| 55e57a50a36749ce0483db2f16259649c9d25792 |
|
11-Apr-2013 |
Anton Yartsev <anton.yartsev@gmail.com> |
[analyzer] Switched to checkPreCall interface for detecting usage after free.
Now the check is also applied to arguments for Objective-C method calls and to 'this' pointer.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179230 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| 849c7bf718ed3c08bd66b93f0bd508a44bb2f669 |
|
28-Mar-2013 |
Anton Yartsev <anton.yartsev@gmail.com> |
[analyzer] These implements unix.MismatchedDeallocatorChecker checker.
+ Improved display names for allocators and deallocators
The checker checks if a deallocation function matches allocation one. ('free' for 'malloc', 'delete' for 'new' etc.)
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@178250 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| 9fe09f30f76cb65ca2a5fcd8e649f5b2f0cf02bd |
|
09-Mar-2013 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Be more consistent about Objective-C methods that free memory.
Previously, MallocChecker's pointer escape check and its post-call state
update for Objective-C method calls had a fair amount duplicated logic
and not-entirely-consistent checks. This commit restructures all this to
be more consistent and possibly allow us to be more aggressive in warning
about double-frees.
New policy (applies to system header methods only):
(1) If this is a method we know about, model it as taking/holding ownership
of the passed-in buffer.
(1a) ...unless there's a "freeWhenDone:" parameter with a zero (NO) value.
(2) If there's a "freeWhenDone:" parameter (but it's not a method we know
about), treat the buffer as escaping if the value is non-zero (YES) and
non-escaping if it's zero (NO).
(3) If the first selector piece ends with "NoCopy" (but it's not a method we
know about and there's no "freeWhenDone:" parameter), treat the buffer
as escaping.
The reason that (2) and (3) don't explicitly model the ownership transfer is
because we can't be sure that they will actually free the memory using free(),
and we wouldn't want to emit a spurious "mismatched allocator" warning
(coming in Anton's upcoming patch). In the future, we may have an idea of a
"generic deallocation", i.e. we assume that the deallocator is correct but
still continue tracking the region so that we can warn about double-frees.
Patch by Anton Yartsev, with modifications from me.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@176744 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| c2cca2361aeafdf9170de2695b17d8bcd1c6f7db |
|
11-Dec-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Don't generate a summary for "freeWhenDone" if method is
inlined.
Fixes a false positive that occurs if a user writes their own
initWithBytesNoCopy:freeWhenDone wrapper.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@169795 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| 2ccecfaa4852c134191d4075d94e09399ab46fea |
|
13-Nov-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Address Jordan's code review for r167813.
This simplifies logic, fixes a bug, and adds a test case.
Thanks Jordan!
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167868 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| cbf5f60996fa2bd0ecd779b1472dc5cbad3ca464 |
|
13-Nov-2012 |
Anna Zaks <ganna@apple.com> |
Add a test that shows that reporting a leak after failure to free is
tricky.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167814 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| 4141e4dcab6b175374710925aa90d547600a5e66 |
|
13-Nov-2012 |
Anna Zaks <ganna@apple.com> |
Fix a Malloc Checker FP by tracking return values from initWithCharacter
and other functions.
When these functions return null, the pointer is not freed by
them/ownership is not transfered. So we should allow the user to free
the pointer by calling another function when the return value is NULL.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@167813 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| 1b22cec353bc6112653d50b060a1d78d70c51527 |
|
12-Sep-2012 |
Chandler Carruth <chandlerc@gmail.com> |
Adjust some analyzer tests to place widely shared inputs inside of an
'Inputs' subdirectory.
The general desire has been to have essentially all of the non-test
input files live in such directories, with some exceptions for obvious
and common patterns like 'foo.c' using 'foo.h'.
This came up because our distributed test runner couldn't find some of
the headers, for example with stl.cpp.
