Cross Reference: /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp

History log of /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
81fb50e8b120fc95dc0245b4112972d4d7cca3b5	10-Sep-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] For now, don't inline C++ standard library functions. This is a (heavy-handed) solution to PR13724 -- until we know we can do a good job inlining the STL, it's best to be consistent and not generate more false positives than we did before. We can selectively whitelist certain parts of the 'std' namespace that are known to be safe. This is controlled by analyzer config option 'c++-stdlib-inlining', which can be set to "true" or "false". This commit also adds control for whether or not to inline any templated functions (member or non-member), under the config option 'c++-template-inlining'. This option is currently on by default. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163548 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
9eb214a691663a04ee61197e7d605128c85e09f7	01-Sep-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Silence unused variable warnings in NDEBUG builds. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163073 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
de5277fc555551857602bd7a7e5e616274e2d4a6	31-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Though C++ inlining is enabled, don't inline ctors and dtors. More generally, this adds a new configuration option 'c++-inlining', which controls which C++ member functions can be considered for inlining. This uses the new -analyzer-config table, so the cc1 arguments will look like this: ... -analyzer-config c++-inlining=[none\|methods\|constructors\|destructors] Note that each mode implies that all the previous member function kinds will be inlined as well; it doesn't make sense to inline destructors without inlining constructors, for example. The default mode is 'methods'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163004 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
fbcb3f11fc90e9f00e6074e9b118b8dc11ca604c	31-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Refactor the logic that determines if a functions should be reanalyzed. The policy on what to reanalyze should be in AnalysisConsumer with the rest of visitation order logic. There is no reason why ExprEngine needs to pass the Visited set to CoreEngine, it can populate it itself. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162957 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
255d4d4226b24036ceb11228fbb74286e58620f7	30-Aug-2012	Ted Kremenek <kremenek@apple.com>	Store const& to AnalyzerOptions in AnalysisManager instead of copying individual flags. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162929 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
632e5022f68fcae3b68bbc90538a60f3ba20229f	28-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] When we look for the last stmt in a function, skip implicit dtors. When exiting a function, the analyzer looks for the last statement in the function to see if it's a return statement (and thus bind the return value). However, the search for "the last statement" was accepting statements that were in implicitly-generated inlined functions (i.e. destructors). So we'd go and get the statement from the destructor, and then say "oh look, this function had no explicit return...guess there's no return value". And /that/ led to the value being returned being declared dead, and all our leak checkers complaining. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162791 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
65e209ad795aeb3908760a45b1cbda0748cc0658	28-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Don't purge dead symbols at the end of calls if -analyzer-purge=none. No test case since this is a debug option that we will never turn on by default since it makes the leak checkers much less useful. (We'll only report leaks at the end of analysis if -analyzer-purge=none.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162772 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
6fe4dfbc9e5a7018763b1d898876d9b2b8ec3425	27-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Don't inline constructors for objects allocated with operator new. Because the CXXNewExpr appears after the CXXConstructExpr in the CFG, we don't actually have the correct region to construct into at the time we decide whether or not to inline. The long-term fix (discussed in PR12014) might be to introduce a new CFG node (CFGAllocator) that appears before the constructor. Tracking the short-term fix in <rdar://problem/12180598>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162689 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
210f5a28227c90d739298e3e6729e827858fe397	27-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] More internal stats collection. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162687 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
c210cb7a358d14cdd93b58562f33ff5ed2d895c1	27-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Inline constructors for any object with a trivial destructor. This allows us to better reason about status objects, like Clang's own llvm::Optional (when its contents are trivially destructible), which are often intended to be passed around by value. We still don't inline constructors for temporaries in the general case. <rdar://problem/11986434> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162681 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
