summaryrefslogtreecommitdiffstats
path: root/clang/lib/Analysis
Commit message (Collapse)AuthorAgeFilesLines
...
* [Analyzer] Do not use static storage to for implementations created in ↵George Karpenkov2017-10-233-75/+20
| | | | | | | | BodyFarm.cpp Differential Revision: https://reviews.llvm.org/D39208 llvm-svn: 316400
* [Analyzer] Correctly handle parameters passed by reference when bodyfarming ↵George Karpenkov2017-10-201-14/+44
| | | | | | | | | | std::call_once Explicitly not supporting functor objects. Differential Revision: https://reviews.llvm.org/D39031 llvm-svn: 316249
* [Analyzer] Always use non-reference types when creating expressions in BodyFarm.George Karpenkov2017-10-171-22/+14
| | | | | | | | | | | | | | Remove an option to use a reference type (on by default!) since a non-reference type is always needed for creating expressions, functions with multiple boolean parameters are very hard to use, and in general it was just a booby trap for further crashes. Furthermore, generalize call_once test case to fix some of the crashes mentioned https://bugs.llvm.org/show_bug.cgi?id=34869 Also removes std::call_once crash. Differential Revision: https://reviews.llvm.org/D39015 llvm-svn: 316041
* [Analyzer] Support bodyfarming libstdc++ implementation of std::call_once.George Karpenkov2017-10-111-19/+25
| | | | | | Differential Revision: https://reviews.llvm.org/D38810 llvm-svn: 315508
* [Analyzer] Do not segfault on unexpected call_once implementationGeorge Karpenkov2017-10-091-16/+22
| | | | | | | | Fixes https://bugs.llvm.org/show_bug.cgi?id=34869 Differential Revision: https://reviews.llvm.org/D38702 llvm-svn: 315250
* [Analyzer] Avoid copy and modifying passed reference in ↵George Karpenkov2017-10-021-16/+18
| | | | | | | | BodyFarm::create_call_once Differential Revision: https://reviews.llvm.org/D38475 llvm-svn: 314722
* [Analysis] Remove unused makeLvalueToRValue variant.Davide Italiano2017-09-301-13/+0
| | | | llvm-svn: 314605
* [Analyzer] Synthesize function body for std::call_onceGeorge Karpenkov2017-09-301-28/+288
| | | | | | Differential Revision: https://reviews.llvm.org/D37840 llvm-svn: 314571
* [clang] Add getUnsignedPointerDiffType methodAlexander Shaposhnikov2017-09-282-5/+3
| | | | | | | | | | | | | | | | | C11 standard refers to the unsigned counterpart of the type ptrdiff_t in the paragraph 7.21.6.1p7 where it defines the format specifier %tu. In Clang (in PrintfFormatString.cpp, lines 508-510) there is a FIXME for this case, in particular, Clang didn't diagnose %tu issues at all, i.e. it didn't emit any warnings on the code printf("%tu", 3.14). In this diff we add a method getUnsignedPointerDiffType for getting the corresponding type similarly to how it's already done in the other analogous cases (size_t, ssize_t, ptrdiff_t etc) and fix -Wformat diagnostics for %tu plus the emitted fix-it as well. Test plan: make check-all Differential revision: https://reviews.llvm.org/D38270 llvm-svn: 314470
* Consolidate std::move() detection code. No behavior change.Nico Weber2017-09-282-12/+6
| | | | llvm-svn: 314427
* Recommit "Add _Float16 as a C/C++ source language type"Sjoerd Meijer2017-09-081-0/+1
| | | | | | | | This is a recommit of r312781; in some build configurations variable names are omitted, so changed the new regression test accordingly. llvm-svn: 312794
* Revert "Add _Float16 as a C/C++ source language type"Sjoerd Meijer2017-09-081-1/+0
| | | | | | | The clang-with-lto-ubuntu bot didn't like the new regression test, revert while I investigate the issue. llvm-svn: 312784
* Add _Float16 as a C/C++ source language typeSjoerd Meijer2017-09-081-0/+1
| | | | | | | | | | | This adds _Float16 as a source language type, which is a 16-bit floating point type defined in C11 extension ISO/IEC TS 18661-3. In follow up patches documentation and more tests will be added. Differential Revision: https://reviews.llvm.org/D33719 llvm-svn: 312781
* [CSA] [NFC] Move AnalysisContext.h to AnalysisDeclContext.hGeorge Karpenkov2017-09-067-7/+7
| | | | | | | | | | | | | | The implementation is in AnalysisDeclContext.cpp and the class is called AnalysisDeclContext. Making those match up has numerous benefits, including: - Easier jump from header to/from implementation. - Easily identify filename from class. Differential Revision: https://reviews.llvm.org/D37500 llvm-svn: 312671
* [AST] Add TableGen for StmtDataCollectorsJohannes Altmanninger2017-09-061-1/+1
