Commit Graph

2899 Commits

Author SHA1 Message Date
Daniel Dunbar 214671f98c [Analysis] Add missing newlines at end of file.
llvm-svn: 219439
2014-10-09 20:34:45 +00:00
Artyom Skrobov 27720765ed Reverting r214064 and r215650 while investigating a pesky performance regression
llvm-svn: 218296
2014-09-23 08:34:41 +00:00
DeLesley Hutchins c60dc2cfb9 Thread Safety Analysis: add new warning flag, -Wthread-safety-reference, which
warns when a guarded variable is passed by reference as a function argument.
This is released as a separate warning flag, because it could potentially
break existing code that uses thread safety analysis.

llvm-svn: 218087
2014-09-18 23:02:26 +00:00
Aaron Ballman 6afd1eb322 Fixing a -Woverflow warning from GCC by using a more natural datatype for this operation. NFC.
llvm-svn: 217670
2014-09-12 12:42:15 +00:00
Justin Bogner 560cbf506b Fix a couple of -Wsign-compare warnings introduced in r217556
llvm-svn: 217569
2014-09-11 03:37:42 +00:00
DeLesley Hutchins 4e38f100b5 Thread Safety Analysis: major update to thread safety TIL.
Numerous changes, including:
  * Changed the way variables and instructions are handled in basic blocks to
    be more efficient.
  * Eliminated SExprRef.
  * Simplified futures.
  * Fixed documentation.
  * Compute dominator and post dominator trees.

llvm-svn: 217556
2014-09-10 22:12:52 +00:00
Fariborz Jahanian 6485fe4b07 Objective-C. Under a special flag, -Wcstring-format-directive,
off by default, issue a warning if %s directive is used in
certain CF/NS formatting APIs, to assist user in deprecating
use of such %s in these APIs. rdar://18182443

llvm-svn: 217467
2014-09-09 23:10:54 +00:00
Hans Wennborg c597b4c529 MS format strings: parse the 'Z' printf conversion specifier (PR20808)
llvm-svn: 217326
2014-09-07 03:03:51 +00:00
Hans Wennborg 1b23158ce4 MS format strings: allow the 'h' length modifier with C, C, s and S (PR20808)
llvm-svn: 217196
2014-09-04 21:39:52 +00:00
Hans Wennborg 68f42b9515 MS format strings: support the 'w' length modifier (PR20808)
llvm-svn: 217195
2014-09-04 21:39:46 +00:00
Ed Schouten ca98874943 Allow a scoped lockable object to acquire/release multiple locks.
Scoped lockable objects (mutex guards) are implemented as if it is a
lock itself that is acquired upon construction and unlocked upon
destruction. As it if course needs to be used to actually lock down
something else (a mutex), it keeps track of this knowledge through its
underlying mutex field in its FactEntry.

The problem with this approach is that this only allows us to lock down
a single mutex, so extend the code to use a vector of underlying
mutexes. This, however, makes the code a bit more complex than
necessary, so subclass FactEntry into LockableFactEntry and
ScopedLockableFactEntry and move all the logic that differs between
regular locks and scoped lockables into member functions.

llvm-svn: 217016
2014-09-03 06:00:11 +00:00
Nico Weber ce069f11f9 Add a comment, no functional change.
llvm-svn: 216777
2014-08-29 21:05:44 +00:00
David Blaikie e90195c09b unique_ptrify the result of CFG::buildCFG/CFGBuilder::buildCFG
llvm-svn: 216755
2014-08-29 18:53:26 +00:00
Richard Trieu abf6ec45cd More -Wuninitialized updates
Fix r216438 to catch more complicated self-initialized in std::move.  For
instance, "Foo f = std::move(cond ? OtherFoo : (UNUSED_VALUE, f));"

Make sure that BinaryConditionalOperator, ConditionalOperator, BinaryOperator
with comma operator, and OpaqueValueExpr perform the correct usage forwarding
across the three uninitialized value checkers.

llvm-svn: 216627
2014-08-27 22:15:10 +00:00
Ted Kremenek eeccb30b94 Add support for the static analyzer to synthesize function implementations from external model files.
Currently the analyzer lazily models some functions using 'BodyFarm',
which constructs a fake function implementation that the analyzer
can simulate that approximates the semantics of the function when
it is called.  BodyFarm does this by constructing the AST for
such definitions on-the-fly.  One strength of BodyFarm
is that all symbols and types referenced by synthesized function
bodies are contextual adapted to the containing translation unit.
The downside is that these ASTs are hardcoded in Clang's own
source code.

A more scalable model is to allow these models to be defined as source
code in separate "model" files and have the analyzer use those
definitions lazily when a function body is needed.  Among other things,
it will allow more customization of the analyzer for specific APIs
and platforms.

This patch provides the initial infrastructure for this feature.
It extends BodyFarm to use an abstract API 'CodeInjector' that can be
used to synthesize function bodies.  That 'CodeInjector' is
implemented using a new 'ModelInjector' in libFrontend, which lazily
parses a model file and injects the ASTs into the current translation
unit.  

Models are currently found by specifying a 'model-path' as an
analyzer option; if no path is specified the CodeInjector is not
used, thus defaulting to the current behavior in the analyzer.

Models currently contain a single function definition, and can
be found by finding the file <function name>.model.  This is an
initial starting point for something more rich, but it bootstraps
this feature for future evolution.

This patch was contributed by Gábor Horváth as part of his
Google Summer of Code project.

Some notes:

- This introduces the notion of a "model file" into
  FrontendAction and the Preprocessor.  This nomenclature
  is specific to the static analyzer, but possibly could be
  generalized.  Essentially these are sources pulled in
  exogenously from the principal translation.

  Preprocessor gets a 'InitializeForModelFile' and
  'FinalizeForModelFile' which could possibly be hoisted out
  of Preprocessor if Preprocessor exposed a new API to
  change the PragmaHandlers and some other internal pieces.  This
  can be revisited.

  FrontendAction gets a 'isModelParsingAction()' predicate function
  used to allow a new FrontendAction to recycle the Preprocessor
  and ASTContext.  This name could probably be made something
  more general (i.e., not tied to 'model files') at the expense
  of losing the intent of why it exists.  This can be revisited.

- This is a moderate sized patch; it has gone through some amount of
  offline code review.  Most of the changes to the non-analyzer
  parts are fairly small, and would make little sense without
  the analyzer changes.

- Most of the analyzer changes are plumbing, with the interesting
  behavior being introduced by ModelInjector.cpp and
  ModelConsumer.cpp.

- The new functionality introduced by this change is off-by-default.
  It requires an analyzer config option to enable.

llvm-svn: 216550
2014-08-27 15:14:15 +00:00
Craig Topper 5fc8fc2d31 Simplify creation of a bunch of ArrayRefs by using None, makeArrayRef or just letting them be implicitly created.
llvm-svn: 216528
2014-08-27 06:28:36 +00:00
Richard Trieu 11fd079b6e Passing a variable to std::move now counts as a use for -Wuninitialized
llvm-svn: 216438
2014-08-26 04:30:55 +00:00
Aaron Ballman b00885898e Adding const-qualifiers to auto declarations. NFC.
llvm-svn: 215704
2014-08-15 12:29:39 +00:00
DeLesley Hutchins eb0ea5f40a Thread safety analysis: add -Wthread-safety-verbose flag, which adds additional notes that are helpful when compiling statistics on thread safety warnings.
llvm-svn: 215677
2014-08-14 21:40:15 +00:00
DeLesley Hutchins 4133b13bd2 Thread Safety Analysis: fix to improve handling of references to guarded
data members and range based for loops.

llvm-svn: 215671
2014-08-14 19:17:06 +00:00
Artyom Skrobov a208a73390 Use the proper post-order traversal in LiveVariables analysis,
to recover the performance after r214064.

Also sorts out the naming for PostOrderCFGView, ReversePostOrderCFGView,
BackwardDataflowWorklist and ForwardDataflowWorklist, to match the accepted
terminology.

Also unifies BackwardDataflowWorklist and ForwardDataflowWorklist to share
the "worklist for prioritization, post-order traversal for fallback" logic,
and to avoid repetitive sorting.

Also cleans up comments in the affected area.

llvm-svn: 215650
2014-08-14 16:04:47 +00:00
Benjamin Kramer 2f5db8b3db Header guard canonicalization, clang part.
Modifications made by clang-tidy with minor tweaks.

llvm-svn: 215557
2014-08-13 16:25:19 +00:00
NAKAMURA Takumi 6b0fe34cc5 clangAnalysis: Avoid member initializers in TempDtorContext to appease msc17.
llvm-svn: 215193
2014-08-08 09:51:07 +00:00
Manuel Klimek deb0262a5e Fix branch reachabiliy annotation for temp dtor branches.
As we only create temp dtor decision branches when a temp dtor needs to
be run (as opposed to for each logical branch in the original
expression), we must include the information about all previous logical
branches when we annotate the temp dtor decision branch.

llvm-svn: 215188
2014-08-08 07:37:13 +00:00
Manuel Klimek edf925b935 Mark successors as reachable/unreachable instead of changing the CFG.
As suggested by Ted, this makes a few warnings less aggressive.

llvm-svn: 215128
2014-08-07 18:44:19 +00:00
Manuel Klimek cadc603e91 Fix CFG for temporary dtors when the branch taken is known.
Use the parent context when visiting temporaries when we do not insert a
temporary dtor decision branch.

llvm-svn: 215120
2014-08-07 17:02:21 +00:00
Manuel Klimek 7c03013c8b Model temporary destructors from logical operators with known values.
If the truth value of a LHS is known, we can build the knowledge whether
a temporary destructor is executed or not into the CFG. This is needed
by the return type analysis.

llvm-svn: 215118
2014-08-07 16:05:51 +00:00
Manuel Klimek 0ce9108104 Only have one path in the CFG for ternaries if the condition is known.
The return type analysis requires that the CFG is simplified when the
truth values of branches are statically known at analysis time.

llvm-svn: 215114
2014-08-07 14:25:43 +00:00
Manuel Klimek b5616c9f8d Re-applying r214962.
Changes to the original patch:
- model the CFG for temporary destructors in conditional operators so that
  the destructors of the true and false branch are always exclusive. This
  is necessary because we must not have impossible paths for the path
  based analysis to work.
- add multiple regression tests with ternary operators

Original description:
Fix modelling of non-lifetime-extended temporary destructors in the
analyzer.

