Richard Trieu [Thu, 18 Jan 2018 04:28:56 +0000 (04:28 +0000)]
Fix Scope::dump()
The dump function for Scope only has 20 out of the 24 flags. Since it looped
until no flags were left, having an unknown flag lead to an infinite loop.
That loop has been changed to a single pass for each flag, plus an assert to
alert if new flags are added.
Artem Dergachev [Thu, 18 Jan 2018 01:01:56 +0000 (01:01 +0000)]
[analyzer] NFC: RetainCount: Protect from dumping raw region to path notes.
MemRegion::getString() is a wrapper around MemRegion::dump(), which is not
user-friendly and should never be used for diagnostic messages.
Actual cases where raw dumps were reaching the user were unintentionally fixed
in r315736; these were noticed accidentally and shouldn't be reproducible
anymore. For now RetainCountChecker only tracks pointers through variable
regions, and for those dumps are "fine". However, we should still use a less
dangerous method for producing our path notes.
This patch replaces the dump with printing a variable name, asserting that this
is indeed a variable.
Artem Dergachev [Thu, 18 Jan 2018 00:53:50 +0000 (00:53 +0000)]
[analyzer] operator new: Fix callback order for CXXNewExpr.
PreStmt<CXXNewExpr> was never called.
Additionally, under c++-allocator-inlining=true, PostStmt<CXXNewExpr> was
called twice when the allocator was inlined: once after evaluating the
new-expression itself, once after evaluating the allocator call which, for the
lack of better options, uses the new-expression as the call site.
Artem Dergachev [Thu, 18 Jan 2018 00:50:19 +0000 (00:50 +0000)]
[analyzer] operator new: Add a new ProgramPoint for check::NewAllocator.
Add PostAllocatorCall program point to represent the moment in the analysis
between the operator new() call and the constructor call. Pointer cast from
"void *" to the correct object pointer type has already happened by this point.
The new program point, unlike the previously used PostImplicitCall, contains a
reference to the new-expression, which allows adding path diagnostics over it.
Artem Dergachev [Thu, 18 Jan 2018 00:44:41 +0000 (00:44 +0000)]
[analyzer] Suppress "this" pointer escape during construction.
Pointer escape event notifies checkers that a pointer can no longer be reliably
tracked by the analyzer. For example, if a pointer is passed into a function
that has no body available, or written into a global, MallocChecker would
no longer report memory leaks for such pointer.
In case of operator new() under -analyzer-config c++-allocator-inlining=true,
MallocChecker would start tracking the pointer allocated by operator new()
only to immediately meet a pointer escape event notifying the checker that the
pointer has escaped into a constructor (assuming that the body of the
constructor is not available) and immediately stop tracking it. Even though
it is theoretically possible for such constructor to put "this" into
a global container that would later be freed, we prefer to preserve the old
behavior of MallocChecker, i.e. a memory leak warning, in order to
be able to find any memory leaks in C++ at all. In fact, c++-allocator-inlining
*reduces* the amount of false positives coming from this-pointers escaping in
constructors, because it'd be able to inline constructors in some cases.
With other checkers working similarly, we simply suppress the escape event for
this-value of the constructor, regardless of analyzer options.
Artem Dergachev [Thu, 18 Jan 2018 00:10:21 +0000 (00:10 +0000)]
[analyzer] operator new: Fix path diagnostics around the operator call.
Implements finding appropriate source locations for intermediate diagnostic
pieces in path-sensitive bug reports that need to descend into an inlined
operator new() call that was called via new-expression. The diagnostics have
worked correctly when operator new() was called "directly".
Artem Dergachev [Wed, 17 Jan 2018 23:46:13 +0000 (23:46 +0000)]
[analyzer] operator new: Add a new checker callback, check::NewAllocator.
The callback runs after operator new() and before the construction and allows
the checker to access the casted return value of operator new() (in the
sense of r322780) which is not available in the PostCall callback for the
allocator call.
Update MallocChecker to use the new callback instead of PostStmt<CXXNewExpr>,
which gets called after the constructor.
Artem Dergachev [Wed, 17 Jan 2018 22:58:35 +0000 (22:58 +0000)]
[analyzer] operator new: Fix memory space for the returned region.
