Commit Graph

40 Commits

Author SHA1 Message Date
Roman Lebedev c5417aafec [Sema] -Wtautological-constant-compare is too good. Cripple it.
Summary:
The diagnostic was mostly introduced in D38101 by me, as a reaction to wasting a lot of time, see [[ https://lists.llvm.org/pipermail/cfe-commits/Week-of-Mon-20171009/206427.html | mail ]].
However, the diagnostic is pretty dumb. While it works with no false-positives,
there are some questionable cases that are diagnosed when one would argue that they should not be.

The common complaint is that it diagnoses the comparisons between an `int` and
`long` when compiling for a 32-bit target as tautological, but not when
compiling for 64-bit targets. The underlying problem is obvious: data model.
In most cases, 64-bit target is `LP64` (`int` is 32-bit, `long` and pointer are
64-bit), and the 32-bit target is `ILP32` (`int`, `long`, and pointer are 32-bit).

I.e. the common pattern is: (pseudocode)
```
#include <limits>
#include <cstdint>
int main() {
  using T1 = long;
  using T2 = int;

  T1 r;
  if (r < std::numeric_limits<T2>::min()) {}
  if (r > std::numeric_limits<T2>::max()) {}
}
```
As an example, D39149 was trying to fix this diagnostic in libc++, and it was not well-received.

This *could* be "fixed", by changing the diagnostics logic to something like
`if the types of the values being compared are different, but are of the same size, then do diagnose`,
and i even attempted to do so in D39462, but as @rjmccall rightfully commented,
that implementation is incomplete to say the least.

So to stop causing trouble, and avoid contaminating upcoming release, lets do this workaround:
* move these three diags (`warn_unsigned_always_true_comparison`, `warn_unsigned_enum_always_true_comparison`, `warn_tautological_constant_compare`) into it's own `-Wtautological-constant-in-range-compare`
* Disable them by default
* Make them part of `-Wextra`
* Additionally, give `warn_tautological_constant_compare` it's own flag `-Wtautological-type-limit-compare`.
  I'm not happy about that name, but i can't come up with anything better.

This way all three of them can be enabled/disabled either altogether, or one-by-one.

Reviewers: aaron.ballman, rsmith, smeenai, rjmccall, rnk, mclow.lists, dim

Reviewed By: aaron.ballman, rsmith, dim

Subscribers: thakis, compnerd, mehdi_amini, dim, hans, cfe-commits, rjmccall

Tags: #clang

Differential Revision: https://reviews.llvm.org/D41512

llvm-svn: 321691
2018-01-03 08:45:19 +00:00
Roman Lebedev b0f0a1ea03 [Sema] Move some stuff into -Wtautological-unsigned-enum-zero-compare
Recommit. Original commit was reverted because buildbots broke.
The error was only reproducible in the build with assertions.
The problem was that the diagnostic expected true/false as
bool, while it was provided as string "true"/"false".

Summary:
As requested by Sam McCall:
> Enums (not new I guess). Typical case: if (enum < 0 || enum > MAX)
> The warning strongly suggests that the enum < 0 check has no effect
> (for enums with nonnegative ranges).
> Clang doesn't seem to optimize such checks out though, and they seem
> likely to catch bugs in some cases. Yes, only if there's UB elsewhere,
> but I assume not optimizing out these checks indicates a deliberate
> decision to stay somewhat compatible with a technically-incorrect
> mental model.
> If this is the case, should we move these to a
> -Wtautological-compare-enum subcategory?

Reviewers: rjmccall, rsmith, aaron.ballman, sammccall, bkramer, djasper

Reviewed By: aaron.ballman

Subscribers: jroelofs, cfe-commits

Tags: #clang

Differential Revision: https://reviews.llvm.org/D37629

llvm-svn: 313745
2017-09-20 09:54:47 +00:00
Roman Lebedev 918eaf9585 Revert "[Sema] Move some stuff into -Wtautological-unsigned-enum-zero-compare"
This reverts commit r313677.

