Revision tags: llvmorg-3.2.0-rc2, llvmorg-3.2.0-rc1 |
|
#
e10d5a76 |
| 02-Nov-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Rename 'EmitReport' to 'emitReport'.
No functionality change.
llvm-svn: 167275
|
#
5d4ec363 |
| 29-Aug-2012 |
Anna Zaks <ganna@apple.com> |
[analyzer] Improved diagnostic pruning for calls initializing values.
This heuristic addresses the case when a pointer (or ref) is passed to a function, which initializes the variable (or sets it to
[analyzer] Improved diagnostic pruning for calls initializing values.
This heuristic addresses the case when a pointer (or ref) is passed to a function, which initializes the variable (or sets it to something other than '0'). On the branch where the inlined function does not set the value, we report use of undefined value (or NULL pointer dereference). The access happens in the caller and the path through the callee would get pruned away with regular path pruning. To solve this issue, we previously disabled diagnostic pruning completely on undefined and null pointer dereference checks, which entailed very verbose diagnostics in most cases. Furthermore, not all of the undef value checks had the diagnostic pruning disabled.
This patch implements the following heuristic: if we pass a pointer (or ref) to the region (on which the error is reported) into a function and it's value is either undef or 'NULL' (and is a pointer), do not prune the function.
llvm-svn: 162863
show more ...
|
#
a0f7d35a |
| 28-Aug-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] Rename addTrackNullOrUndefValueVisitor to trackNullOrUndefValue.
This helper function (in the clang::ento::bugreporter namespace) may add more than one visitor, but conceptually it's trac
[analyzer] Rename addTrackNullOrUndefValueVisitor to trackNullOrUndefValue.
This helper function (in the clang::ento::bugreporter namespace) may add more than one visitor, but conceptually it's tracking a single use of a null or undefined value and should do so as best it can.
Also, the BugReport parameter has been made a reference to underscore that it is non-optional.
llvm-svn: 162720
show more ...
|
#
cfb4eb29 |
| 03-Aug-2012 |
Jordan Rose <jordan_rose@apple.com> |
[analyzer] When a symbol is null, we should track its constraints.
Because of this, we would previously emit NO path notes when a parameter is constrained to null (because there are no stores). Now
[analyzer] When a symbol is null, we should track its constraints.
Because of this, we would previously emit NO path notes when a parameter is constrained to null (because there are no stores). Now we show where we made the assumption, which is much more useful.
llvm-svn: 161280
show more ...
|
#
16704bb1 |
| 31-May-2012 |
Ted Kremenek <kremenek@apple.com> |
Allow some BugReports to opt-out of PathDiagnostic callstack pruning until we have significantly improved the pruning heuristics. The current heuristics are pretty good, but they make diagnostics fo
Allow some BugReports to opt-out of PathDiagnostic callstack pruning until we have significantly improved the pruning heuristics. The current heuristics are pretty good, but they make diagnostics for uninitialized variables warnings particularly useless in some cases.
llvm-svn: 157734
show more ...
|
Revision tags: llvmorg-3.1.0, llvmorg-3.1.0-rc3, llvmorg-3.1.0-rc2, llvmorg-3.1.0-rc1 |
|
#
1e809b4c |
| 09-Mar-2012 |
Ted Kremenek <kremenek@apple.com> |
[analyzer] Implement basic path diagnostic pruning based on "interesting" symbols and regions. Essentially, a bug centers around a story for various symbols and regions. We should only include the p
[analyzer] Implement basic path diagnostic pruning based on "interesting" symbols and regions. Essentially, a bug centers around a story for various symbols and regions. We should only include the path diagnostic events that relate to those symbols and regions.
The pruning is done by associating a set of interesting symbols and regions with a BugReporter, which can be modified at BugReport creation or by BugReporterVisitors.
This patch reduces the diagnostics emitted in several of our test cases. I've vetted these as having desired behavior. The only regression is a missing null check diagnostic for the return value of realloc() in test/Analysis/malloc-plist.c. This will require some investigation to fix, and I have added a FIXME to the test case.
llvm-svn: 152361
show more ...
|
#
e2778999 |
| 05-Feb-2012 |
Dylan Noblesmith <nobled@dreamwidth.org> |
Basic: import OwningPtr<> into clang namespace
llvm-svn: 149798
|
#
49b1e38e |
| 26-Jan-2012 |
Ted Kremenek <kremenek@apple.com> |
Change references to 'const ProgramState *' to typedef 'ProgramStateRef'.
