summaryrefslogtreecommitdiffstats
path: root/clang/lib/Analysis
Commit message (Collapse)AuthorAgeFilesLines
* [CFG] Fix an assertion failure with static initializersGabor Horvath2019-12-231-1/+1
| | | | | | | | | | | | | The CFGBlock::getLastCondition was not prepared for static initializer branches. This patch also revamps CFG unit tests. Earlier the lifetime of the AST was smaller than the CFG. So all the AST pointers within the CFG blocks were dangling. This was OK, since none of the tests dereferenced those pointers. This was, however, a timed bomb. There were patches in the past that were reverted partially due to this problem. Differential revision: https://reviews.llvm.org/D71791
* [CFG] Add an option to expand CXXDefaultInitExpr into aggregate initializationGabor Horvath2019-12-171-3/+29
| | | | | | | | | | This is useful for clients that are relying on linearized CFGs for evaluating subexpressions and want the default initializer to be evaluated properly. The upcoming lifetime analysis is using this but it might also be useful for the static analyzer at some point. Differential Revision: https://reviews.llvm.org/D71642
* [analyzer] Do not cache out on some shared implicit AST nodesGabor Horvath2019-12-111-0/+5
| | | | | | | | | | | Some AST nodes which stands for implicit initialization is shared. The analyzer will do the same evaluation on the same nodes resulting in the same state. The analyzer will "cache out", i.e. it thinks that it visited an already existing node in the exploded graph. This is not true in this case and we lose coverage. Since these nodes do not really require any processing from the analyzer we just omit them from the CFG. Differential Revision: https://reviews.llvm.org/D71371
* Remove Expr.h include from ASTContext.h, NFCReid Kleckner2019-12-061-1/+1
| | | | | | | ASTContext.h is popular, prune its includes. Expr.h brings in Attr.h, which is also expensive. Move BlockVarCopyInit to Expr.h to accomplish this.
* [analyzer] Fix more ObjC accessor body farms after 2073dd2d.Artem Dergachev2019-12-041-4/+8
| | | | | | | | Fix a crash when constructing a body farm for accessors of a property that is declared and @synthesize'd in different (but related) interfaces with the explicit ivar syntax. This is a follow-up for 0b58b80e.
* [CFG] Fix a flaky crash in CFGBlock::getLastCondition().Artem Dergachev2019-11-211-0/+4
| | | | | | | Using an end iterator of an empty CFG block was causing a garbage pointer dereference. Differential Revision: https://reviews.llvm.org/D69962
* [analyzer] Fix Objective-C accessor body farms after 2073dd2d.Artem Dergachev2019-11-211-40/+51
| | | | | | | | | | Fix a canonicalization problem for the newly added property accessor stubs that was causing a wrong decl to be used for 'self' in the accessor's body farm. Fix a crash when constructing a body farm for accessors of a property that is declared and @synthesize'd in different (but related) interfaces. Differential Revision: https://reviews.llvm.org/D70158
* [NFC] Refactor representation of materialized temporariesTyker2019-11-193-7/+6
| | | | | | | | | | | | | | | Summary: this patch refactor representation of materialized temporaries to prevent an issue raised by rsmith in https://reviews.llvm.org/D63640#inline-612718 Reviewers: rsmith, martong, shafik Reviewed By: rsmith Subscribers: thakis, sammccall, ilya-biryukov, rnkovacs, arphaman, cfe-commits Tags: #clang Differential Revision: https://reviews.llvm.org/D69360
* Revert "[NFC] Refactor representation of materialized temporaries"Nico Weber2019-11-173-6/+7
| | | | | | This reverts commit 08ea1ee2db5f9d6460fef1d79d0d1d1a5eb78982. It broke ./ClangdTests/FindExplicitReferencesTest.All on the bots, see comments on https://reviews.llvm.org/D69360
* [NFC] Refactor representation of materialized temporariesTyker2019-11-163-7/+6
| | | | | | | | | | | | | | | Summary: this patch refactor representation of materialized temporaries to prevent an issue raised by rsmith in https://reviews.llvm.org/D63640#inline-612718 Reviewers: rsmith, martong, shafik Reviewed By: rsmith Subscribers: rnkovacs, arphaman, cfe-commits Tags: #clang Differential Revision: https://reviews.llvm.org/D69360
* Avoid including Builtins.h in Preprocessor.hReid Kleckner2019-11-151-0/+1
| | | | | | Builtins are rarely if ever accessed via the Preprocessor. They are typically found on the ASTContext, so there should be no performance penalty to using a pointer indirection to store the builtin context.