Buildbots fail with assertion failure
Failing Tests (7):
    Clang :: Analysis/null-deref-ps.c
    Clang :: CodeGen/enum.c
    Clang :: Sema/compare.c
    Clang :: Sema/outof-range-constant-compare.c
    Clang :: Sema/tautological-unsigned-enum-zero-compare.c
    Clang :: Sema/tautological-unsigned-zero-compare.c
    Clang :: SemaCXX/compare.cpp

llvm-svn: 313683
2017-09-19 21:40:41 +00:00
Roman Lebedev c9c9748d99 [Sema] Move some stuff into -Wtautological-unsigned-enum-zero-compare
Summary:
As requested by Sam McCall:
> Enums (not new I guess). Typical case: if (enum < 0 || enum > MAX)
> The warning strongly suggests that the enum < 0 check has no effect
> (for enums with nonnegative ranges).
> Clang doesn't seem to optimize such checks out though, and they seem
> likely to catch bugs in some cases. Yes, only if there's UB elsewhere,
> but I assume not optimizing out these checks indicates a deliberate
> decision to stay somewhat compatible with a technically-incorrect
> mental model.
> If this is the case, should we move these to a
> -Wtautological-compare-enum subcategory?

Reviewers: rjmccall, rsmith, aaron.ballman, sammccall, bkramer, djasper

Reviewed By: aaron.ballman

Subscribers: jroelofs, cfe-commits

Tags: #clang

Differential Revision: https://reviews.llvm.org/D37629

llvm-svn: 313677
2017-09-19 21:11:35 +00:00
Roman Lebedev 6aa34aadd1 [Sema] -Wtautological-compare: handle comparison of unsigned with 0S.
Summary:
This is a first half(?) of a fix for the following bug:
https://bugs.llvm.org/show_bug.cgi?id=34147 (gcc -Wtype-limits)

GCC's -Wtype-limits does warn on comparison of unsigned value
with signed zero (as in, with 0), but clang only warns if the
zero is unsigned (i.e. 0U).

Also, be careful not to double-warn, or falsely warn on
comparison of signed/fp variable and signed 0.

Yes, all these testcases are needed.

Testing: $ ninja check-clang-sema check-clang-semacxx
Also, no new warnings for clang stage-2 build.

Reviewers: rjmccall, rsmith, aaron.ballman

Reviewed By: rjmccall

Subscribers: cfe-commits

Tags: #clang

Differential Revision: https://reviews.llvm.org/D37565

llvm-svn: 312750
2017-09-07 22:14:25 +00:00
Ted Kremenek b7d7dd4dbf Enhance -Wtautological-constant-out-of-range-compare to include the name of the enum constant.
This is QoI.  Fixes <rdar://problem/13076064>.

llvm-svn: 177190
2013-03-15 21:50:10 +00:00
Fariborz Jahanian 2f4e33aba2 Improvements to my patch in r164143 per
Richard's comments. // rdar://12202422

llvm-svn: 164316
2012-09-20 19:36:41 +00:00
Fariborz Jahanian b1885425c4 c: warn when an integer value comparison with an
integral expression have the obvious result.
Patch reviewed by John McCall off line.
// rdar://12202422

llvm-svn: 164143
2012-09-18 17:37:21 +00:00
Douglas Gregor bfb4a2138c Turn the mixed-sign-comparison diagnostic into a runtime behavior
diagnostic, from Eitan Adler!

llvm-svn: 155876
2012-05-01 01:53:49 +00:00
Eli Friedman 8349dc1fd6 Enhance the -Wsign-compare handling to suppress the -Wsign-compare warning in the case of a shifted bitfield. PR11572.
llvm-svn: 146634
2011-12-15 02:41:52 +00:00
John McCall c368838b20 Make the integer-range analysis recognize ^= correctly,
and (while I'm at it) teach it to grok the results of simple
assignments.

The first is PR10336.

llvm-svn: 135034
2011-07-13 06:35:24 +00:00
John McCall 2551c1bbcd Provide a slightly specialized diagnostic for tautological comparisons
of an enum value.

llvm-svn: 115725
2010-10-06 00:25:24 +00:00
Ted Kremenek 6274be47fa When warning about comparing an unsigned int to being >= 0, don't issue a warning if the zero value was an
enum or was expanded from a macro.