Make sure that with c++-allocator-inlining=true we have the return value of
conservatively evaluated operator new() in the correct memory space (heap).
This is a regression/omission that worked well in c++-allocator-inlining=false.
Heap regions are superior to regular symbolic regions because they have
stricter aliasing constraints: heap regions do not alias each other or global
variables.
Douglas Yung [Wed, 17 Jan 2018 22:53:15 +0000 (22:53 +0000)]
[DOXYGEN] Fix doxygen and content issues in xmmintrin.h
- Fix inaccurate instruction listings.
- Fix small issues in _mm_getcsr and _mm_setcsr.
- Fix description of NaN handling in comparison intrinsics.
- Fix inaccurate description of _mm_movemask_pi8.
- Fix inaccurate instruction mappings.
- Fix typos.
- Clarify wording on some descriptions.
- Fix bit ranges in return value.
- Fix typo in _mm_move_ms intrinsic instruction since it operates on singe-precision values, not double.
- This patch was made by Craig Flores
Artem Dergachev [Wed, 17 Jan 2018 22:51:19 +0000 (22:51 +0000)]
[analyzer] operator new: Model the cast of returned pointer into object type.
According to [basic.stc.dynamic.allocation], the return type of any C++
overloaded operator new() is "void *". However, type of the new-expression
"new T()" and the type of "this" during construction of "T" are both "T *".
Hence an implicit cast, which is not present in the AST, needs to be performed
before the construction. This patch adds such cast in the case when the
allocator was indeed inlined. For now, in the case where the allocator was *not*
inlined we still use the same symbolic value (which is a pure SymbolicRegion of
type "T *") because it is consistent with how we represent the casts and causes
less surprise in the checkers after switching to the new behavior.
The better approach would be to represent that value as a cast over a
SymbolicRegion of type "void *", however we have technical difficulties
conjuring such region without any actual expression of type "void *" present in
the AST.
Artem Dergachev [Wed, 17 Jan 2018 22:40:36 +0000 (22:40 +0000)]
[analyzer] NFC: Forbid array elements of void type.
Represent the symbolic value for results of pointer arithmetic on void pointers
in a different way: instead of making void-typed element regions, make
char-typed element regions.
Add an assertion that ensures that no void-typed regions are ever constructed.
This is a refactoring of internals that should not immediately affect
the analyzer's (default) behavior.
Artem Dergachev [Wed, 17 Jan 2018 22:34:23 +0000 (22:34 +0000)]
[analyzer] operator new: Use the correct region for the constructor.
The -analyzer-config c++-allocator-inlining experimental option allows the
analyzer to reason about C++ operator new() similarly to how it reasons about
regular functions. In this mode, operator new() is correctly called before the
construction of an object, with the help of a special CFG element.
However, the subsequent construction of the object was still not performed into
the region of memory returned by operator new(). The patch fixes it.
Passing the value from operator new() to the constructor and then to the
new-expression itself was tricky because operator new() has no call site of its
own in the AST. The new expression itself is not a good call site because it
has an incorrect type (operator new() returns 'void *', while the new expression
is a pointer to the allocated object type). Additionally, lifetime of the new
expression in the environment makes it unsuitable for passing the value.
For that reason, an additional program state trait is introduced to keep track
of the return value.
Finally this patch relaxes restrictions on the memory region class that are
required for inlining the constructor. This change affects the old mode as well
(c++-allocator-inlining=false) and seems safe because these restrictions were
an overkill compared to the actual problems observed.
Ana Pazos [Wed, 17 Jan 2018 22:09:58 +0000 (22:09 +0000)]
[RISCV] Propagate -mabi and -march values to GNU assembler.
When using -fno-integrated-as flag, the gnu assembler produces code
with some default march/mabi which later causes linker failure due
to incompatible mabi/march.
In this patch we explicitly propagate -mabi and -march flags to the
GNU assembler.
In this patch we explicitly propagate -mabi and -march flags to the GNU assembler.
George Karpenkov [Wed, 17 Jan 2018 20:27:29 +0000 (20:27 +0000)]
[analyzer] introduce getSVal(Stmt *) helper on ExplodedNode, make sure the helper is used consistently
In most cases using
`N->getState()->getSVal(E, N->getLocationContext())`
is ugly, verbose, and also opens up more surface area for bugs if an
inconsistent location context is used.
