summaryrefslogtreecommitdiffstats
path: root/clang/lib/Analysis
Commit message (Collapse)AuthorAgeFilesLines
...
* [CFG] Try to narrow down MSVC compiler crash via binary search.Artem Dergachev2018-02-231-11/+17
| | | | | | | | | | Split the presumably offending function in two to see which part of it causes the crash to occur. The crash was introduced in r325966. r325969 did not help. llvm-svn: 325978
* [CFG] NFC: Speculative attempt to fix MSVC internal compiler error on buildbot.Artem Dergachev2018-02-231-3/+6
| | | | | | Don't use fancy initialization and member access in a DenseMap. llvm-svn: 325969
* [CFG] [analyzer] NFC: Allow more complicated construction contexts.Artem Dergachev2018-02-231-24/+50
| | | | | | | | | | | | | | ConstructionContexts introduced in D42672 are an additional piece of information included with CFGConstructor elements that help the client of the CFG (such as the Static Analyzer) understand where the newly constructed object is stored. The patch refactors the ConstructionContext class to prepare for including multi-layered contexts that are being constructed gradually, layer-by-layer, as the AST is traversed. Differential Revision: https://reviews.llvm.org/D43428 llvm-svn: 325966
* [CFG] Provide construction contexts for temproary objects.Artem Dergachev2018-02-151-1/+3
| | | | | | | | | | | | | | | Constructors of C++ temporary objects that have destructors now can be queried to discover that they're indeed constructing temporary objects. The respective CXXBindTemporaryExpr, which is also repsonsible for destroying the temporary at the end of full-expression, is now available at the construction site in the CFG. This is all the context we need to provide for temporary objects that are not lifetime extended. For lifetime-extended temporaries, more context is necessary. Differential Revision: https://reviews.llvm.org/D43056 llvm-svn: 325210
* Teach Wreturn-type, Wunreachable-code, and alpha.deadcode.UnreachableCode to ↵Nico Weber2018-02-132-5/+22
| | | | | | | | | treat __assume(0) like __builtin_unreachable. Fixes PR29134. https://reviews.llvm.org/D43221 llvm-svn: 325052
* [CFG] Provide construction contexts for return value constructors.Artem Dergachev2018-02-121-0/+2
| | | | | | | | | | | When the current function returns a C++ object by value, CFG elements for constructors that construct the return values can now be queried to discover that they're indeed participating in construction of the respective return value at the respective return statement. Differential Revision: https://reviews.llvm.org/D42875 llvm-svn: 324952
* [CFG] Provide construction contexts when constructors have cleanups.Artem Dergachev2018-02-101-0/+2
| | | | | | | | | | | | | | | Now that we make it possible to query the CFG constructor element to find information about the construction site, possible cleanup work represented by ExprWithCleanups should not prevent us from providing this information. This allows us to have a correct construction context for variables initialized "by value" via elidable copy-constructors, such as 'i' in iterator i = vector.begin(); Differential Revision: https://reviews.llvm.org/D42719 llvm-svn: 324798
* [CFG] Add construction context for constructor initializers.Artem Dergachev2018-02-101-20/+31
| | | | | | | | | | | | | | CFG elements for constructors of fields and base classes that are being initialized before the body of the whole-class constructor starts can now be queried to discover that they're indeed participating in initialization of their respective fields or bases before the whole-class constructor kicks in. CFG construction contexts are now capable of representing CXXCtorInitializer triggers, which aren't considered to be statements in the Clang AST. Differential Revision: https://reviews.llvm.org/D42700 llvm-svn: 324796
* [CFG] Add construction context for simple variable declarations.Artem Dergachev2018-02-101-1/+3
| | | | | | | | | Constructors of simple variables now can be queried to discover that they're constructing into simple variables. Differential Revision: https://reviews.llvm.org/D42699 llvm-svn: 324794
* [CFG] Squash an unused variable introduced in r324668.Artem Dergachev2018-02-091-1/+1
