Fix PR 9626 (duplicated self-init warnings under -Wuninitialized) with numerous CFG and UninitializedValues analysis changes:
1) Change the CFG to include the DeclStmt for conditional variables, instead of using the condition itself as a faux DeclStmt.
2) Update ExprEngine (the static analyzer) to understand (1), so not to regress.
3) Update UninitializedValues.cpp to initialize all tracked variables to Uninitialized at the start of the function/method.
4) Only use the SelfReferenceChecker (SemaDecl.cpp) on global variables, leaving the dataflow analysis to handle other cases.
The combination of (1) and (3) allows the dataflow-based -Wuninitialized to find self-init problems when the initializer
contained control-flow.
-Wuninitialized: use "self-init" warning when issue uninitialized values warnings from the dataflow analysis that include within the initializer of a variable.
Bob Wilson [Mon, 4 Apr 2011 16:53:11 +0000 (16:53 +0000)]
Change ARM data layout strings to match llvm-gcc.
Sandeep Patel noticed that the alignment was wrong for Neon vector types,
and this change is partly derived from his patch. For the APCS ABI, however,
additional changes were required: the maximum ABI alignment is 32 bits and
the preferred alignment for i64 and f64 types should be 64 bits.
Richard Smith [Sun, 3 Apr 2011 14:12:46 +0000 (14:12 +0000)]
clang has had full and tested support for C++0x trailing-return-type and auto type deduction since r126166. Update the website to reflect this, and add a __has_feature test.
trailing-return-type codegen is not tested yet (name mangling in particular).
Refactoring the security checker a little bit so that each CallExpr check doesn't get called for each CallExpr. Instead it does a switch and only runs the check for the proper identifier. Slight speed improvement (probably significant on very large ASTs), and should make it easier and more clear to add more checks for other CallExpr's later.
static analyzer: Add a new ProgramPoint PostCondition to represent the post position of a branch condition, and a new generateNode method to BranchNodeBuilder using PostCondition ProgramPoint. This method generates a new ExplodedNode but not a new block edge.
Apply a bug-fix patch from Marcin Kowalczyk to the source locations for
a couple of operator overloads which form interesting expressions in the
AST.
I added test cases for both bugs with the c-index-test's token
annotation feature. Also, thanks to John McCall for confirming that this
is the correct solution.
Fix an error in TreeTransform where we failed to copy the TemplateName's
location into a TemplateSpecializationTypeLoc. These were found using
a hand-written program to inspect every source location in
TemplateSpecializationTypeLocs and Valgrind. I don't know of any way to
test them in Clang's existing test suite sadly.
Example code that triggers the ElaboratedType case:
template <typename T> struct X1 {
template <typename U> struct X1_1 {
int x;
};
};
The other fix was simply spotted by inspection. I audited all constructions of
[Dependent]TemplateSpecializationTypeLocs in TreeTransform.h, and the rest set
the TemplateNameLoc properly.
Daniel Dunbar [Thu, 31 Mar 2011 23:32:15 +0000 (23:32 +0000)]
IRgen: Improve GCC compatibility when dealing with packed arrays by propagating
the array alignment to the array access.
- This is more or less the best we can do without having alignment present in
the type system, but is a long way from truly matching how GCC handles this.
Ted Kremenek [Thu, 31 Mar 2011 22:32:41 +0000 (22:32 +0000)]
-Wuninitialized should not warn about variables captured by blocks as byref.
Note this can potentially be enhanced to detect if the __block variable
is actually written by the block, or only when the block "escapes" or
is actually used, but that requires more analysis than it is probably worth
for this simple check.
Lenny Maiorani [Thu, 31 Mar 2011 22:09:14 +0000 (22:09 +0000)]
Add security syntax checker for strcpy() which causes the Static Analyzer to generate a warning any time the strcpy() function is used with a note suggesting to use a function which provides bounded buffers.
Lenny Maiorani [Thu, 31 Mar 2011 21:36:53 +0000 (21:36 +0000)]
Adding Static Analyzer checker for mempcpy().
