| c568f1e98938584c0ef0b12ae5018ff7d90a4072 |
|
21-Jul-2014 |
Stephen Hines <srhines@google.com> |
Update Clang for rebase to r212749.
This also fixes a small issue with arm_neon.h not being generated always.
Includes a cherry-pick of:
r213450 - fixes mac-specific header issue
r213126 - removes a default -Bsymbolic on Android
Change-Id: I2a790a0f5d3b2aab11de596fc3a74e7cbc99081d
/external/clang/test/Analysis/reference.cpp
|
| 7f1fd2f182717d5ce6cde60398128910c90f98be |
|
29-May-2013 |
Anna Zaks <ganna@apple.com> |
[analyzer] Use the expression’s type instead of region’s type in ArrayToPointer decay evaluation
This gives slightly better precision, specifically, in cases where a non-typed region represents the array
or when the type is a non-array type, which can happen when an array is a result of a reinterpret_cast.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@182810 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| 86f1745be24c834175e7a8a51b12f9a0063d532e |
|
18-Apr-2013 |
Anna Zaks <ganna@apple.com> |
[analyzer] Tweak getDerefExpr more to track DeclRefExprs to references.
In the committed example, we now see a note that tells us when the pointer
was assumed to be null.
This is the only case in which getDerefExpr returned null (failed to get
the dereferenced expr) throughout our regression tests. (There were multiple
occurrences of this one.)
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179736 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| 1fd1e288d0f45b86d191d8f53f569e5143f3a18a |
|
11-Apr-2013 |
Jordan Rose <jordan_rose@apple.com> |
Force a load when creating a reference to a temporary copied from a bitfield.
For this source:
const int &ref = someStruct.bitfield;
We used to generate this AST:
DeclStmt [...]
`-VarDecl [...] ref 'const int &'
`-MaterializeTemporaryExpr [...] 'const int' lvalue
`-ImplicitCastExpr [...] 'const int' lvalue <NoOp>
`-MemberExpr [...] 'int' lvalue bitfield .bitfield [...]
`-DeclRefExpr [...] 'struct X' lvalue ParmVar [...] 'someStruct' 'struct X'
Notice the lvalue inside the MaterializeTemporaryExpr, which is very
confusing (and caused an assertion to fire in the analyzer - PR15694).
We now generate this:
DeclStmt [...]
`-VarDecl [...] ref 'const int &'
`-MaterializeTemporaryExpr [...] 'const int' lvalue
`-ImplicitCastExpr [...] 'int' <LValueToRValue>
`-MemberExpr [...] 'int' lvalue bitfield .bitfield [...]
`-DeclRefExpr [...] 'struct X' lvalue ParmVar [...] 'someStruct' 'struct X'
Which makes a lot more sense. This allows us to remove code in both
CodeGen and AST that hacked around this special case.
The commit also makes Clang accept this (legal) C++11 code:
int &&ref = std::move(someStruct).bitfield
PR15694 / <rdar://problem/13600396>
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@179250 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| 018e9aa033ff7363797c62fc3b14669d0558284b |
|
07-Mar-2013 |
Anna Zaks <ganna@apple.com> |
[analyzer] Warn on passing a reference to null pointer as an argument in a call
Warn about null pointer dereference earlier when a reference to a null pointer is
passed in a call. The idea is that even though the standard might allow this, reporting
the issue earlier is better for diagnostics (the error is reported closer to the place where
the pointer was set to NULL). This also simplifies analyzer’s diagnostic logic, which has
to track “where the null came from”. As a consequence, some of our null pointer
warning suppression mechanisms started triggering more often.
TODO: Change the name of the file and class to reflect the new check.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@176612 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| c236b7327f989c1e7fe6b08a188bfef86727513d |
|
07-Mar-2013 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Check for returning null references in ReturnUndefChecker.
Officially in the C++ standard, a null reference cannot exist. However,
it's still very easy to create one:
int &getNullRef() {
int *p = 0;
return *p;
}
We already check that binds to reference regions don't create null references.
This patch checks that we don't create null references by returning, either.
