Jordan Rose [Sat, 23 Mar 2013 01:21:05 +0000 (01:21 +0000)]
[analyzer] Use SymExprs to represent '<loc> - <loc>' and '<loc> == <loc>'.
We just treat this as opaque symbols, but even that allows us to handle
simple cases where the same condition is tested twice. This is very common
in the STL, which means that any project using the STL gets spurious errors.
documentation parsing: when providing code completion comment
for a getter used in property-dot syntax, if geter has its own
comment use it. // rdar://12791315
Richard Smith [Sat, 23 Mar 2013 00:30:08 +0000 (00:30 +0000)]
If a .syms file is available alongside a sanitizer runtime, pass it to the
linker via --dynamic-list instead of using --export-dynamic. This reduces the
size of the dynamic symbol table, and thus of the binary (in some cases by up
to ~30%).
Bill Wendling [Fri, 22 Mar 2013 21:33:46 +0000 (21:33 +0000)]
Use RequireCompleteType() instead of isIncompleteType().
isIncompleteType() returns true or false for template types depending on whether
the type is instantiated yet. In this context, that's arbitrary. The better way
to check for a complete type is RequireCompleteType().
Jordan Rose [Fri, 22 Mar 2013 21:15:33 +0000 (21:15 +0000)]
Revert "[analyzer] Break cycles (optionally) when trimming an ExplodedGraph."
The algorithm used here was ridiculously slow when a potential back-edge
pointed to a node that already had a lot of successors. The previous commit
makes this feature unnecessary anyway.
Jordan Rose [Fri, 22 Mar 2013 21:15:28 +0000 (21:15 +0000)]
[analyzer] Use a forward BFS instead of a reverse BFS to find shortest paths.
For a given bug equivalence class, we'd like to emit the report with the
shortest path. So far to do this we've been trimming the ExplodedGraph to
only contain relevant nodes, then doing a reverse BFS (starting at all the
error nodes) to find the shortest paths from the root. However, this is
fairly expensive when we are suppressing many bug reports in the same
equivalence class.
r177468-9 tried to solve this problem by breaking cycles during graph
trimming, then updating the BFS priorities after each suppressed report
instead of recomputing the whole thing. However, breaking cycles is not
a cheap operation because an analysis graph minus cycles is still a DAG,
not a tree.
This fix changes the algorithm to do a single forward BFS (starting from the
root) and to use that to choose the report with the shortest path by looking
at the error nodes with the lowest BFS priorities. This was Anna's idea, and
has the added advantage of requiring no update step: we can just pick the
error node with the next lowest priority to produce the next bug report.
[PCH/Modules] De/Serialize MacroInfos separately than MacroDirectives.
-Serialize the macro directives history into its own section
-Get rid of the macro updates section
-When de/serializing an identifier from a module, associate only one macro per
submodule that defined+exported it.
Reid Kleckner [Fri, 22 Mar 2013 19:02:54 +0000 (19:02 +0000)]
[ms-cxxabi] Implement member data pointers for non-dynamic classes
Summary:
For non-dynamic classes (no virtual bases), member data pointers are
simple offsets from the base of the record. Dynamic classes use an
aggregate for member data pointers and are therefore currently
unsupported.
Unlike Itanium, the ms ABI uses 0 to represent null for polymorphic
classes. Non-polymorphic classes use -1 like Itanium, since 0 is a
valid field offset.
Douglas Gregor [Fri, 22 Mar 2013 18:50:14 +0000 (18:50 +0000)]
<rdar://problem/13479539> Simplify ModuleManager/GlobalModuleIndex interaction to eliminate a pile of extraneous stats().