Changes to the CFG:
When creating the CFG for temporary destructors, we create a structure
that mirrors the branch structure of the conditionally executed
temporary constructors in a full expression.
The branches we create use a CXXBindTemporaryExpr as terminator which
corresponds to the temporary constructor which must have been executed
to enter the destruction branch.

2. Changes to the Analyzer:
When we visit a CXXBindTemporaryExpr we mark the CXXBindTemporaryExpr as
executed in the state; when we reach a branch that contains the
corresponding CXXBindTemporaryExpr as terminator, we branch out
depending on whether the corresponding CXXBindTemporaryExpr was marked
as executed.

llvm-svn: 215096
2014-08-07 10:42:17 +00:00
Rui Ueyama a89f9c8fdb Revert "Fix modelling of non-lifetime-extended temporary destructors in the analyzer."
This reverts commit r214962 because after the change the
following code doesn't compile with -Wreturn-type -Werror.

  #include <cstdlib>

  class NoReturn {
  public:
    ~NoReturn() __attribute__((noreturn)) { exit(1); }
  };

  int check() {
    true ? NoReturn() : NoReturn();
  }

llvm-svn: 214998
2014-08-06 22:01:54 +00:00
Manuel Klimek d9b4ad6e1f Fix modelling of non-lifetime-extended temporary destructors in the analyzer.
1. Changes to the CFG:
When creating the CFG for temporary destructors, we create a structure
that mirrors the branch structure of the conditionally executed
temporary constructors in a full expression.
The branches we create use a CXXBindTemporaryExpr as terminator which
corresponds to the temporary constructor which must have been executed
to enter the destruction branch.

2. Changes to the Analyzer:
When we visit a CXXBindTemporaryExpr we mark the CXXBindTemporaryExpr as
executed in the state; when we reach a branch that contains the
corresponding CXXBindTemporaryExpr as terminator, we branch out
depending on whether the corresponding CXXBindTemporaryExpr was marked
as executed.

llvm-svn: 214962
2014-08-06 12:45:51 +00:00
NAKAMURA Takumi 13a4f76d51 ThreadSafety.cpp: Prune bogus \param(s). [-Wdocumentation]
llvm-svn: 214796
2014-08-04 22:48:46 +00:00
NAKAMURA Takumi e9882cf315 ThreadSafetyAnalysis: Fix annotations in class members. [-Wdocumentation]
llvm-svn: 214795
2014-08-04 22:48:36 +00:00
DeLesley Hutchins 3efd0495a0 Thread Safety Analysis: add a -Wthread-safety-negative flag that warns whenever
a mutex is acquired, but corresponding mutex is not provably not-held.  This
is based on the earlier negative requirements patch.

llvm-svn: 214789
2014-08-04 22:13:06 +00:00
DeLesley Hutchins 4266522ab9 Thread safety analysis: Add support for negative requirements, which are
capability expressions of the form !expr, and denote a capability that must
not be held.

llvm-svn: 214725
2014-08-04 16:10:59 +00:00
Manuel Klimek b0042c414e Fix some cases of incorrect handling of lifetime extended temporaries.
MaterializeTemporaryExpr already contains information about the lifetime
of the temporary; if the lifetime is not the full statement, we do not
want to emit a destructor at the end of the full statement for it.

llvm-svn: 214292
2014-07-30 08:34:42 +00:00
DeLesley Hutchins ea1f83385f Thread Safety Analysis: Replace the old and broken SExpr with the new
til::SExpr.  This is a large patch, with many small changes to pretty printing
and expression lowering to make the new SExpr representation equivalent in
functionality to the old.

llvm-svn: 214089
2014-07-28 15:57:27 +00:00
Artyom Skrobov 12ce6d91a1 Factoring DataflowWorklist out of LiveVariables and UninitializedValues analyses
llvm-svn: 214064
2014-07-28 08:47:38 +00:00
Richard Smith 4137af286f When looking for temporary dtors while building the CFG, do not walk into
lambda expressions (other than their capture initializers) nor blocks. Do walk
into default argument expressions and default initializer expressions.

These bugs were causing us to produce broken CFGs whenever a lambda expression
was used to initialize a libstdc++ std::function object!

llvm-svn: 214050
2014-07-27 05:12:49 +00:00
NAKAMURA Takumi 04b8b37f56 Prune Redundant libdeps in CMake's target_link_libraries and LLVMBuild.txt.
I checked this with Release+Asserts on x86_64-mingw32. Please restore partially if this were overkill.

llvm-svn: 213064
2014-07-15 11:37:03 +00:00
NAKAMURA Takumi 23b702c8de [CMake] Update libdeps.
llvm-svn: 212920
2014-07-14 05:01:53 +00:00
NAKAMURA Takumi 4a070dc428 [CMake] Reorder libdeps by alphabetical order.
llvm-svn: 212919
2014-07-14 04:59:27 +00:00
Anna Zaks a6fea1386f Fix a crash in Retain Count checker error reporting
Fixes a crash in Retain Count checker error reporting logic by handing
the allocation statement retrieval from a BlockEdge program point.

Also added a simple CFG dump routine for debugging.

llvm-svn: 210960
2014-06-13 23:47:38 +00:00
Richard Smith d88b44d444 PR19996: don't crash if -Wuninitialized sees a c++1y lambda init-capture.
llvm-svn: 210615
2014-06-11 00:31:00 +00:00
Richard Trieu ddd01cec0e Removing an "if (this == nullptr)" check from two print methods. The condition
will never be true in a well-defined context.  The checking for null pointers
has been moved into the caller logic so it does not rely on undefined behavior.

llvm-svn: 210498
2014-06-09 22:53:25 +00:00
DeLesley Hutchins b603192124 Thread Safety Analysis: implement review suggestions from Aaron Ballman.
llvm-svn: 209847
2014-05-29 21:24:16 +00:00
DeLesley Hutchins 44be81b5a9 Thread Safety Analysis: update TIL traversal mechanism to allow arbitrary
local contexts.  Also includes some minor refactoring.

llvm-svn: 209774
2014-05-28 21:28:13 +00:00
Nikola Smiljanic a9c452121a Fix line endings.
llvm-svn: 209727
2014-05-28 11:19:43 +00:00
Richard Trieu c771d5d79f Move the logic for testing for namespace std into one location. This check can
be performed by using Decl::isInStdNamespace or DeclContext::isStdNamespace

llvm-svn: 209708
2014-05-28 02:16:01 +00:00
Manuel Klimek 5fbdc93d97 Make dead return statement detection more robust against changes in the CFG.
This change is a precondition to the proposed change to handle temporary
dtors correctly.

The idea is to explicitly search for the next return that doesn't have other
paths into it (that is, if the current block is dead, the block containing the
return must be dead, too). Thus, introducing non-control-flow block
transitions will not break the logic.

llvm-svn: 209531
2014-05-23 17:09:56 +00:00
Jordan Rose 7afd71e4ff Add a check for tautological bitwise comparisons to -Wtautological-compare.
This catches issues like:

if ((x & 8) == 4) { ... }
if ((x | 4) != 3) { ... }

Patch by Anders Rönnholm!

llvm-svn: 209221
2014-05-20 17:31:11 +00:00
Craig Topper 2554294321 [C++11] Use 'nullptr'. Analysis edition.
llvm-svn: 209191
2014-05-20 04:30:07 +00:00
DeLesley Hutchins f4b5e7c60f Thread Safety Analysis: add new node types to thread safety TIL.
This fills in a few missing gaps in functionality.

llvm-svn: 208830
2014-05-15 00:50:36 +00:00
Aaron Ballman 9ee54d119c Converting some for loops to use range-based for loops. No functional changes intended.
llvm-svn: 208810
2014-05-14 20:42:13 +00:00
Aaron Ballman 59a72b93a2 Amending r208783 based on a suggestion by David Blaikie.
llvm-svn: 208800
2014-05-14 18:32:59 +00:00
Aaron Ballman 42f9a8a7f9 Replacing some manual iterations with standard algorithms. No functional changes intended.
llvm-svn: 208783
2014-05-14 15:01:43 +00:00
Aaron Ballman 2f3fc6badd Formatting and style changes; no functional changes intended.
llvm-svn: 208774
2014-05-14 13:03:55 +00:00
Aaron Ballman 0c6a14ca82 Amending r208439 to remove buildLExpr; this code isn't strictly required yet, and fixes a dead code warning.
llvm-svn: 208440
2014-05-09 18:44:48 +00:00
Aaron Ballman 7c192b452f Add the ability to use logical expressions for capability attributes. This is to allow requirements to be expressed not just in terms of lists, but in terms of logical expressions. Eg)
void foo(void) __attribute__((requires_capability((FlightControl || Worker) && !Logger)));

This is WIP code.

llvm-svn: 208439
2014-05-09 18:26:23 +00:00
Benjamin Kramer a7bcab75d2 ThreadSafetyAnalysis: Don't crash when trying to analyze objc methods.
The thread safety analysis isn't very useful in ObjC (you can't annotate
ObjC classes or methods) but we can still analyze the actual code and
show violations in usage of C/C++ functions.