66c486f275531df6362b3511fc3af6563561801b	22-Aug-2012	Ted Kremenek <kremenek@apple.com>	Rename 'currentX' to 'currX' throughout analyzer and libAnalysis. Also rename 'getCurrentBlockCounter()' to 'blockCount()'. This ripples a bunch of code simplifications; mostly aesthetic, but makes the code a bit tighter. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162349 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
3b1df8bb941a18c4a7256d7cfcbccb9de7e39995	22-Aug-2012	Ted Kremenek <kremenek@apple.com>	Rename 'getConjuredSymbol' to 'conjureSymbol'. No need to have the "get", the word "conjure" is a verb too! Getting a conjured symbol is the same as conjuring one up. This shortening is largely cosmetic, but just this simple changed cleaned up a handful of lines, making them less verbose. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162348 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
12e2fb0db76ca2705ce5169e04d9cd52762fc685	22-Aug-2012	Matt Beaumont-Gay <matthewbg@google.com>	Add an llvm_unreachable to pacify GCC's -Wreturn-type. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162325 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
c568e2f801a62e442cbbd823b71f70175715661f	21-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Set the default IPA mode to 'basic-inlining', which excludes C++. Under -analyzer-ipa=basic-inlining, only C functions, blocks, and C++ static member functions are inlined -- essentially, the calls that behave like simple C function calls. This is essentially the behavior in Xcode 4.4. C++ support still has some rough edges, and we don't want users to be worried about them if they download and run their own checker. (In particular, the massive number of false positives for analyzing LLVM comes from inlining defensively-written code in contexts where more aggressive assumptions are implicitly made. This problem is not unique to C++, but it is exacerbated by the higher proportion of code that lives in header files in C++.) The eventual goal is to be comfortable enough with C++ support (and simple Objective-C support) to advance to -analyzer-ipa=inlining as the default behavior. See the IPA design notes for more details. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162318 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
da29ac527063fc9714547088bf841bfa30557bf0	15-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Even if we are not inlining a virtual call, still invalidate! Fixes a mistake introduced in r161916. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161987 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
4e79fdfe22db1c982e8fdf8397fee426a8c57821	15-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Correctly devirtualize virtual method calls in constructors. This is the other half of C++11 [class.cdtor]p4 (the destructor side was added in r161915). This also fixes an issue with post-call checks where the 'this' value was already being cleaned out of the state, thus being omitted from a reconstructed CXXConstructorCall. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161981 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
b763ede873c23c8651bd18eba0c62e929b496ba5	15-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Don't inline dynamic-dispatch methods unless -analyzer-ipa=dynamic. Previously we were checking -analyzer-ipa=dynamic-bifurcate only, and unconditionally inlining everything else that had an available definition, even under -analyzer-ipa=inlining (but not under -analyzer-ipa=none). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161916 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
645baeed6800f952e9ad1d5666e01080385531a2	14-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Reduce code duplication: make CXXDestructorCall a CXXInstanceCall. While there is now some duplication between SimpleCall and the CXXInstanceCall sub-hierarchy, this is much better than copy-and-pasting the devirtualization logic shared by both instance methods and destructors. An unfortunate side effect is that there is no longer a single CallEvent type that corresponds to "calls written as CallExprs". For the most part this is a good thing, but the checker callback eval::Call still takes a CallExpr rather than a CallEvent (since we're not sure if we want to allow checkers to evaluate other kinds of calls). A mistake here will be caught by a cast<> in CheckerManager::runCheckersForEvalCall. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161809 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
6960f6e53b0d9a69a460c99ec199470271ff9603	09-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Clarify the values in Dyn. Dispatch Bifurcation map. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161616 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
5960f4aeac9760198c80e05d70d8dadb1db0ff0e	09-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Improve readability of the dyn. dispatch bifurcation patch r161552. As per Jordan's feedback. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161603 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
fc05decf08feefd2ffe8cc250219aee6eab3119c	09-Aug-2012	Anna Zaks <ganna@apple.com>	Unbreak the build. Declaring "const Decl *Decl" is not a good idea. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161567 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
