Cross Reference: /external/clang/lib/StaticAnalyzer/Checkers/

History log of /external/clang/lib/StaticAnalyzer/Checkers/
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
ef8225444452a1486bd721f3285301fe84643b00	21-Jul-2014	Stephen Hines <srhines@google.com>	Update Clang for rebase to r212749. This also fixes a small issue with arm_neon.h not being generated always. Includes a cherry-pick of: r213450 - fixes mac-specific header issue r213126 - removes a default -Bsymbolic on Android Change-Id: I2a790a0f5d3b2aab11de596fc3a74e7cbc99081d ndroid.mk asicObjCFoundationChecks.cpp MakeLists.txt heckers.td ereferenceChecker.cpp etainCountChecker.cpp estAfterDivZeroChecker.cpp
6bcf27bb9a4b5c3f79cb44c0e4654a6d7619ad89	29-May-2014	Stephen Hines <srhines@google.com>	Update Clang for 3.5 rebase (r209713). Change-Id: I8c9133b0f8f776dc915f270b60f94962e771bc83 nalyzerStatsChecker.cpp rrayBoundCheckerV2.cpp asicObjCFoundationChecks.cpp StringChecker.cpp allAndMessageChecker.cpp astSizeChecker.cpp heckObjCDealloc.cpp heckObjCInstMethSignature.cpp heckSecuritySyntaxOnly.cpp heckSizeofPointer.cpp hrootChecker.cpp eadStoresChecker.cpp ynamicTypePropagation.cpp xprInspectionChecker.cpp enericTaintChecker.cpp varInvalidationChecker.cpp LVMConventionsChecker.cpp acOSKeychainAPIChecker.cpp acOSXAPIChecker.cpp allocChecker.cpp allocOverflowSecurityChecker.cpp allocSizeofChecker.cpp SErrorChecker.cpp oReturnFunctionChecker.cpp onNullParamChecker.cpp bjCContainersASTChecker.cpp bjCSelfInitChecker.cpp etainCountChecker.cpp eturnUndefChecker.cpp electorExtras.h impleStreamChecker.cpp treamChecker.cpp raversalChecker.cpp ndefBranchChecker.cpp ndefCapturedBlockVarChecker.cpp ndefResultChecker.cpp ndefinedAssignmentChecker.cpp nixAPIChecker.cpp nreachableCodeChecker.cpp LASizeChecker.cpp irtualCallChecker.cpp
651f13cea278ec967336033dd032faef0e9fc2ec	24-Apr-2014	Stephen Hines <srhines@google.com>	Updated to Clang 3.5a. Change-Id: I8127eb568f674c2e72635b639a3295381fe8af82 nalyzerStatsChecker.cpp ndroid.mk rrayBoundChecker.cpp rrayBoundCheckerV2.cpp asicObjCFoundationChecks.cpp oolAssignmentChecker.cpp MakeLists.txt StringChecker.cpp StringSyntaxChecker.cpp allAndMessageChecker.cpp astSizeChecker.cpp astToStructChecker.cpp heckObjCDealloc.cpp heckObjCInstMethSignature.cpp heckSecuritySyntaxOnly.cpp heckSizeofPointer.cpp heckers.td hrootChecker.cpp eadStoresChecker.cpp ebugCheckers.cpp ereferenceChecker.cpp irectIvarAssignment.cpp ivZeroChecker.cpp xprInspectionChecker.cpp ixedAddressChecker.cpp enericTaintChecker.cpp dempotentOperationChecker.cpp denticalExprChecker.cpp varInvalidationChecker.cpp LVMConventionsChecker.cpp acOSKeychainAPIChecker.cpp acOSXAPIChecker.cpp allocChecker.cpp allocOverflowSecurityChecker.cpp allocSizeofChecker.cpp SAutoreleasePoolChecker.cpp SErrorChecker.cpp oReturnFunctionChecker.cpp onNullParamChecker.cpp bjCAtSyncChecker.cpp bjCContainersASTChecker.cpp bjCContainersChecker.cpp bjCMissingSuperCallChecker.cpp bjCSelfInitChecker.cpp bjCUnusedIVarsChecker.cpp ointerArithChecker.cpp ointerSubChecker.cpp threadLockChecker.cpp etainCountChecker.cpp eturnPointerRangeChecker.cpp eturnUndefChecker.cpp impleStreamChecker.cpp tackAddrEscapeChecker.cpp treamChecker.cpp aintTesterChecker.cpp ndefBranchChecker.cpp ndefCapturedBlockVarChecker.cpp ndefResultChecker.cpp ndefinedArraySubscriptChecker.cpp ndefinedAssignmentChecker.cpp nixAPIChecker.cpp nreachableCodeChecker.cpp LASizeChecker.cpp irtualCallChecker.cpp
229d345dd5a73ef6ba75d1d730ecf96e8dc9ecec	08-Feb-2014	Stephen Hines <srhines@google.com>	Update clang for merge to LLVM 3.4. Update TableGen rules: - AttrExprArgs + AttrIdentifierArg + AttrParsedAttrImpl + AttrTypeArg Update config.h files. Adjust Android.mk for added/removed files: + TransProtectedScope.cpp - DumpXML.cpp + Consumed.cpp + CodeGenABITypes.cpp + SanitizerArgs.cpp + AllocationDiagnostics.cpp - CommonBugCategories.cpp + IdenticalExprChecker.cpp + CommonBugCategories.cpp - SymbolManager.cpp - TextPathDiagnostics.cpp + SymbolManager.cpp Change-Id: I73bea10e7e73e611f678bc5bf9935e26da63be17 ndroid.mk
1fab7c3e3bd97a909a80b1bfea1909c6e7347fc0	12-Feb-2014	Stephen Hines <srhines@google.com>	Merge remote-tracking branch 'upstream/release_34' into merge-20140211 Conflicts: lib/Basic/Targets.cpp lib/Sema/SemaDeclAttr.cpp Change-Id: I17ca7161f32007272ee82036d237d051847dd02e
b7a747b0c271faeeb8d0f886f0e691eb25f637d9	17-Nov-2013	Anton Yartsev <anton.yartsev@gmail.com>	[analyzer] Better modeling of memcpy by the CStringChecker (PR16731). New rules of invalidation/escape of the source buffer of memcpy: the source buffer contents is invalidated and escape while the source buffer region itself is neither invalidated, nor escape. In the current modeling of memcpy the information about allocation state of regions, accessible through the source buffer, is not copied to the destination buffer and we can not track the allocation state of those regions anymore. So we invalidate/escape the source buffer indirect regions in anticipation of their being invalidated for real later. This eliminates false-positive leaks reported by the unix.Malloc and alpha.cplusplus.NewDeleteLeaks checkers for the cases like char f() { void x = malloc(47); char *a; memcpy(&a, &x, sizeof a); return a; } git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@194953 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
6973a27866b176b1cf4e3e3ebcf0196e101b85dd	14-Nov-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Treat MSVC's _wassert as noreturn. This makes sure the analyzer actually honors assert() in an MSVC project. Patch by Anders Montonen! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@194716 91177308-0d34-0410-b5e6-96231b3b80d8 oReturnFunctionChecker.cpp
91934df3ce399e5938695b939943f92e7ff00483	14-Nov-2013	Benjamin Kramer <benny.kra@googlemail.com>	Move classes into anonymous namespaces. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@194706 91177308-0d34-0410-b5e6-96231b3b80d8 denticalExprChecker.cpp
6b1a4c83fb661c612c4a872d6c85e7a1aecd044f	08-Nov-2013	Jordan Rose <jordan_rose@apple.com>	Revert 'Tweak ContainerNonEmptyMap with "int" instead of "bool"'. I've added the missing ImutProfileInfo [sic] specialization for bool, so this patch on r194235 is no longer needed. This reverts r194244 / 2baea2887dfcf023c8e3560e5d4713c42eed7b6b. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@194265 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
2baea2887dfcf023c8e3560e5d4713c42eed7b6b	08-Nov-2013	NAKAMURA Takumi <geek4civic@gmail.com>	StaticAnalyzer/Checkers/BasicObjCFoundationChecks.cpp: Tweak ContainerNonEmptyMap with "int" instead of "bool", to appease building since r194235. In ADT/ImmutableSet, ImutProfileInfo<bool> cannot be matched to ImutProfileInteger. I didn't have idea it'd the right way if PROFILE_INTEGER_INFO(bool) could be added there. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@194244 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
9a7a568821b85cc83b80056268ef0dc32aecea12	08-Nov-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add IdenticalExprChecker, to find copy-pasted code. This syntactic checker looks for expressions on both sides of comparison operators that are structurally the same. As a special case, the floating-point idiom "x != x" for "isnan(x)" is left alone. Currently this only checks comparison operators, but in the future we could extend this to include logical operators or chained if-conditionals. Checker by Per Viberg! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@194236 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td denticalExprChecker.cpp
219103d76a10b35b5a1e8d2b6737cf724a7cfee7	08-Nov-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Track whether an ObjC for-in loop had zero iterations. An Objective-C for-in loop will have zero iterations if the collection is empty. Previously, we could only detect this case if the program asked for the collection's -count /before/ the for-in loop. Now, the analyzer distinguishes for-in loops that had zero iterations from those with at least one, and can use this information to constrain the result of calling -count after the loop. In order to make this actually useful, teach the checker that methods on NSArray, NSDictionary, and the other immutable collection classes don't change the count. <rdar://problem/14992886> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@194235 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
741c5411f491a12cd965c9f5ebdff742eddbdc79	04-Nov-2013	Anna Zaks <ganna@apple.com>	[analyzer] Track the count of NSOrderedSet similarly to other fast enumerations. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@194005 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
9cf772554d75f0a370b34a853de9207be3a07890	28-Oct-2013	NAKAMURA Takumi <geek4civic@gmail.com>	StaticAnalyzer/Checkers/DynamicTypePropagation.cpp: Fix in comments. 80-col and an utf8 char. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@193513 91177308-0d34-0410-b5e6-96231b3b80d8 ynamicTypePropagation.cpp
d29849e9ab180bbedfb69a58b24d0f7737850f7f	20-Oct-2013	Benjamin Kramer <benny.kra@googlemail.com>	Forgot some references to misspelled enums. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@193047 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
063820655db8121f0022a7c51458463c7250324c	20-Oct-2013	Benjamin Kramer <benny.kra@googlemail.com>	Miscellaneous speling fixes. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@193046 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
31b71f3097a338315a144067dde5b160c4e44fc9	07-Oct-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] ArrayRef-ize BugReporter::EmitBasicReport. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@192114 91177308-0d34-0410-b5e6-96231b3b80d8 StringSyntaxChecker.cpp heckSecuritySyntaxOnly.cpp heckSizeofPointer.cpp allocOverflowSecurityChecker.cpp allocSizeofChecker.cpp bjCContainersASTChecker.cpp irtualCallChecker.cpp
391165f4b6e90918dd8b97d6970617591821a8d8	07-Oct-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] RetainCountChecker: add support for CFAutorelease. <rdar://problems/13710586&13710643> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@192113 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
edcc199f5861dd8ad1ec3ad1b83512d2a92e515a	04-Oct-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Replace bug category magic strings with shared constants, take 2. Re-commit r191910 (reverted in r191936) with layering violation fixed, by moving the bug categories to StaticAnalyzerCore instead of ...Checkers. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@191937 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt StringChecker.cpp heckSizeofPointer.cpp langSACheckers.h ommonBugCategories.cpp
10a61586e12fcd94dad877cbcf09cc34aec980d8	04-Oct-2013	Richard Smith <richard-llvm@metafoo.co.uk>	Temporarily revert r191910 until the layering violation can be fixed. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@191936 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp heckSizeofPointer.cpp ommonBugCategories.cpp
4587cace907ed9a68256bdae506fbb8d93ac232c	03-Oct-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Replace bug category magic strings with shared constants. One small functionality change is to bring the sizeof-pointer checker in line with the other checkers by making its category be "Logic error" instead of just "Logic". There should be no other functionality changes. Patch by Daniel Marjamäki! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@191910 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp heckSizeofPointer.cpp ommonBugCategories.cpp
d000b852022bcd4fc14029b48d2fa873f63e4032	03-Oct-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add new debug helper clang_analyzer_warnIfReached. This will emit a warning if a call to clang_analyzer_warnIfReached is executed, printing REACHABLE. This is a more explicit way to declare expected reachability than using clang_analyzer_eval or triggering a bug (divide-by-zero or null dereference), and unlike the former will work the same in inlined functions and top-level functions. Like the other debug helpers, it is part of the debug.ExprInspection checker. Patch by Jared Grubb! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@191909 91177308-0d34-0410-b5e6-96231b3b80d8 xprInspectionChecker.cpp
7453624b98817f06d28ed2abe39c98805cfec623	02-Oct-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add missing return after function pointer null check. Also add some tests that there is actually a message and that the bug is actually a hard error. This actually behaved correctly before, because: - addTransition() doesn't actually add a transition if the new state is null; it assumes you want to propagate the predecessor forward and does nothing. - generateSink() is called in order to emit a bug report. - If at least one new node has been generated, the predecessor node is /not/ propagated forward. But now it's spelled out explicitly. Found by Richard Mazorodze, who's working on a patch that may require this. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@191805 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp
81557223ba8d7ef8b0468a6e1dc8fc79f2de46f2	25-Sep-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Handle destructors for the argument to C++ 'delete'. Now that the CFG includes nodes for the destructors in a delete-expression, process them in the analyzer using the same common destructor interface currently used for local, member, and base destructors. Also, check for when the value is known to be null, in which case no destructor is actually run. This does not yet handle destructors for deleted /arrays/, which may need more CFG work. It also causes a slight regression in the location of double delete warnings; the double delete is detected at the destructor call, which is implicit, and so is reported on the first access within the destructor instead of at the 'delete' statement. This will be fixed soon. Patch by Karthik Bhat! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@191381 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
767b3d2000a00c56e1a3c19372810e2b7d66b76c	22-Sep-2013	Benjamin Kramer <benny.kra@googlemail.com>	Fix array_pod_sort predicates after LLVM change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@191176 91177308-0d34-0410-b5e6-96231b3b80d8 ebugCheckers.cpp
2d46cc271e209ff6d4ec8f77d242288ef51cf79b	22-Sep-2013	Benjamin Kramer <benny.kra@googlemail.com>	array_pod_sort loses some type safety, better use the right types. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@191174 91177308-0d34-0410-b5e6-96231b3b80d8 ebugCheckers.cpp
52e2d30430981289736e03d891db91af6b1397c5	22-Sep-2013	Benjamin Kramer <benny.kra@googlemail.com>	Rewrite a cold use of std::sort to array_pod_sort. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@191173 91177308-0d34-0410-b5e6-96231b3b80d8 ebugCheckers.cpp
73fa2525b4d8b9768dbc1e5a09976d6f9e568e23	17-Sep-2013	Anna Zaks <ganna@apple.com>	[analyzer] Stop tracking the objects with attribute cleanup in the RetainCountChecker. This suppresses false positive leaks. We stop tracking a value if it is assigned to a variable declared with a cleanup attribute. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@190835 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
30845189af590de0af68ad9c7c47dd789ee28df2	16-Sep-2013	Anton Yartsev <anton.yartsev@gmail.com>	New message for cases when ownership is taken: "+method_name: cannot take ownership of memory allocated by 'new'." instead of the old "Memory allocated by 'new' should be deallocated by 'delete', not +method_name" git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@190800 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
57b1da1588a3f5785ad8bd5d9f2d795d685e1058	14-Sep-2013	Cameron Esfahani <dirty@apple.com>	Clean up some Triple usage in clang. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@190737 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp
a1ec2b0dbfd33cc3b4b7ac003a390995fc2305c6	13-Sep-2013	Jordan Rose <jordan_rose@apple.com>	Fix two incorrect comments. Patch by Jared Grubb! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@190652 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp
2d2aed29220dcad17c36479901281376e36637eb	11-Sep-2013	Eli Friedman <eli.friedman@gmail.com>	Get rid of unused isPodLike definition. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@190463 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
caa5ab264ddea332e8423af1ebcea50d0cb37206	03-Sep-2013	Aaron Ballman <aaron@aaronballman.com>	Switched FormatAttr to using an IdentifierArgument instead of a StringArgument since that is a more accurate modeling. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@189851 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
344472ebeded2fca2ed5013b9e87f81d09bfa908	23-Aug-2013	Robert Wilhelm <robert.wilhelm@gmx.net>	Use pop_back_val() instead of both back() and pop_back(). No functionality change intended. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@189112 91177308-0d34-0410-b5e6-96231b3b80d8 eadStoresChecker.cpp
51718e3555404192040a5fad715367bc4cef22fb	19-Aug-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Don't run unreachable code checker on inlined functions. This is still an alpha checker, but we use it in certain tests to make sure something is not being executed. This should fix the buildbots. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@188682 91177308-0d34-0410-b5e6-96231b3b80d8 nreachableCodeChecker.cpp
a728e927c6e58f26b2c8615a8baa761d2f157e4b	19-Aug-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Assume that strings are no longer than SIZE_MAX/4. This keeps the analyzer from making silly assumptions, like thinking strlen(foo)+1 could wrap around to 0. This fixes PR16558. Patch by Karthik Bhat! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@188680 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
7d0dcd2de023e2667a3f1f14daff9d087fab9bf7	19-Aug-2013	Jordan Rose <jordan_rose@apple.com>	Omit arguments of __builtin_object_size from the CFG. This builtin does not actually evaluate its arguments for side effects, so we shouldn't include them in the CFG. In the analyzer, rely on the constant expression evaluator to get the proper semantics, at least for now. (In the future, we could get ambitious and try to provide path- sensitive size values.) In theory, this does pose a problem for liveness analysis: a variable can be used within the __builtin_object_size argument expression but not show up as live. However, it is very unlikely that such a value would be used to compute the object size and not used to access the object in some way. <rdar://problem/14760817> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@188679 91177308-0d34-0410-b5e6-96231b3b80d8 uiltinFunctionChecker.cpp
2104374e29e2cca55c3c0bce41fa77d92527a695	17-Aug-2013	Ted Kremenek <kremenek@apple.com>	Use the number of parameters in the actual method or function to determine the CallEffects size. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@188587 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
a1da6b24327b2c311f3e4689d45427c11fc73398	16-Aug-2013	Benjamin Kramer <benny.kra@googlemail.com>	RetainCountChecker: Replace some loops with std:: algorithms. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@188581 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
8fd67b6bcbfc659106170155ba2ff559b45fbabb	16-Aug-2013	Ted Kremenek <kremenek@apple.com>	Revert r188574. Turns out it isn't needed. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@188578 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
747797f0b494ab4c708c22f787c5e3c56895bc3d	16-Aug-2013	Fariborz Jahanian <fjahanian@apple.com>	Need summary info. about arguments to CF functions coming from static analyzer API. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@188574 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
68502e52938f84b97267b51e86d4a90a11552512	15-Aug-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] If realloc fails on an escaped region, that region doesn't leak. When a region is realloc()ed, MallocChecker records whether it was known to be allocated or not. If it is, and the reallocation fails, the original region has to be freed. Previously, when an allocated region escaped, MallocChecker completely stopped tracking it, so a failed reallocation still (correctly) wouldn't require freeing the original region. Recently, however, MallocChecker started tracking escaped symbols, so that if it were freed we could check that the deallocator matched the allocator. This broke the reallocation model for whether or not a symbol was allocated. Now, MallocChecker will actually check if a symbol is owned, and only require freeing after a failed reallocation if it was owned before. PR16730 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@188468 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
53c7ea1517fc9080b30b054c578cb407de12d5b5	15-Aug-2013	Ted Kremenek <kremenek@apple.com>	[static analyzer] add a simple "CallEffects" API to query the retain count semantics of a method. This is intended to be a simplified API, whose internals are deliberately less efficient for the purpose of a simplified interface, for use with clients that want to query the analyzer's heuristics for determining retain count semantics. There are no immediate clients, but it is intended to be used by the ObjC modernizer. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@188433 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
5774e390199a572d10b22c78a80ed2cdde94304d	15-Aug-2013	Ted Kremenek <kremenek@apple.com>	[static analyzer] Factor out ArgEffect and RetEffect into public header file. This is a WIP change to allow other clients to query the retain count heuristics of the static analyzer. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@188432 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
a79a20e054312bc6673d4ddb8254d8d2681bed9c	09-Aug-2013	Benjamin Kramer <benny.kra@googlemail.com>	DirectIvarAssignment: Replace vtable'd objects with simple functions. Avoids unnecessary static constructors. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@188083 91177308-0d34-0410-b5e6-96231b3b80d8 irectIvarAssignment.cpp
fa220f58f02014e4a3389f429b82948a09dc4986	09-Aug-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Warn when using 'delete' on an uninitialized variable. Patch by Karthik Bhat, modified slightly by me. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@188043 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp
4ac73c7514f9e836b4d9781738f333c5cb91cb63	08-Aug-2013	Stephen Hines <srhines@google.com>	Merge commit '51e75aecf4fb303b91c9e54fd88e3509e5acc7a6' into merge-20130807 Conflicts: lib/Basic/Targets.cpp lib/Sema/SemaDeclAttr.cpp Change-Id: If457223ecbee9e43c73d15333bf10d36590d05c4
a7b879723d3989d85b9492fd8218e7d745367fe3	07-Aug-2013	Jordan Rose <jordan_rose@apple.com>	Eliminate CXXConstructorDecl::IsImplicitlyDefined. This field is just IsDefaulted && !IsDeleted; in all places it's used, a simple check for isDefaulted() is superior anyway, and we were forgetting to set it in a few cases. Also eliminate CXXDestructorDecl::IsImplicitlyDefined, for the same reasons. No intended functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@187891 91177308-0d34-0410-b5e6-96231b3b80d8 ndefinedArraySubscriptChecker.cpp
d8188f8ad5d584b5f6e1f58e5a4882586cc630d4	02-Aug-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Don't process autorelease counts in synthesized function bodies. We process autorelease counts when we exit functions, but if there's an issue in a synthesized body the report will get dropped. Just skip the processing for now and let it get handled when the caller gets around to processing autoreleases. (This is still suboptimal: objects autoreleased in the caller context should never be warned about when exiting a callee context, synthesized or not.) Second half of <rdar://problem/14611722> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@187625 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
a5e660188a3c654cf0c88ed1093b28207e870b2b	20-Jul-2013	Eli Friedman <eli.friedman@gmail.com>	Make IgnoreParens() look through ChooseExprs. This is the same way GenericSelectionExpr works, and it's generally a more consistent approach. A large part of this patch is devoted to caching the value of the condition of a ChooseExpr; it's needed to avoid threading an ASTContext into IgnoreParens(). Fixes <rdar://problem/14438917>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@186738 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp
ac7cc2d37e82181e73fcc265c1d0a619d18b7605	19-Jul-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Include analysis stack in crash traces. Sample output: 0. Program arguments: ... 1. <eof> parser at end of file 2. While analyzing stack: #0 void inlined() #1 void test() 3. crash-trace.c:6:3: Error evaluating statement git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@186639 91177308-0d34-0410-b5e6-96231b3b80d8 xprInspectionChecker.cpp
3aa29df37b140f9c6786b6863a0cac195071b598	15-Jul-2013	Craig Topper <craig.topper@gmail.com>	Add 'static' and 'const' qualifiers to some arrays of strings. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@186314 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
7c0a8b560ae78b28d72bff8614b94ac05cb2b469	12-Jul-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add support for __builtin_addressof. ...so we don't regress on std::addressof. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@186140 91177308-0d34-0410-b5e6-96231b3b80d8 uiltinFunctionChecker.cpp
09d19efaa147762f84aed55efa7930bb3616a4e5	04-Jul-2013	Craig Topper <craig.topper@gmail.com>	Use SmallVectorImpl instead of SmallVector for iterators and references to avoid specifying the vector size unnecessarily. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@185610 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp impleStreamChecker.cpp
2a02f4d535ddae30898f013649d8c1902082921c	03-Jul-2013	Pavel Labath <labath@google.com>	[analyzer] Improve handling of noreturn destructors Summary: The analyzer incorrectly handled noreturn destructors which were hidden inside function calls. This happened because NoReturnFunctionChecker only listened for PostStmt events, which are not executed for destructor calls. I've changed it to listen to PostCall events, which should catch both cases. Reviewers: jordan_rose CC: cfe-commits Differential Revision: http://llvm-reviews.chandlerc.com/D1056 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@185522 91177308-0d34-0410-b5e6-96231b3b80d8 oReturnFunctionChecker.cpp
fa8277c52afa18430407f4a0a6d9878b1cce146a	24-Jun-2013	Eli Friedman <eli.friedman@gmail.com>	Use getAs<> where appropriate on QualTypes instead of using dyn_cast. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@184775 91177308-0d34-0410-b5e6-96231b3b80d8 heckSecuritySyntaxOnly.cpp
9f7ba9bd52823eb0fdb64767f2d09fb6b96b8179	24-Jun-2013	Anna Zaks <ganna@apple.com>	[analyzer] Add a debug checker that prints Exploded Graph Add a debug checker that is useful to understand how the ExplodedGraph is built; it can be triggered using the following command: clang -cc1 -analyze -analyzer-checker=debug.ViewExplodedGraph my_program.c A patch by Béatrice Creusillet! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@184768 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td ebugCheckers.cpp
dbcc7561f6964404c590f42454a249af5324fa44	24-Jun-2013	Reid Kleckner <reid@kleckner.net>	Check the canonical parameter type with getAs<>() in a static checker This will prevent breakage when I introduce the DecayedType sugar node. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@184755 91177308-0d34-0410-b5e6-96231b3b80d8 heckSecuritySyntaxOnly.cpp
2ffcd18b845d4f855074ff7011c46e20616e08fd	22-Jun-2013	Anna Zaks <ganna@apple.com>	[analyzer] Use output form collections’ count to decide if ObjC for loop should be entered This fixes false positives by allowing us to know that a loop is always entered if the collection count method returns a positive value and vice versa. Addresses radar://14169391. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@184618 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
37926da411d5a0047240b3ffd4dad0c4838aac57	19-Jun-2013	Pavel Labath <labath@google.com>	Fix a crash in the static analyzer (bug #16307) Summary: When processing a call to a function, which got passed less arguments than it expects, the analyzer would crash. I've also added a test for that and a analyzer warning which detects these cases. CC: cfe-commits Differential Revision: http://llvm-reviews.chandlerc.com/D994 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@184288 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp
52810c51afaa10b30319d236d353d70534cf9356	19-Jun-2013	Anna Zaks <ganna@apple.com>	[analyzer] Do not report uninitialized value warnings inside swap functions. This silences warnings that could occur when one is swapping partially initialized structs. We suppress not only the assignments of uninitialized members, but any values inside swap because swap could potentially be used as a subroutine to swap class members. This silences a warning from std::try::function::swap() on partially initialized objects. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@184256 91177308-0d34-0410-b5e6-96231b3b80d8 ndefResultChecker.cpp ndefinedAssignmentChecker.cpp
cff15128c6c089bd6fae841b80680e6f5afbf0bf	17-Jun-2013	Reid Kleckner <reid@kleckner.net>	[AST] Don't include RecursiveASTVisitor.h in ASTContext.h The untemplated implementation of getParents() doesn't need to be in a header file. RecursiveASTVisitor.h is full of repeated macro expansion. Moving this include to ASTContext.cpp speeds up compilation of LambdaMangleContext.cpp, a small C++ file with few includes, from 3.7s to 2.8s for me locally. I haven't measured a full build, but it can't hurt. I had to fix a few static analyzer files that were depending on transitive includes of C++ AST headers. Reviewers: rsmith, klimek Differential Revision: http://llvm-reviews.chandlerc.com/D982 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@184075 91177308-0d34-0410-b5e6-96231b3b80d8 ndefinedArraySubscriptChecker.cpp
2049840b0ffe8ee4bf39051cfa8ca08440c8f667	12-Jun-2013	Stephen Hines <srhines@google.com>	Merge commit '1342a4ef62dd7b839c6f09348b246a4f00282f29' into merge_20130612
3b8f77d09d0fe9af717bd89b7407d81d18557d71	12-Jun-2013	Pavel Labath <labath@google.com>	Fix memory corruption in CStringChecker Summary: "register" functions for the checker were caching the checker objects in a static variable. This caused problems when the function is called with a different CheckerManager. Reviewers: klimek CC: cfe-commits Differential Revision: http://llvm-reviews.chandlerc.com/D955 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@183823 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
3370859a809e5fa6c27659095c7349ce1c321233	08-Jun-2013	Anna Zaks <ganna@apple.com>	[analyzer] Minor fixups to r183062 Based on feedback from Jordan. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@183600 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
e7a5c829540a452f30cd5a1c0609dddcb1af33ce	01-Jun-2013	Anna Zaks <ganna@apple.com>	[analyzer] Malloc checker should only escape the receiver when “[O init..]” is called. Jordan has pointed out that it is valuable to warn in cases when the arguments to init escape. For example, NSData initWithBytes id not going to free the memory. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@183062 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
ee1af2398086464cfa2b7306ac4d8359d61872ee	01-Jun-2013	Anna Zaks <ganna@apple.com>	[analyzer] Fix a false positive reported on rare strange code, which happens to be in JSONKit git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@183055 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
872db39510372c4acd8851a3b956e1a135cfcd41	25-May-2013	Duncan Sands <baldrick@free.fr>	Fix comment type pointed out by Kim Gräsman. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@182702 91177308-0d34-0410-b5e6-96231b3b80d8 heckerDocumentation.cpp
809b981cef3ab653370a812917de7e8a762e74cd	24-May-2013	Duncan Sands <baldrick@free.fr>	Fix comment typo pointed out by maslen on IRC. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@182642 91177308-0d34-0410-b5e6-96231b3b80d8 heckerDocumentation.cpp
d049b40ef411eee12a735233dbe04fdc42c67e1a	16-May-2013	Jordan Rose <jordan_rose@apple.com>	Remove unused, awkward CFGStmtVisitor and subclasses. This class is a StmtVisitor that distinguishes between block-level and non-block-level statements in a CFG. However, it does so using a hard-coded idea of which statements might be block-level, which probably isn't accurate anymore. The only implementer of the CFGStmtVisitor hierarchy was the analyzer's DeadStoresChecker, and the analyzer creates a linearized CFG anyway (every non-trivial statement is a block-level statement). This also allows us to remove the block-expr map ("BlkExprMap"), which mapped statements to positions in the CFG. Apart from having a helper type that really should have just been Optional<unsigned>, it was only being used to ask /if/ a particular expression was block-level, for traversal purposes in CFGStmtVisitor. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@181945 91177308-0d34-0410-b5e6-96231b3b80d8 eadStoresChecker.cpp
ef202c35b37c137e32fe30f4453915b6d3b525d7	14-May-2013	Anna Zaks <ganna@apple.com>	[analyzer] Refactor: address Jordan’s code review of r181738. (Modifying the checker to record that the values are no longer nil will be done separately.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@181744 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
b834a78f9b79cb71b093ebbbb381b92f9d4bbf3b	13-May-2013	Anna Zaks <ganna@apple.com>	[analyzer] Warn about nil elements/keys/values in array and dictionary literals. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@181738 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
f2d8fbed93541b74c3a84bf788f151df2d543b27	10-May-2013	Anna Zaks <ganna@apple.com>	[analyzer] Assume [NSNull null] does not return nil. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@181616 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
374ae320b87c15b0262c40e5c46e8990111df5ca	10-May-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Indirect invalidation counts as an escape for leak checkers. Consider this example: char p = malloc(sizeof(char)); systemFunction(&p); free(p); In this case, when we call systemFunction, we know (because it's a system function) that it won't free 'p'. However, we /don't/ know whether or not it will /change/ 'p', so the analyzer is forced to invalidate 'p', wiping out any bindings it contains. But now the malloc'd region looks like a leak, since there are no more bindings pointing to it, and we'll get a spurious leak warning. The fix for this is to notice when something is becoming inaccessible due to invalidation (i.e. an imperfect model, as opposed to being explicitly overwritten) and stop tracking it at that point. Currently, the best way to determine this for a call is the "indirect escape" pointer-escape kind. In practice, all the patch does is take the "system functions don't free memory" special case and limit it to direct parameters, i.e. just the arguments to a call and not other regions accessible to them. This is a conservative change that should only cause us to escape regions more eagerly, which means fewer leak warnings. This isn't perfect for several reasons, the main one being that this example is treated the same as the one above: char p = malloc(sizeof(char )); systemFunction(p + 1); // leak Currently, "addresses accessible by offsets of the starting region" and "addresses accessible through bindings of the starting region" are both considered "indirect" regions, hence this uniform treatment. Another issue is our longstanding problem of not distinguishing const and non-const bindings; if in the first example systemFunction's parameter were a char * const *, we should know that the function will not overwrite 'p', and thus we can safely report the leak. <rdar://problem/13758386> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@181607 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp impleStreamChecker.cpp
83eba02c2ea333015335e2f74c4d11c5315b655d	03-May-2013	Stephen Hines <srhines@google.com>	Merge remote-tracking branch 'upstream/master' into merge-20130502
8a729b4b20796bc0ca25e8d86d57c0cd0c5e40d4	02-May-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] RetainCountChecker: don't track through xpc_connection_set_context. It is unfortunate that we have to mark these exceptions in multiple places. This was already in CallEvent. I suppose it does let us be more precise about saying /which/ arguments have their retain counts invalidated -- the connection's is still valid even though the context object's isn't -- but we're not tracking the retain count of XPC objects anyway. <rdar://problem/13783514> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@180904 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
5d2e4e1f9ed87ea26295e891acf7e5a3b106f194	26-Apr-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] An ObjC for-in loop runs 0 times if the collection is nil. In an Objective-C for-in loop "for (id element in collection) {}", the loop will run 0 times if the collection is nil. This is because the for-in loop is implemented using a protocol method that returns 0 when there are no elements to iterate, and messages to nil will result in a 0 return value. At some point we may want to actually model this message send, but for now we may as well get the nil case correct, and avoid the false positives that would come with this case. <rdar://problem/13744632> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@180639 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
9ed6d8068f767819951bc4eebf6f4912087c442a	25-Apr-2013	Anna Zaks <ganna@apple.com>	[analyzer] Teach DeadStoreChecker to look though BO_Comma and disregard the LHS. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@180579 91177308-0d34-0410-b5e6-96231b3b80d8 eadStoresChecker.cpp
3d8f462d58a4be21f9f5d287253b9b2565506ca5	25-Apr-2013	Anna Zaks <ganna@apple.com>	[analyzer] Fix a crash in RetainCountChecker - we should not rely on CallEnter::getCallExpr to return non-NULL We get a CallEnter with a null expression, when processing a destructor. All other users of CallEnter::getCallExpr work fine with null as return value. (Addresses PR15832, Thanks to Jordan for reducing the test case!) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@180234 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
caadc413a88e864e058a3bea832f42debd8ddef2	24-Apr-2013	Anna Zaks <ganna@apple.com>	[analyzer] IvarInvalidation: correctly handle cases where only partial invalidators exist - If only partial invalidators exist and there are no full invalidators in @implementation, report every ivar that has not been invalidated. (Previously, we reported the first Ivar in the list, which could actually have been invalidated by a partial invalidator. The code assumed you cannot have only partial invalidators.) - Do not report missing invalidation method declaration if a partial invalidation method declaration exists. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@180170 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
e3a813abc1874bbd842bcfbdd0fd676fb5cfdde8	24-Apr-2013	Anna Zaks <ganna@apple.com>	[analyzer] Set the allocation site to be the uniqueing location for retain count checker leaks. The uniqueing location is the location which is part of the hash used to determine if two reports are the same. This is used by the CmpRuns.py script to compare two analyzer runs and determine which warnings are new. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@180166 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
2545b1d99942080bac4a74cda92c620123d0d6e9	23-Apr-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] RetainCountChecker: Clean up path notes for autorelease. No functionality change. <rdar://problem/13710586> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@180075 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
af22621352481e91488a54ea0e0b5e73f6551ab7	23-Apr-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Model strsep(), particularly that it returns its input. This handles the false positive leak warning in PR15374, and also serves as a basic model for the strsep() function. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@180069 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
fbc4444eb2675934b44f3720ef9a5f368ecbeb0a	22-Apr-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Type information from C++ new expressions is perfect. This improves our handling of dynamic_cast and devirtualization for objects allocated by 'new'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@180051 91177308-0d34-0410-b5e6-96231b3b80d8 ynamicTypePropagation.cpp
898be7b4a7b0a527d9bd2569eebc41a198e6e528	17-Apr-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Don't warn for returning void expressions in void blocks. This was slightly tricky because BlockDecls don't currently store an inferred return type. However, we can rely on the fact that blocks with inferred return types will have return statements that match the inferred type. <rdar://problem/13665798> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179699 91177308-0d34-0410-b5e6-96231b3b80d8 eturnUndefChecker.cpp
08a838d16825159f7d0ae20d171aa5b3ebab3939	16-Apr-2013	Ted Kremenek <kremenek@apple.com>	[analyzer] Add experimental option "leak-diagnostics-reference-allocation". This is an opt-in tweak for leak diagnostics to reference the allocation site if the diagnostic consumer only wants a pithy amount of information, and not the entire path. This is a strawman enhancement that I expect to see some experimentation with over the next week, and can go away if we don't want it. Currently it is only used by RetainCountChecker, but could be used by MallocChecker if and when we decide this should stay in. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179634 91177308-0d34-0410-b5e6-96231b3b80d8 llocationDiagnostics.cpp llocationDiagnostics.h MakeLists.txt etainCountChecker.cpp
ec4fbc6144c1edcd82ec71a16ee3d0dfb94dfeae	16-Apr-2013	Ted Kremenek <kremenek@apple.com>	Properly sort list. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179627 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
148d9223f02dba1ba6e40848d413daa3ffc09dfe	16-Apr-2013	Anna Zaks <ganna@apple.com>	[analyzer] Improve the malloc checker stack hint message git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179580 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
9df151c5bc2a746096632bbd21dc61e18675ed55	13-Apr-2013	Anton Yartsev <anton.yartsev@gmail.com>	[analyzer] Enable NewDelete checker if NewDeleteLeaks checker is enabled. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179428 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
b1b683ea5f1ff161b6bbdf2e2519317618ee2811	12-Apr-2013	Anton Yartsev <anton.yartsev@gmail.com>	[analyzer] Makes NewDeleteLeaks checker work independently from NewDelete. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179410 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
9e2f5977a180ae927d05e844c65b8a7873be48a4	12-Apr-2013	Anna Zaks <ganna@apple.com>	[analyzer]Print field region even when the base region is not printable git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179395 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
6026df1e5d518a958aef342d55a9e5d0fbdb85ca	12-Apr-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Fix grammar in comment. By Adam Schnitzer! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179352 91177308-0d34-0410-b5e6-96231b3b80d8 ebugCheckers.cpp
9ae7a92009c468d01d233e6a9f37ab04946864f9	11-Apr-2013	Anton Yartsev <anton.yartsev@gmail.com>	[analyzer] Refactoring: better doxygen comment; renaming isTrackedFamily to isTrackedByCurrentChecker git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179242 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
8cf91f7efb4dcb238fe443915d9a30119ce5b70c	11-Apr-2013	Anna Zaks <ganna@apple.com>	[analyzer] Address Jordan’s review of r179219 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179235 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp etainCountChecker.cpp
ee9043ba7c6934d248d4f0e2abded18e26b81df8	11-Apr-2013	Anna Zaks <ganna@apple.com>	[analyzer] Address Jordan’s code review of r 179221 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179234 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
55e57a50a36749ce0483db2f16259649c9d25792	11-Apr-2013	Anton Yartsev <anton.yartsev@gmail.com>	[analyzer] Switched to checkPreCall interface for detecting usage after free. Now the check is also applied to arguments for Objective-C method calls and to 'this' pointer. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179230 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
fececcbc3890955fd46f92036e9cb6ee7d0a60f4	11-Apr-2013	Anna Zaks <ganna@apple.com>	[analyzer] Fix a crash in SyntaxCString checker when given a custom strncat. Fixes PR13476 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179228 91177308-0d34-0410-b5e6-96231b3b80d8 StringSyntaxChecker.cpp
7a87e520e42c1e58c358e3a9a436ef17f551fd13	10-Apr-2013	Anna Zaks <ganna@apple.com>	[analyzer] When reporting a leak in RetainCount checker due to an early exit from init, step into init. The heuristic here (proposed by Jordan) is that, usually, if a leak is due to an early exit from init, the allocation site will be a call to alloc. Note that in other cases init resets self to [super init], which becomes the allocation site of the object. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179221 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
27d99dd714895564b526b786284a46b40f53be01	10-Apr-2013	Anna Zaks <ganna@apple.com>	[analyzer] Cleanup leak warnings: do not print the names of variables from other functions. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179219 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp etainCountChecker.cpp
a5796f87229b4aeebca71fa6ee1790ae7a5a0382	09-Apr-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Replace isIntegerType() with isIntegerOrEnumerationType(). Previously, the analyzer used isIntegerType() everywhere, which uses the C definition of "integer". The C++ predicate with the same behavior is isIntegerOrUnscopedEnumerationType(). However, the analyzer is /really/ using this to ask if it's some sort of "integrally representable" type, i.e. it should include C++11 scoped enumerations as well. hasIntegerRepresentation() sounds like the right predicate, but that includes vectors, which the analyzer represents by its elements. This commit audits all uses of isIntegerType() and replaces them with the general isIntegerOrEnumerationType(), except in some specific cases where it makes sense to exclude scoped enumerations, or any enumerations. These cases now use isIntegerOrUnscopedEnumerationType() and getAs<BuiltinType>() plus BuiltinType::isInteger(). isIntegerType() is hereby banned in the analyzer - lib/StaticAnalysis and include/clang/StaticAnalysis. :-) Fixes real assertion failures. PR15703 / <rdar://problem/12350701> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179081 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp heckSecuritySyntaxOnly.cpp allocSizeofChecker.cpp
0413023bed8ec91d3642cd6ff114957badf51f31	09-Apr-2013	Anna Zaks <ganna@apple.com>	[analyzer] Keep tracking the pointer after the escape to more aggressively report mismatched deallocator Test that the path notes do not change. I don’t think we should print a note on escape. Also, I’ve removed a check that assumed that the family stored in the RefStete could be AF_None and added an assert in the constructor. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179075 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
f34cb3d3df1612e14a19d259afa3424337cd315e	08-Apr-2013	Ted Kremenek <kremenek@apple.com>	Tweak warning text for nil value in ObjC container warning. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179034 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
68eb4c25e961d18f82b47a0a385f90d7af09bcc3	06-Apr-2013	Anna Zaks <ganna@apple.com>	[analyzer] Shorten the malloc checker’s leak message As per Ted’s suggestion! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178938 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
24cac5a4847b9e4673afb9fd02701f273097f57a	06-Apr-2013	Anna Zaks <ganna@apple.com>	[analyzer] Reword error messages for nil keys and values of NSMutableDictionary. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178935 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
a3989b8f54421cd90a48ace8820c7147cea6bb3d	05-Apr-2013	Anton Yartsev <anton.yartsev@gmail.com>	[analyzer] Eliminates all the cases with unknown family. Now treat AF_None family as impossible in isTrackedFamily() git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178899 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
e449edc5bdace60f9d754c32abc5459bc7d94a14	05-Apr-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Re-enable cplusplus.NewDelete (but not NewDeleteLeaks). As mentioned in the previous commit message, the use-after-free and double-free warnings for 'delete' are worth enabling even while the leak warnings still have false positives. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178891 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
e85deb356f5d2d2172b7ef70314bc9cfc742a936	05-Apr-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Split new/delete checker into use-after-free and leaks parts. This splits the leak-checking part of alpha.cplusplus.NewDelete into a separate user-level checker, alpha.cplusplus.NewDeleteLeaks. All the difficult false positives we've seen with the new/delete checker have been spurious leak warnings; the use-after-free warnings and mismatched deallocator warnings, while rare, have always been valid. <rdar://problem/6194569> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178890 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td allocChecker.cpp
a3ae937ab7b7026953b6e93e0159cf1dd918e2a1	05-Apr-2013	Anton Yartsev <anton.yartsev@gmail.com>	[analyzer] Path notes for the MismatchedDeallocator checker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178862 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
418780f132a6d790b248ef91e1067c3c3dd31350	05-Apr-2013	Anton Yartsev <anton.yartsev@gmail.com>	[analyzer] Check allocation family more precise. The statement passed to isTrackedFamily() might be a user defined function calling malloc; in this case we got AF_NONE family for this function. Now the allocation family is derived from Sym, that holds a family of a real allocator. This commit is also a movement towards getting rid of tracking memory allocating by unknown means. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178834 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
c84543123a12045f8a1415c1f05b647b70190f34	05-Apr-2013	Anton Yartsev <anton.yartsev@gmail.com>	[analyzer] Corrected the switch statement. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178831 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
9c6bbb3492cc34df1eed1e151c94935846edc17f	05-Apr-2013	Anton Yartsev <anton.yartsev@gmail.com>	[analyzer] Fully-covered switch for families in isTrackedFamily() git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178820 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