<rdar://problem/13364378>
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@176601 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| f1e67d75fc922ff905de9faa6326bb1a96685ec1 |
|
17-Oct-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Create a temporary region when accessing a struct rvalue.
In C++, rvalues that need to have their address taken (for example, to be
passed to a function by const reference) will be wrapped in a
MaterializeTemporaryExpr, which lets CodeGen know to create a temporary
region to store this value. However, MaterializeTemporaryExprs are /not/
created when a method is called on an rvalue struct, even though the 'this'
pointer needs a valid value. CodeGen works around this by creating a
temporary region anyway; now, so does the analyzer.
The analyzer also does this when accessing a field of a struct rvalue.
This is a little unfortunate, since the rest of the struct will soon be
thrown away, but it does make things consistent with the rest of the
analyzer.
This allows us to bring back the assumption that all known 'this' values
are Locs. This is a revised version of r164828-9, reverted in r164876-7.
<rdar://problem/12137950>
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@166120 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| ce6644bc1e921833f9b3c10cf7d4a0b78e8d5dc9 |
|
29-Sep-2012 |
Jordan Rose <jordan_rose@apple.com> |
Revert "[analyzer] Create a temporary region for rvalue structs when accessing fields"
This reverts commit 6f61df3e7256413dcb99afb9673f4206e3c4992c.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164877 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| 6f61df3e7256413dcb99afb9673f4206e3c4992c |
|
28-Sep-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Create a temporary region for rvalue structs when accessing fields
Struct rvalues are represented in the analyzer by CompoundVals,
LazyCompoundVals, or plain ConjuredSymbols -- none of which have associated
regions. If the entire structure is going to persist, this is not a
problem -- either the rvalue will be assigned to an existing region, or
a MaterializeTemporaryExpr will be present to create a temporary region.
However, if we just need a field from the struct, we need to create the
temporary region ourselves.
This is inspired by the way CodeGen handles calls to temporaries;
support for that in the analyzer is coming next.
Part of <rdar://problem/12137950>
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@164828 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| 6ebea89be233eaba5e29de8cf3524ad150c860bb |
|
05-Sep-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Be more forgiving about calling methods on struct rvalues.
The problem is that the value of 'this' in a C++ member function call
should always be a region (or NULL). However, if the object is an rvalue,
it has no associated region (only a conjured symbol or LazyCompoundVal).
For now, we handle this in two ways:
1) Actually respect MaterializeTemporaryExpr. Before, it was relying on
CXXConstructExpr to create temporary regions for all struct values.
Now it just does the right thing: if the value is not in a temporary
region, create one.
2) Have CallEvent recognize the case where its 'this' pointer is a
non-region, and just return UnknownVal to keep from confusing clients.
The long-term problem is being tracked internally in <rdar://problem/12137950>,
but this makes many test cases pass.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163220 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| fd11957f02da689480618d5fc642ef14164e9cdc |
|
05-Sep-2012 |
Jordan Rose <jordan_rose@apple.com> |
Revert "[analyzer] Treat all struct values as regions (even rvalues)."
This turned out to have many implications, but what eventually seemed to
make it unworkable was the fact that we can get struct values (as
LazyCompoundVals) from other places besides return-by-value function calls;
that is, we weren't actually able to "treat all struct values as regions"
consistently across the entire analyzer core.
Hopefully we'll be able to come up with an alternate solution soon.
This reverts r163066 / 02df4f0aef142f00d4637cd851e54da2a123ca8e.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163218 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| 02df4f0aef142f00d4637cd851e54da2a123ca8e |
|
01-Sep-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Treat all struct values as regions (even rvalues).
This allows us to correctly symbolicate the fields of structs returned by
value, as well as get the proper 'this' value for when methods are called
on structs returned by value.
This does require a moderately ugly hack in the StoreManager: if we assign
a "struct value" to a struct region, that now appears as a Loc value being
bound to a region of struct type. We handle this by simply "dereferencing"
the struct value region, which should create a LazyCompoundVal.
This should fix recent crashes analyzing LLVM and on our internal buildbot.
<rdar://problem/12137950>
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163066 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| 5699f62df144545702b91e91836a63db4e5f2627 |
|
01-Sep-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Always derive a CallEvent's return type from its origin expr.
