History log of /external/clang/test/Analysis/fields.c
Revision Date Author Comments (<<< Hide modified files) (Show modified files >>>)
d764e20189dbb42b38ada383a0a159f6adc0d56c 02-Mar-2013 Jordan Rose <jordan_rose@apple.com> [analyzer] Special-case bitfields when finding sub-region bindings.

Previously we were assuming that we'd never ask for the sub-region bindings
of a bitfield, since a bitfield cannot have subregions. However,
unification of code paths has made that assumption invalid. While we could
take advantage of this by just checking for the single possible binding,
it's probably better to do the right thing, so that if/when we someday
support unions we'll do the right thing there, too.

This fixes a handful of false positives in analyzing LLVM.

<rdar://problem/13325522>

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@176388 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
f1e67d75fc922ff905de9faa6326bb1a96685ec1 17-Oct-2012 Jordan Rose <jordan_rose@apple.com> [analyzer] Create a temporary region when accessing a struct rvalue.

In C++, rvalues that need to have their address taken (for example, to be
passed to a function by const reference) will be wrapped in a
MaterializeTemporaryExpr, which lets CodeGen know to create a temporary
region to store this value. However, MaterializeTemporaryExprs are /not/
created when a method is called on an rvalue struct, even though the 'this'
pointer needs a valid value. CodeGen works around this by creating a
temporary region anyway; now, so does the analyzer.

The analyzer also does this when accessing a field of a struct rvalue.
This is a little unfortunate, since the rest of the struct will soon be
thrown away, but it does make things consistent with the rest of the
analyzer.

This allows us to bring back the assumption that all known 'this' values
are Locs. This is a revised version of r164828-9, reverted in r164876-7.

<rdar://problem/12137950>

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@166120 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
d27a368f4800b447b970b7c438d0fb4da00838dc 01-Oct-2012 Jordan Rose <jordan_rose@apple.com> Revert "[analyzer] Check that a member expr is valid even when the result is an lvalue."

The original intent of this commit was to catch potential null dereferences
early, but it breaks the common "home-grown offsetof" idiom (PR13927):

(((struct Foo *)0)->member - ((struct foo *)0))

As it turns out, this appears to be legal in C, per a footnote in
C11 6.5.3.2: "Thus, &*E is equivalent to E (even if E is a null pointer)".
In C++ this issue is still open:
http://www.open-std.org/jtc1/sc22/wg21/docs/cwg_active.html#232

We'll just have to make sure we have good path notes in the future.

This reverts r164441 / 9be016dcd1ca3986873a7b66bd4bc027309ceb59.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164958 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
ce6644bc1e921833f9b3c10cf7d4a0b78e8d5dc9 29-Sep-2012 Jordan Rose <jordan_rose@apple.com> Revert "[analyzer] Create a temporary region for rvalue structs when accessing fields"

This reverts commit 6f61df3e7256413dcb99afb9673f4206e3c4992c.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164877 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
6f61df3e7256413dcb99afb9673f4206e3c4992c 28-Sep-2012 Jordan Rose <jordan_rose@apple.com> [analyzer] Create a temporary region for rvalue structs when accessing fields

Struct rvalues are represented in the analyzer by CompoundVals,
LazyCompoundVals, or plain ConjuredSymbols -- none of which have associated
regions. If the entire structure is going to persist, this is not a
problem -- either the rvalue will be assigned to an existing region, or
a MaterializeTemporaryExpr will be present to create a temporary region.
However, if we just need a field from the struct, we need to create the
temporary region ourselves.

This is inspired by the way CodeGen handles calls to temporaries;
support for that in the analyzer is coming next.

Part of <rdar://problem/12137950>

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164828 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
dd1d7d88f1fe6d7d7e79acaec3f83bc10d9f7b97 22-Sep-2012 Jordan Rose <jordan_rose@apple.com> [analyzer] Check that a member expr is valid even when the result is an lvalue.

