-For indexDeclaration, also pass the declaration attributes as an array of cursors.
-Rename CXIndexOpt_OneRefPerFile -> CXIndexOpt_SuppressRedundantRefs, and only pass
a reference if a declaration/definition does not exist in the file.
-Other fixes.
Anna Zaks [Thu, 17 Nov 2011 23:07:28 +0000 (23:07 +0000)]
[analyzer] Do not conjure a symbol when we need to propagate taint.
When the solver and SValBuilder cannot reason about symbolic expressions (ex: (x+1)*y ), the analyzer conjures a new symbol with no ties to the past. This helps it to recover some path-sensitivity. However, this breaks the taint propagation.
With this commit, we are going to construct the expression even if we cannot reason about it later on if an operand is tainted.
Ted Kremenek [Thu, 17 Nov 2011 23:01:24 +0000 (23:01 +0000)]
Make 'LangOptions' in CompilerInvocation a heap-allocated, reference counted object. I discovered that llvm::RefCountedBase<T> has
a bug where the reference count is copied in the copy constructor, which means that there were cases when the CompilerInvocation
objects created by ASTUnit were actually leaked. When I fixed that bug locally, it showed that a whole bunch of code assumed
that the LangOptions object that was part of CompilerInvocation was still alive. By making it heap-allocated and reference counted,
we can keep it around after the CompilerInvocation object goes away.
As part of this change, change CompilerInvocation:getLangOptions() to return a pointer, acting as another clue that this
object may outlive the CompilerInvocation object.
This commit doesn't fix the CompilerInvocation leak itself. That will come when I commit the fix to llvm::RefCountedBase<T> to
mainline LLVM.
Ted Kremenek [Thu, 17 Nov 2011 23:01:17 +0000 (23:01 +0000)]
Simplify crash cleanup logic in ASTUnit::LoadFromCommandLine() by zeroing out two IntrusiveRefCnt pointers after we have assigned their respective values into fields of ASTUnit.
Douglas Gregor [Thu, 17 Nov 2011 22:44:56 +0000 (22:44 +0000)]
When making a suggestion regarding which module to load rather than
preprocess/parse a header, report back with an actual module (which
may be a submodule) rather than just the name of the module.
Douglas Gregor [Thu, 17 Nov 2011 22:09:43 +0000 (22:09 +0000)]
Add the notion of "framework" modules to module maps. Framework
modules (obviously) describe frameworks, and understand the header
layout of frameworks.
Francois Pichet [Thu, 17 Nov 2011 03:44:24 +0000 (03:44 +0000)]
In Microsoft mode, make "Unqualified lookup into dependent bases of class templates" works inside default argument instantiation.
This is a little bit tricky because during default argument instantiation the CurContext points to a CXXMethodDecl but we can't use the keyword this or have an implicit member call generated.
This fixes 2 errors when parsing MFC code with clang.
Douglas Gregor [Thu, 17 Nov 2011 01:41:17 +0000 (01:41 +0000)]
When we're loading a framework header, first try to turn the framework
into a module. This module can either be loaded from a module map in
the framework directory (which isn't quite working yet) or inferred
from an umbrella header (which does work, and replaces the existing
hack).
Daniel Dunbar [Thu, 17 Nov 2011 00:36:53 +0000 (00:36 +0000)]
tests/Driver/darwin-ld.c: Get rid of the "splatter" test case. We have enough
other coverage that actually properly checks features such that this test is not
really adding value anymore.
Daniel Dunbar [Wed, 16 Nov 2011 23:22:07 +0000 (23:22 +0000)]
build/make/compiler-rt: Don't attempt to build compiler-rt runtime libraries
when cross compiling under the current organization.
- See verbose comment for explanation, justification, and how to fix.
Douglas Gregor [Wed, 16 Nov 2011 23:02:25 +0000 (23:02 +0000)]
A module with an umbrella header assumes that all of the headers in
the umbrella header's directory and its subdirectories are part of the
module (that's why it's an umbrella). Make sure that these headers are
considered to be part of the module for lookup purposes.
Bob Wilson [Wed, 16 Nov 2011 21:32:23 +0000 (21:32 +0000)]
Fix Neon builtin pointer argument checking for "sret" builtins.
The code for checking Neon builtin pointer argument types was assuming that
there would only be one pointer argument. But, for vld2-4 builtins, the first
argument is a special sret pointer where the result will be stored. So,
instead of scanning all the arguments to find a pointer, have TableGen figure
out the index of the pointer argument that needs checking. That's better than
scanning all the arguments regardless. <rdar://problem/10448804>
Jim Goodnow II [Wed, 16 Nov 2011 20:29:27 +0000 (20:29 +0000)]
Fixed crash with initializer lists and unnamed bitfields in the RegionStore
Manager. Added test to ensure proper binding of initialized values.
This patch fixes PR11249.