Fixes PR19541, which does not use thread safety attributes but crashes
with -Weverything.

llvm-svn: 208436
2014-05-09 17:08:01 +00:00
Manuel Klimek b33bded176 Explicitly keep track of temporaries during the consumed analysis.
This makes the consumed analysis less dependent on the CFG layout and fixes
a bug where we wouldn't warn on an unconsumed value.

llvm-svn: 208300
2014-05-08 11:50:00 +00:00
Manuel Klimek 75f34c1386 Fix handling of condition variables in the face of temp dtors.
The assignment needs to be before the destruction of the temporary.
This patch calls out to addStmt, which invokes VisitDeclStmt, which has
all the correct logic for handling temporaries.

llvm-svn: 207985
2014-05-05 18:21:06 +00:00
Nico Weber b0f9e4ace7 Remove unused typedef found by gcc's -Wunused-local-typedefs.
llvm-svn: 207870
2014-05-02 21:22:21 +00:00
Hans Wennborg 802df13e4d Fix bad comment from r207573.
llvm-svn: 207854
2014-05-02 18:12:30 +00:00
Aaron Ballman a82eaa70f1 Updated the attribute tablegen emitter for variadic arguments to emit a range accessor in addition to the iterators. Updated code using iterators to use range-based for loops.
llvm-svn: 207837
2014-05-02 13:35:42 +00:00
Aaron Ballman 73b3651e9d Renaming the CallableState variadic attribute argument to be CallableStates. No functional changes intended.
llvm-svn: 207836
2014-05-02 13:17:57 +00:00
Hans Wennborg df51ee6c50 scanf analysis: handle scanlists that start with ^] (PR19559)
llvm-svn: 207573
2014-04-29 19:42:27 +00:00
Aaron Ballman 35897d97a3 Renaming range-based for loop variables so they don't appear iterator-like.
llvm-svn: 207422
2014-04-28 14:56:59 +00:00
Aaron Ballman fe46e62e99 [C++11] Converting to range-based for loops. No functional changes intended.
llvm-svn: 207416
2014-04-28 13:01:32 +00:00
Aaron Ballman 8e8026d5b3 Replacing a naked pointer with a unique_ptr. No functional changes intended.
llvm-svn: 206986
2014-04-23 14:26:59 +00:00
Aaron Ballman bf58a6a892 Updated to be a bit more const friendly. Also switched the linkage to be static since this function is file-local. No functional changes intended.
llvm-svn: 206982
2014-04-23 13:58:21 +00:00
DeLesley Hutchins f1a311653a Thread safety analysis: add array operations to SExpr.
llvm-svn: 206907
2014-04-22 17:31:23 +00:00
DeLesley Hutchins 7834001496 Thread safety analysis: fix warning.
llvm-svn: 206899
2014-04-22 14:51:04 +00:00
Chandler Carruth 1034666777 [Modules] Fix potential ODR violations by sinking the DEBUG_TYPE
definition below all of the header #include lines, clang edition.

If you want more details about this, you can see some of the commits to
Debug.h in LLVM recently. This is just the clang section of a cleanup
I've done for all uses of DEBUG_TYPE in LLVM.

llvm-svn: 206849
2014-04-22 03:17:02 +00:00
DeLesley Hutchins f8b412adbb Thread safety analysis: misc updates to SExpr handling. Fix to minimal SSA,
function parameters, and compound assignment.

llvm-svn: 206827
2014-04-21 23:18:18 +00:00
DeLesley Hutchins a9db0019a2 Thread Safety Analysis: Convert to minimal SSA.
llvm-svn: 206681
2014-04-19 03:54:41 +00:00
DeLesley Hutchins ae497deddf Thread Safety Analysis: Update SSA pass to handle loops.
llvm-svn: 206676
2014-04-19 00:35:54 +00:00
Aaron Ballman 0491afaf5f Updating to use more range-based for loops, nullptr and auto. No functional changes.
llvm-svn: 206590
2014-04-18 13:13:15 +00:00
Aaron Ballman e80bfcd048 Making some public members into private members. This also introduces a bit more const-correctness, and now uses some range-based for loops. No functional changes intended.
llvm-svn: 206503
2014-04-17 21:44:08 +00:00
Aaron Ballman ed5aced64e Since the object is new'ed in the enterCFG function, now deleting in the exitCFG function instead of the destructor to ensure proper pairing. This allows reuse of the builder without creating a memory leak.
llvm-svn: 206471
2014-04-17 15:23:50 +00:00
Ted Kremenek 6f375e5604 -Wunreachable-code: refine recognition of unreachable "sigil" to cope with implicit casts in C++.
Fixes <rdar://problem/16631033>.

llvm-svn: 206360
2014-04-16 07:26:09 +00:00
DeLesley Hutchins aab9aff058 Thread Safety Analysis: rewrite SSA pass to use the new SExpr and CFG
traversal system.  The new pass is still undergoing testing; no change in
functionality.

llvm-svn: 206338
2014-04-15 23:23:19 +00:00
Richard Trieu e729d9b598 Fix typo from r206232
llvm-svn: 206234
2014-04-15 01:06:38 +00:00
Richard Trieu e9fa266cba Fix a bad interaction between -Wtautological-overlap-compare and delayed
diagnostics which caused delayed diagnostics on dead paths to be emitted.

llvm-svn: 206232
2014-04-15 00:57:50 +00:00
DeLesley Hutchins 7e615c2f65 Thread Safety Analysis: reorganized SExpr header files. No change in
functionality.

llvm-svn: 205936
2014-04-09 22:39:43 +00:00
Aaron Ballman 28347a72c9 Thread Safety Analysis: now with less includes. No functional changes.
llvm-svn: 205929
2014-04-09 21:12:04 +00:00
Aaron Ballman 3f993c1320 Thread Safety Analysis: some minor cleanups to the latest thread safety changes. No functional changes intended.
* Adds an iterator_range interface to CallExpr to get the arguments
* Modifies SExpr such that it must be allocated in the Arena, and cannot be deleted
* Minor const-correctness and nullptr updates
* Adds some operator!= implementations to complement operator==
* Removes unused functionality

llvm-svn: 205915
2014-04-09 17:45:44 +00:00
DeLesley Hutchins f7813c56b4 Thread Safety Analysis. Misc fixes to SExpr code, responding to code review
by Aaron Ballman.

llvm-svn: 205809
2014-04-08 22:21:22 +00:00
DeLesley Hutchins 11bb308739 Thread Safety Analysis: various fixes to new SExpr code.
Implemented ownership policy, updated to use nullptr, const-cleanup.

llvm-svn: 205745
2014-04-07 22:56:24 +00:00
DeLesley Hutchins b2213910de Thread Safety Analysis: update to internal SExpr handling.
This patch is the first part of a significant refactoring that seeks to restore
sanity to way thread safety analysis deals with capability expressions.  The
current patch merely provides an outline of the structure of the new system.
It's not yet connected to the actual analysis, so there's no change in
functionality.

llvm-svn: 205728
2014-04-07 18:09:54 +00:00
Richard Trieu f935b562b9 Add a new subgroup to -Wtautological-compare, -Wtautological-overlap-compare,
which warns on compound conditionals that always evaluate to the same value.
For instance, (x > 5 && x < 3) will always be false since no value for x can
satisfy both conditions.

This patch also changes the CFG to use these tautological values for better
branch analysis.  The test for -Wunreachable-code shows how this change catches
additional dead code.

Patch by Anders Rönnholm.

llvm-svn: 205665
2014-04-05 05:17:01 +00:00
Aaron Ballman e044904301 Updating the capability attribute diagnostics to be more capability-neutral. Instead of using terminology such as "lock", "unlock" and "locked", the new terminology is "acquire", "release" and "held". Additionally, the capability attribute's name argument is now reported as part of the diagnostic, instead of hard coding as "mutex."
llvm-svn: 205359
2014-04-01 21:43:23 +00:00
Jordan Rose 398fb00e1e [analyzer] Fix a CFG printing bug.
Also, add several destructor-related tests. Most of them don't work yet, but it's
good to have them recorded.

Patch by Alex McCarthy!

llvm-svn: 205326
2014-04-01 16:39:33 +00:00
Ted Kremenek ab57a1555a [-Wunreachable-code] Expand paren-suppression heuristic to C++/ObjC bools.
llvm-svn: 205074
2014-03-29 04:49:20 +00:00
Ted Kremenek ec3bbf4933 Improve -Wunreachable-code to provide a means to indicate code is intentionally marked dead via if((0)).
Taking a hint from -Wparentheses, use an extra '()' as a sigil that
a dead condition is intentionally dead.  For example:

  if ((0)) { dead }

When this sigil is found, do not emit a dead code warning.  When the
analysis sees:

  if (0)

it suggests inserting '()' as a Fix-It.

llvm-svn: 205069
2014-03-29 00:35:20 +00:00
Nuno Lopes fb744589bc remove a bunch of unused private methods
found with a smarter version of -Wunused-member-function that I'm playwing with.
Appologies in advance if I removed someone's WIP code.