The refactoring in r177367 introduced a serious performance bug where
the "lazy" resolution of module file names in the global module index
to actual module file entries in the module manager would perform
repeated negative stats(). The new interaction requires the module
manager to inform the global module index when a module file has been
loaded, eliminating the extraneous stat()s and a bunch of bookkeeping
on both sides.
documentation parsing. Provide code completion comment
for self.GetterName where GetterName is the getter method
for a property with name different from the property name
(declared via a property getter attribute) // rdar://12791315
Daniel Jasper [Fri, 22 Mar 2013 10:01:29 +0000 (10:01 +0000)]
Make clang-format understand more line comments.
Apparently one needs to set LangOptions.LineComment.
Before "//* */" got reformatted to "/ /* */" as the lexer was returning
the token sequence (slash, comment). This could also lead to weird other
stuff, e.g. for people that like to using comments like:
//****************
John McCall [Fri, 22 Mar 2013 02:10:40 +0000 (02:10 +0000)]
Fix a crash-on-valid where a block capture copy expression was
picking up cleanups from earlier in the statement. Also fix a
crash-on-invalid where a reference to an invalid decl from an
enclosing scope was causing an expression to fail to build, but
only *after* a cleanup was registered from that statement,
causing an assertion downstream.
Richard Smith [Fri, 22 Mar 2013 00:47:07 +0000 (00:47 +0000)]
ubsan: Pass floating-point arguments to the runtime by value if they fit the
value argument. If not, be sure we don't accidentally use a dynamic alloca.
Douglas Gregor [Fri, 22 Mar 2013 00:10:49 +0000 (00:10 +0000)]
<rdar://problem/13479214> Make Clang's <stddef.h> robust against system headers defining size_t/ptrdiff_t/wchar_t.
Clang's <stddef.h> provides definitions for the C standard library
types size_t, ptrdiff_t, and wchar_t. However, the system's C standard
library headers tend to provide the same typedefs, and the two
generally avoid each other using the macros
_SIZE_T/_PTRDIFF_T/_WCHAR_T. With modules, however, we need to see
*all* of the places where these types are defined, so provide the
typedefs (ignoring the macros) when modules are enabled.
Douglas Gregor [Thu, 21 Mar 2013 21:48:48 +0000 (21:48 +0000)]
<rdar://problem/13477190> Give the Clang module cache directory some structure, so it's easier to find.
We now put the Clang module cache in
<system-temp-directory>/org.llvm.clang/ModuleCache. Perhaps some day
there will be other caches under <system-temp-directory>/org.llvm.clang>.
Objective-C: Tighten the rules when warning
is issused for on overriding 'readwrite'
property which is not auto-synthesized.
Buttom line is that if hueristics determine
that there will be a user implemented setter,
no warning will be issued. // rdar://13388503
Summary:
1. When splitting one-line block comment, use indentation and *s.
2. Remove trailing whitespace from all lines of a comment, not only the ones being splitted.
3. Add backslashes for all lines if a comment is used insed a preprocessor directive.
David Blaikie [Wed, 20 Mar 2013 23:57:15 +0000 (23:57 +0000)]
Debug info - generalize namespace test to not depend on a DW_TAG_file_type entry
This isn't necessary & with the next change to LLVM the DW_TAG_file_type entry
won't be emitted at all - only the raw filename/directory pair, so match on
that directly instead.
Richard Smith [Wed, 20 Mar 2013 23:49:07 +0000 (23:49 +0000)]
Split ubsan runtime into three pieces (clang part):
* libclang_rt-san-* is sanitizer_common, and is linked in only if no other
sanitizer runtime is present.
* libclang_rt-ubsan-* is the piece of the runtime which doesn't depend on
a C++ ABI library, and is always linked in.
* libclang_rt-ubsan_cxx-* is the piece of the runtime which depends on a
C++ ABI library, and is only linked in when linking a C++ binary.
This change also switches us to using -whole-archive for the ubsan runtime
(which is made possible by the above split), and switches us to only linking
the sanitizer runtime into the main binary and not into DSOs (which is made
possible by using -whole-archive).