At this point this is largely cosmetic, but it opens the door to replace ProgramStateRef with a smart pointer that more eage
Change references to 'const ProgramState *' to typedef 'ProgramStateRef'.
At this point this is largely cosmetic, but it opens the door to replace ProgramStateRef with a smart pointer that more eagerly acts in the role of reclaiming unused ProgramState objects.
llvm-svn: 149081
show more ...
|
#
632e3b7e |
| 06-Jan-2012 |
Ted Kremenek <kremenek@apple.com> |
[analyzer] Make the entries in 'Environment' context-sensitive by making entries map from (Stmt*,LocationContext*) pairs to SVals instead of Stmt* to SVals.
This is needed to support basic IPA via i
[analyzer] Make the entries in 'Environment' context-sensitive by making entries map from (Stmt*,LocationContext*) pairs to SVals instead of Stmt* to SVals.
This is needed to support basic IPA via inlining. Without this, we cannot tell if a Stmt* binding is part of the current analysis scope (StackFrameContext) or part of a parent context.
This change introduces an uglification of the use of getSVal(), and thus takes two steps forward and one step back. There are also potential performance implications of enlarging the Environment. Both can be addressed going forward by refactoring the APIs and optimizing the internal representation of Environment. This patch mainly introduces the functionality upon when we want to build upon (and clean up).
llvm-svn: 147688
show more ...
|
Revision tags: llvmorg-3.0.0, llvmorg-3.0.0-rc4, llvmorg-3.0.0-rc3, llvmorg-3.0.0-rc2 |
|
#
f380534a |
| 25-Oct-2011 |
Anna Zaks <ganna@apple.com> |
[analyzer] Make branch for condition callback use CheckerContext
Now, all the path sensitive checkers use CheckerContext!
llvm-svn: 142944
|
#
a99b41f3 |
| 18-Oct-2011 |
Anna Zaks <ganna@apple.com> |
[analyzer] Make NodeBuilder and Pred node loosely coupled
NodeBuilder should not assume it's dealing with a single predecessor. Remove predecessor getters. Modify the BranchNodeBuilder to not be res
[analyzer] Make NodeBuilder and Pred node loosely coupled
NodeBuilder should not assume it's dealing with a single predecessor. Remove predecessor getters. Modify the BranchNodeBuilder to not be responsible for doing auto-transitions (which depend on a predecessor).
llvm-svn: 142453
show more ...
|
#
6d285c58 |
| 18-Oct-2011 |
Anna Zaks <ganna@apple.com> |
[analyzer] Modularize builder use in processBranch.
Take advantage of the new builders for branch processing. As part of this change pass generic NodeBuilder (instead of BranchNodeBuilder) to the Br
[analyzer] Modularize builder use in processBranch.
Take advantage of the new builders for branch processing. As part of this change pass generic NodeBuilder (instead of BranchNodeBuilder) to the BranchCondition callback and remove the unused methods form BranchBuilder.
llvm-svn: 142448
show more ...
|
#
ce5e97ef |
| 18-Oct-2011 |
Anna Zaks <ganna@apple.com> |
[analyzer] NodeBuilder Refactoring: Subclass BranchNodeBuilder from NodeBuilder.
llvm-svn: 142444
|
Revision tags: llvmorg-3.0.0-rc1 |
|
#
892427e2 |
| 03-Oct-2011 |
Anna Zaks <ganna@apple.com> |
[analyzer] In UndefBranchChecker, use a node generator which does not create an edge/branching. (ExprEngine should be in charge of generating edges. The checkers should examine the condition and gene
[analyzer] In UndefBranchChecker, use a node generator which does not create an edge/branching. (ExprEngine should be in charge of generating edges. The checkers should examine the condition and generate PostCondition node if needed.)
llvm-svn: 141034
show more ...
|
#
c42197d0 |
| 03-Oct-2011 |
Anna Zaks <ganna@apple.com> |
[analyzer] Cleanup in UndefBranchChecker: - Remove unused FindUndefExpr::ProgramStateManager. - The Condition parameter of the callback is the terminator of the block, no need to retrieve it agai
[analyzer] Cleanup in UndefBranchChecker: - Remove unused FindUndefExpr::ProgramStateManager. - The Condition parameter of the callback is the terminator of the block, no need to retrieve it again.
llvm-svn: 141027
show more ...
|
#
f86615ca |
| 19-Aug-2011 |
Anna Zaks <ganna@apple.com> |
Static Analyzer Diagnostics: Kill the addVisitorCreator(callbackTy, void*) API in favor of addVisitor(BugReporterVisitor*).
