Kaelyn Uhrain [Fri, 5 Aug 2011 23:18:04 +0000 (23:18 +0000)]
Perform array bounds checking in more situations and properly handle special
case situations with the unary operators & and *. Also extend the array bounds
checking to work with pointer arithmetic; the pointer arithemtic checking can
be turned on using -Warray-bounds-pointer-arithmetic.
The changes to where CheckArrayAccess gets called is based on some trial &
error and a bunch of digging through source code and gdb backtraces in order
to have the check performed under as many situations as possible (such as for
variable initializers, arguments to function calls, and within conditional in
addition to the simpler cases of the operands to binary and unary operator)
while not being called--and triggering warnings--more than once for a given
ArraySubscriptExpr.
Chad Rosier [Fri, 5 Aug 2011 22:38:04 +0000 (22:38 +0000)]
Add support for using anonymous bitfields (e.g., int : 0) to enforce alignment.
This fixes cases where the anonymous bitfield is followed by a bitfield member.
E.g.,
struct t4
{
char foo;
long : 0;
char bar : 1;
};
Ted Kremenek [Fri, 5 Aug 2011 21:53:47 +0000 (21:53 +0000)]
Make test/SemaObjC/qualified-protocol-method-conflicts.m always fail and mark it XFAIL. This is a stop gap until the output of the test is deterministic.
Flesh out the -Warray-bounds detection of C89 tail-padded one-element
arrays. This now suppresses the warning only in the case of
a one-element array as the last field in a struct where the array size
is a literal '1' rather than any macro expansion or template parameter.
This doesn't distinguish between the language standard in use to allow
code which dates from C89 era to compile without the warning even in C99
and C++ builds. We could add a separate warning (under a different flag)
with fixit hints to switch to a flexible array, but its not clear that
this would be desirable. Much of the code using this idiom is striving
for maximum portability.
Tests were also fleshed out a bit, and the diagnostic itself tweaked to
be more pretty w.r.t. single elment arrays. This is more ugly than
I would like due to APInt's not being supported by the diagnostic
rendering engine.
A pseudo-patch for this was proposed by Nicola Gigante, but I reworked
it both for several correctness issues and for code style.
Finally getting around to re-working this to more accurately white-list
1-element character arrays which are serving as flexible arrays. This is
the initial step, which is to restrict the 1-element array whitelist to
arrays that are member declarations. I'll refine it from here based on
the proposed patch.
Kaelyn Uhrain [Thu, 4 Aug 2011 23:30:54 +0000 (23:30 +0000)]
Fix a small bug where DiagnoseEmptyLookup would no longer print any messages
when performing typo correction involving any overloaded template functions.
The added test cases, while currently demontrating sub-optimal behavior, will
not trigger any messages without the 1-line change to SemaExpr.cpp.
Anna Zaks [Thu, 4 Aug 2011 21:53:01 +0000 (21:53 +0000)]
KeychainAPI checker: Track additional pair of SecKeychain APIs. Also, keep exploring the transition on which a call to allocator function failed (to be able to find errors in examples like ErrorCodesFromDifferentAPISDoNotInterfere).
objective-c: diagnose protocol inconsistencies in following
situation. When a class explicitly or implicitly (through inheritance)
"conformsTo" two protocols which conflict (have methods which conflict).
This is 2nd part of // rdar://6191214.
Douglas Gregor [Thu, 4 Aug 2011 18:56:47 +0000 (18:56 +0000)]
Introduce local -> global mapping for preprocessed entity IDs. This is
the last of the ID/offset/index mappings that I know
of. Unfortunately, the "gap" method of testing doesn't work here due
to the way the preprocessing record performs iteration. We'll do more
testing once multi-AST loading is possible.
Kaelyn Uhrain [Thu, 4 Aug 2011 17:40:00 +0000 (17:40 +0000)]
Match type names and give more info for out-of-line function definition errors.
Having a function declaration and definition with different types for a
parameter where the types have same (textual) name can occur when an unqualified
type name resolves to types in different namespaces in each location.