We want to catch cases like this early, so that we can produce better
diagnostics and path notes:

Point *p = 0;
int *px = &p->x; // should warn here
*px = 1;

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164441 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
cdc3a89d5de90b2299c56f4a46c3de590c5184d1 24-Aug-2012 Ted Kremenek <kremenek@apple.com> Fix analyzer tests.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162588 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
033a07e5fca459ed184369cfee7c90d82367a93a 04-Aug-2011 Ted Kremenek <kremenek@apple.com> [analyzer] rename all experimental checker packages to have 'experimental' be the common root package.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136835 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
a4c7a4314ffbe402091695874e93d9b0a79c8099 29-Jul-2011 Ted Kremenek <kremenek@apple.com> Really remove FlatStoreManager and BasicStoreManager, this time from the driver. Also remove associated tests. Sorry for the messy commits; this is the result of a botched Git merge.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136422 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
c4d2c9074be6eb2091086eddd6c8f052f3b245c8 28-Feb-2011 Argyrios Kyrtzidis <akyrtzi@gmail.com> [analyzer] Remove '-analyzer-check-objc-mem' flag, the nominee for best misnomer award.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126676 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
65d39251ff57b8e33cf6d3a7fcc6aa1c6f8cdc68 24-Feb-2011 Argyrios Kyrtzidis <akyrtzi@gmail.com> [analyzer] Remove '-analyzer-experimental-internal-checks' flag, it doesn't have any checkers associated with it anymore.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126440 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
c2e20d0c42cf085940c9a9cb495a7116d1b0eb07 03-Feb-2011 Argyrios Kyrtzidis <akyrtzi@gmail.com> [analyzer] Fix a crash until we can handle temporary struct objects properly.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124822 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
565e465c6d0093f1bf8414b2cabdc842022385a9 05-Feb-2010 Ted Kremenek <kremenek@apple.com> Rename -cc1 option '-checker-cfref' to '-analyzer-check-objc-mem'.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@95348 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
a5728872c7702ddd09537c95bc3cbd20e1f2fb09 15-Dec-2009 Daniel Dunbar <daniel@zuster.org> Update tests to use %clang_cc1 instead of 'clang-cc' or 'clang -cc1'.
- This is designed to make it obvious that %clang_cc1 is a "test variable"
which is substituted. It is '%clang_cc1' instead of '%clang -cc1' because it
can be useful to redefine what gets run as 'clang -cc1' (for example, to set
a default target).

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@91446 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
ef74f4c6dcd59b3af1de9d8f613c1caf3e6cb63d 14-Dec-2009 Zhongxing Xu <xuzhongxing@gmail.com> Replace clang-cc with clang -cc1.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@91272 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
8a90ac0e85e8c5758b585fe486ee7db01c53fb98 29-Nov-2009 Daniel Dunbar <daniel@zuster.org> Normalize options to use '-FOO' instead of '--FOO'.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@90071 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
8382cf57b722f130f1a6b45380639871c07271c1 13-Nov-2009 Ted Kremenek <kremenek@apple.com> Add clang-cc option "--analyzer-experimental-internal-checks". This
option enables new "internal" checks that will eventually be turned on
by default but still require broader testing.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@88671 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
4fcfde4d5c8f25e40720972a5543d538a0dcb220 08-Nov-2009 Daniel Dunbar <daniel@zuster.org> Eliminate &&s in tests.
- 'for i in $(find . -type f); do sed -e 's#\(RUN:.*[^ ]\) *&& *$#\1#g' $i | FileUpdate $i; done', for the curious.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@86430 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
f7a0cf426eddae76e1a71dd2295631a2cf0560af 29-Jul-2009 Ted Kremenek <kremenek@apple.com> Remove 'StoreManager::OldCastRegion()', TypedViewRegion (which only
OldCastRegion used), and the associated command line option
'-analyzer-store=old-basic-cast'.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@77509 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
c037eac3bda3c636c961aab6377beea3242e81e4 10-Jul-2009 Ted Kremenek <kremenek@apple.com> Switch BasicStoreManager to use the new CastRegion implementation by default,
and replace the 'clang-cc' option '-analyzer-store=basic-new-cast' with
'-analyzer-store=basic-old-cast'. We'll keep the old CastRegion implementation
around for a little while for regression testing.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@75209 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
e1cea75e70d76f55157749a7bcad319050492945 06-Jul-2009 Ted Kremenek <kremenek@apple.com> Make 'BasicStoreManager' + 'NewCastRegion' testable from the command line using '-analyzer-store=basic-new-cast'.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@74865 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
5414a5c0add7a7a9343a1be0bda962ce8dc35449 21-Jun-2009 Zhongxing Xu <xuzhongxing@gmail.com> Return UnknownVal for pointer arithmetic on struct fields.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@73851 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
5bf3287765d14b5c6666bd00d0a141b0a6c97a20 09-May-2009 Zhongxing Xu <xuzhongxing@gmail.com> When casting VarRegion, if the var type is aggregate type and the cast-to
pointee type is scalar type, create element region regardless with the sizes
of types.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@71360 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
889805931bdffe5eaf770bb9f926f738ccd18c0f 06-May-2009 Zhongxing Xu <xuzhongxing@gmail.com> Make StoreManager::CastRegion() virtual and implement a new CastRegion() for
RegionStore.