* Redeclare Objective-C property accessors inside the ObjCImplDecl in which ↵Adrian Prantl2019-11-081-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | they are synthesized. This patch is motivated by (and factored out from) https://reviews.llvm.org/D66121 which is a debug info bugfix. Starting with DWARF 5 all Objective-C methods are nested inside their containing type, and that patch implements this for synthesized Objective-C properties. 1. SemaObjCProperty populates a list of synthesized accessors that may need to inserted into an ObjCImplDecl. 2. SemaDeclObjC::ActOnEnd inserts forward-declarations for all accessors for which no override was provided into their ObjCImplDecl. This patch does *not* synthesize AST function *bodies*. Moving that code from the static analyzer into Sema may be a good idea though. 3. Places that expect all methods to have bodies have been updated. I did not update the static analyzer's inliner for synthesized properties to point back to the property declaration (see test/Analysis/Inputs/expected-plists/nullability-notes.m.plist), which I believed to be more bug than a feature. Differential Revision: https://reviews.llvm.org/D68108 rdar://problem/53782400
* Thread safety analysis: Peel away NoOp implicit casts in initializersAaron Puchert2019-10-301-0/+3
| | | | | | | | | | | | Summary: This happens when someone initializes a variable with guaranteed copy elision and an added const qualifier. Fixes PR43826. Reviewers: aaron.ballman, rsmith Reviewed By: aaron.ballman Differential Revision: https://reviews.llvm.org/D69533
* New tautological warning for bitwise-or with non-zero constant always true.Richard Trieu2019-10-191-1/+40
| | | | | | | | | | | | | | | | | | Taking a value and the bitwise-or it with a non-zero constant will always result in a non-zero value. In a boolean context, this is always true. if (x | 0x4) {} // always true, intended '&' This patch creates a new warning group -Wtautological-bitwise-compare for this warning. It also moves in the existing tautological bitwise comparisons into this group. A few other changes were needed to the CFGBuilder so that all bool contexts would be checked. The warnings in -Wtautological-bitwise-compare will be off by default due to using the CFG. Fixes: https://bugs.llvm.org/show_bug.cgi?id=42666 Differential Revision: https://reviews.llvm.org/D66046 llvm-svn: 375318
* [analyzer] Display cast kinds in program point dumps.Artem Dergachev2019-10-171-1/+5
| | | | | | | Because cast expressions have their own hierarchy, it's extremely useful to have some information about what kind of casts are we dealing with. llvm-svn: 375185
* [OPENMP]Dow not emit warnings for uninitialized loop counters.Alexey Bataev2019-10-171-1/+2
| | | | | | | In OpenMP constructs all counters are initialized and we should not emit warnings about uninitialized privatized loop control variables. llvm-svn: 375167
* Teach CallGraph to look into Generic Lambdas.Erich Keane2019-09-301-1/+4
| | | | | | | | | | | | | | | | | | | | CallGraph visited LambdaExpr by getting the Call Operator from CXXRecordDecl (LambdaExpr::getCallOperator calls CXXRecordDecl::getLambdaCallOperator), which replaced generic lambda call operators with the non-instantiated FunctionDecl. The result was that the CallGraph would only pick up non-dependent calls. This patch does a few things: 1- Extend CXXRecordDecl to have a getDependentLambdaCallOperator, which will get the FunctionTemplateDecl, rather than immediately getting the TemplateDecl. 2- Define getLambdaCallOperator and getDependentLambdaCallOperator in terms of a common function. 3- Extend LambdaExpr with a getDependentCallOperator, which just calls the above function. 4- Changes CallGraph to handle Generic LambdaExprs. llvm-svn: 373247
* Don't install example analyzer pluginsAaron Puchert2019-09-283-3/+3