e90d3f847dcce76237078b67db8895eb7a24189e	09-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Bifurcate the path with dynamic dispatch. This is an initial (unoptimized) version. We split the path when inlining ObjC instance methods. On one branch we always assume that the type information for the given memory region is precise. On the other we assume that we don't have the exact type info. It is important to check since the class could be subclassed and the method can be overridden. If we always inline we can loose coverage. Had to refactor some of the call eval functions. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161552 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
2f9c40a915593849f6b0f5c4de516e2f597d0d66	31-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Control C++ inlining with a macro in ExprEngineCallAndReturn.cpp. For now this will stay on, but this way it's easy to switch off if we need to pull back our support for a while. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161064 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
ef15831780b705475e7b237ac16418e9b53cb7a6	31-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Let CallEvent decide what goes in an inital stack frame. This removes explicit checks for 'this' and 'self' from Store::enterStackFrame. It also removes getCXXThisRegion() as a virtual method on all CallEvents; it's now only implemented in the parts of the hierarchy where it is relevant. Finally, it removes the option to ask for the ParmVarDecls attached to the definition of an inlined function, saving a recomputation of the result of getRuntimeDefinition(). No visible functionality change! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161017 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
57c033621dacd8720ac9ff65a09025f14f70e22f	31-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Perform post-call checks for all inlined calls. Previously, we were only checking the origin expressions of inlined calls. Checkers using the generic postCall and older postObjCMessage callbacks were ignored. Now that we have CallEventManager, it is much easier to create a CallEvent generically when exiting an inlined function, which we can then use for post-call checks. No test case because we don't (yet) have any checkers that depend on this behavior (which is why it hadn't been fixed before now). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161005 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
e13056a8bb532ddfdc07952a13169aa422bacd3b	30-Jul-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add -analyzer-ipa=dynamic option for inlining dynamically dispatched methods. Disabled by default for now. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160988 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
d563d3fb73879df7147b8a5302c3bf0e1402ba18	30-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Only allow CallEvents to be created by CallEventManager. This ensures that it is valid to reference-count any CallEvents, and we won't accidentally try to reclaim a CallEvent that lives on the stack. It also hides an ugly switch statement for handling CallExprs! There should be no functionality change here. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160986 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
979f098cfa808cc9236b39658cc3757a39dfa459	27-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Use a stack-based local AGAIN to fix the build for real. It's a good thing CallEvents aren't created all over the place yet. I checked all the uses this time and the private copy constructor /really/ shouldn't cause any more problems. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160845 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
f540c54701e3eeb34cb619a3a4eb18f1ac70ef2d	26-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Rename Calls.{h,cpp} to CallEvent.{h,cpp}. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160815 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
e460c46c5d602f65354cab0879c458890273591c	26-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Don't crash on array constructors and destructors. This workaround is fairly lame: we simulate the first element's constructor and destructor and rely on the region invalidation to "initialize" the rest of the elements. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160809 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
3a0a9e3e8bbaa45f3ca22b1e20b3beaac0f5861e	26-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Handle C++ member initializers and destructors. This uses CFG to tell if a constructor call is for a member, and uses the member's region appropriately. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160808 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
888c90ac0ef6baf7d47e86cf5cc4715707d223b1	26-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Handle base class initializers and destructors. Most of the logic here is fairly simple; the interesting thing is that we now distinguish complete constructors from base or delegate constructors. We also make sure to cast to the base class before evaluating a constructor or destructor, since non-virtual base classes may behave differently. This includes some refactoring of VisitCXXConstructExpr and VisitCXXDestructor in order to keep ExprEngine.cpp as clean as possible (leaving the details for ExprEngineCXX.cpp). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160806 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