 ARCMigrate/TransProperties.cpp                  |    8 -----
 AST/MicrosoftMangle.cpp                         |    1 
 Analysis/AnalysisDeclContext.cpp                |    5 ---
 Analysis/LiveVariables.cpp                      |   14 ----------
 Index/USRGeneration.cpp                         |   10 -------
 Sema/Sema.cpp                                   |   33 +++++++++++++++++++++---
 Sema/SemaChecking.cpp                           |    3 --
 Sema/SemaDecl.cpp                               |   20 ++------------
 StaticAnalyzer/Checkers/GenericTaintChecker.cpp |    1 
 9 files changed, 34 insertions(+), 61 deletions(-)

llvm-svn: 204561
2014-03-23 17:12:37 +00:00
Aaron Ballman df115d9bf3 The release_capability, release_shared_capability and release_generic_capability functions are now functionally distinct for capability analysis. The unlock_function attribute maps directly to release_generic_capability.
llvm-svn: 204469
2014-03-21 14:48:48 +00:00
Ted Kremenek 1421037ece [-Wunreachable-code] add a specialized diagnostic for unreachable increment expressions of loops.
llvm-svn: 204430
2014-03-21 06:02:36 +00:00
DeLesley Hutchins d7fa5bd431 Consumed Analysis: IgnoreParens bugfix.
llvm-svn: 204395
2014-03-20 20:39:20 +00:00
Ted Kremenek d4576318b4 [-Wunreachable-code] Tweak isTrivialDoWhile() to handle implicit casts.
llvm-svn: 204376
2014-03-20 18:47:53 +00:00
Aaron Ballman 18d85aed39 Replacing the exclusive_lock_function, shared_lock_function and unlock_function attributes with the acquire_capability and release_capability attributes. The old spellings will continue to work, but the underlying semantic attributes have been replaced.
Downgraded the capability diagnostics from error to warning to match the desired behavior, and updated the existing test cases.

llvm-svn: 204350
2014-03-20 16:02:49 +00:00
Ted Kremenek f5ae0bc671 [-Wunreachable-code] Look through member accesses for 'static const bool' configuration values.
llvm-svn: 204315
2014-03-20 06:44:35 +00:00
Ted Kremenek 2766ad27e8 [-Wunreachable-code] constexpr functions can be used as configuration values.
llvm-svn: 204308
2014-03-20 06:07:35 +00:00
Ted Kremenek f3c93bb61b [-Wunreachable-code] Simplify and broad -Wunreachable-code-return, including nontrivial returns.
The exception is return statements that include control-flow,
which are clearly doing something "interesting".

99% of the cases I examined for -Wunreachable-code that fired
on return statements were not interesting enough to warrant
being in -Wunreachable-code by default.  Thus the move to
include them in -Wunreachable-code-return.

This simplifies a bunch of logic, including removing the ad hoc
logic to look for std::string literals.

llvm-svn: 204307
2014-03-20 06:07:30 +00:00
Jordan Rose 177b0a3600 scanf format checking: include the buffer length in the fix-it for %s.
Patch by Zach Davis!

llvm-svn: 204300
2014-03-20 03:32:39 +00:00
Aaron Ballman c7e4e219b5 [C++11] Replacing CompoundStmt iterators body_begin() and body_end() with iterator_range body(). Updating all of the usages of the iterators with range-based for loops.
llvm-svn: 204040
2014-03-17 14:19:37 +00:00
Benjamin Kramer 8cef8867ee Remove dead functions from unreachable code analysis.
llvm-svn: 204004
2014-03-15 10:20:49 +00:00
Ted Kremenek 9dfe400dc2 -Wunreachable-code: treat 'const bool' locals as control values.
llvm-svn: 204001
2014-03-15 06:47:45 +00:00
Ted Kremenek ad8753c00e Further refine -Wunreachable-code groups so that -Wno-unreachable-code-break doesn't turn off all unreachable code warnings.
Also relax unreachable 'break' and 'return' to not check for being
preceded by a call to 'noreturn'.  That turns out to not be so
interesting in practice.

llvm-svn: 204000
2014-03-15 05:47:06 +00:00
Ted Kremenek 1a8641c1e7 Start breaking -Wunreachable-code up into different diagnostic groups.
Recent work on -Wunreachable-code has focused on suppressing uninteresting
unreachable code that center around "configuration values", but
there are still some set of cases that are sometimes interesting
or uninteresting depending on the codebase.  For example, a dead
"break" statement may not be interesting for a particular codebase,
potentially because it is auto-generated or simply because code
is written defensively.

To address these workflow differences, -Wunreachable-code is now
broken into several diagnostic groups:

-Wunreachable-code: intended to be a reasonable "default" for
most users.

and then other groups that turn on more aggressive checking:

-Wunreachable-code-break: warn about dead break statements

-Wunreachable-code-trivial-return: warn about dead return statements
that return "trivial" values (e.g., return 0).  Other return
statements that return non-trivial values are still reported
under -Wunreachable-code (this is an area subject to more refinement).

-Wunreachable-code-aggressive: supergroup that enables all these
groups.

The goal is to eventually make -Wunreachable-code good enough to
either be in -Wall or on-by-default, thus finessing these warnings
into different groups helps achieve maximum signal for more users.

TODO: the tests need to be updated to reflect this extra control
via diagnostic flags.

llvm-svn: 203994
2014-03-15 01:26:32 +00:00
Aaron Ballman 9371dd2287 [C++11] Replacing BlockDecl iterators capture_begin() and capture_end() with iterator_range captures(). Updating all of the usages of the iterators with range-based for loops.
llvm-svn: 203958
2014-03-14 18:34:04 +00:00
Aaron Ballman 535bbcccb1 [C++11] Replacing DeclStmt iterators decl_begin() and decl_end() with iterator_range decls(). Updating all of the usages of the iterators with range-based for loops.
llvm-svn: 203947
2014-03-14 17:01:24 +00:00
Aaron Ballman d85eff49a3 [C++11] Replacing ObjCCategoryDecl iterators propimpl_begin() and propimpl_end() with iterator_range property_impls(). Updating all of the usages of the iterators with range-based for loops.
llvm-svn: 203930
2014-03-14 15:02:45 +00:00
Craig Topper b45acb8a16 [C++11] Add 'override' keyword to virtual methods that override their base class.
llvm-svn: 203893
2014-03-14 06:02:07 +00:00
Aaron Ballman 0ad78303de [C++11] Replacing CXXRecordDecl iterators init_begin() and init_end() with iterator_range inits(). Updating all of the usages of the iterators with range-based for loops.
llvm-svn: 203819
2014-03-13 17:34:31 +00:00
Aaron Ballman 445a939db8 [C++11] Replacing CXXRecordDecl iterators vbases_begin() and vbases_end() with iterator_range vbases(). Updating all of the usages of the iterators with range-based for loops.
llvm-svn: 203808
2014-03-13 16:15:17 +00:00
Aaron Ballman 574705ed7f [C++11] Replacing CXXRecordDecl iterators bases_begin() and bases_end() with iterator_range bases(). Updating all of the usages of the iterators with range-based for loops.
llvm-svn: 203803
2014-03-13 15:41:46 +00:00
DeLesley Hutchins d1c9b37db9 Thread safety analysis: move smart pointer checks from -Wthread-safety-beta
to -Wthread-safety.

llvm-svn: 203510
2014-03-10 23:03:49 +00:00
Aaron Ballman be22bcb180 [C++11] Replacing DeclBase iterators specific_attr_begin() and specific_attr_end() with iterator_range specific_attrs(). Updating all of the usages of the iterators with range-based for loops.
llvm-svn: 203474
2014-03-10 17:08:28 +00:00
Ahmed Charles dfca6f97bc [C++11] Replace OwningPtr include with <memory>.
llvm-svn: 203389
2014-03-09 11:36:40 +00:00
Ted Kremenek 2dd810a331 [-Wunreachable-code] Handle Objective-C bool literals in 'isConfigurationValue'.
This includes special casing 'YES' and 'NO', which are constants
defined as macros.

llvm-svn: 203380
2014-03-09 08:13:49 +00:00
Ted Kremenek c980afc578 [-Wunreachable-code] Tweak heuristic for configuration values to include arithmetic operations involving sizeof(), but not raw integers.
This case was motivated by a false positive with the
llvm::AlignOf<> specialization in LLVM.

llvm-svn: 203363
2014-03-08 23:20:11 +00:00
Aaron Ballman e8a8baef44 [C++11] Replacing RecordDecl iterators field_begin() and field_end() with iterator_range fields(). Updating all of the usages of the iterators with range-based for loops.
llvm-svn: 203355
2014-03-08 20:12:42 +00:00
Ted Kremenek efea63450b [-Wunreachabe-code] Don't warn about unreachable destructors for temporaries.
This can possibly be refined later, but right now the experience
is so incomprehensible for a user to understand what is going on
this isn't a useful warning.

llvm-svn: 203336
2014-03-08 02:22:32 +00:00
Ted Kremenek fcc1417fad Fix CFG bug where the 'isTemporaryDtorsBranch' bit was silently lost for terminators.
llvm-svn: 203335
2014-03-08 02:22:29 +00:00
Ted Kremenek ff909f907c [CFG] Record would-be successor for noreturn destructor.
llvm-svn: 203334
2014-03-08 02:22:25 +00:00
Ted Kremenek 04bfbeea04 [-Wunreachable-code] Handle 'return' with no argument dominated by 'noreturn' function.
llvm-svn: 203333
2014-03-08 02:22:23 +00:00
Benjamin Kramer 4cadf292a5 [C++11] Revert uses of lambdas with array_pod_sort.
Looks like GCC implements the lambda->function pointer conversion differently.

llvm-svn: 203293
2014-03-07 21:51:58 +00:00
Benjamin Kramer 15ae783e14 [C++11] Convert sort predicates into lambdas.
No functionality change.

llvm-svn: 203289
2014-03-07 21:35:40 +00:00
Ted Kremenek 94d1617a1f [-Wunreachable-code] Treat constant globals as configuration values in unreachable code heuristics.
This one could possibly be refined even further; e.g. looking
at the initializer and see if it is truly a configuration value.

llvm-svn: 203283
2014-03-07 20:51:13 +00:00
Ahmed Charles b89843299a Replace OwningPtr with std::unique_ptr.
This compiles cleanly with lldb/lld/clang-tools-extra/llvm.

llvm-svn: 203279
2014-03-07 20:03:18 +00:00
Aaron Ballman 629afaefe0 [C++11] Replacing DeclBase iterators decls_begin() and decls_end() with iterator_range decls(). The same is true for the noload versions of these APIs. Updating all of the usages of the iterators with range-based for loops.
llvm-svn: 203278
2014-03-07 19:56:05 +00:00
Ahmed Charles 9a16beb8bc Change OwningPtr::take() to OwningPtr::release().
This is a precursor to moving to std::unique_ptr.

llvm-svn: 203275
2014-03-07 19:33:25 +00:00
Aaron Ballman f6bf62e2d0 [C++11] Replacing FunctionDecl iterators param_begin() and param_end() with iterator_range params(). Updating all of the usages of the iterators with range-based for loops.
llvm-svn: 203248
2014-03-07 15:12:56 +00:00
Ted Kremenek 7d47cace55 Fix recent regressions in -Wreturn-type caused by heuristics to -Wunreachable-code.
I had forgotten that the same reachability code is used by both -Wreturn-type
and -Wunreachable-code, so the heuristics applied to the latter were indirectly
impacting the former.