| | | | | | | | | | | | | | Summary: This adds an option "-gen-clang-data-collectors" to the Clang TableGen that is used to generate StmtDataCollectors.inc. Reviewers: arphaman, teemperor! Subscribers: mgorny, cfe-commits Differential Revision: https://reviews.llvm.org/D37383 llvm-svn: 312634
* [analyzer] MinComplexityConstraint now early exits and only does one macro ↵Raphael Isemann2017-09-031-8/+10
| | | | | | | | | | | | | | | | | | | | | stack lookup Summary: This patch contains performance improvements for the `MinComplexityConstraint`. It reduces the constraint time when running on the SQLite codebase by around 43% (from 0.085s down to 0.049s). The patch is essentially doing two things: * It introduces a possibility for the complexity value to early exit when reaching the limit we were checking for. This means that once we noticed that the current clone is larger than the limit the user has set, we instantly exit and no longer traverse the tree or do further expensive lookups in the macro stack. * It also removes half of the macro stack lookups we do so far. Previously we always checked the start and the end location of a Stmt for macros, which was only a middle way between checking all locations of the Stmt and just checking one location. In practice I rarely found cases where it really matters if we check start/end or just the start of a statement as code with lots of macros that somehow just produce half a statement are very rare. Reviewers: NoQ Subscribers: cfe-commits, xazax.hun, v.g.vassilev Differential Revision: https://reviews.llvm.org/D34361 llvm-svn: 312440
* std::function -> llvm::function_ref. NFC.Benjamin Kramer2017-09-011-1/+2
| | | | llvm-svn: 312336
* [analyzer] Performance optimizations for the CloneCheckerRaphael Isemann2017-08-311-6/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Summary: This patch aims at optimizing the CloneChecker for larger programs. Before this patch we took around 102 seconds to analyze sqlite3 with a complexity value of 50. After this patch we now take 2.1 seconds to analyze sqlite3. The biggest performance optimization is that we now put the constraint for group size before the constraint for the complexity. The group size constraint is much faster in comparison to the complexity constraint as it only does a simple integer comparison. The complexity constraint on the other hand actually traverses each Stmt and even checks the macro stack, so it is obviously not able to handle larger amounts of incoming clones. The new order filters out all the single-clone groups that the type II constraint generates in a faster way before passing the fewer remaining clones to the complexity constraint. This reduced runtime by around 95%. The other change is that we also delay the verification part of the type II clones back in the chain of constraints. This required to split up the constraint into two parts - a verification and a hash constraint (which is also making it more similar to the original design of the clone detection algorithm). The reasoning for this is the same as before: The verification constraint has to traverse many statements and shouldn't be at the start of the constraint chain. However, as the type II hashing has to be the first step in our algorithm, we have no other choice but split this constrain into two different ones. Now our group size and complexity constrains filter out a chunk of the clones before they reach the slow verification step, which reduces the runtime by around 8%. I also kept the full type II constraint around - that now just calls it's two sub-constraints - in case someone doesn't care about the performance benefits of doing this. Reviewers: NoQ Reviewed By: NoQ Subscribers: klimek, v.g.vassilev, xazax.hun, cfe-commits Differential Revision: https://reviews.llvm.org/D34182 llvm-svn: 312222
* [analyzer] Make StmtDataCollector customizableJohannes Altmanninger2017-08-231-44/+68
| | | | | | | | | | | | | | | | | | | | | | | | Summary: This moves the data collection macro calls for Stmt nodes to lib/AST/StmtDataCollectors.inc Users can subclass ConstStmtVisitor and include StmtDataCollectors.inc to define visitor methods for each Stmt subclass. This makes it also possible to customize the visit methods as exemplified in lib/Analysis/CloneDetection.cpp. Move helper methods for data collection to a new module, AST/DataCollection. Add data collection for DeclRefExpr, MemberExpr and some literals. Reviewers: arphaman, teemperor! Subscribers: mgorny, xazax.hun, cfe-commits Differential Revision: https://reviews.llvm.org/D36664 llvm-svn: 311569
