summaryrefslogtreecommitdiffstats
path: root/clang/lib/Analysis/UninitializedValues.cpp
Commit message (Collapse)AuthorAgeFilesLines
* -Wuninitialized: warn about uninitialized values resulting from ?: that ↵Ted Kremenek2013-01-191-0/+10
| | | | | | evaluate to lvalues (in C++). llvm-svn: 172875
* Remove useless 'llvm::' qualifier from names like StringRef and others that areDmitri Gribenko2013-01-121-2/+2
| | | | | | brought into 'clang' namespace by clang/Basic/LLVM.h llvm-svn: 172323
* Test commit.Enea Zaffanella2013-01-111-1/+1
| | | | llvm-svn: 172195
* Pull the Attr iteration parts out of Attr.h, so including DeclBase.h doesn't ↵Benjamin Kramer2012-12-011-9/+10
| | | | | | | | | pull in all the generated Attr code. Required to pull some functions out of line, but this shouldn't have a perf impact. No functionality change. llvm-svn: 169092
* Further reduce "-fsyntax-only -Wuninitialized" time on sqlite3.c by another ↵Ted Kremenek2012-11-171-12/+52
| | | | | | 2.5% using intelligent pruning of blocks during the final reporting pass. llvm-svn: 168257
* Switch -Wuninitialized to use a reverse-post order traversal asTed Kremenek2012-11-171-15/+33
| | | | | | | | | an initial baseline for enqueued blocks, but use a simple DFS stack for propagating changes quickly up back edges. This provides a 3.5% reduction in -fsyntax-only time on sqlite3.c. llvm-svn: 168241
* Avoid malloc thrashing in the uninitialized value analysis.Benjamin Kramer2012-09-281-11/+5
| | | | | | | - The size of the packed vector is often small, save mallocs using SmallBitVector. - Copying SmallBitVectors is also cheap, remove a level of indirection. llvm-svn: 164827
* Teach -Wuninitialized to recognize common "noreturn" idioms inTed Kremenek2012-09-131-4/+16
| | | | | | | | | | | | | Objective-C related to NSException. Fixes <rdar://problem/12287498> I debated whether or not this logic should be sunk into the CFG itself. It's not clear if we should, as different analyses may wish to have different policies. We can re-evaluate this in the future. llvm-svn: 163760
* Teach -Wuninitialized to recognize __attribute__((analyzer_noreturn))Ted Kremenek2012-09-121-8/+20
| | | | | | | | | | | | | | | | | | for halting the propagation of uninitialized value tracking along a path. Unlike __attribute__((noreturn)), this attribute (which is used by clients of the static analyzer) can be used to annotate functions that essentially never return, but in rare cares may be allowed to return for (special) debugging purposes. This attribute has been shown in reducing false positives in the static analyzer by pruning false postives, and is equally applicable here. Handling this attribute in the CFG itself is another option, but this is not something all clients (e.g., possibly -Wunreachable-code) would want to see. Addresses <rdar://problem/12281583>. llvm-svn: 163681
* Simplify UninitializedValues.cpp by removing logic to handle the previous ↵Ted Kremenek2012-07-191-142/+25
| | | | | | | | (imprecise) representation of '&&' and '||' in the CFG. This is no longer needed, and greatly simplifies the code. llvm-svn: 160494
* Uninitialized variables: two little changes:Richard Smith2012-07-171-1/+3
| | | | | | | * Treat compound assignment as a use, at Jordy's request. * Always add compound assignments into the CFG, so we can correctly diagnose the use in 'return x += 1;' llvm-svn: 160334
* -Wuninitialized: Split the classification of DeclRefExprs as initialization orRichard Smith2012-07-171-228/+223
| | | | | | | | | | use out of TransferFunctions, and compute it in advance rather than on-the-fly. This allows us to handle compound assignments with DeclRefExprs on the RHS correctly, and also makes it trivial to treat const& function parameters as not initializing the argument. The patch also makes both of those changes. llvm-svn: 160330
* PR13360: When deciding the earliest point which inevitably leads to anRichard Smith2012-07-131-14/+19
| | | | | | | uninitialized variable use, walk back over branches where we've reached all the non-null successors, not just cases where we've reached all successors. llvm-svn: 160206
* -Wuninitialized: assume that an __attribute__((returns_twice)) function mightRichard Smith2012-07-021-0/+18
| | | | | | | initialize any variable. This is extremely conservative, but is sufficient for now. llvm-svn: 159620
* -Wuninitialized bugfix: when entering the scope of a variable with noRichard Smith2012-06-161-0/+12
