OSchip
/
llvm-project
mirror of https://github.com/THU-DSP-LAB/llvm-project.git
13
0
Fork 6
Code Issues Packages Projects Releases Wiki Activity
57,460 Commits 31 Branches 0 Tags 2.2 GiB
Commit Graph

934 Commits

Author SHA1 Message Date
Ted Kremenek 605fee8445 New static analyzer check by Nikita Zhuk! 
"The attached patch generates warnings of cases where an ObjC message is sent to
a nil object and the size of return type of that message is larger than the size
of void pointer. This may result in undefined return values as described in PR
2718.  The patch also includes test cases."

llvm-svn: 68585
 2009-04-08 03:07:17 +00:00
Ted Kremenek 4d947facad Remove hack from LiveVariables analysis where variables whose address are taken 
are considered 'live'. This hack isn't needed anymore because we have a
separation in the path-sensitive analyzer between variable names and bindings;
the analyzer can continue to reason about the storage of a variable after its
name is no longer directly referenced.  Now the live variables analysis literally means "is this name live".

Along this line, update the dead stores checker to explicitly look for variables
whose values have escaped.

llvm-svn: 68504
 2009-04-07 05:25:24 +00:00
Ted Kremenek aed74642cb Remove GetLeakNode. This isn't the right approach. 
llvm-svn: 68502
 2009-04-07 05:07:44 +00:00
Ted Kremenek 8928d74e19 Remove period. 
llvm-svn: 68497
 2009-04-07 04:54:31 +00:00
Ted Kremenek e2f5a9f8e3 Eagerly compute the leak location when a leak occurs at the end of a path. 
llvm-svn: 68496
 2009-04-07 04:54:20 +00:00
Ted Kremenek 3cb8a84924 Removed some commented code. 
llvm-svn: 68495
 2009-04-07 04:53:35 +00:00
Ted Kremenek 86d52c4c02 PathDiagnostic generation: experiment with avoiding generation of control-flow 
pieces between block entrance and block end unless necessary.

llvm-svn: 68483
 2009-04-07 01:34:17 +00:00
Ted Kremenek 6fd0921bdb retain/release checker: When hunting for the leak location, don't walk the 
ExplodedGraph backwards. That may inadvertently result in reverse control-flow
edges in the PathDiagostic.

llvm-svn: 68477
 2009-04-07 00:12:43 +00:00
Ted Kremenek d7c1aaa6c5 Don't overguard to adding a control-flow piece when "alwaysAdd" is true. 
llvm-svn: 68476
 2009-04-07 00:11:40 +00:00
Ted Kremenek c4c9ed0f9b Rewrite control-flow diagnostic generation "extensive" algorithm using "edge 
contexts".  This allows us to use a stack of contexts to keep track of what control-flow pieces to include when exiting blocks like 'if', 'for', etc.

llvm-svn: 68473
 2009-04-06 23:06:54 +00:00
Ted Kremenek 92820d2d3d PathDiagnosticLocation now also wraps Decls. 
llvm-svn: 68470
 2009-04-06 22:33:35 +00:00
Ted Kremenek f9201d9799 Sentence-case bug type. 
llvm-svn: 68406
 2009-04-03 21:10:31 +00:00
Ted Kremenek 751e7e3833 retain/release checker: don't track NSPanel until we have better reasoning about 
the subtle ownership issues of such objects.

llvm-svn: 68397
 2009-04-03 19:02:51 +00:00
Zhongxing Xu ec7e7dfe0a This is the first step to gradually remove the use of loc::SymbolVal. Now 
when creating symbolic values, we distinguish between location and non-location
values. For location values, we create a symbolic region instead of a
loc::SymbolVal.

