Jordan Rose [Thu, 6 Sep 2012 20:37:08 +0000 (20:37 +0000)]
[analyzer] Don't attempt to devirtualize calls to base class destructors.
CXXDestructorCall now has a flag for when it is a base destructor call.
Other kinds of destructor calls (locals, fields, temporaries, and 'delete')
all behave as "whole-object" destructors and do not behave differently
from one another (specifically, in these cases we /should/ try to
devirtualize a call to a virtual destructor).
This was causing crashes in both our internal buildbot, the crash still
being tracked in PR13765, and some of the crashes being tracked in PR13763,
due to a assertion failure. (The behavior under -Asserts happened to be
correct anyway.)
Adding this knowledge also allows our DynamicTypePropagation checker to do
a bit less work; the special rules about virtual method calls during a
destructor only require extra handling during base destructors.
Chad Rosier [Thu, 6 Sep 2012 19:56:25 +0000 (19:56 +0000)]
[ms-inline asm] Output empty asm statements for the directives we don't
handle. Otherwise, the AsmParser will explode if we try to generate an
object files.
Chad Rosier [Thu, 6 Sep 2012 19:35:00 +0000 (19:35 +0000)]
[ms-inline asm] The IR representation of inline assembly enumerates the input
and output expressions much like that in GNU-style inline assembly. Output
expressions are first. Do this for MS-style inline asms.
Use custom ABIInfo for le32/PNaCl argument codegen
This patch uses a new ABIInfo implementation specific to the le32
target, rather than falling back to DefaultABIInfo. Its behavior is
basically the same, but it also allows the regparm argument attribute.
It also includes basic tests for argument codegen and attributes.
Enabling the UTF conversion routines that were previously conditionally ifdef'ed out. This change is required to support enhancements in the LLDB data formatters
Richard Smith [Thu, 6 Sep 2012 01:37:56 +0000 (01:37 +0000)]
PR13775: When checking for a tag type being shadowed by some other declaration,
don't trample over the caller's LookupResult in the case where the check fails.
Jordan Rose [Wed, 5 Sep 2012 22:56:26 +0000 (22:56 +0000)]
Format strings: suggest casts for NS(U)Integer and [SU]Int32 on Darwin.
These types are defined differently on 32-bit and 64-bit platforms, and
trying to offer a fixit for one platform would only mess up the format
string for the other. The Apple-recommended solution is to cast to a type
that is known to be large enough and always use that to print the value.
This should only have an impact on compile time if the format string is
incorrect; in cases where the format string matches the definition on the
current platform, no warning will be emitted.
Jordan Rose [Wed, 5 Sep 2012 22:55:23 +0000 (22:55 +0000)]
[analyzer] Always include destructors in the analysis CFG.
While destructors will continue to not be inlined (unless the analyzer
config option 'c++-inlining' is set to 'destructors'), leaving them out
of the CFG is an incomplete model of the behavior of an object, and
can cause false positive warnings (like PR13751, now working).
Destructors for temporaries are still not on by default, since
(a) we haven't actually checked this code to be sure it's fully correct
(in particular, we probably need to be very careful with regard to
lifetime-extension when a temporary is bound to a reference,
C++11 [class.temporary]p5), and
(b) ExprEngine doesn't actually do anything when it sees a temporary
destructor in the CFG -- not even invalidate the object region.
To enable temporary destructors, set the 'cfg-temporary-dtors' analyzer
config option to '1'. The old -cfg-add-implicit-dtors cc1 option, which
controlled all implicit destructors, has been removed.
[cindex.py] Make the use of a compatibilty check explicit
At the moment, we implictly check compatibility between the python
bindings and libclang, as the python bindings will fail to load in
case a method we use in libclang is not available.
This patch makes the use of this compatibility check explicit and introduces a
flag to optionally disable the check. This will allow us to further harden the
compatibility check, but it also gives the user the possibility to disable the
compatibility check to evaluate compatibility with older libclang versions.
I added documentation that makes clear the python bindings are only tested
with the libclang version they have been shipped with.
objective-c++11: c++11 does not change pod-ness when
type is an unqualified objc pointer in arc. Treat it just
as being treated in c++98. This fixes a bogus vararg warning
with -std=c++11. //rdar://12229679
c error recovery. treat an invalid redeclaration
of a c-function for what it is. Otherwise, this func
is treated as an overloadable c-function resulting in
a crash much later. // rdar://11743706
Jordan Rose [Wed, 5 Sep 2012 17:11:26 +0000 (17:11 +0000)]
[analyzer] Be more forgiving about calling methods on struct rvalues.