| | | | | | | initializer, it is uninitialized, even if we may be coming from somewhere where it was initialized. llvm-svn: 158611
* Revert Decl's iterators back to pointer value_type rather than reference ↵David Blaikie2012-06-061-1/+1
| | | | | | | | | | | | | | value_type In addition, I've made the pointer and reference typedef 'void' rather than T* just so they can't get misused. I would've omitted them entirely but std::distance likes them to be there even if it doesn't use them. This rolls back r155808 and r155869. Review by Doug Gregor incorporating feedback from Chandler Carruth. llvm-svn: 158104
* Split a chunk of -Wconditional-uninitialized warnings out into a separate flag,Richard Smith2012-05-251-6/+134
| | | | | | | | | | | -Wsometimes-uninitialized. This detects cases where an explicitly-written branch inevitably leads to an uninitialized variable use (so either the branch is dead code or there is an uninitialized use bug). This chunk of warnings tentatively lives within -Wuninitialized, in order to give it more visibility to existing Clang users. llvm-svn: 157458
* Some cleanups around the uninitialized variables warning, and a FIXME. No ↵Richard Smith2012-05-241-22/+18
| | | | | | functional change. llvm-svn: 157440
* Remove the ref/value inconsistency in filter_decl_iterator.David Blaikie2012-04-301-1/+1
| | | | | | | | | | | | | filter_decl_iterator had a weird mismatch where both op* and op-> returned T* making it difficult to generalize this filtering behavior into a reusable library of any kind. This change errs on the side of value, making op-> return T* and op* return T&. (reviewed by Richard Smith) llvm-svn: 155808
* PR11926 + duplicates: Fix crash in -Wuninitialized when using a compiler likeRichard Smith2012-04-301-1/+2
| | | | | | | | | | | g++4.7, which reuses stack space allocated for temporaries. CFGElement::getAs returns a suitably-cast version of 'this'. Patch by Markus Trippelsdorf! No test: this code has the same observable behavior as the old code when built with most compilers, and the tests were already failing when built with a compiler for which this produced a broken binary. llvm-svn: 155803
* Move llvm/ADT/SaveAndRestore.h -> llvm/Support/SaveAndRestore.h.Argyrios Kyrtzidis2012-03-011-1/+1
| | | | | | Needs llvm update. llvm-svn: 151829
* Move "clang/Analysis/Support/SaveAndRestore.h" to "llvm/ADT/SaveAndRestore.h"Argyrios Kyrtzidis2012-02-271-1/+1
| | | | | | | | to make it more widely available. Depends on llvm commit r151564 llvm-svn: 151566
* Rename AnalysisContext to AnalysisDeclContext. Not only is this name more ↵Ted Kremenek2011-10-241-4/+4
| | | | | | accurate, but it frees up the name AnalysisContext for other uses. llvm-svn: 142782
* Tweak -Wuninitialized's handling of 'int x = x' to report that as the root ↵Ted Kremenek2011-10-131-0/+6
| | | | | | cause of an uninitialized variable IFF there are other uses of that uninitialized variable. Fixes <rdar://problem/9259237>. llvm-svn: 141881
* Fix infinite loop in -Wuninitialized reported in PR 11069.Ted Kremenek2011-10-071-19/+26
| | | | llvm-svn: 141345
* -Wuninitialized: fix insidious bug resulting from interplay of blocks and ↵Ted Kremenek2011-09-021-17/+14
| | | | | | dead code. Fixes <rdar://problem/10060250>. llvm-svn: 139027
* Constify the result of CFGStmt::getStmt().Ted Kremenek2011-08-231-3/+3
| | | | llvm-svn: 138408
* Remove dead code.Ted Kremenek2011-08-201-13/+1
| | | | llvm-svn: 138183
* Fix else style. No functionality change intended.Chad Rosier2011-08-171-4/+2
| | | | llvm-svn: 137896
* Cleanup various declarations of 'Stmt*' to be 'Stmt *', etc. in libAnalyzer ↵Ted Kremenek2011-08-121-5/+5
| | | | | | and libStaticAnalyzer[*]. It was highly inconsistent, and very ugly to look at. llvm-svn: 137537
* Fix another -Wuninitialized assertion failure (this one involving bit casts) ↵Ted Kremenek2011-08-081-8/+23
| | | | | | resulting from the recent -Wuninitialized changes. llvm-svn: 137068
* Fix assertion failure in -Wuninitialized involving no-op casts. Fixes PR 10577.Ted Kremenek2011-08-041-5/+19
| | | | llvm-svn: 136939
* remove unneeded llvm:: namespace qualifiers on some core types now that ↵Chris Lattner2011-07-231-2/+2
| | | | | | | | LLVM.h imports them into the clang namespace. llvm-svn: 135852
* Move duplicate uninitialized warning suppression into theChandler Carruth2011-07-221-7/+3