648cb71625a2ab3164b2cacac9e9cb3d22b03bd7	05-Apr-2013	Anton Yartsev <anton.yartsev@gmail.com>	[analyzer] Reduced the unwanted correlations between checkers living inside MallocChecker.cpp This fixes an issue pointed to by Jordan: if unix.Malloc and unix.MismatchedDeallocator are both on, then we end up still tracking leaks of memory allocated by new. Moved the guards right before emitting the bug reports to unify and simplify the logic of handling of multiple checkers. Now all the checkers perform their checks regardless of if they were enabled, or not, and it is decided just before the emitting of the report, if it should be emitted. (idea from Anna). Additional changes: improved test coverage for checker correlations; refactoring: BadDealloc -> MismatchedDealloc git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178814 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
44405b7aacdb869be129430313a7bcb050336aa4	05-Apr-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] RetainCountChecker: refactor annotation handling. ...and add a new test case. I thought this was broken, but it isn't; refactoring and reformatting anyway so that I don't make the same mistake again. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178799 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
88530f880e7f3b1874f6bb98d7cfe84348ed0227	03-Apr-2013	Anna Zaks <ganna@apple.com>	[analyzer] Rename “Mac OS X API”, “Mac OS API” -> “API Misuse (Apple)” As they are relevant on both Mac and iOS. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178687 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td acOSKeychainAPIChecker.cpp acOSXAPIChecker.cpp
841f16846e17f625874ecfe9c6dba822d29a2b95	03-Apr-2013	Anna Zaks <ganna@apple.com>	[analyzer] Warn when nil receiver results in forming null reference This also allows us to ensure IDC/return null suppression gets triggered in such cases. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178686 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp
ecee1651c100342366a9417c85c6e50399039930	03-Apr-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Better model for copying of array fields in implicit copy ctors. - Find the correct region to represent the first array element when constructing a CXXConstructorCall. - If the array is trivial, model the copy with a primitive load/store. - Don't warn about the "uninitialized" subscript in the AST -- we don't use the helper variable that Sema provides. <rdar://problem/13091608> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178602 91177308-0d34-0410-b5e6-96231b3b80d8 ndefinedArraySubscriptChecker.cpp
3d11708c491a96198ebfee49079ae458ed90eaf8	02-Apr-2013	Anton Yartsev <anton.yartsev@gmail.com>	[analyzer] Moving cplusplus.NewDelete to alpha.* for now. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178529 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
123243cfd80f790a27edd1b829cd190a85f6c006	29-Mar-2013	Anna Zaks <ganna@apple.com>	[analyzer] Document existence of ConstPointerEscape. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178311 91177308-0d34-0410-b5e6-96231b3b80d8 heckerDocumentation.cpp
41988f331a74a72cf243a2a68ffb56418e9a174e	29-Mar-2013	Anna Zaks <ganna@apple.com>	[analyzer] Add support for escape of const pointers and use it to allow “newed” pointers to escape Add a new callback that notifies checkers when a const pointer escapes. Currently, this only works for const pointers passed as a top level parameter into a function. We need to differentiate the const pointers escape from regular escape since the content pointed by const pointer will not change; if it’s a file handle, a file cannot be closed; but delete is allowed on const pointers. This should suppress several false positives reported by the NewDelete checker on llvm codebase. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178310 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
aabb4c5eacca6d78ef778f33ec5cd4c755d71a39	29-Mar-2013	Anna Zaks <ganna@apple.com>	[analyzer] Apply the suppression rules to the nil receiver only if the value participates in the computation of the nil we warn about. We should only suppress a bug report if the IDCed or null returned nil value is directly related to the value we are warning about. This was not the case for nil receivers - we would suppress a bug report that had an IDCed nil receiver on the path regardless of how it’s related to the warning. 1) Thread EnableNullFPSuppression parameter through the visitors to differentiate between tracking the value which is directly responsible for the bug and other values that visitors are tracking (ex: general tracking of nil receivers). 2) in trackNullOrUndef specifically address the case when a value of the message send is nil due to the receiver being nil. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178309 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp ndefCapturedBlockVarChecker.cpp
65a0892ff5f2c2a70d48b8b649c80967eab67c5e	28-Mar-2013	Ted Kremenek <kremenek@apple.com>	Use early return in printing logic. Minor cleanup. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178264 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
03852c8717b45ece934f7740a100de526a734641	28-Mar-2013	Eric Christopher <echristo@gmail.com>	Fix order of initialization warning. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178255 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
849c7bf718ed3c08bd66b93f0bd508a44bb2f669	28-Mar-2013	Anton Yartsev <anton.yartsev@gmail.com>	[analyzer] These implements unix.MismatchedDeallocatorChecker checker. + Improved display names for allocators and deallocators The checker checks if a deallocation function matches allocation one. ('free' for 'malloc', 'delete' for 'new' etc.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178250 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td allocChecker.cpp
697462881c4b9b704c7859f4bab0a6116c684bb1	28-Mar-2013	Anton Yartsev <anton.yartsev@gmail.com>	[analyzer] For now assume all standard global 'operator new' functions allocate memory in heap. + Improved test coverage for cplusplus.NewDelete checker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178244 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
4a49df3be929d442535d6721ab8a2bbc8a7cd528	27-Mar-2013	Anna Zaks <ganna@apple.com>	[analyzer] Ensure that the node NilReceiverBRVisitor is looking for is not reclaimed The visitor should look for the PreStmt node as the receiver is nil in the PreStmt and this is the node. Also, tag the nil receiver nodes with a special tag for consistency. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178152 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp
1533833e21ae5b3f5f39b168b3fbac109ee77008	27-Mar-2013	Anna Zaks <ganna@apple.com>	[analyzer] Make sure IDC works for ‘NSContainer value/key is nil’ checks. Register the nil tracking visitors with the region and refactor trackNullOrUndefValue a bit. Also adds the cast and paren stripping before checking if the value is an OpaqueValueExpr or ExprWithCleanups. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178093 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
2de19edab6001d2c17720d02fe0760b9b452192a	25-Mar-2013	Anton Yartsev <anton.yartsev@gmail.com>	[analyzer] Adds cplusplus.NewDelete checker that check for memory leaks, double free, and use-after-free problems of memory managed by new/delete. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@177849 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td allocChecker.cpp
b095782ec09329b474a4e0d0ccdad4c15d515b39	23-Mar-2013	Anna Zaks <ganna@apple.com>	[analyzer] Warn when a nil key or value are passed to NSMutableDictionary and ensure it works with subscripting. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@177789 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
f3e426b22a36fc31c00ebf7c0de3aa445758b7e6	21-Mar-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Print return values from debug.DumpCalls checker. Debug utility only, no functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@177649 91177308-0d34-0410-b5e6-96231b3b80d8 raversalChecker.cpp
af42246bdafd7145ef0f0daaddda7e8c41baf265	19-Mar-2013	Stephen Hines <srhines@google.com>	Update Clang for merge to r177345. Change-Id: I375c37904c0ca05b7bad8fc0fec0e21cc497cafc ndroid.mk
15d68882f5fa4afae8333e75b2bfd5e2834c8aaf	19-Mar-2013	Stephen Hines <srhines@google.com>	Merge branch 'upstream' into merge_2013_03_18 Conflicts: lib/Sema/SemaDeclAttr.cpp Change-Id: I05e70941163ec5a461eba43ef78f6738cd5a1e69
4b94f4daa13118441b4cf53b7e57cae1b48dc427	18-Mar-2013	Anna Zaks <ganna@apple.com>	[analyzer] Warn when a ‘nil’ object is added to NSArray or NSMutableArray. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@177318 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
0621c45dcd4c5f43df0de5a2febae525d3287b74	16-Mar-2013	Anna Zaks <ganna@apple.com>	[analyzer] Address a TODO in the StreamChecker; otherwise the output is non-deterministic. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@177207 91177308-0d34-0410-b5e6-96231b3b80d8 treamChecker.cpp
3258d4b3fb5922027747217e5e6f81a11878600d	13-Mar-2013	Anton Yartsev <anton.yartsev@gmail.com>	[analyzer] fixed the logic changed by r176949 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@176956 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
bb3699543e60594af7b5cbdb3b2e9acb816b3687	13-Mar-2013	Anton Yartsev <anton.yartsev@gmail.com>	Refactoring: + Individual Report* method for each bug type + Comment improved: missing non-trivial alloca() case annotated + 'range' parameter of ReportBadFree() capitalized + 'SymbolRef Sym = State->getSVal(A, C.getLocationContext()).getAsSymbol();' shorten to 'SymbolRef Sym = C.getSVal(A).getAsSymbol();' git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@176949 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
80412c4e28c8247ad9c8d30d04c94938f01b21fb	09-Mar-2013	Anna Zaks <ganna@apple.com>	[analyzer] Rename AttrNonNullChecker -> NonNullParamChecker git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@176755 91177308-0d34-0410-b5e6-96231b3b80d8 ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp MakeLists.txt heckers.td onNullParamChecker.cpp
9fe09f30f76cb65ca2a5fcd8e649f5b2f0cf02bd	09-Mar-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Be more consistent about Objective-C methods that free memory. Previously, MallocChecker's pointer escape check and its post-call state update for Objective-C method calls had a fair amount duplicated logic and not-entirely-consistent checks. This commit restructures all this to be more consistent and possibly allow us to be more aggressive in warning about double-frees. New policy (applies to system header methods only): (1) If this is a method we know about, model it as taking/holding ownership of the passed-in buffer. (1a) ...unless there's a "freeWhenDone:" parameter with a zero (NO) value. (2) If there's a "freeWhenDone:" parameter (but it's not a method we know about), treat the buffer as escaping if the value is non-zero (YES) and non-escaping if it's zero (NO). (3) If the first selector piece ends with "NoCopy" (but it's not a method we know about and there's no "freeWhenDone:" parameter), treat the buffer as escaping. The reason that (2) and (3) don't explicitly model the ownership transfer is because we can't be sure that they will actually free the memory using free(), and we wouldn't want to emit a spurious "mismatched allocator" warning (coming in Anton's upcoming patch). In the future, we may have an idea of a "generic deallocation", i.e. we assume that the deallocator is correct but still continue tracking the region so that we can warn about double-frees. Patch by Anton Yartsev, with modifications from me. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@176744 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
018e9aa033ff7363797c62fc3b14669d0558284b	07-Mar-2013	Anna Zaks <ganna@apple.com>	[analyzer] Warn on passing a reference to null pointer as an argument in a call Warn about null pointer dereference earlier when a reference to a null pointer is passed in a call. The idea is that even though the standard might allow this, reporting the issue earlier is better for diagnostics (the error is reported closer to the place where the pointer was set to NULL). This also simplifies analyzer’s diagnostic logic, which has to track “where the null came from”. As a consequence, some of our null pointer warning suppression mechanisms started triggering more often. TODO: Change the name of the file and class to reflect the new check. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@176612 91177308-0d34-0410-b5e6-96231b3b80d8 ttrNonNullChecker.cpp
c236b7327f989c1e7fe6b08a188bfef86727513d	07-Mar-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Check for returning null references in ReturnUndefChecker. Officially in the C++ standard, a null reference cannot exist. However, it's still very easy to create one: int &getNullRef() { int p = 0; return p; } We already check that binds to reference regions don't create null references. This patch checks that we don't create null references by returning, either. <rdar://problem/13364378> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@176601 91177308-0d34-0410-b5e6-96231b3b80d8 eturnUndefChecker.cpp
42773d64f98db0dd5cc80181c3b2d561851668f7	06-Mar-2013	Anna Zaks <ganna@apple.com>	[analyzer] Pass the correct Expr to the bug reporter visitors when dealing with CompoundLiteralExpr This allows us to trigger the IDC visitor in the added test case. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@176577 91177308-0d34-0410-b5e6-96231b3b80d8 ttrNonNullChecker.cpp
bd3aca04d304b9f31240b94af0aad818f6f932ab	06-Mar-2013	Stephen Hines <srhines@google.com>	Update build rules for Clang merge to version 176138. Change-Id: Ib028329a591e6175998d969f11b5404bf3f19e81 ndroid.mk
450b86c0c9ff8307f5145ced621914600196c500	06-Mar-2013	Stephen Hines <srhines@google.com>	Merge commit 'b58f810669d9c17bcc025b7560de01d162856f34' into merge_20130226 Conflicts: include/clang/Basic/LangOptions.def lib/Sema/SemaDeclAttr.cpp Change-Id: Ia10b4d3b2c949a72d328cb58b113f90237d4a5d5
5aff3f1e9a66fa72576a6b04c8c319c17e0360c6	05-Mar-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Don't let cf_audited_transfer override CFRetain semantics. We weren't treating a cf_audited_transfer CFRetain as returning +1 because its name doesn't contain "Create" or "Copy". Oops! Fortunately, the standard definitions of these functions are not marked audited. <rdar://problem/13339601> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@176463 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
a0e6e6dd37f4acee8477c106d5e5679de015d120	26-Feb-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] StackAddrEscapeChecker: strip qualifiers from temporary types. With the new support for trivial copy constructors, we are not always consistent about whether a CXXTempObjectRegion gets reused or created from scratch, which affects whether qualifiers are preserved. However, we probably don't care anyway. This also switches to using the current PrintingPolicy for the type, which means C++ types don't get a spurious 'struct' prefix anymore. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@176068 91177308-0d34-0410-b5e6-96231b3b80d8 tackAddrEscapeChecker.cpp
db061e40d639da0d938f915f0eef9e9772019c22	25-Feb-2013	Anna Zaks <ganna@apple.com>	[analyzer] Restrict ObjC type inference to methods that have related result type. This addresses a case when we inline a wrong method due to incorrect dynamic type inference. Specifically, when user code contains a method from init family, which creates an instance of another class. Use hasRelatedResultType() to find out if our inference rules should be triggered. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@176054 91177308-0d34-0410-b5e6-96231b3b80d8 ynamicTypePropagation.cpp
43b82b823a6113fdbee54243b280db9c55ef72cb	24-Feb-2013	Ted Kremenek <kremenek@apple.com>	[analyzer] tracking stores/constraints now works for ObjC ivars or struct fields. This required more changes than I originally expected: - ObjCIvarRegion implements "canPrintPretty" et al - DereferenceChecker indicates the null pointer source is an ivar - bugreporter::trackNullOrUndefValue() uses an alternate algorithm to compute the location region to track by scouring the ExplodedGraph. This allows us to get the actual MemRegion for variables, ivars, fields, etc. We only hand construct a VarRegion for C++ references. - ExplodedGraph no longer drops nodes for expressions that are marked 'lvalue'. This is to facilitate the logic in the previous bullet. This may lead to a slight increase in size in the ExplodedGraph, which I have not measured, but it is likely not to be a big deal. I have validated each of the changed plist output. Fixes <rdar://problem/12114812> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@175988 91177308-0d34-0410-b5e6-96231b3b80d8 ereferenceChecker.cpp
0dd15d78fb0c99faa5df724139ba4c16a9a345c6	24-Feb-2013	Ted Kremenek <kremenek@apple.com>	Add "KnownSVal" to represent SVals that cannot be UnknownSVal. This provides a few sundry cleanups, and allows us to provide a compile-time check for a case that was a runtime assertion. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@175987 91177308-0d34-0410-b5e6-96231b3b80d8 ndefCapturedBlockVarChecker.cpp
b07805485c603be3d8011f72611465324c9e664b	23-Feb-2013	David Blaikie <dblaikie@gmail.com>	Remove the CFGElement "Invalid" state. Use Optional<CFG*> where invalid states were needed previously. In the one case where that's not possible (beginAutomaticObjDtorsInsert) just use a dummy CFGAutomaticObjDtor. Thanks for the help from Jordan Rose & discussion/feedback from Ted Kremenek and Doug Gregor. Post commit code review feedback on r175796 by Ted Kremenek. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@175938 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp allocOverflowSecurityChecker.cpp nreachableCodeChecker.cpp
e13001441f95fd907228459a4d9310c113ac0a5b	21-Feb-2013	David Blaikie <dblaikie@gmail.com>	Add back implicitly dropped const. (found due to incoming improvements to llvm::cast machinery that will error on this sort of mistake) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@175817 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
7a95de68c093991047ed8d339479ccad51b88663	21-Feb-2013	David Blaikie <dblaikie@gmail.com>	Replace ProgramPoint llvm::cast support to be well-defined. See r175462 for another example/more details. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@175812 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp rrayBoundChecker.cpp StringChecker.cpp dempotentOperationChecker.cpp acOSKeychainAPIChecker.cpp allocChecker.cpp etainCountChecker.cpp eturnPointerRangeChecker.cpp ndefBranchChecker.cpp nreachableCodeChecker.cpp
fdf6a279c9a75c778eba382d9a156697092982a1	21-Feb-2013	David Blaikie <dblaikie@gmail.com>	Replace CFGElement llvm::cast support to be well-defined. See r175462 for another example/more details. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@175796 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp allocOverflowSecurityChecker.cpp nreachableCodeChecker.cpp
0adb17502365b56dca99bfa971c59514ece54877	21-Feb-2013	David Blaikie <dblaikie@gmail.com>	Avoid implicit conversions of Optional<T> to bool. This is a precursor to making Optional<T>'s operator bool 'explicit' when building Clang & LLVM as C++11. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@175722 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
66874fb18afbffb8b2ca05576851a64534be3352	21-Feb-2013	David Blaikie <dblaikie@gmail.com>	Use None rather than Optional<T>() where possible. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@175705 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
dc84cd5efdd3430efb22546b4ac656aa0540b210	20-Feb-2013	David Blaikie <dblaikie@gmail.com>	Include llvm::Optional in clang/Basic/LLVM.h Post-commit CR feedback from Jordan Rose regarding r175594. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@175679 91177308-0d34-0410-b5e6-96231b3b80d8 rrayBoundCheckerV2.cpp ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp oolAssignmentChecker.cpp StringChecker.cpp allAndMessageChecker.cpp ivZeroChecker.cpp enericTaintChecker.cpp acOSKeychainAPIChecker.cpp allocChecker.cpp SErrorChecker.cpp etainCountChecker.cpp treamChecker.cpp nixAPIChecker.cpp
9e85b29dd17fd3878134216f9abaf5ec4774b2a5	20-Feb-2013	David Blaikie <dblaikie@gmail.com>	Remove redundant Optional type in favor of llvm::Optional git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@175678 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
5251abea41b446c26e3239c8dd6c7edea6fc335d	20-Feb-2013	David Blaikie <dblaikie@gmail.com>	Replace SVal llvm::cast support to be well-defined. See r175462 for another example/more details. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@175594 91177308-0d34-0410-b5e6-96231b3b80d8 rrayBoundCheckerV2.cpp ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp oolAssignmentChecker.cpp uiltinFunctionChecker.cpp StringChecker.cpp allAndMessageChecker.cpp ereferenceChecker.cpp ivZeroChecker.cpp xprInspectionChecker.cpp enericTaintChecker.cpp dempotentOperationChecker.cpp acOSKeychainAPIChecker.cpp allocChecker.cpp SErrorChecker.cpp bjCAtSyncChecker.cpp bjCContainersChecker.cpp bjCSelfInitChecker.cpp threadLockChecker.cpp etainCountChecker.cpp treamChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp
724cfee8b506ffef6f55e556a3329a7403ef7198	18-Feb-2013	Ted Kremenek <kremenek@apple.com>	Disable dead stores checker for template instantations. Fixes <rdar://problem/13213575>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@175425 91177308-0d34-0410-b5e6-96231b3b80d8 eadStoresChecker.cpp
cfaed8d399a34e79fbab9f70eb4ea1bbeb81a02b	14-Feb-2013	Fariborz Jahanian <fjahanian@apple.com>	objective-C: synthesize properties in order of their declarations to synthesize their ivars in similar determinstic order so they are laid out in a determinstic order. // rdar://13192366 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@175214 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
223f0ff6a9a5d0eaf63b98b3aa92888b4c088868	09-Feb-2013	Jordan Rose <jordan_rose@apple.com>	Remove some stray uses of <ctype.h> functions. These are causing assertions on some MSVC builds. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@174805 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
d523df6a143a97eea46916c6e31c8f2a0728bf28	09-Feb-2013	Anna Zaks <ganna@apple.com>	[analyzer] Invalidation checker: move the "missing implementation" check The missing definition check should be in the same category as the missing ivar validation - in this case, the intent is to invalidate in the given class, as described in the declaration, but the implementation does not perform the invalidation. Whereas the MissingInvalidationMethod checker checks the cases where the method intention is not to invalidate. The second checker has potential to have a much higher false positive rate. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@174787 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
adecec39481f925701e63d7fe3b8bf02dd7ddf01	09-Feb-2013	Anna Zaks <ganna@apple.com>	[analyzer] Move DefaultBool so that all checkers can share it. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@174782 91177308-0d34-0410-b5e6-96231b3b80d8 heckSecuritySyntaxOnly.cpp varInvalidationChecker.cpp
722cd9e3c0142948b9eb3190211dbc0dd4da4105	09-Feb-2013	Anna Zaks <ganna@apple.com>	[analyzer] Split IvarInvalidation into two checkers Separate the checking for the missing invalidation methods into a separate checker so that it can be turned on/off independently. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@174781 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td varInvalidationChecker.cpp
2b174c37ae174063d70494e9b4fd91f4eff26463	09-Feb-2013	Anna Zaks <ganna@apple.com>	[analyzer] IvarInvalidation: refactor, pull out the diagnostic printing git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@174780 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
26db7dbf67b1532b2d617b3a85428699a1ffc997	09-Feb-2013	Anna Zaks <ganna@apple.com>	[analyzer] IvarInvalidation: add annotation for partial invalidation The new annotation allows having methods that only partially invalidate IVars and might not be called from the invalidation methods directly (instead, are guaranteed to be called before the invalidation occurs). The checker is going to trust the programmer to call the partial invalidation method before the invalidator.This is common in cases when partial object tear down happens before the death of the object. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@174779 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
118aa750c5cfe975542dce8e41586b2054d1f5dd	08-Feb-2013	Anna Zaks <ganna@apple.com>	[analyzer] Report bugs when freeing memory with offset pointer The malloc checker will now catch the case when a previously malloc'ed region is freed, but the pointer passed to free does not point to the start of the allocated memory. For example: int *p1 = malloc(sizeof(int)); p1++; free(p1); // warn From the "memory.LeakPtrValChanged enhancement to unix.Malloc" entry in the list of potential checkers. A patch by Branden Archer! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@174678 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
233e26acc0ff2a1098f4c813f69286fce840a422	08-Feb-2013	Anna Zaks <ganna@apple.com>	[analyzer] Add pointer escape type param to checkPointerEscape callback The checkPointerEscape callback previously did not specify how a pointer escaped. This change includes an enum which describes the different ways a pointer may escape. This enum is passed to the checkPointerEscape callback when a pointer escapes. If the escape is due to a function call, the call is passed. This changes previous behavior where the call is passed as NULL if the escape was due to indirectly invalidating the region the pointer referenced. A patch by Branden Archer! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@174677 91177308-0d34-0410-b5e6-96231b3b80d8 heckerDocumentation.cpp allocChecker.cpp impleStreamChecker.cpp
0217b1d045ea99fe792e83ed1a785816289dd53c	31-Jan-2013	Anna Zaks <ganna@apple.com>	[analyzer]RetainCount: Fix an autorelease related false positive. The Cnt variable is adjusted (incremented) for simplification of checking logic. The increment should not be stored in the state. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@174104 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
e36d81b1eeab13fb1bbd15291d009a1699de6ec1	31-Jan-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Don't track autorelease pools created by +new. This matches our behavior for autorelease pools created by +alloc. Some people like to create autorelease pools in one method and release them somewhere else. If you want safe autorelease pool semantics, use the new ARC-compatible syntax: @autoreleasepool { ... } <rdar://problem/13121353> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@174096 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
44ec3f00e64199667edf9f12c0f31f66916c95fe	26-Jan-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] Track null object lvalues back through C++ method calls. The expression 'a->b.c()' contains a call to the 'c' method of 'a->b'. We emit an error if 'a' is NULL, but previously didn't actually track the null value back through the 'a->b' expression, which caused us to miss important false-positive-suppression cases, including <rdar://problem/12676053>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@173547 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp
dede2fd56d053a114a65ba72583981ce7aab27da	26-Jan-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] bugreporter::getDerefExpr now takes a Stmt, not an ExplodedNode. This allows it to be used in places where the interesting statement doesn't match up with the current node. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@173546 91177308-0d34-0410-b5e6-96231b3b80d8 ereferenceChecker.cpp
b33349e605a7373b067f7b96619e27c57c13932b	23-Jan-2013	Ted Kremenek <kremenek@apple.com>	Add missing null check. Not sure why my tests passed before. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@173292 91177308-0d34-0410-b5e6-96231b3b80d8 oReturnFunctionChecker.cpp
a5b6469a55fb8796353b073f6c12694b0adc77c2	23-Jan-2013	Ted Kremenek <kremenek@apple.com>	Honor attribute 'analyzer_noreturn' on Objective-C methods. This isn't likely a full solution, but it catches the common cases and can be refined over time. Fixes <rdar://problem/11634353>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@173291 91177308-0d34-0410-b5e6-96231b3b80d8 oReturnFunctionChecker.cpp
cd376b63c42214c7851ca917e7da9d30f9e84fa4	09-Jan-2013	Stephen Hines <srhines@google.com>	Update Clang for merge to r171906. clang-tblgen-rules.mk - New AttrDump.inc target lib/AST/Android.mk lib/Analysis/Android.mk lib/Basic/Android.mk lib/Lex/Android.mk lib/Parse/Android.mk lib/Sema/Android.mk lib/StaticAnalyzer/Checkers/Android.mk Change-Id: If31b4c9123f730ab851f11b00b0688166b14b4b2 ndroid.mk
15bb58edc9d053aa49c28167deb41ff0409ddabc	21-Jan-2013	Stephen Hines <srhines@google.com>	Merge commit 'd130fd2e141f1fef412c2d58e7385370801bd718' into merge-llvm Conflicts: lib/Basic/Targets.cpp Change-Id: I90a669a33ffe4de8b32c8459016fd0b2a55da0ad
fa2b53c5780a8a6f38803a26e3c6f9f0a9ba8b4d	18-Jan-2013	Anna Zaks <ganna@apple.com>	[analyzer] DirectIvarAssignment: allow suppression annotation on Ivars. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@172766 91177308-0d34-0410-b5e6-96231b3b80d8 irectIvarAssignment.cpp
cd8ab51a44e80625d84126780b0d85a7732e25af	17-Jan-2013	Richard Smith <richard-llvm@metafoo.co.uk>	Implement C++11 semantics for [[noreturn]] attribute. This required splitting it apart from [[gnu::noreturn]] / __attribute__((noreturn)), since their semantics are not equivalent (for instance, we treat [[gnu::noreturn]] as affecting the function type, whereas [[noreturn]] does not). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@172691 91177308-0d34-0410-b5e6-96231b3b80d8 oReturnFunctionChecker.cpp
d329724745b49f894b768d47275b7c2713106e89	17-Jan-2013	Douglas Gregor <dgregor@apple.com>	Rework the traversal of Objective-C categories and extensions to consider (sub)module visibility. The bulk of this change replaces myriad hand-rolled loops over the linked list of Objective-C categories/extensions attached to an interface declaration with loops using one of the four new category iterator kinds: visible_categories_iterator: Iterates over all visible categories and extensions, hiding any that have their "hidden" bit set. This is by far the most commonly used iterator. known_categories_iterator: Iterates over all categories and extensions, ignoring the "hidden" bit. This tends to be used for redeclaration-like traversals. visible_extensions_iterator: Iterates over all visible extensions, hiding any that have their "hidden" bit set. known_extensions_iterator: Iterates over all extensions, whether they are visible to normal name lookup or not. The effect of this change is that any uses of the visible_ iterators will respect module-import visibility. See the new tests for examples. Note that the old accessors for categories and extensions are gone; there are *Raw() forms for some of them, for those (few) areas of the compiler that have to manipulate the linked list of categories directly. This is generally discouraged. Part two of <rdar://problem/10634711>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@172665 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp bjCUnusedIVarsChecker.cpp
d7b1d2467d8bf01be5068dbbad1a6324cee8bf4a	16-Jan-2013	Anna Zaks <ganna@apple.com>	[analyzer] Add an annotation to allow suppression of direct ivar assignment git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@172597 91177308-0d34-0410-b5e6-96231b3b80d8 irectIvarAssignment.cpp
79ccd5635495fb4588d0ec47c0bf05764441a14c	16-Jan-2013	Anna Zaks <ganna@apple.com>	[analyzer] Fix warning typo. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@172596 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
64eb070234bc4cd4fd2debf3a91c6e2d8f0d32d8	16-Jan-2013	Anna Zaks <ganna@apple.com>	[analyzer] Refactor: parameter rename. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@172595 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp etainCountChecker.cpp
14a372bb7d7681cdfbcebe71b109e773327e4e1c	14-Jan-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] -drain is not an alias for -release. This was previously added to support -[NSAutoreleasePool drain], which behaves like -release under non-GC and "please collect" under GC. We're not currently modeling the autorelease pool stack, though, so we can just take this out entirely. Fixes PR14927. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@172444 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
cfa88f893915ceb8ae4ce2f17c46c24a4d67502f	12-Jan-2013	Dmitri Gribenko <gribozavr@gmail.com>	Remove useless 'llvm::' qualifier from names like StringRef and others that are brought into 'clang' namespace by clang/Basic/LLVM.h git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@172323 91177308-0d34-0410-b5e6-96231b3b80d8 oolAssignmentChecker.cpp eadStoresChecker.cpp enericTaintChecker.cpp acOSKeychainAPIChecker.cpp allocChecker.cpp allocOverflowSecurityChecker.cpp allocSizeofChecker.cpp SErrorChecker.cpp impleStreamChecker.cpp
6de7daa60412744bcf168c6c0d521688435fe221	11-Jan-2013	Anna Zaks <ganna@apple.com>	[analyzer] Rename the warning: state the issue before the hint of how it can be fixed git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@172170 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
b8f6678bdd54d4dabac416476993343837dd229c	11-Jan-2013	Anna Zaks <ganna@apple.com>	[analyzer]Recognize ivar invalidation protocol even if it was redeclared This will get rid of some false positives as well as false negatives. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@172169 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
ae81e172e93b75594c7053f3226a16b9d8daa6fd	11-Jan-2013	Anna Zaks <ganna@apple.com>	[analyzer] Ivar invalidation: track ivars declared in categories. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@172168 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
6503255e4fa0689f427b3b798180fceac29c98c2	11-Jan-2013	Anna Zaks <ganna@apple.com>	[analyzer] Allow IvarInvalidation checker to suppress warnings via assertions. To ensure that custom assertions/conditional would also be supported, just check if the ivar that needs to be invalidated or set to nil is compared against 0. Unfortunately, this will not work for code containing 'assert(IvarName)' git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@172147 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
664566c37f81d70226df22c12aa05d1603b620f3	10-Jan-2013	Anna Zaks <ganna@apple.com>	[analyzer] Fix non-determinizm introduced in r172104. In some cases, we just pick any ivar that needs invalidation and attach the warning to it. Picking the first from DenseMap of pointer keys was triggering non-deterministic output. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@172134 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
b1fc673783dd0215a1426b2c411779cd05a16a07	10-Jan-2013	Anna Zaks <ganna@apple.com>	[analyzer] Add more checks to the ObjC Ivar Invalidation checker. Restructured the checker so that it could easily find two new classes of issues: - when a class contains an invalidatable ivar, but no declaration of an invalidation method - when a class contains an invalidatable ivar, but no definition of an invalidation method in the @implementation. The second case might trigger some false positives, for example, when the method is defined in a category. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@172104 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
97bfb558f69c09b01a5c1510f08dc91eb62329a7	08-Jan-2013	Anna Zaks <ganna@apple.com>	[analyzer] Include the bug uniqueing location in the issue_hash. The issue here is that if we have 2 leaks reported at the same line for which we cannot print the corresponding region info, they will get treated as the same by issue_hash+description. We need to AUGMENT the issue_hash with the allocation info to differentiate the two issues. Add the "hash" (offset from the beginning of a function) representing allocation site to solve the issue. We might want to generalize solution in the future when we decide to track more than just the 2 locations from the diagnostics. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@171825 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp allocChecker.cpp
0b67c75c988f7188743059713a04ca2320c9f15a	07-Jan-2013	Anna Zaks <ganna@apple.com>	[analyzer] Fix a false positive in Secure Keychain API checker. Better handle the blacklisting of known bad deallocators when symbol escapes through a call to CFStringCreateWithBytesNoCopy. Addresses radar://12702952. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@171770 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td acOSKeychainAPIChecker.cpp
5879fb3f6d559863c18df7132ee3d5fdb62b6ae5	07-Jan-2013	Anna Zaks <ganna@apple.com>	[analyzer] Fix a false positive in the ivar invalidation checker. When a property is "inherited" through both a parent class and directly through a protocol, we should not require the child to invalidate it since the backing ivar belongs to the parent class. (Fixes radar://12913734) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@171769 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
a620bd8fb8c6f2080898e4aecf77b46e7e1a8f16	04-Jan-2013	Ted Kremenek <kremenek@apple.com>	NSErrorChecker: remove quoting the parameter name in the diagnostic until we actually include it's name. This is a possible regression of moving to using ImplicitNullDerefEvent. Fixing this for real (including the parameter name) requires more plumbing in ImplicitNullDerefEvent. This is just a stop gap fix. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@171502 91177308-0d34-0410-b5e6-96231b3b80d8 SErrorChecker.cpp
a4a1759ba11892b510a3b09ad8605aa82602d33e	04-Jan-2013	Ted Kremenek <kremenek@apple.com>	Tighten code. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@171501 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
c37fad6d8b483b636e96f568202f24cb2b714db4	03-Jan-2013	Ted Kremenek <kremenek@apple.com>	Make MallocChecker debug output useful. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@171439 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
344c77aac25e5d960aced3f45fbaa09853383f6d	03-Jan-2013	Anna Zaks <ganna@apple.com>	[analyzer] Rename callback EndPath -> EndFunction This better reflects when callback is called and what the checkers are relying on. (Both names meant the same pre-IPA.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@171432 91177308-0d34-0410-b5e6-96231b3b80d8 heckerDocumentation.cpp etainCountChecker.cpp tackAddrEscapeChecker.cpp raversalChecker.cpp
a05d2741c40c71b59cf6d2f8bbc5d433a5d0e6de	22-Dec-2012	Ted Kremenek <kremenek@apple.com>	Fix typo: objc_no_direct_instance_variable_assignmemt => objc_no_direct_instance_variable_assignment. Fixes <rdar://problem/12927551>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@170971 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td irectIvarAssignment.cpp
4b6bb40b22877472d0b3d2961689f1f0ac23cc71	22-Dec-2012	Anna Zaks <ganna@apple.com>	[analyzer] Convert SimpleStreamChecker to use the PointerEscape callback The new callback greatly simplifies the checker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@170969 91177308-0d34-0410-b5e6-96231b3b80d8 impleStreamChecker.cpp
1655bcd052a67a3050fc55df8ecce57342352e68	21-Dec-2012	Anna Zaks <ganna@apple.com>	[analyzer] Address Jordan's nitpicks as per code review of r170625. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@170832 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp heckerDocumentation.cpp etainCountChecker.cpp
bbf4d53343c2bbd082b7c1488f34650a7d07ae3b	20-Dec-2012	Ted Kremenek <kremenek@apple.com>	Update RetainCountChecker to understand attribute ns_returns_autoreleased. Fixes <rdar://problem/12887356>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@170724 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
bf53dfac8195835028bd6347433f7dbebcc29fc1	20-Dec-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add the pointer escaped callback. Instead of using several callbacks to identify the pointer escape event, checkers now can register for the checkPointerEscape. Converted the Malloc checker to use the new callback. SimpleStreamChecker will be converted next. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@170625 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp heckerDocumentation.cpp allocChecker.cpp etainCountChecker.cpp impleStreamChecker.cpp
8302767d5f577ce1729187abec30404a201804b1	17-Dec-2012	Argyrios Kyrtzidis <akyrtzi@gmail.com>	Don't include the header outside the include guards, it defeats the purpose of the include guards. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@170364 91177308-0d34-0410-b5e6-96231b3b80d8 langSACheckers.h
45397f92bb3009dd5a1b399ef0885ccddc34838e	13-Dec-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Fix doc error (wrong param name) in ObjCSuperCallChecker. Thanks for the -Wdocumentation catch, Dmitri! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@170139 91177308-0d34-0410-b5e6-96231b3b80d8 bjCMissingSuperCallChecker.cpp
e14999e768fe55f620719fc4fbc361759e990e80	13-Dec-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Generalize ObjCMissingSuperCallChecker. We now check a few methods for UIResponder, NSResponder, and NSDocument. Patch by Julian Mayer! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@170089 91177308-0d34-0410-b5e6-96231b3b80d8 bjCMissingSuperCallChecker.cpp
1812652c24c5a7847654cef9b0875414000af27f	13-Dec-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fix a self-init checker false positive. This is a Band-Aid fix to a false positive, where we complain about not initializing self to [super init], where self is not coming from the init method, but is coming from the caller to init. The proper solution would be to associate the self and it's state with the enclosing init. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@170059 91177308-0d34-0410-b5e6-96231b3b80d8 bjCSelfInitChecker.cpp
c2cca2361aeafdf9170de2695b17d8bcd1c6f7db	11-Dec-2012	Anna Zaks <ganna@apple.com>	[analyzer] Don't generate a summary for "freeWhenDone" if method is inlined. Fixes a false positive that occurs if a user writes their own initWithBytesNoCopy:freeWhenDone wrapper. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@169795 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
4ee1c557c3ebddb8a9be8f6fb66605b971793820	06-Dec-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Simplify RetainCountChecker's handling of dead symbols. Previously we made three passes over the set of dead symbols, and removed them from the state /twice/. Now we combine the autorelease pass and the symbol death pass, and only have to remove the bindings for the symbols that leaked. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@169527 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
e3ce2c10c3f6ae7b26700d758de909deab190d42	06-Dec-2012	Ted Kremenek <kremenek@apple.com>	Only provide explicit getCapturedRegion() and getOriginalRegion() from referenced_vars_iterator. This is a nice conceptual cleanup. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@169480 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp etainCountChecker.cpp ndefCapturedBlockVarChecker.cpp
e0c6c67d670588508da2d343193cfe2845bef7e0	06-Dec-2012	Ted Kremenek <kremenek@apple.com>	Use 'getOriginalRegion()' rather than going through the logic to recreate it. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@169478 91177308-0d34-0410-b5e6-96231b3b80d8 ndefCapturedBlockVarChecker.cpp
aacadfea7a7174116dbde09937098763a3211396	05-Dec-2012	Daniel Jasper <djasper@google.com>	Add missing virtual destructors reported by -Wnon-virtual-dtor. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@169365 91177308-0d34-0410-b5e6-96231b3b80d8 irectIvarAssignment.cpp
39a62fcd3003785d9cc913ab2820be2f6f27bb40	05-Dec-2012	Anna Zaks <ganna@apple.com>	[analyzer] Implement an opt-in variant of direct ivar assignment. This will only check the direct ivar assignments in the annotated methods. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@169349 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td irectIvarAssignment.cpp
79762d3d6d82a314848cf4bfa6d2d58439536dbe	04-Dec-2012	Ted Kremenek <kremenek@apple.com>	Alphabetize source files, just like they have been before. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@169318 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
55fc873017f10f6f566b182b70f6fc22aefa3464	04-Dec-2012	Chandler Carruth <chandlerc@gmail.com>	Sort all of Clang's files under 'lib', and fix up the broken headers uncovered. This required manually correcting all of the incorrect main-module headers I could find, and running the new llvm/utils/sort_includes.py script over the files. I also manually added quite a few missing headers that were uncovered by shuffling the order or moving headers up to be main-module-headers. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@169237 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp rrayBoundChecker.cpp rrayBoundCheckerV2.cpp ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp oolAssignmentChecker.cpp uiltinFunctionChecker.cpp StringChecker.cpp StringSyntaxChecker.cpp allAndMessageChecker.cpp astSizeChecker.cpp astToStructChecker.cpp heckObjCDealloc.cpp heckObjCInstMethSignature.cpp heckSecuritySyntaxOnly.cpp heckSizeofPointer.cpp heckerDocumentation.cpp hrootChecker.cpp ebugCheckers.cpp ereferenceChecker.cpp irectIvarAssignment.cpp ivZeroChecker.cpp ynamicTypePropagation.cpp xprInspectionChecker.cpp ixedAddressChecker.cpp enericTaintChecker.cpp dempotentOperationChecker.cpp varInvalidationChecker.cpp LVMConventionsChecker.cpp acOSKeychainAPIChecker.cpp acOSXAPIChecker.cpp allocChecker.cpp allocOverflowSecurityChecker.cpp allocSizeofChecker.cpp SAutoreleasePoolChecker.cpp SErrorChecker.cpp oReturnFunctionChecker.cpp bjCAtSyncChecker.cpp bjCContainersASTChecker.cpp bjCContainersChecker.cpp bjCMissingSuperCallChecker.cpp bjCSelfInitChecker.cpp bjCUnusedIVarsChecker.cpp ointerArithChecker.cpp ointerSubChecker.cpp threadLockChecker.cpp etainCountChecker.cpp eturnPointerRangeChecker.cpp eturnUndefChecker.cpp impleStreamChecker.cpp tackAddrEscapeChecker.cpp treamChecker.cpp aintTesterChecker.cpp ndefBranchChecker.cpp ndefResultChecker.cpp ndefinedArraySubscriptChecker.cpp ndefinedAssignmentChecker.cpp nixAPIChecker.cpp nreachableCodeChecker.cpp LASizeChecker.cpp irtualCallChecker.cpp
9d5a78d5a0c724f35af5ea2f17b2b88b32335e24	01-Dec-2012	Benjamin Kramer <benny.kra@googlemail.com>	Add raw_ostream include to pacify MSVC. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@169097 91177308-0d34-0410-b5e6-96231b3b80d8 bjCSelfInitChecker.cpp
a93d0f280693b8418bc88cf7a8c93325f7fcf4c6	01-Dec-2012	Benjamin Kramer <benny.kra@googlemail.com>	Include pruning and general cleanup. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@169095 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp rrayBoundCheckerV2.cpp asicObjCFoundationChecks.cpp StringChecker.cpp allAndMessageChecker.cpp ereferenceChecker.cpp dempotentOperationChecker.cpp LVMConventionsChecker.cpp acOSKeychainAPIChecker.cpp allocSizeofChecker.cpp SErrorChecker.cpp tackAddrEscapeChecker.cpp raversalChecker.cpp ndefResultChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp irtualCallChecker.cpp
9852f58f50b4fc20914fbce5b4454135a42343f4	01-Dec-2012	Benjamin Kramer <benny.kra@googlemail.com>	Don't include Type.h in DeclarationName.h. Recursively prune some includes. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@169094 91177308-0d34-0410-b5e6-96231b3b80d8 xprInspectionChecker.cpp tackAddrEscapeChecker.cpp
2fa67efeaf66a9332c30a026dc1c21bef6c33a6c	01-Dec-2012	Benjamin Kramer <benny.kra@googlemail.com>	Pull the Attr iteration parts out of Attr.h, so including DeclBase.h doesn't pull in all the generated Attr code. Required to pull some functions out of line, but this shouldn't have a perf impact. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@169092 91177308-0d34-0410-b5e6-96231b3b80d8 ttrNonNullChecker.cpp heckObjCDealloc.cpp eadStoresChecker.cpp enericTaintChecker.cpp varInvalidationChecker.cpp allocChecker.cpp oReturnFunctionChecker.cpp bjCUnusedIVarsChecker.cpp etainCountChecker.cpp ndefCapturedBlockVarChecker.cpp
dac6cd533d90fa1f75e66f83f7d5ebc12e34bfb7	26-Nov-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fix a crash reported in PR 14400. The AllocaRegion did not have the superRegion (based on LocationContext) as part of it's hash. As a consequence, the AllocaRegions from different frames were uniqued to be the same region. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@168599 91177308-0d34-0410-b5e6-96231b3b80d8 uiltinFunctionChecker.cpp
4d9f4e5bfa701fc870e3c481f93f1fcc52d327bb	22-Nov-2012	Benjamin Kramer <benny.kra@googlemail.com>	Make helpers static/anonymous. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@168500 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
f34a5791c5c9df0348714e275adb09b8cf858460	15-Nov-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] StreamChecker: Remove now-unnecessary check::EndPath callback. Also, don't bother to stop tracking symbols in the return value, either. They are now properly considered live during checkDeadSymbols. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@168069 91177308-0d34-0410-b5e6-96231b3b80d8 treamChecker.cpp
7f82bc87c99371df7adb2dbdf3464832031e4184	15-Nov-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] MacOSKeychainAPIChecker: Remove now-unnecessary check::EndPath. Also, don't bother to stop tracking symbols in the return value, either. They are now properly considered live during checkDeadSymbols. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@168068 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
65d4bd60ec6a734b814b7253b1026d35c8e46ce9	15-Nov-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] MallocChecker: Remove now-unnecessary check::EndPath callback. Also, don't bother to stop tracking symbols in the return value, either. They are now properly considered live during checkDeadSymbols. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@168067 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
2ccecfaa4852c134191d4075d94e09399ab46fea	13-Nov-2012	Anna Zaks <ganna@apple.com>	[analyzer] Address Jordan's code review for r167813. This simplifies logic, fixes a bug, and adds a test case. Thanks Jordan! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167868 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
4141e4dcab6b175374710925aa90d547600a5e66	13-Nov-2012	Anna Zaks <ganna@apple.com>	Fix a Malloc Checker FP by tracking return values from initWithCharacter and other functions. When these functions return null, the pointer is not freed by them/ownership is not transfered. So we should allow the user to free the pointer by calling another function when the return value is NULL. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167813 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
0fe4d400ab05995727440620c25fe1d185b4e046	07-Nov-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Check that the argument to CFMakeCollectable is non-NULL. Patch by Sean McBride! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167537 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp heckers.td
65bc6537509fcfb9e7e724e7d40546eea931e07f	07-Nov-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Enhance docs for checker callbacks (esp. processRegionChanges). No functionality change; this checker is only used for documentation. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167522 91177308-0d34-0410-b5e6-96231b3b80d8 heckerDocumentation.cpp
