replica
/
hanchenye-llvm-project
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
91,138 Commits 2 Branches 0 Tags 1.8 GiB
Commit Graph

75 Commits

Author SHA1 Message Date
Zhongxing Xu ef94284f2f Tweak test case. 'int' would introduce out-of-bound issues. We focus on array 
index constraints in this case.

llvm-svn: 112794
 2010-09-02 01:42:44 +00:00
Ted Kremenek f3a734d8ee Add yet another test case for PR 8015, showing how reasoning over symbolic indices should exactly resolve over multiple index possibilities (and thus suppress the false positive in the test). 
llvm-svn: 112770
 2010-09-01 23:37:38 +00:00
Ted Kremenek 121ddd6a5c Add another test case for PR 8015, here with the array index being within a valid range and not just a single constant. 
llvm-svn: 112769
 2010-09-01 23:37:36 +00:00
Ted Kremenek 0e12f9cc7b Partial fix for PR 8015 (fix is actually by Jordy Rose, and I added a test case for follow-on work). This patch adds a bandaid for RegionStore's limited reasoning about symbolic array values. 
llvm-svn: 112766
 2010-09-01 23:27:26 +00:00
Ted Kremenek d588e78b95 Don't assert in the analyzer when analyze code does a byte load from a function's address. Fixes PR 8052. 
llvm-svn: 112761
 2010-09-01 23:00:46 +00:00
Tom Care 9026d4b488 Adjusted the semantics of assign checking in IdempotentOperationChecker 
- Fixed a regression where assigning '0' would be reported
- Changed the way self assignments are filtered to allow constant testing
- Added a test case for assign ops
- Fixed one test case where a function pointer was not considered constant
- Fixed test cases relating to 0 assignment

llvm-svn: 112501
 2010-08-30 19:25:43 +00:00
Tom Care 98e679508d Enabled relaxed LiveVariables analysis in the path-sensitive engine to increase the coverage of bugs. Primarily affects IdempotentOperationChecker. 
- Migrated a temporarily separated test back to its original file (bug has been fixed, null-deref-ps-temp.c -> null-deref-ps.c)
- Changed SymbolManager to use relaxed LiveVariables
- Updated several test cases that the IdempotentOperationChecker class now flags
- Added test case to test relaxed LiveVariables use by the IdempotentOperationChecker

llvm-svn: 112312
 2010-08-27 22:46:32 +00:00
Ted Kremenek 4b83f753a1 Add test case for <rdar://problem/8258814>. 
llvm-svn: 110058
 2010-08-02 20:33:00 +00:00
Ted Kremenek 385f71b1f4 Augment RegionStore::BindStruct() to bind symbolicated struct values. This fixes a false path issue reported in <rdar://problem/8243408> and also spurs another cause where the idempotent operations checker fires. 
llvm-svn: 109710
 2010-07-29 00:28:47 +00:00
Ted Kremenek 2a33a0deef Correctly construct an ElementRegion for alloca() + pointer arithmetic. Fixes analyzer 
crash reported in PR 7450.

llvm-svn: 106609
 2010-06-22 23:58:31 +00:00
Ted Kremenek 15a0abd399 Discard qualifiers for ElementRegions so that a 'const' doesn't change the lookup semantics 
in the symbol store.  We may wish to push this down into the StoreManager itself.

llvm-svn: 104788
 2010-05-27 00:29:00 +00:00
Ted Kremenek ef55dd17ec Static analyzer: Don't crash when casting a symbolic region address to a float. Fixes PR 6854. 
llvm-svn: 101499
 2010-04-16 17:54:33 +00:00
Ted Kremenek 8db54ff1de Fix PR 6844, a regression caused by the introduction of llvm_unreachable for the default 
case in GRExprEngine::Visit (in r101129).  Instead, enumerate all Stmt cases and have
no 'default' case in the switch statement.  When we encounter a Stmt we don't handle,
we should explicitly add it to the switch statement.

llvm-svn: 101378
 2010-04-15 17:33:31 +00:00
Ted Kremenek 5868ec6e3d Fix CFG bug where bases of member expressions were not always evaluated in a lvalue context. Fixes <rdar://problem/7813989>. 
llvm-svn: 100966
 2010-04-11 17:02:10 +00:00
Ted Kremenek 6e95bfc6a5 Fix crash in StoreManager::CastRegion() when the base region is a type with 0 size. 
llvm-svn: 100594
 2010-04-07 00:46:49 +00:00
Ted Kremenek f969841a1a Teach MemRegion::getBaseRegion() about ObjCIvarRegions. We want to treat 
them the same way as fields.  This fixes a regression in RegionStore::RemoveDeadbindings()
that emerged from going to the cluster-based analysis.

