d764e20189dbb42b38ada383a0a159f6adc0d56c |
|
02-Mar-2013 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Special-case bitfields when finding sub-region bindings. Previously we were assuming that we'd never ask for the sub-region bindings of a bitfield, since a bitfield cannot have subregions. However, unification of code paths has made that assumption invalid. While we could take advantage of this by just checking for the single possible binding, it's probably better to do the right thing, so that if/when we someday support unions we'll do the right thing there, too. This fixes a handful of false positives in analyzing LLVM. <rdar://problem/13325522> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@176388 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
f1e67d75fc922ff905de9faa6326bb1a96685ec1 |
|
17-Oct-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Create a temporary region when accessing a struct rvalue. In C++, rvalues that need to have their address taken (for example, to be passed to a function by const reference) will be wrapped in a MaterializeTemporaryExpr, which lets CodeGen know to create a temporary region to store this value. However, MaterializeTemporaryExprs are /not/ created when a method is called on an rvalue struct, even though the 'this' pointer needs a valid value. CodeGen works around this by creating a temporary region anyway; now, so does the analyzer. The analyzer also does this when accessing a field of a struct rvalue. This is a little unfortunate, since the rest of the struct will soon be thrown away, but it does make things consistent with the rest of the analyzer. This allows us to bring back the assumption that all known 'this' values are Locs. This is a revised version of r164828-9, reverted in r164876-7. <rdar://problem/12137950> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@166120 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
d27a368f4800b447b970b7c438d0fb4da00838dc |
|
01-Oct-2012 |
Jordan Rose <jordan_rose@apple.com> |
Revert "[analyzer] Check that a member expr is valid even when the result is an lvalue." The original intent of this commit was to catch potential null dereferences early, but it breaks the common "home-grown offsetof" idiom (PR13927): (((struct Foo *)0)->member - ((struct foo *)0)) As it turns out, this appears to be legal in C, per a footnote in C11 6.5.3.2: "Thus, &*E is equivalent to E (even if E is a null pointer)". In C++ this issue is still open: http://www.open-std.org/jtc1/sc22/wg21/docs/cwg_active.html#232 We'll just have to make sure we have good path notes in the future. This reverts r164441 / 9be016dcd1ca3986873a7b66bd4bc027309ceb59. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164958 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
ce6644bc1e921833f9b3c10cf7d4a0b78e8d5dc9 |
|
29-Sep-2012 |
Jordan Rose <jordan_rose@apple.com> |
Revert "[analyzer] Create a temporary region for rvalue structs when accessing fields" This reverts commit 6f61df3e7256413dcb99afb9673f4206e3c4992c. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164877 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
6f61df3e7256413dcb99afb9673f4206e3c4992c |
|
28-Sep-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Create a temporary region for rvalue structs when accessing fields Struct rvalues are represented in the analyzer by CompoundVals, LazyCompoundVals, or plain ConjuredSymbols -- none of which have associated regions. If the entire structure is going to persist, this is not a problem -- either the rvalue will be assigned to an existing region, or a MaterializeTemporaryExpr will be present to create a temporary region. However, if we just need a field from the struct, we need to create the temporary region ourselves. This is inspired by the way CodeGen handles calls to temporaries; support for that in the analyzer is coming next. Part of <rdar://problem/12137950> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164828 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
dd1d7d88f1fe6d7d7e79acaec3f83bc10d9f7b97 |
|
22-Sep-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Check that a member expr is valid even when the result is an lvalue. We want to catch cases like this early, so that we can produce better diagnostics and path notes: Point *p = 0; int *px = &p->x; // should warn here *px = 1; git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164441 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
cdc3a89d5de90b2299c56f4a46c3de590c5184d1 |
|
24-Aug-2012 |
Ted Kremenek <kremenek@apple.com> |