| | | | | | Found by -Werror buildbot. llvm-svn: 324697
* [CFG] Add extra context to C++ constructor statement elements.Artem Dergachev2018-02-082-12/+78
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds a new CFGStmt sub-class, CFGConstructor, which replaces the regular CFGStmt with CXXConstructExpr in it whenever the CFG has additional information to provide regarding what sort of object is being constructed. It is useful for figuring out what memory is initialized in client of the CFG such as the Static Analyzer, which do not operate by recursive AST traversal, but instead rely on the CFG to provide all the information when they need it. Otherwise, the statement that triggers the construction and defines what memory is being initialized would normally occur after the construct-expression, and the client would need to peek to the next CFG element or use statement parent map to understand the necessary facts about the construct-expression. As a proof of concept, CFGConstructors are added for new-expressions and the respective test cases are provided to demonstrate how it works. For now, the only additional data contained in the CFGConstructor element is the "trigger statement", such as new-expression, which is the parent of the constructor. It will be significantly expanded in later commits. The additional data is organized as an auxiliary structure - the "construction context", which is allocated separately from the CFGElement. Differential Revision: https://reviews.llvm.org/D42672 llvm-svn: 324668
* [analyzer] Self-debug: Dump environment frame-by-frame.Artem Dergachev2018-02-081-8/+34
| | | | | | | | | | | It makes it easier to discriminate between values of similar expressions in different stack frames. It also makes the separate backtrace section in ExplodedGraph dumps redundant. Differential Revision: https://reviews.llvm.org/D42552 llvm-svn: 324660
* [analyzer] Fix yet-another-crash in body-farming std::call_onceGeorge Karpenkov2018-02-021-1/+10
| | | | | | | | | | | | | | Crash occurs when parameters to the callback and to std::call_once mismatch, and C++ is supposed to auto-construct an argument. Filed by Alexander Kornienko in https://bugs.llvm.org/show_bug.cgi?id=36149 rdar://37034403 Differential Revision: https://reviews.llvm.org/D42777 llvm-svn: 324046
* Fix typos of occurred and occurrenceMalcolm Parsons2018-01-241-2/+2
| | | | llvm-svn: 323316
* Handle scoped_lockable objects being returned by value in C++17.Richard Smith2018-01-111-5/+51
| | | | | | | | | | | In C++17, guaranteed copy elision means that there isn't necessarily a constructor call when a local variable is initialized by a function call that returns a scoped_lockable by value. In order to model the effects of initializing a local variable with a function call returning a scoped_lockable, pretend that the move constructor was invoked within the caller at the point of return. llvm-svn: 322316
* Track in the AST whether the operand to a UnaryOperator can overflow and ↵Aaron Ballman2018-01-091-3/+6
| | | | | | then use that logic when evaluating constant expressions and emitting codegen. llvm-svn: 322074
* [AST] Inline CompoundStmt contents into the parent allocation.Benjamin Kramer2017-12-241-1/+1
| | | | | | Saves a pointer on every CompoundStmt. llvm-svn: 321429
* Refactor overridden methods iteration to avoid double lookups.Benjamin Kramer2017-12-171-4/+4
| | | | | | Convert most uses to range-for loops. No functionality change intended. llvm-svn: 320954
* [c++20] P0515R3: Parsing support and basic AST construction for operator <=>.Richard Smith2017-12-142-0/+2
| | | | | | | | | | | | | | | Adding the new enumerator forced a bunch more changes into this patch than I would have liked. The -Wtautological-compare warning was extended to properly check the new comparison operator, clang-format needed updating because it uses precedence levels as weights for determining where to break lines (and several operators increased their precedence levels with this change), thread-safety analysis needed changes to build its own IL properly for the new operator. All "real" semantic checking for this operator has been deferred to a future patch. For now, we use the relational comparison rules and arbitrarily give the builtin form of the operator a return type of 'void'. llvm-svn: 320707