| | | | | | | | | | | | Summary: Fixes PR43430. Reviewers: hintonda, NoQ, Szelethus, lebedev.ri Reviewed By: lebedev.ri Differential Revision: https://reviews.llvm.org/D68172 llvm-svn: 373148
* Revert r373034Nicholas Allegra2019-09-271-23/+20
| | | | | | It breaks the build on MSVC. llvm-svn: 373039
* [Consumed][NFC] Refactor handleCall to take function argument list.Nicholas Allegra2019-09-261-20/+23
| | | | | | Differential Revision: https://reviews.llvm.org/D67569 llvm-svn: 373034
* Merge and improve code that detects same value in comparisons.Richard Trieu2019-09-211-17/+16
| | | | | | | | | | | | -Wtautological-overlap-compare and self-comparison from -Wtautological-compare relay on detecting the same operand in different locations. Previously, each warning had it's own operand checker. Now, both are merged together into one function that each can call. The function also now looks through member access and array accesses. Differential Revision: https://reviews.llvm.org/D66045 llvm-svn: 372453
* Improve -Wtautological-overlap-compareRichard Trieu2019-09-212-6/+40
| | | | | | | | | Allow this warning to detect a larger number of constant values, including negative numbers, and handle non-int types better. Differential Revision: https://reviews.llvm.org/D66044 llvm-svn: 372448
* [Consumed] Treat by-value class arguments as consuming by default, like ↵Nicholas Allegra2019-09-191-3/+3
| | | | | | | | rvalue refs. Differential Revision: https://reviews.llvm.org/D67743 llvm-svn: 372361
* [analyzer] PR43102: Fix an assertion and an out-of-bounds error for ↵Kristof Umann2019-09-181-7/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | diagnostic location construction Summary: https://bugs.llvm.org/show_bug.cgi?id=43102 In today's edition of "Is this any better now that it isn't crashing?", I'd like to show you a very interesting test case with loop widening. Looking at the included test case, it's immediately obvious that this is not only a false positive, but also a very bad bug report in general. We can see how the analyzer mistakenly invalidated `b`, instead of its pointee, resulting in it reporting a null pointer dereference error. Not only that, the point at which this change of value is noted at is at the loop, rather then at the method call. It turns out that `FindLastStoreVisitor` works correctly, rather the supplied explodedgraph is faulty, because `BlockEdge` really is the `ProgramPoint` where this happens. {F9855739} So it's fair to say that this needs improving on multiple fronts. In any case, at least the crash is gone. Full ExplodedGraph: {F9855743} Reviewers: NoQ, xazax.hun, baloghadamsoftware, Charusso, dcoughlin, rnkovacs, TWeaver Subscribers: JesperAntonsson, uabelho, Ka-Ka, bjope, whisperity, szepet, a.sidorin, mikhail.ramalho, donat.nagy, dkrupp, gamesh411, cfe-commits Tags: #clang Differential Revision: https://reviews.llvm.org/D66716 llvm-svn: 372269
* [CFG] Add dumps for CFGElement and CFGElementRefKristof Umann2019-09-121-28/+70
| | | | | | | | | Seems like we never had these, so here we go! I also did some refactoring as I was chasing a bug unrelated to this revision. Differential Revision: https://reviews.llvm.org/D66715 llvm-svn: 371765
* [analyzer][NFC] Fix inconsistent references to checkers as "checks"Kristof Umann2019-09-122-3/+3
| | | | | | | | | | | | | | Traditionally, clang-tidy uses the term check, and the analyzer uses checker, but in the very early years, this wasn't the case, and code originating from the early 2010's still incorrectly refer to checkers as checks. This patch attempts to hunt down most of these, aiming to refer to checkers as checkers, but preserve references to callback functions (like checkPreCall) as checks. Differential Revision: https://reviews.llvm.org/D67140 llvm-svn: 371760