* Implement CFG construction for __try / __except / __leave.Nico Weber2017-08-231-10/+148
| | | | | | | | | | | | | | | | | | | | | | | This makes -Wunreachable-code work for programs containing SEH (except for __finally, which is still missing for now). __try is modeled like try (but simpler since it can only have a single __except or __finally), __except is fairly similar to catch (but simpler, since it can't contain declarations). __leave is implemented similarly to break / continue. Use the existing addTryDispatchBlock infrastructure (which FindUnreachableCode() in ReachableCode.cpp uses via cfg->try_blocks_begin()) to mark things in the __except blocks as reachable. Re-use TryTerminatedBlock. This means we add EH edges from calls to the __try block, but not from all other statements. While this is incomplete, it matches LLVM's SEH codegen support. Also, in practice, BuildOpts.AddEHEdges is always false in practice from what I can tell, so we never even insert the call EH edges either. https://reviews.llvm.org/D36914 llvm-svn: 311561
* [CFG] Add LoopExit information to CFGPeter Szecsi2017-08-192-0/+26
| | | | | | | | | | | | | | | | This patch introduces a new CFG element CFGLoopExit that indicate when a loop ends. It does not deal with returnStmts yet (left it as a TODO). It hidden behind a new analyzer-config flag called cfg-loopexit (false by default). Test cases added. The main purpose of this patch right know is to make loop unrolling and loop widening easier and more efficient. However, this information can be useful for future improvements in the StaticAnalyzer core too. Differential Revision: https://reviews.llvm.org/D35668 llvm-svn: 311235
* Reland "Thread Safety Analysis: fix assert_capability."Josh Gao2017-08-081-2/+17
| | | | | | | | | | | Delete the test that was broken by rL309725, and add it back in a follow up commit. Also, improve the tests a bit. Reviewers: delesley, aaron.ballman Differential Revision: https://reviews.llvm.org/D36237 llvm-svn: 310402
* Revert "Thread Safety Analysis: fix assert_capability."Josh Gao2017-08-011-17/+2
| | | | | | | | This reverts commit rL309725. Broke test/Sema/attr-capabilities.c. llvm-svn: 309731
* Thread Safety Analysis: fix assert_capability.Josh Gao2017-08-011-2/+17
| | | | | | | | | | | | | | | | Summary: Previously, the assert_capability attribute was completely ignored by thread safety analysis. Reviewers: delesley, rnk Reviewed By: delesley Subscribers: cfe-commits Differential Revision: https://reviews.llvm.org/D36122 llvm-svn: 309725
* [clang] Fix handling of "%zd" in scanfAlexander Shaposhnikov2017-07-201-3/+2
| | | | | | | | | | | | | This diff addresses FIXMEs in lib/Analysis/ScanfFormatString.cpp for the case of ssize_t format specifier and adds tests. In particular, this change enables Clang to emit a warning on incorrect using of "%zd"/"%zn". Test plan: make check-all Differential revision: https://reviews.llvm.org/D35652 llvm-svn: 308662
* [clang] Fix handling of "%zd" format specifierAlexander Shaposhnikov2017-07-141-3/+2
| | | | | | | | | | | | | This diff addresses FIXME in lib/Analysis/PrintfFormatString.cpp and makes PrintfSpecifier::getArgType return the correct type. In particular, this change enables Clang to emit a warning on incorrect using of "%zd"/"%zn" format specifiers. Differential revision: https://reviews.llvm.org/D35427 Test plan: make check-all llvm-svn: 308067
* CFG: Add CFGElement for automatic variables that leave the scopeMatthias Gehre2017-07-122-45/+181
| | | | | | | | | | | | | | | | | | | | | | | | Summary: This mimics the implementation for the implicit destructors. The generation of this scope leaving elements is hidden behind a flag to the CFGBuilder, thus it should not affect existing code. Currently, I'm missing a test (it's implicitly tested by the clang-tidy lifetime checker that I'm proposing). I though about a test using debug.DumpCFG, but then I would have to add an option to StaticAnalyzer/Core/AnalyzerOptions to enable the scope leaving CFGElement, which would only be useful to that particular test. Any other ideas how I could make a test for this feature? Reviewers: krememek, jordan_rose Subscribers: cfe-commits Differential Revision: http://reviews.llvm.org/D15031 llvm-svn: 307759
