History log of /external/clang/test/Analysis/string.c
Revision Date Author Comments (<<< Hide modified files) (Show modified files >>>)
a728e927c6e58f26b2c8615a8baa761d2f157e4b 19-Aug-2013 Jordan Rose <jordan_rose@apple.com> [analyzer] Assume that strings are no longer than SIZE_MAX/4.

This keeps the analyzer from making silly assumptions, like thinking
strlen(foo)+1 could wrap around to 0. This fixes PR16558.

Patch by Karthik Bhat!

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@188680 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
af22621352481e91488a54ea0e0b5e73f6551ab7 23-Apr-2013 Jordan Rose <jordan_rose@apple.com> [analyzer] Model strsep(), particularly that it returns its input.

This handles the false positive leak warning in PR15374, and also serves
as a basic model for the strsep() function.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@180069 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
f8e2c06cea1548c437761cb65cfbf97d50a057a7 20-Mar-2013 Jordan Rose <jordan_rose@apple.com> [analyzer] Don't invalidate globals when there's no call involved.

This fixes some mistaken condition logic in RegionStore that caused
global variables to be invalidated when /any/ region was invalidated,
rather than only as part of opaque function calls. This was only
being used by CStringChecker, and so users will now see that strcpy()
and friends do not invalidate global variables.

Also, add a test case we don't handle properly: explicitly-assigned
global variables aren't being invalidated by opaque calls. This is
being tracked by <rdar://problem/13464044>.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@177572 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
74c0d6988462c2cb882e7a8b8050fe119a5af56f 16-Mar-2013 Anna Zaks <ganna@apple.com> [analyzer] Use isLiveRegion to determine when SymbolRegionValue is dead.

Fixes a FIXME, improves dead symbol collection, suppresses a false positive,
which resulted from reusing the same symbol twice for simulation of 2 calls to the same function.

Fixing this lead to 2 possible false negatives in CString checker. Since the checker is still alpha and
the solution will not require revert of this commit, move the tests to a FIXME section.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@177206 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
cdc3a89d5de90b2299c56f4a46c3de590c5184d1 24-Aug-2012 Ted Kremenek <kremenek@apple.com> Fix analyzer tests.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162588 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
f158b7181cef728dfb5e340b6d51586742042836 16-May-2012 Jordy Rose <jediknil@belkadan.com> [analyzer] Fix test for PR12206, which was failing on i386.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156941 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
533718fb27f87a25bf9f6fdd69df4a4ce8b783a6 16-May-2012 Anna Zaks <ganna@apple.com> [analyzer] Revert a regression committed in r156920.

This breaks the build with -triple i386-apple-darwin9.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156932 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
43d9f0d4e9b88dcab473a359a7b5579c2a619b22 16-May-2012 Jordy Rose <jediknil@belkadan.com> [analyzer] Convert many existing tests to use clang_analyzer_eval.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156920 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
6e4244ee86a2d71af4eac791808f2dc50c7484e6 14-May-2012 Jordy Rose <jediknil@belkadan.com> [analyzer] strncpy: Special-case a length of 0 to avoid an incorrect warning.

We check the address of the last element accessed, but with 0 calculating that
address results in element -1. This patch bails out early (and avoids a bunch
of other work at that).

Fixes PR12807.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156769 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
14d20b1dff6370f76279fcfb0fd780e2e5eb57bb 03-May-2012 Jordy Rose <jediknil@belkadan.com> [analyzer] Equality ops are like relational ops in that the arguments shouldn't be converted to the result type. Fixes PR12206 and dupe PR12510.

This was probably the original intent of r133041 (also me, a year ago).