183ba8e19d49ab1ae25d3cdd0a19591369c5ab9f	26-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Show paths for destructor calls. This modifies BugReporter and friends to handle CallEnter and CallExitEnd program points that came from implicit call CFG nodes (read: destructors). This required some extra handling for nested implicit calls. For example, the added multiple-inheritance test case has a call graph that looks like this: testMultipleInheritance3 ~MultipleInheritance ~SmartPointer ~Subclass ~SmartPointer *bug here* In this case we correctly notice that we started in an inlined function when we reach the CallEnter program point for the second ~SmartPointer. However, when we reach the next CallEnter (for ~Subclass), we were accidentally re-using the inner ~SmartPointer call in the diagnostics. Rather than guess if we saw the corresponding CallExitEnd based on the contents of the active path, we now just ask the PathDiagnostic if there's any known stack before popping off the top path. (A similar issue could have occured without multiple inheritance, but there wasn't a test case for it.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160804 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
da5fc53d6b024872c4c1d2c8c5da11e08bf116aa	26-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Inline ctors + dtors when the CFG is built for them. At the very least this means initializer nodes for constructors and automatic object destructors are present in the CFG. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160803 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
9dc5167e4017ef4c8b327abb6f72225eec2e0f19	26-Jul-2012	Anna Zaks <ganna@apple.com>	[analyzer] Inline ObjC class methods. - Some cleanup(the TODOs) will be done after ObjC method inlining is complete. - Simplified CallEvent::getDefinition not to require ISDynamicDispatch parameter. - Also addressed Jordan's comments from r160530. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160768 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
e81ce256b62717dd846bd19aecc4115a0dcd4995	20-Jul-2012	Anna Zaks <ganna@apple.com>	[analyzer] Refactor VisitObjCMessage and VisitCallExpr to rely on the same implementation for call evaluation. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160530 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
8919e688dc610d1f632a4d43f7f1489f67255476	18-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Combine all ObjC message CallEvents into ObjCMethodCall. As pointed out by Anna, we only differentiate between explicit message sends This also adds support for ObjCSubscriptExprs, which are basically the same as properties in many ways. We were already checking these, but not emitting nice messages for them. This depends on the llvm::PointerIntPair change in r160456. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160461 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
c36b30c92c78b95fd29fb5d9d6214d737b3bcb02	12-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Don't inline virtual calls unless we can devirtualize properly. Previously we were using the static type of the base object to inline methods, whether virtual or non-virtual. Now, we try to see if the base object has a known type, and if so ask for its implementation of the method. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160094 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
48b6247804eacc262cc5508e0fbb74ed819fbb6e	11-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Construct stack variables directly in their VarDecl. Also contains a number of tweaks to inlining that are necessary for constructors and destructors. (I have this enabled on a private branch, but it is very much unstable.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160023 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
e54cfc7b9990acffd0a8a4ba381717b4bb9f3011	11-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Use CallEvent for building inlined stack frames. In order to accomplish this, we now build the callee's stack frame as part of the CallEnter node, rather than the subsequent BlockEdge node. This should not have any effect on perceived behavior or diagnostics. This makes it safe to re-enable inlining of member overloaded operators. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160022 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
852aa0d2c5d2d1faf2d77b5aa3c0848068a342c5	11-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Make CallEnter, CallExitBegin, and CallExitEnd not be StmtPoints These ProgramPoints are used in inlining calls, and not all calls have associated statements anymore. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160021 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
8d276d38c258dfc572586daf6c0e8f8fce249c0e	11-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add a CXXDestructorCall CallEvent. While this work is still fairly tentative (destructors are still left out of the CFG by default), we now handle destructors in the same way as any other calls, instead of just automatically trying to inline them. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160020 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
28038f33aa2db4833881fea757a1f0daf85ac02b	11-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add new PreImplicitCall and PostImplicitCall ProgramPoints. These are currently unused, but are intended to be used in lieu of PreStmt and PostStmt when the call is implicit (e.g. an automatic object destructor). This also modifies the Data1 field of ProgramPoints to allow storing any pointer-sized value, as opposed to only aligned pointers. This is necessary to store SourceLocations. There is currently no BugReporter support for these; they should be skipped over in any diagnostic output. This commit also tags checkers that currently rely on function calls only occurring at StmtPoints. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160019 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