The motivation for this is to only link a single copy of sanitizer_common
into any binary. This is becoming important now because we want to share
more state between multiple sanitizers in the same process (for instance,
we want a single shared output mutex).
The Darwin ubsan runtime is unchanged; because we use a DSO there, we don't
need this complexity.
James Dennett [Wed, 20 Mar 2013 21:30:03 +0000 (21:30 +0000)]
Documentation cleanup for MacroInfo.
* Clarify what MacroInfo::isBuiltinMacro means, as it really means something
more like "isMagicalMacro" or "requiresProcessingBeforeExpansion" -- the
macros defined in "<built-in>" are not considered built-in by this function;
* Escape __LINE__ as \__LINE__ in Doxygen comments so that the underscores
don't get replaced by *bold* output;
* Turn comments in MacroInfo.cpp into non-Doxygen comments, so that they
don't result in duplicated/badly formatted Doxygen output;
* Clean up a bunch of \brief formatting, and add a \file comment for
MacroInfo.h.
Douglas Gregor [Wed, 20 Mar 2013 21:10:35 +0000 (21:10 +0000)]
<rdar://problem/12368093> Extend module maps with a 'conflict' declaration, and warn when a newly-imported module conflicts with an already-imported module.
Jordan Rose [Wed, 20 Mar 2013 20:36:01 +0000 (20:36 +0000)]
[analyzer] Don't invalidate globals when there's no call involved.
This fixes some mistaken condition logic in RegionStore that caused
global variables to be invalidated when /any/ region was invalidated,
rather than only as part of opaque function calls. This was only
being used by CStringChecker, and so users will now see that strcpy()
and friends do not invalidate global variables.
Also, add a test case we don't handle properly: explicitly-assigned
global variables aren't being invalidated by opaque calls. This is
being tracked by <rdar://problem/13464044>.
Jordan Rose [Wed, 20 Mar 2013 20:35:57 +0000 (20:35 +0000)]
[analyzer] Track malloc'd memory into struct fields.
Due to improper modelling of copy constructors (specifically, their
const reference arguments), we were producing spurious leak warnings
for allocated memory stored in structs. In order to silence this, we
decided to consider storing into a struct to be the same as escaping.
However, the previous commit has fixed this issue and we can now properly
distinguish leaked memory that happens to be in a struct from a buffer
that escapes within a struct wrapper.
Originally applied in r161511, reverted in r174468.
<rdar://problem/12945937>
Jordan Rose [Wed, 20 Mar 2013 20:35:48 +0000 (20:35 +0000)]
[analyzer] Remove strip of ElementRegion in CallEvent::invalidateRegions.
This is a bit of old code trying to deal with the fact that functions that
take pointers often use them to access an entire array via pointer
arithmetic. However, RegionStore already conservatively assumes you can use
pointer arithmetic to access any part of a region.
Some day we may want to go back to handling this specifically for calls,
but we can do that in the future.
David Blaikie [Wed, 20 Mar 2013 19:10:57 +0000 (19:10 +0000)]
Enhance debug info namespace test to check for context/scope reference
The #line directive is mostly for backend testing (keeping these files matching
should simplify maintenance somewhat) though the corresponding backend test
improvement/update doesn't verify the file information directly just yet.
Coming in a later iteration.
Do the error recovery for @end only.
I am not sure how much we can improve for
when a randon ObjC keyword is thrown into the
ivar decl. block. // rdar://6854840
Manman Ren [Wed, 20 Mar 2013 16:59:38 +0000 (16:59 +0000)]
Exploit this-return of a callsite in a this-return function.
For constructors/desctructors that return 'this', if there exists a callsite
that returns 'this' and is immediately before the return instruction, make
sure we are using the return value from the callsite.
We don't need to keep 'this' alive through the callsite. It also enables
optimizations in the backend, such as tail call optimization.
Rafael Espindola [Wed, 20 Mar 2013 03:05:54 +0000 (03:05 +0000)]
Remove the Tools DensMap from the toolchain.