To address this, the reachability code is more refactored so that whiled
the logic at its core is shared, the intention of the clients are better
captured and segregated in helper APIs.

Fixes PR19074, and also some false positives reported offline to me
by Nick Lewycky.

llvm-svn: 203209
2014-03-07 07:14:36 +00:00
Ted Kremenek 782f003c62 [-Wunreachable-code] Correctly expand artificial reachability to pruned '&&' and '||' branches involving configuration values.
llvm-svn: 203194
2014-03-07 02:25:53 +00:00
Ted Kremenek c10830b308 [-Wunreachable-code] Teach reachable code analysis heuristics about more literal types.
llvm-svn: 203193
2014-03-07 02:25:50 +00:00
Aaron Ballman 69bb592ad1 Based on usage, the NamedDecl is always set when constructing a CallingContext, but none of the other optional parameters are. Removing the optional parameters, and making the NamedDecl required.
No functional changes intended.

llvm-svn: 203149
2014-03-06 19:37:24 +00:00
Aaron Ballman 19842c437a Refactored to use a simple helper function that wraps the logic of creating an SExprNode and returning the position in which it was inserted.
No functional change intended.

llvm-svn: 203148
2014-03-06 19:25:11 +00:00
Aaron Ballman cea2609b59 Very minor simplification and typo correction; no functional changes intended.
llvm-svn: 203144
2014-03-06 19:10:16 +00:00
Ted Kremenek 6999d02587 [-Wunreachable-code] Refine treating all branches of 'switch' as reachable, which includes those with all cases covered but with no 'default:'.
llvm-svn: 203094
2014-03-06 08:09:00 +00:00
Ted Kremenek ec2dc73e86 [-Wunreachable-code] don't warn about dead 'return <string literal>' dominated by a 'noreturn' call, where literal becomes an std::string.
I have mixed feelings about this one.  It's used all over the codebase,
and is analogous to the current heuristic for ordinary C string literals.

This requires some ad hoc pattern matching of the AST.  While the
test case mirrors what we see std::string in libc++, it's not really
testing the libc++ headers.

llvm-svn: 203091
2014-03-06 06:50:46 +00:00
Ted Kremenek 7549f0f9bf [-Wunreachable-code] Handle idiomatic do...while() with an uninteresting condition.
Sometimes do..while() is used to create a scope that can be left early.
In such cases, the unreachable 'while()' test is not usually interesting
unless it actually does something that is observable.

llvm-svn: 203051
2014-03-06 01:09:45 +00:00
Ted Kremenek 1de2e14f2f [-Wunreachable-code] Handle idiomatic do...while() with an uninteresting condition.
Sometimes do..while() is used to create a scope that can be left early.
In such cases, the unreachable 'while()' test is not usually interesting
unless it actually does something that is observable.

llvm-svn: 203036
2014-03-06 00:17:44 +00:00
Ted Kremenek 0a69cabd35 [-Wunreachable-code] generalize pruning out warning on trivial returns.
Previously we only pruned dead returns preceded by a call to a
'noreturn' function.  After looking at the results of the LLVM codebase,
there are many others that should be pruned as well.

llvm-svn: 203029
2014-03-05 23:46:07 +00:00
Ted Kremenek 01a39b601f [-Wunreachable-code] include some enum constants in "configuration value" heuristic
llvm-svn: 203026
2014-03-05 23:38:41 +00:00
Ted Kremenek 3cdbc39a6e [-Wunreachable-code] generalize configuration value checking to all comparison operators.
llvm-svn: 203016
2014-03-05 22:32:39 +00:00
Ted Kremenek 6d9bb56cd3 [-Wunreachable-code] Don't warn about dead code guarded by a "configuration value".
Some unreachable code is only "sometimes unreachable" because it
is guarded by a configuration value that is determined at compile
time and is always constant.  Sometimes those represent real bugs,
but often they do not.  This patch causes the reachability analysis
to cover such branches even if they are technically unreachable
in the CFG itself.  There are some conservative heuristics at
play here to determine a "configuration value"; these are intended
to be refined over time.

llvm-svn: 202912
2014-03-05 00:01:17 +00:00
David Blaikie 9afd5daea3 Remove some unnecessary qualification
llvm-svn: 202909
2014-03-04 23:39:18 +00:00
Ted Kremenek 5a09527d0d [CFG] Tweak "?:" CFG construction to record the unreachable blocks.
llvm-svn: 202898
2014-03-04 21:53:26 +00:00
Ted Kremenek eb862849a1 [-Wunreachable-code] handle cases where a dead 'return' may have a valid predecessor.
Fies PR19040.

llvm-svn: 202892
2014-03-04 21:41:38 +00:00
Benjamin Kramer 867ea1d426 [C++11] Replace llvm::tie with std::tie.
llvm-svn: 202639
2014-03-02 13:01:17 +00:00
Ted Kremenek 08da97819a [-Wunreachable-code] always treat 'case:' and 'default:' cases as reachable.
This is a heuristic.  Many switch statements, although they look covered
over an enum, may actually handle at runtime more values than in the enum.

This is overly conservative, as there are some cases that clearly
can be ruled as being clearly unreachable, e.g. 'switch (42) { case 1: ... }'.
We can refine this later.

llvm-svn: 202436
2014-02-27 21:56:47 +00:00
Ted Kremenek 9238c5c878 [CFG] record the original (now unreachable) block of 'case:' and 'default:' cases.
llvm-svn: 202435
2014-02-27 21:56:44 +00:00
Ted Kremenek 5441c18824 [-Wunreachable-code] Don't warn about trivially unreachable return statements preceded by 'noreturn' functions.
llvm-svn: 202352
2014-02-27 06:32:32 +00:00
Ted Kremenek 35883155bb [-Wunreachable-code] Don't warn about unreachable 'default:' cases.
They are covered by -Wcovered-switch-default.

llvm-svn: 202349
2014-02-27 05:42:07 +00:00
Ted Kremenek cc893386bc [-Wunreachable-code] Prune out unreachable warnings where a 'break' is preceded by a call to a 'noreturn' function.
For example:

	unreachable();
    break;

This code is idiomatic and defensive.  The fact that 'break' is
unreachable here is not interesting.  This occurs frequently
in LLVM/Clang itself.

llvm-svn: 202328
2014-02-27 00:24:08 +00:00
Ted Kremenek f353919e8e [CFG] encode unreachable block information for would-have-been successors for calls to 'noreturn' functions.
llvm-svn: 202327
2014-02-27 00:24:05 +00:00
Ted Kremenek f389861052 [CFG] Encode unreachable block information for successors when visiting 'if' statements.
llvm-svn: 202326
2014-02-27 00:24:03 +00:00
Ted Kremenek 4b6fee6cc4 Rework CFG edges to encode potentially unreachable edges, instead of just making them NULL.
This is to support some analyses, like -Wunreachable-code, that
will need to recover the original unprunned CFG edges in order
to suppress issues that aren't really bugs in practice.

There are two important changes here:

- AdjacentBlock replaces CFGBlock* for CFG successors/predecessors.
  This has the size of 2 pointers, instead of 1.  This is unlikely
  to have a significant memory impact on Sema since a single
  CFG usually exists at one time, but could impact the memory
  usage of the static analyzer.  This could possibly be optimized
  down to a single pointer with some cleverness.

- Predecessors can now contain null predecessors, which means
  some analyses doing a reverse traversal will need to take into
  account.  This already exists for successors, which contain
  successor slots for specific branch kinds (e.g., 'if') that
  expect a fixed number of successors, even if a branch is
  not reachable.

llvm-svn: 202325
2014-02-27 00:24:00 +00:00
NAKAMURA Takumi 9698686505 [CMake] Use LINK_LIBS instead of target_link_libraries().
llvm-svn: 202238
2014-02-26 06:41:29 +00:00
NAKAMURA Takumi 7da9487dd4 [CMake] Get rid of explicit dependencies to include/clang/*.inc and introduce CLANG_TABLEGEN_TARGETS.
This does;
  - clang_tablegen() adds each tblgen'd target to global property CLANG_TABLEGEN_TARGETS as list.
  - List of targets is added to LLVM_COMMON_DEPENDS.
  - all clang libraries and targets depend on generated headers.

You might wonder this would be regression, but in fact, this is little loss.
  - Almost all of clang libraries depend on tblgen'd files and clang-tblgen.
  - clang-tblgen may cause short stall-out but doesn't cause unconditional rebuild.
  - Each library's dependencies to tblgen'd files might vary along headers' structure.
    It made hard to track and update *really optimal* dependencies.