Fix analyzer tests. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162588 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
033a07e5fca459ed184369cfee7c90d82367a93a |
|
04-Aug-2011 |
Ted Kremenek <kremenek@apple.com> |
[analyzer] rename all experimental checker packages to have 'experimental' be the common root package. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136835 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
a4c7a4314ffbe402091695874e93d9b0a79c8099 |
|
29-Jul-2011 |
Ted Kremenek <kremenek@apple.com> |
Really remove FlatStoreManager and BasicStoreManager, this time from the driver. Also remove associated tests. Sorry for the messy commits; this is the result of a botched Git merge. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136422 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
c4d2c9074be6eb2091086eddd6c8f052f3b245c8 |
|
28-Feb-2011 |
Argyrios Kyrtzidis <akyrtzi@gmail.com> |
[analyzer] Remove '-analyzer-check-objc-mem' flag, the nominee for best misnomer award. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126676 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
65d39251ff57b8e33cf6d3a7fcc6aa1c6f8cdc68 |
|
24-Feb-2011 |
Argyrios Kyrtzidis <akyrtzi@gmail.com> |
[analyzer] Remove '-analyzer-experimental-internal-checks' flag, it doesn't have any checkers associated with it anymore. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126440 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
c2e20d0c42cf085940c9a9cb495a7116d1b0eb07 |
|
03-Feb-2011 |
Argyrios Kyrtzidis <akyrtzi@gmail.com> |
[analyzer] Fix a crash until we can handle temporary struct objects properly. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124822 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
565e465c6d0093f1bf8414b2cabdc842022385a9 |
|
05-Feb-2010 |
Ted Kremenek <kremenek@apple.com> |
Rename -cc1 option '-checker-cfref' to '-analyzer-check-objc-mem'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@95348 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
a5728872c7702ddd09537c95bc3cbd20e1f2fb09 |
|
15-Dec-2009 |
Daniel Dunbar <daniel@zuster.org> |
Update tests to use %clang_cc1 instead of 'clang-cc' or 'clang -cc1'. - This is designed to make it obvious that %clang_cc1 is a "test variable" which is substituted. It is '%clang_cc1' instead of '%clang -cc1' because it can be useful to redefine what gets run as 'clang -cc1' (for example, to set a default target). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@91446 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
ef74f4c6dcd59b3af1de9d8f613c1caf3e6cb63d |
|
14-Dec-2009 |
Zhongxing Xu <xuzhongxing@gmail.com> |
Replace clang-cc with clang -cc1. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@91272 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
8a90ac0e85e8c5758b585fe486ee7db01c53fb98 |
|
29-Nov-2009 |
Daniel Dunbar <daniel@zuster.org> |
Normalize options to use '-FOO' instead of '--FOO'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@90071 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
8382cf57b722f130f1a6b45380639871c07271c1 |
|
13-Nov-2009 |
Ted Kremenek <kremenek@apple.com> |
Add clang-cc option "--analyzer-experimental-internal-checks". This option enables new "internal" checks that will eventually be turned on by default but still require broader testing. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@88671 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
4fcfde4d5c8f25e40720972a5543d538a0dcb220 |
|
08-Nov-2009 |
Daniel Dunbar <daniel@zuster.org> |
Eliminate &&s in tests. - 'for i in $(find . -type f); do sed -e 's#\(RUN:.*[^ ]\) *&& *$#\1#g' $i | FileUpdate $i; done', for the curious. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@86430 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
f7a0cf426eddae76e1a71dd2295631a2cf0560af |
|
29-Jul-2009 |
Ted Kremenek <kremenek@apple.com> |
Remove 'StoreManager::OldCastRegion()', TypedViewRegion (which only OldCastRegion used), and the associated command line option '-analyzer-store=old-basic-cast'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@77509 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
c037eac3bda3c636c961aab6377beea3242e81e4 |
|
10-Jul-2009 |
Ted Kremenek <kremenek@apple.com> |
Switch BasicStoreManager to use the new CastRegion implementation by default, and replace the 'clang-cc' option '-analyzer-store=basic-new-cast' with '-analyzer-store=basic-old-cast'. We'll keep the old CastRegion implementation around for a little while for regression testing. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@75209 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
e1cea75e70d76f55157749a7bcad319050492945 |
