81fb50e8b120fc95dc0245b4112972d4d7cca3b5 |
|
10-Sep-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] For now, don't inline C++ standard library functions. This is a (heavy-handed) solution to PR13724 -- until we know we can do a good job inlining the STL, it's best to be consistent and not generate more false positives than we did before. We can selectively whitelist certain parts of the 'std' namespace that are known to be safe. This is controlled by analyzer config option 'c++-stdlib-inlining', which can be set to "true" or "false". This commit also adds control for whether or not to inline any templated functions (member or non-member), under the config option 'c++-template-inlining'. This option is currently on by default. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163548 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
9eb214a691663a04ee61197e7d605128c85e09f7 |
|
01-Sep-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Silence unused variable warnings in NDEBUG builds. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163073 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
de5277fc555551857602bd7a7e5e616274e2d4a6 |
|
31-Aug-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Though C++ inlining is enabled, don't inline ctors and dtors. More generally, this adds a new configuration option 'c++-inlining', which controls which C++ member functions can be considered for inlining. This uses the new -analyzer-config table, so the cc1 arguments will look like this: ... -analyzer-config c++-inlining=[none|methods|constructors|destructors] Note that each mode implies that all the previous member function kinds will be inlined as well; it doesn't make sense to inline destructors without inlining constructors, for example. The default mode is 'methods'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163004 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
fbcb3f11fc90e9f00e6074e9b118b8dc11ca604c |
|
31-Aug-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Refactor the logic that determines if a functions should be reanalyzed. The policy on what to reanalyze should be in AnalysisConsumer with the rest of visitation order logic. There is no reason why ExprEngine needs to pass the Visited set to CoreEngine, it can populate it itself. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162957 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
255d4d4226b24036ceb11228fbb74286e58620f7 |
|
30-Aug-2012 |
Ted Kremenek <kremenek@apple.com> |
Store const& to AnalyzerOptions in AnalysisManager instead of copying individual flags. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162929 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
632e5022f68fcae3b68bbc90538a60f3ba20229f |
|
28-Aug-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] When we look for the last stmt in a function, skip implicit dtors. When exiting a function, the analyzer looks for the last statement in the function to see if it's a return statement (and thus bind the return value). However, the search for "the last statement" was accepting statements that were in implicitly-generated inlined functions (i.e. destructors). So we'd go and get the statement from the destructor, and then say "oh look, this function had no explicit return...guess there's no return value". And /that/ led to the value being returned being declared dead, and all our leak checkers complaining. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162791 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
65e209ad795aeb3908760a45b1cbda0748cc0658 |
|
28-Aug-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Don't purge dead symbols at the end of calls if -analyzer-purge=none. No test case since this is a debug option that we will never turn on by default since it makes the leak checkers much less useful. (We'll only report leaks at the end of analysis if -analyzer-purge=none.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162772 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
6fe4dfbc9e5a7018763b1d898876d9b2b8ec3425 |
|
27-Aug-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Don't inline constructors for objects allocated with operator new. Because the CXXNewExpr appears after the CXXConstructExpr in the CFG, we don't actually have the correct region to construct into at the time we decide whether or not to inline. The long-term fix (discussed in PR12014) might be to introduce a new CFG node (CFGAllocator) that appears before the constructor. Tracking the short-term fix in <rdar://problem/12180598>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162689 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
210f5a28227c90d739298e3e6729e827858fe397 |
|
27-Aug-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] More internal stats collection. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162687 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
c210cb7a358d14cdd93b58562f33ff5ed2d895c1 |
|
27-Aug-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Inline constructors for any object with a trivial destructor. This allows us to better reason about status objects, like Clang's own llvm::Optional (when its contents are trivially destructible), which are often intended to be passed around by value. We still don't inline constructors for temporaries in the general case. <rdar://problem/11986434> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162681 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
66c486f275531df6362b3511fc3af6563561801b |
|
22-Aug-2012 |
Ted Kremenek <kremenek@apple.com> |