The error messages have been extended by adding notes that point to the first
parameter of the function definition that doesn't match the declaration, instead
of a generic "member declaration nearly matches". The generic message is still
used in cases where the mismatch is not in the paramenter list, such as
mismatched cv qualifiers on the member function itself.
Anna Zaks [Thu, 4 Aug 2011 17:28:06 +0000 (17:28 +0000)]
KeychainAPI checker: Refactor to make it easier to add more allocator/deallocator API pairs. Add the allocator function ID to the checker state. Better comments.
Douglas Gregor [Thu, 4 Aug 2011 17:06:18 +0000 (17:06 +0000)]
In the AST reader and writer, slide the preprocessed entity IDs by +1
so that we use ID zero as a sentinel for "no result". This matches the
convention set by all of the other global IDs.
John McCall [Thu, 4 Aug 2011 01:26:15 +0000 (01:26 +0000)]
Take -Wvector-conversions out of -Wmost; it needs a lot of
QoI work. rdar://problem/9887979. If some open-source
wants to get an idea for what QoI work I have in mind,
ping me.
Chad Rosier [Thu, 4 Aug 2011 01:21:14 +0000 (01:21 +0000)]
Add partial support for using anonymous bitfields (e.g., int : 0) to enforce
alignment. This fixes cases where the anonymous bitfield is followed by a
non-bitfield member. E.g.,
Anna Zaks [Thu, 4 Aug 2011 00:26:57 +0000 (00:26 +0000)]
KeychainAPI checker: Add basic diagnostics. Track MemoryRegion istead of SymbolicRef since the address might not be a symbolic value in some cases, for example in fooOnlyFree() test.
Chad Rosier [Thu, 4 Aug 2011 00:19:13 +0000 (00:19 +0000)]
For APCS the alignment of bitfield types is *not* respected when laying out
structures. Alignment can be enforced with the use of anonymous bitfields
(e.g., int :0), but this is not currently supported. Add this test case to
document the current state, which will hopefully be fixed shortly.
Douglas Gregor [Thu, 4 Aug 2011 00:01:48 +0000 (00:01 +0000)]
Don't introduce a local -> global mapping for CXXBaseSpecifiers. The
IDs will never cross module boundaries, since they're tied to the
CXXDefinitionData, so just use a local mapping throughout. Eliminate
the global -> local tables and supporting data.
Delete one of the old tests that was ported over to Clang. The test is
designed to be executed, and its output inspected for correct values,
but we aren't executing it. We're just compiling it, and dumping it to
/dev/null. It also isn't freestanding. If there is a desire to have this
test actually stick around, complain and I'll revert this and try to add
the file checks necessary to make this actually test things.
Douglas Gregor [Wed, 3 Aug 2011 21:49:18 +0000 (21:49 +0000)]
Introduce a local-to-global remapping for identifiers in the AST
reader, and fix up the one (!) place where we were improperly mapping
a local ID to a global ID. Tested via the usual "gaps" trick.
Kaelyn Uhrain [Wed, 3 Aug 2011 20:36:05 +0000 (20:36 +0000)]
Improve overloaded function handling in the typo correction code.
Change TypoCorrection to store a set of NamedDecls instead of a single
NamedDecl. Also add initial support for performing function overload
resolution to Sema::DiagnoseEmptyLookup.
Ted Kremenek [Wed, 3 Aug 2011 20:17:43 +0000 (20:17 +0000)]
[analyzer] Introduce MallocOverflowSecurityChecker, a simple flow-sensitive checker that may be useful for security auditing. This checker is currently too noisy to be on by default.
Douglas Gregor [Wed, 3 Aug 2011 16:26:46 +0000 (16:26 +0000)]
Make the type of the IntegerLiteral for bitfield paddings an actual
integer, and initialise its TypeSourceInfo. The initialisation fixes a
crash when using pre-compiled preambles with C++ code-completion. From
Erik Verbruggen! Fixes PR10511.
