Checking whether a functions throws indirectly may be very expensive because it
needs to visit its whole call graph. Therefore we should first check whether the
function is forbidden to throw and only check whether it throws afterward. This
also seems to solve bug https://bugs.llvm.org/show_bug.cgi?id=39167 where the
execution time is so long that it seems to hang.
Differential Revision: https://reviews.llvm.org/D53187
llvm-svn: 344444
New checker called bugprone-not-null-terminated-result. This check finds function calls where it is possible to cause a not null-terminated result. Usually the proper length of a string is strlen(src) + 1 or equal length of this expression, because the null terminator needs an extra space. Without the null terminator it can result in undefined behaviour when the string is read.
The following function calls are checked:
memcpy, wmemcpy, memcpy_s, wmemcpy_s, memchr, wmemchr, memmove, wmemmove, memmove_s, wmemmove_s, memset, wmemset, strerror_s, strncmp, wcsncmp, strxfrm, wcsxfrm
The following is a real-world example where the programmer forgot to increase the passed third argument, which is size_t length. That is why the length of the allocated memory is problematic too.
static char *StringCpy(const std::string &str) {
char *result = reinterpret_cast<char *>(malloc(str.size()));
memcpy(result, str.data(), str.size());
return result;
}
After running the tool fix-it rewrites all the necessary code according to the given options. If it is necessary, the buffer size will be increased to hold the null terminator.
static char *StringCpy(const std::string &str) {
char *result = reinterpret_cast<char *>(malloc(str.size() + 1));
strcpy(result, str.data());
return result;
}
Patch by Charusso.
Differential ID: https://reviews.llvm.org/D45050
llvm-svn: 344374
Summary:
This patch is a small refactoring necessary for
'readability-isolate-declaration' and does not introduce functional changes.
It allows to use the utility functions without a full `ASTContext` and requires only the `SourceManager` and the `LangOpts`.
Reviewers: alexfh, aaron.ballman, hokein
Reviewed By: alexfh
Subscribers: nemanjai, xazax.hun, kbarton, cfe-commits
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D52684
llvm-svn: 343850
Summary:
The check bugprone-exception-escape should not register
if -fno-exceptions is set for the compile options. Bailing out on non-cplusplus
and non-exceptions language options resolves the issue.
Reviewers: alexfh, aaron.ballman, baloghadamsoftware
Reviewed By: alexfh
Subscribers: lebedev.ri, xazax.hun, rnkovacs, cfe-commits
Differential Revision: https://reviews.llvm.org/D52880
llvm-svn: 343789
Summary:
Before this fix, the bugprone-use-after-move check could incorrectly
conclude that a use and move in a function template were not sequenced.
For details, see
https://bugs.llvm.org/show_bug.cgi?id=39149
Reviewers: alexfh, hokein, aaron.ballman, JonasToth
Reviewed By: aaron.ballman
Subscribers: xazax.hun, cfe-commits
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D52782
llvm-svn: 343768
Summary:
This allows member functions to be marked as reinitializing the object. After a
moved-from object has been reinitialized, the check will no longer consider it
to be in an indeterminate state.
The patch that adds the attribute itself is at https://reviews.llvm.org/D49911
Reviewers: ilya-biryukov, aaron.ballman, alexfh, hokein, rsmith
Reviewed By: aaron.ballman
Subscribers: dblaikie, xazax.hun, cfe-commits
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D49910
llvm-svn: 339571
Finds functions which may throw an exception directly or indirectly, but they
should not: Destructors, move constructors, move assignment operators, the
main() function, swap() functions, functions marked with throw() or noexcept
and functions given as option to the checker.
Differential Revision: https://reviews.llvm.org/D33537
llvm-svn: 336997
Summary:
Checks for narrowing conversions, e.g.
int i = 0;
i += 0.1;
This has what some might consider false positives for:
i += ceil(d);
Reviewers: alexfh, hokein
Subscribers: srhines, nemanjai, mgorny, JDevlieghere, xazax.hun, kbarton
Differential Revision: https://reviews.llvm.org/D38455
llvm-svn: 333066
Summary:
Add support for checking class template member functions.
Also add the following functions to be checked by default:
- std::unique_ptr::release
- std::basic_string::empty
- std::vector::empty
Reviewers: alexfh, hokein, aaron.ballman, ilya-biryukov
Reviewed By: aaron.ballman
Subscribers: jbcoe, xazax.hun, cfe-commits
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D45891
Patch by khuttun (Kalle Huttunen)
llvm-svn: 330772
There's an error for PSP4 platform only:
C:\Program Files (x86)\Microsoft Visual Studio 14.0\VC\INCLUDE\algorithm(95):
error C2719: '_Pred': formal parameter with requested alignment of 8 won't be aligned
llvm-svn: 329495
class A {...int virtual foo() {...}...};
class B: public A {...int foo() override {...}...};
class C: public B {...int foo() override {... A::foo()...}};
^^^^^^^^ warning: qualified name A::foo refers to a member overridden in subclass; did you mean 'B'? [bugprone-parent-virtual-call]
Differential Revision: https://reviews.llvm.org/D44295
llvm-svn: 329448
Summary:
A common mistake that I have found in our codebase is calling a function to get an integer or enum that represents the type such as:
```
int numBytes = numElements * sizeof(x.GetType());
```
So this extends the `sizeof` check to check for these cases. There is also a `WarnOnSizeOfCall` option so it can be disabled.
Patch by Paul Fultz II!
Reviewers: hokein, alexfh, aaron.ballman, ilya-biryukov
Reviewed By: alexfh
Subscribers: lebedev.ri, xazax.hun, jkorous-apple, cfe-commits
Tags: #clang-tools-extra
Differential Revision: https://reviews.llvm.org/D44231
llvm-svn: 329073
Summary:
Detects function calls where the return value is unused.
Checked functions can be configured.
Reviewers: alexfh, aaron.ballman, ilya-biryukov, hokein
Reviewed By: alexfh, aaron.ballman
Subscribers: hintonda, JonasToth, Eugene.Zelenko, mgorny, xazax.hun, cfe-commits
Tags: #clang-tools-extra
Patch by Kalle Huttunen!
Differential Revision: https://reviews.llvm.org/D41655
llvm-svn: 327833
Summary:
Fix DanglingHandleCheck to handle the final implementation of std::string and std::string_view.
These use a conversion operator instead of a conversion constructor.
Reviewers: hokein
Subscribers: klimek, xazax.hun, cfe-commits
Differential Revision: https://reviews.llvm.org/D41779
llvm-svn: 322002
A possible error is to write `malloc(strlen(s+1))` instead of
`malloc(strlen(s)+1)`. Unfortunately the former is also valid syntactically,
but allocates less memory by two bytes (if `s` is at least one character long,
undefined behavior otherwise) which may result in overflow cases. This check
detects such cases and also suggests the fix for them.
Fix for r318906, forgot to add new files.
llvm-svn: 318907
A possible error is to write `malloc(strlen(s+1))` instead of
`malloc(strlen(s)+1)`. Unfortunately the former is also valid syntactically,
but allocates less memory by two bytes (if s` is at least one character long,
undefined behavior otherwise) which may result in overflow cases. This check
detects such cases and also suggests the fix for them.
llvm-svn: 318906
Finds copy constructors where the constructor don't call
the copy constructor of the base class.
```
class X : public Copyable {
X(const X &other) {} // Copyable(other) is missing
};
```
Differential Revision: https://reviews.llvm.org/D33722
llvm-svn: 318522