Rename 'currentX' to 'currX' throughout analyzer and libAnalysis. Also rename 'getCurrentBlockCounter()' to 'blockCount()'. This ripples a bunch of code simplifications; mostly aesthetic, but makes the code a bit tighter. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162349 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
3b1df8bb941a18c4a7256d7cfcbccb9de7e39995 |
|
22-Aug-2012 |
Ted Kremenek <kremenek@apple.com> |
Rename 'getConjuredSymbol*' to 'conjureSymbol*'. No need to have the "get", the word "conjure" is a verb too! Getting a conjured symbol is the same as conjuring one up. This shortening is largely cosmetic, but just this simple changed cleaned up a handful of lines, making them less verbose. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162348 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
12e2fb0db76ca2705ce5169e04d9cd52762fc685 |
|
22-Aug-2012 |
Matt Beaumont-Gay <matthewbg@google.com> |
Add an llvm_unreachable to pacify GCC's -Wreturn-type. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162325 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
c568e2f801a62e442cbbd823b71f70175715661f |
|
21-Aug-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Set the default IPA mode to 'basic-inlining', which excludes C++. Under -analyzer-ipa=basic-inlining, only C functions, blocks, and C++ static member functions are inlined -- essentially, the calls that behave like simple C function calls. This is essentially the behavior in Xcode 4.4. C++ support still has some rough edges, and we don't want users to be worried about them if they download and run their own checker. (In particular, the massive number of false positives for analyzing LLVM comes from inlining defensively-written code in contexts where more aggressive assumptions are implicitly made. This problem is not unique to C++, but it is exacerbated by the higher proportion of code that lives in header files in C++.) The eventual goal is to be comfortable enough with C++ support (and simple Objective-C support) to advance to -analyzer-ipa=inlining as the default behavior. See the IPA design notes for more details. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162318 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
da29ac527063fc9714547088bf841bfa30557bf0 |
|
15-Aug-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Even if we are not inlining a virtual call, still invalidate! Fixes a mistake introduced in r161916. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161987 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
4e79fdfe22db1c982e8fdf8397fee426a8c57821 |
|
15-Aug-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Correctly devirtualize virtual method calls in constructors. This is the other half of C++11 [class.cdtor]p4 (the destructor side was added in r161915). This also fixes an issue with post-call checks where the 'this' value was already being cleaned out of the state, thus being omitted from a reconstructed CXXConstructorCall. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161981 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
b763ede873c23c8651bd18eba0c62e929b496ba5 |
|
15-Aug-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Don't inline dynamic-dispatch methods unless -analyzer-ipa=dynamic. Previously we were checking -analyzer-ipa=dynamic-bifurcate only, and unconditionally inlining everything else that had an available definition, even under -analyzer-ipa=inlining (but not under -analyzer-ipa=none). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161916 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
645baeed6800f952e9ad1d5666e01080385531a2 |
|
14-Aug-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Reduce code duplication: make CXXDestructorCall a CXXInstanceCall. While there is now some duplication between SimpleCall and the CXXInstanceCall sub-hierarchy, this is much better than copy-and-pasting the devirtualization logic shared by both instance methods and destructors. An unfortunate side effect is that there is no longer a single CallEvent type that corresponds to "calls written as CallExprs". For the most part this is a good thing, but the checker callback eval::Call still takes a CallExpr rather than a CallEvent (since we're not sure if we want to allow checkers to evaluate other kinds of calls). A mistake here will be caught by a cast<> in CheckerManager::runCheckersForEvalCall. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161809 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
6960f6e53b0d9a69a460c99ec199470271ff9603 |
|
09-Aug-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Clarify the values in Dyn. Dispatch Bifurcation map. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161616 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
5960f4aeac9760198c80e05d70d8dadb1db0ff0e |
|
09-Aug-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Improve readability of the dyn. dispatch bifurcation patch r161552. As per Jordan's feedback. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161603 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
fc05decf08feefd2ffe8cc250219aee6eab3119c |
|
09-Aug-2012 |
Anna Zaks <ganna@apple.com> |
Unbreak the build. Declaring "const Decl *Decl" is not a good idea. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161567 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
e90d3f847dcce76237078b67db8895eb7a24189e |
|