This patch introduces a helper on an exploded node, and ensures
consistent usage of either `ExplodedNode::getSVal` or
`CheckContext::getSVal` across the codebase.
As a result, a large number of redundant lines is removed.
Artem Belevich [Wed, 17 Jan 2018 19:29:39 +0000 (19:29 +0000)]
[DeclPrinter] Fix two cases that crash clang -ast-print.
Both are related to handling anonymous structures.
* clang didn't handle () around an anonymous struct variable.
* clang also crashed on syntax errors that could lead to other
syntactic constructs following the declaration of an
anonymous struct. While the code is invalid, that's not
a good reason to panic compiler.
Vedant Kumar [Wed, 17 Jan 2018 18:53:51 +0000 (18:53 +0000)]
[Parse] Forward brace locations to TypeConstructExpr
When parsing C++ type construction expressions with list initialization,
forward the locations of the braces to Sema.
Without these locations, the code coverage pass crashes on the given test
case, because the pass relies on getLocEnd() returning a valid location.
Here is what this patch does in more detail:
- Forwards init-list brace locations to Sema (ParseExprCXX),
- Builds an InitializationKind with these locations (SemaExprCXX), and
- Uses these locations for constructor initialization (SemaInit).
The remaining changes fall out of introducing a new overload for
creating direct-list InitializationKinds.
Testing: check-clang, and a stage2 coverage-enabled build of clang with
asserts enabled.
Eric Liu [Wed, 17 Jan 2018 17:37:11 +0000 (17:37 +0000)]
[Tooling] Don't deduplicate tool results in the All-TUs executor.
Summary:
As result deduplication or reduction is not supported in the framework,
we should leave the deplication to tools (if needed) until the framework supports it.
Haojian Wu [Wed, 17 Jan 2018 14:29:25 +0000 (14:29 +0000)]
[Sema] Add visited contexts to CodeCompleteContext
Summary:
This would allow code completion clients to know which context is visited during Sema code completion.
Also some changes:
* add `EnteredContext` callback in VisibleDeclConsumer.
* add a simple unittest for sema code completion (only for visited contexts at the moment).
[clang-format] Reorganize RawStringFormat based on language
Summary:
This patch changes the structure for raw string formatting options by making it
language based (enumerate delimiters per language) as opposed to delimiter-based
(specify the language for a delimiter). The raw string formatting now uses an
appropriate style from the .clang-format file, if exists.
George Karpenkov [Wed, 17 Jan 2018 02:59:11 +0000 (02:59 +0000)]
[analyzer] support a mode to only show relevant lines in HTML diagnostics
HTML diagnostics can be an overwhelming blob of pages of code.
This patch adds a checkbox which filters this list down to only the
lines *relevant* to the counterexample by e.g. skipping branches which
analyzer has assumed to be infeasible at a time.
The resulting amount of output is much smaller, and often fits on one
screen, and also provides a much more readable diagnostics.
Sam McCall [Tue, 16 Jan 2018 12:33:46 +0000 (12:33 +0000)]
Ensure code complete with !LoadExternal sees all local decls.
Summary:
noload_lookups() was too lazy: in addition to avoiding external decls, it
avoided populating the lazy lookup structure for internal decls.
This is the right behavior for the existing callsite in ASTDumper, but I think
it's not a very useful default, so we populate it by default.
While here:
- remove an unused test file accidentally added in r322371.
- remove lookups_begin()/lookups_end() in favor of lookups().begin(), which is
more common and more efficient.
Jonathan Coe [Tue, 16 Jan 2018 10:19:56 +0000 (10:19 +0000)]
[libclang] Add PrintingPolicy for pretty printing declarations
Summary:
Introduce clang_getCursorPrettyPrinted() for pretty printing
declarations. Expose also PrintingPolicy, so the user gets more
fine-grained control of the entities being printed.
The already existing clang_getCursorDisplayName() is pretty limited -
for example, it does not handle return types, parameter names or default
arguments for function declarations. Addressing these issues in
clang_getCursorDisplayName() would mean to duplicate existing code
(e.g. clang::DeclPrinter), so rather expose new API to access the
existing functionality.