llvm-svn: 68373
 2009-04-03 07:33:13 +00:00
Ted Kremenek 6e4c284abe Sentence-type bug type and category. 
llvm-svn: 68345
 2009-04-02 22:50:16 +00:00
Ted Kremenek a2a735e7fa Add another null pointer check. Simplify condition. 
llvm-svn: 68283
 2009-04-02 03:44:00 +00:00
Ted Kremenek 7f905c2f0d Fix grammar. 
llvm-svn: 68282
 2009-04-02 03:42:38 +00:00
Ted Kremenek 5d6d7d8184 Add null pointer check. 
llvm-svn: 68281
 2009-04-02 03:30:55 +00:00
Ted Kremenek 6c3413c74a More title-casing of bug type names. 
llvm-svn: 68275
 2009-04-02 02:44:03 +00:00
Ted Kremenek d7c0872653 Title-case the names of bug types. 
llvm-svn: 68274
 2009-04-02 02:40:45 +00:00
Ted Kremenek b82dd53988 Title-case the names of bug types. 
llvm-svn: 68273
 2009-04-02 02:40:26 +00:00
Ted Kremenek afb066d1f5 BugReporter, extensive path-diagnostics: add an extra control-flow edge to the 
enclosing statement when jumping to a subexpression.

llvm-svn: 68244
 2009-04-01 21:12:06 +00:00
Ted Kremenek 95af35e251 Fix comment. 
llvm-svn: 68236
 2009-04-01 19:43:28 +00:00
Ted Kremenek ed47d79cc2 BugReporter: for extensive path diagnostics: 
- When processing BlockEdges with terminators, using the condition as the
  control-flow point for terminators that are expressions (e.g., '&&', '?')
- When processing events, allow intra-compound statement "jumping"

llvm-svn: 68228
 2009-04-01 18:48:52 +00:00
Ted Kremenek 9ce13241ff BugReporter: for extensive PathDiagnostic generation, add control-flow from the 
start of the function/method.

llvm-svn: 68217
 2009-04-01 17:52:26 +00:00
Ted Kremenek 45a75f718c BugReporter: For the "extensive" PathDiagnostic generation algorithm, elide most 
intra-compound statement jumps unless they are between terminators (i.e.,
branches).

llvm-svn: 68216
 2009-04-01 17:18:21 +00:00
Ted Kremenek 8b0dba358a Fix: <rdar://problem/6740387>. Sending nil to an object that returns a struct 
should only be an error if that value is consumed. This fix was largely
accomplished by moving 'isConsumedExpr' back to ParentMap.

llvm-svn: 68195
 2009-04-01 06:52:48 +00:00
Ted Kremenek 0bb0909233 - Changed PathDiagnosticPiece::getLocation() to return a PathDiagnosticLocation 
instead of a FullSourceLoc. This resulted in a bunch of small edits in various
  clients.
- Updated BugReporter to include an alternate PathDiagnostic generation
  algorithm for PathDiagnosticClients desiring more control-flow pieces.

llvm-svn: 68193
 2009-04-01 06:13:56 +00:00
Ted Kremenek 7062c50772 More code reshuffling. No functionality change. 
llvm-svn: 68157
 2009-03-31 23:00:32 +00:00
Ted Kremenek 4e81c3ccac Allow two codepaths for PathDiagnostic generation. This patch mainly consists of 
refactoring to make this possible (no functionality change).

llvm-svn: 68141
 2009-03-31 20:22:36 +00:00
Ted Kremenek 7857bd2743 Re-apply 68028. The code had drifted enough that the tests would fail without 
it.  Will discuss offline whether symbolic regions should by typed or typeless.

llvm-svn: 68070
 2009-03-30 22:20:54 +00:00
Ted Kremenek 5715393da2 Revert 68028. 
llvm-svn: 68068
 2009-03-30 21:56:17 +00:00
Ted Kremenek 3cd88e5d99 Remove dead code. 
llvm-svn: 68063
 2009-03-30 21:27:41 +00:00
Ted Kremenek ac508988a5 Simplify more code by using SVal::getAsSymbol(). 
llvm-svn: 68052
 2009-03-30 19:53:37 +00:00
Ted Kremenek 248fd2bc24 Simplify more code by using SVal::getAsSymbol() instead of 
loc::SymbolVal/nonloc::SymbolVal probing.