09-Aug-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Bifurcate the path with dynamic dispatch. This is an initial (unoptimized) version. We split the path when inlining ObjC instance methods. On one branch we always assume that the type information for the given memory region is precise. On the other we assume that we don't have the exact type info. It is important to check since the class could be subclassed and the method can be overridden. If we always inline we can loose coverage. Had to refactor some of the call eval functions. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161552 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
2f9c40a915593849f6b0f5c4de516e2f597d0d66 |
|
31-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Control C++ inlining with a macro in ExprEngineCallAndReturn.cpp. For now this will stay on, but this way it's easy to switch off if we need to pull back our support for a while. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161064 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
ef15831780b705475e7b237ac16418e9b53cb7a6 |
|
31-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Let CallEvent decide what goes in an inital stack frame. This removes explicit checks for 'this' and 'self' from Store::enterStackFrame. It also removes getCXXThisRegion() as a virtual method on all CallEvents; it's now only implemented in the parts of the hierarchy where it is relevant. Finally, it removes the option to ask for the ParmVarDecls attached to the definition of an inlined function, saving a recomputation of the result of getRuntimeDefinition(). No visible functionality change! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161017 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
57c033621dacd8720ac9ff65a09025f14f70e22f |
|
31-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Perform post-call checks for all inlined calls. Previously, we were only checking the origin expressions of inlined calls. Checkers using the generic postCall and older postObjCMessage callbacks were ignored. Now that we have CallEventManager, it is much easier to create a CallEvent generically when exiting an inlined function, which we can then use for post-call checks. No test case because we don't (yet) have any checkers that depend on this behavior (which is why it hadn't been fixed before now). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161005 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
e13056a8bb532ddfdc07952a13169aa422bacd3b |
|
30-Jul-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Add -analyzer-ipa=dynamic option for inlining dynamically dispatched methods. Disabled by default for now. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160988 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
d563d3fb73879df7147b8a5302c3bf0e1402ba18 |
|
30-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Only allow CallEvents to be created by CallEventManager. This ensures that it is valid to reference-count any CallEvents, and we won't accidentally try to reclaim a CallEvent that lives on the stack. It also hides an ugly switch statement for handling CallExprs! There should be no functionality change here. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160986 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
979f098cfa808cc9236b39658cc3757a39dfa459 |
|
27-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Use a stack-based local AGAIN to fix the build for real. It's a good thing CallEvents aren't created all over the place yet. I checked all the uses this time and the private copy constructor /really/ shouldn't cause any more problems. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160845 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
f540c54701e3eeb34cb619a3a4eb18f1ac70ef2d |
|
26-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Rename Calls.{h,cpp} to CallEvent.{h,cpp}. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160815 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
e460c46c5d602f65354cab0879c458890273591c |
|
26-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Don't crash on array constructors and destructors. This workaround is fairly lame: we simulate the first element's constructor and destructor and rely on the region invalidation to "initialize" the rest of the elements. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160809 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
3a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861e |
|
26-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Handle C++ member initializers and destructors. This uses CFG to tell if a constructor call is for a member, and uses the member's region appropriately. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160808 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
888c90ac0ef6baf7d47e86cf5cc4715707d223b1 |
|
26-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Handle base class initializers and destructors. Most of the logic here is fairly simple; the interesting thing is that we now distinguish complete constructors from base or delegate constructors. We also make sure to cast to the base class before evaluating a constructor or destructor, since non-virtual base classes may behave differently. This includes some refactoring of VisitCXXConstructExpr and VisitCXXDestructor in order to keep ExprEngine.cpp as clean as possible (leaving the details for ExprEngineCXX.cpp). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160806 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
183ba8e19d49ab1ae25d3cdd0a19591369c5ab9f |
|