| | | | | | | | | | | | AnalysisBasedWarnings Sema layer and out of the Analysis library itself. This returns the uninitialized values analysis to a more pure form, allowing its original logic to correctly detect some categories of definitely uninitialized values. Fixes PR10358 (again). Thanks to Ted for reviewing and updating this patch after his rewrite of several portions of this analysis. llvm-svn: 135748
* Fix -Wuninitialized regression involving functions invalidating parameters ↵Ted Kremenek2011-07-201-1/+3
| | | | | | passed by reference. llvm-svn: 135610
* Fix false negative in -Wuninitialized involving a () wrapping an ↵Ted Kremenek2011-07-191-6/+11
| | | | | | lvalue-to-rvalue conversion in a DeclStmt. llvm-svn: 135525
* Fix assertion failure in UninitializedValues.cpp where an lvalue to rvalue ↵Ted Kremenek2011-07-191-2/+3
| | | | | | conversion is wrapped in a parenthesis. llvm-svn: 135519
* Reduce -Wuninitialized time by 22% (on sqlite) by removing the recursive AST ↵Ted Kremenek2011-07-191-100/+87
| | | | | | | | | | | | | | | crawl. This is accomplished by forcing the needed expressions for -Wuninitialized to always be CFGElements in the CFG. This allows us to remove a fair amount of the code for -Wuninitialized. Some fallout: - AnalysisBasedWarnings.cpp now specifically toggles the CFGBuilder to create a CFG that is suitable for -Wuninitialized. This is a layering violation, since the logic for -Wuninitialized is in libAnalysis. This can be fixed with the proper refactoring. - Some of the source locations for -Wunreachable-code warnings have shifted. While not ideal, this is okay because that analysis already needs some serious reworking. llvm-svn: 135480
* Revert r135217, which wasn't the correct fix for PR10358. With thisChandler Carruth2011-07-161-6/+4
| | | | | | | | | | | patch, we actually move the state-machine for the value set backwards one step. This can pretty easily lead to infinite loops where we continually try to propagate a bit, succeed for one iteration, but then back up because we find an uninitialized use. A reduced test case from PR10379 is included. llvm-svn: 135359
* Fix false negative reported in PR 10358 by using 'Unknown' in ↵Ted Kremenek2011-07-141-4/+6
| | | | | | -Wuninitialized to avoid cascading warnings. Patch by Kaelyn Uhrain. llvm-svn: 135217
* Make the worklist in the uninitialized values checker actually a queue.Chandler Carruth2011-07-081-13/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, despite the names 'enqueue' and 'dequeue', it behaved as a stack and visited blocks in a LIFO fashion. This interacts badly with extremely broad CFGs *inside* of a loop (such as a large switch inside a state machine) where every block updates a different variable. When encountering such a CFG, the checker visited blocks in essentially a "depth first" order due to the stack-like behavior of the work list. Combined with each block updating a different variable, the saturation logic of the checker caused it to re-traverse blocks [1,N-1] of the broad CFG inside the loop after traversing block N. These re-traversals were to propagate the variable values derived from block N. Assuming approximately the same number of variables as inner blocks exist, the end result is O(N^2) updates. By making this a queue, we also make the traversal essentially "breadth-first" across each of the N inner blocks of the loop. Then all of this state is propagated around to all N inner blocks of the loop. The result is O(N) updates. The truth is in the numbers: Before, gcc.c: 96409 block visits (max: 61546, avg: 591) After, gcc.c: 69958 block visits (max: 33090, avg: 429) Before, PR10183: 2540494 block vists (max: 2536495, avg: 37360) After, PR10183: 137803 block visits (max: 134406, avg: 2026) The nearly 20x reduction in work for PR10183 corresponds to a roughly 100x speedup in compile time. I've tested it on all the code I can get my hands on, and I've seen no slowdowns due to this change. Where I've collected stats, the ammount of work done is on average less. I'll also commit shortly some synthetic test cases useful in analyzing the performance of CFG-based warnings. Submitting this based on Doug's feedback that post-commit review should be good. Ted, please review! Hopefully this helps compile times until then. llvm-svn: 134697
