integer pointer.  For now just invalidate the fields of the struct.

This addresses: <rdar://problem/7185607> [RegionStore] support invalidation of bit fields using integer assignment

llvm-svn: 82492

r82198 and then reverted. This is an intermediate solution, as diagnostic
caching should not rely on static variables.

llvm-svn: 82301

llvm-svn: 82299

when running the analyzer on real projects.  We'll keep the change to
AnalysisManager.cpp in r82198 so that -fobjc-gc analyzes code
correctly in both GC and non-GC modes, although this may emit two
diagnostics for each bug in some cases (a better solution will come
later).

llvm-svn: 82201

pruning of diagnostics that may be emitted multiple times.  This is
accomplished by adding FoldingSet profiling support to PathDiagnostic,
and then having BugReporter record what diagnostics have been issued.

This was motived to a serious bug introduced by moving the
'divide-by-zero' checking outside of GRExprEngine into a separate
'Checker' class.  When analyzing code using the '-fobjc-gc' option, a
given function would be analyzed twice, but the second time various
"internal checks" would be disabled to avoid emitting multiple
diagnostics (e.g., "null dereference") for the same issue.  The
problem is that such checks also effect path pruning and don't just
emit diagnostics.  This resulted in an assertion failure involving a
real divide-by-zero in some analyzed code where we would get an
assertion failure in APInt because the 'DivZero' check was disabled
and didn't prune the logic that resulted in the divide-by-zero in the
analyzer.

The implemented solution is somewhat of a hack, and may not perform
extremely well.  This will need to be cleaned up over time.

As a regression test, 'misc-ps.m' has been modified so that its tests
are run using -fobjc-gc to test this diagnostic pruning behavior.

llvm-svn: 82198

Have divide-by-zero checker not handled undefined denominators.  This is handled by the generic checking for undefined operands for BinaryOperators.

llvm-svn: 82019

Remove ImplicitBadDivides/ExplicitBadDivides node sets.  This checking is now down by a 'Checker' and not build into GRExprEngine.

llvm-svn: 82017

with binary operators.  The result of a binary operator may be
undefined even if its operands are well-defined.

llvm-svn: 81874

__builtin_offsetof in the static analyzer that __builtin_offsetof is
not guaranteed to return an integer constant.  We will need to shore
this up later, but now at least we have correct support for when this
*is* an integer constant.

llvm-svn: 81830

llvm-svn: 81825

llvm-svn: 81820

                              to a noreturn or panic function

llvm-svn: 81803

llvm-svn: 81783

llvm-svn: 81590

llvm-svn: 81588

to statically type various methods in SValuator/GRState as required either a
defined value or a defined-but-possibly-unknown value. This leads to various
logic cleanups in GRExprEngine, and lets the compiler enforce via type checking
our assumptions about what symbolic values are possibly undefined and what are
not.

Along the way, clean up some of the static analyzer diagnostics regarding the uses of uninitialized values.

llvm-svn: 81579

llvm-svn: 81519

llvm-svn: 81501

local node information.

llvm-svn: 81433

Here we implement this as a precondition within GRExprEngine, even though it is
related to how BasicStoreManager and RegionStoreManager model 'self'
differently. Putting this as a high-level precondition is more general, which is
why it isn't in RegionStore.cpp.

llvm-svn: 81378

llvm-svn: 81346

llvm-svn: 81092

llvm-svn: 81066

ActionGRExprEngine().

llvm-svn: 81064

llvm-svn: 81061

llvm-svn: 80980

llvm-svn: 80979

llvm-svn: 80873

'dyn_cast' instead of 'cast' as the denominator value could be UnknownVal (and
is not guaranteed to be a DefinedVal).

llvm-svn: 80869

llvm-svn: 80865

Also fix a checker context bug: the Dst set is not always empty initially. 
Because in GRExprEngine::CheckerVisit(), *CurrSet is used repeatedly. 
So we removed the Dst.empty() condition in ~CheckerContext() when deciding
whether to do autotransision.

llvm-svn: 80786

Now bad callee is checked as a PreVisit to the CallExpr.

llvm-svn: 80771

in the BugReport. 

When all internal bug checking logic are moved to checkers, BuiltinBug will
not reference GRExprEngine, and FlushReports() will be not necessary, since
all bugs are emitted into the equivalent classes immediately.

For now just add a ctor with no arguments.

llvm-svn: 80770

motivated from Shark profiles that shows that 'markLive' was very
heavy when using --analyzer-store=region.  On my benchmark file, this
reduces the analysis time for --analyzer-store=region from 19.5s to
13.5s and for --analyzer-store=basic from 5.3s to 3.5s.  For the
benchmark file, this is a reduction of about 30% analysis time for
both analysis modes (a huge win).

llvm-svn: 80765

Patch by Geoff Keating!

llvm-svn: 80752

llvm-svn: 80644

space within the MemberExpr for the nested-name-specifier and its
source range. We'll do the same thing with explicitly-specified
template arguments, assuming I don't flip-flop again.

llvm-svn: 80642

also be adding explicit template arguments as an additional
"adornment". No functionality change.

llvm-svn: 80628

llvm-svn: 80417

objects that are not automatically garbage collected. This fixes
<rdar://problem/7174400>.

llvm-svn: 80387