qualified reference to a declaration that is not a non-static data
member or non-static member function, e.g.,
namespace N { int i; }
int j = N::i;
Instead, extend DeclRefExpr to optionally store the qualifier. Most
clients won't see or care about the difference (since
QualifierDeclRefExpr inherited DeclRefExpr). However, this reduces the
number of top-level expression types that clients need to cope with,
brings the implementation of DeclRefExpr into line with MemberExpr,
and simplifies and unifies our handling of declaration references.
Extended DeclRefExpr to (optionally) store explicitly-specified
template arguments. This occurs when naming a declaration via a
template-id (which will be stored in a TemplateIdRefExpr) that,
following template argument deduction and (possibly) overload
resolution, is replaced with a DeclRefExpr that refers to a template
specialization but maintains the template arguments as written.
llvm-svn: 84962
AnalysisManager periodically cleanup its AnalysisContextManager and LocationContextManager objects,
as they don't need to forever retain all the CFGs ever created when analyzing a file.
llvm-svn: 84684
RegionStoreManager::Retrieve() that was intended to handle conflated uses of pointers as integers.
It turns out this isn't needed, and resulted in inconsistent behavior when creating symbolic values on the following test case in 'tests/Analysis/misc-ps.m':
typedef struct _BStruct { void *grue; } BStruct;
void testB_aux(void *ptr);
void testB(BStruct *b) {
{
int *__gruep__ = ((int *)&((b)->grue));
int __gruev__ = *__gruep__;
testB_aux(__gruep__);
}
{
int *__gruep__ = ((int *)&((b)->grue));
int __gruev__ = *__gruep__;
if (~0 != __gruev__) {}
}
}
When the code was analyzed with '-arch x86_64', the value assigned to '__gruev__' be would be a
symbolic integer, but for '-arch i386' the value assigned to '__gruev__' would be a symbolic region
(a blob of memory). With this change the value created is always a symbolic integer.
Since the code being removed was added to support analysis of code calling
OSAtomicCompareAndSwapXXX(), I also modified 'test/Analysis/NSString.m' to analyze the code in both
'-arch i386' and '-arch x86_64', and also added some complementary test cases to test the presence
of leaks when using OSAtomicCompareAndSwap32Barrier()/OSAtomicCompareAndSwap64Barrier() instead of
just their absence. This code change reveals that previously both RegionStore and BasicStore were
handling these cases wrong, and would never cause the analyzer to emit a leak in these cases (false
negatives). Now RegionStore gets it right, but BasicStore still gets it wrong (and hence it has been
disabled temporarily for this test case).
llvm-svn: 84163
'CVPixelBufferCreateWithPlanarBytes()' and
'CVPixelBufferCreateWithBytes' (Core Video API) can indirectly release
a pixel buffer object via a callback.
This fixes <rdar://problem/7283567>.
llvm-svn: 84064
Speedup: when doing 'clang-cc -analyze -dump-cfg' (without actual printing, just
CFG building) on the amalgamated SQLite source (all of SQLite in one source
file), runtime reduced by 9%.
This fixes: <rdar://problem/7250745>
llvm-svn: 83899
default binding for regions. This allows us to simply a lot of code. A
further simplification could be done is that many methods of
regionstore can only work on Store instead of GRState.
llvm-svn: 83762
adding assert
This fix required a few changes:
SimpleSValuator:
- Eagerly replace a symbolic value with its constant value in EvalBinOpNN
when it is constrained to a constant. This allows us to better constant fold
values along a path.
- Handle trivial case of '<', '>' comparison of pointers when the two pointers
are exactly the same.
RegionStoreManager:
llvm-svn: 83358
concrete types. Use unqualified desugaring for getAs<> and sundry.
Fix a few users to either not desugar or use qualified desugar, as seemed
appropriate. Removed Type's qualified desugar method, as it was easy
to accidentally use instead of QualType's.
llvm-svn: 83116
identified with a false positive reported by Thomas Clement. This
involved doing another rewrite of
RegionStoreManager::RemoveDeadBindings(), which phrases the entire
problem of scanning for dead regions as a graph exploration problem.
It is more methodic than the previous implementation.
llvm-svn: 83053
are only specially treated by RegionStore::InvalidateRegion() when
their super region is also invalidated. When this isn't the case,
conjure a new symbol for a FieldRegion. Thanks to Zhongxing Xu and
Daniel Dunbar for pointing out this issue.
llvm-svn: 83043
Zhongxing Xu