[Sema] Fix a crash on invalid features in multiversioning
We were trying to emit a diag::err_bad_multiversion_option diagnostic,
which expects an int as its first argument, with a string argument. As
it happens, the string `Feature` that was causing this was shadowing an
int `Feature` from the surrounding scope. :)
Brian Gesiak [Mon, 15 Jan 2018 21:05:40 +0000 (21:05 +0000)]
[Driver] Suggest valid integrated tools
Summary:
There are only two valid integrated Clang driver tools: `-cc1` and
`-cc1as`. If a user asks for an unknown tool, such as `-cc1asphalt`,
an error message is displayed to indicate that there is no such tool,
but the message doesn't indicate what the valid options are.
Alex Bradbury [Mon, 15 Jan 2018 20:45:15 +0000 (20:45 +0000)]
[RISCV] Fix test failures on non-assert builds introduced in r322494
Thanks to Eli Friedman, who suggested the reason these tests failed on a few
buildbots yet works fine locally is because non-assert builds don't emit value
labels.
The skipped preprocessor ranges are now serialized in the AST PCH file. This fixes, for example, libclang's clang_getSkippedRanges() returning zero ranges after reparsing a translation unit.
Alex Bradbury [Mon, 15 Jan 2018 17:54:52 +0000 (17:54 +0000)]
[RISCV] Implement RISCV ABI lowering
RISCVABIInfo is implemented in terms of XLen, supporting both RV32 and RV64.
Unfortunately we need to count argument registers in the frontend in order to
determine when to emit signext and zeroext attributes. Integer scalars are
extended according to their type up to 32-bits and then sign-extended to XLen
when passed in registers, but are anyext when passed on the stack. This patch
only implements the base integer (soft float) ABIs.
For more information on the RISC-V ABI, see [the ABI
doc](https://github.com/riscv/riscv-elf-psabi-doc/blob/master/riscv-elf.md),
my [golden model](https://github.com/lowRISC/riscv-calling-conv-model), and
the [LLVM RISC-V calling convention
patch](https://reviews.llvm.org/D39898#2d1595b4) (specifically the comment
documenting frontend expectations).
Craig Topper [Sun, 14 Jan 2018 19:23:50 +0000 (19:23 +0000)]
[X86] Implement old kunpck intrinsics using vector ops on vXi1 instead of integer shift/and/or
Summary:
kunpck intrinsics were removed in favor of native IR a few months ago. The implementation lowers them as by operation on the integer types passed to the intrinsic and then just shifting, masking, and oring them together. A special X86 DAG combine was added to recognize this patter and turn it into a concat_vector operation.
I think it makes more sense to keep the IR implementation closer to vector operations on vXi1. Given that we expect these builtins to be used around other builtins that operate on k-registers which we try to represent in IR with vXi1. InstCombine should be able to get rid of the bitcasts between integers and vXi1 leaving only the vector operations.
Brian Gesiak [Sat, 13 Jan 2018 18:34:07 +0000 (18:34 +0000)]
[docs] Use monospace for PCH option flags
Summary:
Use monospace for option flags in the PCH section, instead of the
italics that were being used previously.
I believe these used to be links, for which single backticks would
have been appropriate, but since they were un-link-ified in
https://reviews.llvm.org/rL275560, I believe monospace is now more
appropriate, and so two backticks are needed.
Test Plan:
Build the `docs-clang-html` target and confirm the options are rendered
using monospace font.
Brian Gesiak [Sat, 13 Jan 2018 17:09:11 +0000 (17:09 +0000)]
[Driver] Add "did you mean?" suggestions to -cc1as
Summary:
In https://reviews.llvm.org/D41733, the driver was modified such that,
when a user provided a mispelled option such as `-hel`, it would
suggest a valid option with a nearby edit distance: "did you mean
'-help'?".
Add these suggestions to invocations of `clang -cc1as` as well.
Alex Bradbury [Sat, 13 Jan 2018 09:21:11 +0000 (09:21 +0000)]
Fix test/Driver/riscv32-toolchain.c for builds setting CLANG_DEFAULT_LINKER
Petr Hosek reported an external buildbot was failing on riscv32-toolchain.c,
seemingly as it set CLANG_DEFAULT_LINKER to lld. Address this by explicitly
setting -fuse-ld=ld in the tests.