llvm-svn: 68049
 2009-03-30 18:45:36 +00:00
Ted Kremenek a53eb7fa80 Convert use of loc::SymbolVal and nonloc::SymbolVal to V.getAsSymbol(). This 
also makes this code more correct as it transparently handles SVals that wrapped
TypedViewRegions(SymbolicRegions).

llvm-svn: 68048
 2009-03-30 18:39:15 +00:00
Ted Kremenek 4967c8979e Add version of GRExprEngine::AddCheck that registered a GRSimpleAPICheck that 
will be called for every expression in a basic block.

llvm-svn: 68041
 2009-03-30 17:53:05 +00:00
Zhongxing Xu 5415b207e3 Make SymbolicRegion untyped. 
Layer the type information with a TypedViewRegion on top of the SymbolicRegion.

llvm-svn: 68028
 2009-03-30 06:48:56 +00:00
Zhongxing Xu a865b79f87 Implement a FIXME. 
llvm-svn: 68024
 2009-03-30 05:55:46 +00:00
Ted Kremenek 035cf930d5 Fix regression in pointer comparison with NULL (e.g., 0 != ptr). This fixes 
<rdar://problem/6732151>.

llvm-svn: 67954
 2009-03-28 19:59:33 +00:00
Ted Kremenek b505811250 Adjust control-flow endpoints for '&&' and '||'. 
llvm-svn: 67948
 2009-03-28 17:33:57 +00:00
Chris Lattner 529efc74ad rename some methods. 
llvm-svn: 67923
 2009-03-28 06:33:19 +00:00
Ted Kremenek cd58cced81 Text PathDiagnosticBuilder::getEnclosingStmt() about '?' 
llvm-svn: 67909
 2009-03-28 04:08:14 +00:00
Ted Kremenek b9411565ea Teach PathDiagnosticBuilder::getEnclosingStmtLocation() about while/if/do/for, 
etc., so that the "body" is always considered a top-level statement for edge
transitions (even if it is an expression).

llvm-svn: 67901
 2009-03-28 03:37:59 +00:00
Eli Friedman 8b7b1b1aee Change compound assignment operators to keep track of both the promoted 
LHS type and the computation result type; this encodes information into 
the AST which is otherwise non-obvious.  Fix Sema to always come up with the 
right answer for both of these types.  Fix IRGen and the analyzer to 
account for these changes.  This fixes PR2601.  The approach is inspired 
by PR2601 comment 2.

Note that this changes real *= complex in CodeGen from a silent 
miscompilation to an explicit error.

I'm not really sure that the analyzer changes are correct, or how to 
test them... someone more familiar with the analyzer should check those 
changes.

llvm-svn: 67889
 2009-03-28 01:22:36 +00:00
Ted Kremenek 7a621b9747 BugReporter: For control-flow edges from 'if', 'for', 'do', 'while' to 
successor, using 'getEnclosingStmt()' to have the end location be the top-level
Stmt* enclosing the target Expr*.

llvm-svn: 67869
 2009-03-27 21:16:25 +00:00
Ted Kremenek 41d865cbaa BugReporter: PathDiagnosticBuilder::ExecutionContinues now returns a 
PathDiagnosticLocation.

llvm-svn: 67866
 2009-03-27 20:55:39 +00:00
Zhongxing Xu 17e28b7a54 remove dead code. 
llvm-svn: 67825
 2009-03-27 05:31:12 +00:00
Ted Kremenek a7ec0ded63 BugReporter: 
- Added an internal helper class 'PathDiagnosticBuilder' which now bundles the
  'ExecutionContinues' methods.
- Added preliminary diagnostics for short-circuit '&&' and '||'

llvm-svn: 67822
 2009-03-27 05:06:10 +00:00
Zhongxing Xu c1c09b1f35 remove the updated notes. 
llvm-svn: 67813
 2009-03-27 02:22:41 +00:00