llvm-svn: 100570
 2010-04-06 22:06:03 +00:00
Ted Kremenek 2d107f9d1d RegionStore: specially handle loads from integer global variables declared 'const'. 
Fixes a false positive reported in PR 6288.

llvm-svn: 99922
 2010-03-30 20:31:04 +00:00
Ted Kremenek 4be6a75884 Change the analyzer to recognize (but ignore) assignments to isa. Fixes PR 6302. 
llvm-svn: 99904
 2010-03-30 18:24:54 +00:00
Ted Kremenek c517974e9e Add test case for <rdar://problem/7770737>. 
llvm-svn: 98979
 2010-03-19 19:45:03 +00:00
Ted Kremenek e3c26d8f7e Add test case for <rdar://problem/7242010>, which appears to have been fixed 
in the recent changes to RegionStore::InvalidateRegions().  Note that we
are still not yet modeling 'memcpy()' explicitly.

llvm-svn: 96902
 2010-02-23 07:17:57 +00:00
Ted Kremenek 1a6672a3d4 Enhance RegionStore::InvalidateRegions() to correctly invalidate bindings 
by scanning through the values of LazyCompoundVals.

llvm-svn: 96067
 2010-02-13 01:52:33 +00:00
Ted Kremenek 5abd69d946 Teach RegionStore::InvalidateRegions() to also invalidate static variables referenced by blocks. 
llvm-svn: 95459
 2010-02-06 00:30:00 +00:00
Ted Kremenek 94e6d98cae Add test case showing the analyzer invalidates '__block' variables when the block is passed as an argument to an ObjC method. 
llvm-svn: 95366
 2010-02-05 06:10:46 +00:00
Ted Kremenek 2f2692f8ca Rename -cc1 option '-checker-cfref' to '-analyzer-check-objc-mem'. 
llvm-svn: 95348
 2010-02-05 02:06:54 +00:00
Ted Kremenek fc8dbdf3c7 Add assorted test cases from PR 4172. 
llvm-svn: 95297
 2010-02-04 07:25:56 +00:00
Ted Kremenek e36bceb97d Teach RegionStore to handle initialization of incomplete arrays in structures using a compound value. Fixes <rdar://problem/7515938>. 
llvm-svn: 94622
 2010-01-26 23:51:00 +00:00
Ted Kremenek be909b5eff Switch RegionStore over to using <BaseRegion+raw offset> to store 
value bindings.  Along with a small change to OSAtomicChecker, this
resolves <rdar://problem/7527292> and resolves some long-standing
issues with how values can be bound to the same physical address by
not have the same "key".  This change is only a beginning; logically
RegionStore needs to better handle loads from addresses where the
stored value is larger/smaller/different type than the loaded value.
We handle these cases in an approximate fashion now (via
CastRetrievedVal and help in SimpleSValuator), but it could be made
much smarter.

llvm-svn: 93137
 2010-01-11 02:33:26 +00:00
Ted Kremenek c6aa800eb3 Fix overzealous assertion in GRExprEngine::VisitLValue(). A 
CallExpr/ObjCMessageExpr can be visited in an "lvalue" context if it
returns a struct temporary.  Currently the analyzer doesn't reason
about struct temporary returned by function calls, but we shouldn't
crash here either.

llvm-svn: 93081
 2010-01-09 22:58:54 +00:00
Chris Lattner f9895c48fd add a bunch of missing prototypes to tests 
llvm-svn: 93072
 2010-01-09 20:43:19 +00:00
Ted Kremenek 284d764418 Add test case for PR 4358. 
llvm-svn: 92103
 2009-12-24 00:48:11 +00:00
Ted Kremenek 25e280bf02 Fix PR 5857. When casting from a symbolic region to an integer back to a pointer value, we were not correctly layering the correct ElementRegion on the original SymbolicRegion. 
llvm-svn: 91981
 2009-12-23 02:52:14 +00:00
Daniel Dunbar 8fbe78f6fc Update tests to use %clang_cc1 instead of 'clang-cc' or 'clang -cc1'. 
- This is designed to make it obvious that %clang_cc1 is a "test variable"
   which is substituted. It is '%clang_cc1' instead of '%clang -cc1' because it
   can be useful to redefine what gets run as 'clang -cc1' (for example, to set
   a default target).