* [analyzer] NFC: Move PathDiagnostic classes to libAnalysis.Artem Dergachev2019-09-112-0/+1216
| | | | | | | | | | | | At this point the PathDiagnostic, PathDiagnosticLocation, PathDiagnosticPiece structures no longer rely on anything specific to Static Analyzer, so we can move them out of it for everybody to use. PathDiagnosticConsumers are still to be handed off. Differential Revision: https://reviews.llvm.org/D67419 llvm-svn: 371661
* [analyzer] NFC: Introduce sub-classes for path-sensitive and basic reports.Artem Dergachev2019-09-091-2/+2
| | | | | | | | | | | | | Checkers are now required to specify whether they're creating a path-sensitive report or a path-insensitive report by constructing an object of the respective type. This makes BugReporter more independent from the rest of the Static Analyzer because all Analyzer-specific code is now in sub-classes. Differential Revision: https://reviews.llvm.org/D66572 llvm-svn: 371450
* [CFG] Fix CFG for statement-expressions in return values.Artem Dergachev2019-08-291-3/+2
| | | | | | | | | | | We're building the CFG from bottom to top, so when the return-value expression has a non-trivial CFG on its own, we need to continue building from the entry to the return-value expression CFG rather than from the block to which we've just appended the return statement. Fixes a false positive warning "control may reach end of non-void function". llvm-svn: 370406
* [analyzer] Fix more analyzer warnings on analyzer and libAnalysis.Artem Dergachev2019-08-284-18/+14
| | | | llvm-svn: 370263
* [CFG] Make representation of destructor calls more accurate.Artem Dergachev2019-08-281-43/+80
| | | | | | | | | | | | | | | | | Respect C++17 copy elision; previously it would generate destructor calls for elided temporaries, including in initialization and return statements. Don't generate duplicate destructor calls for statement expressions. Fix destructors in initialization lists and comma operators. Improve printing of implicit destructors. Patch by Nicholas Allegra! Differential Revision: https://reviews.llvm.org/D66404 llvm-svn: 370247
* [clang] Use the new Regex::isValid() with no parameterJan Kratochvil2019-08-201-2/+1
| | | | | | Differential Revision: https://reviews.llvm.org/D66463 llvm-svn: 369397
* [CallGraph] Take into accound calls that aren't within any function bodies.Artem Dergachev2019-08-201-1/+36
| | | | | | | | | | | | This patch improves Clang call graph analysis by adding in expressions that are not found in regular function bodies, such as default arguments or member initializers. Patch by Joshua Cranmer! Differential Revision: https://reviews.llvm.org/D65453 llvm-svn: 369321
* [Clang] Migrate llvm::make_unique to std::make_uniqueJonas Devlieghere2019-08-145-21/+21
| | | | | | | | | | Now that we've moved to C++14, we no longer need the llvm::make_unique implementation from STLExtras.h. This patch is a mechanical replacement of (hopefully) all the llvm::make_unique instances across the monorepo. Differential revision: https://reviews.llvm.org/D66259 llvm-svn: 368942
* [CFG] Introduce CFGElementRef, a wrapper that knows it's position in a CFGBlockKristof Umann2019-08-141-0/+4
| | | | | | | | | | | | | | | | Previously, collecting CFGElements in a set was practially impossible, because both CFGBlock::operator[] and both the iterators returned it by value. One workaround would be to collect the iterators instead, but they don't really capture the concept of an element, and elements from different iterator types are incomparable. This patch introduces CFGElementRef, a wrapper around a (CFGBlock, Index) pair, and a variety of new iterators and iterator ranges to solve this problem. I guess you could say that this patch took a couple iterations to get right :^) Differential Revision: https://reviews.llvm.org/D65196 llvm-svn: 368883