Fixes: <rdar://problem/8414119>
llvm-svn: 114695
2010-09-23 21:43:44 +00:00
Douglas Gregor ec170db73d Warn about comparisons between arrays and improve self-comparison
warnings, from Troy Straszheim! Fixes PR6163.

llvm-svn: 105631
2010-06-08 19:50:34 +00:00
John McCall cc7e5bff5c Rearchitect -Wconversion and -Wsign-compare. Instead of computing them
"bottom-up" when implicit casts and comparisons are inserted, compute them
"top-down" when the full expression is finished.  Makes it easier to
coordinate warnings and thus implement -Wconversion for signedness
conversions without double-warning with -Wsign-compare.  Also makes it possible
to realize that a signedness conversion is okay because the context is
performing the inverse conversion.  Also simplifies some logic that was
trying to calculate the ultimate comparison/result type and getting it wrong.
Also fixes a problem with the C++ explicit casts which are often "implemented"
in the AST with a series of implicit cast expressions.

llvm-svn: 103174
2010-05-06 08:58:33 +00:00
John McCall 1bff99322a Teach -Wsign-compare to treat 1 << blah as "idiomatically non-negative".
Fixes a spurious warning in LLVM.

llvm-svn: 100595
2010-04-07 01:14:35 +00:00
John McCall 71d8d9b468 Warn about comparing an unsigned expression with 0 in tautological ways.
Patch by mikem!

llvm-svn: 98279
2010-03-11 19:43:18 +00:00
Mike Stump 0978af83b3 Insulate these from changes to the default for -Wunreachable-code.
llvm-svn: 94326
2010-01-23 20:12:18 +00:00
John McCall 7443052652 Don't assert when dealing with unsigned casts of lvalues. Fixes PR5961.
llvm-svn: 92866
2010-01-06 22:57:21 +00:00
John McCall 70aa5391dd Significantly rework the calculation of effective integer-expression ranges
for -Wsign-compare and -Wconversion, and use that coordinated logic to drive
both diagnostics.  The new logic works more transparently with implicit
conversions, conditional operators, etc., as well as bringing -Wconversion's
ability to deal with pseudo-closed operations (e.g. arithmetic on shorts) to
-Wsign-compare.

Fixes PRs 5887, 5937, 5938, and 5939.

llvm-svn: 92823
2010-01-06 05:24:50 +00:00
John McCall b8e66c3b14 -Wsign-compare shouldn't warn when the signed operand is a conditional operator
whose operands are non-negative integer constant expressions.  This comes up
in LLVM in a few places.

llvm-svn: 92525
2010-01-04 22:35:07 +00:00
Daniel Dunbar 8fbe78f6fc Update tests to use %clang_cc1 instead of 'clang-cc' or 'clang -cc1'.
- This is designed to make it obvious that %clang_cc1 is a "test variable"
   which is substituted. It is '%clang_cc1' instead of '%clang -cc1' because it
   can be useful to redefine what gets run as 'clang -cc1' (for example, to set
   a default target).

llvm-svn: 91446
2009-12-15 20:14:24 +00:00
John McCall 5677499fbf First pass at implementing C++ enum semantics: calculate (and store) an
"integer promotion" type associated with an enum decl, and use this type to
determine which type to promote to.  This type obeys C++ [conv.prom]p2 and
is therefore generally signed unless the range of the enumerators forces
it to be unsigned.

Kills off a lot of false positives from -Wsign-compare in C++, addressing
rdar://7455616

llvm-svn: 90965
2009-12-09 09:09:27 +00:00
John McCall e46fd8531c compare.c also needs a target triple now, and improve some comments while we're
at it.

llvm-svn: 86243
2009-11-06 08:53:51 +00:00
John McCall 99ce6bfe28 Improve the -Wsign-compare heuristics:
* If the unsigned type is smaller than the signed type, never warn, because
    its value will not change when zero-extended to the larger type.
  * If we're testing for (in)equality, and the unsigned value is an integer
    constant whose sign bit is not set, never warn, because even though the
    signed value might change, it can't affect the result of the equality.

