| Age | Commit message (Collapse) | Author |
|---|
|
ElementRegion. I also removed 'ElementRegion::getArrayRegion',
although we may need to add this back.
This breaks a few test cases with RegionStore:
- 'array-struct.c' triggers an infinite recursion in RegionStoreManager. Need to investigate.
- misc-ps.m triggers a failure with RegionStoreManager as we now get the diagnostic:
'Line 159: Uninitialized or undefined return value returned to caller.'
There were a bunch of places that needed to be edit
RegionStoreManager, and we may not be passing all the correct 'element
types' down from GRExprEngine.
Zhongxing: When you get a chance, could you review this? I could have
easily screwed up something basic in RegionStoreManager.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70830 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- Fix retain checker test failures.
- Update retain checker to have annotations override default summary effects, not completely redefine them.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70828 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
which is returned instead of a null pointer. This helps centralize
the logic concerning "default effects".
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70826 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
We never compare summaries by their pointers, and we create only a
handful of them when analyzing a given function.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70824 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
"copy" in their name should be treated as owned
For methods that follow the "fundamental rule" and return Core
Foundation objects, treat those objects as owned by the caller.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70665 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
it much easier to clean up the summary generation logic with annotations.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70660 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70657 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
simplify the retrieve logic.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70651 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
occurs in GC mode.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70638 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
GRCoreEngine. This tends to result in shorter paths for pathological cases.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70585 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- Don't layer TypedViewRegions on top of any region except
SymbolicRegions and AllocaRegions. This follows from my offline
discussion within Zhongxing about how TypedViewRegions really only
represent memory getting re-appropriated for a new purpose.
Fallout from this change:
- Move test case from xfail_rdar_6440393.m to misc-ps-64.m
(it now passes).
- test/Analysis/fields.c now fails for region store (crash).
Marking XFAIL.
- test/Analysis/rdar-6441136-region.c now fails (only runs with region store).
Marking XFAIL.
Diagnosis: The analyzer now correctly identifies an early out-of-bounds memory
access then the one flagged:
rdar-6541136-region.c:17:3: warning: Load or store into an out-of-bound memory position.
*p = 1;
^~
Changing the line:
char *p = (void*) &wonky[1];
to
char *p = (void*) &wonky[0];
(which should delay the buffer overrun) causes region store to crash, probably
because it expects a TypedViewRegion.
- test/Analysis/casts.c (region store) now fails (crash).
Marking XFAIL.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70565 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
pointer.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70564 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70563 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
location context. This allows us to postpone the decision of whether
or not a context should add a control-flow piece to the diagnostics
when inspecting its subexpressions.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70545 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70542 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
'objc_ownership_release' to the effects on receivers.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70507 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70475 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
matching ObjCMethodDecl exists in the @interface.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70474 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
ObjCInterfaceDecl, not before.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70473 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
an owned object, consult its summary instead of inspecting the selector. This
picks up annotations, and is just more general.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70429 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70420 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70417 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
- Add an (optional) short description for BugReports for clients that want
to distinguish between long and short descriptions for bugs
- Make the bug report for VLA less obscene for Plist diagnostics by using
the short description
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70415 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70412 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
(those diffs are just code moving) and move the logic for "return of owned
object" leak reporting to EvalReturnStmt.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70399 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
method currently being analyzed.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70388 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70387 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
reasoning about OSCompareAndSwap32Barrier/OSCompareAndSwap64Barrier. Essentially
the address of reference to a region (pointer-to-pointer) can be casted to
(int32_t*), and we need to handle the logic to convert the involved locations
back and forth from nonloc::LocAsInteger, nonloc::ConcreteInt, to Loc and
loc::ConcreteInt respectively. This adds some potentially suspect logic to
BasicStoreManager that allows the analyzer to reason about abuses of the C type
system. This should probably be refined, be ported over to RegionStoreManager,
and extended with "path-sensitive type checking" to flag bugs in clearly
incoherent code.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70382 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
name of the tracked function.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70381 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70380 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
ObjCMessageExpr.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70369 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70358 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
on ObjCMessageExpr. This will enable us to use it elsewhere. This should not
change any functionality.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70352 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
to add 'CFMakeCollectable' semantics to a method.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70336 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70313 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70293 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70286 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
add "Looping back to the head of the loop" diagnostic for loops.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70285 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
'objc_ownership_cfrelease'. These are the 'release' equivalents of
'objc_ownership_retain' and 'objc_ownership_cfretain' respectively.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70235 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
treated as "not owned" objects.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70232 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
as 'objc_ownership_cfretain' except that the method acts like a CFRetain instead
of a [... retain] (important in GC modes). Checker support is wired up, but
currently only for Objective-C message expressions (not function calls).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70218 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
can't track down.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70155 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70144 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70105 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
users to specify that a method's argument is visibly retained (reference count
incremented).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70008 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@70002 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
involving an NSAnimation object delegating its release to a delegate method.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@69992 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
change.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@69985 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
delegates. When a reference counted object is passed as to a 'void*' argument to
a method stop tracking the reference count.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@69984 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@69983 91177308-0d34-0410-b5e6-96231b3b80d8
|