* [Analysis] Fix some Clang-tidy modernize and Include What You Use warnings; ↵Eugene Zelenko2017-12-072-142/+177
| | | | | | other minor fixes (NFC). llvm-svn: 320091
* [analyzer] Teach RetainCountChecker about CoreMedia APIsDevin Coughlin2017-11-251-3/+10
| | | | | | | | | | Teach the retain-count checker that CoreMedia reference types use CoreFoundation-style reference counting. This enables the checker to catch leaks and over releases of those types. rdar://problem/33599757 llvm-svn: 318979
* [Analyzer] Stable iteration on indirect goto LabelDecl's to avoid ↵Aleksei Sidorin2017-11-211-1/+1
| | | | | | | | | | | | | | | | | | | | non-determinism (attempt 2) CFG wass built in non-deterministic order due to the fact that indirect goto labels' declarations (LabelDecl's) are stored in the llvm::SmallSet container. LabelDecl's are pointers, whose order is not deterministic, and llvm::SmallSet sorts them by their non-deterministic addresses after "small" container is exceeded. This leads to non-deterministic processing of the elements of the container. The fix is to use llvm::SmallSetVector that was designed to have deterministic iteration order. Patch by Ilya Palachev! Differential Revision: https://reviews.llvm.org/D40073 llvm-svn: 318754
* [analyzer] Model correct dispatch_once() 'done' value in BodyFarmDevin Coughlin2017-11-061-21/+16
| | | | | | | | | | | | | | | | | | | | | | | The analyzer's BodyFarm models dispatch_once() by comparing the passed-in predicate against a known 'done' value. If the predicate does not have that value, the model updates the predicate to have that value and executes the passed in block. Unfortunately, the current model uses the wrong 'done' value: 1 instead of ~0. This interferes with libdispatch's static inline function _dispatch_once(), which enables a fast path if the block has already been executed. That function uses __builtin_assume() to tell the compiler that the done flag is set to ~0 on exit. When r302880 added modeling of __builtin_assume(), this caused the analyzer to assume 1 == ~0. This in turn caused the analyzer to never explore any code after a call to dispatch_once(). This patch regains the missing coverage by updating BodyFarm to use the correct 'done' value. rdar://problem/34413048 Differential Revision: https://reviews.llvm.org/D39691 llvm-svn: 317516
* [analyzer] do not crash on libcxx03 call_once implementationGeorge Karpenkov2017-11-031-8/+16
| | | | | | | | Addresses https://bugs.llvm.org/show_bug.cgi?id=35075, rdar://35230961 Differential Revision: https://reviews.llvm.org/D39518 llvm-svn: 317293
* [analyzer] Removing unused stored field.George Karpenkov2017-11-011-1/+1
| | | | llvm-svn: 317070
* [Analyzer] Use value storage for BodyFarmGeorge Karpenkov2017-11-011-8/+5
| | | | | | Differential Revision: https://reviews.llvm.org/D39428 llvm-svn: 317065
* [Analyzer] Give more descriptive name to BdyFrm field.George Karpenkov2017-10-251-3/+3
| | | | | | Discussion at: https://reviews.llvm.org/D39220 llvm-svn: 316617
* [Analyzer] Remove spaces inside comments mentioning the parameter name,George Karpenkov2017-10-251-34/+34
| | | | | | | to aid clang-tidy comprehension. Requested by @alexfh in https://reviews.llvm.org/D39015 llvm-svn: 316539
* [Analyzer] Store BodyFarm in std::unique_ptrGeorge Karpenkov2017-10-241-7/+2
| | | | | | Differential Revision: https://reviews.llvm.org/D39220 llvm-svn: 316536
* [Analyzer] Fix for the memory leak: fix typo in if-statement.George Karpenkov2017-10-241-1/+1
| | | | llvm-svn: 316403
* [Analyzer] Handle implicit function reference in bodyfarming std::call_onceGeorge Karpenkov2017-10-241-8/+20
| | | | | | Differential Revision: https://reviews.llvm.org/D39201 llvm-svn: 316402
* [Analyzer] Do not use static storage to for implementations created in ↵George Karpenkov2017-10-233-75/+20
| | | | | | | | BodyFarm.cpp Differential Revision: https://reviews.llvm.org/D39208 llvm-svn: 316400
* [Analyzer] Correctly handle parameters passed by reference when bodyfarming ↵George Karpenkov2017-10-201-14/+44
| | | | | | | | | | std::call_once Explicitly not supporting functor objects. Differential Revision: https://reviews.llvm.org/D39031 llvm-svn: 316249