|
06-Jul-2009 |
Ted Kremenek <kremenek@apple.com> |
Make 'BasicStoreManager' + 'NewCastRegion' testable from the command line using '-analyzer-store=basic-new-cast'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@74865 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
5414a5c0add7a7a9343a1be0bda962ce8dc35449 |
|
21-Jun-2009 |
Zhongxing Xu <xuzhongxing@gmail.com> |
Return UnknownVal for pointer arithmetic on struct fields. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@73851 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
5bf3287765d14b5c6666bd00d0a141b0a6c97a20 |
|
09-May-2009 |
Zhongxing Xu <xuzhongxing@gmail.com> |
When casting VarRegion, if the var type is aggregate type and the cast-to pointee type is scalar type, create element region regardless with the sizes of types. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@71360 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
889805931bdffe5eaf770bb9f926f738ccd18c0f |
|
06-May-2009 |
Zhongxing Xu <xuzhongxing@gmail.com> |
Make StoreManager::CastRegion() virtual and implement a new CastRegion() for RegionStore. This CastRegion() performs casts according to the kind of the region being cast instead of the type that is cast to. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@71058 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
9aa829bddbe6dc2e41aff5b26483dd3370381293 |
|
04-May-2009 |
Ted Kremenek <kremenek@apple.com> |
This test no longer fails. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70834 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
a8607d13c8df25a8c10d46db016d26f9e327418d |
|
01-May-2009 |
Ted Kremenek <kremenek@apple.com> |
StoreManager::CastRegion: - Don't layer TypedViewRegions on top of any region except SymbolicRegions and AllocaRegions. This follows from my offline discussion within Zhongxing about how TypedViewRegions really only represent memory getting re-appropriated for a new purpose. Fallout from this change: - Move test case from xfail_rdar_6440393.m to misc-ps-64.m (it now passes). - test/Analysis/fields.c now fails for region store (crash). Marking XFAIL. - test/Analysis/rdar-6441136-region.c now fails (only runs with region store). Marking XFAIL. Diagnosis: The analyzer now correctly identifies an early out-of-bounds memory access then the one flagged: rdar-6541136-region.c:17:3: warning: Load or store into an out-of-bound memory position. *p = 1; ^~ Changing the line: char *p = (void*) &wonky[1]; to char *p = (void*) &wonky[0]; (which should delay the buffer overrun) causes region store to crash, probably because it expects a TypedViewRegion. - test/Analysis/casts.c (region store) now fails (crash). Marking XFAIL. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70565 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
d7d5f0223bd30dfd618762349c6209dd1d5ea3e6 |
|
24-Mar-2009 |
Daniel Dunbar <daniel@zuster.org> |
Rename clang to clang-cc. Tests and drivers updated, still need to shuffle dirs. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@67602 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
be1fe1eb12a1cb91c8e3a9fcc2db4dfe989def6c |
|
17-Feb-2009 |
Ted Kremenek <kremenek@apple.com> |
Static Analyzer driver/options (partial) cleanup: - Move all analyzer options logic to AnalysisConsumer.cpp. - Unified specification of stores/constraints/output to be: -analyzer-output=... -analyzer-store=... -analyzer-constraints=... instead of -analyzer-range-constraints, -analyzer-store-basic, etc. - Updated drivers (ccc-analyzer, scan-builds, new ccc) to obey this new interface - Updated test cases to conform to new driver options git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64737 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
04b1de1f73ec8cad2a5e0a6a4c3c3f8b9b1b09a2 |
|
22-Jan-2009 |
Ted Kremenek <kremenek@apple.com> |
This test case now passes with RegionStore. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@62798 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
d427023c334fe03105d9359711a3df4d6f23b344 |
|
21-Jan-2009 |
Daniel Dunbar <daniel@zuster.org> |
Add -analyze action to run static analyzer, instead of inferring from individual checker options. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@62634 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|
5c456fe4d354dab9e8a1309aefe828ea7b6d6f26 |
|
18-Oct-2008 |
Ted Kremenek <kremenek@apple.com> |
Use "VisitLValue" when processing the base for "x.f" field accesses, and "Visit" when processing the base for "x->f" field accesses. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57754 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
|