1) Create a header file to expose the predefined visitors. And move the pa
Static Analyzer Diagnostics: Kill the addVisitorCreator(callbackTy, void*) API in favor of addVisitor(BugReporterVisitor*).
1) Create a header file to expose the predefined visitors. And move the parent(BugReporterVisitor) there as well.
2) Remove the registerXXXVisitor functions - the Visitor constructors/getters can be used now to create the object. One exception is registerVarDeclsLastStore(), which registers more then one visitor, so make it static member of FindLastStoreBRVisitor.
3) Modify all the checkers to use the new API.
llvm-svn: 138126
show more ...
|
#
3a6bdf8f |
| 17-Aug-2011 |
Anna Zaks <ganna@apple.com> |
Remove EnhancedBugReport and RangedBugReport - pull all the extra functionality they provided into their parent BugReport. The only functional changes are: made getRanges() non const - it adds defaul
Remove EnhancedBugReport and RangedBugReport - pull all the extra functionality they provided into their parent BugReport. The only functional changes are: made getRanges() non const - it adds default range to Ranges if none are supplied, made getStmt() private, which was another FIXME.
llvm-svn: 137894
show more ...
|
#
001fd5b4 |
| 15-Aug-2011 |
Ted Kremenek <kremenek@apple.com> |
Rename GRState to ProgramState, and cleanup some code formatting along the way.
llvm-svn: 137665
|
#
5ef32dbf |
| 12-Aug-2011 |
Ted Kremenek <kremenek@apple.com> |
Cleanup various declarations of 'Stmt*' to be 'Stmt *', etc. in libAnalyzer and libStaticAnalyzer[*]. It was highly inconsistent, and very ugly to look at.
llvm-svn: 137537
|
Revision tags: llvmorg-2.9.0, llvmorg-2.9.0-rc3, llvmorg-2.9.0-rc2, llvmorg-2.9.0-rc1 |
|
#
6a5674ff |
| 01-Mar-2011 |
Argyrios Kyrtzidis <akyrtzi@gmail.com> |
[analyzer] Rename CheckerV2 -> Checker.
llvm-svn: 126726
|
#
753b3ca3 |
| 28-Feb-2011 |
Argyrios Kyrtzidis <akyrtzi@gmail.com> |
[analyzer] Migrate UndefBranchChecker to CheckerV2.
llvm-svn: 126616
|
#
f8cbac4b |
| 10-Feb-2011 |
Ted Kremenek <kremenek@apple.com> |
Split 'include/clang/StaticAnalyzer' into 'include/clang/StaticAnalyzer/Core' and 'include/clang/StaticAnalyzer/Checkers'.
This layout matches lib/StaticAnalyzer, which corresponds to two StaticAnal
Split 'include/clang/StaticAnalyzer' into 'include/clang/StaticAnalyzer/Core' and 'include/clang/StaticAnalyzer/Checkers'.
This layout matches lib/StaticAnalyzer, which corresponds to two StaticAnalyzer libraries.
llvm-svn: 125251
show more ...
|
#
f99d595c |
| 08-Feb-2011 |
Argyrios Kyrtzidis <akyrtzi@gmail.com> |
[analyzer] lib/StaticAnalyzer/Checkers/ExprEngineInternalChecks.h -> lib/StaticAnalyzer/Checkers/InternalChecks.h
llvm-svn: 125121
|
#
d99bd55a |
| 23-Dec-2010 |
Ted Kremenek <kremenek@apple.com> |
Chris Lattner has strong opinions about directory layout. :)
Rename the 'EntoSA' directories to 'StaticAnalyzer'.
Internally we will still use the 'ento' namespace for the analyzer engine (unless
Chris Lattner has strong opinions about directory layout. :)
Rename the 'EntoSA' directories to 'StaticAnalyzer'.
Internally we will still use the 'ento' namespace for the analyzer engine (unless there are further sabre rattlings...).
llvm-svn: 122514
show more ...
|