* [Analyzer] Always use non-reference types when creating expressions in BodyFarm.George Karpenkov2017-10-171-22/+14
| | | | | | | | | | | | | | Remove an option to use a reference type (on by default!) since a non-reference type is always needed for creating expressions, functions with multiple boolean parameters are very hard to use, and in general it was just a booby trap for further crashes. Furthermore, generalize call_once test case to fix some of the crashes mentioned https://bugs.llvm.org/show_bug.cgi?id=34869 Also removes std::call_once crash. Differential Revision: https://reviews.llvm.org/D39015 llvm-svn: 316041
* [Analyzer] Support bodyfarming libstdc++ implementation of std::call_once.George Karpenkov2017-10-111-19/+25
| | | | | | Differential Revision: https://reviews.llvm.org/D38810 llvm-svn: 315508
* [Analyzer] Do not segfault on unexpected call_once implementationGeorge Karpenkov2017-10-091-16/+22
| | | | | | | | Fixes https://bugs.llvm.org/show_bug.cgi?id=34869 Differential Revision: https://reviews.llvm.org/D38702 llvm-svn: 315250
* [Analyzer] Avoid copy and modifying passed reference in ↵George Karpenkov2017-10-021-16/+18
| | | | | | | | BodyFarm::create_call_once Differential Revision: https://reviews.llvm.org/D38475 llvm-svn: 314722
* [Analysis] Remove unused makeLvalueToRValue variant.Davide Italiano2017-09-301-13/+0
| | | | llvm-svn: 314605
* [Analyzer] Synthesize function body for std::call_onceGeorge Karpenkov2017-09-301-28/+288
| | | | | | Differential Revision: https://reviews.llvm.org/D37840 llvm-svn: 314571
* [clang] Add getUnsignedPointerDiffType methodAlexander Shaposhnikov2017-09-282-5/+3
| | | | | | | | | | | | | | | | | C11 standard refers to the unsigned counterpart of the type ptrdiff_t in the paragraph 7.21.6.1p7 where it defines the format specifier %tu. In Clang (in PrintfFormatString.cpp, lines 508-510) there is a FIXME for this case, in particular, Clang didn't diagnose %tu issues at all, i.e. it didn't emit any warnings on the code printf("%tu", 3.14). In this diff we add a method getUnsignedPointerDiffType for getting the corresponding type similarly to how it's already done in the other analogous cases (size_t, ssize_t, ptrdiff_t etc) and fix -Wformat diagnostics for %tu plus the emitted fix-it as well. Test plan: make check-all Differential revision: https://reviews.llvm.org/D38270 llvm-svn: 314470
* Consolidate std::move() detection code. No behavior change.Nico Weber2017-09-282-12/+6
| | | | llvm-svn: 314427
* Recommit "Add _Float16 as a C/C++ source language type"Sjoerd Meijer2017-09-081-0/+1
| | | | | | | | This is a recommit of r312781; in some build configurations variable names are omitted, so changed the new regression test accordingly. llvm-svn: 312794
* Revert "Add _Float16 as a C/C++ source language type"Sjoerd Meijer2017-09-081-1/+0
| | | | | | | The clang-with-lto-ubuntu bot didn't like the new regression test, revert while I investigate the issue. llvm-svn: 312784
* Add _Float16 as a C/C++ source language typeSjoerd Meijer2017-09-081-0/+1
| | | | | | | | | | | This adds _Float16 as a source language type, which is a 16-bit floating point type defined in C11 extension ISO/IEC TS 18661-3. In follow up patches documentation and more tests will be added. Differential Revision: https://reviews.llvm.org/D33719 llvm-svn: 312781
* [CSA] [NFC] Move AnalysisContext.h to AnalysisDeclContext.hGeorge Karpenkov2017-09-067-7/+7
| | | | | | | | | | | | | | The implementation is in AnalysisDeclContext.cpp and the class is called AnalysisDeclContext. Making those match up has numerous benefits, including: - Easier jump from header to/from implementation. - Easily identify filename from class. Differential Revision: https://reviews.llvm.org/D37500 llvm-svn: 312671
* [AST] Add TableGen for StmtDataCollectorsJohannes Altmanninger2017-09-061-1/+1
| | | | | | | | | | | | | | Summary: This adds an option "-gen-clang-data-collectors" to the Clang TableGen that is used to generate StmtDataCollectors.inc. Reviewers: arphaman, teemperor! Subscribers: mgorny, cfe-commits Differential Revision: https://reviews.llvm.org/D37383 llvm-svn: 312634
* [analyzer] MinComplexityConstraint now early exits and only does one macro ↵Raphael Isemann2017-09-031-8/+10