* [analyzer] Faster hashing of subsequences in CompoundStmts.Raphael Isemann2017-07-091-9/+20
| | | | | | | | | | | | | | Summary: This patches improves the hashing subsequences in CompoundStmts by incrementally hashing all subsequences with the same starting position. This results in a reduction of the time for this constraint while running over SQLite from 1.10 seconds to 0.55 seconds (-50%). Reviewers: NoQ Reviewed By: NoQ Subscribers: cfe-commits, xazax.hun, v.g.vassilev Differential Revision: https://reviews.llvm.org/D34364 llvm-svn: 307509
* [analyzer] Make StmtDataCollector part of the CloneDetection APIRaphael Isemann2017-07-091-185/+3
| | | | | | | | | | | | | | Summary: We probably want to use this useful templates in other pieces of code (e.g. the one from D34329), so we should make this public. Reviewers: NoQ Reviewed By: NoQ Subscribers: cfe-commits, xazax.hun, v.g.vassilev, johannes Differential Revision: https://reviews.llvm.org/D34880 llvm-svn: 307501
* Changed wording in commentRaphael Isemann2017-06-211-2/+1
| | | | llvm-svn: 305878
* [analyzer] Teach CloneDetection about Qt Meta-Object Compiler to filter auto ↵Leslie Zhai2017-06-201-1/+1
| | | | | | | | | | | | generated files Reviewers: v.g.vassilev, teemperor Reviewed By: teemperor Differential Revision: https://reviews.llvm.org/D34353 llvm-svn: 305774
* [analyzer] Teach CloneDetection about Qt Meta-Object CompilerLeslie Zhai2017-06-191-1/+18
| | | | | | | | | | Reviewers: v.g.vassilev, zaks.anna, NoQ, teemperor Reviewed By: v.g.vassilev, zaks.anna, NoQ, teemperor Differential Revision: https://reviews.llvm.org/D31320 llvm-svn: 305659
* Added LLVM_FALLTHROUGH to address warning: this statement may fall through. NFC.Galina Kistanova2017-06-033-0/+4
| | | | llvm-svn: 304641
* [coroutines] Fix fallthrough diagnostics for coroutinesEric Fiselier2017-05-251-0/+2
| | | | | | | | | | | | | | | | | | | | Summary: This patch fixes a number of issues with the analysis warnings emitted when a coroutine may reach the end of the function w/o returning. * Fix bug where coroutines with `return_value` are incorrectly diagnosed as missing `co_return`'s. * Rework diagnostic message to no longer say "non-void coroutine", because that implies the coroutine doesn't have a void return type, which it might. In this case a non-void coroutine is one who's promise type does not contain `return_void()` As a side-effect of this patch, coroutine bodies that contain an invalid coroutine promise objects are marked as invalid. Reviewers: GorNishanov, rsmith, aaron.ballman, majnemer Reviewed By: GorNishanov Subscribers: cfe-commits Differential Revision: https://reviews.llvm.org/D33532 llvm-svn: 303831
* Fix PR13910: Don't warn that __builtin_unreachable() is unreachableAlex Lorenz2017-04-111-2/+9
| | | | | | Differential Revision: https://reviews.llvm.org/D25321 llvm-svn: 299951
* Fix unused lambda capture. Follow up to r299653.Ivan Krasin2017-04-061-1/+1
| | | | llvm-svn: 299671
* [analyzer] Reland r299544 "Add a modular constraint system to the CloneDetector"Artem Dergachev2017-04-061-519/+368
| | | | | | | | | | | | | | | | | | | | | | | | | | | Hopefully fix crashes by unshadowing the variable. Original commit message: A big part of the clone detection code is functionality for filtering clones and clone groups based on different criteria. So far this filtering process was hardcoded into the CloneDetector class, which made it hard to understand and, ultimately, to extend. This patch splits the CloneDetector's logic into a sequence of reusable constraints that are used for filtering clone groups. These constraints can be turned on and off and reodreder at will, and new constraints are easy to implement if necessary. Unit tests are added for the new constraint interface. This is a refactoring patch - no functional change intended. Patch by Raphael Isemann! Differential Revision: https://reviews.llvm.org/D23418 llvm-svn: 299653
* Revert "[analyzer] Add a modular constraint system to the CloneDetector"Artem Dergachev2017-04-051-368/+519
| | | | | | | | This reverts commit r299544. Crashes on tests on some buildbots. llvm-svn: 299550
* [analyzer] Add a modular constraint system to the CloneDetectorArtem Dergachev2017-04-051-519/+368