ee158bc29bc12ce544996f7cdfde14aba63acf4d	09-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] When inlining, make sure we use the definition decl. This was a regression introduced during the CallEvent changes; a call to FunctionDecl::hasBody was also being used to replace the decl found by lookup with the actual definition. To keep from making this mistake again (particularly if/when we start inlining Objective-C methods), this commit adds a "getDefinition()" method to CallEvent, which should do the right thing under any circumstances. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159940 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
fdaa33818cf9bad8d092136e73bd2e489cb821ba	04-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] For now, don't inline non-static member overloaded operators. Our current inlining support (specifically RegionStore::enterStackFrame) doesn't know that calls to overloaded operators may be calls to non-static member functions, and that in these cases the first argument should be treated as 'this'. This caused incorrect results and sometimes crashes. The long-term fix will be to rewrite RegionStore::enterStackFrame to use CallEvent and its subclasses, but for now we can just disable these problematic calls by classifying them under a new CallEvent, CXXMemberOperatorCall. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159692 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
70cbf3cc09eb21db1108396d30a414ea66d842cc	03-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Introduce CXXAllocatorCall to handle placement arg invalidation. This is NOT full-blown support for operator new, but removes some nasty duplicated code introduced in r158784. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159608 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
d4aeb8050a1d0fe47c53a73361c8b0b8ac310f46	02-Jul-2012	Ted Kremenek <kremenek@apple.com>	Bail out the LiveVariables analysis when the CFG is very large, as we are encountering some scalability issues with memory usage. The appropriate long term fix is to make the analysis more scalable, but this will at least prevent the analyzer swapping when analyzing very large functions. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159578 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
96479da6ad9d921d875e7be29fe1bfa127be8069	02-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add generic preCall and postCall checks. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159562 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
69f87c956b3ac2b80124fd9604af012e1061473a	02-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Use CallEvent for inlining and call default-evaluation. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159560 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
740d490593e0de8732a697c9f77b90ddd463863b	02-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add a new abstraction over all types of calls: CallEvent This is intended to replace CallOrObjCMessage, and is eventually intended to be used for anything that cares more about /what/ is being called than /how/ it's being called. For example, inlining destructors should be the same as inlining blocks, and checking __attribute__((nonnull)) should apply to the allocator calls generated by operator new. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159554 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
10f77ad7fc5e5cf3f37a9b14ff5843468b8b84d2	23-Jun-2012	Ted Kremenek <kremenek@apple.com>	Implement initial static analysis inlining support for C++ methods. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159047 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
144e52be486a3906aec90c51b0ac94a30313152e	02-Jun-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fix lack of coverage after empty inlined function. We should not stop exploring the path after we return from an empty function. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@157859 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
7fa9b4f258636d89342eda28f21a986c8ac353b1	01-Jun-2012	Ted Kremenek <kremenek@apple.com>	static analyzer: add inlining support for directly called blocks. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@157833 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
591b5f53c0e11d87401b4804bb1be1a53f95c619	19-May-2012	Anna Zaks <ganna@apple.com>	[analyzer] For locations, use isGLValue() instead of isLValue(). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@157088 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
aca0ac58d2ae80d764e3832456667d7322445e0c	04-May-2012	Anna Zaks <ganna@apple.com>	[analyzer] Allow pointers escape through calls containing callback args. (Since we don't have a generic pointer escape callback, modify ExprEngineCallAndReturn as well as the malloc checker.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156134 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