Models mempcpy() so that if length is NULL the destination pointer is returned. Otherwise, the source and destination are confirmed not to be NULL and not overlapping. Finally the copy is validated to not cause a buffer overrun and the return value is bound to the address of the byte after the last byte copied.
Sebastian Redl [Thu, 31 Mar 2011 19:29:24 +0000 (19:29 +0000)]
Make ChainedIncludesSource an ExternalSemaSource, otherwise initialization of the ASTReader is incomplete, leading to errors like not realizing std::type_info is already defined.
Sebastian Redl [Thu, 31 Mar 2011 19:29:18 +0000 (19:29 +0000)]
Tell the diagnostic client about starting and ending source files when automatically creating chained PCHs. This way, we don't get a crash whenever a diagnostic is emitted while processing the include.
John McCall [Thu, 31 Mar 2011 08:03:29 +0000 (08:03 +0000)]
After much contemplation, I've decided that we probably shouldn't "unique"
__block object copy/dispose helpers for C++ objects with those for
different variables with completely different semantics simply because
they happen to both be no more aligned than a pointer.
Found by inspection.
Also, internalize most of the helper generation logic within CGBlocks.cpp,
and refactor it to fit my peculiar aesthetic sense.
Ted Kremenek [Thu, 31 Mar 2011 04:46:53 +0000 (04:46 +0000)]
Static analyzer: fix bug in handling of dynamic_cast<>. The sink node wouldn't always be the final node, thus causing the state to continue propagating. Instead,
recover some path-sensitivity by conjuring a symbol.
Ted Kremenek [Thu, 31 Mar 2011 04:04:48 +0000 (04:04 +0000)]
Teach static analyzer about the basics of handling new[]. We still don't simulate constructors, but at least the analyzer doesn't think the return value is uninitialized.
Ted Kremenek [Wed, 30 Mar 2011 17:41:19 +0000 (17:41 +0000)]
Begin reworking static analyzer support for C++ method calls. The current logic was divorced
from how we process ordinary function calls, had a tremendous about of redundancy, and relied
strictly on inlining behavior (which was incomplete) to provide semantics instead of falling
back to the conservative analysis we use for C functions. This is a significant step into
making C++ analyzer support more useful.
Devang Patel [Wed, 30 Mar 2011 00:08:31 +0000 (00:08 +0000)]
Fix in r128471 is very broad. Some of the unconditional branches need line number information for better user experience.
Restrict the fix. This fixes break.exp failures from gdb testsuite.
Chandler Carruth [Tue, 29 Mar 2011 08:08:18 +0000 (08:08 +0000)]
Fix a bug in how we were resolving the address of overloaded functions
when the resolution took place due to a single template specialization
being named with an explicit template argument list. In this case, the
"resolution" doesn't take into account the target type at all, and
therefore can take place for functions, static member functions, and
*non-static* member functions. The latter weren't being properly checked
and their proper form enforced in this scenario. We now do so.
The result of this last form slipping through was some confusing logic
in IsStandardConversion handling of these resolved address-of
expressions which eventually exploded in an assert. Simplify this logic
a bit and add some more aggressive asserts to catch improperly formed
expressions getting into this routine.
Finally add systematic testing of member functions, both static and
non-static, in the various forms they can take. One of these is
essentially PR9563, and this commit fixes the crash in that PR. However,
the diagnostics for this are still pretty terrible. We at least are now
accepting the correct constructs and rejecting the invalid ones rather
than accepting invalid or crashing as before.
Ted Kremenek [Tue, 29 Mar 2011 01:40:00 +0000 (01:40 +0000)]
Add workaround for Sema issue found in <rdar://problem/9188004>, which leads to an assertion failure in the uninitialized variables analysis. The problem is that Sema isn't properly registering a variable in a DeclContext (which -Wuninitialized relies on), but
my expertise on the template instantiation logic isn't good enough to fix this problem for real. This patch worksaround the
problem in -Wuninitialized, but we should fix it for real later.