Commit Graph

7 Commits

Author SHA1 Message Date
Jordan Rose 303e2f1eac Accept nullability qualifiers on array parameters.
Since array parameters decay to pointers, '_Nullable' and friends
should be available for use there as well. This is especially
important for parameters that are typedefs of arrays. The unsugared
syntax for this follows the syntax for 'static'-sized arrays in C:

  void test(int values[_Nullable]);

This syntax was previously accepted but the '_Nullable' (and any other
attributes) were silently discarded. However, applying '_Nullable' to
a typedef was previously rejected and is now accepted; therefore, it
may be necessary to test for the presence of this feature:

  #if __has_feature(nullability_on_arrays)

One important change here is that DecayedTypes don't always
immediately contain PointerTypes anymore; they may contain an
AttributedType instead. This only affected one place in-tree, so I
would guess it's not likely to cause problems elsewhere.

This commit does not change -Wnullability-completeness just yet. I
want to think about whether it's worth doing something special to
avoid breaking existing clients that compile with -Werror. It also
doesn't change '#pragma clang assume_nonnull' behavior, which
currently treats the following two declarations as equivalent:

  #pragma clang assume_nonnull begin
  void test(void *pointers[]);
  #pragma clang assume_nonnull end

  void test(void * _Nonnull pointers[]);

This is not the desired behavior, but changing it would break
backwards-compatibility. Most likely the best answer is going to be
adding a new warning.

Part of rdar://problem/25846421

llvm-svn: 286519
2016-11-10 23:28:17 +00:00
Akira Hatanaka 73118fd10e [Sema] Compute the nullability of a conditional expression based on the
nullabilities of its operands.

This patch defines a function to compute the nullability of conditional
expressions, which enables Sema to precisely detect implicit conversions
of nullable conditional expressions to nonnull pointers.

rdar://problem/25166556

Differential Revision: https://reviews.llvm.org/D22392

llvm-svn: 276076
2016-07-20 01:48:11 +00:00
George Burgess IV 8d141e0120 [Sema] Make nullness warnings appear in C++.
Given the following code:

    int *_Nullable ptr;
    int *_Nonnull nn = ptr;

...In C, clang will warn you about `nn = ptr`, because you're assigning
a nonnull pointer to a nullable pointer. In C++, clang issues no such
warning. This patch helps ensure that clang doesn't ever miss an
opportunity to complain about C++ code.

N.B. Though this patch has a differential revision link, the actual
review took place over email.

Differential Revision: http://reviews.llvm.org/D14938

llvm-svn: 255556
2015-12-14 22:00:49 +00:00
Douglas Gregor 4c27d104c6 Make __has_feature(nullability) and __has_extension(nullability) always true.
These are _Underbar_capital-prefixed additions to the language that
shouldn't depend on language standard.

llvm-svn: 240976
2015-06-29 18:11:42 +00:00
Douglas Gregor aea7afdc13 Replace __double_underscored type nullability qualifiers with _Uppercase_underscored
Addresses a conflict with glibc's __nonnull macro by renaming the type
nullability qualifiers as follows:

  __nonnull -> _Nonnull
  __nullable -> _Nullable
  __null_unspecified -> _Null_unspecified

This is the major part of rdar://problem/21530726, but does not yet
provide the Darwin-specific behavior for the old names.

llvm-svn: 240596
2015-06-24 22:02:08 +00:00
Douglas Gregor b4866e85e5 Diagnose unsafe uses of nil and __nonnull pointers.
This generalizes the checking of null arguments to also work with
values of pointer-to-function, reference-to-function, and block
pointer type, using the nullability information within the underling
function prototype to extend non-null checking, and diagnoses returns
of 'nil' within a function with a __nonnull return type.

Note that we don't warn about nil returns from Objective-C methods,
because it's common for Objective-C methods to mimic the nil-swallowing
behavior of the receiver by checking ostensibly non-null parameters
and returning nil from otherwise non-null methods in that
case.

It also diagnoses (via a separate flag) conversions from nullable to
nonnull pointers. It's a separate flag because this warning can be noisy.

llvm-svn: 240153
2015-06-19 18:13:19 +00:00
Douglas Gregor 261a89b0f7 Introduce type nullability specifiers for C/C++.
Introduces the type specifiers __nonnull, __nullable, and
__null_unspecified that describe the nullability of the pointer type
to which the specifier appertains. Nullability type specifiers improve
on the existing nonnull attributes in a few ways:
  - They apply to types, so one can represent a pointer to a non-null
    pointer, use them in function pointer types, etc.
  - As type specifiers, they are syntactically more lightweight than
    __attribute__s or [[attribute]]s.
  - They can express both the notion of 'should never be null' and
  also 'it makes sense for this to be null', and therefore can more
  easily catch errors of omission where one forgot to annotate the
  nullability of a particular pointer (this will come in a subsequent
  patch).

Nullability type specifiers are maintained as type sugar, and
therefore have no effect on mangling, encoding, overloading,
etc. Nonetheless, they will be used for warnings about, e.g., passing
'null' to a method that does not accept it.

This is the C/C++ part of rdar://problem/18868820.

llvm-svn: 240146
2015-06-19 17:51:05 +00:00