55e57a50a36749ce0483db2f16259649c9d25792 |
|
11-Apr-2013 |
Anton Yartsev <anton.yartsev@gmail.com> |
[analyzer] Switched to checkPreCall interface for detecting usage after free. Now the check is also applied to arguments for Objective-C method calls and to 'this' pointer. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179230 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
849c7bf718ed3c08bd66b93f0bd508a44bb2f669 |
|
28-Mar-2013 |
Anton Yartsev <anton.yartsev@gmail.com> |
[analyzer] These implements unix.MismatchedDeallocatorChecker checker. + Improved display names for allocators and deallocators The checker checks if a deallocation function matches allocation one. ('free' for 'malloc', 'delete' for 'new' etc.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178250 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
9fe09f30f76cb65ca2a5fcd8e649f5b2f0cf02bd |
|
09-Mar-2013 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Be more consistent about Objective-C methods that free memory. Previously, MallocChecker's pointer escape check and its post-call state update for Objective-C method calls had a fair amount duplicated logic and not-entirely-consistent checks. This commit restructures all this to be more consistent and possibly allow us to be more aggressive in warning about double-frees. New policy (applies to system header methods only): (1) If this is a method we know about, model it as taking/holding ownership of the passed-in buffer. (1a) ...unless there's a "freeWhenDone:" parameter with a zero (NO) value. (2) If there's a "freeWhenDone:" parameter (but it's not a method we know about), treat the buffer as escaping if the value is non-zero (YES) and non-escaping if it's zero (NO). (3) If the first selector piece ends with "NoCopy" (but it's not a method we know about and there's no "freeWhenDone:" parameter), treat the buffer as escaping. The reason that (2) and (3) don't explicitly model the ownership transfer is because we can't be sure that they will actually free the memory using free(), and we wouldn't want to emit a spurious "mismatched allocator" warning (coming in Anton's upcoming patch). In the future, we may have an idea of a "generic deallocation", i.e. we assume that the deallocator is correct but still continue tracking the region so that we can warn about double-frees. Patch by Anton Yartsev, with modifications from me. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@176744 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
c2cca2361aeafdf9170de2695b17d8bcd1c6f7db |
|
11-Dec-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Don't generate a summary for "freeWhenDone" if method is inlined. Fixes a false positive that occurs if a user writes their own initWithBytesNoCopy:freeWhenDone wrapper. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@169795 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
2ccecfaa4852c134191d4075d94e09399ab46fea |
|
13-Nov-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Address Jordan's code review for r167813. This simplifies logic, fixes a bug, and adds a test case. Thanks Jordan! git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167868 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
cbf5f60996fa2bd0ecd779b1472dc5cbad3ca464 |
|
13-Nov-2012 |
Anna Zaks <ganna@apple.com> |
Add a test that shows that reporting a leak after failure to free is tricky. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167814 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
4141e4dcab6b175374710925aa90d547600a5e66 |
|
13-Nov-2012 |
Anna Zaks <ganna@apple.com> |
Fix a Malloc Checker FP by tracking return values from initWithCharacter and other functions. When these functions return null, the pointer is not freed by them/ownership is not transfered. So we should allow the user to free the pointer by calling another function when the return value is NULL. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167813 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
1b22cec353bc6112653d50b060a1d78d70c51527 |
|
12-Sep-2012 |
Chandler Carruth <chandlerc@gmail.com> |
Adjust some analyzer tests to place widely shared inputs inside of an 'Inputs' subdirectory. The general desire has been to have essentially all of the non-test input files live in such directories, with some exceptions for obvious and common patterns like 'foo.c' using 'foo.h'. This came up because our distributed test runner couldn't find some of the headers, for example with stl.cpp. No functionality changed, just shuffling around here. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163674 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
7186dc63094d3ba24e57e16a66a226d21448dd4f |
|
23-Jun-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Teach malloc checker that initWith[Bytes|Characters}NoCopy relinquish memory. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159043 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
3e4f65d863bff9c4bbb2e7061a5d69b8c0366d66 |
|
23-Jun-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Fixup to r158958. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159037 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
5b7aa34167f23e6137bd257addac4dd67f612ec4 |
|
22-Jun-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Malloc: Warn about use-after-free when memory ownership was transfered with dataWithBytesNoCopy. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158958 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
5f75768579b9b1d70d01903ab4766aede65defcc |
|
19-Jun-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Allow pointers to escape into NSPointerArray. (Fixes radar://11691035 PR13140) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158703 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
aca0ac58d2ae80d764e3832456667d7322445e0c |
|
04-May-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Allow pointers escape through calls containing callback args. (Since we don't have a generic pointer escape callback, modify ExprEngineCallAndReturn as well as the malloc checker.) git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156134 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
7947bb127629faff4897f04e579d80fd0d7f97f0 |
|
06-Apr-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer]Fix false positive: pointer might escape through CG*WithData. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@154156 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
62a5c34ddc54696725683f6c5af1c8e1592c5c38 |
|
30-Mar-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer]Malloc,RetainRelease: Allow pointer to escape via NSMapInsert. Fixes a false positive (radar://11152419). The current solution of adding the info into 3 places is quite ugly. Pending a generic pointer escapes callback. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153731 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
4cd7edfa851ff5d9b37d09539a77685a12e82994 |
|
26-Mar-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Malloc: Allow a pointer to escape through OSAtomicEnqueue. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153453 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
f5aa3f5e58356d0bea823fe75dd7bf6aea6f47f4 |
|
22-Mar-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Malloc: drop symbols captured by blocks. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153232 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
fb7f76f285faa4c21d299f2bce8f55de3f71e548 |
|
05-Mar-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Malloc should assume that ownership is transfered when calling an ObjC method ending with 'NoCopy'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152037 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
ca23eb212c78ac5bc62d0881635579dbe7095639 |
|
29-Feb-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Malloc: A pointer might escape through CFContainers APIs, funopen, setvbuf. Teach the checker and the engine about these APIs to resolve malloc false positives. As I am adding more of these APIs, it is clear that all this should be factored out into a separate callback (for example, region escapes). Malloc, KeyChainAPI and RetainRelease checkers could all use it. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151737 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
07d39a479cf8f20294407e749f9933da34ebecb7 |
|
28-Feb-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Fix Malloc False Positive (PR 12100) When allocated buffer is passed to CF/NS..NoCopy functions, the ownership is transfered unless the deallocator argument is set to 'kCFAllocatorNull'. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151608 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
3cd89ad193834e766ce5dc24e260aa8615d0d5e1 |
|
25-Feb-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Malloc: reason about the ObjC messages and C++. Assume none of the ObjC messages defined in system headers free memory, except for the ones containing 'freeWhenDone' selector. Currently, just assume that the region escapes to the messages with 'freeWhenDone' (ideally, we want to treat it as 'free()'). For now, always assume that regions escape when passed to C++ methods. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151410 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
bb2a6864f111e13f7905725963649c60c60bf18b |
|
20-Feb-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Turn on by default the Malloc Checker and a couple of CString checks: - unix.Malloc - Checks for memory leaks, double free, use-after-free. - unix.cstring.NullArg - Checks for null pointers passed as arguments to CString functions + evaluates CString functions. - unix.cstring.BadSizeArg - Checks for common anti-patterns in strncat size argument. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150988 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
ad901a6cf3c57d7dd3d7b400835440992e99cff8 |
|
16-Feb-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] MallocChecker: more tests. git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150734 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|