* [analyzer][CFG] Don't track the condition of assertsKristof Umann2019-08-141-0/+65
| | | | | | | | | | | | | | Well, what is says on the tin I guess! Some more changes: * Move isInevitablySinking() from BugReporter.cpp to CFGBlock's interface * Rename and move findBlockForNode() from BugReporter.cpp to ExplodedNode::getCFGBlock() Differential Revision: https://reviews.llvm.org/D65287 llvm-svn: 368836
* Revert r367649: Improve raw_ostream so that you can "write" colors using ↵Rui Ueyama2019-08-021-2/+2
| | | | | | | | operator<< This reverts commit r367649 in an attempt to unbreak Windows bots. llvm-svn: 367658
* Improve raw_ostream so that you can "write" colors using operator<<Rui Ueyama2019-08-021-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. raw_ostream supports ANSI colors so that you can write messages to the termina with colors. Previously, in order to change and reset color, you had to call `changeColor` and `resetColor` functions, respectively. So, if you print out "error: " in red, for example, you had to do something like this: OS.changeColor(raw_ostream::RED); OS << "error: "; OS.resetColor(); With this patch, you can write the same code as follows: OS << raw_ostream::RED << "error: " << raw_ostream::RESET; 2. Add a boolean flag to raw_ostream so that you can disable colored output. If you disable colors, changeColor, operator<<(Color), resetColor and other color-related functions have no effect. Most LLVM tools automatically prints out messages using colors, and you can disable it by passing a flag such as `--disable-colors`. This new flag makes it easy to write code that works that way. Differential Revision: https://reviews.llvm.org/D65564 llvm-svn: 367649
* [analyzer] StackFrameContext: Add NodeBuilderContext::blockCount() to its ↵Csaba Dabis2019-08-011-10/+11
| | | | | | | | | | | | | | | | | | profile Summary: It allows discriminating between stack frames of the same call that is called multiple times in a loop. Thanks to Artem Dergachev for the great idea! Reviewed By: NoQ Tags: #clang Differential Revision: https://reviews.llvm.org/D65587 llvm-svn: 367608
* [OPENMP]Add support for analysis of if clauses.Alexey Bataev2019-07-161-2/+3
| | | | | | | | | | | | | | | | Summary: Added support for analysis of if clauses in the OpenMP directives to be able to check for the use of uninitialized variables. Reviewers: NoQ Subscribers: guansong, jfb, jdoerfert, caomhin, kkwli0, cfe-commits Tags: clang Differential Revision: https://reviews.llvm.org/D64646 llvm-svn: 366211
* Fix parameter name comments using clang-tidy. NFC.Rui Ueyama2019-07-162-14/+14
| | | | | | | | | | | | | | | | | | | | | This patch applies clang-tidy's bugprone-argument-comment tool to LLVM, clang and lld source trees. Here is how I created this patch: $ git clone https://github.com/llvm/llvm-project.git $ cd llvm-project $ mkdir build $ cd build $ cmake -GNinja -DCMAKE_BUILD_TYPE=Debug \ -DLLVM_ENABLE_PROJECTS='clang;lld;clang-tools-extra' \ -DCMAKE_EXPORT_COMPILE_COMMANDS=On -DLLVM_ENABLE_LLD=On \ -DCMAKE_C_COMPILER=clang -DCMAKE_CXX_COMPILER=clang++ ../llvm $ ninja $ parallel clang-tidy -checks='-*,bugprone-argument-comment' \ -config='{CheckOptions: [{key: StrictMode, value: 1}]}' -fix \ ::: ../llvm/lib/**/*.{cpp,h} ../clang/lib/**/*.{cpp,h} ../lld/**/*.{cpp,h} llvm-svn: 366177
* [analyzer] exploded-graph-rewriter: Improve source location dumps.Artem Dergachev2019-07-122-27/+15
| | | | | | | | - Correctly display macro expansion and spelling locations. - Use the same procedure to display location context call site locations. - Display statement IDs for program points. llvm-svn: 365861
* [OPENMP]Initial fix PR42392: Improve -Wuninitialized warnings for OpenMP ↵Alexey Bataev2019-07-112-0/+53