llvm-svn: 91446
 2009-12-15 20:14:24 +00:00
Ted Kremenek 814c416636 Fix: <rdar://problem/7468209> SymbolManager::isLive() should not crash on captured block variables that are passed by reference 
llvm-svn: 91348
 2009-12-14 22:15:06 +00:00
Zhongxing Xu 27f686f8ec Replace clang-cc with clang -cc1. 
llvm-svn: 91272
 2009-12-14 06:34:20 +00:00
Ted Kremenek f6d9cebafd Enhance understanding of VarRegions referenced by a block whose declarations are outside the current stack frame. Fixes <rdar://problem/7462324>. 
llvm-svn: 91107
 2009-12-11 06:43:27 +00:00
Ted Kremenek 2a3dbb5749 Add another blocks test case illustrating how parameters passed-by-reference in block invocations are invalidated (just like function calls). 
llvm-svn: 90466
 2009-12-03 18:29:20 +00:00
Ted Kremenek 5bee5c4ff0 Add value invalidation logic for block-captured variables. Conceptually invoking a block (without specific reasoning of what the block does) can invalidate any value to it by reference when the block was created. 
llvm-svn: 90431
 2009-12-03 08:25:47 +00:00
Daniel Dunbar 4e7596cc3a Normalize options to use '-FOO' instead of '--FOO'. 
llvm-svn: 90071
 2009-11-29 09:33:10 +00:00
Ted Kremenek 775d9c149d Add RegionStore test case that shows that floating point values are also implicitly tracked for undefined values. (test case for <rdar://problem/6811085>). 
llvm-svn: 89538
 2009-11-21 02:52:12 +00:00
Ted Kremenek f3febe4bdc Add another test case to show the precision of RegionStore over 
BasicStore.  In this example, BasicStore would lose information about
the pointer in path after '*path++', causing the analyzer to falsely
flag a null dereference.  This addresses <rdar://problem/7191542>.

llvm-svn: 89533
 2009-11-21 02:17:47 +00:00
Ted Kremenek 439a6d146c Fix crash when using --analyzer-store=region when handling initializers with nested arrays/structs whose values are not explicitly specified. Fixes <rdar://problem/7403269>. 
llvm-svn: 89384
 2009-11-19 20:20:24 +00:00
Ted Kremenek 4ef13f8ac9 Add clang-cc option "--analyzer-experimental-internal-checks". This 
option enables new "internal" checks that will eventually be turned on
by default but still require broader testing.

llvm-svn: 88671
 2009-11-13 18:46:29 +00:00
Zhongxing Xu f06c684a33 Add checker for CWE-588: Attempt to Access Child of a Non-structure Pointer. 
llvm-svn: 86529
 2009-11-09 08:07:38 +00:00
Daniel Dunbar 8b57697954 Eliminate &&s in tests. 
- 'for i in $(find . -type f); do sed -e 's#\(RUN:.*[^ ]\) *&& *$#\1#g' $i | FileUpdate $i; done', for the curious.

llvm-svn: 86430
 2009-11-08 01:45:36 +00:00
Ted Kremenek e3423e84a9 testing: Merge PR3135.c into misc-ps-region-store.m. 
llvm-svn: 86286
 2009-11-06 20:32:38 +00:00
Ted Kremenek df9ca633b6 Sentence-case bug type, and pull tests from region-only-test.c into misc-ps-region.store.m (removing an extra unneeded test file). Also add a bunch of FIXME comments for future enhancements. 
llvm-svn: 86282
 2009-11-06 20:16:31 +00:00
Ted Kremenek e96a30a531 Handle loading of field values from LazyCompoundVals in GRExprEngine::VisitMemberExpr(). 
This fixes the crash reported in PR 5316.

llvm-svn: 85578
 2009-10-30 05:48:30 +00:00
Ted Kremenek 1f0a56e4c9 Fix an insidious bug in RegionStore::RemoveDeadBindings() pointed out 
by Zhongxing Xu.  RemoveDeadBindings() would falsely prune
SymbolicRegions from the store that wrapped derived symbols whose
liveness could only be determined after scanning the store.

llvm-svn: 85484
 2009-10-29 05:14:17 +00:00
Ted Kremenek 64fd20d243 Add test cases for <rdar://problem/7332673>. 
llvm-svn: 85191
 2009-10-27 01:05:20 +00:00
Ted Kremenek 481c121ab5 RegionStore: Use the *default* binding (instead of the *direct* binding) of an Objective-C object 
region when doing lazy value retrieval of an ivar.

This fixes: <rdar://problem/7312221>

llvm-svn: 84584
 2009-10-20 01:20:57 +00:00