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156062 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
bb2a6864f111e13f7905725963649c60c60bf18b 20-Feb-2012 Anna Zaks <ganna@apple.com> [analyzer] Turn on by default the Malloc Checker and a couple of CString
checks:

- unix.Malloc - Checks for memory leaks, double free, use-after-free.
- unix.cstring.NullArg - Checks for null pointers passed as arguments to
CString functions + evaluates CString functions.
- unix.cstring.BadSizeArg - Checks for common anti-patterns in
strncat size argument.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150988 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
57300760964904cc022a175643342f29f46b7e6b 07-Feb-2012 Anna Zaks <ganna@apple.com> [analyzer] Allow each CString check to be enabled/disabled
separately.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149947 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
e00575f12cf280621ef0ed4d69e909bdfc9fef62 31-Jan-2012 Anna Zaks <ganna@apple.com> [analyzer] Add checks for common anti-patterns in strncat.
(Since this is syntax only, might be a good candidate for turning into a
compiler warning.)

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@149407 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
ce8ef16b1c58a304b7b59fad9836ad32d6ed020c 13-Jan-2012 Anna Zaks <ganna@apple.com> [analyzer] RegionStoreManager::getBinding() should not crash when
looking up value at a CodeTextRegion even when the type is not provided.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148079 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
2cbe791d3e9b26f30196c4852da75d9ad67b4ad9 20-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] Do not invalidate arguments when the parameter's
type is a pointer to const. (radar://10595327)

The regions corresponding to the pointer and reference arguments to
a function get invalidated by the calls since a function call can
possibly modify the pointed to data. With this change, we are not going
to invalidate the data if the argument is a pointer to const. This
change makes the analyzer more optimistic in reporting errors.
(Support for C, C++ and Obj C)

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@147002 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
e3d250e488241cbfe71a592df4d07d03ad89434a 11-Dec-2011 Anna Zaks <ganna@apple.com> [analyzer] CStringChecker should not rely on the analyzer generating UndefOrUnknown value when it cannot reason about the expression.

We are now often generating expressions even if the solver is not known to be able to simplify it. This is another cleanup of the existing code, where the rest of the analyzer and checkers should not base their logic on knowing ahead of the time what the solver can reason about.

In this case, CStringChecker is performing a check for overflow of 'left+right' operation. The overflow can be checked with either 'maxVal-left' or 'maxVal-right'. Previously, the decision was based on whether the expresion evaluated to undef or not. With this patch, we check if one of the arguments is a constant, in which case we know that 'maxVal-const' is easily simplified. (Another option is to use canReasonAbout() method of the solver here, however, it's currently is protected.)

This patch also contains 2 small bug fixes:
- swap the order of operators inside SValBuilder::makeGenericVal.
- handle a case when AddeVal is unknown in GenericTaintChecker::getPointedToSymbol.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@146343 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
033a07e5fca459ed184369cfee7c90d82367a93a 04-Aug-2011 Ted Kremenek <kremenek@apple.com> [analyzer] rename all experimental checker packages to have 'experimental' be the common root package.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136835 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
0fa6bf7f021880e625dab018a25877fb0164d038 28-Jun-2011 Jordy Rose <jediknil@belkadan.com> [analyzer] strnlen isn't a builtin, don't test for it


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133994 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
8912aaedb413b15f6dd1d8997d80e1d505f7d52f 20-Jun-2011 Jordy Rose <jediknil@belkadan.com> [analyzer] Finish size argument checking for strncat (and strncpy).


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133472 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
5e5f15062bcf4b62fda9062b453178f8b9bd0c2d 20-Jun-2011 Jordy Rose <jediknil@belkadan.com> [analyzer] Re-enable checking for strncpy, along with a new validation of the size argument. strncat is not yet up-to-date, but I'm leaving it enabled for now (there shouldn't be any false positives, at least...)