Each dependency to intrinsics_gen and ClangSACheckers is left as DEPENDS.

llvm-svn: 201842
2014-02-21 07:59:59 +00:00
Reid Kleckner 588c937228 Use llvm::DeleteContainerSeconds when possible
llvm-svn: 201739
2014-02-19 23:44:52 +00:00
Aaron Ballman efe348ec44 DeLesley Hutchins (who wrote the original thread-safety attribute functionality) and I have agreed to start migrating from lock-specific terminology to "capability"-specific terminology. This opens the door for future threading-related analysis passes so that a common nomenclature can be used.
The following attributes have been (silently) deprecated, with their replacements listed:

lockable => capability
exclusive_locks_required => requires_capability
shared_locks_required => requires_shared_capability
locks_excluded => requires_capability

There are no functional changes intended.

llvm-svn: 201585
2014-02-18 17:36:50 +00:00
Anton Yartsev 6a61922239 [analyzer] Improved checker naming in CFG dump.
This implements FIXME from Checker.cpp (FIXME: We want to return the package + name of the checker here.) and replaces hardcoded checker names with the new ones obtained via getCheckName().getName().

llvm-svn: 201525
2014-02-17 18:25:34 +00:00
Alp Toker 314cc81b8c Rename getResultType() on function and method declarations to getReturnType()
A return type is the declared or deduced part of the function type specified in
the declaration.

A result type is the (potentially adjusted) type of the value of an expression
that calls the function.

Rule of thumb:

  * Declarations have return types and parameters.
  * Expressions have result types and arguments.

llvm-svn: 200082
2014-01-25 16:55:45 +00:00
Jordan Rose ddf1966cc3 [analyzer] Tighten up sanity checks on Objective-C property getter synthesis.
If there are non-trivially-copyable types /other/ than C++ records, we
won't have a synthesized copy expression, but we can't just use a simple
load/return.

Also, add comments and shore up tests, making sure to test in both ARC
and non-ARC.

llvm-svn: 199869
2014-01-23 03:59:10 +00:00
Alp Toker 9cacbabd33 Rename FunctionProtoType accessors from 'arguments' to 'parameters'
Fix a perennial source of confusion in the clang type system: Declarations and
function prototypes have parameters to which arguments are supplied, so calling
these 'arguments' was a stretch even in C mode, let alone C++ where default
arguments, templates and overloading make the distinction important to get
right.

Readability win across the board, especially in the casting, ADL and
overloading implementations which make a lot more sense at a glance now.

Will keep an eye on the builders and update dependent projects shortly.

No functional change.

llvm-svn: 199686
2014-01-20 20:26:09 +00:00
DeLesley Hutchins 80a38428e5 Consumed analysis: bugfix for operator calls. Also fixes some formatting
issues, a few testcases, and kills fish.

llvm-svn: 199436
2014-01-16 23:07:16 +00:00
Jordan Rose 6f5f719806 CFG: use Visit instead of VisitStmt to look through parens.
PR18472

llvm-svn: 199227
2014-01-14 17:29:12 +00:00
Jordan Rose a3f2781259 [analyzer] Use synthesized ASTs for property getters when available.
This allows the analyzer to handle properties with C++ class type,
finishing up the FIXME from r198953.

llvm-svn: 199226
2014-01-14 17:29:06 +00:00
DeLesley Hutchins f28bbec90e Consumed analysis: add two new attributes which fine-tune the behavior of
consumable objects.  These are useful for implementing error codes that
must be checked.  Patch also includes some significant refactoring, which was
necesary to implement the new behavior.

llvm-svn: 199169
2014-01-14 00:36:53 +00:00
Jordan Rose c9176072e6 [analyzer] Add a CFG node for the allocator call in a C++ 'new' expression.
In an expression like "new (a, b) Foo(x, y)", two things happen:
- Memory is allocated by calling a function named 'operator new'.
- The memory is initialized using the constructor for 'Foo'.

Currently the analyzer only models the second event, though it has special
cases for both the default and placement forms of operator new. This patch
is the first step towards properly modeling both events: it changes the CFG
so that the above expression now generates the following elements.

1. a
2. b
3. (CFGNewAllocator)
4. x
5. y
6. Foo::Foo

The analyzer currently ignores the CFGNewAllocator element, but the next
step is to treat that as a call like any other.

The CFGNewAllocator element is not added to the CFG for analysis-based
warnings, since none of them take advantage of it yet.

llvm-svn: 199123
2014-01-13 17:59:19 +00:00
Jordan Rose 1a866cd54b [analyzer] Model getters of known-@synthesized Objective-C properties.
...by synthesizing their body to be "return self->_prop;", with an extra
nudge to RetainCountChecker to still treat the value as +0 if we have no
other information.

This doesn't handle weak properties, but that's mostly correct anyway,
since they can go to nil at any time. This also doesn't apply to properties
whose implementations we can't see, since they may not be backed by an
ivar at all. And finally, this doesn't handle properties of C++ class type,
because we can't invoke the copy constructor. (Sema has actually done this
work already, but the AST it synthesizes is one the analyzer doesn't quite
handle -- it has an rvalue DeclRefExpr.)

Modeling setters is likely to be more difficult (since it requires
handling strong/copy), but not impossible.

<rdar://problem/11956898>

llvm-svn: 198953
2014-01-10 20:06:06 +00:00
Chandler Carruth 5553d0d4ca Sort all the #include lines with LLVM's utils/sort_includes.py which
encodes the canonical rules for LLVM's style. I noticed this had drifted
quite a bit when cleaning up LLVM, so wanted to clean up Clang as well.

llvm-svn: 198686
2014-01-07 11:51:46 +00:00
Alp Toker ef6b007dc5 Only mark dump() function definitions 'used' in debug builds
This has the dual effect of (1) enabling more dead-stripping in release builds
and (2) ensuring that debug helper functions aren't stripped away in debug
builds, as they're intended to be called from the debugger.

Note that the attribute is applied to definitions rather than declarations in
headers going forward because it's now conditional on NDEBUG:

  /// \brief Mark debug helper function definitions like dump() that should not be
  /// stripped from debug builds.

Requires corresponding macro added in LLVM r198456.

llvm-svn: 198489
2014-01-04 13:47:14 +00:00
Aaron Ballman ee58e6d6d2 Switching getAttrs calls over to using a specific_attr_iterator. No functional changes intended.
llvm-svn: 197681
2013-12-19 15:35:31 +00:00
Aaron Ballman b06f2ef33c Switched code from using hasAttr followed by getAttr to simply call getAttr directly and check the resulting value. Also fixes some minor formatting issues surrounding the getAttr code.
No functional changes intended.

llvm-svn: 197649
2013-12-19 02:58:51 +00:00
Aaron Ballman 9ead1243a5 Replacing calls to getAttr with calls to hasAttr for clarity. No functional change intended -- this only replaces Boolean uses of getAttr.
llvm-svn: 197648
2013-12-19 02:39:40 +00:00
Richard Trieu c689691618 For -Wconsumed, walk the namespaces to find if the top most namespace is "std"
to determine if a move function is the std::move function.  This allows functions
like std::__1::move to also be treated a the move function.

llvm-svn: 197445
2013-12-17 00:40:40 +00:00
Richard Trieu 31f3a713ae Fix PR18260 - Make std::move handling in -Wconsumed only trigger on std::move
llvm-svn: 197428
2013-12-16 21:41:30 +00:00
Ted Kremenek 5d0fb1ea1c Add CFG tests for switch's involving "extended" enum.
llvm-svn: 197094
2013-12-11 23:44:05 +00:00
NAKAMURA Takumi 65d42bcc2b [CMake] clang/lib: Satisfy dependencies to add *actually used* libraries on target_link_libraries() and LLVM_LINK_COMPONENTS.
I will prune redundant dependencies later.

llvm-svn: 196800
2013-12-09 19:04:43 +00:00
Anna Zaks cf8d2165ff Revert "[analyzer] Refactor conditional expression evaluating code"
This reverts commit r189090.

The original patch introduced regressions (see the added live-variables.* tests). The patch depends on the correctness of live variable analyses, which are not computed correctly. I've opened PR18159 to track the proper resolution to this problem.

The patch was a stepping block to r189746. This is why part of the patch reverts temporary destructor tests that started crashing. The temporary destructors feature is disabled by default.

llvm-svn: 196593
2013-12-06 18:56:29 +00:00
Alp Toker f6a24ce40f Fix a tranche of comment, test and doc typos
llvm-svn: 196510
2013-12-05 16:25:25 +00:00
Alp Toker d473363876 Correct hyphenations in comments and assert messages
This patch tries to avoid unrelated changes other than fixing a few
hyphen-related ambiguities in nearby lines.

llvm-svn: 196466
2013-12-05 04:47:09 +00:00
DeLesley Hutchins 39b804f8a4 Thread safety analysis: fix ICE due to missing null check on dyn_cast.
llvm-svn: 195777
2013-11-26 19:45:21 +00:00
Aaron Ballman ff924b08dd The code using the StmtPrinterHelper object failed to account for a null object in many cases, which could have led to crashes were it ever to be null. Now passing the object by reference instead of by pointer because it is never null in practice. No functional changes intended.
llvm-svn: 195043
2013-11-18 20:11:50 +00:00
DeLesley Hutchins 68cc3f13c2 Consumed analysis: track state of temporary objects.
Earlier versions discarded the state too soon, and did not track state changes,
e.g. when passing a temporary to a move constructor.  Patch by
chris.wailes@gmail.com; review and minor fixes by delesley.

llvm-svn: 194900
2013-11-16 00:22:43 +00:00
DeLesley Hutchins e73d6b605c Thread-safety analysis: check guarded_by and pt_guarded_by on array access.
Currently supported only with -Wthread-safety-beta.

llvm-svn: 194275
2013-11-08 19:42:01 +00:00
DeLesley Hutchins 05b7b37021 Thread safety analysis: minor bugfix to smart pointer handling, and expanded
test case.

llvm-svn: 194157
2013-11-06 18:40:01 +00:00
DeLesley Hutchins 5ede5cc9ba Thread safety analysis: check pt_guarded_by attribute when calling -> and *
on smart pointers.  -Wthread-safety-beta only.

llvm-svn: 194103
2013-11-05 23:09:56 +00:00
Chris Wailes 93edffa8fe Fixed bug with checking the kind of types.
The isLValueReferenceType function checks to see if the QualType's
canonical type is an LValue reference, and not if the QualType
itself is an LValue reference.  This caused a segfault when trying
to cast the QualType's Type to a LValueReference.  This is now
fixed by casting the result of getCanonicalType().