26-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Show paths for destructor calls. This modifies BugReporter and friends to handle CallEnter and CallExitEnd program points that came from implicit call CFG nodes (read: destructors). This required some extra handling for nested implicit calls. For example, the added multiple-inheritance test case has a call graph that looks like this: testMultipleInheritance3 ~MultipleInheritance ~SmartPointer ~Subclass ~SmartPointer ***bug here*** In this case we correctly notice that we started in an inlined function when we reach the CallEnter program point for the second ~SmartPointer. However, when we reach the next CallEnter (for ~Subclass), we were accidentally re-using the inner ~SmartPointer call in the diagnostics. Rather than guess if we saw the corresponding CallExitEnd based on the contents of the active path, we now just ask the PathDiagnostic if there's any known stack before popping off the top path. (A similar issue could have occured without multiple inheritance, but there wasn't a test case for it.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160804 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
da5fc53d6b024872c4c1d2c8c5da11e08bf116aa |
|
26-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Inline ctors + dtors when the CFG is built for them. At the very least this means initializer nodes for constructors and automatic object destructors are present in the CFG. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160803 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
9dc5167e4017ef4c8b327abb6f72225eec2e0f19 |
|
26-Jul-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Inline ObjC class methods. - Some cleanup(the TODOs) will be done after ObjC method inlining is complete. - Simplified CallEvent::getDefinition not to require ISDynamicDispatch parameter. - Also addressed Jordan's comments from r160530. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160768 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
e81ce256b62717dd846bd19aecc4115a0dcd4995 |
|
20-Jul-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Refactor VisitObjCMessage and VisitCallExpr to rely on the same implementation for call evaluation. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160530 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
8919e688dc610d1f632a4d43f7f1489f67255476 |
|
18-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Combine all ObjC message CallEvents into ObjCMethodCall. As pointed out by Anna, we only differentiate between explicit message sends This also adds support for ObjCSubscriptExprs, which are basically the same as properties in many ways. We were already checking these, but not emitting nice messages for them. This depends on the llvm::PointerIntPair change in r160456. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160461 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
c36b30c92c78b95fd29fb5d9d6214d737b3bcb02 |
|
12-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Don't inline virtual calls unless we can devirtualize properly. Previously we were using the static type of the base object to inline methods, whether virtual or non-virtual. Now, we try to see if the base object has a known type, and if so ask for its implementation of the method. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160094 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
48b6247804eacc262cc5508e0fbb74ed819fbb6e |
|
11-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Construct stack variables directly in their VarDecl. Also contains a number of tweaks to inlining that are necessary for constructors and destructors. (I have this enabled on a private branch, but it is very much unstable.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160023 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
e54cfc7b9990acffd0a8a4ba381717b4bb9f3011 |
|
11-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Use CallEvent for building inlined stack frames. In order to accomplish this, we now build the callee's stack frame as part of the CallEnter node, rather than the subsequent BlockEdge node. This should not have any effect on perceived behavior or diagnostics. This makes it safe to re-enable inlining of member overloaded operators. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160022 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
852aa0d2c5d2d1faf2d77b5aa3c0848068a342c5 |
|
11-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Make CallEnter, CallExitBegin, and CallExitEnd not be StmtPoints These ProgramPoints are used in inlining calls, and not all calls have associated statements anymore. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160021 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
8d276d38c258dfc572586daf6c0e8f8fce249c0e |
|
11-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Add a CXXDestructorCall CallEvent. While this work is still fairly tentative (destructors are still left out of the CFG by default), we now handle destructors in the same way as any other calls, instead of just automatically trying to inline them. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160020 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
28038f33aa2db4833881fea757a1f0daf85ac02b |
|
11-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Add new PreImplicitCall and PostImplicitCall ProgramPoints. These are currently unused, but are intended to be used in lieu of PreStmt and PostStmt when the call is implicit (e.g. an automatic object destructor). This also modifies the Data1 field of ProgramPoints to allow storing any pointer-sized value, as opposed to only aligned pointers. This is necessary to store SourceLocations. There is currently no BugReporter support for these; they should be skipped over in any diagnostic output. This commit also tags checkers that currently rely on function calls only occurring at StmtPoints. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160019 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