Douglas Gregor [Wed, 3 Aug 2011 16:05:40 +0000 (16:05 +0000)]
Introduce a constant for the number of predefined declarations in an
AST file, along with an enumeration naming those predefined
declarations. No functionality change, but this will make it easier to
introduce new predefined declarations, when/if we need them.
Douglas Gregor [Wed, 3 Aug 2011 15:48:04 +0000 (15:48 +0000)]
Introduce the local -> global declaration ID mapping into the AST
reader, to allow AST files to be loaded with their declarations
remapped to different ID numbers. Fix a number of places where we were
either failing to map local declaration IDs into global declaration
IDs or where interpreting the local declaration IDs within the wrong
module.
I've tested this via the usual "random gaps" method. It works well
except for the preamble tests, because our handling of the precompiled
preamble requires declaration and preprocessed entity to be stable
when parsing code and then loading that back into memory. This
property will hold in general, but my randomized testing naturally
breaks this property to get more coverage. In the future, I expect
that the precompiled preamble logic won't need this property.
I am very unhappy with the current handling of the translation unit,
which is a rather egregious hack. We're going to have to do something
very different here for loading multiple AST files, because we don't
want to have to cope with merging two translation units. Likely, we'll
just handle translation units entirely via "update" records, and
predefine a single, fixed declaration ID for the translation
unit. That will come later.
Bob Wilson [Wed, 3 Aug 2011 05:58:22 +0000 (05:58 +0000)]
Handle "homogeneous aggregates" as required by the ARM AAPCS-VFP ABI.
A homogeneous aggregate is an aggregate data structure where after flattening
any nesting there are 1 to 4 elements of the same base type that is either a
float, double, or Neon vector. All Neon vectors of the same size, either 64
or 128 bits, are treated as equivalent for this purpose. When using the
AAPCS-VFP ABI, check for homogeneous aggregates and pass them as arguments by
expanding them into a sequence of their base types. This requires extending
the existing support for expanded arguments to handle not only structs, but
also constant arrays and complex types.
Anna Zaks [Wed, 3 Aug 2011 01:57:49 +0000 (01:57 +0000)]
Static Analyzer diagnostics visualization: when the last location on a path is end of the function, the arrow should point to the closing brace, not the statement before it. Patch by Ted Kremenek.
John McCall [Wed, 3 Aug 2011 00:43:55 +0000 (00:43 +0000)]
When rewriting a call to a K&R function to lead to a well-prototyped
function, be sure to drop parameter attributes when dropping their
associated arguments. Patch by Aaron Landwehr!
Chris Lattner [Tue, 2 Aug 2011 21:44:23 +0000 (21:44 +0000)]
disable array bounds overflow warning for cases where an array
has a single element. This disables the warning in cases where
there is a clear bug, but this is really rare (who uses arrays
with one element?) and it also silences a large class of false
positive issues with C89 code that is using tail padding in structs.
A better version of this patch would detect when an array is in
a tail position in a struct, but at least patch fixes the huge
false positives that are hitting postgres and other code.
Chad Rosier [Tue, 2 Aug 2011 20:44:34 +0000 (20:44 +0000)]
Fix cmake for r136702 (at least for the most part). Chandler has been kind
enough to offer to investigate the underlying issue. Thanks to Doug for his
assistance as well.
Douglas Gregor [Tue, 2 Aug 2011 18:32:54 +0000 (18:32 +0000)]
Change the hashing function for DeclContext lookup within an AST file
by eliminating the type ID from constructor, destructor, and
conversion function names. There are several reasons for this change:
- A given type (say, int*) isn't guaranteed to have a single, unique
type ID within a chain of PCH files. Hence, we could end up hashing
based on the wrong type ID, causing name lookup to fail.
- The mapping from types back to type IDs required one DenseMap
entry for every type that was ever deserialized, which was an
unacceptable cost to support just the name lookup of constructors,
destructors, and conversion functions. Plus, this mapping could
never actually work with chained or multiple PCH, based on the first
bullet.
Once we have eliminated the type from the hash function, these
problems go away, as does my horrible "reverse type remap" hack, which
was doomed from the start (see bullet #1 above) and far too
complicated.