In addition, a test was added to isConsumableType to prevent
segfaults when a type being tested by the analysis is a reference
to a pointer or a pointer to a reference.

llvm-svn: 193751
2013-10-31 15:38:12 +00:00
Chris Wailes 9385f9f7c3 Changed tests_typestate to test_typestate for consistency.
llvm-svn: 193648
2013-10-29 20:28:41 +00:00
Chris Wailes 2dc8c4283b Used OwningPtr to clean up some memory management in Consumed.cpp.
llvm-svn: 193414
2013-10-25 15:33:28 +00:00
Chris Wailes 44930884b7 Replaced duplicate code with calls to forwardInfo.
Also made move constructor handling safer.

llvm-svn: 193347
2013-10-24 14:28:17 +00:00
Jordan Rose 69d0aed6f1 CFG: Properly print delegating initializer CFG elements.
...rather than segfaulting.

Patch by Enrico P!

llvm-svn: 193208
2013-10-22 23:19:47 +00:00
Rafael Espindola 7b56f6c3c2 Simplify some implementations of get*Decl.
* NamedDecl and CXXMethodDecl were missing getMostRecentDecl.
* The const version can just forward to the non const.
* getMostRecentDecl can use cast instead of cast_or_null.

This then removes some casts from the callers.

llvm-svn: 193039
2013-10-19 16:55:03 +00:00
DeLesley Hutchins 8121866bdb Consumed analysis: fix assert failure.
llvm-svn: 193010
2013-10-18 23:11:49 +00:00
DeLesley Hutchins 0bd25897ef Consumed analysis: assume that non-const reference parameters are initially
in the "uknown" state.  Patch by chris.wailes@gmail.com.  Reviewed by delesley.

llvm-svn: 192995
2013-10-18 19:25:18 +00:00
DeLesley Hutchins 11a66c1240 Consumed analysis: All the return_typestate parameter to be attached to the
default constructor.  Patch by chris.wailes@gmail.com, reviewed by delesley.

llvm-svn: 192991
2013-10-18 18:36:21 +00:00
DeLesley Hutchins 6939177cea Consumed analysis: Add param_typestate attribute, which specifies that
function parameters must be in a particular state.  Patch by
chris.wailes@gmail.com.  Reviewed by delesley@google.com.

llvm-svn: 192934
2013-10-17 23:23:53 +00:00
DeLesley Hutchins 36ea1dd4fc Consumed Analysis: Allow parameters that are passed by non-const reference
to be treated as return values, and marked with the "returned_typestate"
attribute.  Patch by chris.wailes@gmail.com; reviewed by delesley@google.com.

llvm-svn: 192932
2013-10-17 22:53:04 +00:00
DeLesley Hutchins 6501320e72 Consumed analysis: fix ICE in handling of loop source locations.
llvm-svn: 192911
2013-10-17 18:19:31 +00:00
DeLesley Hutchins 33a293433f Consumed analysis: replace the consumes attribute with a set_typestate
attribute.  Patch by chris.wailes@gmail.com; reviewed and edited by delesley.

llvm-svn: 192515
2013-10-11 23:03:26 +00:00
DeLesley Hutchins 8d41d99502 Consumed analysis: switch from tests_consumed/unconsumed to a general
tests_typestate attribute.  Patch by chris.wailes@gmail.com.

llvm-svn: 192513
2013-10-11 22:30:48 +00:00
DeLesley Hutchins fbdee4e3c2 Consumed analysis: check destructor calls.
This allows the callable_when attribute to be attached to destructors.
Original patch by chris.wailes@gmail.com, reviewed and edited by delesley.

llvm-svn: 192508
2013-10-11 21:55:33 +00:00
DeLesley Hutchins 3277a6129b Consumed analysis: improve loop handling. The prior version of the analysis
marked all variables as "unknown" at the start of a loop.  The new version
keeps the initial state of variables unchanged, but issues a warning if the
state at the end of the loop is different from the state at the beginning.
This patch will eventually be replaced with a more precise analysis.

Initial patch by chris.wailes@gmail.com.  Reviewed and edited by
delesley@google.com.

llvm-svn: 192314
2013-10-09 18:30:24 +00:00
DeLesley Hutchins 210791a021 Consumed Analysis: Change callable_when so that it can take a list of states
that a function can be called in.  This reduced the total number of annotations
needed and makes writing more complicated behaviour less burdensome.
Patch by chriswails@gmail.com.

llvm-svn: 191983
2013-10-04 21:28:06 +00:00
Benjamin Kramer b8f33f1690 Make sort predicate match the qsort convention.
llvm-svn: 191177
2013-09-22 15:02:02 +00:00
Benjamin Kramer 04bf187e12 Fix array_pod_sort predicates after LLVM change.
llvm-svn: 191176
2013-09-22 14:10:29 +00:00
Richard Smith ba8071ec81 PR16054: Slight strengthening for -Wsometimes-uninitialized: if we use a
variable uninitialized every time we reach its (reachable) declaration, or
every time we call the surrounding function, promote the warning from
-Wmaybe-uninitialized to -Wsometimes-uninitialized.

This is still slightly weaker than desired: we should, in general, warn
if a use is uninitialized the first time it is evaluated.

llvm-svn: 190623
2013-09-12 18:49:10 +00:00
DeLesley Hutchins 85c07d9a93 Fix ICE in consumed analysis when CFG is null.
llvm-svn: 190447
2013-09-10 23:10:10 +00:00
Matt Beaumont-Gay 093f240a73 Fix a crash introduced in r189828.
The predicates in CXXRecordDecl which test various properties of special
members can't be called on incomplete decls.

llvm-svn: 190353
2013-09-09 21:07:58 +00:00
Pavel Labath 921e7650d4 Avoid double edges when constructing CFGs
Summary:
If a noreturn destructor is executed while returning a value from a function,
the resulting CFG has had two edges to the exit block. This crashed the analyzer,
because it expects that blocks with no terminators have only one outgoing edge.
I added code to avoid creating the second edge in this case.

PS: The crashes did not manifest themselves always, as usually the
NoReturnFunctionChecker would stop program evaluation before the analyzer hit
the assertion, but in the case of lifetime extended temporaries, the checker
failed to do that (which is a separate bug in itself).

Reviewers: jordan_rose

CC: cfe-commits

Differential Revision: http://llvm-reviews.chandlerc.com/D1513

llvm-svn: 190125
2013-09-06 08:12:48 +00:00
David Blaikie 16f76d27ae Consumed Analysis: The 'consumable' attribute now takes a identifier specifying the default assumed state for objects of this class
This information is used for return states and pass-by-value parameter
states.

Patch by Chris Wailes.

Review by DeLesley Hutchins and Aaron Ballman.

llvm-svn: 190116
2013-09-06 01:28:43 +00:00
Eric Christopher de156243e1 Fix non-void return warning, and format.
llvm-svn: 189845
2013-09-03 20:43:00 +00:00
DeLesley Hutchins fc368259af Consumed analysis: add return_typestate attribute.
Patch by chris.wailes@gmail.com

Functions can now declare what state the consumable type the are returning will
be in. This is then used on the caller side and checked on the callee side.
Constructors now use this attribute instead of the 'consumes' attribute.

llvm-svn: 189843
2013-09-03 20:11:38 +00:00
Jordan Rose d2f4079db9 Add an implicit dtor CFG node just before C++ 'delete' expressions.
This paves the way for adding support for modeling the destructor of a
region before it is deleted. The statement "delete <expr>" now generates
this series of CFG elements:

  1. <expr>
  2. [B1.1]->~Foo() (Implicit destructor)
  3. delete [B1.1]

Patch by Karthik Bhat!

llvm-svn: 189828
2013-09-03 17:00:57 +00:00
Pavel Labath d527cf89e6 [analyzer] Add very limited support for temporary destructors
This is an improved version of r186498. It enables ExprEngine to reason about
temporary object destructors.  However, these destructor calls are never
inlined, since this feature is still broken. Still, this is sufficient to
properly handle noreturn temporary destructors.

Now, the analyzer correctly handles expressions like "a || A()", and executes the
destructor of "A" only on the paths where "a" evaluted to false.

Temporary destructor processing is still off by default and one has to
explicitly request it by setting cfg-temporary-dtors=true.

Reviewers: jordan_rose

CC: cfe-commits

Differential Revision: http://llvm-reviews.chandlerc.com/D1259

llvm-svn: 189746
2013-09-02 09:09:15 +00:00
DeLesley Hutchins 5a715c4f00 Consumed analysis: add 'consumable' class attribute.
Patch by chris.wailes@gmail.com

Adds the 'consumable' attribute that can be attached to classes.  This replaces
the previous method of scanning a class's methods to see if any of them have
consumed analysis attributes attached to them.  If consumed analysis attributes
are attached to methods of a class that isn't marked 'consumable' a warning
is generated.

llvm-svn: 189702
2013-08-30 22:56:34 +00:00
DeLesley Hutchins b570c13574 Consumed analysis: track function parameters.
Patch by chris.wailes@gmail.com.

llvm-svn: 189616
2013-08-29 22:36:05 +00:00
DeLesley Hutchins 7fa60edb47 Consumed analysis: non-const methods no longer transfer an object into an
unknown state.  Patch by chris.wailes@gmail.com.

llvm-svn: 189612
2013-08-29 21:17:25 +00:00
Aaron Ballman a21f4b8ddd Silencing the warning from r189605 in a more conformant manner.
llvm-svn: 189606
2013-08-29 20:36:09 +00:00
Aaron Ballman 130db36d80 Silencing a rather spurious warning from MSVC 11 about not all control paths returning a value (hint: they do).
llvm-svn: 189605
2013-08-29 20:25:14 +00:00
Eric Christopher f8a1baab9d Fix warning about anonymous structs in anonymous unions.
llvm-svn: 189596
2013-08-29 18:00:58 +00:00
DeLesley Hutchins 5533ec5c55 Consumed analysis: improve handling of conditionals.
Patch by chris.wailes@gmail.com.