Previously, we preferred to get a result type by looking at the callee's
declared result type. This allowed us to handlereferences, which are
represented in the AST as lvalues of their pointee type. (That is, a call
to a function returning 'int &' has type 'int' and value kind 'lvalue'.)
However, this results in us preferring the original type of a function
over a casted type. This is a problem when a function pointer is casted
to another type, because the conjured result value will have the wrong
type. AdjustedReturnValueChecker is supposed to handle this, but still
doesn't handle the case where there is no "original function" at all,
i.e. where the callee is unknown.
Now, we instead look at the call expression's value kind (lvalue, xvalue,
or prvalue), and adjust the expr's type accordingly. This will have no
effect when the function is inlined, and will conjure the value that will
actually be used when it is not.
This makes AdjustedReturnValueChecker /nearly/ unnecessary; unfortunately,
the cases where it would still be useful are where we need to cast the
result of an inlined function or a checker-evaluated function, and in these
cases we don't know what we're casting /from/ by the time we can do post-
call checks. In light of that, remove AdjustedReturnValueChecker, which
was already not checking quite a few calls.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163065 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| cdc3a89d5de90b2299c56f4a46c3de590c5184d1 |
|
24-Aug-2012 |
Ted Kremenek <kremenek@apple.com> |
Fix analyzer tests.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162588 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| efb3d56720654f5355ff8fc666499cc6554034f4 |
|
22-Aug-2012 |
Ted Kremenek <kremenek@apple.com> |
Despite me asking Jordan to do r162313, revert it. We can provide
another way to whitelist these special cases. This is an intermediate patch.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162386 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| e3f3825bd82f84f2a1ae0a02274a33298bb720b3 |
|
22-Aug-2012 |
Ted Kremenek <kremenek@apple.com> |
Remove BasicConstraintManager. It hasn't been in active service for a while.
As part of this change, I discovered that a few of our tests were not testing
the RangeConstraintManager. Luckily all of those passed when I moved them
over to use that constraint manager.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162384 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| 58fc86d68d53eb6c47cc34974b6f37627a5f386c |
|
21-Aug-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Push "references are non-null" knowledge up to the common parent.
This reduces duplication across the Basic and Range constraint managers, and
keeps their internals free of dealing with the semantics of C++. It's still
a little unfortunate that the constraint manager is dealing with this at all,
but this is pretty much the only place to put it so that it will apply to all
symbolic values, even when embedded in larger expressions.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162313 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| a34d4f47321324187ed57948628f5938357ae034 |
|
21-Aug-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Assume that reference symbols are non-null.
By doing this in the constraint managers, we can ensure that ANY reference
whose value we don't know gets the effect, even if it's not a top-level
parameter.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@162246 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| 522f46f497d9ccecc8bc2f5ec132b9bb7060dee1 |
|
04-Aug-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Don't assume values bound to references are automatically non-null.
While there is no such thing as a "null reference" in the C++ standard,
many implementations of references (including Clang's) do not actually
check that the location bound to them is non-null. Thus unlike a regular
null dereference, this will not cause a problem at runtime until the
reference is actually used. In order to catch these cases, we need to not
prune out paths on which the input pointer is null.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161288 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| 9f3b9d54ccbbf212591602f389ebde7923627490 |
|
02-Aug-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Add a simple check for initializing reference variables with null.
There's still more work to be done here; this doesn't catch reference
parameters or return values. But it's a step in the right direction.
Part of <rdar://problem/11212286>.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161214 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| 6b4be2ef4ce49717ff972434975ce3c34c9a1c4c |
|
31-Jul-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Getting an lvalue for a reference field still requires a load.
This was causing a crash in our array-to-pointer logic, since the region
was clearly not an array.
