ted Kremenek2010-09-011-0/+26
| | | | | | case for follow-on work). This patch adds a bandaid for RegionStore's limited reasoning about symbolic array values. llvm-svn: 112766
* Don't assert in the analyzer when analyze code does a byte load from a ↵Ted Kremenek2010-09-011-0/+24
| | | | | | function's address. Fixes PR 8052. llvm-svn: 112761
* Don't assert in CastSizeChecker when the casted-to pointee is an incomplete ↵Ted Kremenek2010-09-011-0/+12
| | | | | | type. Fixes PR 8050. llvm-svn: 112738
* Explicitly handle CXXOperatorCallExpr when building CFGs. We should treat ↵Ted Kremenek2010-08-311-0/+11
| | | | | | | it the same as CallExprs. Fixes: <rdar://problem/8375510> [Boost] CFGBuilder crash in Boost.Graph llvm-svn: 112618
* Revert my lame attempt at appeasing the CFGBuilderDouglas Gregor2010-08-311-13/+0
| | | | llvm-svn: 112580
* Teach the CFGBuilder not do die on CXXBindTemporaryExpr, ↵Douglas Gregor2010-08-311-0/+13
| | | | | | CXXOperatorCallExpr. Fixes a Boost.Graph crasher. llvm-svn: 112578
* Adjusted the semantics of assign checking in IdempotentOperationCheckerTom Care2010-08-304-3/+18
| | | | | | | | | | - Fixed a regression where assigning '0' would be reported - Changed the way self assignments are filtered to allow constant testing - Added a test case for assign ops - Fixed one test case where a function pointer was not considered constant - Fixed test cases relating to 0 assignment llvm-svn: 112501
* Added checking of (x == x) and (x != x) to IdempotentOperationChecker and ↵Tom Care2010-08-272-3/+3
| | | | | | updated test cases flagged by it. llvm-svn: 112313
* Enabled relaxed LiveVariables analysis in the path-sensitive engine to ↵Tom Care2010-08-276-36/+38
| | | | | | | | | | | increase the coverage of bugs. Primarily affects IdempotentOperationChecker. - Migrated a temporarily separated test back to its original file (bug has been fixed, null-deref-ps-temp.c -> null-deref-ps.c) - Changed SymbolManager to use relaxed LiveVariables - Updated several test cases that the IdempotentOperationChecker class now flags - Added test case to test relaxed LiveVariables use by the IdempotentOperationChecker llvm-svn: 112312
* Fix horrible GRExprEngine bug where switch statements with no 'case:' ↵Ted Kremenek2010-08-261-0/+11
| | | | | | statements would cause the path to get prematurely aborted. Fixes <rdar://problem/8360854>. llvm-svn: 112233
* Improved the handling of blocks and block variables in PseudoConstantAnalysisTom Care2010-08-251-6/+22
| | | | | | | | | | - Removed the assumption that __block vars are all non-constant - Simplified some repetitive code in RunAnalysis - Added block walking support - Code/comments cleanup - Separated out test for block pseudoconstants llvm-svn: 112098
* Improvements to IdempotentOperationChecker and its use of PseudoConstantAnalysisTom Care2010-08-245-7/+25
| | | | | | | | | | | | - Added wasReferenced function to PseudoConstantAnalysis to determine if a variable was ever referenced in a function (outside of a self-assignment) - BlockDeclRefExpr referenced variables are now explicitly added to the non-constant list - Remove unnecessary ignore of implicit casts - Generalized parameter self-assign detection to detect deliberate self-assigns of variables to avoid unused variable warnings - Updated test cases with deliberate self-assignments - Fixed bug with C++ references and pseudoconstants - Added test case for C++ references and pseudoconstants llvm-svn: 111965
* Modified pseudoconstant test case to make it a bit clearer and fix a missing ↵Tom Care2010-08-231-3/+5
| | | | | | line llvm-svn: 111833
* Several small changes to PseudoConstantAnalysis and the way ↵Tom Care2010-08-231-6/+32
| | | | | | | | | | | | IdempotentOperationChecker uses it. - Psuedo -> Pseudo (doh...) - C++ reference support - Added pseudoconstant test case for __block vars - Separated out static local checking from pseudoconstant analysis and generalized to non-local checking - Added missing test cases for storage false positives llvm-svn: 111832
* Handle nested compound values in BindArray for multidimensional arrays. ↵Jordy Rose2010-08-201-0/+22
| | | | | | Fixes PR7945. llvm-svn: 111602
* Add warning for functions/blocks that have attribute 'noreturn' but return a ↵Ted Kremenek2010-08-191-1/+1
| | | | | | non-void result. (<rdar://problem/7562925>) llvm-svn: 111492
* Added psuedo-constant analysis and integrated it into the false positive ↵Tom Care2010-08-183-8/+34
| | | | | | | | | | | | | reduction stage in IdempotentOperationChecker. - Renamed IdempotentOperationChecker::isConstant to isConstantOrPseudoConstant to better reflect the function - Changed IdempotentOperationChecker::PreVisitBinaryOperator to only run 'CanVary' once on undefined assumptions - Created new PsuedoConstantAnalysis class and added it to AnalysisContext - Changed IdempotentOperationChecker to exploit the new analysis - Updated tests with psuedo-constants - Added check to IdempotentOperationChecker to see if a Decl is const qualified llvm-svn: 111426
* Fix horrible CFG bug caused by a series of NullStmts appearing at the ↵Ted Kremenek2010-08-171-0/+24
| | | | | | | | beginning of a do...while loop. This would cause the body of the DoStmt to be disconnected from the preceding code. llvm-svn: 111283
* Added basic psuedoconstant checking in IdempotentOperationChecker and fixed ↵Tom Care2010-08-161-2/+4
| | | | | | some test cases. llvm-svn: 111190
* Model the effects of strcpy() and stpcpy() in CStringChecker. Other changes:Jordy Rose2010-08-162-9/+119
| | | | | | | | - Fix memcpy() and friends to actually invalidate the destination buffer. - Emit a different message for out-of-bounds buffer accesses if the buffer is being written to. - When conjuring symbols, let ValueManager figure out the type. llvm-svn: 111120
* - Allow making ElementRegions with complex offsets (expressions or symbols) ↵Jordy Rose2010-08-161-0/+16
| | | | | | | | | | for the purpose of bounds-checking. - Rewrite GRState::AssumeInBound to actually do that checking, and to use the normal constraint path. - Remove ConstraintManager::AssumeInBound. - Teach RegionStore and FlatStore to ignore those regions for now. llvm-svn: 111116
* Update CStringChecker to take advantage of the new metadata symbols and ↵Jordy Rose2010-08-141-6/+80
| | | | | | region change callback. Now does basic tracking of string length for general regions. Currently this is still only used for modeling strlen(). llvm-svn: 111081
* Add a test for alloca region extents.Jordy Rose2010-08-141-0/+8
| | | | llvm-svn: 111079
* Improved IdempotentOperationChecker false positives and false negatives.Tom Care2010-08-124-30/+54
| | | | | | | | | - Unfinished analysis may still report valid warnings if the path was completely analyzed - New 'CanVary' heuristic to recursively determine if a subexpression has a varying element - Updated test cases, including one known bug - Exposed GRCoreEngine through GRExprEngine llvm-svn: 110970
* Allow EvalBinOpNN to handle expressions of the form $a+$b if $b can be ↵Jordy Rose2010-08-091-0/+18
| | | | | | reduced to a constant. llvm-svn: 110592
OpenPOWER on IntegriCloud