No functionality changed, just shuffling around here.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163674 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| 7186dc63094d3ba24e57e16a66a226d21448dd4f |
|
23-Jun-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Teach malloc checker that initWith[Bytes|Characters}NoCopy
relinquish memory.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159043 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| 3e4f65d863bff9c4bbb2e7061a5d69b8c0366d66 |
|
23-Jun-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Fixup to r158958.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159037 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| 5b7aa34167f23e6137bd257addac4dd67f612ec4 |
|
22-Jun-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Malloc: Warn about use-after-free when memory ownership was
transfered with dataWithBytesNoCopy.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158958 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| 5f75768579b9b1d70d01903ab4766aede65defcc |
|
19-Jun-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Allow pointers to escape into NSPointerArray.
(Fixes radar://11691035 PR13140)
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158703 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| aca0ac58d2ae80d764e3832456667d7322445e0c |
|
04-May-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Allow pointers escape through calls containing callback args.
(Since we don't have a generic pointer escape callback, modify
ExprEngineCallAndReturn as well as the malloc checker.)
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156134 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| 7947bb127629faff4897f04e579d80fd0d7f97f0 |
|
06-Apr-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer]Fix false positive: pointer might escape through CG*WithData.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@154156 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| 62a5c34ddc54696725683f6c5af1c8e1592c5c38 |
|
30-Mar-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer]Malloc,RetainRelease: Allow pointer to escape via NSMapInsert.
Fixes a false positive (radar://11152419). The current solution of
adding the info into 3 places is quite ugly. Pending a generic pointer
escapes callback.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153731 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| 4cd7edfa851ff5d9b37d09539a77685a12e82994 |
|
26-Mar-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Malloc: Allow a pointer to escape through OSAtomicEnqueue.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153453 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| f5aa3f5e58356d0bea823fe75dd7bf6aea6f47f4 |
|
22-Mar-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Malloc: drop symbols captured by blocks.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@153232 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| fb7f76f285faa4c21d299f2bce8f55de3f71e548 |
|
05-Mar-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Malloc should assume that ownership is transfered when
calling an ObjC method ending with 'NoCopy'.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@152037 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| ca23eb212c78ac5bc62d0881635579dbe7095639 |
|
29-Feb-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Malloc: A pointer might escape through CFContainers APIs,
funopen, setvbuf.
Teach the checker and the engine about these APIs to resolve malloc
false positives. As I am adding more of these APIs, it is clear that all
this should be factored out into a separate callback (for example,
region escapes). Malloc, KeyChainAPI and RetainRelease checkers could
all use it.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151737 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| 07d39a479cf8f20294407e749f9933da34ebecb7 |
|
28-Feb-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Fix Malloc False Positive (PR 12100)
When allocated buffer is passed to CF/NS..NoCopy functions, the
ownership is transfered unless the deallocator argument is set to
'kCFAllocatorNull'.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151608 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| 3cd89ad193834e766ce5dc24e260aa8615d0d5e1 |
|
25-Feb-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Malloc: reason about the ObjC messages and C++.
Assume none of the ObjC messages defined in system headers free memory,
except for the ones containing 'freeWhenDone' selector. Currently, just
assume that the region escapes to the messages with 'freeWhenDone'
(ideally, we want to treat it as 'free()').
For now, always assume that regions escape when passed to C++ methods.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@151410 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| bb2a6864f111e13f7905725963649c60c60bf18b |
|
20-Feb-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Turn on by default the Malloc Checker and a couple of CString
checks:
- unix.Malloc - Checks for memory leaks, double free, use-after-free.
- unix.cstring.NullArg - Checks for null pointers passed as arguments to
CString functions + evaluates CString functions.
- unix.cstring.BadSizeArg - Checks for common anti-patterns in
strncat size argument.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150988 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|
| ad901a6cf3c57d7dd3d7b400835440992e99cff8 |
|
16-Feb-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] MallocChecker: more tests.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@150734 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/malloc.mm
|