The problem is that the value of 'this' in a C++ member function call
should always be a region (or NULL). However, if the object is an rvalue,
it has no associated region (only a conjured symbol or LazyCompoundVal).
For now, we handle this in two ways:
1) Actually respect MaterializeTemporaryExpr. Before, it was relying on
CXXConstructExpr to create temporary regions for all struct values.
Now it just does the right thing: if the value is not in a temporary
region, create one.
2) Have CallEvent recognize the case where its 'this' pointer is a
non-region, and just return UnknownVal to keep from confusing clients.
The long-term problem is being tracked internally in <rdar://problem/12137950>,
but this makes many test cases pass.
Jordan Rose [Wed, 5 Sep 2012 17:11:15 +0000 (17:11 +0000)]
Revert "[analyzer] Treat all struct values as regions (even rvalues)."
This turned out to have many implications, but what eventually seemed to
make it unworkable was the fact that we can get struct values (as
LazyCompoundVals) from other places besides return-by-value function calls;
that is, we weren't actually able to "treat all struct values as regions"
consistently across the entire analyzer core.
Hopefully we'll be able to come up with an alternate solution soon.
Manuel Klimek [Wed, 5 Sep 2012 12:12:07 +0000 (12:12 +0000)]
Introduces DynTypedMatcher as a new concept that replaces the UntypedBaseMatcher and TypedMatcher.
Due to DynTypedNode the basic dynamically typed matcher interface can now be simplified.
Also switches the traversal interfaces to use DynTypedNode;
this is in preperation for the hasAncestor implementation, and
also allows us to need fewer changes when we want to add new
nodes to traverse, thus making the code a little more decoupled.
Main design concerns: I went back towards the original design
of getNodeAs to return a pointer, and switched DynTypedNode::get
to always return a pointer (in case of value types like QualType
the pointer points into the storage of DynTypedNode, thus allowing
us to treat all the nodes the same from the point of view of a
user of the DynTypedNodes.
Adding the QualType implementation for DynTypedNode was needed
for the recursive traversal interface changes.
Chad Rosier [Tue, 4 Sep 2012 22:23:54 +0000 (22:23 +0000)]
[ms-inline asm] Remove the Inline Asm Non-Standard Dialect attribute. This
implementation does not co-exist well with how the sideeffect and alignstack
attributes are handled.
Jordan Rose [Tue, 4 Sep 2012 19:34:58 +0000 (19:34 +0000)]
[analyzer] Don't use makeIntVal to create a floating-point value.
SimpleSValBuilder processes a couple trivial identities, including 'x - x'
and 'x ^ x' (both 0). However, the former could appear with arguments of
floating-point type, and we weren't checking for that. This started
triggering an assert with r163069, which checks that a constant value is
actually going to be used as an integer or pointer.
Chad Rosier [Tue, 4 Sep 2012 16:39:38 +0000 (16:39 +0000)]
[ms-inline asm] The MCInstrDesc only tracks register definitions. For now,
assume that if the 1st operands is an expression and the instruction mayStore,
then it is a memory definition.
[cindex.py] Allow to configure the path of libclang
By calling cindex.Config.set_library_path(path) or
cindex.Config.set_library_file(file) it is possible to specify from where
we load libclang. This fixes an open FIXME.
We also point the user to these functions, in case libclang can not be
loaded sucessfully.
This change adds detection of C++ headers and libraries paths when
building with the standalone toolchain from Android NDK. They are in a
slightly unusual place.
Most of the code guarded with ANDROIDEABI are not
ARM-specific, and having no relation with arm-eabi.
Thus, it will be more natural to call this
environment "Android" instead of "ANDROIDEABI".
Note: We are not using ANDROID because several projects
are using "-DANDROID" as the conditional compilation
flag.
James Dennett [Sun, 2 Sep 2012 08:14:22 +0000 (08:14 +0000)]
Documentation cleanup: Add \file comment for ASTContest.h, add \brief to many
items, remove redundant names from doc comments, fix various typos, and tidy
up some wording.
Implemented parsing and AST support for the MS __leave exception statement. Also a minor fix to __except printing in StmtPrinter.cpp. Thanks to Aaron Ballman for review.