Each toolchain has a set of tools, but they are all of known types. It can
have a linker, an assembler, a "clang" (compile, analyze, ...) a non-clang
compiler, etc.
Instead of keeping a map, just have member variable for each type of tool.
Nick Lewycky [Wed, 20 Mar 2013 02:14:38 +0000 (02:14 +0000)]
The flag "-coverage-function-names-in-data" is actually backwards -- we do
emit function names in .gcda files by default, and the flag turns that off!
Rename the flag to make it match what it actually does. This keeps the default
format compatible with gcc 4.2.
Reid Kleckner [Wed, 20 Mar 2013 01:40:23 +0000 (01:40 +0000)]
[ms-cxxabi] Fix assertion on unhandled function template arg types
This code was changed in r158376 to get template argument source info
for better diagnostics, but the current code asserts for any kind of
unsupported template argument before it can issue a diagnostic. This change
goes back to the Itanium implementation of isTemplate() and puts the argument
index into the diagnostic instead of a source location.
Nick Lewycky [Wed, 20 Mar 2013 01:38:16 +0000 (01:38 +0000)]
Make clang emit linkage names in debug info for subprograms when coverage info
is enabled. Also add a new -test-coverage cc1 flag which makes testing coverage
possible and add our first clang-side coverage test.
Jordan Rose [Wed, 20 Mar 2013 00:35:37 +0000 (00:35 +0000)]
[analyzer] Re-apply "Do part of the work to find shortest bug paths up front".
With the assurance that the trimmed graph does not contain cycles,
this patch is safe (with a few tweaks), and provides the performance
boost it was intended to.
Part of performance work for <rdar://problem/13433687>.
Jordan Rose [Wed, 20 Mar 2013 00:35:31 +0000 (00:35 +0000)]
[analyzer] Break cycles (optionally) when trimming an ExplodedGraph.
Having a trimmed graph with no cycles (a DAG) is much more convenient for
trying to find shortest paths, which is exactly what BugReporter needs to do.
Part of the performance work for <rdar://problem/13433687>.
Douglas Gregor [Wed, 20 Mar 2013 00:22:05 +0000 (00:22 +0000)]
<rdar://problem/10796651> Introduce configuration macros into module maps.
Configuration macros are macros that are intended to alter how a
module works, such that we need to build different module variants
for different values of these macros. A module can declare its
configuration macros, in which case we will complain if the definition
of a configation macro on the command line (or lack thereof) differs
from the current preprocessor state at the point where the module is
imported. This should eliminate some surprises when enabling modules,
because "#define CONFIG_MACRO ..." followed by "#include
<module/header.h>" would silently ignore the CONFIG_MACRO setting. At
least it will no longer be silent about it.
Configuration macros are eventually intended to help reduce the number
of module variants that need to be built. When the list of
configuration macros for a module is exhaustive, we only need to
consider the settings for those macros when building/finding the
module, which can help isolate modules for various project-specific -D
flags that should never affect how modules are build (but currently do).
David Blaikie [Tue, 19 Mar 2013 23:10:14 +0000 (23:10 +0000)]
Simplify/generalize some debug info test cases
Mostly, try to depend on the annotation comments more so these tests are more
legible, brief, and agnostic to schema changes in the future (sure, they're not
agnostic to changes to the comment annotations but since they're easier to read
they should be easier to update if that happens).
Anna Zaks [Tue, 19 Mar 2013 22:38:09 +0000 (22:38 +0000)]
[analyzer] Do not believe lazy binding when symbolic region types do not match
This fixes a crash when analyzing LLVM that was exposed by r177220 (modeling of
trivial copy/move assignment operators).
When we look up a lazy binding for “Builder”, we see the direct binding of Loc at offset 0.
Previously, we believed the binding, which led to a crash. Now, we do not believe it as
the types do not match.