Commit Graph

18 Commits

Author SHA1 Message Date
Alexander Kornienko 973fcc25fb Fix use-after-free bug in Tooling.
Summary:
`buildASTFromCodeWithArgs()` was creating a memory buffer referencing a
stack-allocated string.  This diff changes the implementation to copy the code
string into the memory buffer so that said buffer owns the memory.

Patch by Yitzhak Mandelbaum.

Reviewers: alexfh

Reviewed By: alexfh

Subscribers: cfe-commits, EricWF

Differential Revision: https://reviews.llvm.org/D55765

llvm-svn: 350638
2019-01-08 16:55:13 +00:00
Fangrui Song 5313327f61 Add explicit dependency on clangSerialization for a bunch of components to fix -DBUILD_SHARED_LIBS=on build
This is a more thorough fix of rC348911.
The story about -DBUILD_SHARED_LIBS=on build after rC348907 (Move PCHContainerOperations from Frontend to Serialization) is:

1. libclangSerialization.so defines PCHContainerReader dtor, ...
2. clangFrontend and clangTooling define classes inheriting from PCHContainerReader, thus their DSOs have undefined references on PCHContainerReader dtor
3. Components depending on either clangFrontend or clangTooling cannot be linked unless they have explicit dependency on clangSerialization due to the default linker option -z defs. The explicit dependency could be avoided if libclang{Frontend,Tooling}.so had these undefined references.

This patch adds the explicit dependency on clangSerialization to make them build.

llvm-svn: 348915
2018-12-12 08:02:18 +00:00
Shuai Wang 6690802263 [NFC] Declare instead of define non-void functions in unit tests.
llvm-svn: 342586
2018-09-19 20:27:25 +00:00
Shuai Wang 86e5cb0e0b [analyzer] Fix nullptr access when processing instantiated function in ExprMutationAnalyzer.
llvm-svn: 342562
2018-09-19 18:00:55 +00:00
Shuai Wang b81bcb3a3e [NFC] Fix uncompilable test cases of ExprMutationAnalyzer.
And ensure future test cases doesn't have compile errors.

llvm-svn: 342525
2018-09-19 03:50:03 +00:00
Shuai Wang 4305993c89 [analyzer] Treat std::{move,forward} as casts in ExprMutationAnalyzer.
Summary:
This is a follow up of D52008 and should make the analyzer being able to handle perfect forwardings in real world cases where forwardings are done through multiple layers of function calls with `std::forward`.

Fixes PR38891.

Reviewers: lebedev.ri, JonasToth, george.karpenkov

Subscribers: xazax.hun, szepet, a.sidorin, mikhail.ramalho, Szelethus, cfe-commits

Differential Revision: https://reviews.llvm.org/D52120

llvm-svn: 342409
2018-09-17 20:10:56 +00:00
Shuai Wang cb98b707c9 [analyzer] Handle forwarding reference better in ExprMutationAnalyzer.
Summary:
We used to treat an `Expr` mutated whenever it's passed as non-const
reference argument to a function. This results in false positives in
cases like this:
```
int x;
std::vector<int> v;
v.emplace_back(x); // `x` is passed as non-const reference to `emplace_back`
```
In theory the false positives can be suppressed with
`v.emplace_back(std::as_const(x))` but that's considered overly verbose,
inconsistent with existing code and spammy as diags.

This diff handles such cases by following into the function definition
and see whether the argument is mutated inside.

Reviewers: lebedev.ri, JonasToth, george.karpenkov

Subscribers: xazax.hun, szepet, a.sidorin, mikhail.ramalho, Szelethus, cfe-commits

Differential Revision: https://reviews.llvm.org/D52008

llvm-svn: 342271
2018-09-14 20:07:18 +00:00
Shuai Wang e9192f8389 [analyzer] Add ExprMutationAnalyzer
Summary:
This is 1/2 of moving ExprMutationAnalyzer from clangtidy to
clang/Analysis.
This diff along simply copies the ExprMutationAnalyzer over with trivial
modifications (e.g. include path, namespace)
2/2 will migrate existing usage of ExprMutationAnalyzer and remove the
original copy inside clangtidy.

