Skip to content
  1. Nov 15, 2012
    • Jordan Rose's avatar
      [analyzer] MallocChecker: Remove now-unnecessary check::EndPath callback. · f1f26140
      Jordan Rose authored 
      Also, don't bother to stop tracking symbols in the return value, either.
They are now properly considered live during checkDeadSymbols.

llvm-svn: 168067
      f1f26140
    • Jordan Rose's avatar
      [analyzer] Mark symbol values as dead in the environment. · b5b0fc19
      Jordan Rose authored 
      This allows us to properly remove dead bindings at the end of the top-level
stack frame, using the ReturnStmt, if there is one, to keep the return value
live. This in turn removes the need for a check::EndPath callback in leak
checkers.

This does cause some changes in the path notes for leak checkers. Previously,
a leak would be reported at the location of the closing brace in a function.
Now, it gets reported at the last statement. This matches the way leaks are
currently reported for inlined functions, but is less than ideal for both.

llvm-svn: 168066
      b5b0fc19
    • Jordan Rose's avatar
      [analyzer] Make sure calls in synthesized functions have valid path locations. · 2d98b97e
      Jordan Rose authored 
      We do this by using the "most recent" good location: if a synthesized
function 'A' calls another function 'B', the path notes for the call to 'B'
will be placed at the same location as the path note for calling 'A'.

Similarly, the call to 'A' will have a note saying "Entered call from...",
and now we just don't emit that (since the user doesn't have a body to look
at anyway).

Previously, we were doing this for the "Calling..." notes, but not for the
"Entered call from..." or "Returning to caller". This caused a crash when
the path entered and then exiting a call within a synthesized body.

<rdar://problem/12657843>

llvm-svn: 168019
      2d98b97e
  3. Nov 13, 2012
  5. Nov 12, 2012
  7. Nov 10, 2012
    • Jordan Rose's avatar
      [analyzer] When invalidating symbolic offset regions, take fields into account. · 9eb409ac
      Jordan Rose authored 
      Previously, RegionStore was being VERY conservative in saying that because
p[i].x and p[i].y have a concrete base region of 'p', they might overlap.
Now, we check the chain of fields back up to the base object and check if
they match.

This only kicks in when dealing with symbolic offset regions because
RegionStore's "base+offset" representation of concrete offset regions loses
all information about fields. In cases where all offsets are concrete
(s.x and s.y), RegionStore will already do the right thing, but mixing
concrete and symbolic offsets can cause bindings to be invalidated that
are known to not overlap (e.g. p[0].x and p[i].y).
This additional refinement is tracked by <rdar://problem/12676180>.

<rdar://problem/12530149>

llvm-svn: 167654
      9eb409ac
  9. Nov 07, 2012
  11. Nov 06, 2012
  13. Nov 05, 2012
    • Jordan Rose's avatar
      [analyzer] Move convenience REGISTER_*_WITH_PROGRAMSTATE to CheckerContext.h · 520a30fd
      Jordan Rose authored 
      As Anna pointed out, ProgramStateTrait.h is a relatively obscure header,
and checker writers may not know to look there to add their own custom
state.

The base macro that specializes the template remains in ProgramStateTrait.h
(REGISTER_TRAIT_WITH_PROGRAMSTATE), which allows the analyzer core to keep
using it.

llvm-svn: 167385
      520a30fd
  15. Nov 03, 2012
  17. Nov 02, 2012
  19. Nov 01, 2012
  21. Oct 31, 2012
  23. Oct 30, 2012
  25. Oct 29, 2012