ee158bc29bc12ce544996f7cdfde14aba63acf4d |
|
09-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] When inlining, make sure we use the definition decl. This was a regression introduced during the CallEvent changes; a call to FunctionDecl::hasBody was also being used to replace the decl found by lookup with the actual definition. To keep from making this mistake again (particularly if/when we start inlining Objective-C methods), this commit adds a "getDefinition()" method to CallEvent, which should do the right thing under any circumstances. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159940 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
fdaa33818cf9bad8d092136e73bd2e489cb821ba |
|
04-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] For now, don't inline non-static member overloaded operators. Our current inlining support (specifically RegionStore::enterStackFrame) doesn't know that calls to overloaded operators may be calls to non-static member functions, and that in these cases the first argument should be treated as 'this'. This caused incorrect results and sometimes crashes. The long-term fix will be to rewrite RegionStore::enterStackFrame to use CallEvent and its subclasses, but for now we can just disable these problematic calls by classifying them under a new CallEvent, CXXMemberOperatorCall. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159692 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
70cbf3cc09eb21db1108396d30a414ea66d842cc |
|
03-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Introduce CXXAllocatorCall to handle placement arg invalidation. This is NOT full-blown support for operator new, but removes some nasty duplicated code introduced in r158784. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159608 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
d4aeb8050a1d0fe47c53a73361c8b0b8ac310f46 |
|
02-Jul-2012 |
Ted Kremenek <kremenek@apple.com> |
Bail out the LiveVariables analysis when the CFG is very large, as we are encountering some scalability issues with memory usage. The appropriate long term fix is to make the analysis more scalable, but this will at least prevent the analyzer swapping when analyzing very large functions. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159578 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
96479da6ad9d921d875e7be29fe1bfa127be8069 |
|
02-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Add generic preCall and postCall checks. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159562 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
69f87c956b3ac2b80124fd9604af012e1061473a |
|
02-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Use CallEvent for inlining and call default-evaluation. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159560 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
740d490593e0de8732a697c9f77b90ddd463863b |
|
02-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Add a new abstraction over all types of calls: CallEvent This is intended to replace CallOrObjCMessage, and is eventually intended to be used for anything that cares more about /what/ is being called than /how/ it's being called. For example, inlining destructors should be the same as inlining blocks, and checking __attribute__((nonnull)) should apply to the allocator calls generated by operator new. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159554 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
10f77ad7fc5e5cf3f37a9b14ff5843468b8b84d2 |
|
23-Jun-2012 |
Ted Kremenek <kremenek@apple.com> |
Implement initial static analysis inlining support for C++ methods. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159047 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
144e52be486a3906aec90c51b0ac94a30313152e |
|
02-Jun-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Fix lack of coverage after empty inlined function. We should not stop exploring the path after we return from an empty function. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@157859 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
7fa9b4f258636d89342eda28f21a986c8ac353b1 |
|
01-Jun-2012 |
Ted Kremenek <kremenek@apple.com> |
static analyzer: add inlining support for directly called blocks. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@157833 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
591b5f53c0e11d87401b4804bb1be1a53f95c619 |
|
19-May-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] For locations, use isGLValue() instead of isLValue(). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@157088 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
aca0ac58d2ae80d764e3832456667d7322445e0c |
|
04-May-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Allow pointers escape through calls containing callback args. (Since we don't have a generic pointer escape callback, modify ExprEngineCallAndReturn as well as the malloc checker.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156134 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
0b3ade86a1c60cf0c7b56aa238aff458eb7f5974 |
|
20-Apr-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Run remove dead bindings right before leaving a function. This is needed to ensure that we always report issues in the correct function. For example, leaks are identified when we call remove dead bindings. In order to make sure we report a callee's leak in the callee, we have to run the operation in the callee's context. This change required quite a bit of infrastructure work since: - We used to only run remove dead bindings before a given statement; here we need to run it after the last statement in the function. For this, we added additional Program Point and special mode in the SymbolReaper to remove all symbols in context lower than the current one. - The call exit operation turned into a sequence of nodes, which are now guarded by CallExitBegin and CallExitEnd nodes for clarity and convenience. (Sorry for the long diff.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@155244 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