Douglas Gregor [Wed, 16 Nov 2011 20:05:18 +0000 (20:05 +0000)]
Implement (de-)serialization of the buffer contents for an overridden
file in the source manager. This allows us to properly create and use
modules described by module map files without umbrella headers (or
with incompletely umbrella headers). More generally, we can actually
build a PCH file that makes use of file -> buffer remappings, which
could be useful in libclang in the future.
Anna Zaks [Wed, 16 Nov 2011 19:58:17 +0000 (19:58 +0000)]
[analyzer] Catch the first taint propagation implied buffer overflow.
Change the ArrayBoundCheckerV2 to be more aggressive in reporting buffer overflows
when the offset is tainted. Previously, we did not report bugs when the state was
underconstrained (not enough information about the bound to determine if there is
an overflow) to avoid false positives. However, if we know that the buffer
offset is tainted - comes in from the user space and can be anything, we should
report it as a bug.
+ The very first example of us catching a taint related bug.
This is the only example we can currently handle. More to come...
Anna Zaks [Wed, 16 Nov 2011 19:58:10 +0000 (19:58 +0000)]
[analyzer] Adding basic building blocks for taint propagation.
TaintTag.h will contain definitions of different taint kinds and their properties.
TaintManager will be responsible for implementing taint specific operations, storing taint.
ProgramState will provide API to add/remove taint.
Anna Zaks [Wed, 16 Nov 2011 19:57:55 +0000 (19:57 +0000)]
[analyzer] Factor getCalleeName to the checker context.
many checkers are trying to get a name of the callee when visiting
a CallExpr, so provide a convenience API.
Chandler Carruth [Wed, 16 Nov 2011 19:29:07 +0000 (19:29 +0000)]
Stop claiming that Visual Studio 2005 is a viable basis for building
Clang. It isn't any more, and we're not going to twist the code around
to make it work.
Douglas Gregor [Wed, 16 Nov 2011 17:04:00 +0000 (17:04 +0000)]
When building a module from a module map that isn't simply an umbrella
header, create our own in-memory buffer to parse all of the
appropriate headers, and use that to build the module. This isn't
end-to-end testable yet; that's coming next.
Richard Smith [Wed, 16 Nov 2011 07:18:12 +0000 (07:18 +0000)]
Fix PR11385: A pointer constant expression which has been cast via an integer is
not safely derived. Don't allow lvalue-to-rvalue conversions on the result of
dereferencing such a pointer.
[libclang] Indexing API: fill the objc category info for a category implementation and
do not crash if no client container is registered for a declaration context.
Chad Rosier [Tue, 15 Nov 2011 18:57:32 +0000 (18:57 +0000)]
Fix a regression from 143657. The second pass of the warning options should only be emitting
warnings/errors for unknown warning options. getDiagnosticsInGroup returns false if the
diagnostics is found and true otherwise. Thus, if we're reporting and we have a valid
diagnostic, we were actually setting the flag and causing mayhem.
rdar://10444207
Douglas Gregor [Tue, 15 Nov 2011 15:29:30 +0000 (15:29 +0000)]
Teach the CFG builder how to properly destroy temporaries who
lifetimes have been extended via reference binding. The type of the
reference and the type of the temporary are not necessarily the same,
which could cause a crash. Fixes <rdar://problem/10398199>.
[PCH] When serializing an PseudoObjectExpr or AtomicExpr, the serialization code must be set
otherwise it will crash with asserts on or it will be written as null pointer.
[libclang] Indexing API: Pass an implicit ObjCInterfaceDecl (@implementation without @interface)
in a separate indexing callback than its implementation.
Ted Kremenek [Mon, 14 Nov 2011 23:51:37 +0000 (23:51 +0000)]
Fix potential memory leak for clients of clang_getOverriddenCursors(). If the number of overriden cursors is 0, do not allocate an array of CXCursors. This fixes a memory leak in c-index-test, and clients who use this API in a similar way.
Don't track depfiles as result files which need to be cleaned up on failure.
This is a partial revert of r143846. While cleaning up after a crash is
probably a good idea, we were also deleting .d files if the compilation failed
due to invalid input, which is not the desired behavior. The test is XFAIL'd
until the cleanup code can be reworked to do the right thing.
Douglas Gregor [Mon, 14 Nov 2011 22:10:01 +0000 (22:10 +0000)]
Use Sema::RequireCompleteType to check for the completeness of
Objective-C classes. This has two purposes: to consistently provide
"forward declaration here" notes when we hit an incomplete type, and
to give LLDB a chance to complete the type.
Ted Kremenek [Mon, 14 Nov 2011 21:59:21 +0000 (21:59 +0000)]
[static analyzer] Tweak RetainCountChecker's diagnostics to correctly indicate if a message was due to a property access. This can
potentially be refactored for other clients, and this is a regression from the refactoring of property acceses.
Richard Trieu [Mon, 14 Nov 2011 19:39:25 +0000 (19:39 +0000)]
Change the checks in the type aka printing. A confusing case where the string
of the first type is the same as the aka string of the second type, but both
types are different. Update the logic to print an aka for the first type to
show that they are different.
projects / clang / log