35d4a09efbdc313b02f05612e6501a7ec7d3a37d	06-Nov-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add symbol escapes logic to the SimpleStreamChecker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167439 91177308-0d34-0410-b5e6-96231b3b80d8 impleStreamChecker.cpp
d1ad5e5d6c895f809ada5b420060b2ec0b48567b	06-Nov-2012	Anna Zaks <ganna@apple.com>	[analyzer] Remove isWithinInlined. It's been replaced with inTopFrame(). Thanks Jordan. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167438 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
fadcd5d5bbe1bfc1c6b8d819cc2242f780a49fec	03-Nov-2012	Anna Zaks <ganna@apple.com>	[analyzer] add LocationContext::inTopFrame() helper. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167351 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
0c396d618dfa7cdd6ddafea24df7f74789d1f829	03-Nov-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Convert SimpleStreamChecker over to CallEvent. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167340 91177308-0d34-0410-b5e6-96231b3b80d8 impleStreamChecker.cpp
1f03a8a0334924719ff85c993d652480e93fda98	03-Nov-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] CheckerDocumentation: Change examples for PreStmt and PostStmt. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167339 91177308-0d34-0410-b5e6-96231b3b80d8 heckerDocumentation.cpp
2f3017f9cbd3774f690c979410bfec38423d03af	03-Nov-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add some convenience accessors to CallEvent, and use them. These are CallEvent-equivalents of helpers already accessible in CheckerContext, as part of making it easier for new checkers to be written using CallEvent rather than raw CallExprs. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167338 91177308-0d34-0410-b5e6-96231b3b80d8 ynamicTypePropagation.cpp bjCSelfInitChecker.cpp etainCountChecker.cpp
d624607d4196e4b37d235daa14699bcb3c1012a6	03-Nov-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] isCLibraryFunction: check that the function is at TU-scope. Also, Decls already carry a pointer to the ASTContext, so there's no need to pass an extra argument to the predicate. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167337 91177308-0d34-0410-b5e6-96231b3b80d8 StringSyntaxChecker.cpp
edd07f40ce13eb64537e9bd3af2bec4847a90fb2	02-Nov-2012	Anna Zaks <ganna@apple.com>	[analyzer] Factor SimpleStreamChecker pulling out isLeaked(). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167316 91177308-0d34-0410-b5e6-96231b3b80d8 impleStreamChecker.cpp
466224fd068a0a0084968a7f521a690a51c3b226	02-Nov-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Convert some of the harder cases over to ProgramStateTrait macros. Add FIXMEs for the traits visible from multiple translation units. Currently the macros hide their key types in an anonymous namespace. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167277 91177308-0d34-0410-b5e6-96231b3b80d8 SErrorChecker.cpp bjCSelfInitChecker.cpp treamChecker.cpp
166d502d5367ceacd1313a33cac43b1048b8524d	02-Nov-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Use nice macros for the common ProgramStateTraits (map, set, list). Also, move the REGISTER_*_WITH_PROGRAMSTATE macros to ProgramStateTrait.h. This doesn't get rid of /all/ explicit uses of ProgramStatePartialTrait, but it does get a lot of them. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167276 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp enericTaintChecker.cpp acOSKeychainAPIChecker.cpp allocChecker.cpp bjCContainersChecker.cpp threadLockChecker.cpp etainCountChecker.cpp
785950e59424dca7ce0081bebf13c0acd2c4fff6	02-Nov-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Rename 'EmitReport' to 'emitReport'. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167275 91177308-0d34-0410-b5e6-96231b3b80d8 rrayBoundChecker.cpp rrayBoundCheckerV2.cpp ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp oolAssignmentChecker.cpp StringChecker.cpp allAndMessageChecker.cpp astSizeChecker.cpp astToStructChecker.cpp hrootChecker.cpp ereferenceChecker.cpp ivZeroChecker.cpp xprInspectionChecker.cpp ixedAddressChecker.cpp enericTaintChecker.cpp dempotentOperationChecker.cpp acOSKeychainAPIChecker.cpp acOSXAPIChecker.cpp allocChecker.cpp SAutoreleasePoolChecker.cpp SErrorChecker.cpp bjCAtSyncChecker.cpp bjCContainersChecker.cpp bjCSelfInitChecker.cpp ointerArithChecker.cpp ointerSubChecker.cpp threadLockChecker.cpp etainCountChecker.cpp eturnPointerRangeChecker.cpp eturnUndefChecker.cpp impleStreamChecker.cpp tackAddrEscapeChecker.cpp treamChecker.cpp aintTesterChecker.cpp ndefBranchChecker.cpp ndefCapturedBlockVarChecker.cpp ndefResultChecker.cpp ndefinedArraySubscriptChecker.cpp ndefinedAssignmentChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp
79a29eb35a9508d61abb07452e4912d03466d1e7	01-Nov-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Fix typo in r167186. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167189 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
32f38c11642ddeaeb6c4ffb1e589ab444c825f6e	01-Nov-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Minor cleanup in SimpleStreamChecker's class definition. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167187 91177308-0d34-0410-b5e6-96231b3b80d8 impleStreamChecker.cpp
ec8d420d4fa57fc6b5a5a2b1446742e976a7ba00	01-Nov-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Rename ConditionTruthVal::isTrue to isConstrainedTrue. (and the same for isFalse) No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167186 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp allocChecker.cpp etainCountChecker.cpp impleStreamChecker.cpp
bbb751a1788c461bc9765ec3387536cad6b52619	31-Oct-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fix a bug in SimpleStreamChecker - return after sink. Thanks Ted. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167176 91177308-0d34-0410-b5e6-96231b3b80d8 impleStreamChecker.cpp
32133cfb333510ba94aff040067713c0b32d58c5	31-Oct-2012	Anna Zaks <ganna@apple.com>	[analyzer] SimpleStreamChecker - remove evalAssume and other refinements git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167099 91177308-0d34-0410-b5e6-96231b3b80d8 impleStreamChecker.cpp
19948ac84f145b9ea576db2faefda1927c249e44	30-Oct-2012	Ted Kremenek <kremenek@apple.com>	Trim #includes. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167002 91177308-0d34-0410-b5e6-96231b3b80d8 eadStoresChecker.cpp
bdbb17b81ca02f0279909836668420351b7f24c1	30-Oct-2012	Anna Zaks <ganna@apple.com>	[analyzer]SimpleStreamChecker: add a TODO for better leak report. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167001 91177308-0d34-0410-b5e6-96231b3b80d8 impleStreamChecker.cpp
360b29c52a4c10f9d4c031d84d962ed2a4d58263	30-Oct-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fix a bug in REGISTER_MAP_WITH_PROGRAMSTATE The ImmutableMap should not be the key into the GDM map as there could be several entries with the same map type. Thanks, Jordan. This complicates the usage of the macro a bit. When we want to retrieve the whole map, we need to use another name. Currently, I set it to be Name ## Ty as in "type of the map we are storing in the ProgramState". git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167000 91177308-0d34-0410-b5e6-96231b3b80d8 impleStreamChecker.cpp
ac150f2619efcadbf23acd6e86695b5412723eb1	30-Oct-2012	Anna Zaks <ganna@apple.com>	[analyzer] Rename REGISTER_MAP_WITH_GDM ->REGISTER_MAP_WITH_PROGRAMSTATE git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@166999 91177308-0d34-0410-b5e6-96231b3b80d8 impleStreamChecker.cpp
eafaad279f7be4552e5a2246fcda1b5d65698104	30-Oct-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Warn about reallocf with an allocation size of 0, like realloc. Patch by Sean McBride! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@166995 91177308-0d34-0410-b5e6-96231b3b80d8 nixAPIChecker.cpp
3cf9a72743d147f3a6152ba3374f081bac749c28	30-Oct-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] New checker for missing super calls in UIViewController subclasses. This is a syntactic checker aimed at helping iOS programmers correctly subclass and override the methods of UIViewController. While this should eventually be covered by the 'objc_requires_super' attribute, this checker can be used with the existing iOS SDKs without any header changes. This new checker is currently named 'alpha.osx.cocoa.MissingSuperCall'. Patch by Julian Mayer! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@166993 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td bjCMissingSuperCallChecker.cpp
54458707b2df12c5a63599fe9727a227d91bc183	29-Oct-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc checker cleanup/refactor No need for the auxiliary flag. No need to generate a leak node when there is no error. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@166977 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
d65e55d691655462880ffd51c10784955ab6a362	29-Oct-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add SimpleStreamChecker. This is an example checker for catching fopen fclose API misuses. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@166976 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td impleStreamChecker.cpp
5ac1df3e15f91ed663826faec7efe2462c18d98c	29-Oct-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add checker helpers to CheckerContext. - Adding Immutable Map to GDM and getIdentifierInfo helper method. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@166975 91177308-0d34-0410-b5e6-96231b3b80d8 treamChecker.cpp
c3c26b7390bc4ac3ad122f557a10ba17ab871216	18-Oct-2012	Anna Zaks <ganna@apple.com>	[analyzer] Ivar invalidation: identify properties declared in protocols. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@166211 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
e0c50fa01d59749e9392ccff50ee6fb90a61725b	16-Oct-2012	Anna Zaks <ganna@apple.com>	[analyzer] Ivar Invalidation: track ivars in continuations and @implementation. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@166047 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
bc9e5ffb0d0757238c071764e4bc1fc8a1521097	16-Oct-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] ObjCContainersASTChecker: minor cleanup and an extra test case. Follow-up to r165838, which fixed a potential crash. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@166002 91177308-0d34-0410-b5e6-96231b3b80d8 bjCContainersASTChecker.cpp
51431dcf4a591ded089a56aaa985bb546cec8ce4	16-Oct-2012	Anna Zaks <ganna@apple.com>	[analyzer] Enhance the error message. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@165993 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
625ce084bc8de75e74b8920593ab761f20ff5971	16-Oct-2012	Anna Zaks <ganna@apple.com>	[analyzer] Do not warn on direct ivar assignments within copy methods. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@165992 91177308-0d34-0410-b5e6-96231b3b80d8 irectIvarAssignment.cpp
74616824108151e139d84338db609cc32f065c05	13-Oct-2012	Ted Kremenek <kremenek@apple.com>	Move assertion to not crash tests. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@165842 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
d0f3d7148ca761fda2243528b2b62f916770f546	13-Oct-2012	Ted Kremenek <kremenek@apple.com>	Silence static analyzer issue by documenting that in this context that a DeclRefExpr can never return a null decl. We possibly should hoist this into getDecl() itself. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@165841 91177308-0d34-0410-b5e6-96231b3b80d8 heckSecuritySyntaxOnly.cpp
5a8fc88b18793f25d4423805d7e4ac5d0325b9a6	13-Oct-2012	Ted Kremenek <kremenek@apple.com>	Silence null dereference warnings by documenting context-specific invariants using assertions. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@165840 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
441ee1dfa5ff8d904ad07dc3b7837c44d9f173eb	13-Oct-2012	Ted Kremenek <kremenek@apple.com>	Fix potential crash in ObjCContainersChecker by properly validating the number of arguments. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@165838 91177308-0d34-0410-b5e6-96231b3b80d8 bjCContainersASTChecker.cpp
42adacbb9bc7b6172bd36f9baa297180c77ab6d7	11-Oct-2012	Ted Kremenek <kremenek@apple.com>	Remove OSAtomicChecker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@165744 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td SAtomicChecker.cpp
48fa1361505c51cdc5e78deffdbdd7c334cca5d0	11-Oct-2012	Ted Kremenek <kremenek@apple.com>	Switch over to BodyFarm implementation of OSAtomicCompareAndSwap and objc_atomicCompareAndSwap. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@165743 91177308-0d34-0410-b5e6-96231b3b80d8 SAtomicChecker.cpp
bbff82f302a1dd67589f65912351978905f0c5a7	01-Oct-2012	Anna Zaks <ganna@apple.com>	Move isObjCSelf into Expr. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164966 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
b9733ac1a2012c3e909ac262073a6deb8533d2c7	01-Oct-2012	Anna Zaks <ganna@apple.com>	[analyzer] Address Jordan's review for r164868. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164965 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
43e8ef0b90dffcf9bda4fc2d3e6b21feb1e15bfb	01-Oct-2012	Ted Kremenek <kremenek@apple.com>	Add checker debug.ConfigDumper to dump the contents of the configuration table. The format of this output is a WIP; largely I'm bringing it up now for regression testing. We can evolve the output format over time. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164953 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td ebugCheckers.cpp
31f69cc770888ec0f0f7012212e5df7979aba4f3	29-Sep-2012	Anna Zaks <ganna@apple.com>	[analyzer] Re-implement IvarInvalidationChecker so that it verifies that the validation occurred. The original implementation was pessimistic - we assumed that ivars which escape are invalidated. This version is optimistic, it assumes that the ivars will always be explicitly invalidated: either set to nil or sent an invalidation message. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164868 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
bf24792e00a47fd9d74ff21e21d2cbffc6d62818	27-Sep-2012	Anna Zaks <ganna@apple.com>	[analyzer] Address Jordan's code review for r164790. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164803 91177308-0d34-0410-b5e6-96231b3b80d8 irectIvarAssignment.cpp
377945cc9e4f23cdbb01ade2a664acd5ff95a888	27-Sep-2012	Anna Zaks <ganna@apple.com>	[analyzer] IvarInvalidation: track synthesized ivars and allow escape through property getters. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164802 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
69e431e23d95013c3401067af112da9d6dbe10e1	27-Sep-2012	Anna Zaks <ganna@apple.com>	Unbreak cmake build (fixup for r164790) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164791 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
88a83e3f3bade5497ff371ed5a570b83d9373e3a	27-Sep-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add an experimental ObjC direct ivar assignment checker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164790 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td irectIvarAssignment.cpp
b087bbf3cf44a56d60ad1ed6fd5abb48dab0e0b3	27-Sep-2012	Anna Zaks <ganna@apple.com>	[analyzer] Address Jordan's code review comments for r164716. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164788 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td varInvalidationChecker.cpp
f3477c13eeaf11b32a41f181398fb5deffd0dd73	27-Sep-2012	Sylvestre Ledru <sylvestre@debian.org>	Revert 'Fix a typo 'iff' => 'if''. iff is an abreviation of if and only if. See: http://en.wikipedia.org/wiki/If_and_only_if Commit 164766 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164769 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
94ff8e1f57c6382d91d0de981a4f311509d83e37	27-Sep-2012	Sylvestre Ledru <sylvestre@debian.org>	Fix a typo 'iff' => 'if' git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164766 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
7836011482bc26dfebf15df4fd993d07b607fbcf	27-Sep-2012	NAKAMURA Takumi <geek4civic@gmail.com>	IvarInvalidationChecker.cpp: Remove an unused member, InterfD. [-Wunused-private-field] git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164745 91177308-0d34-0410-b5e6-96231b3b80d8 varInvalidationChecker.cpp
5bf5c2ec54ede5352293e5739e9b44bea2f6b01b	26-Sep-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add experimental ObjC invalidation method checker. This checker is annotation driven. It checks that the annotated invalidation method accesses all ivars of the enclosing objects that are objects of type, which in turn contains an invalidation method. This is driven by __attribute((annotation("objc_instance_variable_invalidator")). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164716 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td varInvalidationChecker.cpp
c693339753d7ec0b9af6a6e4173aeaf6f9ec866c	25-Sep-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fix a buildbot crash triggered by turning on dynamic dispatch. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164579 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
615a092a511cd2dfe1a5364ebf5f80e55e33034d	22-Sep-2012	Jordan Rose <jordan_rose@apple.com>	Use llvm::getOrdinalSuffix to print ordinal numbers in diagnostics. Just a refactoring of common infrastructure. No intended functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164443 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
991bcb4370fe849603346ebbddc8dd47bc29d235	22-Sep-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Check that an ObjCIvarRefExpr's base is non-null even as an lvalue. Like with struct fields, we want to catch cases like this early, so that we can produce better diagnostics and path notes: PointObj p = nil; int px = &p->_x; // should warn here *px = 1; git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164442 91177308-0d34-0410-b5e6-96231b3b80d8 ereferenceChecker.cpp
c20c7275c351f362b42915901d308ac66b8b71d1	20-Sep-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] MallocChecker should not do post-call checks on inlined functions. If someone provides their own function called 'strdup', or 'reallocf', or even 'malloc', and we inlined it, the inlining should have given us all the malloc-related information we need. If we then try to attach new information to the return value, we could end up with spurious warnings. <rdar://problem/12317671> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164276 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
5fc1d0c4532c55cc47ba6628f296bf5b86d2eaf0	17-Sep-2012	Anna Zaks <ganna@apple.com>	[analyzer] Teach the analyzer about implicit initialization of statics in ObjCMethods. Extend FunctionTextRegion to represent ObjC methods as well as functions. Note, it is not clear what type ObjCMethod region should return. Since the type of the FunctionText region is not currently used, defer solving this issue. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164046 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp allocChecker.cpp
45b76bad757d8b9f93df2b21ca012c309810d206	13-Sep-2012	Ted Kremenek <kremenek@apple.com>	Fix grammar. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163828 91177308-0d34-0410-b5e6-96231b3b80d8 acOSXAPIChecker.cpp
be879727893994532b4a643bfae6fb656742057f	13-Sep-2012	Ted Kremenek <kremenek@apple.com>	When warning about unsafe uses of dispatch_once, specially handle the crazy case where dispatch_once gets redefined as a macro that calls _dispatch_once (which calls the real dispatch_once). Users want to see the warning in their own code. Fixes <rdar://problem/11617767> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163816 91177308-0d34-0410-b5e6-96231b3b80d8 acOSXAPIChecker.cpp
16e6a7cb41319459ded69b4d47f405c1035dd347	13-Sep-2012	Anna Zaks <ganna@apple.com>	[analyzer] Do not report use of undef on "return foo();" when the return type is void. Fixes a false positive found by analyzing LLVM code base. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163750 91177308-0d34-0410-b5e6-96231b3b80d8 eturnUndefChecker.cpp
9dc298bf8e4001978e44e7f1872f337fe5805960	13-Sep-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fix another false positive in malloc realloc logic. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163749 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
e5cc4c967178669dd19832bc0fb03b293d5d969f	11-Sep-2012	Stephen Hines <srhines@google.com>	Merge up through LLVM r163557. New CommentCommandInfo and CommentHTMLTagsProperties targets for TableGen. Updated Android.mk source files for AST, StaticAnalyzer/Checkers, StaticAnalyzer/Core, driver, and TableGen. Split Rewrite/Android.mk into Core and Frontend sub-libraries. Change-Id: Ia114939e242a79570c41a519f4f3cc712a0ed9a8 ndroid.mk
9f0b1324a5352713337c75ef4a5acffd96609c6c	11-Sep-2012	Stephen Hines <srhines@google.com>	Merge branch 'upstream' into merge-2012_09_10
1ad23d62007162df82b58bca31b4aa277a5f6586	10-Sep-2012	Dmitri Gribenko <gribozavr@gmail.com>	Remove redundant semicolons which are null statements. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163546 91177308-0d34-0410-b5e6-96231b3b80d8 heckObjCDealloc.cpp
da88536ed2c2755873a0db72656e443b95068d45	10-Sep-2012	Benjamin Kramer <benny.kra@googlemail.com>	Make helper functions static. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163505 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp allAndMessageChecker.cpp
82f2ad456a82da1b9cb7ddfc994c8f5fa44b59e6	08-Sep-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] ObjCSelfInitChecker should always clean up in postCall checks. ObjCSelfInitChecker stashes information in the GDM to persist it across function calls; it is stored in pre-call checks and retrieved post-call. The post-call check is supposed to clear out the stored state, but was failing to do so in cases where the call did not have a symbolic return value. This was actually causing the inappropriate cache-out from r163361. Per discussion with Anna, we should never actually cache out when assuming the receiver of an Objective-C message is non-nil, because we guarded that node generation by checking that the state has changed. Therefore, the only states that could reach this exact ExplodedNode are ones that should have merged /before/ making this assumption. r163361 has been reverted and the test case removed, since it won't actually test anything interesting now. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163449 91177308-0d34-0410-b5e6-96231b3b80d8 bjCSelfInitChecker.cpp
a435e6989de2c668c5c512dda48e6f8756e0ba2c	08-Sep-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add debug output for ObjCSelfInitChecker's state. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163448 91177308-0d34-0410-b5e6-96231b3b80d8 bjCSelfInitChecker.cpp
9f6ec8253e3ec3e9722ca7e4599f977db2f786ef	08-Sep-2012	Anna Zaks <ganna@apple.com>	[analyzer] Address John's code review for r163407. Teach malloc sizeof checker to find type inconsistencies in multi- dimensional arrays. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163438 91177308-0d34-0410-b5e6-96231b3b80d8 allocSizeofChecker.cpp
47cbd0f3892c7965cf16a58393f9f17a22d4d4d9	08-Sep-2012	Ted Kremenek <kremenek@apple.com>	Remove ProgramState::getSymVal(). It was being misused by Checkers, with at least one subtle bug in MacOSXKeyChainAPIChecker where the calling the method was a substitute for assuming a symbolic value was null (which is not the case). We still keep ConstraintManager::getSymVal(), but we use that as an optimization in SValBuilder and ProgramState::getSVal() to constant-fold SVals. This is only if the ConstraintManager can provide us with that information, which is no longer a requirement. As part of this, introduce a default implementation of ConstraintManager::getSymVal() which returns null. For Checkers, introduce ConstraintManager::isNull(), which queries the state to see if the symbolic value is constrained to be a null value. It does this without assuming it has been implicitly constant folded. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163428 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp allocChecker.cpp etainCountChecker.cpp
258bd59eee5403fc2a98fb23df71fa0281a3ec29	07-Sep-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fix a false positive in sizeof malloc checker. Don't warn when the sizeof argument is an array with the same element type as the pointee of the return type. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163407 91177308-0d34-0410-b5e6-96231b3b80d8 allocSizeofChecker.cpp
2ab012a6de2b2769ec7ad99c4b61788cc5175d17	07-Sep-2012	Ted Kremenek <kremenek@apple.com>	Fix off-by-one bug in diagnostic prose of ObjCContainersASTChecker. While the check itself should count 0-based for the parameter index, the diagnostic should be 1-based (first, second, third, not start at 0). Fixes <rdar://problem/12249569>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163375 91177308-0d34-0410-b5e6-96231b3b80d8 bjCContainersASTChecker.cpp
061707a86f20bf608758e7013df24bd1be12ffc6	07-Sep-2012	Ted Kremenek <kremenek@apple.com>	Teach RetainCountChecker that CFPlugInInstanceCreate does not return a CF object at all. Fixes <rdar://problem/9566345> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163362 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
ec9f36ea83e0f57683dceaa53163f6246d1442d5	07-Sep-2012	Ted Kremenek <kremenek@apple.com>	Refine diagnostics for leaks reported when returning an object via function/method with [CF,NS]_RETURNS_NOT_RETAINED. Fixes <rdar://problem/11379000>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163355 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
2827f5af018c515986ffb1779ec2e7246988f150	07-Sep-2012	Ted Kremenek <kremenek@apple.com>	Tweak DeadStoresChecker to not warn about dead stores to variables that are used in EH code. Right now the CFG doesn't support exceptions well, so we need this hack to avoid bogus dead store warnings. Fixes <rdar://problem/12147586> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163353 91177308-0d34-0410-b5e6-96231b3b80d8 eadStoresChecker.cpp
200fa2e70d52ae6d620e81cd45536071fdde70c0	06-Sep-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Don't attempt to devirtualize calls to base class destructors. CXXDestructorCall now has a flag for when it is a base destructor call. Other kinds of destructor calls (locals, fields, temporaries, and 'delete') all behave as "whole-object" destructors and do not behave differently from one another (specifically, in these cases we /should/ try to devirtualize a call to a virtual destructor). This was causing crashes in both our internal buildbot, the crash still being tracked in PR13765, and some of the crashes being tracked in PR13763, due to a assertion failure. (The behavior under -Asserts happened to be correct anyway.) Adding this knowledge also allows our DynamicTypePropagation checker to do a bit less work; the special rules about virtual method calls during a destructor only require extra handling during base destructors. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163348 91177308-0d34-0410-b5e6-96231b3b80d8 ynamicTypePropagation.cpp
9b925ac059089dfe74e3b8fa5effe519fb9ee885	06-Sep-2012	Anna Zaks <ganna@apple.com>	[analyzer] Enhance the member expr tracking to account for references. As per Jordan's suggestion. (Came out of code review for r163261.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163269 91177308-0d34-0410-b5e6-96231b3b80d8 ereferenceChecker.cpp
9bc1e6db1c0a1d57eaf9b35eb3ab8a60ffb437ed	06-Sep-2012	Anna Zaks <ganna@apple.com>	[analyzer] Remove unneeded code. This region is set as interesting as part of trackNullOrUndefValue call, no need to mark it as interesting twice. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163260 91177308-0d34-0410-b5e6-96231b3b80d8 ereferenceChecker.cpp
d21c96409fee1d09331d9218bd673d0df7352874	05-Sep-2012	Ted Kremenek <kremenek@apple.com>	Fix indentation. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163176 91177308-0d34-0410-b5e6-96231b3b80d8 allocSizeofChecker.cpp
4a25f3056416aaffa7852985c2045634e5275876	01-Sep-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Future-proofing r163012 (nameless functions and RetainCountChecker) Any future exceptions need to go INSIDE the test that checks if the IdentifierInfo is non-null! No functionality change. Thanks for the review, Ted. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163067 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
5699f62df144545702b91e91836a63db4e5f2627	01-Sep-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Always derive a CallEvent's return type from its origin expr. Previously, we preferred to get a result type by looking at the callee's declared result type. This allowed us to handlereferences, which are represented in the AST as lvalues of their pointee type. (That is, a call to a function returning 'int &' has type 'int' and value kind 'lvalue'.) However, this results in us preferring the original type of a function over a casted type. This is a problem when a function pointer is casted to another type, because the conjured result value will have the wrong type. AdjustedReturnValueChecker is supposed to handle this, but still doesn't handle the case where there is no "original function" at all, i.e. where the callee is unknown. Now, we instead look at the call expression's value kind (lvalue, xvalue, or prvalue), and adjust the expr's type accordingly. This will have no effect when the function is inlined, and will conjure the value that will actually be used when it is not. This makes AdjustedReturnValueChecker /nearly/ unnecessary; unfortunately, the cases where it would still be useful are where we need to cast the result of an inlined function or a checker-evaluated function, and in these cases we don't know what we're casting /from/ by the time we can do post- call checks. In light of that, remove AdjustedReturnValueChecker, which was already not checking quite a few calls. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163065 91177308-0d34-0410-b5e6-96231b3b80d8 djustedReturnValueChecker.cpp MakeLists.txt heckers.td
a89f719ad3a7134e3eec7c9e03aa0e22031c0de9	31-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] RetainCountChecker: don't assume all functions have names. Fixes a hard-to-reach crash when calling a non-member overloaded operator with arguments that may be callbacks. Future-proofing: don't make the same assumption in MallocSizeofChecker. Aside from possibly respecting attributes in the future, it might be possible to call 'malloc' through a function pointer. I audited all other uses of FunctionDecl::getIdentifier() in the analyzer; they all now correctly test to see if the identifier is present before using it. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163012 91177308-0d34-0410-b5e6-96231b3b80d8 allocSizeofChecker.cpp etainCountChecker.cpp
43d3974ab355daa77c2b7cdae62737be1a60beb9	31-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Remove cast inside dyn_cast. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162951 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
dc601f4a9f69315521abddbca04d4652deee5fdb	31-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fixup for r162935 as per Jordan's review. Thanks for catching this! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162949 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
05fcbd3dc28f4cba4a6d33e7aeaabb5f6f7837e3	30-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Do not propagate the [super init] could be nil assumption from callee to caller. radar://12109638 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162935 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
e788365f513a579b03ff7f49296d5b95645ea3fe	30-Aug-2012	Ted Kremenek <kremenek@apple.com>	Teach RetainCountChecker about 'pragma clang arc_cf_code_audited'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162934 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
554067f290282f366ccf65a27e0b914aa67a52c6	30-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Stop tracking symbols based on a retain count summary of inlined function. This resolves retain count checker false positives that are caused by inlining ObjC and other methods. Essentially, if we are passing an object to a method with "delegate" in the selector or a function pointer as another argument, we should stop tracking the other parameters/return value as far as the retain count checker is concerned. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162876 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
80de487e03dd0f44e4572e2122ebc1aa6a3961f5	29-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Improved diagnostic pruning for calls initializing values. This heuristic addresses the case when a pointer (or ref) is passed to a function, which initializes the variable (or sets it to something other than '0'). On the branch where the inlined function does not set the value, we report use of undefined value (or NULL pointer dereference). The access happens in the caller and the path through the callee would get pruned away with regular path pruning. To solve this issue, we previously disabled diagnostic pruning completely on undefined and null pointer dereference checks, which entailed very verbose diagnostics in most cases. Furthermore, not all of the undef value checks had the diagnostic pruning disabled. This patch implements the following heuristic: if we pass a pointer (or ref) to the region (on which the error is reported) into a function and it's value is either undef or 'NULL' (and is a pointer), do not prune the function. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162863 91177308-0d34-0410-b5e6-96231b3b80d8 ereferenceChecker.cpp eturnUndefChecker.cpp ndefBranchChecker.cpp ndefResultChecker.cpp ndefinedAssignmentChecker.cpp
73212dff6437d409e0c1b779fdcac2f4f98ca8b0	29-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] C++ objects returned on the stack may be wrapped in ExprWithCleanups. In C++, objects being returned on the stack are actually copy-constructed into the return value. That means that when a temporary is returned, it still has to be destroyed, i.e. the returned expression will be wrapped in an ExprWithCleanups node. Our "returning stack memory" checker needs to look through this node to see if we really are returning an object by value. PR13722 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162817 91177308-0d34-0410-b5e6-96231b3b80d8 tackAddrEscapeChecker.cpp
a1f81bb0e55749a1414b1b5124bb83b9052ff2ac	28-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Rename addTrackNullOrUndefValueVisitor to trackNullOrUndefValue. This helper function (in the clang::ento::bugreporter namespace) may add more than one visitor, but conceptually it's tracking a single use of a null or undefined value and should do so as best it can. Also, the BugReport parameter has been made a reference to underscore that it is non-optional. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162720 91177308-0d34-0410-b5e6-96231b3b80d8 ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp StringChecker.cpp allAndMessageChecker.cpp ereferenceChecker.cpp ivZeroChecker.cpp bjCAtSyncChecker.cpp eturnUndefChecker.cpp ndefBranchChecker.cpp ndefResultChecker.cpp ndefinedArraySubscriptChecker.cpp ndefinedAssignmentChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp
c210cb7a358d14cdd93b58562f33ff5ed2d895c1	27-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Inline constructors for any object with a trivial destructor. This allows us to better reason about status objects, like Clang's own llvm::Optional (when its contents are trivially destructible), which are often intended to be passed around by value. We still don't inline constructors for temporaries in the general case. <rdar://problem/11986434> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162681 91177308-0d34-0410-b5e6-96231b3b80d8 tackAddrEscapeChecker.cpp
3d578130c438585476d31f0e8c0bf3223992d683	24-Aug-2012	Ted Kremenek <kremenek@apple.com>	Rename the "experimental" checker package to "alpha". We will then refine this group into "alpha" and "beta" to distinguish between checkers in different levels of premature state. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162582 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
55dd956d521d4d650dfd929d67f4b98ede61c0ea	24-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fix realloc related bug in the malloc checker. When reallocation of a non-allocated (not owned) symbol fails do not expect it to be freed. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162533 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
8eba6f194484c38ed724375aeab27de556113a84	23-Aug-2012	Stephen Hines <srhines@google.com>	Add new files for merge to upstream r162325. Change-Id: I44af8265445bd67d7985164e2e3117b8c3d8d3c1 ndroid.mk
80ea4bc944eb01c220eeaa004b21ad709ba928e1	24-Aug-2012	Stephen Hines <srhines@google.com>	Merge branch 'upstream' into merge_2 Conflicts: lib/Sema/SemaDeclAttr.cpp Change-Id: If47d0d39459760017258502b4d9e859ac36a273b
4f534e70b0922fa74d56022b71f0099d4b2c4e6b	24-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Remove unnecessary code. This code has been added a while ago and removing it does not trigger any test failures. The false positives it was trying to suppress are probably handled by other logic (ex: special handling of delegates). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162529 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
5a90193ad825656d4a03099cd5e9c928d1782b5e	24-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Make analyzer less aggressive when dealing with [self init]. With inlining, retain count checker starts tracking 'self' through the init methods. The analyser results were too noisy if the developer did not follow 'self = [super init]' pattern (which is common especially in older code bases) - we reported self init anti-pattern AND possible use-after-free. This patch teaches the retain count checker to assume that [super init] does not fail when it's not consumed by another expression. This silences the retain count warning that warns about possibility of use-after-free when init fails, while preserving all the other checking on 'self'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162508 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
769bc07f4199b5889a88cf092ab4713d5520ff33	23-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fixup to r162399. Initialize the member variable. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162405 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
266636128f87c167ff5a99e2e6e6136ab2495f08	22-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add osx.cocoa.NonNilReturnValue checker. The checker adds assumptions that the return values from the known APIs are non-nil. Teach the checker about NSArray/NSMutableArray/NSOrderedSet objectAtIndex, objectAtIndexedSubscript. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162398 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp heckers.td
56a46b51df691f857f7120aaf2d4deeff0b014de	22-Aug-2012	Ted Kremenek <kremenek@apple.com>	Rename 'unbindLoc()' (in ProgramState) and 'Remove()' to 'killBinding()'. The name is more specific, and one just forwarded to the other. Add some doxygen comments along the way. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162350 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
66c486f275531df6362b3511fc3af6563561801b	22-Aug-2012	Ted Kremenek <kremenek@apple.com>	Rename 'currentX' to 'currX' throughout analyzer and libAnalysis. Also rename 'getCurrentBlockCounter()' to 'blockCount()'. This ripples a bunch of code simplifications; mostly aesthetic, but makes the code a bit tighter. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162349 91177308-0d34-0410-b5e6-96231b3b80d8 uiltinFunctionChecker.cpp StringChecker.cpp allocChecker.cpp etainCountChecker.cpp treamChecker.cpp
3b1df8bb941a18c4a7256d7cfcbccb9de7e39995	22-Aug-2012	Ted Kremenek <kremenek@apple.com>	Rename 'getConjuredSymbol' to 'conjureSymbol'. No need to have the "get", the word "conjure" is a verb too! Getting a conjured symbol is the same as conjuring one up. This shortening is largely cosmetic, but just this simple changed cleaned up a handful of lines, making them less verbose. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162348 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp etainCountChecker.cpp treamChecker.cpp
9641d451d5d97474a4ae0788114f22ddfe65dc9e	22-Aug-2012	Ted Kremenek <kremenek@apple.com>	Remove stale header file. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162341 91177308-0d34-0410-b5e6-96231b3b80d8 bjCAtSyncChecker.cpp
fa06f0464a04bb7fce1fcfb3780d151bb029e00c	20-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Replace boolean IsSink parameters with 'generateSink' methods. Generating a sink is significantly different behavior from generating a normal node, and a simple boolean parameter can be rather opaque. Per offline discussion with Anna, adding new generation methods is the clearest way to communicate intent. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162215 91177308-0d34-0410-b5e6-96231b3b80d8 SAtomicChecker.cpp etainCountChecker.cpp
2bce86c836f6d6e00f7d2f92bc20e5250d5c4232	18-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Remove obsolete GenericNodeBuilderRefCount from RetainCountChecker. This was once an adapter class between callbacks that had CheckerContexts and those that don't, but for a while now it's essentially just been a wrapper around a ProgramPointTag. We can just pass the tag around instead. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162155 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
7f660857309a14c036a80ef90b40bf8f68fda9da	15-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] If we call a C++ method on an object, assume it's non-null. This is analogous to our handling of pointer dereferences: if we dereference a pointer that may or may not be null, we assume it's non-null from then on. While some implementations of C++ (including ours) allow you to call a non-virtual method through a null pointer of object type, it is technically disallowed by the C++ standard, and should not prune out any real paths in practice. [class.mfct.non-static]p1: A non-static member function may be called for an object of its class type, or for an object of a class derived from its class type... (a null pointer value does not refer to an object) We can also make the same assumption about function pointers. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161992 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp
4e79fdfe22db1c982e8fdf8397fee426a8c57821	15-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Correctly devirtualize virtual method calls in constructors. This is the other half of C++11 [class.cdtor]p4 (the destructor side was added in r161915). This also fixes an issue with post-call checks where the 'this' value was already being cleaned out of the state, thus being omitted from a reconstructed CXXConstructorCall. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161981 91177308-0d34-0410-b5e6-96231b3b80d8 ynamicTypePropagation.cpp
0ad36baedc516005cb6ea97d96327517ebfe5138	15-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Correctly devirtualize virtual method calls in destructors. C++11 [class.cdtor]p4: When a virtual function is called directly or indirectly from a constructor or from a destructor, including during the construction or destruction of the class’s non-static data members, and the object to which the call applies is the object under construction or destruction, the function called is the final overrider in the constructor's or destructor's class and not one overriding it in a more-derived class. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161915 91177308-0d34-0410-b5e6-96231b3b80d8 ynamicTypePropagation.cpp
c6ba23f207410efcaf93132790218b9f9bcebe43	14-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Remove other #if 0 from Retain Count checker. These date back to 2009, 2011. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161876 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
81f01c62d74601303069682ce12210eb0368c8e7	14-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Remove autorelease pools code from the Retain Count checker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161875 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
f345ffb2f4e75e7837d9fba8745525b36fa92ee5	14-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fixup to r161821 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161854 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
c95bb76e85ff9a37de23821f713d947dcbc98f35	14-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Disable autorelease pool tracking. The autorelease pool has not been implemented completely: we were adding the autoreleased symbols to the state, but never looking at them. Until we have a complete implementation, remove the overhead and comment out the unused code. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161821 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
8d6b43c4acf666499ed456ef90e143fa6e84392e	14-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Refactor RetainReleaseChecker to go through a function call to set/get/remove the RefBinding. No functional change here. Having these setter and getter methods will make it much easier when replacing the underlining representation of RefBindings (I just went through the exercise). It makes the code more readable as well. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161820 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
955cd444f445bcdbade1cdd3926254c8ee7890d8	14-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add getStackFrame() to CheckerContext and ExplodedNode. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161819 91177308-0d34-0410-b5e6-96231b3b80d8 ynamicTypePropagation.cpp
e5399f1375f8571bdd821ae08291af1c895adfd3	11-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add clang_analyzer_checkInlined for debugging purposes. This check is also accessible through the debug.ExprInspection checker. Like clang_analyzer_eval, you can use it to test the analyzer engine's current state; the argument should be true or false to indicate whether or not you expect the function to be inlined. When used in the positive case (clang_analyzer_checkInlined(true)), the analyzer prints the message "TRUE" if the function is ever inlined. However, clang_analyzer_checkInlined(false) should never print a message; this asserts that there should be no paths on which the current function is inlined, but then there are no paths on which to print a message! (If the assertion is violated, the message "FALSE" will be printed.) This asymmetry comes from the fact that the only other chance to print a message is when the function is analyzed as a top-level function. However, when we do that, we can't be sure it isn't also inlined elsewhere (such as in a recursive function, or if we want to analyze in both general or specialized cases). Rather than have all checkInlined calls have an appended, meaningless "FALSE" or "TOP-LEVEL" case, there is just no message printed. void clang_analyzer_checkInlined(int); For debugging purposes only! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161708 91177308-0d34-0410-b5e6-96231b3b80d8 xprInspectionChecker.cpp
54918ba02ba900c0e0bb4fd3d749b6b1ac4e50a9	10-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Track if a region can be a subclass in the dynamic type info. When object is allocated with alloc or init, we assume it cannot be a subclass (currently used only for bifurcation purposes). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161682 91177308-0d34-0410-b5e6-96231b3b80d8 ynamicTypePropagation.cpp
d4fe57f7f7a8793227effc1274d70ec44cee9a4f	09-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Rename the function to better reflect what it actually does. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161617 91177308-0d34-0410-b5e6-96231b3b80d8 ynamicTypePropagation.cpp
431e35c279972a28be8adc31e127a207e666498d	09-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Cleanup of malloc checker. Remove Escaped state, which is not really necessary. We can just stop tracking the symbol instead of keeping it around and marking escaped. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161557 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
42f74f21ece01dc8573d5377859d327fbb23b26c	09-Aug-2012	Eli Friedman <eli.friedman@gmail.com>	clang support for Bitrig (an OpenBSD fork); patch by David Hill. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161546 91177308-0d34-0410-b5e6-96231b3b80d8 heckSecuritySyntaxOnly.cpp
919e8a1c6698bfa6848571d366430126bced727d	08-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Clean up the printing of FieldRegions for leaks. Unfortunately, generalized region printing is very difficult: - ElementRegions are used both for casting and as actual elements. - Accessing values through a pointer means going through an intermediate SymbolRegionValue; symbolic regions are untyped. - Referring to implicitly-defined variables like 'this' and 'self' could be very confusing if they come from another stack frame. We fall back to simply not printing the region name if we can't be sure it will print well. This will allow us to improve in the future. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161512 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
0d53ab4024488d0c6cd283992be3fd4b67099bd3	08-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Track malloc'd regions stored in structs. The main blocker on this (besides the previous commit) was that ScanReachableSymbols was not looking through LazyCompoundVals. Once that was fixed, it's easy enough to clear out malloc data on return, just like we do when we bind to a global region. <rdar://problem/10872635> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161511 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
8ed21ef726be89ef7151b5ff397631379bd8a537	07-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Address Jordan's review of DynamicTypePropagation. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161391 91177308-0d34-0410-b5e6-96231b3b80d8 ynamicTypePropagation.cpp
c4c647c88ced2e953f15f8987952ede9b96aa969	07-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Dynamic type info - propagate through implicit casts. I currently have a bit of redundancy with the cast kind switch statement inside the ImplicitCast callback, but I might be adding more casts going forward. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161358 91177308-0d34-0410-b5e6-96231b3b80d8 ynamicTypePropagation.cpp
c7ecc43c33a21b82c49664910b19fcc1f555aa51	07-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add a checker to manage dynamic type propagation. Instead of sprinkling dynamic type info propagation throughout ExprEngine, the added checker would add the more precise type information on known APIs (Ex: ObjC alloc, new) and propagate the type info in other cases (ex: ObjC init method, casts (the second is not implemented yet)). Add handling of ObjC alloc, new and init to the checker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161357 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td ynamicTypePropagation.cpp
15d18e15384c9e992bd294fc56f4fdf770763d71	06-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Ignore OS X 10.8's annotations for NSMakeCollectable. The frameworks correctly use the 'cf_consumed' and 'ns_returns_retained' attributes for NSMakeCollectable, but we can model the behavior under garbage collection more precisely than that. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161349 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