01561d1039bfdda61edd20eed939011a8632c7c7 |
|
17-Apr-2012 |
Ted Kremenek <kremenek@apple.com> |
Change ExprEngine::shouldInlineDecl() to be defensive in checking if the CFG of the callee is valid. Fixes <rdar://problem/11257631>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@154896 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
e62f048960645b79363408fdead53fec2a063c52 |
|
03-Apr-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Record the basic blocks covered by the analyzes run. Store this info inside the function summary generated for all analyzed functions. This is useful for coverage stats and can be helpful for analyzer state space search strategies. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153923 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
d9b795524eb3dc035523f82f135d0a8adf15cd72 |
|
02-Apr-2012 |
Ted Kremenek <kremenek@apple.com> |
Fix potential null dereference in the static analyzer when inlining a call that has already been inlined. Unfortunately I have no test case. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153900 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
4a5f724538cbc275370c9504e8169ce92503256c |
|
01-Apr-2012 |
Benjamin Kramer <benny.kra@googlemail.com> |
Analyzer: Store BugReports directly in a ilist instead of adding another layer of inderection with std::list git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153847 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
62a5c34ddc54696725683f6c5af1c8e1592c5c38 |
|
30-Mar-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer]Malloc,RetainRelease: Allow pointer to escape via NSMapInsert. Fixes a false positive (radar://11152419). The current solution of adding the info into 3 places is quite ugly. Pending a generic pointer escapes callback. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153731 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
3bbd8cd831788c506f2980293eb3c7e1b3ca2501 |
|
30-Mar-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Do not inline functions which previously reached max block count. This is an optimization for "retry without inlining" option. Here, if we failed to inline a function due to reaching the basic block max count, we are going to store this information and not try to inline it again in the translation unit. This can be viewed as a function summary. On sqlite, with this optimization, we are 30% faster then before and cover 10% more basic blocks (partially because the number of times we reach timeout is decreased by 20%). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153730 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
5903a373db3d27794c90b25687e0dd6adb0e497d |
|
27-Mar-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Add an option to re-analyze a dead-end path without inlining. The analyzer gives up path exploration under certain conditions. For example, when the same basic block has been visited more than 4 times. With inlining turned on, this could lead to decrease in code coverage. Specifically, if we give up inside the inlined function, the rest of parent's basic blocks will not get analyzed. This commit introduces an option to enable re-run along the failed path, in which we do not inline the last inlined call site. This is done by enqueueing the node before the processing of the inlined call site with a special policy encoded in the state. The policy tells us not to inline the call site along the path. This lead to ~10% increase in the number of paths analyzed. Even though we expected a much greater coverage improvement. The option is turned off by default for now. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153534 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
514f2c9dcb9e04b52929c5b141a6fe88bd68b33f |
|
23-Mar-2012 |
Ted Kremenek <kremenek@apple.com> |
Avoid applying retain/release effects twice in RetainCountChecker when a function call was inlined (i.e., we do not need to apply summaries in such cases). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153309 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
6cc0969ab37c614d6cf496f2ed6d2fca397a0133 |
|
13-Mar-2012 |
Anna Zaks <ganna@apple.com> |
[analyser] Refactor shouldInline logic into a helper. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152677 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
8235f9c9c8b3d1737d1c6bd57f7ba3f616b92392 |
|
02-Mar-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Bound the size of the functions being inlined + provide command line options for inlining tuning. This adds the option for stack depth bound as well as function size bound. + minor doxygenification git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151930 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
b2c60b04a597cc5ba4154837cf8e0a155a376fd7 |
|
01-Mar-2012 |
Argyrios Kyrtzidis <akyrtzi@gmail.com> |
Move llvm/ADT/SaveAndRestore.h -> llvm/Support/SaveAndRestore.h. Needs llvm update. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151829 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
ca23eb212c78ac5bc62d0881635579dbe7095639 |
|