Reviewers: george.karpenkov

Subscribers: mgorny, xazax.hun, szepet, a.sidorin, mikhail.ramalho, Szelethus, cfe-commits, JonasToth

Differential Revision: https://reviews.llvm.org/D51948

llvm-svn: 341994
2018-09-11 21:13:20 +00:00
Shoaib Meenai d806af3499 [CMake] Use PRIVATE in target_link_libraries for executables
We currently use target_link_libraries without an explicit scope
specifier (INTERFACE, PRIVATE or PUBLIC) when linking executables.
Dependencies added in this way apply to both the target and its
dependencies, i.e. they become part of the executable's link interface
and are transitive.

Transitive dependencies generally don't make sense for executables,
since you wouldn't normally be linking against an executable. This also
causes issues for generating install export files when using
LLVM_DISTRIBUTION_COMPONENTS. For example, clang has a lot of LLVM
library dependencies, which are currently added as interface
dependencies. If clang is in the distribution components but the LLVM
libraries it depends on aren't (which is a perfectly legitimate use case
if the LLVM libraries are being built static and there are therefore no
run-time dependencies on them), CMake will complain about the LLVM
libraries not being in export set when attempting to generate the
install export file for clang. This is reasonable behavior on CMake's
part, and the right thing is for LLVM's build system to explicitly use
PRIVATE dependencies for executables.

Unfortunately, CMake doesn't allow you to mix and match the keyword and
non-keyword target_link_libraries signatures for a single target; i.e.,
if a single call to target_link_libraries for a particular target uses
one of the INTERFACE, PRIVATE, or PUBLIC keywords, all other calls must
also be updated to use those keywords. This means we must do this change
in a single shot. I also fully expect to have missed some instances; I
tested by enabling all the projects in the monorepo (except dragonegg),
and configuring both with and without shared libraries, on both Darwin
and Linux, but I'm planning to rely on the buildbots for other
configurations (since it should be pretty easy to fix those).

Even after this change, we still have a lot of target_link_libraries
calls that don't specify a scope keyword, mostly for shared libraries.
I'm thinking about addressing those in a follow-up, but that's a
separate change IMO.

Differential Revision: https://reviews.llvm.org/D40823

llvm-svn: 319840
2017-12-05 21:49:56 +00:00
Raphael Isemann 70686a1590 [analyzer] Performance optimizations for the CloneChecker
Summary:
This patch  aims at optimizing the CloneChecker for larger programs. Before this
patch we took around 102 seconds to analyze sqlite3 with a complexity value of
50. After this patch we now take 2.1 seconds to analyze sqlite3.

The biggest performance optimization is that we now put the constraint for group
size before the constraint for the complexity. The group size constraint is much
faster in comparison to the complexity constraint as it only does a simple
integer comparison. The complexity constraint on the other hand actually
traverses each Stmt and even checks the macro stack, so it is obviously not able
to handle larger amounts of incoming clones. The new order filters out all the
single-clone groups that the type II constraint generates in a faster way before
passing the fewer remaining clones to the complexity constraint. This reduced
runtime by around 95%.

The other change is that we also delay the verification part of the type II
clones back in the chain of constraints. This required to split up the
constraint into two parts - a verification and a hash constraint (which is also
making it more similar to the original design of the clone detection algorithm).
The reasoning for this is the same as before: The verification constraint has to
traverse many statements and shouldn't be at the start of the constraint chain.
However, as the type II hashing has to be the first step in our algorithm, we
have no other choice but split this constrain into two different ones. Now our
group size and complexity constrains filter out a chunk of the clones before
they reach the slow verification step, which reduces the runtime by around 8%.

I also kept the full type II constraint around - that now just calls it's two
sub-constraints - in case someone doesn't care about the performance benefits
of doing this.