| | | | | | | | | | | | | | | | | | | | | | A big part of the clone detection code is functionality for filtering clones and clone groups based on different criteria. So far this filtering process was hardcoded into the CloneDetector class, which made it hard to understand and, ultimately, to extend. This patch splits the CloneDetector's logic into a sequence of reusable constraints that are used for filtering clone groups. These constraints can be turned on and off and reodreder at will, and new constraints are easy to implement if necessary. Unit tests are added for the new constraint interface. This is a refactoring patch - no functional change intended. Patch by Raphael Isemann! Differential Revision: https://reviews.llvm.org/D23418 llvm-svn: 299544
* -Wunreachable-code: 'true' and 'false' should not be treated as configurationAlex Lorenz2017-04-051-1/+7
| | | | | | | | | macros Clang should emit -Wunreachable-code warnings in C mode for code that's unreachable because of a 'false' or '!true' condition. llvm-svn: 299541
* Spelling mistakes in comments. NFCI. (PR27635)Simon Pilgrim2017-03-301-2/+2
| | | | llvm-svn: 299083
* Encapsulate FPOptions and use it consistentlyAdam Nemet2017-03-271-2/+2
| | | | | | | | | | | | | | | | | | Sema holds the current FPOptions which is adjusted by 'pragma STDC FP_CONTRACT'. This then gets propagated into expression nodes as they are built. This encapsulates FPOptions so that this propagation happens opaquely rather than directly with the fp_contractable on/off bit. This allows controlled transitioning of fp_contractable to a ternary value (off, on, fast). It will also allow adding more fast-math flags later. This is toward moving fp-contraction=fast from an LLVM TargetOption to a FastMathFlag in order to fix PR25721. Differential Revision: https://reviews.llvm.org/D31166 llvm-svn: 298877
* [analyzer] Fix crash when building CFG with variable of incomplete typeMartin Bohme2017-03-071-1/+1
| | | | | | | | | | | | | | | | | | Summary: I've included a unit test with a function template containing a variable of incomplete type. Clang compiles this without errors (the standard does not require a diagnostic in this case). Without the fix, this case triggers the crash. Reviewers: klimek Reviewed By: klimek Subscribers: cfe-commits Differential Revision: https://reviews.llvm.org/D30636 llvm-svn: 297129
* Make helpers static. NFC.Benjamin Kramer2017-02-111-0/+2
| | | | llvm-svn: 294838
* Remove unused 'using' declaration. Found by clang-tidy: ↵Sylvestre Ledru2017-01-281-1/+0
| | | | | | misc-unused-using-decls NFC llvm-svn: 293381
* [analyzer] Consider function call arguments while building CallGraph.Artem Dergachev2017-01-271-0/+1
| | | | | | | | | | | | | | Function call can appear in the arguments of another function call, eg.: foo(bar()); This patch adds support for such cases. Patch by Ivan Sidorenko! Differential revision: https://reviews.llvm.org/D28905 llvm-svn: 293280
* PR31631: fix bad CFG (and bogus warnings) when an if-statement has an ↵Richard Smith2017-01-131-41/+36
| | | | | | init-statement and has binary operator as its condition. llvm-svn: 291964
* Avoid multiple -Wunreachable-code diagnostics that are triggered byAlex Lorenz2017-01-121-5/+15
| | | | | | | | | | | the same source range and use the unary operator fixit only when it actually silences the warning. rdar://24570531 Differential Revision: https://reviews.llvm.org/D28231 llvm-svn: 291757
* [analyzer] Fix crash in body farm for getter without implicit self.Devin Coughlin2017-01-111-0/+2
| | | | | | | | | | | | | | | | | Fix a crash in body farm when synthesizing a getter for a property synthesized for a property declared in a protocol on a class extension that shadows a declaration of the property in a category. In this case, Sema doesn't fill in the implicit 'self' parameter for the getter in the category, which leads to a crash when trying to synthesize the getter for it. To avoid the crash, skip getter synthesis in body farm if the self parameter is not filled int. rdar://problem/29938138 llvm-svn: 291635
* Extend -Wtautological-overlap-compare to more cases.Richard Trieu2017-01-041-3/+7
| | | | | | | | | | | Previously, -Wtautological-overlap-compare did not warn on cases where the boolean expression was in an assignment or return statement. This patch should cause all boolean statements to be passed to the tautological compare checks in the CFG analysis. This is one of the issues from PR13101 llvm-svn: 290920
OpenPOWER on IntegriCloud