However, note that removing the type from the hash function means that
all constructors, destructors, and conversion functions have the same
hash key, so I've updated the caller to double-check that the
declarations found have the appropriate name.
Chad Rosier [Tue, 2 Aug 2011 17:58:04 +0000 (17:58 +0000)]
When the compiler crashes, the compiler driver now produces diagnostic
information including the fully preprocessed source file(s) and command line
arguments. The developer is asked to attach this diagnostic information to a
bug report.
rdar://9575623
Following up the earlier refactoring/cleanup work by fixing up how we manage the virtual files the ASTReader has to handle. Specifically, this occurs when the reader is reading AST files that were created in memory and not written to disk. For example, when a user creates a chained PCH using command line flags. These virtual files are stored in MemoryBuffers in ChainIncludeSource.cpp, and then read back in by the ASTReader. This patch moves the management of these buffers into the ModuleManager, so that it becomes the authority on where these buffers are located.
Douglas Gregor [Tue, 2 Aug 2011 16:26:37 +0000 (16:26 +0000)]
Implement a proper local -> global type ID remapping scheme in the AST
reader. This scheme permits an AST file to be loaded with its type IDs
shifted anywhere in the type ID space.
At present, the type indices are still allocated in the same boring
way they always have been, just by adding up the number of types in
each PCH file within the chain. However, I've done testing with this
patch by randomly sliding the base indices at load time, to ensure
that remapping is occurring as expected. I may eventually formalize
this in some testing flag, but loading multiple (non-chained) AST
files at once will eventually exercise the same code.
There is one known problem with this patch, which involves name lookup
of operator names (e.g., "x.operator int*()") in cases where multiple
PCH files in the chain. The hash function itself depends on having a
stable type ID, which doesn't happen with chained PCH and *certainly*
doesn't happen when sliding type IDs around. We'll need another
approach. I'll tackle that next.
Douglas Gregor [Tue, 2 Aug 2011 11:12:41 +0000 (11:12 +0000)]
Add a debugging dump for Module (also emitted as part of the AST
reader statistics), to show the local-to-global mappings. The only
such mapping we have (at least, for now) is for source location
offsets.
Douglas Gregor [Tue, 2 Aug 2011 10:56:51 +0000 (10:56 +0000)]
Generalize the module offset map to include mapping information for
all of the kinds of IDs that can be offset. No effectively
functionality change; this is preparation for adding remapping for
IDs.
Bob Wilson [Mon, 1 Aug 2011 23:39:04 +0000 (23:39 +0000)]
Revert "Re-enable byval for ARM in clang. rdar://problem/7662569"
This reverts commit 67d097e1232b7d66f58989c16a45b8a11721f76e.
We found a miscompile with ARM byval, which is still being investigated.
In the meantime, this works around the problem by disabling ARM byval.
Anna Zaks [Mon, 1 Aug 2011 22:40:01 +0000 (22:40 +0000)]
Add a skeleton for the Keychain Services API Checker. Register it as OSX experimental for now. Note, the checker still does not handle tracking of escaped values, taking into account the return value of the allocator functions, nor the actual bug reporting..
Akira Hatanaka [Mon, 1 Aug 2011 20:48:01 +0000 (20:48 +0000)]
Implement MipsABIInfo::EmitVAArg. This fix enables clang to complete compilation
without bailing out when va_arg is an aggregate expression. However,
alignment checking needs to be added in isSafeToEliminateVarargsCast in
InstCombineCalls.cpp in order to produce correct mips code (see link below).
Chad Rosier [Mon, 1 Aug 2011 19:58:48 +0000 (19:58 +0000)]
Driver: When compiling i386 -fapple-kext code, we fallback to llvmgcc.
Unfortunately, llvmgcc doesn't always work when writing temporary output to
/dev/null. Therefore, create a temp file that is later deleted.
rdar://9837692
Not sure why we bother updating FunctionDecl's EndRangeLoc in FunctionDecl::setParams.
EndRangeLoc should always be set to at least the ending paren or brace.
projects / clang / log