4d33286d59e5d71a072c7e08ea0c5dd65e45b81c	04-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc: remove assert since is not valid as of r161248 We can be in the situation where we did not track the symbol before realloc was called on it. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161294 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
a8695180217806bb421cfc6700bec76fc0b1ae56	04-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Use a more robust check for null in CallAndMessageChecker. This should fix the failing test on the buildbot as well. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161290 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp
522f46f497d9ccecc8bc2f5ec132b9bb7060dee1	04-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Don't assume values bound to references are automatically non-null. While there is no such thing as a "null reference" in the C++ standard, many implementations of references (including Clang's) do not actually check that the location bound to them is non-null. Thus unlike a regular null dereference, this will not cause a problem at runtime until the reference is actually used. In order to catch these cases, we need to not prune out paths on which the input pointer is null. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161288 91177308-0d34-0410-b5e6-96231b3b80d8 ereferenceChecker.cpp
685379965c1b105ce89cf4f6c60810932b7f4d0d	04-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] When a symbol is null, we should track its constraints. Because of this, we would previously emit NO path notes when a parameter is constrained to null (because there are no stores). Now we show where we made the assumption, which is much more useful. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161280 91177308-0d34-0410-b5e6-96231b3b80d8 ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp StringChecker.cpp allAndMessageChecker.cpp ereferenceChecker.cpp ivZeroChecker.cpp bjCAtSyncChecker.cpp eturnUndefChecker.cpp ndefBranchChecker.cpp ndefResultChecker.cpp ndefinedArraySubscriptChecker.cpp ndefinedAssignmentChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp
9da59a67a27a4d3fc9d59552f07808a32f85e9d3	04-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Track null/uninitialized C++ objects used in method calls. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161278 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp
ede875b794e8f35aa1432e61610ea6e84360b6d3	03-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc: track non-allocated but freed memory There is no reason why we should not track the memory which was not allocated in the current function, but was freed there. This would allow to catch more use-after-free and double free with no/limited IPA. Also fix a realloc issue which surfaced as the result of this patch. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161248 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
ee959355b93c0648fea88dc986d196e3705407dc	03-Aug-2012	Shih-wei Liao <sliao@google.com>	Apply changes to migrate to CLANG-160673-20120724. Change-Id: I00d23ac9b893c62dca281ec771eeb5f911854bae ndroid.mk
08fc8eb5a1cc9c01af67e016ab21c9b905711eb1	03-Aug-2012	Shih-wei Liao <sliao@google.com>	Merge with Clang upstream r160673 (Jul 24th 2012) Conflicts: lib/Sema/SemaDeclAttr.cpp Change-Id: I37f02f20642a037b9da8d35fefa01986cd250b14
9f3b9d54ccbbf212591602f389ebde7923627490	02-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add a simple check for initializing reference variables with null. There's still more work to be done here; this doesn't catch reference parameters or return values. But it's a step in the right direction. Part of <rdar://problem/11212286>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161214 91177308-0d34-0410-b5e6-96231b3b80d8 ereferenceChecker.cpp
d563d3fb73879df7147b8a5302c3bf0e1402ba18	30-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Only allow CallEvents to be created by CallEventManager. This ensures that it is valid to reference-count any CallEvents, and we won't accidentally try to reclaim a CallEvent that lives on the stack. It also hides an ugly switch statement for handling CallExprs! There should be no functionality change here. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160986 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
11abf2ad01f64ede7c0555167f41a1c5852f80c6	27-Jul-2012	NAKAMURA Takumi <geek4civic@gmail.com>	clang/lib: [CMake] Update tblgen'd dependencies. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160851 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
f540c54701e3eeb34cb619a3a4eb18f1ac70ef2d	26-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Rename Calls.{h,cpp} to CallEvent.{h,cpp}. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160815 91177308-0d34-0410-b5e6-96231b3b80d8 ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp allAndMessageChecker.cpp allocChecker.cpp SAutoreleasePoolChecker.cpp oReturnFunctionChecker.cpp bjCSelfInitChecker.cpp etainCountChecker.cpp raversalChecker.cpp
fc999ac663eca933359047c88dc4a1ef6e579e8a	26-Jul-2012	Ted Kremenek <kremenek@apple.com>	Add static analyzer check for calling a C++ instance method with a null/uninitialized pointer. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160767 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp
5292718007095d59ee9c4bca554a386674aa7045	25-Jul-2012	Ted Kremenek <kremenek@apple.com>	Remove experimental invalid iterators checker from the codebase until we have the time to fix all the issues. Currently the code is essentially unmaintained and buggy, and needs major revision (with coupled enhancements to the analyzer core). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160754 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td teratorsChecker.cpp
bed28ac1d1463adca3ecf24fca5c30646fa9dbb2	23-Jul-2012	Sylvestre Ledru <sylvestre@debian.org>	Fix a typo (the the => the) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160622 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp nixAPIChecker.cpp
8919e688dc610d1f632a4d43f7f1489f67255476	18-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Combine all ObjC message CallEvents into ObjCMethodCall. As pointed out by Anna, we only differentiate between explicit message sends This also adds support for ObjCSubscriptExprs, which are basically the same as properties in many ways. We were already checking these, but not emitting nice messages for them. This depends on the llvm::PointerIntPair change in r160456. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160461 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp heckerDocumentation.cpp etainCountChecker.cpp
7373ead8719ceedd21c108419159ea74b02b2461	18-Jul-2012	Benjamin Kramer <benny.kra@googlemail.com>	Remove trivial destructor from SVal. This enables the faster SmallVector in clang and also allows clang's unused variable warnings to be more effective. Fix the two instances that popped up. The RetainCountChecker change actually changes functionality, it would be nice if someone from the StaticAnalyzer folks could look at it. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160444 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp etainCountChecker.cpp
0ffbfd1a7f80f9a3c07317cb8f44c562f2ba1ba5	11-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add debug.DumpCalls, which prints out any CallEvents it sees. This is probably not so useful yet because it is not path-sensitive, though it does try to show inlining with indentation. This also adds a dump() method to CallEvent, which should be useful for debugging. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160030 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td raversalChecker.cpp
5ef6e94b294cc47750d8ab220858a36726caba59	11-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Guard against C++ member functions that look like system functions. C++ method calls and C function calls both appear as CallExprs in the AST. This was causing crashes for an object that had a 'free' method. <rdar://problem/11822244> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160029 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp acOSKeychainAPIChecker.cpp allocChecker.cpp treamChecker.cpp nixAPIChecker.cpp
852aa0d2c5d2d1faf2d77b5aa3c0848068a342c5	11-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Make CallEnter, CallExitBegin, and CallExitEnd not be StmtPoints These ProgramPoints are used in inlining calls, and not all calls have associated statements anymore. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160021 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp allocChecker.cpp etainCountChecker.cpp
8d276d38c258dfc572586daf6c0e8f8fce249c0e	11-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add a CXXDestructorCall CallEvent. While this work is still fairly tentative (destructors are still left out of the CFG by default), we now handle destructors in the same way as any other calls, instead of just automatically trying to inline them. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160020 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
28038f33aa2db4833881fea757a1f0daf85ac02b	11-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add new PreImplicitCall and PostImplicitCall ProgramPoints. These are currently unused, but are intended to be used in lieu of PreStmt and PostStmt when the call is implicit (e.g. an automatic object destructor). This also modifies the Data1 field of ProgramPoints to allow storing any pointer-sized value, as opposed to only aligned pointers. This is necessary to store SourceLocations. There is currently no BugReporter support for these; they should be skipped over in any diagnostic output. This commit also tags checkers that currently rely on function calls only occurring at StmtPoints. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160019 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp etainCountChecker.cpp
783db50d09cf2df90679331cca6c7254f4a2fbc5	10-Jul-2012	Anna Zaks <ganna@apple.com>	[analyzer] Remove redundant check (scalar type is a superset of integer) PR13319 Reported by Jozsef Mihalicza. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159996 91177308-0d34-0410-b5e6-96231b3b80d8 ivZeroChecker.cpp
8d3ba23f2d9e6c87794d059412a0808c9cbacb25	06-Jul-2012	Dmitri Gribenko <gribozavr@gmail.com>	Implement AST classes for comments, a real parser for Doxygen comments and a very simple semantic analysis that just builds the AST; minor changes for lexer to pick up source locations I didn't think about before. Comments AST is modelled along the ideas of HTML AST: block and inline content. * Block content is a paragraph or a command that has a paragraph as an argument or verbatim command. * Inline content is placed within some block. Inline content includes plain text, inline commands and HTML as tag soup. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159790 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
fdaa33818cf9bad8d092136e73bd2e489cb821ba	04-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] For now, don't inline non-static member overloaded operators. Our current inlining support (specifically RegionStore::enterStackFrame) doesn't know that calls to overloaded operators may be calls to non-static member functions, and that in these cases the first argument should be treated as 'this'. This caused incorrect results and sometimes crashes. The long-term fix will be to rewrite RegionStore::enterStackFrame to use CallEvent and its subclasses, but for now we can just disable these problematic calls by classifying them under a new CallEvent, CXXMemberOperatorCall. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159692 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
70cbf3cc09eb21db1108396d30a414ea66d842cc	03-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Introduce CXXAllocatorCall to handle placement arg invalidation. This is NOT full-blown support for operator new, but removes some nasty duplicated code introduced in r158784. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159608 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
fb3cc8be6941edc44cf2176335fa6090d8ff4425	02-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] If 'super' is known to be nil, we can still mark its range. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159596 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp
fe6a011a113b3ddcb32f42af152d7476054e7f79	02-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Convert existing checkers to use check::preCall and check::postCall. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159563 91177308-0d34-0410-b5e6-96231b3b80d8 ttrNonNullChecker.cpp allAndMessageChecker.cpp bjCSelfInitChecker.cpp etainCountChecker.cpp
96479da6ad9d921d875e7be29fe1bfa127be8069	02-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add generic preCall and postCall checks. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159562 91177308-0d34-0410-b5e6-96231b3b80d8 heckerDocumentation.cpp
de507eaf3cb54d3cb234dc14499c10ab3373d15f	02-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Finish replacing ObjCMessage with ObjCMethodDecl and friends. The preObjCMessage and postObjCMessage callbacks now take an ObjCMethodCall argument, which can represent an explicit message send (ObjCMessageSend) or an implicit message generated by a property access (ObjCPropertyAccess). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159559 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp allAndMessageChecker.cpp heckerDocumentation.cpp allocChecker.cpp SAutoreleasePoolChecker.cpp oReturnFunctionChecker.cpp bjCContainersChecker.cpp bjCSelfInitChecker.cpp etainCountChecker.cpp
cde8cdbd6a662c636164465ad309b5f17ff01064	02-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Begin replacing ObjCMessage with ObjCMethodCall and friends. Previously, the CallEvent subclass ObjCMessageInvocation was just a wrapper around the existing ObjCMessage abstraction (over message sends and property accesses). Now, we have abstract CallEvent ObjCMethodCall with subclasses ObjCMessageSend and ObjCPropertyAccess. In addition to removing yet another wrapper object, this should make it easy to add a ObjCSubscriptAccess call event soon. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159558 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp allocChecker.cpp bjCSelfInitChecker.cpp etainCountChecker.cpp
85d7e01cf639b257d70f8a129709a2d7594d7b22	02-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Move the last bits of CallOrObjCMessage over to CallEvent. This involved refactoring some common pointer-escapes code onto CallEvent, then having MallocChecker use those callbacks for whether or not to consider a pointer's /ownership/ as escaping. This still needs to be pinned down, and probably we want to make the new argumentsMayEscape() function a little more discerning (content invalidation vs. ownership/metadata invalidation), but this is a good improvement. As a bonus, also remove CallOrObjCMessage from the source completely. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159557 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
55037cdc2e29b70df2fd1ca0ba9d4c36da1049e8	02-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Convert CallAndMessageChecker and ObjCSelfInitChecker to CallEvent. Both of these got uglier rather than cleaner because we don't have preCall and postCall yet; properly wrapping a CallExpr in a CallEvent requires doing a bit of deconstruction on the callee. Even when we have preCall and postCall we may want to expose the current CallEvent to pre/postStmt<CallExpr>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159556 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp bjCSelfInitChecker.cpp
4531b7d64e1ed03a925ffdcfb4aa065f2721afb8	02-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Convert RetainCountChecker to use CallEvent as much as possible. This ended allowing quite a bit of cleanup, and some minor changes. - CallEvent makes it easy to use hasNonZeroCallbackArg more aggressively, which we check in order to avoid false positives with callbacks that might release the object. - In order to support this for functions which consume their arguments, there are two new ArgEffects: DecRefAndStopTracking and DecRefMsgAndStopTracking. These act just like StopTracking, except that if the object only had a return count of +1 it's now considered released instead (so we still get use-after-free messages). - On the plus side, we no longer have to special-case +[NSObject performSelector:withObject:afterDelay:] and friends. - The use of IdentifierInfos in the method summary cache is now hidden; only the ObjCInterfaceDecl gets passed around most of the time. - Since we cache all "simple" summaries and check every function call, there is no real benefit to having NULL stand in for default summaries anymore. - Whitespace, unused methods, etc. Even more simplification to come when we get check::postCall and can unify all these other post* checks. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159555 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
740d490593e0de8732a697c9f77b90ddd463863b	02-Jul-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add a new abstraction over all types of calls: CallEvent This is intended to replace CallOrObjCMessage, and is eventually intended to be used for anything that cares more about /what/ is being called than /how/ it's being called. For example, inlining destructors should be the same as inlining blocks, and checking __attribute__((nonnull)) should apply to the allocator calls generated by operator new. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159554 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp heckerDocumentation.cpp allocChecker.cpp etainCountChecker.cpp
b0754170b249e896298df24fa28fbd9a008a114d	29-Jun-2012	Ted Kremenek <kremenek@apple.com>	Revert "Tweak insecureAPI analyzer checks to have the ability to be individually disabled." Jordan Rose corrected me that this actually isn't needed. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159462 91177308-0d34-0410-b5e6-96231b3b80d8 heckSecuritySyntaxOnly.cpp
4f50875f3bb5174fe669a7a08790d76e67f4a7cd	29-Jun-2012	Ted Kremenek <kremenek@apple.com>	Tweak insecureAPI analyzer checks to have the ability to be individually disabled. The solution is a bit inefficient: it creates N checkers, one for each check, and each check does a dispatch on the function name. This is redundant, but we can fix this once we have the proper ability to enable/disable subchecks. Fixes <rdar://problem/11780180>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159459 91177308-0d34-0410-b5e6-96231b3b80d8 heckSecuritySyntaxOnly.cpp
8d0f528afd9fcb9ebb8ccb4b8a529a05375b628e	29-Jun-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add a test that we are, in fact, doing a DFS on the ExplodedGraph. Previously: ...the comment said DFS... ...the WorkList being instantiated said BFS... ...and the implementation was actually DFS... ...due to an unintentional change in 2010... ...and everything kept working anyway. This fixes our std::deque implementation of BFS, but switches back to a SmallVector-based implementation of DFS. We should probably still investigate the ramifications of DFS vs. BFS, especially for large functions (and especially when we hit our block path limit), since this might completely change our memory use. It can also mask some bugs and reveal others depending on when we halt analysis. But at least we will not have this kind of little mistake creep in again. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159397 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td raversalChecker.cpp
29299c6c98fa05f635c984898d0e9b5fcbb412d4	27-Jun-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] RetainCountChecker: remove unused SelfOwn ArgEffect kind. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159245 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
ee681111c713f300884550b1503713ade3b32374	25-Jun-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Be careful about implicitly-declared operator new/delete. (PR13090) The implicit global allocation functions do not have valid source locations, but we still want to treat them as being "system header" functions for the purposes of how they affect program state. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159160 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
7186dc63094d3ba24e57e16a66a226d21448dd4f	23-Jun-2012	Anna Zaks <ganna@apple.com>	[analyzer] Teach malloc checker that initWith[Bytes\|Characters}NoCopy relinquish memory. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159043 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
3e4f65d863bff9c4bbb2e7061a5d69b8c0366d66	23-Jun-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fixup to r158958. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159037 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
5b7aa34167f23e6137bd257addac4dd67f612ec4	22-Jun-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc: Warn about use-after-free when memory ownership was transfered with dataWithBytesNoCopy. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158958 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
b0d8671f95fe08a220118bca29063ba4d11a9dac	21-Jun-2012	Chandler Carruth <chandlerc@gmail.com>	Remove a goofy CMake hack and use the standard CMake facilities to express library-level dependencies within Clang. This is no more verbose really, and plays nicer with the rest of the CMake facilities. It should also have no change in functionality. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158888 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
52a04812e5767dab68efb33ad044760b5b168941	21-Jun-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc leak false positive: Allow xpc context to escape. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158875 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
050cdd7107526df8ff7a8e0a08b3e99c83c263c0	20-Jun-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc: cleanup, disallow free on relinquished memory. This commits sets the grounds for more aggressive use after free checking. We will use the Relinquished sate to denote that someone else is now responsible for releasing the memory. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158850 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
5f75768579b9b1d70d01903ab4766aede65defcc	19-Jun-2012	Anna Zaks <ganna@apple.com>	[analyzer] Allow pointers to escape into NSPointerArray. (Fixes radar://11691035 PR13140) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158703 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
1bf908df57cc43f3bc7296f4e51f5708bd323c6b	16-Jun-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Buffers passed to CGBitmapContextCreate can escape. Specifically, although the bitmap context does not take ownership of the buffer (unlike CGBitmapContextCreateWithData), the data buffer can be extracted out of the created CGContextRef. Thus the buffer is not leaked even if its original pointer goes out of scope, as long as - the context escapes, or - it is retrieved via CGBitmapContextGetData and freed. Actually implementing that logic is beyond the current scope of MallocChecker, so for now CGBitmapContextCreate goes on our system function exception list. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158579 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
50571a9fd8871c722e8655c7c2c3b2871a0d14c1	15-Jun-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] RetainCount: don't track objects init'd with a delegate We already didn't track objects that have delegates or callbacks or objects that are passed through void * "context pointers". It's a not-uncommon pattern to release the object in its callback, and so the leak message we give is not very helpful. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158532 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
81c16fc757fe7b68cbd035765e3be92281625663	15-Jun-2012	James Dennett <jdennett@google.com>	Documentation cleanup: * Add \brief to produce a summary in the Doxygen output; * Add missing parameter names to \param commands; * Fix mismatched parameter names for \param commands; * Add a parameter name so that the \param has a target. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158503 91177308-0d34-0410-b5e6-96231b3b80d8 heckerDocumentation.cpp
1895a0a6936001374f66adbdfcf8abe5edf912ea	11-Jun-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add ObjCLoopChecker: objects from NSArray et al are non-nil. While collections containing nil elements can still be iterated over in an Objective-C for-in loop, the most common Cocoa collections -- NSArray, NSDictionary, and NSSet -- cannot contain nil elements. This checker adds that assumption to the analyzer state. This was the cause of some minor false positives concerning CFRelease calls on objects in an NSArray. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158319 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp heckers.td
9765ea9f755be50bb571100b44865f488e958d6d	11-Jun-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] When looking for a known class, only traverse the hierarchy once. This has a small hit in the case where only one class is interesting (NilArgChecker) but is a big improvement when looking for one of several interesting classes (VariadicMethodTypeChecker), in which the most common case is that there is no match. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158318 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
2e336ac5ace420470bbb0ff54a94a5484443a44f	08-Jun-2012	Anna Zaks <ganna@apple.com>	[analyzer] MallocSizeofChecker false positive: when sizeof is argument to addition. We should not to warn in case the malloc size argument is an addition containing 'sizeof' operator - it is common to use the pattern to pack values of different sizes into a buffer. Ex: uint8_t buffer = (uint8_t)malloc(dataSize + sizeof(length)); git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158219 91177308-0d34-0410-b5e6-96231b3b80d8 allocSizeofChecker.cpp
e17fdb2d5dbf0ffefd417587003eebbe5baf5984	07-Jun-2012	Anna Zaks <ganna@apple.com>	[analyzer] Anti-aliasing: different heap allocations do not alias Add a concept of symbolic memory region belonging to heap memory space. When comparing symbolic regions allocated on the heap, assume that they do not alias. Use symbolic heap region to suppress a common false positive pattern in the malloc checker, in code that relies on malloc not returning the memory aliased to other malloc allocations, stack. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158136 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
581deb3da481053c4993c7600f97acf7768caac5	06-Jun-2012	David Blaikie <dblaikie@gmail.com>	Revert Decl's iterators back to pointer value_type rather than reference value_type In addition, I've made the pointer and reference typedef 'void' rather than T* just so they can't get misused. I would've omitted them entirely but std::distance likes them to be there even if it doesn't use them. This rolls back r155808 and r155869. Review by Doug Gregor incorporating feedback from Chandler Carruth. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158104 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp heckObjCDealloc.cpp LVMConventionsChecker.cpp bjCUnusedIVarsChecker.cpp
facde171ae4b8926622a1bffa833732a06f1875b	06-Jun-2012	Benjamin Kramer <benny.kra@googlemail.com>	Remove unused private member variables found by clang's new -Wunused-private-field. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158086 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp etainCountChecker.cpp irtualCallChecker.cpp
ce56fd3d6ddf3f1b7ae1a3ca3dd4a8768222594c	06-Jun-2012	Ted Kremenek <kremenek@apple.com>	Disable path pruning for UndefResultChecker. It turns out we usually want to see more of the path to discover how a value was used uninitialized. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158048 91177308-0d34-0410-b5e6-96231b3b80d8 ndefResultChecker.cpp
48d798ce32447607144db70a484cdb99c1180663	02-Jun-2012	Benjamin Kramer <benny.kra@googlemail.com>	Fix typos found by http://github.com/lyda/misspell-check git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@157886 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp allocChecker.cpp
dd82519ac6c322a6183954848b5b55deb6c364f7	02-Jun-2012	Ted Kremenek <kremenek@apple.com>	Disable diagnosic path pruning for ReturnUndefChecker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@157851 91177308-0d34-0410-b5e6-96231b3b80d8 eturnUndefChecker.cpp
605954e8dfaf055da4446935493f9b0bf81814bc	31-May-2012	Tom Care <tom.care@uqconnect.edu.au>	[analyzer] Fix BugType memory leak in IdempotentOperationChecker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@157772 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp
ed7948b55fa4b2505f240cc5287137f451172b4c	31-May-2012	Ted Kremenek <kremenek@apple.com>	Allow some BugReports to opt-out of PathDiagnostic callstack pruning until we have significantly improved the pruning heuristics. The current heuristics are pretty good, but they make diagnostics for uninitialized variables warnings particularly useless in some cases. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@157734 91177308-0d34-0410-b5e6-96231b3b80d8 ereferenceChecker.cpp ndefBranchChecker.cpp ndefCapturedBlockVarChecker.cpp ndefinedAssignmentChecker.cpp
28b230723d5daf3c48c2e134f4b5626bd69392c8	27-May-2012	Benjamin Kramer <benny.kra@googlemail.com>	Replace some custom hash combines with the standard stuff from DenseMapInfo. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@157531 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
be72df01a84fc4f978f5cb03ac92d4bd1e5ced30	24-May-2012	Anna Zaks <ganna@apple.com>	[analyzer] Minor cleanup to checkers' help text. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@157402 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
a38cb2ccb1c501f3cf421396262da80008d62e87	19-May-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc checker: remove unnecessary comparisons. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@157081 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
1434518f17272968765602a54391c794c975350a	18-May-2012	Anna Zaks <ganna@apple.com>	[analyzer]Malloc: refactor and report use after free by memory allocating functions. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@157037 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
93a9d828378b5c969344f27aeb275b8c2a19d918	16-May-2012	Jordy Rose <jediknil@belkadan.com>	[analyzer] Introduce clang_analyzer_eval for regression test constraint checks. The new debug.ExprInspection checker looks for calls to clang_analyzer_eval, and emits a warning of TRUE, FALSE, or UNKNOWN (or UNDEFINED) based on the constrained value of its (boolean) argument. It does not modify the analysis state though the conditions tested can result in branches (e.g. through the use of short-circuit operators). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156919 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td xprInspectionChecker.cpp
5ec351c9507f12d5bede569c51d5257fad167134	16-May-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fix a regression in ObjCUnusedIVars checker. We can no longer rely on children iterator to visit all the AST tree children of an expression (OpaqueValueExpr has no children). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156870 91177308-0d34-0410-b5e6-96231b3b80d8 bjCUnusedIVarsChecker.cpp
6e4244ee86a2d71af4eac791808f2dc50c7484e6	14-May-2012	Jordy Rose <jediknil@belkadan.com>	[analyzer] strncpy: Special-case a length of 0 to avoid an incorrect warning. We check the address of the last element accessed, but with 0 calculating that address results in element -1. This patch bails out early (and avoids a bunch of other work at that). Fixes PR12807. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156769 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
70fdbc366da85880aae5baebd3351e993ca05603	12-May-2012	Jordy Rose <jediknil@belkadan.com>	[analyzer] RetainCountChecker: track ObjC boxed expression objects. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156699 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
88feba05142651618aba0a0e57b0b98e026de336	10-May-2012	Anna Zaks <ganna@apple.com>	[analyzer] Do not highlight the range of the statement in case of leak. We report a leak at a point a leaked variable is no longer accessible. The statement that happens to be at that point is not relevant to the leak diagnostic and, thus, should not be highlighted. radar://11178519 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156530 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
6a2a1865f8bfaedff312b043f1e875a43e95b259	08-May-2012	Anna Zaks <ganna@apple.com>	[analyzer] SelfInit: Stop tracking self if it's assigned a value we don't reason about. Self is just like a local variable in init methods, so it can be assigned anything like result of static functions, other methods ... So to suppress false positives that result in such cases, stop tracking the checker-specific state after self is being assigned to (unless the value is't being assigned to is either self or conforms to our rules). This change does not invalidate any existing regression tests. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156420 91177308-0d34-0410-b5e6-96231b3b80d8 bjCSelfInitChecker.cpp
c91fdf662d4f453ce9bb975b25cec348d0ced9c6	08-May-2012	Ted Kremenek <kremenek@apple.com>	Teach the static analyzer that NSLog() and friends do not hold on to object references (thus extending their lifetime). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156346 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
ca11510d399ae0493bcb3daf24e3c1df399d75f2	08-May-2012	Anna Zaks <ganna@apple.com>	[analyzer]Turn on MallocSizeOfChecker by default; shorten the diagnostic git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156341 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td allocSizeofChecker.cpp
41a669a30074dcc221ba199e5dde484cc33adba1	07-May-2012	Anna Zaks <ganna@apple.com>	[analyzer]Fixup r156215: use StopTracking summary instead of ScratchArgs As per Jordy's and Ted's comment, use the default StopTracking summary instead of adding all arguments to ScratchArs. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156310 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
58822c403cc8855adeecba92248612ee08dc1f3a	05-May-2012	Anna Zaks <ganna@apple.com>	[analyzer] RetainCountChecker: Allow objects to escape through callbacks Fixes radar://10973977. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156215 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
aca0ac58d2ae80d764e3832456667d7322445e0c	04-May-2012	Anna Zaks <ganna@apple.com>	[analyzer] Allow pointers escape through calls containing callback args. (Since we don't have a generic pointer escape callback, modify ExprEngineCallAndReturn as well as the malloc checker.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156134 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
dd160f3ed50def10765ed823bf4ce2a56b2cd035	03-May-2012	Anna Zaks <ganna@apple.com>	[analyzer] CString Checker: Do not split the path unless the user specifically checks for equality to null. Enforcing this general practice, which keeps the analyzer less noisy, in the CString Checker. This change suppresses "Assigned value is garbage or undefined" warning in the added test case. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156085 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
e7958da55ec0ec66e56b6beed6c6ce24dbdc4075	02-May-2012	Anna Zaks <ganna@apple.com>	[analyzer] RetainRelease: Self assignment should not suppress a leak warning. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@155966 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
93c5a24b517e65eb61481ed866b503f1e37cff20	02-May-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fix the 'ptr = ptr' false negative in the Malloc checker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@155963 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
537dd3a8c87765245aad792a3356852a87380a30	01-May-2012	Ted Kremenek <kremenek@apple.com>	Teach RetainCountchecker about IORegistryEntrySearchCFProperty returning retained objects. I know there is an SDK enhancement request for this to have the cf_returns_retained annotation, so this is just a stop gap. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@155887 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
88db6a2daa8bb55fe924773805f42616c8a4f314	01-May-2012	Ted Kremenek <kremenek@apple.com>	malloc size checker: Ignore const'ness of pointer types when determining of a sizeof() type is compatible with a pointed type. Fixes <rdar://problem/11292586>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@155864 91177308-0d34-0410-b5e6-96231b3b80d8 allocSizeofChecker.cpp
262bc18e32500558af7cb0afa205b34bd37bafed	30-Apr-2012	David Blaikie <dblaikie@gmail.com>	Remove the ref/value inconsistency in filter_decl_iterator. filter_decl_iterator had a weird mismatch where both op* and op-> returned T* making it difficult to generalize this filtering behavior into a reusable library of any kind. This change errs on the side of value, making op-> return T* and op* return T&. (reviewed by Richard Smith) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@155808 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp heckObjCDealloc.cpp LVMConventionsChecker.cpp bjCUnusedIVarsChecker.cpp
befc6d2eae269efa2da9c81d0be8dba144a74d47	26-Apr-2012	Ted Kremenek <kremenek@apple.com>	Teach RetainCountChecker that it doesn't quite understand pthread_setspecific and it should just give up when it sees it. Fixes <rdar://problem/11282706>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@155613 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
28c9e5720dea5f7b9a4d154ee49886c69de8ae29	24-Apr-2012	Shih-wei Liao <sliao@google.com>	Migrate external/clang to CLANG-155088-20120419. Change-Id: I7e31d8b22ef405f54838a8582c78291fa45ca344 ndroid.mk
fa784da5b9039ead42323bfe9ae6d33ab3c5c6b3	24-Apr-2012	Shih-wei Liao <sliao@google.com>	Merge with CLANG upstream r155088. Conflicts: lib/Basic/Targets.cpp Change-Id: Id80f069ae25e623967b705e9fa11cfd94dd2461c
9a70cddef6850f302615b4f5d27f16ec45926ca6	16-Apr-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fix a false alarm in SelfInitChecker (radar://11235991). Along with it, fix a couple of other corner cases and add more tests. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@154866 91177308-0d34-0410-b5e6-96231b3b80d8 bjCSelfInitChecker.cpp
259052d8c819d101f6f627f960f56e582ecbcebc	11-Apr-2012	Anna Zaks <ganna@apple.com>	[analyzer] Don't crash even when the system functions are redefined. (Applied changes to CStringAPI, Malloc, and Taint.) This might almost never happen, but we should not crash even if it does. This fixes a crash on the internal analyzer buildbot, where postgresql's configure was redefining memmove (radar://11219852). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@154451 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp enericTaintChecker.cpp allocChecker.cpp
bd613137499b1d4c3b63dccd0aa21f6add243f4f	07-Apr-2012	Ted Kremenek <kremenek@apple.com>	Rework ExprEngine::evalLoad and clients (e.g. VisitBinaryOperator) so that when we generate a new ExplodedNode we use the same Expr* as the one being currently visited. This is preparation for transitioning to having ProgramPoints refer to CFGStmts. This required a bit of trickery. We wish to keep the old Expr* bindings in the Environment intact, as plenty of logic relies on it and there is no reason to change it, but we sometimes want the Stmt* for the ProgramPoint to be different than the Expr* being used for bindings. This requires adding an extra argument for some functions (e.g., evalLocation). This looks a bit strange for some clients, but it will look a lot cleaner when were start using CFGStmt* in the appropriate places. As some fallout, the diagnostics arrows are a bit difference, since some of the node locations have changed. I have audited these, and they look reasonable. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@154214 91177308-0d34-0410-b5e6-96231b3b80d8 SAtomicChecker.cpp
f439e00c7055d2d51b88141f63ebfc893af10951	06-Apr-2012	Jordy Rose <jediknil@belkadan.com>	[analyzer] Check that the arguments to NSOrderedSet creation methods are valid ObjC objects. Patch by Sean McBride! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@154194 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
6fd4505ad67a186da8cc26fdb493c93fe4937555	05-Apr-2012	Ted Kremenek <kremenek@apple.com>	Require that all static analyzer issues have a category. As part of this change, consolidate some commonly used category strings into global references (more of this can be done, I just did a few). Fixes <rdar://problem/11191537>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@154121 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckObjCDealloc.cpp heckObjCInstMethSignature.cpp langSACheckers.h ommonBugCategories.cpp allocOverflowSecurityChecker.cpp allocSizeofChecker.cpp bjCContainersASTChecker.cpp bjCContainersChecker.cpp bjCSelfInitChecker.cpp etainCountChecker.cpp nixAPIChecker.cpp
04a18c9f42e91db1b2d2c7483723c1cd321c3d39	05-Apr-2012	Ted Kremenek <kremenek@apple.com>	Teach ObjCContainersChecker that the array passed to CFArrayGetValueAtIndex might not be a symbolic value. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@154083 91177308-0d34-0410-b5e6-96231b3b80d8 bjCContainersChecker.cpp
bb811cab1bfa91074f1992b154fcb0c288e6eda3	04-Apr-2012	Ted Kremenek <kremenek@apple.com>	Look through chains of 'x = y = z' when employing silencing heuristics in the DeadStoresChecker. Fixes <rdar://problem/11185138>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@154040 91177308-0d34-0410-b5e6-96231b3b80d8 eadStoresChecker.cpp
07189521a15d9c088216b943649cb9fe231cbb57	04-Apr-2012	Ted Kremenek <kremenek@apple.com>	Include the "issue context" (e.g. function or method) where a static analyzer issue occurred in the plist output. Fixes <rdar://problem/11004527> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@154030 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp StringSyntaxChecker.cpp heckObjCDealloc.cpp heckObjCInstMethSignature.cpp heckSecuritySyntaxOnly.cpp heckSizeofPointer.cpp eadStoresChecker.cpp LVMConventionsChecker.cpp allocOverflowSecurityChecker.cpp allocSizeofChecker.cpp SErrorChecker.cpp bjCContainersASTChecker.cpp bjCUnusedIVarsChecker.cpp nreachableCodeChecker.cpp irtualCallChecker.cpp
4a5f724538cbc275370c9504e8169ce92503256c	01-Apr-2012	Benjamin Kramer <benny.kra@googlemail.com>	Analyzer: Store BugReports directly in a ilist instead of adding another layer of inderection with std::list git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153847 91177308-0d34-0410-b5e6-96231b3b80d8 nreachableCodeChecker.cpp
62a5c34ddc54696725683f6c5af1c8e1592c5c38	30-Mar-2012	Anna Zaks <ganna@apple.com>	[analyzer]Malloc,RetainRelease: Allow pointer to escape via NSMapInsert. Fixes a false positive (radar://11152419). The current solution of adding the info into 3 places is quite ugly. Pending a generic pointer escapes callback. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153731 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp etainCountChecker.cpp
64ee9d03c9fa0e9f4b944300167f871d9a65a991	28-Mar-2012	Anna Zaks <ganna@apple.com>	[analyzer] Refactor: Use Decl when determining if the Block belongs to the root function. (This is a bit cleaner then using the StackFrame.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153580 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp
65552ca127ac5d9b767c5f0b09d86e17cb3e9e5e	27-Mar-2012	Anna Zaks <ganna@apple.com>	[analyzer] Stats checker: minor interprocedural tweaks. Report root function name with exhausted block diagnostic. Also, use stack frames, not just any location context when checking if the basic block is in the same context. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153532 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp
de5b4fbe31e50641806234b3334eb9aa829673f8	27-Mar-2012	Ted Kremenek <kremenek@apple.com>	Change RetainCountChecker to eagerly "escape" retained objects when they are assigned to a struct. This is fallout from inlining results, which expose far more patterns where people stuff CF objects into structs and pass them around (and we can reason about it). The problem is that we don't have a general way to detect when values have escaped, so as an intermediate step we need to eagerly prune out such tracking. Fixes <rdar://problem/11104566>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153489 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
4cd7edfa851ff5d9b37d09539a77685a12e82994	26-Mar-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc: Allow a pointer to escape through OSAtomicEnqueue. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153453 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
560ad31c413724fafd13d6fd723e403f28daa132	22-Mar-2012	Shih-wei Liao <sliao@google.com>	Migrate external/clang to CLANG-153220-20120321. Change-Id: I3b469a42a5048f05f06d14aba34419119047e1a9 ndroid.mk
d316862f4fb281ec08a2e45cd3e5580574adb889	24-Mar-2012	Shih-wei Liao <sliao@google.com>	Merge branch 'upstream' into sliao_d
b000fb5999265d12d54a1ef9f31848c9e334dcaa	24-Mar-2012	Jordy Rose <jediknil@belkadan.com>	[analyzer] Tighten up the realloc() failure path note generation...make sure we get the right realloc()! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153370 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
3bc75ca0a636efdc93471c9b6bad43085a22bf3a	24-Mar-2012	Jordy Rose <jediknil@belkadan.com>	[analyzer] Restart path diagnostic generation if any of the visitors change the report configuration while walking the path. This required adding a change count token to BugReport, but also allowed us to ditch ImmutableList as the BugReporterVisitor data type. Also, remove the hack from MallocChecker, now that visitors appear in the opposite order. This is not exactly a fix, but the common case -- custom diagnostics after generic ones -- is now the default behavior. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153369 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
011534973e83db51f49098871186238fc64d5f54	24-Mar-2012	Jordy Rose <jediknil@belkadan.com>	[analyzer] Add a clone() method to BugReporterVisitor, so that we'll be able to reset diagnostic generation. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153368 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp allocChecker.cpp etainCountChecker.cpp
514f2c9dcb9e04b52929c5b141a6fe88bd68b33f	23-Mar-2012	Ted Kremenek <kremenek@apple.com>	Avoid applying retain/release effects twice in RetainCountChecker when a function call was inlined (i.e., we do not need to apply summaries in such cases). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153309 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
e8018f24f0f0e1cb1490c37b158da5d5c456e577	23-Mar-2012	Anton Yartsev <anton.yartsev@gmail.com>	corrected check::EndOfTranslationUnit checker name and added 'const' to declaration git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153302 91177308-0d34-0410-b5e6-96231b3b80d8 heckerDocumentation.cpp
749bbe6f5f23676244f12a0d41511c8e73516feb	22-Mar-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add stats useful for coverage investigations. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153280 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp
64394e2cc57d597eafe980bd94b060e2967a1cbd	22-Mar-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add inlining awareness to the block coverage computation (Stats Checker). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153279 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp
06911d4e88b1a6ca7ec3b2d8e234e679a4c09ff9	22-Mar-2012	Ted Kremenek <kremenek@apple.com>	"Teach" RetainCountChecker about dispatch_set_context, which can indirectly free its argument later. Fixes <rdar://problem/11059275>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153244 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
f5aa3f5e58356d0bea823fe75dd7bf6aea6f47f4	22-Mar-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc: drop symbols captured by blocks. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153232 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
850f1b1af015719ec10351bb93530101c265dd29	21-Mar-2012	Benjamin Kramer <benny.kra@googlemail.com>	Remove unused variable, fix indentation. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153220 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
3d7c44e01d568e5d5c0fac9c6ccb3f080157ba19	21-Mar-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc: Utter the name of the leaked variable. Specifically, we use the last store of the leaked symbol in the leak diagnostic. (No support for struct fields since the malloc checker doesn't track those yet.) + Infrastructure to track the regions used in store evaluations. This approach is more precise than iterating the store to obtain the region bound to the symbol, which is used in RetainCount checker. The region corresponds to what is uttered in the code in the last store and we do not rely on the store implementation to support this functionality. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153212 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
27b867ea1c9cb4b40f9b817c303d6df3ee753da9	21-Mar-2012	Anna Zaks <ganna@apple.com>	[analyser] Factor out FindUniqueBinding from RetainCount checker. So that others could use it as well. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153211 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
393f98b5b7f7c950d2b0a7d84501b5dfd00ad780	18-Mar-2012	Jordy Rose <jediknil@belkadan.com>	[analyzer] Mark a failed-realloc's result as an interesting symbol between the realloc call and the null check, so we get nicer path notes. Fixes a regression introduced by the diagnostic pruning added in r152361. This is accomplished by calling markInteresting /during/ path diagnostic generation, and as such relies on deterministic ordering of BugReporterVisitors -- namely, that BugReporterVisitors are run in /reverse/ order from how they are added. (Right now that's a consequence of storing visitors in an ImmutableList, where new items are added to the front.) It's a little hacky, but it works for now. I think this is the best we can do without storing the relation between the old and new symbols, and that would be a hit whether or not there ends up being an error. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153010 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
ef94588752babc1b7c46b955e57945fc4c183db2	18-Mar-2012	Jordy Rose <jediknil@belkadan.com>	[analyzer] Use a FoldingSet to cache simple RetainSummary instances, rather than explicitly keeping DoNothing and StopTracking summaries and nothing else. I tried to test the effects of this change on memory usage and run time, but what I saw on retain-release.m was indistinguishable from noise (debug and release builds). Even so, some caveman profiling showed 101 cache hits that we would have generated new summaries for before (i.e. not default or stop summaries), and the more code we analyze, the more memory we should save. Maybe we should have a standard project for benchmarking the retain count checker's memory and time? git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153007 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
f3aae58296fd5f930f7c4c0709886924e6822ae7	17-Mar-2012	Jordy Rose <jediknil@belkadan.com>	[analyzer] Unify retain-count summary generation for class and instance methods. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153001 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
e921b1a8b6b6f47abbc9b3de47cc74a34db2852b	17-Mar-2012	Jordy Rose <jediknil@belkadan.com>	[analyzer] Remove duplicate work on deriving method behavior. No functionality change. The cocoa::deriveNamingConventions helper is just using method families anyway now, and the way RetainSummaryTemplate works means we're allocating an extra summary for every method with a relevant family. Also, fix RetainSummaryTemplate to do the right thing w/r/t annotating an /existing/ summary. This was probably the real cause of <rdar://problem/10824732> and the fix in r152448. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152998 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
74b7b2b42dd710ccea78d86a47c979d4b2af7093	17-Mar-2012	Jordy Rose <jediknil@belkadan.com>	[analyzer] Don't claim an object was returned with +1 retain count before counting autoreleases. Fixes PR10376. (Also, 80-column violations.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152976 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
fbd58743fa6c793b84ed60a0e2325335a53da6c4	17-Mar-2012	Anna Zaks <ganna@apple.com>	[analyzer] Shorten the stack hint diagnostic. Do not display the standard "Returning from 'foo'", when a stack hint is available. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152964 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
56a938ff85a444eb3d30d2634d92ce5b1f6fae56	17-Mar-2012	Anna Zaks <ganna@apple.com>	[analyzer] Create symbol-aware stack hints (building upon r152837). The symbol-aware stack hint combines the checker-provided message with the information about how the symbol was passed to the callee: as a parameter or a return value. For malloc, the generated messages look like this : "Returning from 'foo'; released memory via 1st parameter" "Returning from 'foo'; allocated memory via 1st parameter" "Returning from 'foo'; allocated memory returned" "Returning from 'foo'; reallocation of 1st parameter failed" (We are yet to handle cases when the symbol is a field in a struct or an array element.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152962 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
368a0d565f078666ca5bfb7fe08d04648688e4bc	15-Mar-2012	Anna Zaks <ganna@apple.com>	[analyzer] Allow checkers to supply call stack diagnostic hints for the BugVisitor DiagnosticPieces. When checkers create a DiagnosticPieceEvent, they can supply an extra string, which will be concatenated with the call exit message for every call on the stack between the diagnostic event and the final bug report. (This is a simple version, which could be/will be further enhanced.) For example, this is used in Malloc checker to produce the ", which allocated memory" in the following example: static char malloc_wrapper() { // 2. Entered call from 'use' return malloc(12); // 3. Memory is allocated } void use() { char v; v = malloc_wrapper(); // 1. Calling 'malloc_wrappers' // 4. Returning from 'malloc_wrapper', which allocated memory } // 5. Memory is never released; potential memory leak git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152837 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
4e4d08403ca5cfd4d558fa2936215d3a4e5a528d	11-Mar-2012	David Blaikie <dblaikie@gmail.com>	Unify naming of LangOptions variable/get function across the Clang stack (Lex to AST). The member variable is always "LangOpts" and the member function is always "getLangOpts". Reviewed by Chris Lattner git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152536 91177308-0d34-0410-b5e6-96231b3b80d8 heckObjCDealloc.cpp ebugCheckers.cpp SAutoreleasePoolChecker.cpp bjCAtSyncChecker.cpp etainCountChecker.cpp tackAddrEscapeChecker.cpp
3e67814381a56e70e68481e91e26f05a43a05ba0	11-Mar-2012	Jordy Rose <jediknil@belkadan.com>	[analyzer] Replace a static helper with existing logic. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152521 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
f4b88a45902af1802a1cb42ba48b1c474474f228	10-Mar-2012	John McCall <rjmccall@apple.com>	Remove BlockDeclRefExpr and introduce a bit on DeclRefExpr to track whether the referenced declaration comes from an enclosing local context. I'm amenable to suggestions about the exact meaning of this bit. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152491 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp ndefCapturedBlockVarChecker.cpp
7acf23f03e4598d9a68d4a5e5441947300f0d32c	10-Mar-2012	Ted Kremenek <kremenek@apple.com>	Teach RetainCountChecker about mixing method families with explicit annotations. Fixes <rdar://problem/10824732>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152448 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
76aadc346c3a4c363238a1e1232f324c3355d9e0	09-Mar-2012	Ted Kremenek <kremenek@apple.com>	[analyzer] Implement basic path diagnostic pruning based on "interesting" symbols and regions. Essentially, a bug centers around a story for various symbols and regions. We should only include the path diagnostic events that relate to those symbols and regions. The pruning is done by associating a set of interesting symbols and regions with a BugReporter, which can be modified at BugReport creation or by BugReporterVisitors. This patch reduces the diagnostics emitted in several of our test cases. I've vetted these as having desired behavior. The only regression is a missing null check diagnostic for the return value of realloc() in test/Analysis/malloc-plist.c. This will require some investigation to fix, and I have added a FIXME to the test case. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152361 91177308-0d34-0410-b5e6-96231b3b80d8 ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp StringChecker.cpp allAndMessageChecker.cpp ereferenceChecker.cpp ivZeroChecker.cpp acOSKeychainAPIChecker.cpp allocChecker.cpp bjCAtSyncChecker.cpp etainCountChecker.cpp eturnUndefChecker.cpp ndefBranchChecker.cpp ndefResultChecker.cpp ndefinedArraySubscriptChecker.cpp ndefinedAssignmentChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp
196b8cfe9cfcc452eb2f83aa4ad330c2324f8c7d	08-Mar-2012	Anna Zaks <ganna@apple.com>	Add a basic CallGraph to Analysis. The final graph contains a single root node, which is a parent of all externally available functions(and 'main'). As well as a list of Parentless/Unreachable functions, which are either truly unreachable or are unreachable due to our analyses imprecision. The analyzer checkers debug.DumpCallGraph or debug.ViewGraph can be used to look at the produced graph. Currently, the graph is not very precise, for example, it entirely skips edges resulted from ObjC method calls. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152272 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td ebugCheckers.cpp
1a45a5ff5d495cb6cd9a3d4d06317af79c0f634d	06-Mar-2012	Ted Kremenek <kremenek@apple.com>	Add static analyzer support for new NSArray/NSDictionary/NSNumber literals. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152139 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
218fce0f113f82fc28f2fb0c4b555ae2901b8a93	06-Mar-2012	Jordy Rose <jediknil@belkadan.com>	[analyzer] Remove now-unused constant. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152080 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
257c60f23be7dcb012eeee832f5fda22c125c9bd	06-Mar-2012	Jordy Rose <jediknil@belkadan.com>	[analyzer] Fix unnecessary dyn_cast_or_null. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152078 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
e4d653b5a4cba281502177f6ef03d43e3ebb2b6a	06-Mar-2012	Ted Kremenek <kremenek@apple.com>	Teak CallAndMessageChecker to only warn about uninitialized struct fields in call arguments when the called function is never inlined. Fixes <rdar://problem/10977037>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152073 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp
361035524dc26094825134f30c07311f38f4f8b1	06-Mar-2012	Stephen Hines <srhines@google.com>	Merge with upstream Clang @152062. Added include/clang/Config/config.h (note the ANDROID_CONFIG_H header guard because CONFIG_H is already taken) Added support for AttrTemplateInstantiate TableGen rules. Added libLLVMVectorize dependency. Build -HostInfo.cpp -CallGraph.cpp +GlobalCallGraph.cpp -MultiInitializer.cpp +PPCallbacks.cpp +SemaConsumer.cpp +ChainedDiagnosticConsumer.cpp +DependencyGraph.cpp +DiagnosticRenderer.cpp +LayoutOverrideSource.cpp +WindowsToolChain.cpp +SemaLambda.cpp +BoolAssignmentChecker.cpp +LambdaMangleContext.cpp +CStringSyntaxChecker.cpp +ObjCContainersASTChecker.cpp +ObjCContainersChecker.cpp +VirtualCallChecker.cpp +Dominators.cpp +SubEngine.cpp +RewriteModernObjC.cpp Change-Id: Ifda805ce87ae132f055131f4f83692b5c3d63d17 ndroid.mk
91932089c31e1233f0c478b03412e90a65e07ad2	05-Mar-2012	Stephen Hines <srhines@google.com>	Merge branch 'upstream' into merge-20120305 Conflicts: lib/Basic/Targets.cpp Change-Id: Ib76c138030a701355ce39a6eda1a89a79f401667
f420fe35dc3a7b7b53809b615fb28379e5694c22	05-Mar-2012	Anna Zaks <ganna@apple.com>	[analyzer] False positive in SelfInit - teach the checker about method calls with self as a parameter. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152039 91177308-0d34-0410-b5e6-96231b3b80d8 bjCSelfInitChecker.cpp
fb7f76f285faa4c21d299f2bce8f55de3f71e548	05-Mar-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc should assume that ownership is transfered when calling an ObjC method ending with 'NoCopy'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152037 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
7e8678314cf19f28cfddb2d9d0567d993073ec7e	03-Mar-2012	Ted Kremenek <kremenek@apple.com>	[analyzer] do not warn about returning stack-allocated memory when it comes from an ancestor stack frame. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151964 91177308-0d34-0410-b5e6-96231b3b80d8 tackAddrEscapeChecker.cpp
b3d7275c1a4a9f676af850cd661b56c4ad7ef5c9	01-Mar-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fix a regression introduced in malloc with attributes, introduced in r151188. + the test to catch it. Thanks to Ahmed Charles for pointing this out. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151840 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
b2c60b04a597cc5ba4154837cf8e0a155a376fd7	01-Mar-2012	Argyrios Kyrtzidis <akyrtzi@gmail.com>	Move llvm/ADT/SaveAndRestore.h -> llvm/Support/SaveAndRestore.h. Needs llvm update. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151829 91177308-0d34-0410-b5e6-96231b3b80d8 irtualCallChecker.cpp
ca23eb212c78ac5bc62d0881635579dbe7095639	29-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc: A pointer might escape through CFContainers APIs, funopen, setvbuf. Teach the checker and the engine about these APIs to resolve malloc false positives. As I am adding more of these APIs, it is clear that all this should be factored out into a separate callback (for example, region escapes). Malloc, KeyChainAPI and RetainRelease checkers could all use it. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151737 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
28cd22d7c2d2458575ce9cc19dfe63c6321010ce	29-Feb-2012	Ted Kremenek <kremenek@apple.com>	[analyzer] Tweak the UnreachableCode checker to not warning about unreachable default blocks. Patch by Cyril Roelandt! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151709 91177308-0d34-0410-b5e6-96231b3b80d8 nreachableCodeChecker.cpp
e7e0168f625368032a5d2b4471d3406cd9d9f8ae	28-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Leaks should be uniqued by the allocation point in the closest function context (RetainCountChecker). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151661 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
212000e24cf11da0badea90c23d4f300da34e607	28-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Retain release: drop the line number info from the leak message. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151657 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
721aa37621e047755a45b742160e21f4e879f462	28-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Leaks should be uniqued by the allocation point in the closest function context (Keychain API). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151613 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
07d39a479cf8f20294407e749f9933da34ebecb7	28-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fix Malloc False Positive (PR 12100) When allocated buffer is passed to CF/NS..NoCopy functions, the ownership is transfered unless the deallocator argument is set to 'kCFAllocatorNull'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151608 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
7752d292c97fd4b78a954c9a027b2a862be50f8b	28-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Leaks should be uniqued by the allocation point in the closest function context. This prevents us from uniqueing all leaks from the same allocation helper. radar://10932226 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151592 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
d45d361f2ce5c37824052357e2218e8a5509eba5	27-Feb-2012	Argyrios Kyrtzidis <akyrtzi@gmail.com>	Move "clang/Analysis/Support/SaveAndRestore.h" to "llvm/ADT/SaveAndRestore.h" to make it more widely available. Depends on llvm commit r151564 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151566 91177308-0d34-0410-b5e6-96231b3b80d8 irtualCallChecker.cpp
e571578002fc3d4ebb654d2f31d2446d7cc1831d	25-Feb-2012	Ted Kremenek <kremenek@apple.com>	RetainCountChecker: don't adjust the retain count when analyzing a ReturnStmt unless we are in the top-level call frame. We can do more later, but this makes the checker self-consistent (and fixes a crash). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151426 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
3cd89ad193834e766ce5dc24e260aa8615d0d5e1	25-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc: reason about the ObjC messages and C++. Assume none of the ObjC messages defined in system headers free memory, except for the ones containing 'freeWhenDone' selector. Currently, just assume that the region escapes to the messages with 'freeWhenDone' (ideally, we want to treat it as 'free()'). For now, always assume that regions escape when passed to C++ methods. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151410 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
d708bacd66794e66681e635b9d42e126d8ae8552	23-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] KeyChainAPI: unique the leaks by allocation site. (Very similar to the previous change in malloc.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151297 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
ca8e36eb637e232475ef31c3f22d5da907390917	23-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc: unique leak reports by allocation site. When we find two leak reports with the same allocation site, report only one of them. Provide a helper method to BugReporter to facilitate this. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151287 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
0d389b819c33bdf0375694a8f141c8f02e002b18	23-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Invalidate the region passed to pthread_setspecific() call. Make this call an exception in ExprEngine::invalidateArguments: 'int pthread_setspecific(ptheread_key k, const void )' stores a value into thread local storage. The value can later be retrieved with 'void ptheread_getspecific(pthread_key)'. So even thought the parameter is 'const void *', the region escapes through the call. (Here we just blacklist the call in the ExprEngine's default logic. Another option would be to add a checker which evaluates the call and triggers the call to invalidate regions.) Teach the Malloc Checker, which treats all system calls as safe about the API. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151220 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
87cb5bed5060805a86509c297fae133816c1cd87	22-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc cleanup: - We should not evaluate strdup in the Malloc Checker, it's the job of CString checker, so just update the RefState to reflect allocated memory. - Refactor to reduce LOC: remove some wrapper auxiliary functions, make all functions return the state and add the transition in one place (instead of in each auxiliary function). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151188 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
60a1fa497b978114b969f4f0176a7cbad3b5d9c6	22-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc checker: mark 'strdup' and 'strndup' as allocators. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151124 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
d9ab7bbbd43639247c9a82c8e8dbfaa617f4e266	22-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc: fix another false positive. , when we return a symbol reachable to the malloced one via pointer arithmetic. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151121 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
5fdadf4b643dd2f7a467244946dc1587b2f9ed1f	22-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Change naming in bug reports "tainted" -> "untrusted" git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151120 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
9c1e1bd0405b990b6e7909647def7b23d5c28f17	21-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Make KeyChainAPI checker inlining-aware. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151007 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
a19581ae489335abf5cf96b253b31ecefe96b8e4	20-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Make Malloc aware of inter-procedural execution + basic tests. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150993 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
bb2a6864f111e13f7905725963649c60c60bf18b	20-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Turn on by default the Malloc Checker and a couple of CString checks: - unix.Malloc - Checks for memory leaks, double free, use-after-free. - unix.cstring.NullArg - Checks for null pointers passed as arguments to CString functions + evaluates CString functions. - unix.cstring.BadSizeArg - Checks for common anti-patterns in strncat size argument. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150988 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
a979712238d6285e79e8f1d6e8b813a1f640e88c	18-Feb-2012	Ted Kremenek <kremenek@apple.com>	Teach analyzer about NSAutoreleasePool -allocWithZone:. Fixes <rdar://problem/10640253>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150892 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
b673a41c92aa276f2e37164d0747be1cfb0c402b	18-Feb-2012	Ted Kremenek <kremenek@apple.com>	Adopt ExprEngine and checkers to ObjC property refactoring. Everything was working, but now diagnostics are aware of message expressions implied by uses of properties. Fixes <rdar://problem/9241180>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150888 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp bjCSelfInitChecker.cpp
3133f79cf451e6302dd05262b4bb53a3e4fd6300	18-Feb-2012	Ted Kremenek <kremenek@apple.com>	Have conjured symbols depend on LocationContext, to add context sensitivity for functions called more than once. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150849 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp etainCountChecker.cpp treamChecker.cpp
f0dfc9c0f29fd82552896558c04043731d30b851	17-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fix another false positive in the Malloc Checker, by making it aware of CString APIs that return the input parameter. Malloc Checker needs to know how the 'strcpy' function is evaluated. Introduce the dependency on CStringChecker for that. CStringChecker knows all about these APIs. Addresses radar://10864450 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150846 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp nterCheckerAPI.h allocChecker.cpp
998e2754281b19bb1db19299ae16c2fd5947bcc0	17-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Generalize function name checking in CString checker. (Ex: It was not treating __inline_strcpy as strcpy. Will add tests that rely on this later on.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150845 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
febdc324faaf1678a4f41497fd691efe54e145c9	16-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc Checker: Clean up bug naming: - Rename the category "Logic Error" -> "Memory Error". - Shorten all the messages. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150733 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
fe571608b925079227d053a459eca86f7408e5c6	16-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc Checker: Make the diagnostic visitor handle the case of failing realloc. + Minor cleanups. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150732 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
ac593008c2035fa241c80352a0c97c5d853facbf	16-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc Checker: Give up when a pointer escapes into a struct. We are not properly handling the memory regions that escape into struct fields, which led to a bunch of false positives. Be conservative here and give up when a pointer escapes into a struct. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150658 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
1d6cc6a44182ef03a373ecd61505042eca3af906	15-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc checker: make a bit safer. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150556 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
40add2983dedcf489d7ad8c7bccc58b6ae368ee4	15-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc Checker: add support for reallocf, which always frees the passed in pointer on failure. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150533 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
b16ce45bd05b637b3d7b0bf70c05e5dfd4ddacc7	15-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc Checker: add support for valloc + minor code hardening. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150532 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
66c40400e7d6272b0cd675ada18dd62c1f0362c7	14-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Make Malloc Checker optimistic in presence of inlining. (In response of Ted's review of r150112.) This moves the logic which checked if a symbol escapes through a parameter to invalidateRegionCallback (instead of post CallExpr visit.) To accommodate the change, added a CallOrObjCMessage parameter to checkRegionChanges callback. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150513 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp heckerDocumentation.cpp allocChecker.cpp etainCountChecker.cpp
b276bd9cc98247331cac8b290ba278b939e53657	14-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc Checker: realloc: add dependency between the symbols in realloc map. If there is no dependency, the reallocated ptr will get garbage collected before we know that realloc failed, which would lead us to missing a memory leak warning. Also added new test cases, which we can handle now. Plus minor cleanups. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150446 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
30838b994527d12e269abb14d395b1878e78c16d	13-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc Checker: realloc: correct the way we are handing the case when size is 0. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150412 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
c8bb3befcad8cd8fc9556bc265289b07dc3c94c8	13-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc checker: rework realloc handling: 1) Support the case when realloc fails to reduce False Positives. (We essentially need to restore the state of the pointer being reallocated.) 2) Realloc behaves differently under special conditions (from pointer is null, size is 0). When detecting these cases, we should consider under-constrained states (size might or might not be 0). The old version handled this in a very hacky way. The code did not differentiate between definite and possible (no consideration for under-constrained states). Further, after processing each special case, the realloc processing function did not return but chained to the next special case processing. So you could end up in an execution in which you first see the states in which size is 0 and realloc ~ free(), followed by the states corresponding to size is not 0 followed by the evaluation of the regular realloc behavior. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150402 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
15d0ae170c2037815b6383c532253585fcd3d04e	12-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc Checker: reduce false negatives rate by assuming that a pointer cannot escape through calls to system functions. Also, stop after reporting the first use-after-free. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150315 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
0860cd0646ed40f87085df39563f2c5f7f77750b	11-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc Checker: Report a leak when we are returning freed memory. (As per one test case, the existing checker thought that this could cause a lot of false positives - not sure if that's valid, to be verified.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150313 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
da04677092c7b08fe7438f82a8636dcc8c6e9683	11-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Malloc checker: Leak bugs should be suppressed by sinks. Resolves a common false positive, where we were reporting a leak inside asserts git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150312 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
4fb548710837dc4e709e1a84f241c4bea121e895	11-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] MallocChecker: refactor/improve the symbol escape logic. We use the same logic here as the RetainRelease checker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150311 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
b141b285d17934a08d1cb0f5f0a5a4d65b2caab2	11-Feb-2012	Ryan Govostes <rzg@apple.com>	[analyzer] New checker for assignment of non-0/1 values to Boolean variables. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150306 91177308-0d34-0410-b5e6-96231b3b80d8 oolAssignmentChecker.cpp MakeLists.txt heckers.td
e9ef5622a7600604b101f1843e7a3736eeb45d83	10-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] MallocChecker Cleanup - harden against crashes, fix an error (use of return instead of continue), wording. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150215 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
7fb4900f83832432dd4cdb84eb6e2ed132e6daf1	09-Feb-2012	Benjamin Kramer <benny.kra@googlemail.com>	Remove unused fun. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150172 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
f8c17b79ab55d633567a151da5eb596b6001fa30	09-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] MallocChecker: address a diagnostic "fixme". git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150158 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
ff3b9fdbfd4ff3a8361640c0d8a12d9f0cc1ce6f	09-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add custom path diagnostic to the Malloc Checker. Very simple so far - we just highlight every allocation and release site. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150156 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
cdfec5e5ea0d1cfebe27888ef072346704424ed8	09-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] MallocChecker cleanup, more tests. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150155 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
91c2a1192cdd4e7b2b4ac7838c5aceef200ea251	09-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] MallocChecker: implement pessimistic version of the checker, which allows values to escape through unknown calls. Assumes all calls but the malloc family are unknown. Also, catch a use-after-free when a pointer is passed to a function after a call to free (previously, you had to explicitly dereference the pointer value). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150112 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
231361ad343d655e4bbb1574ccbb4173b72dadfd	09-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Split the MallocChecker into two versions - pessimistic and optimistic. TODO: actually implement the pessimistic version of the checker. Ex: it needs to assume that any function that takes a pointer might free it. The optimistic version relies on annotations to tell us which functions can free the pointer. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150111 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td allocChecker.cpp
b319e029a6a05a76023c1bb1ce77a6d567457838	08-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] MallocChecker: convert from using evalCall to post visit of CallExpr. In general, we should avoid using evalCall as it leads to interference with other checkers. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150086 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
d7a3e2c5f61cd4893f95b69a424fe4def3aa0f69	07-Feb-2012	Benjamin Kramer <benny.kra@googlemail.com>	Revert my patches which removed Diagnostic.h includes by moving some operator overloads out of line. This seems to negatively affect compile time onsome ObjC tests (which use a lot of partial diagnostics I assume). I have to come up with a way to keep them inline without including Diagnostic.h everywhere. Now adding a new diagnostic requires a full rebuild of e.g. the static analyzer which doesn't even use those diagnostics. This reverts commit 6496bd10dc3a6d5e3266348f08b6e35f8184bc99. This reverts commit 7af19b817ba964ac560b50c1ed6183235f699789. This reverts commit fdd15602a42bbe26185978ef1e17019f6d969aa7. This reverts commit 00bd44d5677783527d7517c1ffe45e4d75a0f56f. This reverts commit ef9b60ffed980864a8db26ad30344be429e58ff5. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150006 91177308-0d34-0410-b5e6-96231b3b80d8 ttrNonNullChecker.cpp ivZeroChecker.cpp bjCAtSyncChecker.cpp threadLockChecker.cpp treamChecker.cpp
a59d20b135bfde058a5a69045bab5ec4e2553f74	07-Feb-2012	Benjamin Kramer <benny.kra@googlemail.com>	Print NamedDecls directly to a raw_ostream where possible. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149982 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp irtualCallChecker.cpp
f978059b82db8c0d849c5f992036210b5ca53200	07-Feb-2012	Benjamin Kramer <benny.kra@googlemail.com>	Switch the ObjC*Decl raw_stream overloads to take a reference, for consistency with NamedDecls. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149981 91177308-0d34-0410-b5e6-96231b3b80d8 heckObjCDealloc.cpp
57300760964904cc022a175643342f29f46b7e6b	07-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Allow each CString check to be enabled/disabled separately. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149947 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp heckers.td
0cf3d471546251b12bdceff360f66c079c40526c	07-Feb-2012	Ted Kremenek <kremenek@apple.com>	Add basic BugReporter support for CallEnter/CallExit. WIP. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149939 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
f7ccbad5d9949e7ddd1cbef43d482553b811e026	05-Feb-2012	Dylan Noblesmith <nobled@dreamwidth.org>	Basic: import SmallString<> into clang namespace (I was going to fix the TODO about DenseMap too, but that would break self-host right now. See PR11922.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149799 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp rrayBoundCheckerV2.cpp asicObjCFoundationChecks.cpp StringChecker.cpp StringSyntaxChecker.cpp allAndMessageChecker.cpp heckSecuritySyntaxOnly.cpp eadStoresChecker.cpp ereferenceChecker.cpp dempotentOperationChecker.cpp LVMConventionsChecker.cpp acOSKeychainAPIChecker.cpp acOSXAPIChecker.cpp allocChecker.cpp allocSizeofChecker.cpp bjCContainersASTChecker.cpp etainCountChecker.cpp tackAddrEscapeChecker.cpp ndefCapturedBlockVarChecker.cpp ndefResultChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp irtualCallChecker.cpp
6f42b62b6194f53bcbc349f5d17388e1936535d7	05-Feb-2012	Dylan Noblesmith <nobled@dreamwidth.org>	Basic: import OwningPtr<> into clang namespace git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149798 91177308-0d34-0410-b5e6-96231b3b80d8 rrayBoundChecker.cpp rrayBoundCheckerV2.cpp ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp StringChecker.cpp allAndMessageChecker.cpp astSizeChecker.cpp astToStructChecker.cpp hrootChecker.cpp eadStoresChecker.cpp ereferenceChecker.cpp ivZeroChecker.cpp ixedAddressChecker.cpp enericTaintChecker.cpp acOSKeychainAPIChecker.cpp acOSXAPIChecker.cpp allocChecker.cpp SAutoreleasePoolChecker.cpp bjCAtSyncChecker.cpp bjCContainersChecker.cpp ointerArithChecker.cpp ointerSubChecker.cpp threadLockChecker.cpp etainCountChecker.cpp eturnPointerRangeChecker.cpp eturnUndefChecker.cpp tackAddrEscapeChecker.cpp treamChecker.cpp aintTesterChecker.cpp ndefBranchChecker.cpp ndefCapturedBlockVarChecker.cpp ndefResultChecker.cpp ndefinedArraySubscriptChecker.cpp ndefinedAssignmentChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp
8fe83e1df954d72c0f4ffc15d20a5222ec151c21	04-Feb-2012	Benjamin Kramer <benny.kra@googlemail.com>	Move a method from IdentifierTable.h out of line and remove the SmallString include. Fix all the transitive include users. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149783 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp rrayBoundCheckerV2.cpp asicObjCFoundationChecks.cpp StringChecker.cpp StringSyntaxChecker.cpp allAndMessageChecker.cpp heckSecuritySyntaxOnly.cpp eadStoresChecker.cpp ereferenceChecker.cpp dempotentOperationChecker.cpp LVMConventionsChecker.cpp acOSKeychainAPIChecker.cpp allocChecker.cpp allocSizeofChecker.cpp bjCContainersASTChecker.cpp etainCountChecker.cpp ndefCapturedBlockVarChecker.cpp ndefResultChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp irtualCallChecker.cpp
00bd44d5677783527d7517c1ffe45e4d75a0f56f	04-Feb-2012	Benjamin Kramer <benny.kra@googlemail.com>	Move various diagnostic operator<< overloads out of line and remove includes of Diagnostic.h. Fix all the files that depended on transitive includes of Diagnostic.h. With this patch in place changing a diagnostic no longer requires a full rebuild of the StaticAnalyzer. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149781 91177308-0d34-0410-b5e6-96231b3b80d8 rrayBoundCheckerV2.cpp ttrNonNullChecker.cpp StringChecker.cpp ivZeroChecker.cpp allocChecker.cpp bjCAtSyncChecker.cpp threadLockChecker.cpp treamChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp
e59ec3dfe17c1ceb648861b621a3890a9a56ab0c	04-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Make sure Containers OutOfBounds checker does not crash on undefined arguments, when CF functions are called with wrong number of arguments. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149771 91177308-0d34-0410-b5e6-96231b3b80d8 bjCContainersChecker.cpp
52a3888c4a695ebbb5d7c39c29270ae3408b47e8	04-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Turn on by default two checkers: - osx.coreFoundation.containers.IndexOutOfBounds - osx.cocoa.SelfInit git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149747 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
1efcc42c922204d6797a70d90d3c350882f3c098	04-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Minor cleanups to the ObjCSelfInitChecker. (Also renames in other ObjC checkers to create one category of checks.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149745 91177308-0d34-0410-b5e6-96231b3b80d8 bjCContainersASTChecker.cpp bjCContainersChecker.cpp bjCSelfInitChecker.cpp
f196a90b26479a2c67959c6715491763cbc8ade1	02-Feb-2012	Anna Zaks <ganna@apple.com>	[analyzer] Fix a false positive in the CFArrayCreate check that surfaces the the code like this (due to x and &x being the same value but different size): void* x[] = { ptr1, ptr2, ptr3 }; CFArrayCreate(NULL, (const void **) &x, count, NULL); git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149579 91177308-0d34-0410-b5e6-96231b3b80d8 bjCContainersASTChecker.cpp
8f1e65617844d315dd19b6cf9bfc437fd4902ed8	01-Feb-2012	Bob Wilson <bob.wilson@apple.com>	Fix an assertion failure in isMacOSXVersionLT for IOS targets. Check if the triple OS is IOS instead of checking for arm/thumb architectures and check that before calling isMacOSXVersionLT. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149454 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp
e00575f12cf280621ef0ed4d69e909bdfc9fef62	31-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add checks for common anti-patterns in strncat. (Since this is syntax only, might be a good candidate for turning into a compiler warning.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149407 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt StringSyntaxChecker.cpp heckers.td
393b9793da0b62e26e3974c88a0bca18f2d7fd5e	31-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Change the warning to suggest 'strlcat/strlcpy' as replacements for 'starcat/strcpy' instead of 'strncat/strncpy'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149406 91177308-0d34-0410-b5e6-96231b3b80d8 heckSecuritySyntaxOnly.cpp
be4dc941030988c71e41303fc9116e0dc099b516	31-Jan-2012	Ted Kremenek <kremenek@apple.com>	Convert checker over to using ProgramStateRef. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149319 91177308-0d34-0410-b5e6-96231b3b80d8 bjCContainersChecker.cpp
7fc800356f3c86a0c63e94353d7a1ac5a0ffbf66	30-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Rename the checker as per Ted's comment. Remove the reference from the driver. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149276 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
304e6f1495f4796ba5f93e8db2fa9e925a68dae8	30-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Make osx.cocos.CFContainersSyntax a default checker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149258 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
af5f550de34525b27f0ff31dafce792caf8158b6	30-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add index out of bounds check for CFArrayGetArrayAtIndex. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149228 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td bjCContainersChecker.cpp
c35fb7d67d515659ad2325b4f6ec97c9fe64fb63	28-Jan-2012	Benjamin Kramer <benny.kra@googlemail.com>	StaticAnalyzer: Move ObjC- and CXX-specific methods out of line so checkers that don't care about the language don't have to pull in all the headers. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149178 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp ereferenceChecker.cpp teratorsChecker.cpp bjCAtSyncChecker.cpp
8bef8238181a30e52dea380789a7e2d760eac532	26-Jan-2012	Ted Kremenek <kremenek@apple.com>	Change references to 'const ProgramState *' to typedef 'ProgramStateRef'. At this point this is largely cosmetic, but it opens the door to replace ProgramStateRef with a smart pointer that more eagerly acts in the role of reclaiming unused ProgramState objects. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149081 91177308-0d34-0410-b5e6-96231b3b80d8 djustedReturnValueChecker.cpp rrayBoundChecker.cpp rrayBoundCheckerV2.cpp ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp uiltinFunctionChecker.cpp StringChecker.cpp allAndMessageChecker.cpp astSizeChecker.cpp heckerDocumentation.cpp hrootChecker.cpp ereferenceChecker.cpp ivZeroChecker.cpp ixedAddressChecker.cpp enericTaintChecker.cpp dempotentOperationChecker.cpp teratorsChecker.cpp acOSKeychainAPIChecker.cpp acOSXAPIChecker.cpp allocChecker.cpp SErrorChecker.cpp oReturnFunctionChecker.cpp SAtomicChecker.cpp bjCAtSyncChecker.cpp bjCSelfInitChecker.cpp ointerArithChecker.cpp ointerSubChecker.cpp threadLockChecker.cpp etainCountChecker.cpp eturnPointerRangeChecker.cpp tackAddrEscapeChecker.cpp treamChecker.cpp aintTesterChecker.cpp ndefBranchChecker.cpp ndefCapturedBlockVarChecker.cpp ndefResultChecker.cpp ndefinedAssignmentChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp
46e39e30ed10b1f2921363373b131110947ae24c	26-Jan-2012	NAKAMURA Takumi <geek4civic@gmail.com>	StaticAnalyzer/Checkers: Fix CMake build. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149009 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
cbd273387a61409f179fcfe8460a8733fcf8f872	26-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add an AST checker that checks for a common pitfall when using CFArrayCreate & family. Specifically, CFArrayCreate's input should be: 'A C array of the pointer-sized values to be in the new array.' (radar://10717339) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149008 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td bjCContainersASTChecker.cpp
b9ac30cf9ec001fd0d63ffc44289a333a21e691d	24-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add more C taint sources/sinks. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148844 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
665b00265858a47f3ccd80b2f27b250c54f5fd5d	21-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] It's possible to have a non PointerType expression evaluate to a Loc value. When this happens, use the default type. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148631 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
3bfd6d701ee297bd062967e11400daae51b36eb2	21-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Make VLA checker taint aware. Also, slightly modify the diagnostic message in ArrayBound and DivZero (still use 'taint', which might not mean much to the user, but plan on changing it later). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148626 91177308-0d34-0410-b5e6-96231b3b80d8 rrayBoundCheckerV2.cpp ivZeroChecker.cpp LASizeChecker.cpp
3026348bd4c13a0f83b59839f64065e0fcbea253	20-Jan-2012	David Blaikie <dblaikie@gmail.com>	More dead code removal (using -Wunreachable-code) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148577 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp threadLockChecker.cpp
02019f7134e69e39e33c5a938183fd492410464c	20-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add taint awareness to DivZeroChecker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148566 91177308-0d34-0410-b5e6-96231b3b80d8 ivZeroChecker.cpp
a8180e5a8795b4b80587662167dfc13646a494a1	20-Jan-2012	Ted Kremenek <kremenek@apple.com>	Reenable DeadStoresChecker under --analyze, and move the IdempotentOperationsChecker to the 'experimental' category. Fixes <rdar://problem/10146347>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148533 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
b63d8d8f7b2d101838af992749411dd79c2ed116	20-Jan-2012	Ted Kremenek <kremenek@apple.com>	Implement checker that looks for calls to mktemps and friends that have fewer than 6 Xs. Implements <rdar://problem/6336672>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148531 91177308-0d34-0410-b5e6-96231b3b80d8 heckSecuritySyntaxOnly.cpp heckers.td
76a54246dbbe6cc3c74186e64f8ea0deb4a64ea2	20-Jan-2012	Ted Kremenek <kremenek@apple.com>	Turn 'SecuritySyntaxChecker' into a "meta" security checker for insecure APIs. Now multiple checks are exposed as separate checkers, but CheckerManager only creates one Checker object. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148525 91177308-0d34-0410-b5e6-96231b3b80d8 heckSecuritySyntaxOnly.cpp heckers.td
2bf8fd84087231fd92dfdebe18895e01a6ae405c	20-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add socket API as a source of taint. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148518 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
7cdfe298ae49e381f6d78fc93855c372e5173dd0	18-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Refactor: prePropagateTaint -> TaintPropagationRule::process(). Also remove the "should be a pointer argument" warning - should be handled elsewhere. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148372 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
4e46221e38b7d434fbecb1cd56b259437206d246	18-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Taint: warn when tainted data is used to specify a buffer size (Ex: in malloc, memcpy, strncpy..) (Maybe some of this could migrate to the CString checker. One issue with that is that we might want to separate security issues from regular API misuse.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148371 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
9b0c749a20d0f7d0e63441d76baa15def3f37fdb	18-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Taint: add taint propagation rules for string and memory copy functions. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148370 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
7530c034c0c71a64c5a9173206d9742ae847af8b	17-Jan-2012	David Blaikie <dblaikie@gmail.com>	Remove unreachable code in Clang. (replace with llvm_unreachable where appropriate or when GCC requires it) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148292 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
561d3abc881033776ece385a01a510e1cbc1fa92	17-Jan-2012	David Blaikie <dblaikie@gmail.com>	Remove unnecessary default cases in switches over enums. This allows -Wswitch-enum to find switches that need updating when these enums are modified. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148281 91177308-0d34-0410-b5e6-96231b3b80d8 eadStoresChecker.cpp allocChecker.cpp etainCountChecker.cpp
022b3f4490bbdcde7b3f18ce0498f9a73b6cbf53	17-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Taint: generalize taint propagation to simplify adding more taint propagation functions. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148266 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
8568ee743406ac4bb23c9768a0dffd627fdbc579	14-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Taint: add system and popen as undesirable sinks for taint data. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148176 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
71d29095d27e94b00083259c06a45f5294501697	13-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Taint: when looking up a binding, provide the type. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148080 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
1437425a62dbf7bdb0a855d3ed3b05ed2019ec1e	12-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Rename Store::Retrieve() -> getBinding(). + all the other Retrieve..() methods + a comment for ElementRegion. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148011 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp acOSKeychainAPIChecker.cpp
1fb826a6fd893234f32b0b91bb92ea4d127788ad	12-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add taint transfer by strcpy & others (part 1). To simplify the process: Refactor taint generation checker to simplify passing the information on which arguments need to be tainted from pre to post visit. Todo: We need to factor out the code that sema is using to identify the string and memcpy functions and use it here and in the CString checker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148010 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
3e97758f22f31d0dbc336fc4794b86aed8607053	11-Jan-2012	Ted Kremenek <kremenek@apple.com>	"This change adds alloca/valloc checks to UnixAPIChecker. It includes a small refactoring for the common *alloc functions as well as a few tiny wibbles (adds a note to CWE/CERT advisory numbers in the bug output, and fixes a couple 80-column-wide violations.)" Patch by Austin Seipp! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147931 91177308-0d34-0410-b5e6-96231b3b80d8 nixAPIChecker.cpp
2215eef02c3ac84c3189e5ac694326038226b467	07-Jan-2012	Rafael Espindola <rafael.espindola@gmail.com>	Remove unused variable. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147744 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
9f03b62036a7abc0a227b17f4a49b9eefced9450	07-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Add basic format string vulnerability checking. We already have a more conservative check in the compiler (if the format string is not a literal, we warn). Still adding it here for completeness and since this check is stronger - only triggered if the format string is tainted. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147714 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
5eca482fe895ea57bc82410222e6426c09e63284	06-Jan-2012	Ted Kremenek <kremenek@apple.com>	[analyzer] Make the entries in 'Environment' context-sensitive by making entries map from (Stmt,LocationContext) pairs to SVals instead of Stmt* to SVals. This is needed to support basic IPA via inlining. Without this, we cannot tell if a Stmt* binding is part of the current analysis scope (StackFrameContext) or part of a parent context. This change introduces an uglification of the use of getSVal(), and thus takes two steps forward and one step back. There are also potential performance implications of enlarging the Environment. Both can be addressed going forward by refactoring the APIs and optimizing the internal representation of Environment. This patch mainly introduces the functionality upon when we want to build upon (and clean up). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147688 91177308-0d34-0410-b5e6-96231b3b80d8 djustedReturnValueChecker.cpp ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp uiltinFunctionChecker.cpp StringChecker.cpp allAndMessageChecker.cpp astSizeChecker.cpp hrootChecker.cpp ivZeroChecker.cpp ixedAddressChecker.cpp enericTaintChecker.cpp dempotentOperationChecker.cpp teratorsChecker.cpp acOSKeychainAPIChecker.cpp acOSXAPIChecker.cpp allocChecker.cpp oReturnFunctionChecker.cpp SAtomicChecker.cpp bjCAtSyncChecker.cpp bjCSelfInitChecker.cpp ointerArithChecker.cpp ointerSubChecker.cpp threadLockChecker.cpp etainCountChecker.cpp eturnPointerRangeChecker.cpp eturnUndefChecker.cpp tackAddrEscapeChecker.cpp treamChecker.cpp aintTesterChecker.cpp ndefBranchChecker.cpp ndefCapturedBlockVarChecker.cpp ndefResultChecker.cpp ndefinedArraySubscriptChecker.cpp ndefinedAssignmentChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp
eb31a76d1cdaaf8874c549dc6bd964ff270d3822	05-Jan-2012	Anna Zaks <ganna@apple.com>	[analyzer] Be less pessimistic about invalidation of global variables as a result of a call. Problem: Global variables, which come in from system libraries should not be invalidated by all calls. Also, non-system globals should not be invalidated by system calls. Solution: The following solution to invalidation of globals seems flexible enough for taint (does not invalidate stdin) and should not lead to too many false positives. We split globals into 3 classes: * immutable - values are preserved by calls (unless the specific global is passed in as a parameter): A : Most system globals and const scalars * invalidated by functions defined in system headers: B: errno * invalidated by all other functions (note, these functions may in turn contain system calls): B: errno C: all other globals (which are not in A nor B) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147569 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
e3659a78a96da3b9a5a90fa84c96078a84f0f3e3	05-Jan-2012	Ted Kremenek <kremenek@apple.com>	Fix 80 col violations. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147566 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
0507f7ee76ed838ce3012ca9e10ff7811723acf2	04-Jan-2012	Ted Kremenek <kremenek@apple.com>	Minor code formatting cleanups. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147505 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
c1275da4eb5778eb3c9600e79918ad1fbec589c6	04-Jan-2012	Ted Kremenek <kremenek@apple.com>	Enhance UnixAPIChecker to also warn about zero-sized allocations to calloc() and realloc(). Patch by Cyril Roelandt! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147500 91177308-0d34-0410-b5e6-96231b3b80d8 nixAPIChecker.cpp
de9f25365ca1fbc146eefeb839053b1cf9b75ae1	04-Jan-2012	Ted Kremenek <kremenek@apple.com>	Add initial version of checker to check if virtual member functions are called transitively from C++ constructors or destructors. Checker by Lei Zhang with a few tweaks by Ted Kremenek. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147494 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td irtualCallChecker.cpp
63d32bdf895e1ad8cfeef8e634a84fe136215202	29-Dec-2011	Rafael Espindola <rafael.espindola@gmail.com>	Fix cmake build with -DBUILD_SHARED_LIBS=ON. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147338 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
682060c5d95f6e4f79536013781ab0870cdd3850	23-Dec-2011	Ted Kremenek <kremenek@apple.com>	Colorize and condense CFG pretty-printing. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147203 91177308-0d34-0410-b5e6-96231b3b80d8 ebugCheckers.cpp
b7dcddf1820f4d2e5c2605c12090ea7d17f9fa82	22-Dec-2011	Ted Kremenek <kremenek@apple.com>	Fix typos in analyzer diagnostics pointed out by Matt Beaumont-Gay and Robert Purves. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147139 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
9ffbe243cca46082b4a59b5c3be454ab0c455378	17-Dec-2011	Anna Zaks <ganna@apple.com>	[analyzer] Add support for taint flowing through a function (atoi). Check if the input parameters are tainted (or point to tainted data) on a checkPreStmt<CallExpr>. If the output should be tainted, record it in the state. On post visit (checkPostStmt<CallExpr>), use the state to make decisions (in addition to the existing logic). Use this logic for atoi and fscanf. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146793 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
d3d8548e75f3fb6db53ed0927c1df30d78f4ce1d	16-Dec-2011	Anna Zaks <ganna@apple.com>	[analyzer] Better stdin support. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146748 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
9b879db75be6b8db4a7c804e9bba4c07c4cfa81c	16-Dec-2011	Logan Chien <loganchien@google.com>	Apply changes to migrate to clang upstream r146715. Change-Id: I7a40ad93f4cc76a6e748ba314ac06a1bef473bbf ndroid.mk
298aaf2c97ab7c4d5bd3a8e8d8112e3bc77b29b6	16-Dec-2011	Logan Chien <loganchien@google.com>	Merge with clang upstream r146715 (Dec 16th 2011) Change-Id: I66024a7b6eb0ee37d7b3ff7ce41c0bfb4b514bee
efd6989f4644c8460854606e085fc69535054058	14-Dec-2011	Anna Zaks <ganna@apple.com>	[analyzer] Treat stdin as a source of taint. Some of the test cases do not currently work because the analyzer core does not seem to call checkers for pre/post DeclRefExpr visits. (Opened radar://10573500. To be fixed later on.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146536 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
1009ac715501a4fa1951d94722dcbe6ab30068f8	14-Dec-2011	Anna Zaks <ganna@apple.com>	[analyzer] Mark output of fscanf and fopen as tainted. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146533 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
e55a22b917327651178ddea36b3615f579681eea	14-Dec-2011	Anna Zaks <ganna@apple.com>	[analyzer] Mark getenv output as tainted. Also, allow adding taint to a region (not only a symbolic value). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146532 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
e3d250e488241cbfe71a592df4d07d03ad89434a	11-Dec-2011	Anna Zaks <ganna@apple.com>	[analyzer] CStringChecker should not rely on the analyzer generating UndefOrUnknown value when it cannot reason about the expression. We are now often generating expressions even if the solver is not known to be able to simplify it. This is another cleanup of the existing code, where the rest of the analyzer and checkers should not base their logic on knowing ahead of the time what the solver can reason about. In this case, CStringChecker is performing a check for overflow of 'left+right' operation. The overflow can be checked with either 'maxVal-left' or 'maxVal-right'. Previously, the decision was based on whether the expresion evaluated to undef or not. With this patch, we check if one of the arguments is a constant, in which case we know that 'maxVal-const' is easily simplified. (Another option is to use canReasonAbout() method of the solver here, however, it's currently is protected.) This patch also contains 2 small bug fixes: - swap the order of operators inside SValBuilder::makeGenericVal. - handle a case when AddeVal is unknown in GenericTaintChecker::getPointedToSymbol. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146343 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp enericTaintChecker.cpp
f4e8a12ea6f93843910e750b26bfc9d3ead1f078	08-Dec-2011	Francois Pichet <pichet2000@gmail.com>	Unbreak MSVC build. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146146 91177308-0d34-0410-b5e6-96231b3b80d8 allocSizeofChecker.cpp
dc30967a4633186782e0e204c65dba2552301ec9	08-Dec-2011	Peter Collingbourne <peter@pcc.me.uk>	Add an experimental MallocSizeofChecker, which reports inconsistencies between the casted type of the return value of a malloc/calloc/realloc call and the operand of any sizeof expressions contained within its argument(s). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146144 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td allocSizeofChecker.cpp
0e35b4ecee380c2b4c33d75da6bc2fb6f6bc7df3	07-Dec-2011	Richard Smith <richard-llvm@metafoo.co.uk>	DeadStoresChecker: when whitelisting dead initializations with constants, look for a foldable constant rather than an IR-level constant. This is still far too liberal, but is a step in the right direction. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@145990 91177308-0d34-0410-b5e6-96231b3b80d8 eadStoresChecker.cpp
1d1d515b2bafb59d624883d8fdda97d4b7dba0cb	07-Dec-2011	Anna Zaks <ganna@apple.com>	[analyzer] Refactor: Move symbol_iterator from SVal to SymExpr, use it for finding dependent symbols for taint. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@145986 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
e5ee70d08e62cb6c96a736163204c12c6ef8147a	07-Dec-2011	Anna Zaks <ganna@apple.com>	[analyzer] Remove an unnecessary check. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@145984 91177308-0d34-0410-b5e6-96231b3b80d8 aintTesterChecker.cpp
02f34c5003b2c5067675f89ffce0a84c28faf722	05-Dec-2011	Anna Zaks <ganna@apple.com>	[analyzer] Rely on LLVM Dominators in Clang dominator computation. (Previously, Clang used it's implementation of dominators.) The patch is contributed by Guoping Long! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@145858 91177308-0d34-0410-b5e6-96231b3b80d8 ebugCheckers.cpp
f62ceec2173e6eefa3879ffa6a7bd68cba463023	05-Dec-2011	Anna Zaks <ganna@apple.com>	[analyzer] Change RetainCountChecker to use symbol dump method instead of relying on SymbolID. This way any expression can be printed (not only SymbolData). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@145829 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
a50b7ab5af79690855af68f1fff7897291ba9535	05-Dec-2011	Anna Zaks <ganna@apple.com>	[analyzer] Add a debug checker to test for tainted data. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@145827 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td aintTesterChecker.cpp
ee5a21fda5efce750c21db5a1d635c9742f5859b	01-Dec-2011	Anna Zaks <ganna@apple.com>	[analyzer] Make KeychainAPI checker less aggressive. radar://10508828 We trigger an error if free is called after a possibly failed allocation. Do not trigger the error if we know that the buffer is not null. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@145584 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
b805c8ff133ef0c62df032fa711d6b13c5afd7f4	01-Dec-2011	Anna Zaks <ganna@apple.com>	[analyzer] Refactor checkers to use helper function for getting callee Decl and name. We are getting name of the called function or it's declaration in a few checkers. Refactor them to use the helper function in the CheckerContext. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@145576 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp uiltinFunctionChecker.cpp StringChecker.cpp hrootChecker.cpp acOSKeychainAPIChecker.cpp acOSXAPIChecker.cpp allocChecker.cpp SAtomicChecker.cpp threadLockChecker.cpp etainCountChecker.cpp treamChecker.cpp nixAPIChecker.cpp
75df4eeede7b91c22c1d63fafd4dd4142844e3b9	01-Dec-2011	Ted Kremenek <kremenek@apple.com>	Further tweak -Wurneachable-code and templates by allowing the warning to run on explicit template specializations (which represent actual functions somebody wrote). Along the way, refactor some other code which similarly cares about whether or not they are looking at a template instantiation. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@145547 91177308-0d34-0410-b5e6-96231b3b80d8 nreachableCodeChecker.cpp
90735f717de5d5dfe6a6f5f543b0daedff94bc1a	30-Nov-2011	Benjamin Kramer <benny.kra@googlemail.com>	Update CMake build. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@145506 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
d699ade396154238d2fa89bb09fdcfb79e5587d2	30-Nov-2011	Anna Zaks <ganna@apple.com>	[analyzer] Add checker callback documentation. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@145495 91177308-0d34-0410-b5e6-96231b3b80d8 heckerDocumentation.cpp
2db4f4e0b4234eb96347aa69c00aa0c5624676a3	25-Nov-2011	Logan Chien <loganchien@google.com>	Apply changes to migrate to clang upstream r145117. (Nov 25th 2011) Change-Id: I13ff6eaa1f0b0f179c026f9703292a532d714c07 ndroid.mk
2a710c84db1ebf0c16cba0ff121ca8e15f045a07	25-Nov-2011	Logan Chien <loganchien@google.com>	Merge with clang upstream r145117 (Nov 25th 2011) Change-Id: Id4fde985342e3c81f13887e8728bd94b82523642
8f4caf5fec2de9b18f9c5fc69696d9f6cf66bcc5	18-Nov-2011	Anna Zaks <ganna@apple.com>	[analyzer] Warn when non pointer arguments are passed to scanf (only when running taint checker). There is an open radar to implement better scanf checking as a Sema warning. However, a bit of redundancy is fine in this case. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@144964 91177308-0d34-0410-b5e6-96231b3b80d8 enericTaintChecker.cpp
3d5f24ae1ad6241e630b7824eb8d02a8576193ab	16-Nov-2011	Benjamin Kramer <benny.kra@googlemail.com>	Update CMake build. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@144829 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
9b0970f2c7fdc070b18e113f0bbd96e7f77b4f54	16-Nov-2011	Anna Zaks <ganna@apple.com>	[analyzer] Catch the first taint propagation implied buffer overflow. Change the ArrayBoundCheckerV2 to be more aggressive in reporting buffer overflows when the offset is tainted. Previously, we did not report bugs when the state was underconstrained (not enough information about the bound to determine if there is an overflow) to avoid false positives. However, if we know that the buffer offset is tainted - comes in from the user space and can be anything, we should report it as a bug. + The very first example of us catching a taint related bug. This is the only example we can currently handle. More to come... git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@144826 91177308-0d34-0410-b5e6-96231b3b80d8 rrayBoundCheckerV2.cpp
df18c5ae6c48d3b56f7f9550875c53dc46eb8d78	16-Nov-2011	Anna Zaks <ganna@apple.com>	[analyzer] Adding generic taint checker. The checker is responsible for defining attack surface and adding taint to symbols. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@144825 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td enericTaintChecker.cpp
0e12ebfd3ef9ad5d894466c6e4910ac5e6041034	16-Nov-2011	Anna Zaks <ganna@apple.com>	[analyzer] Factor getCalleeName to the checker context. many checkers are trying to get a name of the callee when visiting a CallExpr, so provide a convenience API. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@144820 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
71d9a71d19099a6673750b47b32e9786803fa81d	15-Nov-2011	Logan Chien <loganchien@google.com>	Merge with clang upstream r144605 (Nov 15th 2011) Conflicts: include/clang-c/Index.h include/clang/AST/APValue.h include/clang/AST/DeclBase.h include/clang/AST/DeclObjC.h include/clang/Basic/DiagnosticSemaKinds.td include/clang/Serialization/ASTWriter.h lib/AST/APValue.cpp lib/AST/ASTImporter.cpp lib/AST/DeclObjC.cpp lib/AST/ExprConstant.cpp lib/Driver/ToolChains.cpp lib/Frontend/SerializedDiagnosticPrinter.cpp lib/Frontend/Warnings.cpp lib/Lex/HeaderSearch.cpp lib/Lex/LiteralSupport.cpp lib/Sema/SemaExpr.cpp lib/Sema/SemaInit.cpp lib/Sema/SemaPseudoObject.cpp test/Analysis/misc-ps.c test/Analysis/retain-release-path-notes.m test/CodeGen/string-literal-unicode-conversion.c test/CodeGenCXX/blocks.cpp test/Driver/crash-cleanup.c test/Misc/serialized-diags.c test/Misc/warning-flags.c tools/c-index-test/c-index-test.c tools/libclang/CXLoadedDiagnostic.cpp tools/libclang/IndexDecl.cpp tools/libclang/IndexTypeSourceInfo.cpp tools/libclang/Indexing.cpp tools/libclang/IndexingContext.cpp tools/libclang/IndexingContext.h tools/libclang/libclang.exports Change-Id: I6621e7d5d9a9d1e4cdec7b7b62ffa6dffaff375d
4c42bb7815e4f6317826767f8c53776ae03b4028	14-Nov-2011	Ted Kremenek <kremenek@apple.com>	[static analyzer] Tweak RetainCountChecker's diagnostics to correctly indicate if a message was due to a property access. This can potentially be refactored for other clients, and this is a regression from the refactoring of property acceses. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@144571 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
62d3cba9d0c608e894a8ce65f0012d730f29f267	10-Nov-2011	Richard Smith <richard-llvm@metafoo.co.uk>	Constant expression evaluation: support for evaluation of structs and unions of literal types, as well as derived-to-base casts for lvalues and derived-to-virtual-base casts. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@144265 91177308-0d34-0410-b5e6-96231b3b80d8 nreachableCodeChecker.cpp
e6b86f57c7adb6a398e6dc09547146dd6614061b	08-Nov-2011	Anna Zaks <ganna@apple.com>	[analyzer] Remove redundant check from DivZeroChecker Analysis by Ted: " if (stateZero && !stateNotZero) { is checking to see if: (A) "it is possible for the value to be zero" (stateZero) AND (B) "it is not possible for the value to be non-zero" (!stateNotZero) That said, the only way for both B to be true AND A to be false is if the path is completely infeasible by the time we reach the divide-by-zero check. For the most part (all cases?), such cases should automatically get pruned out at branches (i.e., an infeasible path gets dropped), which is the case in our tests. So the question is whether or not such an infeasible path might not get dropped earlier? I can't envision any right now. Indeed, the rest of the checker assumes that if the bug condition didn't fire then 'stateNotZero' is non-NULL: C.addTransition(stateNotZero); " git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@144114 91177308-0d34-0410-b5e6-96231b3b80d8 ivZeroChecker.cpp
c0161d060cd1c1349cb4e8f8d94a300fb7fc07d6	05-Nov-2011	Anna Zaks <ganna@apple.com>	[analyzer] There should be a space between "expect" and "only" git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@143787 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
0c9badaf92f3846a7cf35858c2eb4ae2d737d97e	01-Nov-2011	Anna Zaks <ganna@apple.com>	[analyzer] CheckerContext::getPredecessor() cleanup Remove unnecessary calls to CheckerContext::getPredecessor() + Comments. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@143513 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp etainCountChecker.cpp
98d03ba401daa01833bd9ee79234ab3b630a4e92	28-Oct-2011	Ted Kremenek <kremenek@apple.com>	[analyzer] ObjC message sends to nil receivers that return structs are now okay (compiler zeroes out the data). Fixes <rdar://problem/9151319>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@143215 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp
cab62f8cc4967a6b9b86bb6d2b21562ad5385eb5	26-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Add getLocationContext to CheckerContext CheckerContext::getPredecessor is only used to get to the LocationContext half of the times. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@143061 91177308-0d34-0410-b5e6-96231b3b80d8 uiltinFunctionChecker.cpp StringChecker.cpp teratorsChecker.cpp SErrorChecker.cpp etainCountChecker.cpp tackAddrEscapeChecker.cpp ndefCapturedBlockVarChecker.cpp LASizeChecker.cpp
a21ca0e56b638f148d974c17427efb746674cc31	26-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Remove EmitBasicReport form CheckerContext. The path sensitive checkers should use EmitBasicReport, which provides the node information. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@143060 91177308-0d34-0410-b5e6-96231b3b80d8 SAutoreleasePoolChecker.cpp
23c5497d36cbf0506f48575b6d89abb4dde1b5dc	26-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Rename generateNode -> addTransition in CheckerContext Also document addTransition methods. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@143059 91177308-0d34-0410-b5e6-96231b3b80d8 djustedReturnValueChecker.cpp rrayBoundChecker.cpp rrayBoundCheckerV2.cpp ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp uiltinFunctionChecker.cpp StringChecker.cpp allAndMessageChecker.cpp astToStructChecker.cpp hrootChecker.cpp ereferenceChecker.cpp ivZeroChecker.cpp ixedAddressChecker.cpp teratorsChecker.cpp acOSKeychainAPIChecker.cpp allocChecker.cpp SErrorChecker.cpp bjCAtSyncChecker.cpp bjCSelfInitChecker.cpp ointerArithChecker.cpp ointerSubChecker.cpp threadLockChecker.cpp etainCountChecker.cpp tackAddrEscapeChecker.cpp treamChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp
c23482b5ded0c032a5959d54109d26f38d00edd2	25-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Remove getEngine() form CheckerContext A step toward making sure that diagnostics report should only be generated though the CheckerContext and not though BugReporter or ExprEngine directly. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142947 91177308-0d34-0410-b5e6-96231b3b80d8 SAutoreleasePoolChecker.cpp etainCountChecker.cpp
f5d6176554eda96ac4097a0a1e0852250cadfb9a	25-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Simplify CheckerContext Remove dead members/parameters: ProgramState, respondsToCallback, autoTransition. Remove addTransition method since it's the same as generateNode. Maybe we should rename generateNode to genTransition (since a transition is always automatically generated)? git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142946 91177308-0d34-0410-b5e6-96231b3b80d8 rrayBoundChecker.cpp ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp StringChecker.cpp allAndMessageChecker.cpp hrootChecker.cpp ereferenceChecker.cpp ivZeroChecker.cpp teratorsChecker.cpp acOSKeychainAPIChecker.cpp allocChecker.cpp SErrorChecker.cpp bjCAtSyncChecker.cpp bjCSelfInitChecker.cpp threadLockChecker.cpp etainCountChecker.cpp treamChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp
a284a7a3d1b18428afbf9f6f41b4f057406d3361	25-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Make branch for condition callback use CheckerContext Now, all the path sensitive checkers use CheckerContext! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142944 91177308-0d34-0410-b5e6-96231b3b80d8 ndefBranchChecker.cpp
1f7571b85caea78e0cefb558867ec84e12b32e79	25-Oct-2011	Anna Zaks <ganna@apple.com>	[analyze] Convert EndOfPath callback to use CheckerContext Get rid of the EndOfPathBuilder completely. Use the generic NodeBuilder to generate nodes. Enqueue the end of path frontier explicitly. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142943 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp allocChecker.cpp etainCountChecker.cpp tackAddrEscapeChecker.cpp treamChecker.cpp
7c4629c8bba02762119c873b657329d28abaa4ca	25-Oct-2011	Ted Kremenek <kremenek@apple.com>	Add source-level dominators analysis. Patch by Guoping Long! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142885 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td ebugCheckers.cpp
0962ee5f01b0ee39c82d2bf0583a2446672c4b8c	24-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Node builders cleanup + comments Renamed PureNodeBuilder->StmtNodeBuilder. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142849 91177308-0d34-0410-b5e6-96231b3b80d8 SAtomicChecker.cpp
479f24e3aa41899f65ed45cb31a31436d36650c8	24-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Remove more dependencies from global Builder - OSAtomicChecker - ExprEngine::processStmt git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142846 91177308-0d34-0410-b5e6-96231b3b80d8 SAtomicChecker.cpp
579ee4f9f5c7b8f939621c8008337a3c1c679957	24-Oct-2011	Ted Kremenek <kremenek@apple.com>	Rename AnalysisContext to AnalysisDeclContext. Not only is this name more accurate, but it frees up the name AnalysisContext for other uses. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142782 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp heckSecuritySyntaxOnly.cpp heckSizeofPointer.cpp eadStoresChecker.cpp dempotentOperationChecker.cpp allocOverflowSecurityChecker.cpp bjCSelfInitChecker.cpp nreachableCodeChecker.cpp
180f47959a066795cc0f409433023af448bb0328	10-Nov-2011	Richard Smith <richard-llvm@metafoo.co.uk>	Constant expression evaluation: support for evaluation of structs and unions of literal types, as well as derived-to-base casts for lvalues and derived-to-virtual-base casts. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@144265 91177308-0d34-0410-b5e6-96231b3b80d8 nreachableCodeChecker.cpp
8d0ffc7f8c9e7515c54d47b5fd37f8a62850dffb	08-Nov-2011	Anna Zaks <ganna@apple.com>	[analyzer] Remove redundant check from DivZeroChecker Analysis by Ted: " if (stateZero && !stateNotZero) { is checking to see if: (A) "it is possible for the value to be zero" (stateZero) AND (B) "it is not possible for the value to be non-zero" (!stateNotZero) That said, the only way for both B to be true AND A to be false is if the path is completely infeasible by the time we reach the divide-by-zero check. For the most part (all cases?), such cases should automatically get pruned out at branches (i.e., an infeasible path gets dropped), which is the case in our tests. So the question is whether or not such an infeasible path might not get dropped earlier? I can't envision any right now. Indeed, the rest of the checker assumes that if the bug condition didn't fire then 'stateNotZero' is non-NULL: C.addTransition(stateNotZero); " git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@144114 91177308-0d34-0410-b5e6-96231b3b80d8 ivZeroChecker.cpp
de2a6a81c217ff4b8e77aa4486966eef2edfdb2f	05-Nov-2011	Anna Zaks <ganna@apple.com>	[analyzer] There should be a space between "expect" and "only" git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@143787 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
a2a860306e3697fcf7a12c5ba59551ca60578968	01-Nov-2011	Anna Zaks <ganna@apple.com>	[analyzer] CheckerContext::getPredecessor() cleanup Remove unnecessary calls to CheckerContext::getPredecessor() + Comments. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@143513 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp etainCountChecker.cpp
4a037c70fdaefafb9c635fedb7035ad462a2742c	28-Oct-2011	Ted Kremenek <kremenek@apple.com>	[analyzer] ObjC message sends to nil receivers that return structs are now okay (compiler zeroes out the data). Fixes <rdar://problem/9151319>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@143215 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp
39ac1876f6f9a1a8e0070f0df61036c7ba05202b	26-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Add getLocationContext to CheckerContext CheckerContext::getPredecessor is only used to get to the LocationContext half of the times. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@143061 91177308-0d34-0410-b5e6-96231b3b80d8 uiltinFunctionChecker.cpp StringChecker.cpp teratorsChecker.cpp SErrorChecker.cpp etainCountChecker.cpp tackAddrEscapeChecker.cpp ndefCapturedBlockVarChecker.cpp LASizeChecker.cpp
48468dfeb3ccf099ed51ff5dcb8ae0fe783692fd	26-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Remove EmitBasicReport form CheckerContext. The path sensitive checkers should use EmitBasicReport, which provides the node information. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@143060 91177308-0d34-0410-b5e6-96231b3b80d8 SAutoreleasePoolChecker.cpp
0bd6b110e908892d4b5c8671a9f435a1d72ad16a	26-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Rename generateNode -> addTransition in CheckerContext Also document addTransition methods. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@143059 91177308-0d34-0410-b5e6-96231b3b80d8 djustedReturnValueChecker.cpp rrayBoundChecker.cpp rrayBoundCheckerV2.cpp ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp uiltinFunctionChecker.cpp StringChecker.cpp allAndMessageChecker.cpp astToStructChecker.cpp hrootChecker.cpp ereferenceChecker.cpp ivZeroChecker.cpp ixedAddressChecker.cpp teratorsChecker.cpp acOSKeychainAPIChecker.cpp allocChecker.cpp SErrorChecker.cpp bjCAtSyncChecker.cpp bjCSelfInitChecker.cpp ointerArithChecker.cpp ointerSubChecker.cpp threadLockChecker.cpp etainCountChecker.cpp tackAddrEscapeChecker.cpp treamChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp
6a93bd526c5136ee5a26871e829cf5a8548a1c6a	25-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Remove getEngine() form CheckerContext A step toward making sure that diagnostics report should only be generated though the CheckerContext and not though BugReporter or ExprEngine directly. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142947 91177308-0d34-0410-b5e6-96231b3b80d8 SAutoreleasePoolChecker.cpp etainCountChecker.cpp
063e0887ad65d666d23ee3178436ad6507abbd1b	25-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Simplify CheckerContext Remove dead members/parameters: ProgramState, respondsToCallback, autoTransition. Remove addTransition method since it's the same as generateNode. Maybe we should rename generateNode to genTransition (since a transition is always automatically generated)? git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142946 91177308-0d34-0410-b5e6-96231b3b80d8 rrayBoundChecker.cpp ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp StringChecker.cpp allAndMessageChecker.cpp hrootChecker.cpp ereferenceChecker.cpp ivZeroChecker.cpp teratorsChecker.cpp acOSKeychainAPIChecker.cpp allocChecker.cpp SErrorChecker.cpp bjCAtSyncChecker.cpp bjCSelfInitChecker.cpp threadLockChecker.cpp etainCountChecker.cpp treamChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp
f236b6503a4dbc44c1fccb8756bd57c9d0efdf05	25-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Make branch for condition callback use CheckerContext Now, all the path sensitive checkers use CheckerContext! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142944 91177308-0d34-0410-b5e6-96231b3b80d8 ndefBranchChecker.cpp
af498a28797c075c48d7e943df5f5a8e78ed8eb0	25-Oct-2011	Anna Zaks <ganna@apple.com>	[analyze] Convert EndOfPath callback to use CheckerContext Get rid of the EndOfPathBuilder completely. Use the generic NodeBuilder to generate nodes. Enqueue the end of path frontier explicitly. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142943 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp allocChecker.cpp etainCountChecker.cpp tackAddrEscapeChecker.cpp treamChecker.cpp
58f6f1e37ab32fdd0c8bab6771d8e09bc139e9ed	25-Oct-2011	Ted Kremenek <kremenek@apple.com>	Add source-level dominators analysis. Patch by Guoping Long! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142885 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td ebugCheckers.cpp
aa0aeb1cbe117db68d35700cb3a34aace0f99b99	24-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Node builders cleanup + comments Renamed PureNodeBuilder->StmtNodeBuilder. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142849 91177308-0d34-0410-b5e6-96231b3b80d8 SAtomicChecker.cpp
f185cc1ac77a84139c603eee3473b88dcb839c68	24-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Remove more dependencies from global Builder - OSAtomicChecker - ExprEngine::processStmt git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142846 91177308-0d34-0410-b5e6-96231b3b80d8 SAtomicChecker.cpp
1d26f48dc2eea1c07431ca1519d7034a21b9bcff	24-Oct-2011	Ted Kremenek <kremenek@apple.com>	Rename AnalysisContext to AnalysisDeclContext. Not only is this name more accurate, but it frees up the name AnalysisContext for other uses. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142782 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp heckSecuritySyntaxOnly.cpp heckSizeofPointer.cpp eadStoresChecker.cpp dempotentOperationChecker.cpp allocOverflowSecurityChecker.cpp bjCSelfInitChecker.cpp nreachableCodeChecker.cpp
fe6bd6dc51777802a0118521b9039981a0e6a806	21-Oct-2011	Logan Chien <loganchien@google.com>	Apply changes to migrate to upstream Oct 20th 2011 (r142531) Change-Id: I32cdb5da2c07c84e01f42b4e87161196f468806a ndroid.mk
00a92abaf907802bfa4d6f38bdd242c6bfc34c09	21-Oct-2011	Logan Chien <loganchien@google.com>	Merge with clang upstream Oct 20th 2011 (r142531) Change-Id: I42181113f38ce445f2a48694d6f654438562b71e
4e82d3cf6fd4c907265e3fa3aac0a835c35dc759	19-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Make NodeBuilder and Pred node loosely coupled NodeBuilder should not assume it's dealing with a single predecessor. Remove predecessor getters. Modify the BranchNodeBuilder to not be responsible for doing auto-transitions (which depend on a predecessor). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142453 91177308-0d34-0410-b5e6-96231b3b80d8 ndefBranchChecker.cpp
67d9fbac82922ef5b6c9ba5ac4a07e80f9960292	19-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Remove dead code. ExprEngineBuilders is not used. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142450 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
cd656cab3fa3dd4b0c974c6ae1c0e60880b18c22	19-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Modularize builder use in processBranch. Take advantage of the new builders for branch processing. As part of this change pass generic NodeBuilder (instead of BranchNodeBuilder) to the BranchCondition callback and remove the unused methods form BranchBuilder. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142448 91177308-0d34-0410-b5e6-96231b3b80d8 ndefBranchChecker.cpp
a19f4af7a94835ce4693bfe12d6270754e79eb56	19-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] NodeBuilder Refactoring: Subclass BranchNodeBuilder from NodeBuilder. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142444 91177308-0d34-0410-b5e6-96231b3b80d8 ndefBranchChecker.cpp
f05aac8472d8ed081a361a218fd14d59ddc91b85	19-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Node Builder refactoring: Introduce a simple Node Builder responsible for generating the node frontier. Currently we have a bunch of different node builders which provide some common functionality but are difficult to refactor. Each builder generates nodes of different kinds and calculates the frontier nodes, which should be propagated to the next step (after the builder dies). Introduce a new NodeBuilder which provides very basic node generation facilities but takes care of the second problem. The idea is that all the other builders will eventually use it. Use this builder in CheckerContext instead of StmtNodeBuilder (the way the frontier is propagated to the StmtBuilder is a hack and will be removed later on). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142443 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
b8989f27f116ff2400e92a52c067a69846119eb5	14-Oct-2011	Benjamin Kramer <benny.kra@googlemail.com>	Change operator<< for raw_ostream and NamedDecl to take a reference instead of a pointer. Passing a pointer was a bad idea as it collides with the overload for void*. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141971 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp StringChecker.cpp allAndMessageChecker.cpp heckObjCDealloc.cpp heckObjCInstMethSignature.cpp heckSecuritySyntaxOnly.cpp eadStoresChecker.cpp allocChecker.cpp bjCUnusedIVarsChecker.cpp etainCountChecker.cpp tackAddrEscapeChecker.cpp
c800f68f8e61007a6dc5dc8213629fb423e76cd9	11-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Fix a typo. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141678 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
a7957ff18c2480cb46081311067b61eb47023355	11-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Warn about the use of insecure, deprecated vfork() function PR11053 (http://llvm.org/bugs/show_bug.cgi?id=11053). A patch by Graham Lee! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141643 91177308-0d34-0410-b5e6-96231b3b80d8 heckSecuritySyntaxOnly.cpp
a6b8b2c09610b8bc4330e948ece8b940c2386406	10-Oct-2011	Richard Smith <richard-llvm@metafoo.co.uk>	Constant expression evaluation refactoring: - Remodel Expr::EvaluateAsInt to behave like the other EvaluateAs* functions, and add Expr::EvaluateKnownConstInt to capture the current fold-or-assert behaviour. - Factor out evaluation of bitfield bit widths. - Fix a few places which would evaluate an expression twice: once to determine whether it is a constant expression, then again to get the value. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141561 91177308-0d34-0410-b5e6-96231b3b80d8 allocOverflowSecurityChecker.cpp
a5937bbfd19e61d651a58b0f0ffeef68457902a5	08-Oct-2011	Ted Kremenek <kremenek@apple.com>	Remove AnalysisContext::getLiveVariables(), and introduce a templatized mechanism to lazily create analyses that are attached to AnalysisContext objects. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141425 91177308-0d34-0410-b5e6-96231b3b80d8 eadStoresChecker.cpp ebugCheckers.cpp
5e1cdac63c3d9c9b32fa41fa0b2d242a58a20d49	07-Oct-2011	John McCall <rjmccall@apple.com>	Rename TagDecl::isDefinition -> isCompleteDefinition for better self-documenting code, since the semantics are subtly different from getDefinition(). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141355 91177308-0d34-0410-b5e6-96231b3b80d8 LVMConventionsChecker.cpp
6ee5b9384533d5b3f8c18b578fccd3935e1b892f	06-Oct-2011	Peter Collingbourne <peter@pcc.me.uk>	Clang-side build system infrastructure for multiple tblgens. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141267 91177308-0d34-0410-b5e6-96231b3b80d8 akefile
390909c89c98ab1807e15e033a72e975f866fb23	06-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Remove the dependency on CheckerContext::getStmt() as well as the method itself. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141262 91177308-0d34-0410-b5e6-96231b3b80d8 rrayBoundChecker.cpp rrayBoundCheckerV2.cpp ereferenceChecker.cpp allocChecker.cpp SErrorChecker.cpp bjCSelfInitChecker.cpp etainCountChecker.cpp ndefinedAssignmentChecker.cpp
93edbc5269c166e3ab50ccb323b934c7bdf07c3c	06-Oct-2011	Ted Kremenek <kremenek@apple.com>	Fix major regression in RetainCountChecker. DefaultSummaries were not being used when they were meant to be. Fixes <rdar://problem/10241614>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141250 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
4eff823b8e015e003d05953c386d685ee6bb6235	06-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Remove the last dependency on CheckerContext::getNodeBuilder() as well as the method itself. Checkers should not directly access NodeBuilder, nodes can be created by calling the CheckerContext's generateNode() methods. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141249 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
dff6ef903ff4fcb43b5ea292ecd772e381393b5d	06-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] OSAtomicChecker implements evalCall in a very invasive way - it essentially simulates inlining of compareAndSwap() by means of setting the NodeBuilder flags and calling ExprEngine directly. This commit introduces a new callback just for this checker to unblock checker API cleanup. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141246 91177308-0d34-0410-b5e6-96231b3b80d8 SAtomicChecker.cpp
cbb7add8d7e3f868a6695a601e45fc13257bd9f5	05-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Removing more references to CheckerContext::getNodeBuilder(): ask CheckerContext to generate the nodes. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141136 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
5d0ea6d62e076c776ddad028c4eb615783be1323	04-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Removing references to CheckerContext::getNodeBuilder(): checkers can obtain block count directly from the Context. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141112 91177308-0d34-0410-b5e6-96231b3b80d8 uiltinFunctionChecker.cpp StringChecker.cpp allocChecker.cpp etainCountChecker.cpp treamChecker.cpp
8ba721428af297e540fb40b176eeeea0ee010c1f	04-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Remove unused methods, add comments to others. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141098 91177308-0d34-0410-b5e6-96231b3b80d8 oReturnFunctionChecker.cpp
3381a73dd77f3f84a6cdc8a0e3c4ec53b7df9651	04-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Remove redundant state (AnalysisContext pointer for every BinaryOperator tracked) from IdempotentOperationChecker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141045 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp
1e9775d36de8edbc665c0f0bf4dae1400e3d2112	03-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] In UndefBranchChecker, use a node generator which does not create an edge/branching. (ExprEngine should be in charge of generating edges. The checkers should examine the condition and generate PostCondition node if needed.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141034 91177308-0d34-0410-b5e6-96231b3b80d8 ndefBranchChecker.cpp
9c81bc2763dc37f78f357be339a6376402aad537	03-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Cleanup in UndefBranchChecker: - Remove unused FindUndefExpr::ProgramStateManager. - The Condition parameter of the callback is the terminator of the block, no need to retrieve it again. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141027 91177308-0d34-0410-b5e6-96231b3b80d8 ndefBranchChecker.cpp
491306a83c4f0f49f95a3bcbca8580cb98a91c7a	03-Oct-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	Allow getting all source locations of selector identifiers in a ObjCMethodDecl. Instead of always storing all source locations for the selector identifiers we check whether all the identifiers are in a "standard" position; "standard" position is -Immediately before the arguments: -(id)first:(int)x second:(int)y; -With a space between the arguments: -(id)first: (int)x second: (int)y; -For nullary selectors, immediately before ';': -(void)release; In such cases we infer the locations instead of storing them. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@140989 91177308-0d34-0410-b5e6-96231b3b80d8 SErrorChecker.cpp etainCountChecker.cpp
7df2ff45f101c87398329d0ea23c1377328dca40	01-Oct-2011	John McCall <rjmccall@apple.com>	Tweak the interface for analyzing the CF conventions for a name to take a FunctionDecl* instead of an llvm::StringRef. Eventually we might push more logic in there, like using slightly different conventions for C++ methods. Also, fix a bug where 'copy' and 'create' were being caught in non-camel-cased strings. We want copyFoo and CopyFoo and XCopy but not Xcopy or xcopy. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@140911 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
0658879cc98e8cb918e2f349a59c901f74f0de11	30-Sep-2011	Anna Zaks <ganna@apple.com>	[analyzer] Fix a bug in RetainReleaseChecker diagnostics. It gives more precise error message on the modified test case (and prevents duplicate diagnostics when we purge at block granularity). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@140840 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
7e5f112ca7410af93c7cdc07cf3a9dae15214300	28-Sep-2011	Anna Zaks <ganna@apple.com>	Fix a crash in MallocOverflowSecurityChecker. Patch by Lei Zhang. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@140648 91177308-0d34-0410-b5e6-96231b3b80d8 allocOverflowSecurityChecker.cpp
d25be9f401baf469892890119f915289b041e4f0	24-Sep-2011	Benjamin Kramer <benny.kra@googlemail.com>	Fix comment typo. Patch by Rui Paulo! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@140448 91177308-0d34-0410-b5e6-96231b3b80d8 threadLockChecker.cpp
b219cfc4d75f0a03630b7c4509ef791b7e97b2c8	23-Sep-2011	David Blaikie <dblaikie@gmail.com>	Switch assert(0/false) llvm_unreachable. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@140367 91177308-0d34-0410-b5e6-96231b3b80d8 tackAddrEscapeChecker.cpp
590dd8e0959d8df5621827768987c4792b74fc06	20-Sep-2011	Anna Zaks <ganna@apple.com>	[analyzer] Refactor PathDiagnosticLocation: Make PathDiagnosticLocation(SourceLocation...) private. Most of the effort here goes to making BugReport refer to a PathDiagnosticLocation instead of FullSourceLocation. (Another step closer to the goal of having Diagnostics which can recover from invalid SourceLocations.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@140182 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp heckObjCDealloc.cpp heckObjCInstMethSignature.cpp heckSecuritySyntaxOnly.cpp heckSizeofPointer.cpp eadStoresChecker.cpp LVMConventionsChecker.cpp allocOverflowSecurityChecker.cpp SAutoreleasePoolChecker.cpp SErrorChecker.cpp bjCUnusedIVarsChecker.cpp etainCountChecker.cpp nreachableCodeChecker.cpp
4fdf97bf51d2a156cec3232efd6dae110aa02aa0	15-Sep-2011	Anna Zaks <ganna@apple.com>	[analyzer] Refactor: make PathDiagnosticLocation responsible for validation of SourceLocations (commit 2 of ?): - Fix a fixme and move the logic of creating a PathDiagnosticLocation corresponding to a ProgramPoint into a PathDiagnosticLocation constructor. - Rename PathDiagnosticLocation::create to differentiate from the added constructor. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@139825 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
220ac8c175cb1bf9b18d82eefe036995d7a2164d	15-Sep-2011	Anna Zaks <ganna@apple.com>	[analyzer] Refactor: make PathDiagnosticLocation responsible for validation of SourceLocations (commit 2 of ?): - Modify all PathDiagnosticLocation constructors that take Stmt to also requre LocationContext. - Add a constructor which should be used in case there is no valid statement/location (it will grab the location of the enclosing function). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@139763 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp etainCountChecker.cpp
43f48b0b1bc763dc56db6e01de4fcc44ad389bef	14-Sep-2011	Anna Zaks <ganna@apple.com>	[analyzer] Refactor: Make PathDiagnosticLocation responsible for creating a valid object given an ExploadedNode (the same logic can be reused by other checkers). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@139672 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
e289d81369914678db386f6aa86faf8f178e245d	13-Sep-2011	Douglas Gregor <dgregor@apple.com>	Switch LangOptions over to a .def file that describes header of the language options. Use that .def file to declare the LangOptions class and initialize all of its members, eliminating a source of annoying initialization bugs. AST serialization changes are next up. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@139605 91177308-0d34-0410-b5e6-96231b3b80d8 heckObjCDealloc.cpp SAutoreleasePoolChecker.cpp etainCountChecker.cpp
d77ba899b3ed39aa4bdba22aabc4bcd5ca6effdf	03-Sep-2011	Benjamin Kramer <benny.kra@googlemail.com>	Make helpers static, remove unused variables. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@139078 91177308-0d34-0410-b5e6-96231b3b80d8 etainCountChecker.cpp
d1e5a89226da79f7e6f43d40facc46abda9e5245	02-Sep-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Remove TransferFuncs.h, then deal with the fallout. And with that, TransferFuncs is gone! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@139003 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp allAndMessageChecker.cpp SAutoreleasePoolChecker.cpp oReturnFunctionChecker.cpp bjCSelfInitChecker.cpp etainCountChecker.cpp
910c4050b7cf0a5742a12e123b99ed29dacd9fbf	02-Sep-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Move RetainReleaseChecker to the Checkers library and rename it to RetainCountChecker...and clean up the file while I'm at it. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@139002 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt etainCountChecker.cpp
17a38e2636a8b1ce473fc6504c4b16cb09db29f4	02-Sep-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Move the knowledge of whether or not GC is enabled for the current analysis from CFRefCount to ExprEngine. Remove TransferFuncs from ExprEngine and AnalysisConsumer. Demote RetainReleaseChecker to a regular checker, and give it the name osx.cocoa.RetainCount (class name change coming shortly). Update tests accordingly. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138998 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
bcfd1f55bfbb3e5944cd5e03d07b343e280838c4	02-Sep-2011	Douglas Gregor <dgregor@apple.com>	Extend the ASTContext constructor to delay the initialization of builtin types (When requested). This is another step toward making ASTUnit build the ASTContext as needed when loading an AST file, rather than doing so after the fact. No actual functionality change (yet). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138985 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp heckSecuritySyntaxOnly.cpp nixAPIChecker.cpp
d56763fd33321cb3d0f17804abecb379cea78c01	01-Sep-2011	Zhongxing Xu <xuzhongxing@foxmail.com>	If size was equal to 0, either NULL or a pointer suitable to be passed to free() is returned by realloc(). Most code expect NULL. And we only need to transfer one final ProgramState. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138937 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
1af9d9e5f6d0f07917c01b1017620104dbbc0e7f	31-Aug-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Fix varargs helper to only use POD types even for named arguments. Thanks, Joerg. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138875 91177308-0d34-0410-b5e6-96231b3b80d8 oReturnFunctionChecker.cpp
065a4055f796c545cdcc89a490be2d3288426d57	29-Aug-2011	Anna Zaks <ganna@apple.com>	[analyzer] MacOSKeychainAPIChecker: Simplify getSymbolForRegion by using existing API. Thanks Jordy. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138765 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
8b6eb7ce4f6a7124babd4d7f6f4bb4bb5f6daddf	29-Aug-2011	Anna Zaks <ganna@apple.com>	Fix: Bug 10798 - [analyzer] Crash when analyzing ICU. (A slight improvement on the previous commit.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138762 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
5c96f862b7789594b11db74416af12e379a299b9	29-Aug-2011	Anna Zaks <ganna@apple.com>	Fix bug 10797: Crash: "cast<Ty>() argument of incompatible type!" assert when analyzing ICU. Patch by Jean-Daniel Dupas. Thanks for spotting and fixing! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138757 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
537716ad8dd10f984b6cfe6985afade1185c5e3c	28-Aug-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Change the check::RegionChanges callback to include the regions explicitly requested for invalidation. Also, allow CallOrObjCMessage to wrap a CXXConstructExpr as well. Finally, this allows us to remove the clunky whitelisting system from CFRefCount/RetainReleaseChecker. Slight regression due to CXXNewExprs not yet being handled in post-statement callbacks (PR forthcoming). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138716 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
782f63ecd124f9384f988dc7e0cf4ae1540c15f6	26-Aug-2011	Jeffrey Yasskin <jyasskin@google.com>	Handle CXXTempObjectRegion in StackAddrEscapeChecker. Also convert stack-addr-ps.cpp to use the analyzer instead of just Sema, now that it doesn't crash, and extract the stack-block test into another file since it errors, and that prevents the analyzer from running. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138613 91177308-0d34-0410-b5e6-96231b3b80d8 tackAddrEscapeChecker.cpp
eacd2b469bea7b5fe4f7643087faefc9f1fb3922	25-Aug-2011	Anna Zaks <ganna@apple.com>	[analyzer] MacOSKeychainAPIChecker: Cleanup AllocationState structure. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138535 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
6b7aad989f45a4684981b604ad603f53a5ef6f65	25-Aug-2011	Anna Zaks <ganna@apple.com>	[analyzer] MacOSKeychainAPIChecker: Add the custom BugReport visitor(which highlights the allocation site) to all the relevant reports within the checker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138531 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
5eb7d82604970c2d2730a8b1fe5ee268b37f9844	24-Aug-2011	Anna Zaks <ganna@apple.com>	[analyzer] Do not use references in std::pair. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138497 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
e94cb98d39fcd2cca68ab1b0d71f9a16b5e934c1	24-Aug-2011	Anna Zaks <ganna@apple.com>	[analyzer] Unbreak the release buildbot. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138493 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
98401114e1c6dd3a3271820d16781d792555e40e	24-Aug-2011	Anna Zaks <ganna@apple.com>	[analyzer] MacOSKeychainAPIChecker: Provide reacher diagnostic trace by pointing to the allocation site when reporting a leak. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138479 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
6cf0ed062fb7ff3def3b627bab8ca275a549579e	24-Aug-2011	Anna Zaks <ganna@apple.com>	[analyzer] MacOSKeychainAPIChecker: Add reasoning about functions which MIGHT deallocate the memory region allocated with SecKeychain APIs. Specifically, when the buffer is passed to CFStringCreateWithBytesNoCopy along with a custom deallocator, which might potentially correctly release the memory. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138417 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
31e1028afca8745ff6cfd64ecacdc05e513039ec	24-Aug-2011	Anna Zaks <ganna@apple.com>	[analyzer] MacOSKeychainAPIChecker: Retrieve the memory region which we are tracking even when it's no longer a SymbolicRegion, for example, when it is cast to char*. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138415 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
dd6060ebbd92842fbebd5d383f5ad48b29e7c99c	24-Aug-2011	Anna Zaks <ganna@apple.com>	Move creation of the deallocation mismatch report into a separate function for future reuse. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138414 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
7bbd166c0e7644e56257537fc16082bf270f8dfb	23-Aug-2011	Anna Zaks <ganna@apple.com>	[analyzer] MacOSKeychainAPIChecker: Users of KeyChain API often use free() to deallocate the password. Catch this error explicitly and generate the error message at the place where free() is called. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138296 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
7df1234c2e62b2a23dc4417e527f941c20ebe858	21-Aug-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Replace calls to getNameAsString() with StringRef equivalents. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138215 91177308-0d34-0410-b5e6-96231b3b80d8 eadStoresChecker.cpp tackAddrEscapeChecker.cpp
d9f5a709ddbffe35dcc419c9c3fa6a852e833f7a	20-Aug-2011	Benjamin Kramer <benny.kra@googlemail.com>	Fix compile on platforms that don't implicitly include stdarg.h here. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138214 91177308-0d34-0410-b5e6-96231b3b80d8 oReturnFunctionChecker.cpp
e62e87bdb14ec0237819a3b66f6a30105a8f5a0c	20-Aug-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Move handling of hardcoded noreturn ("panic") methods from CFRefCount to NoReturnFunctionChecker. No functionality change intended. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138210 91177308-0d34-0410-b5e6-96231b3b80d8 oReturnFunctionChecker.cpp
e0e29332c89da22b6890929b97e6f568c917d85f	20-Aug-2011	Ted Kremenek <kremenek@apple.com>	Remove dead code. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138183 91177308-0d34-0410-b5e6-96231b3b80d8 heckSecuritySyntaxOnly.cpp
50bbc165b063155cc23c360deb7b865502e068e2	20-Aug-2011	Anna Zaks <ganna@apple.com>	Static Analyzer Diagnostics: Kill the addVisitorCreator(callbackTy, void) API in favor of addVisitor(BugReporterVisitor). 1) Create a header file to expose the predefined visitors. And move the parent(BugReporterVisitor) there as well. 2) Remove the registerXXXVisitor functions - the Visitor constructors/getters can be used now to create the object. One exception is registerVarDeclsLastStore(), which registers more then one visitor, so make it static member of FindLastStoreBRVisitor. 3) Modify all the checkers to use the new API. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138126 91177308-0d34-0410-b5e6-96231b3b80d8 ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp StringChecker.cpp allAndMessageChecker.cpp ereferenceChecker.cpp ivZeroChecker.cpp dempotentOperationChecker.cpp bjCAtSyncChecker.cpp eturnUndefChecker.cpp ndefBranchChecker.cpp ndefCapturedBlockVarChecker.cpp ndefResultChecker.cpp ndefinedArraySubscriptChecker.cpp ndefinedAssignmentChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp
e172e8b9e7fc67d7d03589af7e92fe777afcf33a	18-Aug-2011	Anna Zaks <ganna@apple.com>	Remove EnhancedBugReport and RangedBugReport - pull all the extra functionality they provided into their parent BugReport. The only functional changes are: made getRanges() non const - it adds default range to Ranges if none are supplied, made getStmt() private, which was another FIXME. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137894 91177308-0d34-0410-b5e6-96231b3b80d8 rrayBoundChecker.cpp rrayBoundCheckerV2.cpp ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp StringChecker.cpp allAndMessageChecker.cpp astSizeChecker.cpp astToStructChecker.cpp ereferenceChecker.cpp ivZeroChecker.cpp ixedAddressChecker.cpp dempotentOperationChecker.cpp teratorsChecker.cpp acOSKeychainAPIChecker.cpp acOSXAPIChecker.cpp allocChecker.cpp SErrorChecker.cpp bjCAtSyncChecker.cpp bjCSelfInitChecker.cpp ointerArithChecker.cpp ointerSubChecker.cpp threadLockChecker.cpp eturnPointerRangeChecker.cpp eturnUndefChecker.cpp tackAddrEscapeChecker.cpp ndefBranchChecker.cpp ndefCapturedBlockVarChecker.cpp ndefResultChecker.cpp ndefinedArraySubscriptChecker.cpp ndefinedAssignmentChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp
08b86531ade68727c56918f162816075b87c864a	16-Aug-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Overhaul of checker registration in preparation for basic plugin support. Removes support for checker groups (we can add them back in later if we decide they are still useful), and -analyzer-checker-help output is a little worse for the time being (no packages). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137758 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt langCheckers.cpp langSACheckerProvider.cpp langSACheckerProvider.h langSACheckers.h
b1a1950291c1385008af7d33b56fdb881a9b9ee5	16-Aug-2011	Anna Zaks <ganna@apple.com>	MacOSKeychainAPIChecker: Turn it on by default. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137740 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
f0c7fe56891d9d329e45d968a3ac2437f78f4bfa	16-Aug-2011	Anna Zaks <ganna@apple.com>	MacOSKeychainAPIChecker: Do not report double allocation if first allocation returned an error. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137720 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
7d458b0768160819d7380da8046a31ef092c601d	16-Aug-2011	Anna Zaks <ganna@apple.com>	MacOSKeychainAPIChecker: The security API/memory leak checker should always generate regular nodes instead of sink nodes. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137681 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
18c66fdc3c4008d335885695fe36fb5353c5f672	16-Aug-2011	Ted Kremenek <kremenek@apple.com>	Rename GRState to ProgramState, and cleanup some code formatting along the way. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137665 91177308-0d34-0410-b5e6-96231b3b80d8 djustedReturnValueChecker.cpp rrayBoundChecker.cpp rrayBoundCheckerV2.cpp ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp uiltinFunctionChecker.cpp StringChecker.cpp allAndMessageChecker.cpp astSizeChecker.cpp hrootChecker.cpp ereferenceChecker.cpp ivZeroChecker.cpp ixedAddressChecker.cpp dempotentOperationChecker.cpp teratorsChecker.cpp acOSKeychainAPIChecker.cpp acOSXAPIChecker.cpp allocChecker.cpp SErrorChecker.cpp oReturnFunctionChecker.cpp SAtomicChecker.cpp bjCAtSyncChecker.cpp bjCSelfInitChecker.cpp ointerArithChecker.cpp ointerSubChecker.cpp threadLockChecker.cpp eturnPointerRangeChecker.cpp tackAddrEscapeChecker.cpp treamChecker.cpp ndefBranchChecker.cpp ndefCapturedBlockVarChecker.cpp ndefResultChecker.cpp ndefinedAssignmentChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp
67f7fa471c6928eee5cd28ca3886df9b8f0e1539	15-Aug-2011	Anna Zaks <ganna@apple.com>	MacOSKeychainAPIChecker: Use llvm::SmallString instead of std::string (as per code review for r137523). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137633 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
9c378f705405d37f49795d5e915989de774fe11f	13-Aug-2011	Ted Kremenek <kremenek@apple.com>	Cleanup various declarations of 'Stmt' to be 'Stmt ', etc. in libAnalyzer and libStaticAnalyzer[*]. It was highly inconsistent, and very ugly to look at. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137537 91177308-0d34-0410-b5e6-96231b3b80d8 rrayBoundCheckerV2.cpp ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp StringChecker.cpp allAndMessageChecker.cpp heckObjCDealloc.cpp heckObjCInstMethSignature.cpp hrootChecker.cpp eadStoresChecker.cpp teratorsChecker.cpp allocChecker.cpp SAutoreleasePoolChecker.cpp SAtomicChecker.cpp bjCSelfInitChecker.cpp bjCUnusedIVarsChecker.cpp threadLockChecker.cpp tackAddrEscapeChecker.cpp ndefBranchChecker.cpp ndefinedAssignmentChecker.cpp LASizeChecker.cpp
ca804539d908d3a0e8c72a0df5f1f571d29490bb	13-Aug-2011	Ted Kremenek <kremenek@apple.com>	[analyzer] change "tag" in ProgramPoint from "void" to a ProgramPointTag. Having a notion of an actual ProgramPointTag will aid in introspection of the analyzer's behavior. For example, the GraphViz output of the analyzer will pretty-print the tags in a useful manner. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137529 91177308-0d34-0410-b5e6-96231b3b80d8 SAtomicChecker.cpp
79c9c75737cb22fd74d186999eccc10672eef8c0	13-Aug-2011	Anna Zaks <ganna@apple.com>	MacOSKeychainAPIChecker: If the allocated data address entered as an enclosing function parameter, skip it to avoid false positives. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137526 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
703ffb11eff7bc6e8532bdbe54045e19a7732253	12-Aug-2011	Anna Zaks <ganna@apple.com>	MacOSKeychainAPIChecker: Report errors earlier: on checkDeadSymbols() and clear the state after the symbol we are tracking goes out of scope. Also, perform lazy error checking. Instead of forcing the paths to be split depending one the return value of the allocator, make the return symbol depend on the allocated data symbol, which prolongs its life span to the time when the allocated data symbol becomes dead. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137523 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
096aef9597b263b4cd6a0feaacf9e7214fa9c75a	12-Aug-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Nitpicks on Olaf's patch, which I meant to e-mail but then didn't in time. One is cleanup, the other is me being OCD about enum group nesting. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137517 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
864d25233426d36ef4f86019d0a1a0de5d742db9	12-Aug-2011	Anna Zaks <ganna@apple.com>	MacOSKeychainAPIChecker: There is no need to use SymbolMetadata to represent the allocated data symbol, we can just use the symbol corresponding to the SymbolicRegion. This simplifies tracking of the symbol, for example, SymbolMetadata needs to go through extra hoops to stay alive. Make AllocationState internal to the MacOSKeychainAPIChecker class. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137514 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
9697934650354bed2e509d8e7e44f21a1fb00f76	12-Aug-2011	Ted Kremenek <kremenek@apple.com>	[analyzer] Introduce new MemRegion, "TypedValueRegion", so that we can separate TypedRegions that implement getValueType() from those that don't. Patch by Olaf Krzikalla! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137498 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp StringChecker.cpp allAndMessageChecker.cpp SAtomicChecker.cpp
5a58c6d66db05ad17673e2258946b61898721cd7	06-Aug-2011	Anna Zaks <ganna@apple.com>	KeychainAPI checker: Track SymbolMetadata instead of MemRegion in checker state so that we could clear the state on evalDeadSymbols; also track the return value. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137003 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
ca0b57e07cfa029d4a6a061260727625bd833fd4	05-Aug-2011	Anna Zaks <ganna@apple.com>	KeychainAPI checker: Generate an error on double allocation. Pull out getAsPointeeMemoryRegion so that it could be reused. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136952 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
76cbb75ff8c1c14ad0164b602176d5d4515eb06c	04-Aug-2011	Anna Zaks <ganna@apple.com>	KeychainAPI checker: Track additional pair of SecKeychain APIs. Also, keep exploring the transition on which a call to allocator function failed (to be able to find errors in examples like ErrorCodesFromDifferentAPISDoNotInterfere). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136930 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
083fcb208ee2c8c2e375c41482a92039282e6389	04-Aug-2011	Anna Zaks <ganna@apple.com>	KeychainAPI checker: Refactor to make it easier to add more allocator/deallocator API pairs. Add the allocator function ID to the checker state. Better comments. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136889 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
08551b575396ec89411a4e416d27fd7056ceaa9b	04-Aug-2011	Anna Zaks <ganna@apple.com>	KeychainAPI checker: refactor to use early exit. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136852 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
03826aaf95018e3b29f94a10ca5616c0fc9bbee5	04-Aug-2011	Anna Zaks <ganna@apple.com>	KeychainAPI checker: Add basic diagnostics. Track MemoryRegion istead of SymbolicRef since the address might not be a symbolic value in some cases, for example in fooOnlyFree() test. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136851 91177308-0d34-0410-b5e6-96231b3b80d8 acOSKeychainAPIChecker.cpp
0e2447113598cbd72a0cd79ac512f68d894dfbf6	04-Aug-2011	Ted Kremenek <kremenek@apple.com>	[analyzer] Remove 'all-experimental' checker group. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136849 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
033a07e5fca459ed184369cfee7c90d82367a93a	04-Aug-2011	Ted Kremenek <kremenek@apple.com>	[analyzer] rename all experimental checker packages to have 'experimental' be the common root package. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136835 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
17f7bdddd11a2dc5b4be248f756e14b1ebfe207b	03-Aug-2011	Ted Kremenek <kremenek@apple.com>	[analyzer] Introduce MallocOverflowSecurityChecker, a simple flow-sensitive checker that may be useful for security auditing. This checker is currently too noisy to be on by default. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136804 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td allocOverflowSecurityChecker.cpp
e68b5f1fa73f8404c5d6859a3d8a139fb1da7bbb	02-Aug-2011	Anna Zaks <ganna@apple.com>	KeychainAPI checker: only check the paths on which the allocator function returned noErr. (+ minor cleanup) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136694 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td acOSKeychainAPIChecker.cpp
f57be289b6040c6c92c026844a70b4f8eaba34f3	02-Aug-2011	Anna Zaks <ganna@apple.com>	Add a skeleton for the Keychain Services API Checker. Register it as OSX experimental for now. Note, the checker still does not handle tracking of escaped values, taking into account the return value of the allocator functions, nor the actual bug reporting.. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136659 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td acOSKeychainAPIChecker.cpp
b9a8adf57b30611951e72e140b61ecc7caee3564	31-Jul-2011	Benjamin Kramer <benny.kra@googlemail.com>	Remove dead code flagged by GCC's -Wunused-but-set-variable. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136581 91177308-0d34-0410-b5e6-96231b3b80d8 threadLockChecker.cpp
882998923889a2fcce9b49696506c499e22cf38f	29-Jul-2011	Ted Kremenek <kremenek@apple.com>	[analyzer] Overhaul how the static analyzer expects CFGs by forcing CFGs to be linearized only when used by the static analyzer. This required a rewrite of LiveVariables, and exposed a ton of subtle bugs. The motivation of this large change is to drastically simplify the logic in ExprEngine going forward. Some fallout is that the output of some BugReporterVisitors is not as accurate as before; those will need to be fixed over time. There is also some possible performance regression as RemoveDeadBindings will be called frequently; this can also be improved over time. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136419 91177308-0d34-0410-b5e6-96231b3b80d8 eadStoresChecker.cpp nreachableCodeChecker.cpp
217470e07582a83b7cdc99e439f82eaeeeeb2262	29-Jul-2011	Ted Kremenek <kremenek@apple.com>	[analyzer] fix bug in malloc checker where the tracked symbol would not properly be removed from the state. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136418 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
642116259e8df6286063a17361c20e95b5017a0a	25-Jul-2011	Chandler Carruth <chandlerc@gmail.com>	Rename getInstantiationLineNumber to getExpansionLineNumber in both SourceManager and FullSourceLoc. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135969 91177308-0d34-0410-b5e6-96231b3b80d8 tackAddrEscapeChecker.cpp
5f9e272e632e951b1efe824cd16acb4d96077930	23-Jul-2011	Chris Lattner <sabre@nondot.org>	remove unneeded llvm:: namespace qualifiers on some core types now that LLVM.h imports them into the clang namespace. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135852 91177308-0d34-0410-b5e6-96231b3b80d8 rrayBoundCheckerV2.cpp asicObjCFoundationChecks.cpp StringChecker.cpp allAndMessageChecker.cpp heckSecuritySyntaxOnly.cpp langSACheckerProvider.cpp eadStoresChecker.cpp ereferenceChecker.cpp teratorsChecker.cpp LVMConventionsChecker.cpp allocChecker.cpp oReturnFunctionChecker.cpp SAtomicChecker.cpp threadLockChecker.cpp tackAddrEscapeChecker.cpp
9d102547dc44d064b40473a5a5166a8bb0dec99a	20-Jul-2011	Logan Chien <loganchien@google.com>	Merge with clang upstream r135574 (Jul 20th 2011) Change-Id: Ib6cc2ba08a63e4cf8febc05fb6e3f2ca58f1d71d
4cc1187e8a04f1f36e8c3656f65097e770bdc437	19-Jul-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Very minor cleanup in PthreadLockChecker. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135518 91177308-0d34-0410-b5e6-96231b3b80d8 threadLockChecker.cpp
dcb1d5d681d857eb7f534dec1f2b3d5a9f81d1f1	19-Jul-2011	Jordy Rose <jediknil@belkadan.com>	[analysis] Add checks for double-locking and lock order reversal bugs for pthread and XNU locks. Patch by Rui Paulo! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135515 91177308-0d34-0410-b5e6-96231b3b80d8 threadLockChecker.cpp
99d3594a56fb8e6900611ede7330aae61e924ec4	17-Jul-2011	Nowar Gu <nowar100@gmail.com>	Merge upstream to r135359 at Sun. 17th July 2011.
0556048ae8ff743d0abb9fa88a0d0ee8e9123742	16-Jul-2011	Ted Kremenek <kremenek@apple.com>	[analyzer] Place checking for Core Foundation "Create" rule into a proper API. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135349 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
174cba922331b896949d02d8b1a05f1998ed98e1	16-Jul-2011	Nowar Gu <nowar100@gmail.com>	Merge upstream to r135344 at Sat. 16th July 2011.
af5b043fe7933e515e405b8509b2609117045ce7	15-Jul-2011	Jordy Rose <jediknil@belkadan.com>	Clean up UnixAPIChecker, including switching its array of BugTypes to llvm::OwningPtr<BugType> vars (the new convention). No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135255 91177308-0d34-0410-b5e6-96231b3b80d8 nixAPIChecker.cpp
57964bda54c9b1e10090cae94d776a6b9b7eca33	15-Jul-2011	Jordy Rose <jediknil@belkadan.com>	Clean up MacOSXAPIChecker, including switching its array of BugTypes to a single llvm::OwningPtr<BugType> (the new convention). No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135250 91177308-0d34-0410-b5e6-96231b3b80d8 acOSXAPIChecker.cpp
3c54415a4e1db09b210a466469c72d2582ce1d83	02-Jul-2011	Nowar Gu <nowar100@gmail.com>	Merge upstream to r134305 at Sat. 2nd July 2011.
aa7333c860ac651c75da495217e0d6a9c10c0bb0	02-Jul-2011	Eric Christopher <echristo@apple.com>	Update for llvm commit r134291. Fixes rdar://9714064 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@134292 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp
7062281f240ef9c4fb343614fb2406532307c4a5	23-Jun-2011	Nowar Gu <nowar100@gmail.com>	Merge upstream to r133678 at Thu. 23th Jun 2011.
03e80030515c800d1ab44125b9052dfffd1bd04c	21-Jun-2011	Douglas Gregor <dgregor@apple.com>	Introduce a new AST node describing reference binding to temporaries. MaterializeTemporaryExpr captures a reference binding to a temporary value, making explicit that the temporary value (a prvalue) needs to be materialized into memory so that its address can be used. The intended AST invariant here is that a reference will always bind to a glvalue, and MaterializeTemporaryExpr will be used to convert prvalues into glvalues for that binding to happen. For example, given const int& r = 1.0; The initializer of "r" will be a MaterializeTemporaryExpr whose subexpression is an implicit conversion from the double literal "1.0" to an integer value. IR generation benefits most from this new node, since it was previously guessing (badly) when to materialize temporaries for the purposes of reference binding. There are likely more refactoring and cleanups we could perform there, but the introduction of MaterializeTemporaryExpr fixes PR9565, a case where IR generation would effectively bind a const reference directly to a bitfield in a struct. Addresses <rdar://problem/9552231>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133521 91177308-0d34-0410-b5e6-96231b3b80d8 teratorsChecker.cpp
8912aaedb413b15f6dd1d8997d80e1d505f7d52f	20-Jun-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Finish size argument checking for strncat (and strncpy). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133472 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
8cc2491239f0b9de35985a1650fffc05c1ca8242	20-Jun-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Replace stream-built error message with constant string. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133410 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
5e5f15062bcf4b62fda9062b453178f8b9bd0c2d	20-Jun-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Re-enable checking for strncpy, along with a new validation of the size argument. strncat is not yet up-to-date, but I'm leaving it enabled for now (there shouldn't be any false positives, at least...) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133408 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
9e49d9fbdc861c25c2480233147dee07f5fa9660	20-Jun-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Eliminate "byte string function" from CStringChecker's diagnostics, and make it easier to provide custom messages for overflow checking, in preparation for re-enabling strncpy checking. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133406 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
16c8f9d68ae6d302083763d4733e728634717dec	16-Jun-2011	Nowar Gu <nowar100@gmail.com>	Merge upstream to r133163 at Fri. 17th Jun 2011.
adc42d412d747391dbcee234610f00b0f087cf7b	16-Jun-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Clean up modeling of strcmp, including cases where a string literal has an embedded null character, and where both arguments are the same buffer. Also use nested ifs rather than early returns; in this case early returns will lose any assumptions we've made earlier in the function. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133154 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
ee2fde12934c0b11a71db286d1dc9ee8341802a5	16-Jun-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Fix trivial errors in previous commit. I will not commit without building first. I will not commit without building first. I will not commit without building first... git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133150 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
1e022415b9a66c84a9005b4e0bb2d4becb76d189	16-Jun-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Cleanup: mainly 80-char violations and preferring SValBuilder::getComparisonType() to just referencing IntTy. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133149 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
f85e193739c953358c865005855253af4f68a497	16-Jun-2011	John McCall <rjmccall@apple.com>	Automatic Reference Counting. Language-design credit goes to a lot of people, but I particularly want to single out Blaine Garst and Patrick Beard for their contributions. Compiler implementation credit goes to Argyrios, Doug, Fariborz, and myself, in no particular order. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133103 91177308-0d34-0410-b5e6-96231b3b80d8 eadStoresChecker.cpp tackAddrEscapeChecker.cpp
d5af0e17b00ab2ee6a8c1f352bb9eeb1cc5b2d07	15-Jun-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Revise CStringChecker's modelling of strcpy() and strcat(): - (bounded copies) Be more conservative about how much is being copied. - (str(n)cat) If we can't compute the exact final length of an append operation, we can still lower-bound it. - (stpcpy) Fix the conjured return value at the end to actually be returned. This requires these supporting changes: - C string metadata symbols are still live even when buried in a SymExpr. - "Hypothetical" C string lengths, to represent a value that /will/ be passed to setCStringLength() if all goes well. (The idea is to allow for temporary constrainable symbols that may end up becoming permanent.) - The 'checkAdditionOverflow' helper makes sure that the two strings being appended in a strcat don't overflow size_t. This should never actually happen; the real effect is to keep the final string length from "wrapping around" in the constraint manager. This doesn't actually test the "bounded" operations (strncpy and strncat) because they can leave strings unterminated. Next on the list! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133046 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
210c05b10317a11971f87e474ffa4c30bb8e4df9	15-Jun-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] If a C string length is UnknownVal, clear any existing length binding. No tests yet because the only thing that sets string length is strcpy(), and that needs some work anyway. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133044 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
467f7c8ba2b3c3b65065d05323696ded5d8a93a9	14-Jun-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] CStringChecker checks functions in the C standard library, not C++. Its external name is now unix.experimental.CString. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@132958 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
bd32beee8a0f22e1d5245112f5e34ad4669994ae	14-Jun-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Change large if body to early return. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@132956 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
793bff3fb7ca2a31e81aa7f4f3f21f921459010b	14-Jun-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Fix modeling of strnlen to be more conservative. Move tests we can't properly model (yet?) to string-fail.c. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@132955 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
e5df885367b9e122ac11c89ddfbc62375695cdab	10-Jun-2011	Nowar Gu <nowar100@gmail.com>	Merge upstream to r132843 at Fri. 10th Jun 2011.
7182b9652f20c122d261d9255e11bf3a1bf871ec	04-Jun-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Change an indent-if to an early return. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@132618 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
3f8bb2fa289c956a66613b0f09e3df5e25d27c66	04-Jun-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Don't crash when copying an unknown number of bytes with memcpy(). Also handle all memcpy-family return values in evalCopyCommon(), rather than having some outside and some inside. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@132617 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
7eb83caea14cbd3f0273004a6816c26040ac3755	04-Jun-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Remove extra assignment that actually lost a few of the assumptions. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@132614 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
c152586baf0fcdfd4c660e5dcd7b6857f13203d6	04-Jun-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Fix comment for (still-disabled) evalStrncpy git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@132608 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
22d27178bf795145439b9588e260ccceab79a088	04-Jun-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] Fix handling of "copy zero bytes" for memcpy and friends. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@132607 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
be460d8e5364c6bffeb7b27e4c0d4d5d16e39c59	04-Jun-2011	Jordy Rose <jediknil@belkadan.com>	[analyzer] __mempcpy_chk is the same as mempcpy (at least to CStringChecker) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@132605 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
d01d2b2de449d68e6c44d99a12c0c1fc53222113	14-May-2011	Nowar Gu <nowar100@gmail.com>	Merge upstream to r131335 at Sat. 14th May 2011.
10620eb5164e31208fcbf0437cd79ae535ed0559	06-May-2011	Sean Hunt <scshunt@csclub.uwaterloo.ca>	Modify some deleted function methods to better reflect reality: - New isDefined() function checks for deletedness - isThisDeclarationADefinition checks for deletedness - New doesThisDeclarationHaveABody() does what isThisDeclarationADefinition() used to do - The IsDeleted bit is not propagated across redeclarations - isDeleted() now checks the canoncial declaration - New isDeletedAsWritten() does what it says on the tin. - isUserProvided() now correct (thanks Richard!) This fixes the bug that we weren't catching void foo() = delete; void foo() {} as being a redefinition. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@131013 91177308-0d34-0410-b5e6-96231b3b80d8 SErrorChecker.cpp
094ea0afcfa79eb0c4a2c35a059491be3ab954a9	03-May-2011	Lenny Maiorani <lenny@colorado.edu>	Removing strncpy() checking in CString checker for now. Some significant changes need to be made to properly support modeling of it since it potentially leaves strings non-null terminated. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@130758 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
35bdbf40624beba3fc00cb72ab444659939c1a6b	02-May-2011	Ted Kremenek <kremenek@apple.com>	Augment retain/release checker to not warn about tracked objects passed as arguments to C++ constructors. This is a stop-gap measure for Objective-C++ code that uses smart pointers to manage reference counts. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@130711 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
454fd2d3a1b6d0ef225c5d3927c1ad3b97510d1a	02-May-2011	Lenny Maiorani <lenny@colorado.edu>	Implements strncasecmp() checker and simplifies some of the logic around creating substrings if necessary and calling the appropriate StringRef::compare/compare_lower(). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@130708 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
a2a3da6503bb0738f91bb46863b586b37de47367	30-Apr-2011	Ted Kremenek <kremenek@apple.com>	Move the SelfInit checker to the 'cocoa.experimental' package. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@130598 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
401549d71fdbc8a566c1eb71d30825de653ea5c4	28-Apr-2011	Lenny Maiorani <lenny@colorado.edu>	Use StringRef::substr() and unbounded StringRef::compare() instead of bounded version of StringRef::compare() because bounded version of StringRef::compare() is going to be removed. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@130425 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
508c627db67ea4b53439fbcd688145f24d9c0400	28-Apr-2011	Lenny Maiorani <lenny@colorado.edu>	Eliminates an assert in the strncpy/strncat checker caused by not validating a cast was successful. If the value of an argument was unknown, the cast would result in a NULL pointer which was later being dereferenced. This fixes Bugzilla #9806. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@130422 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
bd1d16a1792cd6ea5ede9869e18d781e3fc1a8c3	28-Apr-2011	Lenny Maiorani <lenny@colorado.edu>	Implements strcasecmp() checker in Static Analyzer. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@130398 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
4d8d803b06804defe25346871c7beb6096540c4a	27-Apr-2011	Lenny Maiorani <lenny@colorado.edu>	More accurately model realloc() when the size argument is 0. realloc() with a size of 0 is equivalent to free(). The memory region should be marked as free and not used again. Unit tests f2_realloc_0(), f6_realloc(), and f7_realloc() contributed by Marshall Clow <mclow.lists@gmail.com>. Thanks! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@130303 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
6b4f567109d76ce1f1de289554e35f2a7bbeff6b	27-Apr-2011	Ted Kremenek <kremenek@apple.com>	Allow 'Environment::getSVal()' to allow an optional way for checkers to do a direct lookup to values bound to expressions, without resulting to lazy logic. This is critical for the OSAtomicChecker that does a simulated load on any arbitrary expression. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@130292 91177308-0d34-0410-b5e6-96231b3b80d8 SAtomicChecker.cpp
357f6ee9f1f6f8e5027377cb3e5907c62c4fe3df	26-Apr-2011	Lenny Maiorani <lenny@colorado.edu>	Implements the strncmp() checker just like the strcmp() checker, but with bounds. Requires LLVM svn r129582. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@130161 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
c69a505cfa318d571ce8a0cd038c8d958585a735	23-Apr-2011	Jay Foad <jay.foad@gmail.com>	Remove unused STL header includes. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@130068 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp
f05982b5f8f69a1d618c3bd844ab6efd3a6e2953	19-Apr-2011	Anders Carlsson <andersca@mac.com>	Make the VariadicMethodTypeChecker accept block pointers as Objective-C pointers. Fixes PR9746. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@129741 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
162e1c1b487352434552147967c3dd296ebee2f7	15-Apr-2011	Richard Smith <richard-llvm@metafoo.co.uk>	Support for C++11 (non-template) alias declarations. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@129567 91177308-0d34-0410-b5e6-96231b3b80d8 teratorsChecker.cpp LVMConventionsChecker.cpp
fc8f0e14ad142ed811e90fbd9a30e419e301c717	15-Apr-2011	Chris Lattner <sabre@nondot.org>	fix a bunch of comment typos found by codespell. Patch by Luis Felipe Strano Moraes! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@129559 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp bjCSelfInitChecker.cpp
9281efe614741f3742ebf8196a703f6c923c6ff0	12-Apr-2011	Ted Kremenek <kremenek@apple.com>	Teach VariadicMethodTypeChecker to not crash when processing methods declared in protocols. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@129395 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
1212f807af8aa93689845d18eb5a260718c77e57	12-Apr-2011	Ted Kremenek <kremenek@apple.com>	Fix another IdempotentOperationsChecker corner case when determining if an active block on the worklist impacts the results of the check. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@129394 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp
82cfc6849204b07e80f8ac71e33247f7df760032	12-Apr-2011	Ted Kremenek <kremenek@apple.com>	ArrayBoundCheckerV2: don't arbitrarily warn about indexing before the 0-index of a symbolic region. In many cases that isn't really the base offset. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@129366 91177308-0d34-0410-b5e6-96231b3b80d8 rrayBoundCheckerV2.cpp
318dd92ad834857ea5bb91de288c1eb56cdbec1a	12-Apr-2011	Lenny Maiorani <lenny@colorado.edu>	This patch adds modeling of strcmp() to the CString checker. Validates inputs are not NULL and are real C strings, then does the comparison and binds the proper return value. Unit tests included. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@129364 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
067bbd0e11c71a33b51832532e836971be697699	09-Apr-2011	Lenny Maiorani <lenny@colorado.edu>	strcat() and strncat() model additions to CStringChecker. Validates inputs are not NULL, checks for overlapping strings, concatenates the strings checking for buffer overflow, sets the length of the destination string to the sum of the s1 length and the s2 length, binds the return value to the s1 value. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@129215 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
9a7319305fc25222b91d585dfa056c8cdbac8434	06-Apr-2011	Nowar Gu <nowar100@gmail.com>	Merge upstream until 2011.04.05.
9cb677e3d8bffc665fd2a62e65b0f2f5e659a61d	05-Apr-2011	Lenny Maiorani <lenny@colorado.edu>	Add security syntax checker for strcat() which causes the Static Analyzer to generate a warning any time the strcat() function is used with a note suggesting to use a function which provides bounded buffers. CWE-119. Also, brings the security syntax checker more inline with coding standards. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128916 91177308-0d34-0410-b5e6-96231b3b80d8 heckSecuritySyntaxOnly.cpp
c2dace11190e42d7cdd3c1b3bd2ecc8593f8e13e	03-Apr-2011	Lenny Maiorani <lenny@colorado.edu>	Refactoring the security checker a little bit so that each CallExpr check doesn't get called for each CallExpr. Instead it does a switch and only runs the check for the proper identifier. Slight speed improvement (probably significant on very large ASTs), and should make it easier and more clear to add more checks for other CallExpr's later. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128785 91177308-0d34-0410-b5e6-96231b3b80d8 heckSecuritySyntaxOnly.cpp
e87e717b0dbe4776f2b4dbb1e6ce2a19f562d2b0	02-Apr-2011	csmon7507 <csmon7507@gmail.com>	Merge branch 'upstream' into logan-fastforward-20110320
2bfa3019b8fb35931ca4927feaf25d39161b423e	02-Apr-2011	Zhongxing Xu <xuzhongxing@gmail.com>	Remove a redundant method. We have a const version. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128762 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp
422ab7a49a9a4252dbc6350e49d7a5708337b9c7	02-Apr-2011	Ted Kremenek <kremenek@apple.com>	Teach IdempotentOperationsChecker about paths aborted because ExprEngine didn't know how to handle a specific Expr type. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128761 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp dempotentOperationChecker.cpp
66750fa464ace9f8c41666c8585ec71a248c1cca	02-Apr-2011	Ted Kremenek <kremenek@apple.com>	static analyzer: Rename 'BlocksAborted' to 'BlocksExhausted' to reflect that a given CFGBlock was analyzed too many times. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128760 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp dempotentOperationChecker.cpp
f445debe3a6825e6528655db0906ce4fa41240ea	01-Apr-2011	csmon <csmon@csmon-desktop.(none)>	Merge branch 'upstream' into logan-fastforward-20110320
5b67a82a2621c148694ff0f0352aa949b363934c	01-Apr-2011	Lenny Maiorani <lenny@colorado.edu>	Add security syntax checker for strcpy() which causes the Static Analyzer to generate a warning any time the strcpy() function is used with a note suggesting to use a function which provides bounded buffers. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128679 91177308-0d34-0410-b5e6-96231b3b80d8 heckSecuritySyntaxOnly.cpp
b8b875be7b2d177d755641c6212111859372d611	31-Mar-2011	Lenny Maiorani <lenny@colorado.edu>	Adding Static Analyzer checker for mempcpy(). Models mempcpy() so that if length is NULL the destination pointer is returned. Otherwise, the source and destination are confirmed not to be NULL and not overlapping. Finally the copy is validated to not cause a buffer overrun and the return value is bound to the address of the byte after the last byte copied. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128677 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
ea4411e3eee3f86e5d9ebb5caa7fdc025ca3a515	31-Mar-2011	Lenny Maiorani <lenny@colorado.edu>	Fix spelling in a comment. (test commit) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128670 91177308-0d34-0410-b5e6-96231b3b80d8 heckSecuritySyntaxOnly.cpp
1b02dcdbe0aa9733b4ff2657216bd52a493f5627	30-Mar-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Allow all checkers of a group to be enabled. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128512 91177308-0d34-0410-b5e6-96231b3b80d8 langSACheckerProvider.cpp
9bc1afc3580133c1c930ddba497e6ef541c917be	30-Mar-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] For -analyzer-checker-help show all the info about groups, packages, and which packages/checkers are hidden. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128511 91177308-0d34-0410-b5e6-96231b3b80d8 langSACheckerProvider.cpp langSACheckers.h
1293cdac691975a57a0e8a4f1448b3ed9e293c50	29-Mar-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Checker Packages can now belong to a group. This requires llvm commit r128474. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128475 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
b80302622c224d5b7b61cedc1c753f8c752bddf8	26-Mar-2011	Ted Kremenek <kremenek@apple.com>	Tweak grammar in checker description. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128310 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
5188507b9a1b09ec95c14ffadf0e832f2b47aa8a	24-Mar-2011	Ted Kremenek <kremenek@apple.com>	Rework checker "packages" and groups to be more hierarchical. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128187 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
97d2d2e368d3ead34d83c328383711c7dabab60a	22-Mar-2011	Logan Chien <tzuhsiang.chien@gmail.com>	Merge with clang upstream r127980 (Mar 20th 2011)
aeafaf67b019bf195fb1adec7a45ab00ace0efb6	20-Mar-2011	Logan Chien <tzuhsiang.chien@gmail.com>	Apply changes to migrate to Mar 18th 2011. ndroid.mk
8e02635c9c276720a1e6f926b33303a53cebe9c7	18-Mar-2011	Logan Chien <tzuhsiang.chien@gmail.com>	Merge with clang upstream r127869 (Mar 18th 2011)
af13d5b25b360e698cc1cf1055ad7d14e008e505	19-Mar-2011	Ted Kremenek <kremenek@apple.com>	Rename class 'CFGReachabilityAnalysis' to 'CFGReverseBlockReachabilityAnalysis'. This rename serves two purposes: - It reflects the actual functionality of this analysis. - We will have more than one reachability analysis. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@127930 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp
f3f929386254a53c398fa884848738113a73ca23	17-Mar-2011	Ted Kremenek <kremenek@apple.com>	Teach VariadicMethodTypeChecker about pointers attributed as 'NSObject'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@127798 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
928c415d5dde89b7c01e41f0dfa8a782cbfa8e7d	17-Mar-2011	Ted Kremenek <kremenek@apple.com>	Teach VariadicMethodTypeChecker that CF references are valid arguments to variadic Objective-C methods. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@127797 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
d5fde2106af8e78cc1b97d6369ad0de5d0875491	16-Mar-2011	Ted Kremenek <kremenek@apple.com>	VariadicMethodTypeChecker: don't warn for null pointer constants passed to variadic Objective-C methods. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@127719 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
cf995d357759221f0a3b9fcd9315b004a4aa38ad	15-Mar-2011	Ted Kremenek <kremenek@apple.com>	Remove bogus assertion in IdempotentOperationsChecker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@127687 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp
6fb5c1facaf36795a8c1050cd901e0e829ac1a64	14-Mar-2011	Ted Kremenek <kremenek@apple.com>	Tweak VariadicMethodTypeChecker to only create one ExplodedNode when issuing multiple warnings for the same message expression. Also add a test case showing that we correctly report multiple warnings for the same message expression. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@127605 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
4597b7b28e3a71f3c4f0ee3a3bd6a34423e6f885	13-Mar-2011	Anders Carlsson <andersca@mac.com>	Add an Objective-C checker that checks that arguments passed to some variadic Objective-C methods are of Objective-C pointer types. Ted or Argiris, I'd appreciate a review! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@127572 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp heckers.td
ade3195a201e16e989e9f93a568fb1806519077c	12-Mar-2011	Ted Kremenek <kremenek@apple.com>	Re-enable the IdempotentOperations checker for --analyze, and put it and the DeadStores checker into the "deadcode" group. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@127531 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
7084da3e944fdfaa922dda0d57c0fe4cb7b88178	12-Mar-2011	Ted Kremenek <kremenek@apple.com>	Don't have side-effects (or rather non-trivial computation) in StringSwitch "cases." git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@127528 91177308-0d34-0410-b5e6-96231b3b80d8 teratorsChecker.cpp
dd54de85cd98b85a79857723bcf3d7d95073a2a0	12-Mar-2011	Ted Kremenek <kremenek@apple.com>	Add initial version of "IteratorsChecker", a checker to find misues uses of C++ iterators. This checker was created by Jim Goodnow II, and I migrated it to the new Checker interface (recent changes by Argiris). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@127525 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td teratorsChecker.cpp
f4e3cfbe8abd124be6341ef5d714819b4fbd9082	11-Mar-2011	Peter Collingbourne <peter@pcc.me.uk>	Add support for the OpenCL vec_step operator, by generalising and extending the existing support for sizeof and alignof. Original patch by Guy Benyei. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@127475 91177308-0d34-0410-b5e6-96231b3b80d8 heckSizeofPointer.cpp dempotentOperationChecker.cpp nreachableCodeChecker.cpp
c805eb9bc32fb0e2e767e2c4dcce1541feb4b69d	07-Mar-2011	Logan Chien <tzuhsiang.chien@gmail.com>	Add build rules for StaticAnalyzer. ndroid.mk
b62bdce3e981ea4f357126bc391be1cbc1efa4df	08-Mar-2011	Anders Carlsson <andersca@mac.com>	Make the Objective-C checker look for subclasses of NSString instead of just NSString and NSMutableString. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@127268 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
85f3d76c0ecfdefcf83ea44a57b7a16119c8a045	02-Mar-2011	John McCall <rjmccall@apple.com>	Move some of the logic about classifying Objective-C methods into conventional categories into Basic and AST. Update the self-init checker to use this logic; CFRefCountChecker is complicated enough that I didn't want to touch it. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126817 91177308-0d34-0410-b5e6-96231b3b80d8 bjCSelfInitChecker.cpp
3c0349e87cdbd7316d06d2411d86ee1086e717a5	01-Mar-2011	Ted Kremenek <kremenek@apple.com>	In preparation for fixing PR 6884, rework CFGElement to have getAs<> return pointers instead of fresh CFGElements. - Also, consoldiate getDtorKind() and getKind() into one "kind". - Add empty getDestructorDecl() method to CFGImplicitDtor. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126738 91177308-0d34-0410-b5e6-96231b3b80d8 nreachableCodeChecker.cpp
4ba48c43410a8ad4f32d1d3f684c7d297513e0a1	01-Mar-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Also make sure that the parameter is coming from the current stack frame. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126735 91177308-0d34-0410-b5e6-96231b3b80d8 SErrorChecker.cpp
25a792b0361d80337c75a14320f5be1b210066dc	01-Mar-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Remove SVal::getAsVarDecl() and reason about MemRegions, not Decls. Suggestion by Ted! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126734 91177308-0d34-0410-b5e6-96231b3b80d8 SErrorChecker.cpp
7636d8853f4b96be2fa394eb59047ccad37efa4c	01-Mar-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Move lib/StaticAnalyzer/Checkers/ExprEngine.cpp -> lib/StaticAnalyzer/Core and hope the wrath of the buildbots will not descend upon me. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126728 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt xprEngine.cpp
ec8605f1d7ec846dbf51047bfd5c56d32d1ff91c	01-Mar-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Rename CheckerV2 -> Checker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126726 91177308-0d34-0410-b5e6-96231b3b80d8 djustedReturnValueChecker.cpp nalyzerStatsChecker.cpp rrayBoundChecker.cpp rrayBoundCheckerV2.cpp ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp uiltinFunctionChecker.cpp StringChecker.cpp allAndMessageChecker.cpp astSizeChecker.cpp astToStructChecker.cpp heckObjCDealloc.cpp heckObjCInstMethSignature.cpp heckSecuritySyntaxOnly.cpp heckSizeofPointer.cpp hrootChecker.cpp eadStoresChecker.cpp ebugCheckers.cpp ereferenceChecker.cpp ivZeroChecker.cpp ixedAddressChecker.cpp dempotentOperationChecker.cpp LVMConventionsChecker.cpp acOSXAPIChecker.cpp allocChecker.cpp SAutoreleasePoolChecker.cpp SErrorChecker.cpp oReturnFunctionChecker.cpp SAtomicChecker.cpp bjCAtSyncChecker.cpp bjCSelfInitChecker.cpp bjCUnusedIVarsChecker.cpp ointerArithChecker.cpp ointerSubChecker.cpp threadLockChecker.cpp eturnPointerRangeChecker.cpp eturnUndefChecker.cpp tackAddrEscapeChecker.cpp treamChecker.cpp ndefBranchChecker.cpp ndefCapturedBlockVarChecker.cpp ndefResultChecker.cpp ndefinedArraySubscriptChecker.cpp ndefinedAssignmentChecker.cpp nixAPIChecker.cpp nreachableCodeChecker.cpp LASizeChecker.cpp
d26a475068535834bbebd87f429ec773d6227e41	01-Mar-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Remove Checker V1. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126725 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
eb48bd1dd4168ab206a330bf523659170291a6a0	01-Mar-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Remove checker V1 registration and running from ExprEngine. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126724 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
c367a876d0abcf32cb443712ce2709a0491be00b	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Remove unused checker stuff from AnalysisConsumer and some unused headers. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126690 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp asicObjCFoundationChecks.h eadStoresChecker.cpp xprEngine.cpp nternalChecks.h LVMConventionsChecker.cpp
b3d74da3e1620c9a7a378afb5f244e4987e6713e	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate NSErrorChecker and DereferenceChecker to CheckerV2. They cooperate in that NSErrorChecker listens for ImplicitNullDerefEvent events that DereferenceChecker can dispatch. ImplicitNullDerefEvent is when we dereferenced a location that may be null. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126659 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td ereferenceChecker.cpp xprEngine.cpp SErrorChecker.cpp
3b368dda700e46ef6002168b92cb5bd18e261a5c	28-Feb-2011	Anders Carlsson <andersca@mac.com>	Fix CMake build. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126629 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
d84f422ebfde2145bce79a8fa823e3393b392994	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analzyer] Migrate CallAndMessageChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126626 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp heckers.td xprEngine.cpp nternalChecks.h
2b3ca9c420e90f131642d7e7d47af6387dad7e1d	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] ExprEngine should not depend on checkers for not crashing. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126625 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
139ca9630d2f4978e3ec97ab57097dcf6991bbe7	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate AdjustedReturnValueChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126624 91177308-0d34-0410-b5e6-96231b3b80d8 djustedReturnValueChecker.cpp heckers.td xprEngine.cpp nternalChecks.h
bd90076671c8012244bb7e3fd84b6789e47cb199	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate AttrNonNullChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126623 91177308-0d34-0410-b5e6-96231b3b80d8 ttrNonNullChecker.cpp heckers.td xprEngine.cpp nternalChecks.h
73c498a08f4968b6987d1453c7b77929dcc6d5f7	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] ExprEngine should not depend on checkers for not crashing. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126622 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
3ce2b48461115af047ee1e957e1892af255bf120	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate VLASizeChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126621 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td xprEngine.cpp nternalChecks.h LASizeChecker.cpp
919c9b99e56f1ba519f21d55f2008592c4f32640	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate DivZeroChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126620 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td ivZeroChecker.cpp xprEngine.cpp nternalChecks.h
7f649d749f18b3499456d7ae6a69f3bbd7cf7cdc	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate ReturnUndefChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126619 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td xprEngine.cpp nternalChecks.h eturnUndefChecker.cpp
eb290caacc49587e4d3c992ba742d1916cab5350	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate UndefinedArraySubscriptChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126618 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td xprEngine.cpp nternalChecks.h ndefinedArraySubscriptChecker.cpp
267aa5c93b1eecc1d6f2c65ed2ba1fe840a9d0fd	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate UndefinedAssignmentChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126617 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td xprEngine.cpp nternalChecks.h ndefinedAssignmentChecker.cpp
cc05d511b26ac6dc80fcbcc78ac305d2755aa0b9	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate UndefBranchChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126616 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td xprEngine.cpp nternalChecks.h ndefBranchChecker.cpp
265c674f634e99e5df1135d764e21365351372da	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate UndefCapturedBlockVarChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126615 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td xprEngine.cpp nternalChecks.h ndefCapturedBlockVarChecker.cpp
180e03f9761aa55b5adca430706595e1bbb79c4d	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate UndefResultChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126614 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td xprEngine.cpp nternalChecks.h ndefResultChecker.cpp
3267d9563f8265bfce967b3801273a7c53b91346	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate NoReturnFunctionChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126613 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td xprEngine.cpp nternalChecks.h oReturnFunctionChecker.cpp
a676d501a001657892c483bd4d651650e168f337	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Move the DeadStores checker out of the 'core' package. -Now it gets enabled with '-analyzer-checker=DeadStores'. -The driver passes the above flag by default. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126612 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
103487088211c13ff3ae66f265130c56fb6be025	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate BuiltinFunctionChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126611 91177308-0d34-0410-b5e6-96231b3b80d8 uiltinFunctionChecker.cpp heckers.td xprEngine.cpp nternalChecks.h
f029366e3028b1002cd16a88b07bab5bffc73339	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate OSAtomicChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126610 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td xprEngine.cpp nternalChecks.h SAtomicChecker.cpp
05357018b2e5e66559ad0ce2147dc1db9af42b9d	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate ArrayBoundCheckerV2 to CheckerV2. Turns -analyzer-check-buffer-overflows into -analyzer-checker=core.experimental.Overflow git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126609 91177308-0d34-0410-b5e6-96231b3b80d8 rrayBoundCheckerV2.cpp heckers.td nternalChecks.h
58f2e7c3c3860e410fa3d8252862ef10be7cdc70	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Turn -analyzer-stats into -analyzer-checker=debug.Stats git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126608 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp heckers.td xperimentalChecks.h
6dd4dffe1090e820e9b5b25eee8ad3907a1aa679	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Remove '-analyzer-experimental-checks' flag. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126607 91177308-0d34-0410-b5e6-96231b3b80d8 xperimentalChecks.cpp xperimentalChecks.h
312dbec867f6b8d6b86fd562c53352cd4db27468	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate MallocChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126606 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td xperimentalChecks.cpp xprEngine.cpp allocChecker.cpp
b8d545ca06761ce779eb14326af7b2dfeb1196fc	25-Feb-2011	Ted Kremenek <kremenek@apple.com>	Update test cases. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126523 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td
f5d2ef4a61e70eb2bcc3f4872e7095cf19d20163	25-Feb-2011	Ted Kremenek <kremenek@apple.com>	Tidy up help text in Checkers.td, and rename StackAddrLeakChecker to StackAddrEscapeChecker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126522 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td tackAddrEscapeChecker.cpp tackAddrLeakChecker.cpp
116f3640daee424dfcdbe55e80be5a67476be4b0	25-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	Intoduce '-analyzer-checker-help' flag which outputs a list of all available static analyzer checkers. This is pretty basic for now, eventually checkers should be grouped according to package, hidden checkers should be indicated etc. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126454 91177308-0d34-0410-b5e6-96231b3b80d8 langSACheckerProvider.cpp
65d39251ff57b8e33cf6d3a7fcc6aa1c6f8cdc68	24-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Remove '-analyzer-experimental-internal-checks' flag, it doesn't have any checkers associated with it anymore. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126440 91177308-0d34-0410-b5e6-96231b3b80d8 xperimentalChecks.cpp
08099adb95fd111009c19f49038674c93df34c48	24-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Allow a checker to be hidden even if its package is hidden & enabled. For example, if 'core.experimental.UnreachableCode' is hidden, it should not be enabled with 'core.experimental'. Note that this requires llvm commit r126436. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126439 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td langSACheckerProvider.cpp
0d6b0c00823410c8d532fc15e40c9b62ae43a08b	24-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate CastSizeChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126438 91177308-0d34-0410-b5e6-96231b3b80d8 astSizeChecker.cpp heckers.td xperimentalChecks.cpp nternalChecks.h
8be5b3aced37e1c7728741c60d47011f11649a58	24-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate ArrayBoundChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126371 91177308-0d34-0410-b5e6-96231b3b80d8 rrayBoundChecker.cpp heckers.td xperimentalChecks.cpp nternalChecks.h
9c0d6891b3ec4b0d20b8a295946c0dc5426d147c	24-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Don't pass a GRState to CheckerManager::runCheckersForLocation, terrible mistake. If the state is new, make sure an ExplodedNode is associated with it. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126370 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
69355798abdbe5e78d1185af7d4600b9355b5814	24-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate ReturnPointerRangeChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126369 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td xperimentalChecks.cpp nternalChecks.h eturnPointerRangeChecker.cpp
64be13795a9b5b25de6b151551a2f5ef2bab353c	24-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Remove unused functions from CheckerManager. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126352 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
699bbf9f3fa67ededdd762d2637d72d2a4a88b7a	24-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate StreamChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126351 91177308-0d34-0410-b5e6-96231b3b80d8 treamChecker.cpp
183ff98f425d470c2a0276880aaf43496c9dad14	24-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate CStringChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126350 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp xprEngine.cpp
af5800a1e287990bb547e052f257adeeae5ab476	23-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate StackAddrLeakChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126333 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp tackAddrLeakChecker.cpp
f178ac8b68b29e44867777232ba8fee59edc4037	23-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Refactor EndOfFunctionNodeBuilder. -Introduce EndOfFunctionNodeBuilder::withCheckerTag to allow it be "specialized" with a checker tag and not require the checkers to pass a tag. -For EndOfFunctionNodeBuilder::generateNode, reverse the order of tag/P parameters since there are actual calls that assume the second parameter is ExplodedNode. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126332 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp allocChecker.cpp tackAddrLeakChecker.cpp treamChecker.cpp
ecc4d33619f68481aa7435a7957fe824f9eb9029	23-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate IdempotentOperationChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126331 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp
e1bfb7ae0dd0762c88e1fd94746e973c37f2e04e	23-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate ChrootChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126324 91177308-0d34-0410-b5e6-96231b3b80d8 hrootChecker.cpp xprEngine.cpp
30726c6baee1417307236e854f1474fdb3cedb98	23-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate UnreachableCodeChecker to CheckerV2. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126308 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp nreachableCodeChecker.cpp
45d9b4e44154939b91d6b8f63e7756feaca547f2	23-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate to CheckerV2: NSAutoreleasePoolChecker ObjCAtSyncChecker git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126307 91177308-0d34-0410-b5e6-96231b3b80d8 SAutoreleasePoolChecker.cpp bjCAtSyncChecker.cpp
42461eecee98fff3671b3c14ce10f1a9e18cc95c	23-Feb-2011	Ted Kremenek <kremenek@apple.com>	Migrate CFGReachabilityAnalysis out of the IdempotentOperationsChecker and into its own analysis file. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126289 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp
283a358aecb75e30fcd486f2206f6c03c5e7f11d	23-Feb-2011	Ted Kremenek <kremenek@apple.com>	Have IdempotentOperationsChecker pull its CFGStmtMap from AnalysisContext. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126288 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp
983326f32c746f5e47161a73758e4d363263dd2c	23-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate to CheckerV2: CastToStructChecker FixedAddressChecker MacOSXAPIChecker PointerArithChecker PointerSubChecker PthreadLockChecker UnixAPIChecker git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126284 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp astToStructChecker.cpp ixedAddressChecker.cpp acOSXAPIChecker.cpp ointerArithChecker.cpp ointerSubChecker.cpp threadLockChecker.cpp nixAPIChecker.cpp
74eed0ea03598cc5ef58b72fd5ed929631a11631	23-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate the BasicObjCFoundationChecks to CheckerV2: NilArgChecker CFNumberCreateChecker ClassReleaseChecker git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126275 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
404fc3ad6bd844bf8ce70cbf9974ab297704a122	23-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Refactor BugTypes and their ownership model. -In general, don't have the BugReporter deleting BugTypes, BugTypes will eventually become owned by checkers and outlive the BugReporter. In the meantime, there will be some leaks since some checkers assume that the BugTypes they create will be destroyed by the BugReporter. -Have BugReporter::EmitBasicReport create BugTypes that are reused if the same name & category strings are passed to EmitBasicReport. These BugTypes are owned and destroyed by the BugReporter. This allows bugs reported through EmitBasicReport to be coalesced. -Remove the llvm::FoldingSet<BugReportEquivClass> from BugType and move it into the BugReporter. For uniquing BugReportEquivClass also use the BugType* so that we can iterate over all of them using only one set. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126272 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
769ce3e93ad35bd9ac28e4d8b8f035ae4fd9a5b5	22-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Start moving the path-sensitive checkers to CheckerV2. -Migrate ObjCSelfInitChecker to CheckerV2. In the process remove the 'preCallSelfFlags' field from the checker class and use GRState for storing that info. -Get ExprEngine to start delegating checker running to CheckerManager. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126229 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp bjCSelfInitChecker.cpp
0ef473f75426f0a95635d0a9dd567d27b07dbd5b	22-Feb-2011	Ted Kremenek <kremenek@apple.com>	Add CStringChecker support for strncpy. Patch by Lenny Maiorani! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126188 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
be4242ce039f0542ea0dd5f234aa0ee698f90c53	22-Feb-2011	Ted Kremenek <kremenek@apple.com>	Add CStringChecker support for strnlen. Patch by Lenny Maiorani! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126187 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
c8da1ecaf58ff41b652dd53331aace948027039b	20-Feb-2011	Oscar Fuentes <ofv@wanadoo.es>	New function for tablegenning: clang_tablegen. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126093 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
b20f5c6f79968ce57ebb6222f0d2e7f51908d1be	19-Feb-2011	Oscar Fuentes <ofv@wanadoo.es>	Fix some add_dependencies. The syntax is (add_dependencies target-name depend-target1 ...). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126049 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
63ba0460da07749607a33ee419b315712a323542	17-Feb-2011	Oscar Fuentes <ofv@wanadoo.es>	CMake: updated source file list. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125783 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
2d67b90a21c9c1093e6598809c2cbc832919cfe6	17-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Use the new registration mechanism for the debugging info "checks". The relative checker package is 'debug': '-dump-live-variables' is replaced by '-analyzer-checker=debug.DumpLiveVars' '-cfg-view' is replaced by '-analyzer-checker=debug.ViewCFG' '-cfg-dump' is replaced by '-analyzer-checker=debug.DumpCFG' git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125780 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td ebugCheckers.cpp
7dd445ec20e704846cfbdb132e56539280d71311	17-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Use the new registration mechanism on the non-path-sensitive-checkers: DeadStoresChecker ObjCMethSigsChecker ObjCUnusedIvarsChecker SizeofPointerChecker ObjCDeallocChecker SecuritySyntaxChecker git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125779 91177308-0d34-0410-b5e6-96231b3b80d8 heckObjCDealloc.cpp heckObjCInstMethSignature.cpp heckSecuritySyntaxOnly.cpp heckSizeofPointer.cpp heckers.td eadStoresChecker.cpp bjCUnusedIVarsChecker.cpp
9fb9474c5b267400d4abfbff63c8b39f378235d4	17-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] -Introduce CheckerV2, a set of templates for convenient declaration & registration of checkers. Currently useful just for checkers working on the AST not the path-sensitive ones. -Enhance CheckerManager to actually collect the checkers and turn it into the entry point for running the checkers. -Use the new mechanism for the LLVMConventionsChecker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125778 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td LVMConventionsChecker.cpp
695fb502825a53ccd178ec1c85c77929d88acb71	17-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Pass CheckerManager to the registration functions. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125777 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp StringChecker.cpp astToStructChecker.cpp hrootChecker.cpp langSACheckerProvider.cpp langSACheckers.h ixedAddressChecker.cpp dempotentOperationChecker.cpp acOSXAPIChecker.cpp SAutoreleasePoolChecker.cpp bjCAtSyncChecker.cpp bjCSelfInitChecker.cpp ointerArithChecker.cpp ointerSubChecker.cpp threadLockChecker.cpp tackAddrLeakChecker.cpp treamChecker.cpp nixAPIChecker.cpp nreachableCodeChecker.cpp
c869abe2a9deeff22f778029a7f7f75e009be03f	17-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	When building StaticAnalyzer/Frontend add -I "<Checkers build dir>" to allow Checkers.inc to be included without '..', thus being compatible with build systems of *BSDs. Patch by Joerg Sonnenberger! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125758 91177308-0d34-0410-b5e6-96231b3b80d8 langSACheckers.h
56ca35d396d8692c384c785f9aeebcf22563fe1e	17-Feb-2011	John McCall <rjmccall@apple.com>	Change the representation of GNU ?: expressions to use a different expression class and to bind the shared value using OpaqueValueExpr. This fixes an unnoticed problem with deserialization of these expressions where the deserialized form would lose the vital pointer-equality trait; or rather, it fixes it because this patch also does the right thing for deserializing OVEs. Change OVEs to not be a "temporary object" in the sense that copy elision is permitted. This new representation is not totally unawkward to work with, but I think that's really part and parcel with the semantics we're modelling here. In particular, it's much easier to fix things like the copy elision bug and to make the CFG look right. I've tried to update the analyzer to deal with this in at least some obvious cases, and I think we get a much better CFG out, but the printing of OpaqueValueExprs probably needs some work. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125744 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp dempotentOperationChecker.cpp
ad8dcf4a9df0e24051dc31bf9e6f3cd138a34298	17-Feb-2011	Chris Lattner <sabre@nondot.org>	Step #1/N of implementing support for __label__: split labels into LabelDecl and LabelStmt. There is a 1-1 correspondence between the two, but this simplifies a bunch of code by itself. This is because labels are the only place where we previously had references to random other statements, causing grief for AST serialization and other stuff. This does cause one regression (attr(unused) doesn't silence unused label warnings) which I'll address next. This does fix some minor bugs: 1. "The only valid attribute " diagnostic was capitalized. 2. Various diagnostics printed as ''labelname'' instead of 'labelname' 3. This reduces duplication of label checking between functions and blocks. Review appreciated, particularly for the cindex and template bits. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125733 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
6810630bb00ba2944cbeb54834f38f69dbddfd7f	17-Feb-2011	Chris Lattner <sabre@nondot.org>	simplify a bit. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125724 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp allocChecker.cpp
7dfc9420babe83e236a47e752f8723bd06070d9d	16-Feb-2011	Zhanyong Wan <wan@google.com>	Makes most methods in SVals.h conform to the naming guide. Reviewed by kremenek. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125687 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp xprEngine.cpp
2dbf07d095e6ffbeef50942a9c9f3241f71d5fb8	16-Feb-2011	Nick Lewycky <nicholas@mxc.ca>	Revert r125642. This broke the build? It should be a no-op. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125645 91177308-0d34-0410-b5e6-96231b3b80d8 langSACheckers.h
864b9830f3becc0769503b8a470791946f15a8ed	16-Feb-2011	Nick Lewycky <nicholas@mxc.ca>	Don't use "../foo" to return to the current directory. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125642 91177308-0d34-0410-b5e6-96231b3b80d8 langSACheckers.h
0b1ba6227c67d5e04b589ed8a08afa2345a40666	16-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Use the new registration mechanism on the apple checkers: NilArgChecker CFNumberCreateChecker NSAutoreleasePoolChecker CFRetainReleaseChecker ClassReleaseChecker git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125636 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp asicObjCFoundationChecks.h heckers.td SAutoreleasePoolChecker.cpp
23ade507cecd24b03f5e4b5ebaea48eb38060262	15-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Use the new registration mechanism on some of the experimental internal checkers: CastToStructChecker FixedAddressChecker PointerArithChecker PointerSubChecker git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125612 91177308-0d34-0410-b5e6-96231b3b80d8 astToStructChecker.cpp heckers.td xperimentalChecks.cpp ixedAddressChecker.cpp nternalChecks.h ointerArithChecker.cpp ointerSubChecker.cpp
c9f2e0f286500c7e747849b3aa9c0e67a4dc90d7	15-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Use the new registration mechanism on the IdempotentOperationChecker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125611 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td xperimentalChecks.h dempotentOperationChecker.cpp
a0decc9a2481f938e1675b4f7bbd58761a882a36	15-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Use the new registration mechanism on some of the experimental checks. These are: CStringChecker ChrootChecker MallocChecker PthreadLockChecker StreamChecker UnreachableCodeChecker MallocChecker creates implicit dependencies between checkers and needs to be handled differently. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125598 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp heckers.td hrootChecker.cpp xperimentalChecks.cpp xperimentalChecks.h threadLockChecker.cpp treamChecker.cpp nreachableCodeChecker.cpp
6cd370cc314a57c406920084170c4f353048c416	15-Feb-2011	Douglas Gregor <dgregor@apple.com>	Add missing CMake dependency git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125566 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
26c05b11dc91662820e7709bb22efe9903289d1f	15-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Reflect changes for tablegen'ing the checkers. -Update tablegen files for checkers, use the tablegen class name for the checker class name. -Update ClangSACheckersProvider to not look into hidden checker packages. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125560 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td langSACheckerProvider.cpp akefile
027a6abdd6cedc0b8203da72eed6d15c796dce9d	15-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Use the new registration mechanism on some of the internal checks. These are: StackAddrLeakChecker ObjCAtSyncChecker UnixAPIChecker MacOSXAPIChecker The rest have/create implicit dependencies between checkers and need to be handled differently. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125559 91177308-0d34-0410-b5e6-96231b3b80d8 heckers.td langSACheckers.h xprEngine.cpp nternalChecks.h acOSXAPIChecker.cpp bjCAtSyncChecker.cpp bjCSelfInitChecker.cpp tackAddrLeakChecker.cpp nixAPIChecker.cpp
b53189160c53b1d49d10c1b6fc439549a06ce618	15-Feb-2011	Ted Kremenek <kremenek@apple.com>	IdempotentOperationChecker: don't repeatedly recompute block reachability. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125548 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp
b641f08cbee230ce872b37816d241cef081af803	14-Feb-2011	Oscar Fuentes <ofv@wanadoo.es>	Add current binary and source directories to the header search list for all compiler invocations. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125514 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
7fa4f62979d3810b300cdcea60b3e659dc088268	14-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	Remove left-over #include. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125507 91177308-0d34-0410-b5e6-96231b3b80d8 langSACheckerProvider.cpp
43dee220252ef0b42c5f8a3bb1eca97f84f2565f	14-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Overhauling of the checker registration mechanism. -Checkers will be defined in the tablegen file 'Checkers.td'. -Apart from checkers, we can define checker "packages" that will contain a collection of checkers. -Checkers can be enabled with -analyzer-checker=<name> and disabled with -analyzer-disable-checker=<name> e.g: Enable checkers from 'cocoa' and 'corefoundation' packages except the self-initialization checker: -analyzer-checker=cocoa -analyzer-checker=corefoundation -analyzer-disable-checker=cocoa.SelfInit -Introduces CheckerManager and CheckerProvider. CheckerProviders get the set of checker names to enable/disable and register them with the CheckerManager which will be the entry point for all checker-related functionality. Currently only the self-initialization checker takes advantage of the new mechanism. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125503 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckers.td langSACheckerProvider.cpp langSACheckerProvider.h langSACheckers.h xprEngine.cpp akefile
f49a009c18b9c6fd92868600c3195afe4eb97259	14-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Move Checkers/FrontendActions.cpp -> Frontend/FrontendActions.cpp git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125500 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt rontendActions.cpp
e817771c57d0eacbe069a314ba619c43d0ac70ab	14-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Introduce libclangStaticAnalyzerFrontend and move Checkers/AnalysisConsumer.cpp into Frontend lib. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125499 91177308-0d34-0410-b5e6-96231b3b80d8 nalysisConsumer.cpp MakeLists.txt
6a6d9a8eceb9424b18ed4a897dece97e5bf5c297	14-Feb-2011	Ted Kremenek <kremenek@apple.com>	Remove dead code in IdempotentOperationChecker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125497 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp
e8350c6996170e324b31cd188d002fe5f40f54f7	14-Feb-2011	Ted Kremenek <kremenek@apple.com>	Fix edge case where we don't cull warnings in IdempotentOperationsChecker due to incomplete analysis of loops. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125495 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp
8e3767711f79578ff2aac8a0d28de1e08a3923f4	14-Feb-2011	Ted Kremenek <kremenek@apple.com>	Use 'BitVector' instead of SmallPtrSet<CFGBlock*> in IdempotentOperationsChecker. No real functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125494 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp
020c374273ab6099acbed747a7f27aebf8f0af1d	12-Feb-2011	Ted Kremenek <kremenek@apple.com>	Teach the IdempotentOperations checker to ignore property setters. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125443 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp
b715a7cef11664c1c47cfc3dcc503aadc58b6cac	12-Feb-2011	Ted Kremenek <kremenek@apple.com>	Weaken the ObjCSelfInitChecker to only warn when one calls an 'init' method within an 'init' method. This is a temporary stop gap to avoid false positives while we investigate how to make it smarter. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125427 91177308-0d34-0410-b5e6-96231b3b80d8 bjCSelfInitChecker.cpp
f4e532b5a1683a9f6c842f361c7415bf3474315f	12-Feb-2011	Ted Kremenek <kremenek@apple.com>	Don't emit a dead store for '++' operations unless it occurs with a return statement. We've never seen any other cases that were real bugs. Fixes <rdar://problem/6962292>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125419 91177308-0d34-0410-b5e6-96231b3b80d8 eadStoresChecker.cpp
848ec83483ca4ba52ed72c7e29ebc330f8c87252	12-Feb-2011	Ted Kremenek <kremenek@apple.com>	Don't report dead stores on unreachable code paths. Fixes <rdar://problem/8405222>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125415 91177308-0d34-0410-b5e6-96231b3b80d8 eadStoresChecker.cpp
2534528c22260211a073e192c38d0db84c70c327	11-Feb-2011	Ted Kremenek <kremenek@apple.com>	Rename 'InvalidateRegions()' to 'invalidateRegions()'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125395 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp
886e1606c28e970bb288abf4dbc40feb16822a79	10-Feb-2011	NAKAMURA Takumi <geek4civic@gmail.com>	CMake: LLVM_NO_RTTI must be obsolete now! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125275 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
9b663716449b618ba0390b1dbebc54fa8e971124	10-Feb-2011	Ted Kremenek <kremenek@apple.com>	Split 'include/clang/StaticAnalyzer' into 'include/clang/StaticAnalyzer/Core' and 'include/clang/StaticAnalyzer/Checkers'. This layout matches lib/StaticAnalyzer, which corresponds to two StaticAnalyzer libraries. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125251 91177308-0d34-0410-b5e6-96231b3b80d8 djustedReturnValueChecker.cpp nalysisConsumer.cpp nalyzerStatsChecker.cpp rrayBoundChecker.cpp rrayBoundCheckerV2.cpp ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp uiltinFunctionChecker.cpp StringChecker.cpp allAndMessageChecker.cpp astSizeChecker.cpp astToStructChecker.cpp heckObjCDealloc.cpp heckObjCInstMethSignature.cpp heckSecuritySyntaxOnly.cpp heckSizeofPointer.cpp hrootChecker.cpp eadStoresChecker.cpp ereferenceChecker.cpp ivZeroChecker.cpp xprEngine.cpp ixedAddressChecker.cpp rontendActions.cpp dempotentOperationChecker.cpp LVMConventionsChecker.cpp acOSXAPIChecker.cpp allocChecker.cpp SAutoreleasePoolChecker.cpp SErrorChecker.cpp oReturnFunctionChecker.cpp SAtomicChecker.cpp bjCAtSyncChecker.cpp bjCSelfInitChecker.cpp bjCUnusedIVarsChecker.cpp ointerArithChecker.cpp ointerSubChecker.cpp threadLockChecker.cpp eturnPointerRangeChecker.cpp eturnUndefChecker.cpp tackAddrLeakChecker.cpp treamChecker.cpp ndefBranchChecker.cpp ndefCapturedBlockVarChecker.cpp ndefResultChecker.cpp ndefinedArraySubscriptChecker.cpp ndefinedAssignmentChecker.cpp nixAPIChecker.cpp nreachableCodeChecker.cpp LASizeChecker.cpp
e08ce650a2b02410eddd1f60a4aa6b3d4be71e73	09-Feb-2011	Peter Collingbourne <peter@pcc.me.uk>	AST, Sema, Serialization: add CUDAKernelCallExpr and related semantic actions git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125217 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
63c00d7f35fa060c0a446c9df3a4402d9c7757fe	09-Feb-2011	John McCall <rjmccall@apple.com>	Remove vtables from the Stmt hierarchy; this was pretty easy as there were only three virtual methods of any significance. The primary way to grab child iterators now is with Stmt::child_range children(); Stmt::const_child_range children() const; where a child_range is just a std::pair of iterators suitable for being llvm::tie'd to some locals. I've left the old child_begin() and child_end() accessors in place, but it's probably a substantial penalty to grab the iterators individually now, since the switch-based dispatch is kindof inherently slower than vtable dispatch. Grabbing them together is probably a slight win over the status quo, although of course we could've achieved that with vtables, too. I also reclassified SwitchCase (correctly) as an abstract Stmt class, which (as the first such class that wasn't an Expr subclass) required some fiddling in a few places. There are somewhat gross metaprogramming hooks in place to ensure that new statements/expressions continue to implement getSourceRange() and children(). I had to work around a recent clang bug; dgregor actually fixed it already, but I didn't want to introduce a selfhosting dependency on ToT. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125183 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
d767d81290288c030f3be0be1d3e62b9c8df51dc	09-Feb-2011	Ted Kremenek <kremenek@apple.com>	static analyzer: Further reduce the analyzer's memory usage when analyzing sqlite3 by 7-10% by recylcing "uninteresting" ExplodedNodes. The optimization involves eagerly pruning ExplodedNodes from the ExplodedGraph that contain practically no difference between the predecessor and successor nodes. For example, if the state is different between a predecessor and a node, the node is left in. Only for the 'environment' component of the state do we not care if the ExplodedNodes are different. This paves the way for future optimizations where we can reclaim the environment objects. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125154 91177308-0d34-0410-b5e6-96231b3b80d8 nalysisConsumer.cpp xprEngine.cpp
811d75ee35b8b061a9b10a4e7b81e0c0eaf739c3	08-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Move the files in lib/StaticAnalyzer to lib/StaticAnalyzer/Core. Eventually there will also be a lib/StaticAnalyzer/Frontend that will handle initialization and checker registration. Yet another library to avoid cyclic dependencies between Core and Checkers. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125124 91177308-0d34-0410-b5e6-96231b3b80d8 nalyzerStatsChecker.cpp MakeLists.txt
a12a51701794a5ce96d47513ed186922e41eadd5	08-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] lib/StaticAnalyzer/Checkers/ExprEngineExperimentalChecks.cpp -> lib/StaticAnalyzer/Checkers/ExperimentalChecks.cpp git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125123 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt xperimentalChecks.cpp xprEngineExperimentalChecks.cpp
af1a9330ffc0757e1534206f4f50eb420ef57b23	08-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] lib/StaticAnalyzer/Checkers/ExprEngineExperimentalChecks.h -> lib/StaticAnalyzer/Checkers/ExperimentalChecks.h git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125122 91177308-0d34-0410-b5e6-96231b3b80d8 nalysisConsumer.cpp StringChecker.cpp hrootChecker.cpp xperimentalChecks.h xprEngineExperimentalChecks.cpp xprEngineExperimentalChecks.h dempotentOperationChecker.cpp allocChecker.cpp threadLockChecker.cpp treamChecker.cpp nreachableCodeChecker.cpp
04291a7c76e16a2dc5433c80c3d13c826bf372dc	08-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] lib/StaticAnalyzer/Checkers/ExprEngineInternalChecks.h -> lib/StaticAnalyzer/Checkers/InternalChecks.h git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125121 91177308-0d34-0410-b5e6-96231b3b80d8 djustedReturnValueChecker.cpp nalysisConsumer.cpp rrayBoundChecker.cpp rrayBoundCheckerV2.cpp ttrNonNullChecker.cpp uiltinFunctionChecker.cpp allAndMessageChecker.cpp astSizeChecker.cpp astToStructChecker.cpp ereferenceChecker.cpp ivZeroChecker.cpp xprEngine.cpp xprEngineExperimentalChecks.cpp xprEngineInternalChecks.h ixedAddressChecker.cpp nternalChecks.h acOSXAPIChecker.cpp oReturnFunctionChecker.cpp SAtomicChecker.cpp bjCAtSyncChecker.cpp bjCSelfInitChecker.cpp ointerArithChecker.cpp ointerSubChecker.cpp eturnPointerRangeChecker.cpp eturnUndefChecker.cpp tackAddrLeakChecker.cpp ndefBranchChecker.cpp ndefCapturedBlockVarChecker.cpp ndefResultChecker.cpp ndefinedArraySubscriptChecker.cpp ndefinedAssignmentChecker.cpp nixAPIChecker.cpp LASizeChecker.cpp
0ca1040a964e6375561cc8e90d9b20ebcd6bffa8	05-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Fix a false positive of the 'self' initialization checker. A common pattern in classes with multiple initializers is to put the subclass's common initialization bits into a static function that receives the value of 'self', e.g: if (!(self = [super init])) return nil; if (!(self = _commonInit(self))) return nil; It was reported that 'self' was not set to the result of [super init]. Until we can use inter-procedural analysis, in such a call, transfer the ObjCSelfInitChecker flags associated with 'self' to the result of the call. Fixes rdar://8937441 & http://llvm.org/PR9094 git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124940 91177308-0d34-0410-b5e6-96231b3b80d8 bjCSelfInitChecker.cpp
c2e20d0c42cf085940c9a9cb495a7116d1b0eb07	03-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Fix a crash until we can handle temporary struct objects properly. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124822 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
469a1eb996e1cb0be54f9b210f836afbddcbb2cc	02-Feb-2011	John McCall <rjmccall@apple.com>	An insomniac stab at making block declarations list the variables they close on, as well as more reliably limiting invalid references to locals from nested scopes. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124721 91177308-0d34-0410-b5e6-96231b3b80d8 ndefCapturedBlockVarChecker.cpp
63eeade25deaa8ca0b8a8a91871eb5af81544989	01-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	Fix the message. Thanks to Thomas Clement for noticing. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124680 91177308-0d34-0410-b5e6-96231b3b80d8 bjCSelfInitChecker.cpp
be29d8d3dff34313c1ae1ae09145e64dd948b0da	01-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Slightly improve the diagnostic message of ObjCSelfInitChecker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124674 91177308-0d34-0410-b5e6-96231b3b80d8 bjCSelfInitChecker.cpp
9319b56154cfd9e3c781e54d2ee1c10c5858efed	27-Jan-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Fix crash when handling dot syntax on 'super'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124376 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
bd5a94e263137dc3ce7c100485626bae025cf58e	26-Jan-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Enable the self-init checker under command-line option '-analyzer-check-objc-self-init' which by default is enabled by the driver for '--analyze'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124266 91177308-0d34-0410-b5e6-96231b3b80d8 nalysisConsumer.cpp xprEngine.cpp
4717f163eb3578f5bada399dd6ced1c62847bfe4	26-Jan-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Improve the diagnostic for the self-init checker. Suggestion by Ted! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124263 91177308-0d34-0410-b5e6-96231b3b80d8 bjCSelfInitChecker.cpp
eaf969bf4b657f0c4577f38a39f8c4ef1d9272fc	26-Jan-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Do the self-init check only on NSObject subclasses. Patch by Jean-Daniel Dupas! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124249 91177308-0d34-0410-b5e6-96231b3b80d8 bjCSelfInitChecker.cpp
e3115e257163321ecde429aeae75f1702f099d4c	25-Jan-2011	Ted Kremenek <kremenek@apple.com>	Recycle memory for GRStates that are never referenced by ExplodedNodes. This leads to about a 4-8% reduction in memory footprint when analyzing functions in sqlite3. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124214 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
937596fc25bba3ac7519e9ffff3e4fab2c97863e	25-Jan-2011	Ted Kremenek <kremenek@apple.com>	Tweak wording of static analyzer diagnostic for a block capturing the value of an uninitialized variable. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124212 91177308-0d34-0410-b5e6-96231b3b80d8 ndefCapturedBlockVarChecker.cpp
14429b918bd2f4cb52abc75546a7fe37142054ca	25-Jan-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Handle the dot syntax for properties in the ExprEngine. We translate property accesses to obj-c messages by simulating "loads" or "stores" to properties using a pseudo-location SVal kind (ObjCPropRef). Checkers can now reason about obj-c messages for both explicit message expressions and implicit messages due to property accesses. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124161 91177308-0d34-0410-b5e6-96231b3b80d8 allAndMessageChecker.cpp xprEngine.cpp
5286e2ddfd8332520de4c076e49991d6fe557adb	25-Jan-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Introduce ExprEngine::VisitObjCMessage for handling general ObjCMessages (both message expressions and property access) and use it in ExprEngine::VisitObjCMessageExpr. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124160 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
432424d67641d609e4990d791baa782fc161027e	25-Jan-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Introduce ObjCMessage which represents both explicit ObjC message expressions and implicit messages that are sent for handling properties in dot syntax. Replace all direct uses of ObjCMessageExpr in the checkers and checker interface with ObjCMessage. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124159 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp allAndMessageChecker.cpp xprEngine.cpp SAutoreleasePoolChecker.cpp bjCSelfInitChecker.cpp
090c47baf01394de7a4061740ae7bb1f7c26492a	25-Jan-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Simplify GetReceiverType function in BasicObjCFoundationChecks.cpp; no functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124157 91177308-0d34-0410-b5e6-96231b3b80d8 asicObjCFoundationChecks.cpp
14cc9451de4a9539bf79e4e5d63248c2377426db	20-Jan-2011	Ted Kremenek <kremenek@apple.com>	Enhance AnalysisConsumer to also visit functions and methods defined within 'namespace X { ... }'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123921 91177308-0d34-0410-b5e6-96231b3b80d8 nalysisConsumer.cpp
f4c7371fb1d3cebcfb40abad4537bb82515704ea	19-Jan-2011	John McCall <rjmccall@apple.com>	Change QualType::getTypePtr() to return a const pointer, then change a thousand other things which were (generally inadvertantly) relying on that. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123814 91177308-0d34-0410-b5e6-96231b3b80d8 astSizeChecker.cpp astToStructChecker.cpp
dec0984fce504a39a7f085774fb67cfd9957be58	18-Jan-2011	Jeffrey Yasskin <jyasskin@google.com>	Fix warnings found by gcc-4.6, from -Wunused-but-set-variable and -Wint-to-pointer-cast. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123719 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
0f565591bcc0685181d7037fe9db60a31d29b9c9	17-Jan-2011	Douglas Gregor <dgregor@apple.com>	NetBSD, OpenBSD, and Dragonfly BSD also have arc4random. Patch from Joerg Sonnenberger! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123669 91177308-0d34-0410-b5e6-96231b3b80d8 heckSecuritySyntaxOnly.cpp
c7793c73ba8a343de3f2552d984851985a46f159	15-Jan-2011	Douglas Gregor <dgregor@apple.com>	Introduce a new expression kind, SubstNonTypeTemplateParmPackExpr, that captures the substitution of a non-type template argument pack for a non-type template parameter pack within a pack expansion that cannot be fully expanded. This follows the approach taken by SubstTemplateTypeParmPackType. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123506 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
c39b5e867df74904ac7e50d225b3cca0db43571f	14-Jan-2011	Ted Kremenek <kremenek@apple.com>	Cleanup confused code that redundantly called "getDeclContext()" twice. Found by clang static analyzer. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123485 91177308-0d34-0410-b5e6-96231b3b80d8 LVMConventionsChecker.cpp
db0594bfc013131f88429add4eb653c285fa94fb	14-Jan-2011	Ted Kremenek <kremenek@apple.com>	Rename 'RemoveDeadBindings()' to 'removeDeadBindings()' git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123460 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
2ccf047adf877f5e821210b1ce1a2c8289acadc0	14-Jan-2011	Ted Kremenek <kremenek@apple.com>	Rename 'EnterStackFrame()' to 'enterStackFrame()'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123459 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
d1d8ddc5bae35610c243cc92812e72b83667d227	13-Jan-2011	Ted Kremenek <kremenek@apple.com>	Rename 'CheckDeadStores.cpp' to 'DeadStoresChecker.cpp'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123395 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt heckDeadStores.cpp eadStoresChecker.cpp
56b1f71156db11b9c8234ca621c29213a73218e0	13-Jan-2011	Ted Kremenek <kremenek@apple.com>	Remove warning in dead stores checker for dead stores within nested assignments. I have never seen an actual bug found by this specific warning, and it can lead to many false positives. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123394 91177308-0d34-0410-b5e6-96231b3b80d8 heckDeadStores.cpp
d074441e027471a914cbb909a7aad1d43224950f	13-Jan-2011	Zhongxing Xu <xuzhongxing@gmail.com>	Support inlining base initializers. We still haven't got it completely right, since the bindings are purged after they are set up. Need to investigate RemoveDeadBindings algorithm. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123374 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
b4857264b8d3d861f688cdaa174aab30e0729a73	13-Jan-2011	Ted Kremenek <kremenek@apple.com>	Rename 'HasGeneratedNode' to 'hasGeneratedNode' and 'getBasePredecessor()' to 'getPredecessor()'. Also remove a unneeded save-and-restore of node builder's tag field. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123363 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
ba37d3b2ef37c3591a4f673215d78cb9cc928de3	13-Jan-2011	Ted Kremenek <kremenek@apple.com>	Remove unnecessary save-and-restore of the node builder's 'HasGeneratedNode' field. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123362 91177308-0d34-0410-b5e6-96231b3b80d8 allocChecker.cpp tackAddrLeakChecker.cpp treamChecker.cpp
d7a31ba6db617e38bb064df0ab09dbd41cdfed18	11-Jan-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Introduce ObjCSelfInitChecker, which checks initialization methods to verify that they assign 'self' to the result of an initialization call (e.g. [super init], or [self initWith..]) before using any instance variable or returning 'self'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123264 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt xprEngine.cpp xprEngineInternalChecks.h bjCSelfInitChecker.cpp
6547884b9c20096594bdc652669df82c322c5eb6	11-Jan-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Support post-visiting ObjCIvarRefExprs for checkers. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123263 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
f7fbbda62705352a53ac3b495a1128946a34ced3	11-Jan-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Add 'isLoad' parameter in Checker::visitLocation() to conveniently distinguish between loads/stores. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123261 91177308-0d34-0410-b5e6-96231b3b80d8 rrayBoundChecker.cpp rrayBoundCheckerV2.cpp ereferenceChecker.cpp allocChecker.cpp
b6a2b08a6b3fbce1a6a4b69d4185165de970696c	11-Jan-2011	Ted Kremenek <kremenek@apple.com>	Remove ProgramPoint parameter from GenericNodeBuilder::generateNode(). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123240 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
27c54e57c4a012dcdf2b40cf985b70d0b9caa69e	11-Jan-2011	Ted Kremenek <kremenek@apple.com>	Rework ExprEngine::processCFGBlockEntrance() to use a node builder. This paves the way for Checkers to interpose (via a "visit" method) at the entrance to blocks. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123217 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
55825aa2d88fe82bf3622f195046ae48532d3106	11-Jan-2011	Ted Kremenek <kremenek@apple.com>	Rename misc. methods in ento::Worklist to start with lowercase letter. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123212 91177308-0d34-0410-b5e6-96231b3b80d8 dempotentOperationChecker.cpp
e36de1fe51c39d9161915dd3dbef880954af6476	11-Jan-2011	Ted Kremenek <kremenek@apple.com>	Rename misc. methods in GRSubEngine to start with a lower-case letter. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123211 91177308-0d34-0410-b5e6-96231b3b80d8 StringChecker.cpp xprEngine.cpp allocChecker.cpp tackAddrLeakChecker.cpp treamChecker.cpp
e8f4b045cd2cd62d757a4d0c34b265079b9eff33	10-Jan-2011	Zhongxing Xu <xuzhongxing@gmail.com>	Fix CMakeLists.txt. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123167 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
0742f181e5562ae49fb303d90ceb3955ed9f84ed	10-Jan-2011	Zhongxing Xu <xuzhongxing@gmail.com>	Revert r123160. There are linking dependency problems. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123166 91177308-0d34-0410-b5e6-96231b3b80d8 nalysisConsumer.cpp xprEngine.cpp
2770eb1294f425710e5802011e302a91a3614eb2	10-Jan-2011	Douglas Gregor <dgregor@apple.com>	Unbreak the CMake build. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123162 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
2f1a4a82610c420c0ce430c6f459a3fc1ed8daba	10-Jan-2011	Zhongxing Xu <xuzhongxing@gmail.com>	ExprEngine.cpp and AnalysisConsumer.cpp should not be in the Checkers directory. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123160 91177308-0d34-0410-b5e6-96231b3b80d8 nalysisConsumer.cpp xprEngine.cpp
f9d3cbbe07afa05c2414c7120d7141409e5a3663	10-Jan-2011	Zhongxing Xu <xuzhongxing@gmail.com>	In C++, assignment and compound assignment operators return an lvalue. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123158 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
b08624414a923e0df93dd7630fee51b0ff3cb7b1	10-Jan-2011	Zhongxing Xu <xuzhongxing@gmail.com>	The isPrefix() checking is redundant. Lvalue incremental/decremental expressions are all prefixes. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123156 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
cbb67480094b3bcb5b715acd827cbad55e2a204c	08-Jan-2011	Sean Hunt <scshunt@csclub.uwaterloo.ca>	Renamed CXXBaseOrMemberInitializer to CXXCtorInitializer. This is both shorter, more accurate, and makes it make sense for it to hold a delegating constructor call. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123084 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
f901a7de97f46ba2b1ff153f9fb83d00dc37cfcf	04-Jan-2011	Douglas Gregor <dgregor@apple.com>	There is nothing interesting to analyze with a sizeof...(pack) expression git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@122818 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
be230c36e32142cbdcdbe9c97511d097beeecbab	03-Jan-2011	Douglas Gregor <dgregor@apple.com>	Implement support for pack expansions whose pattern is a non-type template argument (described by an expression, of course). For example: template<int...> struct int_tuple { }; template<int ...Values> struct square { typedef int_tuple<(Values*Values)...> type; }; It also lays the foundation for pack expansions in an initializer-list. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@122751 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
7f886434372264d13648dab5e4048de1fe671246	03-Jan-2011	Oscar Fuentes <ofv@wanadoo.es>	Set LLVM_NO_RTTI and LLVM_USED_LIBS for clangStaticAnalyzerCheckers Patch by arrowdodger! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@122747 91177308-0d34-0410-b5e6-96231b3b80d8 MakeLists.txt
a6b0b96e5376cd9cf182a3e240e0537feed43cde	24-Dec-2010	Ted Kremenek <kremenek@apple.com>	Add basic support for pointer arithmetic in SimpleSValBuilder. This clears up some false positives emitted by ArrayBoundCheckerV2 due to the lack of support for pointer arithmetic. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@122546 91177308-0d34-0410-b5e6-96231b3b80d8 xprEngine.cpp
21142581d55918beed544a757e4af3bb865b1812	23-Dec-2010	Ted Kremenek <kremenek@apple.com>	Chris Lattner has strong opinions about directory layout. :) Rename the 'EntoSA' directories to 'StaticAnalyzer'. Internally we will still use the 'ento' namespace for the analyzer engine (unless there are further sabre rattlings...). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@122514 91177308-0d34-0410-b5e6-96231b3b80d8 djustedReturnValueChecker.cpp nalysisConsumer.cpp rrayBoundChecker.cpp rrayBoundCheckerV2.cpp ttrNonNullChecker.cpp asicObjCFoundationChecks.cpp asicObjCFoundationChecks.h uiltinFunctionChecker.cpp MakeLists.txt StringChecker.cpp allAndMessageChecker.cpp astSizeChecker.cpp astToStructChecker.cpp heckDeadStores.cpp heckObjCDealloc.cpp heckObjCInstMethSignature.cpp heckSecuritySyntaxOnly.cpp heckSizeofPointer.cpp hrootChecker.cpp ereferenceChecker.cpp ivZeroChecker.cpp xprEngine.cpp xprEngineExperimentalChecks.cpp xprEngineExperimentalChecks.h xprEngineInternalChecks.h ixedAddressChecker.cpp rontendActions.cpp dempotentOperationChecker.cpp LVMConventionsChecker.cpp acOSXAPIChecker.cpp akefile allocChecker.cpp SAutoreleasePoolChecker.cpp SErrorChecker.cpp oReturnFunctionChecker.cpp SAtomicChecker.cpp bjCAtSyncChecker.cpp bjCUnusedIVarsChecker.cpp ointerArithChecker.cpp ointerSubChecker.cpp threadLockChecker.cpp eturnPointerRangeChecker.cpp eturnUndefChecker.cpp tackAddrLeakChecker.cpp treamChecker.cpp ndefBranchChecker.cpp ndefCapturedBlockVarChecker.cpp ndefResultChecker.cpp ndefinedArraySubscriptChecker.cpp ndefinedAssignmentChecker.cpp nixAPIChecker.cpp nreachableCodeChecker.cpp LASizeChecker.cpp