| | | | | | | | | | | | | | | | | | | | | stack lookup Summary: This patch contains performance improvements for the `MinComplexityConstraint`. It reduces the constraint time when running on the SQLite codebase by around 43% (from 0.085s down to 0.049s). The patch is essentially doing two things: * It introduces a possibility for the complexity value to early exit when reaching the limit we were checking for. This means that once we noticed that the current clone is larger than the limit the user has set, we instantly exit and no longer traverse the tree or do further expensive lookups in the macro stack. * It also removes half of the macro stack lookups we do so far. Previously we always checked the start and the end location of a Stmt for macros, which was only a middle way between checking all locations of the Stmt and just checking one location. In practice I rarely found cases where it really matters if we check start/end or just the start of a statement as code with lots of macros that somehow just produce half a statement are very rare. Reviewers: NoQ Subscribers: cfe-commits, xazax.hun, v.g.vassilev Differential Revision: https://reviews.llvm.org/D34361 llvm-svn: 312440
* std::function -> llvm::function_ref. NFC.Benjamin Kramer2017-09-011-1/+2
| | | | llvm-svn: 312336
* [analyzer] Performance optimizations for the CloneCheckerRaphael Isemann2017-08-311-6/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Summary: This patch aims at optimizing the CloneChecker for larger programs. Before this patch we took around 102 seconds to analyze sqlite3 with a complexity value of 50. After this patch we now take 2.1 seconds to analyze sqlite3. The biggest performance optimization is that we now put the constraint for group size before the constraint for the complexity. The group size constraint is much faster in comparison to the complexity constraint as it only does a simple integer comparison. The complexity constraint on the other hand actually traverses each Stmt and even checks the macro stack, so it is obviously not able to handle larger amounts of incoming clones. The new order filters out all the single-clone groups that the type II constraint generates in a faster way before passing the fewer remaining clones to the complexity constraint. This reduced runtime by around 95%. The other change is that we also delay the verification part of the type II clones back in the chain of constraints. This required to split up the constraint into two parts - a verification and a hash constraint (which is also making it more similar to the original design of the clone detection algorithm). The reasoning for this is the same as before: The verification constraint has to traverse many statements and shouldn't be at the start of the constraint chain. However, as the type II hashing has to be the first step in our algorithm, we have no other choice but split this constrain into two different ones. Now our group size and complexity constrains filter out a chunk of the clones before they reach the slow verification step, which reduces the runtime by around 8%. I also kept the full type II constraint around - that now just calls it's two sub-constraints - in case someone doesn't care about the performance benefits of doing this. Reviewers: NoQ Reviewed By: NoQ Subscribers: klimek, v.g.vassilev, xazax.hun, cfe-commits Differential Revision: https://reviews.llvm.org/D34182 llvm-svn: 312222
* [analyzer] Make StmtDataCollector customizableJohannes Altmanninger2017-08-231-44/+68
| | | | | | | | | | | | | | | | | | | | | | | | Summary: This moves the data collection macro calls for Stmt nodes to lib/AST/StmtDataCollectors.inc Users can subclass ConstStmtVisitor and include StmtDataCollectors.inc to define visitor methods for each Stmt subclass. This makes it also possible to customize the visit methods as exemplified in lib/Analysis/CloneDetection.cpp. Move helper methods for data collection to a new module, AST/DataCollection. Add data collection for DeclRefExpr, MemberExpr and some literals. Reviewers: arphaman, teemperor! Subscribers: mgorny, xazax.hun, cfe-commits Differential Revision: https://reviews.llvm.org/D36664 llvm-svn: 311569
OpenPOWER on IntegriCloud