Also make the comparison test cases much more rigorous, and have them expose
the subtle differences between C and C++ here.

llvm-svn: 86242
2009-11-06 08:49:08 +00:00
Douglas Gregor 6af6c3ee56 Turn off -Wsign-compare warnings by default
llvm-svn: 86233
2009-11-06 05:24:12 +00:00
John McCall 1fa36b7cab Implement the conditional-operator part of -Wsign-compare. Turn
DiagnoseSignCompare into Sema::CheckSignCompare and call it from more places.

Add some enumerator tests.  These seem to expose some oddities in the
types we're converting C++ enumerators to;  in particular, they're converting
to unsigned before int, which seems to contradict 4.5 [conv.prom] p2.

Note to self: stop baiting Doug in my commit messages.

llvm-svn: 86128
2009-11-05 09:23:39 +00:00
John McCall 644a4181c9 Implement -Wsign-compare, or at least the actual comparison part of it.
Conditional operands are next.

Fixes part of rdar://problem/7289584.

llvm-svn: 86083
2009-11-05 00:40:04 +00:00
Eli Friedman ba7908796a Remove unnecessary include.
llvm-svn: 80275
2009-08-27 19:02:44 +00:00
Eli Friedman 16c209610c Catch a few more cases of illegal comparisons.
llvm-svn: 79793
2009-08-23 00:27:47 +00:00
Chris Lattner d99bd52c73 Eli points out that we really must diagnose "void* > 0" as an extension.
Explicitly add it as an EXTENSION instead of an EXTWARN so that it only
comes out with -pedantic.  Thanks Eli!

llvm-svn: 79791
2009-08-23 00:03:44 +00:00
Chris Lattner f8344dbfdd tweak some pointer sema checking stuff (which was added to implement PR4175) to
avoid emitting a warning on "someptr > 0".  This is obviously questionable (they 
could use != instead) but is reasonable, and the warning "ordered comparison 
between pointer and integer" didn't make a ton of sense because 0 is a valid 
null pointer constant.

Just silence the warning in this case, it is unlikely to indicate a bug.

llvm-svn: 79743
2009-08-22 18:58:31 +00:00
Douglas Gregor e64c196868 Fix a problem with false diagnostics when comparing distinct NULL pointer types, from David Majnemer
llvm-svn: 74850
2009-07-06 20:14:23 +00:00
Chris Lattner d466ea1b08 Implement PR4175, catching some questionable comparisons. Patch by
David Majnemer!

llvm-svn: 74513
2009-06-30 06:24:05 +00:00
Daniel Dunbar a45cf5b6b0 Rename clang to clang-cc.
Tests and drivers updated, still need to shuffle dirs.

llvm-svn: 67602
2009-03-24 02:24:46 +00:00
Eli Friedman d49a720d52 Be a bit stricter about array type compatibility.
llvm-svn: 46799
2008-02-06 04:53:22 +00:00
Chris Lattner 5e4c75f4ef rename -parse-ast-print to -ast-print
rename -parse-ast-dump to -ast-dump
remove -parse-ast, which is redundant with -fsyntax-only

llvm-svn: 42852
2007-10-11 00:18:28 +00:00
Ted Kremenek 0883fd5817 Removed option "-parse-ast-check" from clang driver. This is now implemented
using "-parse-ast -verify".

Updated all test cases (using a sed script) that invoked -parse-ast-check to
now use -parse-ast -verify.

Fixed a bug where using "-verify" instead of "-parse-ast-check" would not
correctly create the DiagClient needed to accumulate diagnostics.

llvm-svn: 42365
2007-09-26 20:14:22 +00:00
Steve Naroff 808eb8fe88 Add Type::getAsBuiltinType() and Type::builtinTypesAreCompatible().
Modified Type::typesAreCompatible() to use the above.

This fixes the following bug submitted by Keith Bauer (thanks!).

int equal(char *a, const char *b)
{
    return a == b;
}

Also tweaked Sema::CheckCompareOperands() to ignore the qualifiers when
comparing two pointer types (though it doesn't relate directly to this bug).

llvm-svn: 41476
2007-08-27 04:08:11 +00:00
Chris Lattner 1895e58c84 Cases like this:
char *C;
  C != ((void*)0);

Should not warn about incompatible pointer types.  Also, make sure to
insert an implicit conversion even if the operand is null.

llvm-svn: 41408
2007-08-26 01:10:14 +00:00