| | | | | | | | | | | | | | | | | | | | | | | programs. Summary: Some OpenMP clauses rely on the values of the variables. If the variable is not initialized and used in OpenMP clauses that depend on the variables values, it should be reported that the uninitialized variable is used in the OpenMP clause expression. This patch adds initial processing for uninitialized variables in OpenMP constructs. Currently, it checks for use of the uninitialized variables in the structured blocks. Reviewers: NoQ, Szelethus, dcoughlin, xazax.hun, a.sidorin, george.karpenkov, szepet Subscribers: rnkovacs, guansong, jfb, jdoerfert, cfe-commits Tags: #clang Differential Revision: https://reviews.llvm.org/D64356 llvm-svn: 365786
* [CFG] Add a new function to get the proper condition of a CFGBlockKristof Umann2019-07-051-0/+24
| | | | | | | | | | | | | getTerminatorCondition() returned a condition that may be outside of the block, while the new function returns the proper one: if (A && B && C) {} Return C instead of A && B && C. Differential Revision: https://reviews.llvm.org/D63538 llvm-svn: 365177
* cmake: Add CLANG_LINK_CLANG_DYLIB optionTom Stellard2019-07-033-6/+15
| | | | | | | | | | | | | | | | Summary: Setting CLANG_LINK_CLANG_DYLIB=ON causes clang tools to link against libclang_shared.so instead of the individual component libraries. Reviewers: mgorny, beanz, smeenai, phosek, sylvestre.ledru Subscribers: arphaman, cfe-commits, llvm-commits Tags: #clang Differential Revision: https://reviews.llvm.org/D63503 llvm-svn: 365092
* Revert "[analyzer][CFG] Return the correct terminator condition"Kristof Umann2019-07-031-11/+59
| | | | | | | | This reverts commit 7a57118a6fcfa3770f984453543bbdfd0b233e84. Causes a bunch of crashes, I need to time to evaluate this. llvm-svn: 365037
* [analyzer][CFG] Return the correct terminator conditionKristof Umann2019-07-031-59/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For the following terminator statement: if (A && B && C && D) The built CFG is the following: [B5 (ENTRY)] Succs (1): B4 [B1] 1: 10 2: j 3: [B1.2] (ImplicitCastExpr, LValueToRValue, int) 4: [B1.1] / [B1.3] 5: int x = 10 / j; Preds (1): B2 Succs (1): B0 [B2] 1: C 2: [B2.1] (ImplicitCastExpr, LValueToRValue, _Bool) T: if [B4.4] && [B3.2] && [B2.2] Preds (1): B3 Succs (2): B1 B0 [B3] 1: B 2: [B3.1] (ImplicitCastExpr, LValueToRValue, _Bool) T: [B4.4] && [B3.2] && ... Preds (1): B4 Succs (2): B2 B0 [B4] 1: 0 2: int j = 0; 3: A 4: [B4.3] (ImplicitCastExpr, LValueToRValue, _Bool) T: [B4.4] && ... Preds (1): B5 Succs (2): B3 B0 [B0 (EXIT)] Preds (4): B1 B2 B3 B4 However, even though the path of execution in B2 only depends on C's value, CFGBlock::getCondition() would return the entire condition (A && B && C). For B3, it would return A && B. I changed this the actual condition. Differential Revision: https://reviews.llvm.org/D63538 llvm-svn: 365036
* Make a buildbot using a buggy gcc happyKristof Umann2019-07-031-3/+5
| | | | | | | | | When specializing a template in a namespace, it has to be in a namespace block, else gcc will get confused. Hopefully this fixes the issue. https://gcc.gnu.org/bugzilla/show_bug.cgi?id=56480 llvm-svn: 365030
* Specialize an anchor() function in the correct namespaceKristof Umann2019-07-031-2/+2
| | | | llvm-svn: 365029
* [analyzer][Dominator] Add post dominators to CFG + a new debug checkerKristof Umann2019-07-031-1/+5
| | | | | | | | | | | | | | | | Transform clang::DominatorTree to be able to also calculate post dominators. * Tidy up the documentation * Make it clang::DominatorTree template class (similarly to how llvm::DominatorTreeBase works), rename it to clang::CFGDominatorTreeImpl * Clang's dominator tree is now called clang::CFGDomTree * Clang's brand new post dominator tree is called clang::CFGPostDomTree * Add a lot of asserts to the dump() function * Create a new checker to test the functionality Differential Revision: https://reviews.llvm.org/D62551 llvm-svn: 365028
OpenPOWER on IntegriCloud