0b3ade86a1c60cf0c7b56aa238aff458eb7f5974	20-Apr-2012	Anna Zaks <ganna@apple.com>	[analyzer] Run remove dead bindings right before leaving a function. This is needed to ensure that we always report issues in the correct function. For example, leaks are identified when we call remove dead bindings. In order to make sure we report a callee's leak in the callee, we have to run the operation in the callee's context. This change required quite a bit of infrastructure work since: - We used to only run remove dead bindings before a given statement; here we need to run it after the last statement in the function. For this, we added additional Program Point and special mode in the SymbolReaper to remove all symbols in context lower than the current one. - The call exit operation turned into a sequence of nodes, which are now guarded by CallExitBegin and CallExitEnd nodes for clarity and convenience. (Sorry for the long diff.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@155244 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
01561d1039bfdda61edd20eed939011a8632c7c7	17-Apr-2012	Ted Kremenek <kremenek@apple.com>	Change ExprEngine::shouldInlineDecl() to be defensive in checking if the CFG of the callee is valid. Fixes <rdar://problem/11257631>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@154896 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
e62f048960645b79363408fdead53fec2a063c52	03-Apr-2012	Anna Zaks <ganna@apple.com>	[analyzer] Record the basic blocks covered by the analyzes run. Store this info inside the function summary generated for all analyzed functions. This is useful for coverage stats and can be helpful for analyzer state space search strategies. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153923 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
d9b795524eb3dc035523f82f135d0a8adf15cd72	02-Apr-2012	Ted Kremenek <kremenek@apple.com>	Fix potential null dereference in the static analyzer when inlining a call that has already been inlined. Unfortunately I have no test case. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153900 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
4a5f724538cbc275370c9504e8169ce92503256c	01-Apr-2012	Benjamin Kramer <benny.kra@googlemail.com>	Analyzer: Store BugReports directly in a ilist instead of adding another layer of inderection with std::list git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153847 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
62a5c34ddc54696725683f6c5af1c8e1592c5c38	30-Mar-2012	Anna Zaks <ganna@apple.com>	[analyzer]Malloc,RetainRelease: Allow pointer to escape via NSMapInsert. Fixes a false positive (radar://11152419). The current solution of adding the info into 3 places is quite ugly. Pending a generic pointer escapes callback. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153731 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
3bbd8cd831788c506f2980293eb3c7e1b3ca2501	30-Mar-2012	Anna Zaks <ganna@apple.com>	[analyzer] Do not inline functions which previously reached max block count. This is an optimization for "retry without inlining" option. Here, if we failed to inline a function due to reaching the basic block max count, we are going to store this information and not try to inline it again in the translation unit. This can be viewed as a function summary. On sqlite, with this optimization, we are 30% faster then before and cover 10% more basic blocks (partially because the number of times we reach timeout is decreased by 20%). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153730 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
5903a373db3d27794c90b25687e0dd6adb0e497d	27-Mar-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add an option to re-analyze a dead-end path without inlining. The analyzer gives up path exploration under certain conditions. For example, when the same basic block has been visited more than 4 times. With inlining turned on, this could lead to decrease in code coverage. Specifically, if we give up inside the inlined function, the rest of parent's basic blocks will not get analyzed. This commit introduces an option to enable re-run along the failed path, in which we do not inline the last inlined call site. This is done by enqueueing the node before the processing of the inlined call site with a special policy encoded in the state. The policy tells us not to inline the call site along the path. This lead to ~10% increase in the number of paths analyzed. Even though we expected a much greater coverage improvement. The option is turned off by default for now. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153534 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
514f2c9dcb9e04b52929c5b141a6fe88bd68b33f	23-Mar-2012	Ted Kremenek <kremenek@apple.com>	Avoid applying retain/release effects twice in RetainCountChecker when a function call was inlined (i.e., we do not need to apply summaries in such cases). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153309 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
6cc0969ab37c614d6cf496f2ed6d2fca397a0133	13-Mar-2012	Anna Zaks <ganna@apple.com>	[analyser] Refactor shouldInline logic into a helper. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152677 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
8235f9c9c8b3d1737d1c6bd57f7ba3f616b92392	02-Mar-2012	Anna Zaks <ganna@apple.com>	[analyzer] Bound the size of the functions being inlined + provide command line options for inlining tuning. This adds the option for stack depth bound as well as function size bound. + minor doxygenification git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151930 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
b2c60b04a597cc5ba4154837cf8e0a155a376fd7	01-Mar-2012	Argyrios Kyrtzidis <akyrtzi@gmail.com>	Move llvm/ADT/SaveAndRestore.h -> llvm/Support/SaveAndRestore.h. Needs llvm update. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151829 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
