Anna Zaks [Mon, 6 Aug 2012 23:25:45 +0000 (23:25 +0000)]
[analyzer] Dynamic type info - propagate through implicit casts.
I currently have a bit of redundancy with the cast kind switch statement
inside the ImplicitCast callback, but I might be adding more casts going
forward.
Anna Zaks [Mon, 6 Aug 2012 23:25:39 +0000 (23:25 +0000)]
[analyzer] Add a checker to manage dynamic type propagation.
Instead of sprinkling dynamic type info propagation throughout
ExprEngine, the added checker would add the more precise type
information on known APIs (Ex: ObjC alloc, new) and propagate
the type info in other cases (ex: ObjC init method, casts (the second is
not implemented yet)).
Add handling of ObjC alloc, new and init to the checker.
Jordan Rose [Mon, 6 Aug 2012 21:28:14 +0000 (21:28 +0000)]
[analyzer] Add plist output checks for all four "path notes" tests.
No functionality change, but from now on, any new path notes should be
tested both with plain-text output (for ease of human auditing) and with
plist output (to ensure control flow and events are being correctly
represented in Xcode).
Jordan Rose [Mon, 6 Aug 2012 21:28:02 +0000 (21:28 +0000)]
[analyzer] Ignore OS X 10.8's annotations for NSMakeCollectable.
The frameworks correctly use the 'cf_consumed' and 'ns_returns_retained'
attributes for NSMakeCollectable, but we can model the behavior under
garbage collection more precisely than that.
Richard Trieu [Mon, 6 Aug 2012 21:09:23 +0000 (21:09 +0000)]
For global record types, the self reference checker was called twice, resulting
in duplicate -Wuninitialized warnings. Change so that only the check in
TryConstructorInitialization() will be used and a single warning be emitted.
Chad Rosier [Mon, 6 Aug 2012 20:03:45 +0000 (20:03 +0000)]
[ms-inline asm] Pass Tokens to Sema and store them in the AST. No functional
change intended. No test case as there's no real way to test at this time.
Dmitri Gribenko [Mon, 6 Aug 2012 17:08:27 +0000 (17:08 +0000)]
Comment diagnostics: warn on duplicate \brief and \return commands.
Doxygen manual claims that multiple \brief or \returns commands will be merged
together, but actual behavior is different (second \brief command becomes a
part of a discussion, second \returns becomes a "Returns: blah" paragraph on
its own). Anyway, it seems to be a bad idea to use multiple \brief or \returns
commands in a single command.
Richard Smith [Mon, 6 Aug 2012 04:09:06 +0000 (04:09 +0000)]
PR13529: Don't crash if the driver sees an unused input file when running as
'clang-cpp'.
For now, the test uses "REQUIRES: shell" to determine if the host system
supports "ln -s", which it uses to create a 'clang-cpp' symlink. This is a bit
hacky and should likely be directly supported by lit.cfg.
Richard Smith [Mon, 6 Aug 2012 03:25:17 +0000 (03:25 +0000)]
PR13499: Don't try to check whether 'override' has been validly applied until
we know whether the function is virtual. But check it as soon as we do know;
in some cases we don't need to wait for an instantiation.
Jordan Rose [Sat, 4 Aug 2012 00:25:30 +0000 (00:25 +0000)]
[analyzer] Don't assume values bound to references are automatically non-null.
While there is no such thing as a "null reference" in the C++ standard,
many implementations of references (including Clang's) do not actually
check that the location bound to them is non-null. Thus unlike a regular
null dereference, this will not cause a problem at runtime until the
reference is actually used. In order to catch these cases, we need to not
prune out paths on which the input pointer is null.
Jordan Rose [Fri, 3 Aug 2012 23:09:01 +0000 (23:09 +0000)]
[analyzer] When a symbol is null, we should track its constraints.
Because of this, we would previously emit NO path notes when a parameter
is constrained to null (because there are no stores). Now we show where we
made the assumption, which is much more useful.
Jordan Rose [Fri, 3 Aug 2012 23:08:42 +0000 (23:08 +0000)]
[analyzer] FindLastStoreBRVisitor was not actually finding stores.