This CastRegion() performs casts according to the kind of the region being
cast instead of the type that is cast to.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@71058 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
9aa829bddbe6dc2e41aff5b26483dd3370381293 04-May-2009 Ted Kremenek <kremenek@apple.com> This test no longer fails.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70834 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
a8607d13c8df25a8c10d46db016d26f9e327418d 01-May-2009 Ted Kremenek <kremenek@apple.com> StoreManager::CastRegion:
- Don't layer TypedViewRegions on top of any region except
SymbolicRegions and AllocaRegions. This follows from my offline
discussion within Zhongxing about how TypedViewRegions really only
represent memory getting re-appropriated for a new purpose.

Fallout from this change:
- Move test case from xfail_rdar_6440393.m to misc-ps-64.m
(it now passes).

- test/Analysis/fields.c now fails for region store (crash).
Marking XFAIL.

- test/Analysis/rdar-6441136-region.c now fails (only runs with region store).
Marking XFAIL.

Diagnosis: The analyzer now correctly identifies an early out-of-bounds memory
access then the one flagged:

rdar-6541136-region.c:17:3: warning: Load or store into an out-of-bound memory position.
*p = 1;
^~

Changing the line:
char *p = (void*) &wonky[1];
to
char *p = (void*) &wonky[0];

(which should delay the buffer overrun) causes region store to crash, probably
because it expects a TypedViewRegion.

- test/Analysis/casts.c (region store) now fails (crash).
Marking XFAIL.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70565 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
d7d5f0223bd30dfd618762349c6209dd1d5ea3e6 24-Mar-2009 Daniel Dunbar <daniel@zuster.org> Rename clang to clang-cc.

Tests and drivers updated, still need to shuffle dirs.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@67602 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
be1fe1eb12a1cb91c8e3a9fcc2db4dfe989def6c 17-Feb-2009 Ted Kremenek <kremenek@apple.com> Static Analyzer driver/options (partial) cleanup:
- Move all analyzer options logic to AnalysisConsumer.cpp.
- Unified specification of stores/constraints/output to be:
-analyzer-output=...
-analyzer-store=...
-analyzer-constraints=...
instead of -analyzer-range-constraints, -analyzer-store-basic, etc.
- Updated drivers (ccc-analyzer, scan-builds, new ccc) to obey this new
interface
- Updated test cases to conform to new driver options


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@64737 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
04b1de1f73ec8cad2a5e0a6a4c3c3f8b9b1b09a2 22-Jan-2009 Ted Kremenek <kremenek@apple.com> This test case now passes with RegionStore.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@62798 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
d427023c334fe03105d9359711a3df4d6f23b344 21-Jan-2009 Daniel Dunbar <daniel@zuster.org> Add -analyze action to run static analyzer, instead of inferring from
individual checker options.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@62634 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c
5c456fe4d354dab9e8a1309aefe828ea7b6d6f26 18-Oct-2008 Ted Kremenek <kremenek@apple.com> Use "VisitLValue" when processing the base for "x.f" field accesses, and "Visit" when processing the base for "x->f" field accesses.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@57754 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/fields.c