29-Feb-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Malloc: A pointer might escape through CFContainers APIs, funopen, setvbuf. Teach the checker and the engine about these APIs to resolve malloc false positives. As I am adding more of these APIs, it is clear that all this should be factored out into a separate callback (for example, region escapes). Malloc, KeyChainAPI and RetainRelease checkers could all use it. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151737 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
07d39a479cf8f20294407e749f9933da34ebecb7 |
|
28-Feb-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Fix Malloc False Positive (PR 12100) When allocated buffer is passed to CF/NS..NoCopy functions, the ownership is transfered unless the deallocator argument is set to 'kCFAllocatorNull'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151608 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
d45d361f2ce5c37824052357e2218e8a5509eba5 |
|
27-Feb-2012 |
Argyrios Kyrtzidis <akyrtzi@gmail.com> |
Move "clang/Analysis/Support/SaveAndRestore.h" to "llvm/ADT/SaveAndRestore.h" to make it more widely available. Depends on llvm commit r151564 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151566 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
e55b03a6e44b99c1cd77b8ea5e4d836c28948904 |
|
24-Feb-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] We were silently stopping exploring the path after visiting 'return;' statement! This most likely caused us to skip a bunch of code when analyzing with inlining. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151368 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
0d389b819c33bdf0375694a8f141c8f02e002b18 |
|
23-Feb-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Invalidate the region passed to pthread_setspecific() call. Make this call an exception in ExprEngine::invalidateArguments: 'int pthread_setspecific(ptheread_key k, const void *)' stores a value into thread local storage. The value can later be retrieved with 'void *ptheread_getspecific(pthread_key)'. So even thought the parameter is 'const void *', the region escapes through the call. (Here we just blacklist the call in the ExprEngine's default logic. Another option would be to add a checker which evaluates the call and triggers the call to invalidate regions.) Teach the Malloc Checker, which treats all system calls as safe about the API. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151220 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
3133f79cf451e6302dd05262b4bb53a3e4fd6300 |
|
18-Feb-2012 |
Ted Kremenek <kremenek@apple.com> |
Have conjured symbols depend on LocationContext, to add context sensitivity for functions called more than once. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150849 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
10520d76044e8fff71d414f30c21b449fd104960 |
|
09-Feb-2012 |
Ted Kremenek <kremenek@apple.com> |
[analyzer] Proactively avoid inlining vararg functions and blocks until we properly support them. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150207 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
8bef8238181a30e52dea380789a7e2d760eac532 |
|
26-Jan-2012 |
Ted Kremenek <kremenek@apple.com> |
Change references to 'const ProgramState *' to typedef 'ProgramStateRef'. At this point this is largely cosmetic, but it opens the door to replace ProgramStateRef with a smart pointer that more eagerly acts in the role of reclaiming unused ProgramState objects. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149081 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
0849ade4bb3e90c2fc0ce01ccd330f76f91da732 |
|
12-Jan-2012 |
Ted Kremenek <kremenek@apple.com> |
[analyzer] fix inlining's handling of mapping actual to formal arguments and limit the call stack depth. The analyzer can now accurately simulate factorial for limited depths. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148036 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
256ef642f8feef22fd53be7efa868e8e34752eed |
|
11-Jan-2012 |
Ted Kremenek <kremenek@apple.com> |
Remove '#if 0' from ExprEngine::InlineCall(), and start fresh by wiring up inlining for straight C calls. My hope is to reimplement this from first principles based on the simplifications of removing unneeded node builders and re-evaluating how C++ calls are handled in the CFG. The hope is to turn inlining "on-by-default" as soon as possible with a core set of things working well, and then expand over time. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147904 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
3070e13dca5bbefa32acb80ce4a7b217a6220983 |
|
07-Jan-2012 |
Ted Kremenek <kremenek@apple.com> |
[analyzer] Remove CallEnterNodeBuilder and simplify ExprEngine::processCallEnter(). This removes analysis of other translation units, but that was an experimental feature anyway that we will revisit later. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147705 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
242384ddb0e0b65dd7e9e0ac0cf3c31cf98b06a6 |
|
07-Jan-2012 |
Ted Kremenek <kremenek@apple.com> |
Correctly enqueue successors in ExprEngine::processCallExit(). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147698 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
894212e9510299abb203801e014fec76b7926a05 |
|
07-Jan-2012 |
Ted Kremenek <kremenek@apple.com> |
[analyzer] Remove CallExitNodeBuilder, and have ExprEngine::processCallExit() do the work manually. This is a nice simplification. Along the way, fix Exprengine::processCallExit() to also perform the postStmt callback for checkers for CallExprs. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147697 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