[libclang] The annotation of tokens operation visits statement nodes code-recursively.
This can blow the stack with extremely deep hierarchies. Switch it to data-recursive.
This is implemented by introducing a post-children visitation callback that the
CursorVisitor is calling after child nodes of a cursor have been visited.
This is used by the annotate-tokens visitor to do extra work at that point.
Jordan Rose [Sat, 1 Sep 2012 17:39:24 +0000 (17:39 +0000)]
[analyzer] Disallow creation of int vals with explicit bit width / signedness.
All clients of BasicValueFactory should be using QualTypes instead, and
indeed it seems they are. This caught the (fortunately harmless) bug
fixed in the previous commit.
Jordan Rose [Sat, 1 Sep 2012 17:39:17 +0000 (17:39 +0000)]
[analyzer] Don't attempt to create a floating-point value of "1" for ++/--.
The current logic would actually create a float- or double-sized signed
integer value of 1, which is not at all the same.
No test because the value would be swallowed by an Unknown as soon as it
gets added or subtracted to the original value, but it enables the cleanup
in the next patch.
Jordan Rose [Sat, 1 Sep 2012 17:39:09 +0000 (17:39 +0000)]
[analyzer] Treat all struct values as regions (even rvalues).
This allows us to correctly symbolicate the fields of structs returned by
value, as well as get the proper 'this' value for when methods are called
on structs returned by value.
This does require a moderately ugly hack in the StoreManager: if we assign
a "struct value" to a struct region, that now appears as a Loc value being
bound to a region of struct type. We handle this by simply "dereferencing"
the struct value region, which should create a LazyCompoundVal.
This should fix recent crashes analyzing LLVM and on our internal buildbot.
Jordan Rose [Sat, 1 Sep 2012 17:39:00 +0000 (17:39 +0000)]
[analyzer] Always derive a CallEvent's return type from its origin expr.
Previously, we preferred to get a result type by looking at the callee's
declared result type. This allowed us to handlereferences, which are
represented in the AST as lvalues of their pointee type. (That is, a call
to a function returning 'int &' has type 'int' and value kind 'lvalue'.)
However, this results in us preferring the original type of a function
over a casted type. This is a problem when a function pointer is casted
to another type, because the conjured result value will have the wrong
type. AdjustedReturnValueChecker is supposed to handle this, but still
doesn't handle the case where there is no "original function" at all,
i.e. where the callee is unknown.
Now, we instead look at the call expression's value kind (lvalue, xvalue,
or prvalue), and adjust the expr's type accordingly. This will have no
effect when the function is inlined, and will conjure the value that will
actually be used when it is not.
This makes AdjustedReturnValueChecker /nearly/ unnecessary; unfortunately,
the cases where it would still be useful are where we need to cast the
result of an inlined function or a checker-evaluated function, and in these
cases we don't know what we're casting /from/ by the time we can do post-
call checks. In light of that, remove AdjustedReturnValueChecker, which
was already not checking quite a few calls.
[cindex.py] Add helper to initialize libclang functions
The helper allows us to define how the initialization of functions should
behave. We use this patch to provide an informative error message, in case a
function is not available:
"LibclangError: /home/grosser/Projekte/llvm/install/lib/libclang.so: undefined
symbol: clang_method_added_in_2020. Please ensure that your python bindings are
compatible with your libclang.so version."
This patch also ensures that no spelling mistakes slip into the library
initialization. At the moment, there are a couple of 'argtype' -> 'argtypes'
mispellings that have been overlooked.
Split library clangRewrite into clangRewriteCore and clangRewriteFrontend.
This is similar to how we divide up the StaticAnalyzer libraries to separate
core functionality to what is clearly associated with Frontend actions.
Chris Lattner [Fri, 31 Aug 2012 22:39:21 +0000 (22:39 +0000)]
don't warn about unused values when the unused value is a statement expression expanded from a macro. This is of dubious utility in general, but is specifically a major issue for the linux kernel. This resolves PR13747.
Thread-safety analysis: fix handling of LOCK_RETURNED attribute so that the
latest definition of a function is always used when computing lock expressions.
Joao Matos [Fri, 31 Aug 2012 21:10:54 +0000 (21:10 +0000)]
Emulate MSVC's preprocessor macro argument separator behavior by not considering commas from nested macro expansions as argument separators. Fixes parsing of VS 2012 headers.