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133408 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
9e49d9fbdc861c25c2480233147dee07f5fa9660 20-Jun-2011 Jordy Rose <jediknil@belkadan.com> [analyzer] Eliminate "byte string function" from CStringChecker's diagnostics, and make it easier to provide custom messages for overflow checking, in preparation for re-enabling strncpy checking.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133406 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
adc42d412d747391dbcee234610f00b0f087cf7b 16-Jun-2011 Jordy Rose <jediknil@belkadan.com> [analyzer] Clean up modeling of strcmp, including cases where a string literal has an embedded null character, and where both arguments are the same buffer. Also use nested ifs rather than early returns; in this case early returns will lose any assumptions we've made earlier in the function.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133154 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
d5af0e17b00ab2ee6a8c1f352bb9eeb1cc5b2d07 15-Jun-2011 Jordy Rose <jediknil@belkadan.com> [analyzer] Revise CStringChecker's modelling of strcpy() and strcat():
- (bounded copies) Be more conservative about how much is being copied.
- (str(n)cat) If we can't compute the exact final length of an append operation, we can still lower-bound it.
- (stpcpy) Fix the conjured return value at the end to actually be returned.

This requires these supporting changes:
- C string metadata symbols are still live even when buried in a SymExpr.
- "Hypothetical" C string lengths, to represent a value that /will/ be passed to setCStringLength() if all goes well. (The idea is to allow for temporary constrainable symbols that may end up becoming permanent.)
- The 'checkAdditionOverflow' helper makes sure that the two strings being appended in a strcat don't overflow size_t. This should never *actually* happen; the real effect is to keep the final string length from "wrapping around" in the constraint manager.

This doesn't actually test the "bounded" operations (strncpy and strncat) because they can leave strings unterminated. Next on the list!


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133046 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
467f7c8ba2b3c3b65065d05323696ded5d8a93a9 14-Jun-2011 Jordy Rose <jediknil@belkadan.com> [analyzer] CStringChecker checks functions in the C standard library, not C++. Its external name is now unix.experimental.CString.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@132958 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
793bff3fb7ca2a31e81aa7f4f3f21f921459010b 14-Jun-2011 Jordy Rose <jediknil@belkadan.com> [analyzer] Fix modeling of strnlen to be more conservative. Move tests we can't properly model (yet?) to string-fail.c.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@132955 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
094ea0afcfa79eb0c4a2c35a059491be3ab954a9 03-May-2011 Lenny Maiorani <lenny@colorado.edu> Removing strncpy() checking in CString checker for now. Some significant changes need to be made to properly support modeling of it since it potentially leaves strings non-null terminated.



git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@130758 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
454fd2d3a1b6d0ef225c5d3927c1ad3b97510d1a 02-May-2011 Lenny Maiorani <lenny@colorado.edu> Implements strncasecmp() checker and simplifies some of the logic around creating substrings if necessary and calling the appropriate StringRef::compare/compare_lower().



git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@130708 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
bd1d16a1792cd6ea5ede9869e18d781e3fc1a8c3 28-Apr-2011 Lenny Maiorani <lenny@colorado.edu> Implements strcasecmp() checker in Static Analyzer.



git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@130398 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
8a285ae6fc4926cc4e419025eec63e2d6696e13f 26-Apr-2011 Argyrios Kyrtzidis <akyrtzi@gmail.com> Emit a -Wnull-dereference warning for "*null" not just "*null = something". Addresses rdar://9269271.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@130207 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
357f6ee9f1f6f8e5027377cb3e5907c62c4fe3df 26-Apr-2011 Lenny Maiorani <lenny@colorado.edu> Implements the strncmp() checker just like the strcmp() checker, but with bounds. Requires LLVM svn r129582.



git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@130161 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
fc8f0e14ad142ed811e90fbd9a30e419e301c717 15-Apr-2011 Chris Lattner <sabre@nondot.org> fix a bunch of comment typos found by codespell. Patch by
Luis Felipe Strano Moraes!



git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@129559 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
318dd92ad834857ea5bb91de288c1eb56cdbec1a 12-Apr-2011 Lenny Maiorani <lenny@colorado.edu> This patch adds modeling of strcmp() to the CString checker. Validates inputs are not NULL and are real C strings, then does the comparison and binds the proper return value. Unit tests included.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@129364 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
067bbd0e11c71a33b51832532e836971be697699 09-Apr-2011 Lenny Maiorani <lenny@colorado.edu> strcat() and strncat() model additions to CStringChecker.