Richard Smith [Fri, 12 Jan 2018 22:21:33 +0000 (22:21 +0000)]
When rebuilding an InitListExpr, don't give it a type.
InitListExprs without types (well, with type 'void') represent not-yet-analyzed
initializer lists; InitListExpr with types fool Sema into thinking they don't
need further analysis in some cases (particularly C++17 copy omission).
Artem Dergachev [Fri, 12 Jan 2018 22:12:11 +0000 (22:12 +0000)]
[analyzer] Don't flag strcpy of string literals into sufficiently large buffers.
In the security package, we have a simple syntactic check that warns about
strcpy() being insecure, due to potential buffer overflows.
Suppress that check's warning in the trivial situation when the source is an
immediate null-terminated string literal and the target is an immediate
sufficiently large buffer.
Alex Bradbury [Fri, 12 Jan 2018 20:08:16 +0000 (20:08 +0000)]
Refactor handling of signext/zeroext in ABIArgInfo
As @rjmccall suggested in D40023, we can get rid of
ABIInfo::shouldSignExtUnsignedType (used to handle cases like the Mips calling
convention where 32-bit integers are always sign extended regardless of the
sign of the type) by adding a SignExt field to ABIArgInfo. In the common case,
this new field is set automatically by ABIArgInfo::getExtend based on the sign
of the type. For targets that want greater control, they can use
ABIArgInfo::getSignExtend or ABIArgInfo::getZeroExtend when necessary. This
change also cleans up logic in CGCall.cpp.
There is no functional change intended in this patch, and all tests pass
unchanged. As noted in D40023, Mips might want to sign-extend unsigned 32-bit
integer return types. A future patch might modify
MipsABIInfo::classifyReturnType to use MipsABIInfo::extendType.
Alexey Bataev [Fri, 12 Jan 2018 19:39:11 +0000 (19:39 +0000)]
[OPENMP] Replace calls of getAssociatedStmt().
getAssociatedStmt() returns the outermost captured statement for the
OpenMP directive. It may return incorrect region in case of combined
constructs. Reworked the code to reduce the number of calls of
getAssociatedStmt() and used getInnermostCapturedStmt() and
getCapturedStmt() functions instead.
In case of firstprivate variables it may lead to an extra allocas
generation for private copies even if the variable is passed by value
into outlined function and could be used directly as private copy.
Volodymyr Sapsai [Fri, 12 Jan 2018 18:54:35 +0000 (18:54 +0000)]
[Lex] Avoid out-of-bounds dereference in LexAngledStringLiteral.
Fix makes the loop in LexAngledStringLiteral more like the loops in
LexStringLiteral, LexCharConstant. When we skip a character after
backslash, we need to check if we reached the end of the file instead of
reading the next character unconditionally.
Discovered by OSS-Fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3832
Sam Clegg [Fri, 12 Jan 2018 17:54:49 +0000 (17:54 +0000)]
[WebAssembly] Support -stdlib=libc++ switch
Referenced implementation from Fuchsia and Darwin Toolchain.
Still only support CST_Libcxx. Now checks that the argument
is really '-stdlib=libc++', and display error.
Also, now will pass -lc++ and -lc++abi to the linker.
Sam McCall [Fri, 12 Jan 2018 14:51:47 +0000 (14:51 +0000)]
[CodeComplete] Add an option to omit results from the preamble.
Summary:
Enumerating the contents of a namespace or global scope will omit any
decls that aren't already loaded, instead of deserializing them from the
PCH.
This allows a fast hybrid code completion where symbols from headers are
provided by an external index. (Sema already exposes the information
needed to do a reasonabl job of filtering them).
Clangd plans to implement this hybrid.
This option is just a hint - callers still need to postfilter results if
they want to *avoid* completing decls outside the main file.
Richard Trieu [Fri, 12 Jan 2018 04:42:27 +0000 (04:42 +0000)]
[ODRHash] Don't hash friend functions.
In certain combinations of templated classes and friend functions, the body
of friend functions does not get propagated along with function signature.
Exclude friend functions for hashing to avoid this case.