5eca482fe895ea57bc82410222e6426c09e63284 |
|
06-Jan-2012 |
Ted Kremenek <kremenek@apple.com> |
[analyzer] Make the entries in 'Environment' context-sensitive by making entries map from (Stmt*,LocationContext*) pairs to SVals instead of Stmt* to SVals. This is needed to support basic IPA via inlining. Without this, we cannot tell if a Stmt* binding is part of the current analysis scope (StackFrameContext) or part of a parent context. This change introduces an uglification of the use of getSVal(), and thus takes two steps forward and one step back. There are also potential performance implications of enlarging the Environment. Both can be addressed going forward by refactoring the APIs and optimizing the internal representation of Environment. This patch mainly introduces the functionality upon when we want to build upon (and clean up). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147688 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
eb31a76d1cdaaf8874c549dc6bd964ff270d3822 |
|
05-Jan-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Be less pessimistic about invalidation of global variables as a result of a call. Problem: Global variables, which come in from system libraries should not be invalidated by all calls. Also, non-system globals should not be invalidated by system calls. Solution: The following solution to invalidation of globals seems flexible enough for taint (does not invalidate stdin) and should not lead to too many false positives. We split globals into 3 classes: * immutable - values are preserved by calls (unless the specific global is passed in as a parameter): A : Most system globals and const scalars * invalidated by functions defined in system headers: B: errno * invalidated by all other functions (note, these functions may in turn contain system calls): B: errno C: all other globals (which are not in A nor B) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147569 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
2cbe791d3e9b26f30196c4852da75d9ad67b4ad9 |
|
20-Dec-2011 |
Anna Zaks <ganna@apple.com> |
[analyzer] Do not invalidate arguments when the parameter's type is a pointer to const. (radar://10595327) The regions corresponding to the pointer and reference arguments to a function get invalidated by the calls since a function call can possibly modify the pointed to data. With this change, we are not going to invalidate the data if the argument is a pointer to const. This change makes the analyzer more optimistic in reporting errors. (Support for C, C++ and Obj C) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147002 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
2e9264a17bacc7dc228d5f93caaeb98dfb23d508 |
|
25-Oct-2011 |
Anna Zaks <ganna@apple.com> |
[analyzer] Remove unused headers. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142945 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
aa0aeb1cbe117db68d35700cb3a34aace0f99b99 |
|
24-Oct-2011 |
Anna Zaks <ganna@apple.com> |
[analyzer] Node builders cleanup + comments Renamed PureNodeBuilder->StmtNodeBuilder. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142849 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
056c4b46335a3bd2612414735d5749ee159c0165 |
|
24-Oct-2011 |
Anna Zaks <ganna@apple.com> |
[analyzer] Completely remove the global Builder object. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142847 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
ebae6d0209e1ec3d5ea14f9e63bd0d740218ed14 |
|
24-Oct-2011 |
Anna Zaks <ganna@apple.com> |
[analyzer] Convert ExprEngine::visit() to use short lived builders. This commit removes the major functional dependency on the ExprEngine::Builder member variable. In some cases the code became more verbose. Particularly, we call takeNodes() and addNodes() to move responsibility for the nodes from one builder to another. This will get simplified later on. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142831 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
fe27971d54d26997149d6b84057f04ff398d1d5d |
|
28-Aug-2011 |
Jordy Rose <jediknil@belkadan.com> |
[analyzer] Eliminate almost all uses of TransferFuncs from ExprEngine. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138719 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
e38dd95dddb8f1b38469c8d0e28aa1c660489324 |
|
28-Aug-2011 |
Jordy Rose <jediknil@belkadan.com> |
[analyzer] Migrate argument invalidation from CFRefCount to ExprEngine. This is a common path for function and C++ method calls, Objective-C messages and property accesses, and C++ construct-exprs. As support, add message receiver accessors to ObjCMessage and CallOrObjCMessage. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138718 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
500abad7edfcc2409b18dd616cdbc28a094926f5 |
|
21-Aug-2011 |
Jordy Rose <jediknil@belkadan.com> |
[analyzer] Migrate return value handling from CFRefCount to ExprEngine. This seems to result in a minor performance hit, but I think that will go away again once we eliminate TransferFuncs from function calls entirely. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138220 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|
294fd0a62b95f512637910bf85c7efa6c2354b50 |
|
20-Aug-2011 |
Ted Kremenek <kremenek@apple.com> |
Start partitioning ExprEngine.cpp into separate .cpp files that handle different parts of the analysis (e.g., analysis of C expressions, analysis of Objective-C expressions, and so on). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138194 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
|