* The TestedVarsVisitor was folded into the ConsumedStmtVisitor.
* The VarTestResult class was updated to allow these changes.
* The PropagationInfo class was updated for the same reasons.
* Correctly handle short-circuiting of Boolean operations.
* Blocks are now marked as unreachable when we can statically prove we will
  never branch to them.
* Unreachable blocks are skipped by the analysis.

llvm-svn: 189594
2013-08-29 17:26:57 +00:00
DeLesley Hutchins 2445b1212a Consumed analyis: Renamed *PStatus to *PInfo.
The change was made for readability, as the PropagationInfo objects don't
always contain a status.  This is submitted as a separate patch because it
touches a lot of lines and I don't want it cluttering up the next patch.
Patch by chris.wailes@gmail.com.

llvm-svn: 189278
2013-08-26 20:34:59 +00:00
Robert Wilhelm 25284cc95b Use pop_back_val() instead of both back() and pop_back().
No functionality change intended.

llvm-svn: 189112
2013-08-23 16:11:15 +00:00
Pavel Labath 02b64d46a0 [analyzer] Refactor conditional expression evaluating code
Summary:
Instead of digging through the ExplodedGraph, to figure out which edge brought
us here, I compute the value of conditional expression by looking at the
sub-expression values.

To do this, I needed to change the liveness algorithm a bit -- now, the full
conditional expression also depends on all atomic sub-expressions, not only the
outermost ones.

Reviewers: jordan_rose

CC: cfe-commits

Differential Revision: http://llvm-reviews.chandlerc.com/D1340

llvm-svn: 189090
2013-08-23 07:19:22 +00:00
DeLesley Hutchins c2ecf0d815 Update to consumed analysis.
Patch by chris.wailes@gmail.com.  The following functionality was added:

* The same functionality is now supported for both CXXOperatorCallExprs and CXXMemberCallExprs.
* Factored out some code in StmtVisitor.
* Removed variables from the state map when their destructors are encountered.
* Started adding documentation for the consumed analysis attributes.

llvm-svn: 189059
2013-08-22 20:44:47 +00:00
David Majnemer a39da8e236 Analysis: Make %I in printf more reasonable, add more tests
llvm-svn: 188992
2013-08-22 07:53:21 +00:00
David Majnemer 3cba495abc Analysis: Add support for MS specific printf format specifiers
Summary: Adds support for %I, %I32 and %I64.

Reviewers: hans, jordan_rose, rnk, majnemer

Reviewed By: majnemer

CC: cfe-commits, cdavis5x

Differential Revision: http://llvm-reviews.chandlerc.com/D1456

llvm-svn: 188937
2013-08-21 21:54:46 +00:00
Jordan Rose 5374c07ab9 Omit arguments of __builtin_object_size from the CFG.
This builtin does not actually evaluate its arguments for side effects,
so we shouldn't include them in the CFG. In the analyzer, rely on the
constant expression evaluator to get the proper semantics, at least for
now. (In the future, we could get ambitious and try to provide path-
sensitive size values.)

In theory, this does pose a problem for liveness analysis: a variable can
be used within the __builtin_object_size argument expression but not show
up as live. However, it is very unlikely that such a value would be used
to compute the object size and not used to access the object in some way.

<rdar://problem/14760817>

llvm-svn: 188679
2013-08-19 16:27:28 +00:00
DeLesley Hutchins 9f5193cf61 Thread Safety Analysis: fix bug when using TryLock with && and || expressions.
llvm-svn: 188505
2013-08-15 23:06:33 +00:00
Eli Friedman 89fe0d5842 Properly track l-paren of a CXXFucntionalCastExpr.
In addition to storing more useful information in the AST, this
fixes a semantic check in template instantiation which checks whether
the l-paren location is valid.

Fixes PR16903.

llvm-svn: 188495
2013-08-15 22:02:56 +00:00
DeLesley Hutchins 16b4ff5c4d Thread safety analysis: move warnings within lock/unlock functions out of beta.
llvm-svn: 188465
2013-08-15 15:31:25 +00:00
Reid Kleckner 6454d0a0fa Silence a warning from MSVC about not returning a value
llvm-svn: 188237
2013-08-13 00:11:59 +00:00
Reid Kleckner e846deae3c Remove Sema includes from Analysis code to fix layering
This moves a header-only class from Sema to Analysis and puts the option
check in Sema.

Patch by Chris Wailes!

llvm-svn: 188230
2013-08-12 23:49:39 +00:00
Hans Wennborg 812a9ec9c2 Speculative build fix for r188206.
The cmake-clang-x86_64 was upset:
error: 'template<class ImplClass, class RetTy> class clang::ConstStmtVisitor' used without template parameters

llvm-svn: 188211
2013-08-12 22:02:09 +00:00
DeLesley Hutchins 48a317663f Patch by Chris Wailes <chris.wailes@gmail.com>.
Reviewed by delesley, dblaikie.

Add the annotations and code needed to support a basic 'consumed' analysis.

Summary:
This new analysis is based on academic literature on linear types.  It tracks
the state of a value, either as unconsumed, consumed, or unknown.  Methods are
then annotated as CallableWhenUnconsumed, and when an annotated method is
called while the value is in the 'consumed' state a warning is issued.  A value
may be tested in the conditional statement of an if-statement; when this occurs
we know the state of the value in the different branches, and this information
is added to our analysis.  The code is still highly experimental, and the names
of annotations or the algorithm may be subject to change.

llvm-svn: 188206
2013-08-12 21:20:55 +00:00
Jordan Rose e9c57229f9 [analyzer] Include analysis stack in crash traces.
Sample output:

0.     Program arguments: ...
1.     <eof> parser at end of file
2.     While analyzing stack:
       #0 void inlined()
       #1 void test()
3.     crash-trace.c:6:3: Error evaluating statement

llvm-svn: 186639
2013-07-19 00:59:08 +00:00
Richard Smith 5a0ef78cd7 Remove bogus VarDecl::extendsLifetimeOfTemporary function and inline it into
its only caller with a FIXME explaining why it's bogus.

llvm-svn: 185109
2013-06-27 21:43:17 +00:00
Aaron Ballman fcd5b7e76e Updating a link in the comments; no functional change.
llvm-svn: 185013
2013-06-26 19:17:19 +00:00
Anna Zaks 56b4975bad [CFG] Set the “loop target” (back edge) for VisitObjCForCollectionStmt loops
Add the back edge info by creating a basic block, marked as loop target. This is
consistent with how other loops are processed, but was omitted from
VisitObjCForCollectionStmt.

llvm-svn: 184617
2013-06-22 00:23:20 +00:00
Jordan Rose cf10ea8cb2 [analyzer; new edges] Simplify edges in a C++11 for-range loop.
Previously our edges were completely broken here; now, the final result
is a very simple set of edges in most cases: one up to the "for" keyword
for context, and one into the body of the loop. This matches the behavior
for ObjC for-in loops.

In the AST, however, CXXForRangeStmts are handled very differently from
ObjCForCollectionStmts. Since they are specified in terms of equivalent
statements in the C++ standard, we actually have implicit AST nodes for
all of the semantic statements. This makes evaluation very easy, but
diagnostic locations a bit trickier. Fortunately, the problem can be
generally defined away by marking all of the implicit statements as
part of the top-level for-range statement.

One of the implicit statements in a for-range statement is the declaration
of implicit iterators __begin and __end. The CFG synthesizes two
separate DeclStmts to match each of these decls, but until now these
synthetic DeclStmts weren't in the function's ParentMap. Now, the CFG
keeps track of its synthetic statements, and the AnalysisDeclContext will
make sure to add them to the ParentMap.

<rdar://problem/14038483>

llvm-svn: 183449
2013-06-06 21:53:45 +00:00
David Majnemer f69ce86048 Analysis: Add a CFG successor to a SwitchStmt if it is both empty and fully covered
Consider the case where a SwitchStmt satisfied isAllEnumCasesCovered()
as well as having no cases at all (i.e. the enum it covers has no
enumerators).

In this case, we should add a successor to repair the CFG.

This fixes PR16212.

llvm-svn: 183237
2013-06-04 17:38:44 +00:00
Jordan Rose 5250b873bb CFG: In a DeclStmt, skip anything that's not a VarDecl.
Neither the compiler nor the analyzer are doing anything with non-VarDecl
decls in the CFG, and having them there creates extra nodes in the
analyzer's path diagnostics. Simplify the CFG (and the path edges) by
simply leaving them out. We can always add interesting decls back in when
they become relevant.

Note that this only affects decls declared in a DeclStmt, and then only
those that appear within a function body.

llvm-svn: 183157
2013-06-03 22:59:41 +00:00
DeLesley Hutchins 3b2c66bbda Thread safety analysis: fix use after free bug reported by Evgeniy Stepanov.
llvm-svn: 182305
2013-05-20 17:57:55 +00:00
Jordan Rose 433b0f5455 Revert "[analyzer; alternate edges] improve support for edges with PseudoObjectExprs."
Ted and I spent a long time discussing this today and found out that neither
the existing code nor the new code was doing what either of us thought it
was, which is never good. The good news is we found a much simpler way to
fix the motivating test case (an ObjCSubscriptExpr).

This reverts r182083, but pieces of it will come back in subsequent commits.

llvm-svn: 182185
2013-05-18 02:26:50 +00:00