ca23eb212c78ac5bc62d0881635579dbe7095639	29-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc: A pointer might escape through CFContainers APIs, funopen, setvbuf. Teach the checker and the engine about these APIs to resolve malloc false positives. As I am adding more of these APIs, it is clear that all this should be factored out into a separate callback (for example, region escapes). Malloc, KeyChainAPI and RetainRelease checkers could all use it. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151737 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
07d39a479cf8f20294407e749f9933da34ebecb7	28-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fix Malloc False Positive (PR 12100) When allocated buffer is passed to CF/NS..NoCopy functions, the ownership is transfered unless the deallocator argument is set to 'kCFAllocatorNull'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151608 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
d45d361f2ce5c37824052357e2218e8a5509eba5	27-Feb-2012	Argyrios Kyrtzidis <akyrtzi@gmail.com>	Move "clang/Analysis/Support/SaveAndRestore.h" to "llvm/ADT/SaveAndRestore.h" to make it more widely available. Depends on llvm commit r151564 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151566 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
e55b03a6e44b99c1cd77b8ea5e4d836c28948904	24-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] We were silently stopping exploring the path after visiting 'return;' statement! This most likely caused us to skip a bunch of code when analyzing with inlining. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151368 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
0d389b819c33bdf0375694a8f141c8f02e002b18	23-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Invalidate the region passed to pthread_setspecific() call. Make this call an exception in ExprEngine::invalidateArguments: 'int pthread_setspecific(ptheread_key k, const void )' stores a value into thread local storage. The value can later be retrieved with 'void ptheread_getspecific(pthread_key)'. So even thought the parameter is 'const void *', the region escapes through the call. (Here we just blacklist the call in the ExprEngine's default logic. Another option would be to add a checker which evaluates the call and triggers the call to invalidate regions.) Teach the Malloc Checker, which treats all system calls as safe about the API. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151220 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
3133f79cf451e6302dd05262b4bb53a3e4fd6300	18-Feb-2012	Ted Kremenek <kremenek@apple.com>	Have conjured symbols depend on LocationContext, to add context sensitivity for functions called more than once. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150849 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
10520d76044e8fff71d414f30c21b449fd104960	09-Feb-2012	Ted Kremenek <kremenek@apple.com>	[analyzer] Proactively avoid inlining vararg functions and blocks until we properly support them. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150207 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
8bef8238181a30e52dea380789a7e2d760eac532	26-Jan-2012	Ted Kremenek <kremenek@apple.com>	Change references to 'const ProgramState *' to typedef 'ProgramStateRef'. At this point this is largely cosmetic, but it opens the door to replace ProgramStateRef with a smart pointer that more eagerly acts in the role of reclaiming unused ProgramState objects. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149081 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
0849ade4bb3e90c2fc0ce01ccd330f76f91da732	12-Jan-2012	Ted Kremenek <kremenek@apple.com>	[analyzer] fix inlining's handling of mapping actual to formal arguments and limit the call stack depth. The analyzer can now accurately simulate factorial for limited depths. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148036 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
256ef642f8feef22fd53be7efa868e8e34752eed	11-Jan-2012	Ted Kremenek <kremenek@apple.com>	Remove '#if 0' from ExprEngine::InlineCall(), and start fresh by wiring up inlining for straight C calls. My hope is to reimplement this from first principles based on the simplifications of removing unneeded node builders and re-evaluating how C++ calls are handled in the CFG. The hope is to turn inlining "on-by-default" as soon as possible with a core set of things working well, and then expand over time. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147904 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
3070e13dca5bbefa32acb80ce4a7b217a6220983	07-Jan-2012	Ted Kremenek <kremenek@apple.com>	[analyzer] Remove CallEnterNodeBuilder and simplify ExprEngine::processCallEnter(). This removes analysis of other translation units, but that was an experimental feature anyway that we will revisit later. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147705 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
242384ddb0e0b65dd7e9e0ac0cf3c31cf98b06a6	07-Jan-2012	Ted Kremenek <kremenek@apple.com>	Correctly enqueue successors in ExprEngine::processCallExit(). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147698 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
894212e9510299abb203801e014fec76b7926a05	07-Jan-2012	Ted Kremenek <kremenek@apple.com>	[analyzer] Remove CallExitNodeBuilder, and have ExprEngine::processCallExit() do the work manually. This is a nice simplification. Along the way, fix Exprengine::processCallExit() to also perform the postStmt callback for checkers for CallExprs. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147697 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