Validates inputs are not NULL, checks for overlapping strings, concatenates the strings checking for buffer overflow, sets the length of the destination string to the sum of the s1 length and the s2 length, binds the return value to the s1 value.



git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@129215 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
5188507b9a1b09ec95c14ffadf0e832f2b47aa8a 24-Mar-2011 Ted Kremenek <kremenek@apple.com> Rework checker "packages" and groups to be more hierarchical.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128187 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
e224ba7e3e604113aa160c379293bcb6425e8f36 07-Mar-2011 Carl Norum <carl.norum@apple.com> Fix tests to account for new warning "expected ';' at end of declaration list". Sorry, folks!


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@127188 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
c4d2c9074be6eb2091086eddd6c8f052f3b245c8 28-Feb-2011 Argyrios Kyrtzidis <akyrtzi@gmail.com> [analyzer] Remove '-analyzer-check-objc-mem' flag, the nominee for best misnomer award.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126676 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
b3d74da3e1620c9a7a378afb5f244e4987e6713e 28-Feb-2011 Argyrios Kyrtzidis <akyrtzi@gmail.com> [analyzer] Migrate NSErrorChecker and DereferenceChecker to CheckerV2.

They cooperate in that NSErrorChecker listens for ImplicitNullDerefEvent events that
DereferenceChecker can dispatch.
ImplicitNullDerefEvent is when we dereferenced a location that may be null.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126659 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
38c8fe705ec4a8efa8992b99ab6d264fff14ca36 24-Feb-2011 Argyrios Kyrtzidis <akyrtzi@gmail.com> Allow passing a list of comma separated checker names to -analyzer-checker, e.g:
-analyzer-checker=cocoa,unix

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126372 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
0ef473f75426f0a95635d0a9dd567d27b07dbd5b 22-Feb-2011 Ted Kremenek <kremenek@apple.com> Add CStringChecker support for strncpy. Patch by Lenny Maiorani!

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126188 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
be4242ce039f0542ea0dd5f234aa0ee698f90c53 22-Feb-2011 Ted Kremenek <kremenek@apple.com> Add CStringChecker support for strnlen. Patch by Lenny Maiorani!

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126187 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
a0decc9a2481f938e1675b4f7bbd58761a882a36 15-Feb-2011 Argyrios Kyrtzidis <akyrtzi@gmail.com> [analyzer] Use the new registration mechanism on some of the experimental checks. These are:

CStringChecker
ChrootChecker
MallocChecker
PthreadLockChecker
StreamChecker
UnreachableCodeChecker

MallocChecker creates implicit dependencies between checkers and needs to be handled differently.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125598 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
e64f311c11a8751867c2538807054f4817c1f5cb 16-Aug-2010 Jordy Rose <jediknil@belkadan.com> Model the effects of strcpy() and stpcpy() in CStringChecker. Other changes:
- Fix memcpy() and friends to actually invalidate the destination buffer.
- Emit a different message for out-of-bounds buffer accesses if the buffer is being written to.
- When conjuring symbols, let ValueManager figure out the type.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@111120 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
a5261549754fab80e30e893d8fa706bfb31e430a 14-Aug-2010 Jordy Rose <jediknil@belkadan.com> Update CStringChecker to take advantage of the new metadata symbols and region change callback. Now does basic tracking of string length for general regions. Currently this is still only used for modeling strlen().


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@111081 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
7bce3a122296eba0e74f401c188e55c71935132f 28-Jul-2010 Tom Care <tcare@apple.com> Added some false positive checking to UnreachableCodeChecker
- Allowed reporting of dead macros
- Added path walking function to search for false positives in conditional statements
- Updated some affected tests
- Added some false positive test cases

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@109561 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c
19c5dd120e42b1ba0642309a185c70f4a41aadbd 27-Jul-2010 Jordy Rose <jediknil@belkadan.com> Groundwork for C string length tracking. Currently only handles the length of constant string literals, which is not too helpful, and only calls to strlen() are checked.


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@109480 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/string.c