Reviewers: NoQ

Reviewed By: NoQ

Subscribers: klimek, v.g.vassilev, xazax.hun, cfe-commits

Differential Revision: https://reviews.llvm.org/D34182

llvm-svn: 312222
2017-08-31 07:10:46 +00:00
Artem Dergachev da9e718fb4 [analyzer] Reland r299544 "Add a modular constraint system to the CloneDetector"
Hopefully fix crashes by unshadowing the variable.


Original commit message:

A big part of the clone detection code is functionality for filtering clones and
clone groups based on different criteria. So far this filtering process was
hardcoded into the CloneDetector class, which made it hard to understand and,
ultimately, to extend.

This patch splits the CloneDetector's logic into a sequence of reusable
constraints that are used for filtering clone groups. These constraints
can be turned on and off and reodreder at will, and new constraints are easy
to implement if necessary.

Unit tests are added for the new constraint interface.

This is a refactoring patch - no functional change intended.

Patch by Raphael Isemann!

Differential Revision: https://reviews.llvm.org/D23418

llvm-svn: 299653
2017-04-06 14:34:07 +00:00
Artem Dergachev c4aee48b9f Revert "[analyzer] Add a modular constraint system to the CloneDetector"
This reverts commit r299544.

Crashes on tests on some buildbots.

llvm-svn: 299550
2017-04-05 15:06:17 +00:00
Artem Dergachev f8b4fc38fd [analyzer] Add a modular constraint system to the CloneDetector
A big part of the clone detection code is functionality for filtering clones and
clone groups based on different criteria. So far this filtering process was
hardcoded into the CloneDetector class, which made it hard to understand and,
ultimately, to extend.

This patch splits the CloneDetector's logic into a sequence of reusable
constraints that are used for filtering clone groups. These constraints
can be turned on and off and reodreder at will, and new constraints are easy
to implement if necessary.

Unit tests are added for the new constraint interface.

This is a refactoring patch - no functional change intended.

Patch by Raphael Isemann!

Differential Revision: https://reviews.llvm.org/D23418

llvm-svn: 299544
2017-04-05 14:17:36 +00:00
Martin Bohme 0c11c29121 [analyzer] Fix crash when building CFG with variable of incomplete type
Summary:
I've included a unit test with a function template containing a variable
of incomplete type. Clang compiles this without errors (the standard
does not require a diagnostic in this case). Without the fix, this case
triggers the crash.

Reviewers: klimek

Reviewed By: klimek

Subscribers: cfe-commits

Differential Revision: https://reviews.llvm.org/D30636

llvm-svn: 297129
2017-03-07 08:42:37 +00:00
Martin Bohme f44cde8b73 CFGBuilder: Fix crash when visiting delete expression on dependent type
Summary:
CXXDeleteExpr::getDestroyedType() can return a null QualType if the destroyed
type is a dependent type. This patch protects against this.

Reviewers: klimek

Subscribers: cfe-commits

Differential Revision: https://reviews.llvm.org/D27350

llvm-svn: 288665
2016-12-05 11:33:19 +00:00
NAKAMURA Takumi 097a2b9c88 CFGTests: Update libdeps.
llvm-svn: 274885
2016-07-08 17:06:27 +00:00
NAKAMURA Takumi ab8685e946 clang/unittests/Analysis/CFGTest.cpp: Appease msc targets with -fno-delayed-template-parsing.
llvm-svn: 274879
2016-07-08 16:52:36 +00:00
Alexander Kornienko ff2046a93e CFGBuilder: Fix crash when visiting a range-based for over a dependent type
Summary:
CFG generation is expected to fail in this case, but it should not crash.

Also added a test that reproduces the crash.

Reviewers: klimek

Subscribers: cfe-commits

Patch by Martin Boehme!

Differential Revision: http://reviews.llvm.org/D21895

llvm-svn: 274834
2016-07-08 10:50:51 +00:00