* Build up statistics about the work done for analysis based warnings.Chandler Carruth2011-07-061-7/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Special detail is added for uninitialized variable analysis as this has serious performance problems than need to be tracked. Computing some of this data is expensive, for example walking the CFG to determine its size. To avoid doing that unless the stats data is going to be used, we thread a bit into the Sema object to track whether detailed stats should be collected or not. This bit is used to avoid computations whereever the computations are likely to be more expensive than checking the state of the flag. Thus, counters are in some cases unconditionally updated, but the more expensive (and less frequent) aggregation steps are skipped. With this patch, we're able to see that for 'gcc.c': *** Analysis Based Warnings Stats: 232 functions analyzed (0 w/o CFGs). 7151 CFG blocks built. 30 average CFG blocks per function. 1167 max CFG blocks per function. 163 functions analyzed for uninitialiazed variables 640 variables analyzed. 3 average variables per function. 94 max variables per function. 96409 block visits. 591 average block visits per function. 61546 max block visits per function. And for the reduced testcase in PR10183: *** Analysis Based Warnings Stats: 98 functions analyzed (0 w/o CFGs). 8526 CFG blocks built. 87 average CFG blocks per function. 7277 max CFG blocks per function. 68 functions analyzed for uninitialiazed variables 1359 variables analyzed. 19 average variables per function. 1196 max variables per function. 2540494 block visits. 37360 average block visits per function. 2536495 max block visits per function. That last number is the somewhat scary one that indicates the problem in PR10183. llvm-svn: 134494
* Utilize PackedVector, introduced with llvm commit r132325.Argyrios Kyrtzidis2011-05-311-34/+3
| | | | llvm-svn: 132326
* Fix crash in -Wuninitialized when using switch statments whose condition is ↵Ted Kremenek2011-05-101-5/+9
| | | | | | a logical operation. llvm-svn: 131158
* Silence more -Wnon-pod-memset given its current implementation. I may beChandler Carruth2011-04-281-1/+1
| | | | | | | able to revert these based on a patch I'm working on, but no reason for people to be spammed with warnings in the interim. llvm-svn: 130394
* When we transform a C++ exception declaration (e.g., for templateDouglas Gregor2011-04-141-6/+0
| | | | | | | | instantiation), be sure to add the transformed declaration into the current DeclContext. Also, remove the -Wuninitialized hack that works around this bug. Fixes <rdar://problem/9200676>. llvm-svn: 129544
* Teach -Wuninitialized about C++'s typeid expression, including both theChandler Carruth2011-04-131-0/+12
| | | | | | | | | | | evaluated and unevaluated contexts. Add some testing of sizeof and typeid. Both of the typeid tests added here were triggering warnings previously. Now the one false positive is suppressed without suppressing the warning on actually buggy code. llvm-svn: 129431
* Teach -Wuninitialized to not warn about variables declared in C++ catch ↵Ted Kremenek2011-04-071-0/+1
| | | | | | statements. llvm-svn: 129102
* Commit a bit of a hack to fully handle the situation where variables areChandler Carruth2011-04-051-4/+16
| | | | | | | | | | | | | | | | marked explicitly as uninitialized through direct self initialization: int x = x; With r128894 we prevented warnings about this code, and this patch teaches the analysis engine to continue analyzing subsequent uses of 'x'. This should wrap up PR9624. There is still an open question of whether we should suppress the maybe-uninitialized warnings resulting from variables initialized in this fashion. The definitely-uninitialized uses should always be warned. llvm-svn: 128932
* Fix PR 9626 (duplicated self-init warnings under -Wuninitialized) with ↵Ted Kremenek2011-04-041-2/+17
| | | | | | | | | | | | | | numerous CFG and UninitializedValues analysis changes: 1) Change the CFG to include the DeclStmt for conditional variables, instead of using the condition itself as a faux DeclStmt. 2) Update ExprEngine (the static analyzer) to understand (1), so not to regress. 3) Update UninitializedValues.cpp to initialize all tracked variables to Uninitialized at the start of the function/method. 4) Only use the SelfReferenceChecker (SemaDecl.cpp) on global variables, leaving the dataflow analysis to handle other cases. The combination of (1) and (3) allows the dataflow-based -Wuninitialized to find self-init problems when the initializer contained control-flow. llvm-svn: 128858
OpenPOWER on IntegriCloud