The visitor walks back through the ExplodedGraph as expected, but
it wasn't actually keeping track of when a value was assigned. This
meant that it only worked when the value was assigned when the variable
was defined.
Tests in the next commit (dependent on another change).
Anna Zaks [Fri, 3 Aug 2012 21:43:37 +0000 (21:43 +0000)]
[analyzer] ObjC Inlining: Start tracking dynamic type info in the GDM
In the following code, find the type of the symbolic receiver by
following it and updating the dynamic type info in the state when we
cast the symbol from id to MyClass *.
Anna Zaks [Fri, 3 Aug 2012 18:30:18 +0000 (18:30 +0000)]
[analyzer] Malloc: track non-allocated but freed memory
There is no reason why we should not track the memory which was not
allocated in the current function, but was freed there. This would
allow to catch more use-after-free and double free with no/limited IPA.
Also fix a realloc issue which surfaced as the result of this patch.
Benjamin Kramer [Fri, 3 Aug 2012 08:39:58 +0000 (08:39 +0000)]
Fix failed to generate vtables in certain cases.
By C++ standard, the vtable should be generated if the first non-inline
virtual function is defined in the TU. Current version of clang doesn't
generate vtable if the first virtual function is defaulted, because the
key function is regarded as the defaulted function.
Anna Zaks [Thu, 2 Aug 2012 23:41:05 +0000 (23:41 +0000)]
[analyzer] Solve another source of non-determinism in the diagnostic
engine.
The code that was supposed to split the tie in a deterministic way is
not deterministic. Most likely one of the profile methods uses a
pointer. After this change we do finally get the consistent diagnostic
output. Testing this requires running the analyzer on large code bases
and diffing the results.
Hans Wennborg [Thu, 2 Aug 2012 12:27:08 +0000 (12:27 +0000)]
Correct AddDefaultCIncludePaths for OpenBSD to not include /usr/local/include
in the default search path. Compilers on *BSD OS's only include /usr/include by
default.
Dmitri Gribenko [Wed, 1 Aug 2012 23:08:09 +0000 (23:08 +0000)]
Comment AST: add DeclInfo to store information about the declaration. Sema was
already extracting most of this, but discarding at the end of semantic analysis.
John McCall [Wed, 1 Aug 2012 05:04:58 +0000 (05:04 +0000)]
When devirtualizing the conversion to a virtual base subobject,
don't explode if the offset we get is zero. This can happen if
you have an empty virtual base class.
While I'm at it, remove an unnecessary block from the IR-generation
of the null-check, mark the eventual GEP as inbounds, and generally
prettify.
Dmitri Gribenko [Tue, 31 Jul 2012 22:37:06 +0000 (22:37 +0000)]
Comment parsing: add support for \tparam command on all levels.
The only caveat is renumbering CXCommentKind enum for aesthetic reasons -- this
breaks libclang binary compatibility, but should not be a problem since API is
so new.
David Blaikie [Tue, 31 Jul 2012 20:29:59 +0000 (20:29 +0000)]
Include clang-check as part of the clang installation.
This also tidies up a couple of other tools we were (partially) installing:
* c-index-test was being installed but shouldn't be (it's just a clang-dev tool)
* diagtool was being installed in cmake but not make (& shouldn't be installed in either)
Review by Manuel Klimek, Doug Gregor, and Chandler Carruth.
Jordan Rose [Tue, 31 Jul 2012 18:04:53 +0000 (18:04 +0000)]
[analyzer] Don't try to inline if there's no region for a message receiver.
While usually we'd use a symbolic region rather than a straight-up Unknown,
we can still generate unknowns via array subscripts with symbolic indexes.
(And if this ever changes in the future, we still shouldn't crash.)
Manuel Klimek [Tue, 31 Jul 2012 13:56:54 +0000 (13:56 +0000)]
Fixes a segfault in Tooling when using pch's:
Clear the FileManager's stat cache in between running
translation units, as the stat cache loaded from a pch
is only valid for one compiler invocation.
projects / clang / log