5eca482fe895ea57bc82410222e6426c09e63284	06-Jan-2012	Ted Kremenek <kremenek@apple.com>	[analyzer] Make the entries in 'Environment' context-sensitive by making entries map from (Stmt,LocationContext) pairs to SVals instead of Stmt* to SVals. This is needed to support basic IPA via inlining. Without this, we cannot tell if a Stmt* binding is part of the current analysis scope (StackFrameContext) or part of a parent context. This change introduces an uglification of the use of getSVal(), and thus takes two steps forward and one step back. There are also potential performance implications of enlarging the Environment. Both can be addressed going forward by refactoring the APIs and optimizing the internal representation of Environment. This patch mainly introduces the functionality upon when we want to build upon (and clean up). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147688 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
eb31a76d1cdaaf8874c549dc6bd964ff270d3822	05-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Be less pessimistic about invalidation of global variables as a result of a call. Problem: Global variables, which come in from system libraries should not be invalidated by all calls. Also, non-system globals should not be invalidated by system calls. Solution: The following solution to invalidation of globals seems flexible enough for taint (does not invalidate stdin) and should not lead to too many false positives. We split globals into 3 classes: * immutable - values are preserved by calls (unless the specific global is passed in as a parameter): A : Most system globals and const scalars * invalidated by functions defined in system headers: B: errno * invalidated by all other functions (note, these functions may in turn contain system calls): B: errno C: all other globals (which are not in A nor B) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147569 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
2cbe791d3e9b26f30196c4852da75d9ad67b4ad9	20-Dec-2011	Anna Zaks <ganna@apple.com>	[analyzer] Do not invalidate arguments when the parameter's type is a pointer to const. (radar://10595327) The regions corresponding to the pointer and reference arguments to a function get invalidated by the calls since a function call can possibly modify the pointed to data. With this change, we are not going to invalidate the data if the argument is a pointer to const. This change makes the analyzer more optimistic in reporting errors. (Support for C, C++ and Obj C) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147002 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
2e9264a17bacc7dc228d5f93caaeb98dfb23d508	25-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Remove unused headers. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142945 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
aa0aeb1cbe117db68d35700cb3a34aace0f99b99	24-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Node builders cleanup + comments Renamed PureNodeBuilder->StmtNodeBuilder. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142849 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
056c4b46335a3bd2612414735d5749ee159c0165	24-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Completely remove the global Builder object. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142847 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
ebae6d0209e1ec3d5ea14f9e63bd0d740218ed14	24-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Convert ExprEngine::visit() to use short lived builders. This commit removes the major functional dependency on the ExprEngine::Builder member variable. In some cases the code became more verbose. Particularly, we call takeNodes() and addNodes() to move responsibility for the nodes from one builder to another. This will get simplified later on. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142831 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
fe27971d54d26997149d6b84057f04ff398d1d5d	28-Aug-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Eliminate almost all uses of TransferFuncs from ExprEngine. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138719 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
e38dd95dddb8f1b38469c8d0e28aa1c660489324	28-Aug-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Migrate argument invalidation from CFRefCount to ExprEngine. This is a common path for function and C++ method calls, Objective-C messages and property accesses, and C++ construct-exprs. As support, add message receiver accessors to ObjCMessage and CallOrObjCMessage. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138718 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
500abad7edfcc2409b18dd616cdbc28a094926f5	21-Aug-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Migrate return value handling from CFRefCount to ExprEngine. This seems to result in a minor performance hit, but I think that will go away again once we eliminate TransferFuncs from function calls entirely. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138220 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp
294fd0a62b95f512637910bf85c7efa6c2354b50	20-Aug-2011	Ted Kremenek <kremenek@apple.com>	Start partitioning ExprEngine.cpp into separate .cpp files that handle different parts of the analysis (e.g., analysis of C expressions, analysis of Objective-C expressions, and so on). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138194 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp