Cross Reference: /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp

History log of /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
ef8225444452a1486bd721f3285301fe84643b00	21-Jul-2014	Stephen Hines <srhines@google.com>	Update Clang for rebase to r212749. This also fixes a small issue with arm_neon.h not being generated always. Includes a cherry-pick of: r213450 - fixes mac-specific header issue r213126 - removes a default -Bsymbolic on Android Change-Id: I2a790a0f5d3b2aab11de596fc3a74e7cbc99081d /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
651f13cea278ec967336033dd032faef0e9fc2ec	24-Apr-2014	Stephen Hines <srhines@google.com>	Updated to Clang 3.5a. Change-Id: I8127eb568f674c2e72635b639a3295381fe8af82 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
43b82b823a6113fdbee54243b280db9c55ef72cb	24-Feb-2013	Ted Kremenek <kremenek@apple.com>	[analyzer] tracking stores/constraints now works for ObjC ivars or struct fields. This required more changes than I originally expected: - ObjCIvarRegion implements "canPrintPretty" et al - DereferenceChecker indicates the null pointer source is an ivar - bugreporter::trackNullOrUndefValue() uses an alternate algorithm to compute the location region to track by scouring the ExplodedGraph. This allows us to get the actual MemRegion for variables, ivars, fields, etc. We only hand construct a VarRegion for C++ references. - ExplodedGraph no longer drops nodes for expressions that are marked 'lvalue'. This is to facilitate the logic in the previous bullet. This may lead to a slight increase in size in the ExplodedGraph, which I have not measured, but it is likely not to be a big deal. I have validated each of the changed plist output. Fixes <rdar://problem/12114812> git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@175988 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
5251abea41b446c26e3239c8dd6c7edea6fc335d	20-Feb-2013	David Blaikie <dblaikie@gmail.com>	Replace SVal llvm::cast support to be well-defined. See r175462 for another example/more details. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@175594 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
dede2fd56d053a114a65ba72583981ce7aab27da	26-Jan-2013	Jordan Rose <jordan_rose@apple.com>	[analyzer] bugreporter::getDerefExpr now takes a Stmt, not an ExplodedNode. This allows it to be used in places where the interesting statement doesn't match up with the current node. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@173546 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
55fc873017f10f6f566b182b70f6fc22aefa3464	04-Dec-2012	Chandler Carruth <chandlerc@gmail.com>	Sort all of Clang's files under 'lib', and fix up the broken headers uncovered. This required manually correcting all of the incorrect main-module headers I could find, and running the new llvm/utils/sort_includes.py script over the files. I also manually added quite a few missing headers that were uncovered by shuffling the order or moving headers up to be main-module-headers. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@169237 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
a93d0f280693b8418bc88cf7a8c93325f7fcf4c6	01-Dec-2012	Benjamin Kramer <benny.kra@googlemail.com>	Include pruning and general cleanup. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@169095 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
785950e59424dca7ce0081bebf13c0acd2c4fff6	02-Nov-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Rename 'EmitReport' to 'emitReport'. No functionality change. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167275 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
991bcb4370fe849603346ebbddc8dd47bc29d235	22-Sep-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Check that an ObjCIvarRefExpr's base is non-null even as an lvalue. Like with struct fields, we want to catch cases like this early, so that we can produce better diagnostics and path notes: PointObj p = nil; int px = &p->_x; // should warn here *px = 1; git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164442 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
9b925ac059089dfe74e3b8fa5effe519fb9ee885	06-Sep-2012	Anna Zaks <ganna@apple.com>	[analyzer] Enhance the member expr tracking to account for references. As per Jordan's suggestion. (Came out of code review for r163261.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163269 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
9bc1e6db1c0a1d57eaf9b35eb3ab8a60ffb437ed	06-Sep-2012	Anna Zaks <ganna@apple.com>	[analyzer] Remove unneeded code. This region is set as interesting as part of trackNullOrUndefValue call, no need to mark it as interesting twice. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163260 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
80de487e03dd0f44e4572e2122ebc1aa6a3961f5	29-Aug-2012	Anna Zaks <ganna@apple.com>	[analyzer] Improved diagnostic pruning for calls initializing values. This heuristic addresses the case when a pointer (or ref) is passed to a function, which initializes the variable (or sets it to something other than '0'). On the branch where the inlined function does not set the value, we report use of undefined value (or NULL pointer dereference). The access happens in the caller and the path through the callee would get pruned away with regular path pruning. To solve this issue, we previously disabled diagnostic pruning completely on undefined and null pointer dereference checks, which entailed very verbose diagnostics in most cases. Furthermore, not all of the undef value checks had the diagnostic pruning disabled. This patch implements the following heuristic: if we pass a pointer (or ref) to the region (on which the error is reported) into a function and it's value is either undef or 'NULL' (and is a pointer), do not prune the function. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162863 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
a1f81bb0e55749a1414b1b5124bb83b9052ff2ac	28-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Rename addTrackNullOrUndefValueVisitor to trackNullOrUndefValue. This helper function (in the clang::ento::bugreporter namespace) may add more than one visitor, but conceptually it's tracking a single use of a null or undefined value and should do so as best it can. Also, the BugReport parameter has been made a reference to underscore that it is non-optional. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162720 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
522f46f497d9ccecc8bc2f5ec132b9bb7060dee1	04-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Don't assume values bound to references are automatically non-null. While there is no such thing as a "null reference" in the C++ standard, many implementations of references (including Clang's) do not actually check that the location bound to them is non-null. Thus unlike a regular null dereference, this will not cause a problem at runtime until the reference is actually used. In order to catch these cases, we need to not prune out paths on which the input pointer is null. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161288 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
685379965c1b105ce89cf4f6c60810932b7f4d0d	04-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] When a symbol is null, we should track its constraints. Because of this, we would previously emit NO path notes when a parameter is constrained to null (because there are no stores). Now we show where we made the assumption, which is much more useful. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161280 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
9f3b9d54ccbbf212591602f389ebde7923627490	02-Aug-2012	Jordan Rose <jordan_rose@apple.com>	[analyzer] Add a simple check for initializing reference variables with null. There's still more work to be done here; this doesn't catch reference parameters or return values. But it's a step in the right direction. Part of <rdar://problem/11212286>. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161214 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
ed7948b55fa4b2505f240cc5287137f451172b4c	31-May-2012	Ted Kremenek <kremenek@apple.com>	Allow some BugReports to opt-out of PathDiagnostic callstack pruning until we have significantly improved the pruning heuristics. The current heuristics are pretty good, but they make diagnostics for uninitialized variables warnings particularly useless in some cases. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@157734 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
76aadc346c3a4c363238a1e1232f324c3355d9e0	09-Mar-2012	Ted Kremenek <kremenek@apple.com>	[analyzer] Implement basic path diagnostic pruning based on "interesting" symbols and regions. Essentially, a bug centers around a story for various symbols and regions. We should only include the path diagnostic events that relate to those symbols and regions. The pruning is done by associating a set of interesting symbols and regions with a BugReporter, which can be modified at BugReport creation or by BugReporterVisitors. This patch reduces the diagnostics emitted in several of our test cases. I've vetted these as having desired behavior. The only regression is a missing null check diagnostic for the return value of realloc() in test/Analysis/malloc-plist.c. This will require some investigation to fix, and I have added a FIXME to the test case. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152361 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
f7ccbad5d9949e7ddd1cbef43d482553b811e026	05-Feb-2012	Dylan Noblesmith <nobled@dreamwidth.org>	Basic: import SmallString<> into clang namespace (I was going to fix the TODO about DenseMap too, but that would break self-host right now. See PR11922.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149799 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
6f42b62b6194f53bcbc349f5d17388e1936535d7	05-Feb-2012	Dylan Noblesmith <nobled@dreamwidth.org>	Basic: import OwningPtr<> into clang namespace git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149798 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
8fe83e1df954d72c0f4ffc15d20a5222ec151c21	04-Feb-2012	Benjamin Kramer <benny.kra@googlemail.com>	Move a method from IdentifierTable.h out of line and remove the SmallString include. Fix all the transitive include users. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149783 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
c35fb7d67d515659ad2325b4f6ec97c9fe64fb63	28-Jan-2012	Benjamin Kramer <benny.kra@googlemail.com>	StaticAnalyzer: Move ObjC- and CXX-specific methods out of line so checkers that don't care about the language don't have to pull in all the headers. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149178 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
8bef8238181a30e52dea380789a7e2d760eac532	26-Jan-2012	Ted Kremenek <kremenek@apple.com>	Change references to 'const ProgramState *' to typedef 'ProgramStateRef'. At this point this is largely cosmetic, but it opens the door to replace ProgramStateRef with a smart pointer that more eagerly acts in the role of reclaiming unused ProgramState objects. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149081 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
0bd6b110e908892d4b5c8671a9f435a1d72ad16a	26-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Rename generateNode -> addTransition in CheckerContext Also document addTransition methods. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@143059 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
063e0887ad65d666d23ee3178436ad6507abbd1b	25-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Simplify CheckerContext Remove dead members/parameters: ProgramState, respondsToCallback, autoTransition. Remove addTransition method since it's the same as generateNode. Maybe we should rename generateNode to genTransition (since a transition is always automatically generated)? git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142946 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
390909c89c98ab1807e15e033a72e975f866fb23	06-Oct-2011	Anna Zaks <ganna@apple.com>	[analyzer] Remove the dependency on CheckerContext::getStmt() as well as the method itself. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141262 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
50bbc165b063155cc23c360deb7b865502e068e2	20-Aug-2011	Anna Zaks <ganna@apple.com>	Static Analyzer Diagnostics: Kill the addVisitorCreator(callbackTy, void) API in favor of addVisitor(BugReporterVisitor). 1) Create a header file to expose the predefined visitors. And move the parent(BugReporterVisitor) there as well. 2) Remove the registerXXXVisitor functions - the Visitor constructors/getters can be used now to create the object. One exception is registerVarDeclsLastStore(), which registers more then one visitor, so make it static member of FindLastStoreBRVisitor. 3) Modify all the checkers to use the new API. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138126 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
e172e8b9e7fc67d7d03589af7e92fe777afcf33a	18-Aug-2011	Anna Zaks <ganna@apple.com>	Remove EnhancedBugReport and RangedBugReport - pull all the extra functionality they provided into their parent BugReport. The only functional changes are: made getRanges() non const - it adds default range to Ranges if none are supplied, made getStmt() private, which was another FIXME. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137894 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
18c66fdc3c4008d335885695fe36fb5353c5f672	16-Aug-2011	Ted Kremenek <kremenek@apple.com>	Rename GRState to ProgramState, and cleanup some code formatting along the way. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137665 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
5f9e272e632e951b1efe824cd16acb4d96077930	23-Jul-2011	Chris Lattner <sabre@nondot.org>	remove unneeded llvm:: namespace qualifiers on some core types now that LLVM.h imports them into the clang namespace. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135852 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
ec8605f1d7ec846dbf51047bfd5c56d32d1ff91c	01-Mar-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Rename CheckerV2 -> Checker. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126726 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
b3d74da3e1620c9a7a378afb5f244e4987e6713e	28-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Migrate NSErrorChecker and DereferenceChecker to CheckerV2. They cooperate in that NSErrorChecker listens for ImplicitNullDerefEvent events that DereferenceChecker can dispatch. ImplicitNullDerefEvent is when we dereferenced a location that may be null. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126659 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
9b663716449b618ba0390b1dbebc54fa8e971124	10-Feb-2011	Ted Kremenek <kremenek@apple.com>	Split 'include/clang/StaticAnalyzer' into 'include/clang/StaticAnalyzer/Core' and 'include/clang/StaticAnalyzer/Checkers'. This layout matches lib/StaticAnalyzer, which corresponds to two StaticAnalyzer libraries. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125251 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
04291a7c76e16a2dc5433c80c3d13c826bf372dc	08-Feb-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] lib/StaticAnalyzer/Checkers/ExprEngineInternalChecks.h -> lib/StaticAnalyzer/Checkers/InternalChecks.h git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125121 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
f7fbbda62705352a53ac3b495a1128946a34ced3	11-Jan-2011	Argyrios Kyrtzidis <akyrtzi@gmail.com>	[analyzer] Add 'isLoad' parameter in Checker::visitLocation() to conveniently distinguish between loads/stores. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123261 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp
21142581d55918beed544a757e4af3bb865b1812	23-Dec-2010	Ted Kremenek <kremenek@apple.com>	Chris Lattner has strong opinions about directory layout. :) Rename the 'EntoSA' directories to 'StaticAnalyzer'. Internally we will still use the 'ento' namespace for the analyzer engine (unless there are further sabre rattlings...). git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@122514 91177308-0d34-0410-b5e6-96231b3b80d8 /external/clang/lib/StaticAnalyzer/Checkers/DereferenceChecker.cpp