PR13440 / <rdar://problem/11977113>
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@161051 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| e337cba7c5db7f102f6d86c93ecdbf123ae197f1 |
|
16-May-2012 |
Jordy Rose <jediknil@belkadan.com> |
[analyzer] Fix RUN lines for old XFAIL tests, one of which actually works.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156921 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| d814eaf0dfb30f1cb6f90b056f8126f7e31e7ef4 |
|
24-Jan-2012 |
Eli Friedman <eli.friedman@gmail.com> |
Switch PerformImplicitConversion over to use DefaultLvalueConversion for lvalue-to-rvalue conversion.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@148874 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| 033a07e5fca459ed184369cfee7c90d82367a93a |
|
04-Aug-2011 |
Ted Kremenek <kremenek@apple.com> |
[analyzer] rename all experimental checker packages to have 'experimental' be the common root package.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136835 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| eea72a925f294225391ecec876a342771c09b635 |
|
29-Jul-2011 |
Ted Kremenek <kremenek@apple.com> |
[analyzer] fix handling of MaterializeTemporaryExpr by binding the result value to
the proper expression.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136412 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| c4d2c9074be6eb2091086eddd6c8f052f3b245c8 |
|
28-Feb-2011 |
Argyrios Kyrtzidis <akyrtzi@gmail.com> |
[analyzer] Remove '-analyzer-check-objc-mem' flag, the nominee for best misnomer award.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126676 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| 65d39251ff57b8e33cf6d3a7fcc6aa1c6f8cdc68 |
|
24-Feb-2011 |
Argyrios Kyrtzidis <akyrtzi@gmail.com> |
[analyzer] Remove '-analyzer-experimental-internal-checks' flag, it doesn't have any checkers associated with it anymore.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@126440 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| f45fbad13ee1f143a2cb6e806fefe22b48f68940 |
|
19-Dec-2010 |
Zhongxing Xu <xuzhongxing@gmail.com> |
If the initializer is an rvalue and the variable is a const reference,
create a temporary object for it.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@122161 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| 892697dd2287caf7c29aaaa82909b0e90b8b63fe |
|
16-Dec-2010 |
Ted Kremenek <kremenek@apple.com> |
Start migration of static analyzer to using the
implicit lvalue-to-rvalue casts that John McCall
recently introduced. This causes a whole bunch
of logic in the analyzer for handling lvalues
to vanish. It does, however, raise a few issues
in the analyzer w.r.t to modeling various constructs
(e.g., field accesses to compound literals).
The .c/.m analysis test cases that fail are
due to a missing lvalue-to-rvalue cast that
will get introduced into the AST. The .cpp
failures were more than I could investigate in
one go, and the patch was already getting huge.
I have XFAILED some of these tests, and they
should obviously be further investigated.
Some highlights of this patch include:
- CFG no longer requires an lvalue bit for
CFGElements
- StackFrameContext doesn't need an 'asLValue'
flag
- The "VisitLValue" path from GRExprEngine has
been eliminated.
Besides the test case failures (XFAILed), there
are surely other bugs that are fallout from
this change.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@121960 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| 5d55376106f1aeabfab0bcd7e0167db904409a06 |
|
04-Jun-2010 |
Jordy Rose <jediknil@belkadan.com> |
Assignments to reference variables shouldn't kill the variable.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@105452 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| fc61d94fbdbcd2b423976e21f24d423fcd442486 |
|
03-Jun-2010 |
Zhongxing Xu <xuzhongxing@gmail.com> |
CFG: add all LHS of assingments as lvalue. This improves support for C++ reference. Patch by Jordy.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@105383 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| 565e465c6d0093f1bf8414b2cabdc842022385a9 |
|
05-Feb-2010 |
Ted Kremenek <kremenek@apple.com> |
Rename -cc1 option '-checker-cfref' to '-analyzer-check-objc-mem'.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@95348 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| 3cd8bd4226dc39dbeb729edab42afaf440a02ef2 |
|
10-Jan-2010 |
Zhongxing Xu <xuzhongxing@gmail.com> |
Enhance test case.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@93101 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|
| bc37b8dd9914e02580f531fa6e5e72be34d9675e |
|
09-Jan-2010 |
Zhongxing Xu <xuzhongxing@gmail.com> |
When binding an rvalue to a reference, create a temporary object. Use
CXXObjectRegion to represent it.
In Environment, lookup a literal expression before make up a value for it.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@93047 91177308-0d34-0410-b5e6-96231b3b80d8
/external/clang/test/Analysis/reference.cpp
|