KeychainAPI checker: Generate an error on double allocation. Pull out getAsPointeeMemoryRegion so that it could be reused.

llvm-svn: 136952

llvm-svn: 136938

KeychainAPI checker: Add basic diagnostics. Track MemoryRegion istead of SymbolicRef since the address might not be a symbolic value in some cases, for example in fooOnlyFree() test.

llvm-svn: 136851

[analyzer] rename all experimental checker packages to have 'experimental' be the common root package.

llvm-svn: 136835

[analyzer] Introduce MallocOverflowSecurityChecker, a simple flow-sensitive checker that may be useful for security auditing.  This checker is currently too noisy to be on by default.

llvm-svn: 136804

KeychainAPI checker: only check the paths on which the allocator function returned noErr. (+ minor cleanup)

llvm-svn: 136694

Add a skeleton for the Keychain Services API Checker. Register it as OSX experimental for now. Note, the checker still does not handle tracking of escaped values, taking into account the return value of the allocator functions, nor the actual bug reporting.. 

llvm-svn: 136659

Really remove FlatStoreManager and BasicStoreManager, this time from the driver.  Also remove associated tests.  Sorry for the messy commits; this is the result of a botched Git merge.

llvm-svn: 136422

llvm-svn: 136421

[analyzer] Overhaul how the static analyzer expects CFGs by forcing CFGs to be linearized only when used by the static analyzer.  This required a rewrite of LiveVariables, and exposed a ton of subtle bugs.

The motivation of this large change is to drastically simplify the logic in ExprEngine going forward.

Some fallout is that the output of some BugReporterVisitors is not as accurate as before; those will
need to be fixed over time.  There is also some possible performance regression as RemoveDeadBindings
will be called frequently; this can also be improved over time.

llvm-svn: 136419

the proper expression.

llvm-svn: 136412

declared in protocol in the class qualified by the
protocol have type conflicts. To reduce amount of
noise, this is done when class is implemented.
// rdar://9352731

llvm-svn: 135890

methods, including indirectly overridden methods like those
declared in protocols and categories.  There are mismatches
that we would like to diagnose but aren't yet, but this   
is fine for now.

I looked at approaches that avoided doing this lookup 
unless we needed it, but the infer-related-result-type
checks were doing it anyway, so I left it with the same
fast-path check for no previous declartions of that 
selector.

llvm-svn: 135743

pthread and XNU locks. Patch by Rui Paulo!

llvm-svn: 135515

[analyzer] Per discussions with the Cocoa team, extend CF naming conventions to extend to camel case functions instead of just title case functions.  Fixes <rdar://problem/9732321>.

llvm-svn: 135350

llvm-svn: 135317

Add tests for CFRefReport's path notes, and fix a few typos and non-standard terminology ('+0 retain counts') caught by the tests.

llvm-svn: 135310

llvm-svn: 135294

obey the objc_method_family attribute when provided. Fixes
<rdar://problem/9726279>.

llvm-svn: 134493

llvm-svn: 133994

[analyzer] Use UnknownVal when default-initializing arrays whose element types we don't model, to distinguish them from uninitialized arrays (PR10163).

llvm-svn: 133937

llvm-svn: 133472

[analyzer] Re-enable checking for strncpy, along with a new validation of the size argument. strncat is not yet up-to-date, but I'm leaving it enabled for now (there shouldn't be any false positives, at least...)

llvm-svn: 133408

[analyzer] Eliminate "byte string function" from CStringChecker's diagnostics, and make it easier to provide custom messages for overflow checking, in preparation for re-enabling strncpy checking.

llvm-svn: 133406

[analyzer] Clean up modeling of strcmp, including cases where a string literal has an embedded null character, and where both arguments are the same buffer. Also use nested ifs rather than early returns; in this case early returns will lose any assumptions we've made earlier in the function.

llvm-svn: 133154

Language-design credit goes to a lot of people, but I particularly want
to single out Blaine Garst and Patrick Beard for their contributions.

Compiler implementation credit goes to Argyrios, Doug, Fariborz, and myself,
in no particular order.

llvm-svn: 133103

- (bounded copies) Be more conservative about how much is being copied.
- (str(n)cat) If we can't compute the exact final length of an append operation, we can still lower-bound it.
- (stpcpy) Fix the conjured return value at the end to actually be returned.

This requires these supporting changes:
- C string metadata symbols are still live even when buried in a SymExpr.
- "Hypothetical" C string lengths, to represent a value that /will/ be passed to setCStringLength() if all goes well. (The idea is to allow for temporary constrainable symbols that may end up becoming permanent.)
- The 'checkAdditionOverflow' helper makes sure that the two strings being appended in a strcat don't overflow size_t. This should never *actually* happen; the real effect is to keep the final string length from "wrapping around" in the constraint manager.

This doesn't actually test the "bounded" operations (strncpy and strncat) because they can leave strings unterminated. Next on the list!

llvm-svn: 133046

[analyzer] CStringChecker checks functions in the C standard library, not C++. Its external name is now unix.experimental.CString.

llvm-svn: 132958

[analyzer] Fix modeling of strnlen to be more conservative. Move tests we can't properly model (yet?) to string-fail.c.

llvm-svn: 132955

reason to allow the user to control these semantics through a flag.

llvm-svn: 132919

[analyzer] PR8962 again. Ban ParenExprs (and friends) from block-level expressions (by calling IgnoreParens before adding expressions to blocks). Undo 132769 (LiveVariables' local IgnoreParens), since it's no longer necessary.

Also, have Environment stop looking through NoOp casts; it didn't match the behavior of LiveVariables. And once that's gone, the whole cast block of that switch is unnecessary.

llvm-svn: 132840

[analyzer] Ignore parentheses around block-level expressions when computing liveness. Fixes the other half of PR8962.

llvm-svn: 132769

llvm-svn: 132762

[analyzer] Don't crash when copying an unknown number of bytes with memcpy(). Also handle all memcpy-family return values in evalCopyCommon(), rather than having some outside and some inside.

llvm-svn: 132617

llvm-svn: 132607

llvm-svn: 132605

llvm-svn: 132130

static analyzer: when conservatively evaluating functions, don't invalidate the values of globals when the called function is strlen.

llvm-svn: 132100

llvm-svn: 132049

Enhance retain/release checker to flag warnings when functions returning CG types do not follow the Core Foundation naming conventions.

llvm-svn: 132048