(I was going to fix the TODO about DenseMap too, but
that would break self-host right now. See PR11922.)

llvm-svn: 149799

llvm-svn: 149798

Fix all the transitive include users.

llvm-svn: 149783

Fix all the files that depended on transitive includes of Diagnostic.h.
With this patch in place changing a diagnostic no longer requires a full rebuild of the StaticAnalyzer.

llvm-svn: 149781

At this point this is largely cosmetic, but it opens the door to replace
ProgramStateRef with a smart pointer that more eagerly acts in the role
of reclaiming unused ProgramState objects.

llvm-svn: 149081

Also, slightly modify the diagnostic message in ArrayBound and DivZero (still use 'taint', which might not mean much to the user, but plan on changing it later).

llvm-svn: 148626

Change the ArrayBoundCheckerV2 to be more aggressive in reporting buffer overflows
when the offset is tainted. Previously, we did not report bugs when the state was
underconstrained (not enough information about the bound to determine if there is
an overflow) to avoid false positives. However, if we know that the buffer
offset is tainted - comes in from the user space and can be anything, we should
report it as a bug.

+ The very first example of us catching a taint related bug.
This is the only example we can currently handle. More to come...

llvm-svn: 144826

Also document addTransition methods.

llvm-svn: 143059

llvm-svn: 141262

Remove EnhancedBugReport and RangedBugReport - pull all the extra functionality they provided into their parent BugReport. The only functional changes are: made getRanges() non const - it adds default range to Ranges if none are supplied, made getStmt() private, which was another FIXME.

llvm-svn: 137894

llvm-svn: 137665

Cleanup various declarations of 'Stmt*' to be 'Stmt *', etc. in libAnalyzer and libStaticAnalyzer[*].  It was highly inconsistent, and very ugly to look at.

llvm-svn: 137537

them into the clang namespace.

llvm-svn: 135852

ArrayBoundCheckerV2: don't arbitrarily warn about indexing before the 0-index of a symbolic region.  In many cases that isn't really the base offset.

llvm-svn: 129366

llvm-svn: 126726

Turns -analyzer-check-buffer-overflows into -analyzer-checker=core.experimental.Overflow

llvm-svn: 126609

Split 'include/clang/StaticAnalyzer' into 'include/clang/StaticAnalyzer/Core' and 'include/clang/StaticAnalyzer/Checkers'.

This layout matches lib/StaticAnalyzer, which corresponds to two StaticAnalyzer libraries.

llvm-svn: 125251

[analyzer] lib/StaticAnalyzer/Checkers/ExprEngineInternalChecks.h -> lib/StaticAnalyzer/Checkers/InternalChecks.h

llvm-svn: 125121

[analyzer] Add 'isLoad' parameter in Checker::visitLocation() to conveniently distinguish between loads/stores.

llvm-svn: 123261

layout.  :)

Rename the 'EntoSA' directories to 'StaticAnalyzer'.

Internally we will still use the 'ento' namespace
for the analyzer engine (unless there are further
sabre rattlings...).

llvm-svn: 122514

update Makefile.

llvm-svn: 122493

llvm-svn: 122492

checker based on using raw (symbolic) byte offsets
from a base region.

llvm-svn: 122469