| Age | Commit message (Collapse) | Author |
|---|
|
should suppress false positives resulting from 'assert' and friends.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138576 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
with how it
handled SCC's of dead code, or simply having false negatives by overly suppressing warnings.
WIP.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138410 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
various analyses (e.g., reachability).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138409 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138408 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
modeling sizeof(VLAs)
incorrectly in the CFG, and also the static analyzer. This patch regresses the analyzer a bit, but
that needs to be followed up with a better solution.
Fixes <rdar://problem/10008112>.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138372 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138183 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137896 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
bunch of others I haven't touched.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137867 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
and libStaticAnalyzer[*]. It was highly inconsistent, and very ugly to look at.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137537 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Having a notion of an actual ProgramPointTag will aid in introspection of the analyzer's behavior.
For example, the GraphViz output of the analyzer will pretty-print the tags in a useful manner.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137529 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
gotos jumping after an object was declared. Fixes PR 10620."
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137459 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
jumping after an object was declared. Fixes PR 10620.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137426 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
resulting from the recent -Wuninitialized changes.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137068 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
avoid recursion to subexpression.
This exposed bugs in the live variables analysis, and a latent analyzer bug in the SymbolReaper.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@137006 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136939 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136679 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
be linearized only when used by the static analyzer. This required a rewrite of LiveVariables, and exposed a ton of subtle bugs.
The motivation of this large change is to drastically simplify the logic in ExprEngine going forward.
Some fallout is that the output of some BugReporterVisitors is not as accurate as before; those will
need to be fixed over time. There is also some possible performance regression as RemoveDeadBindings
will be called frequently; this can also be improved over time.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@136419 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
LLVM.h imports
them into the clang namespace.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135852 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
AnalysisBasedWarnings Sema layer and out of the Analysis library itself.
This returns the uninitialized values analysis to a more pure form,
allowing its original logic to correctly detect some categories of
definitely uninitialized values. Fixes PR10358 (again).
Thanks to Ted for reviewing and updating this patch after his rewrite of
several portions of this analysis.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135748 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
functionality change.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135666 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
passed by reference.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135610 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
lvalue-to-rvalue conversion in a DeclStmt.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135525 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
conversion is wrapped in a parenthesis.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135519 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
crawl.
This is accomplished by forcing the needed expressions for -Wuninitialized to always be CFGElements in the CFG.
This allows us to remove a fair amount of the code for -Wuninitialized.
Some fallout:
- AnalysisBasedWarnings.cpp now specifically toggles the CFGBuilder to create a CFG that is suitable for -Wuninitialized. This
is a layering violation, since the logic for -Wuninitialized is in libAnalysis. This can be fixed with the proper refactoring.
- Some of the source locations for -Wunreachable-code warnings have shifted. While not ideal, this is okay because that analysis
already needs some serious reworking.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135480 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
CFGElements.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135479 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
patch, we actually move the state-machine for the value set backwards
one step. This can pretty easily lead to infinite loops where we
continually try to propagate a bit, succeed for one iteration, but then
back up because we find an uninitialized use.
A reduced test case from PR10379 is included.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135359 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
to extend to camel case functions instead of just title case functions. Fixes <rdar://problem/9732321>.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135350 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
API. No functionality change.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135349 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
-Wuninitialized to avoid cascading warnings. Patch by Kaelyn Uhrain.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135217 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
thing to do.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135152 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
comparing integers to integers. This happens not to be an issue now, but the extra check helps future proof in case of future refactorings.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135147 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
cases to be more portable with an explicit target triple.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135134 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
on 32-bit, so we shouldn't warn about using"
It fails on freebsd, mingw and msvc10.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135129 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
shouldn't warn about using
an "int" format specifier with a "long" type in 32-bit.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135075 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
conversion specifiers. My recent change was a mistake.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135048 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
specifiers for character types.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135046 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Previously, despite the names 'enqueue' and 'dequeue', it behaved as
a stack and visited blocks in a LIFO fashion. This interacts badly with
extremely broad CFGs *inside* of a loop (such as a large switch inside
a state machine) where every block updates a different variable.
When encountering such a CFG, the checker visited blocks in essentially
a "depth first" order due to the stack-like behavior of the work list.
Combined with each block updating a different variable, the saturation
logic of the checker caused it to re-traverse blocks [1,N-1] of the
broad CFG inside the loop after traversing block N. These re-traversals
were to propagate the variable values derived from block N. Assuming
approximately the same number of variables as inner blocks exist, the
end result is O(N^2) updates. By making this a queue, we also make the
traversal essentially "breadth-first" across each of the N inner blocks
of the loop. Then all of this state is propagated around to all N inner
blocks of the loop. The result is O(N) updates.
The truth is in the numbers:
Before, gcc.c: 96409 block visits (max: 61546, avg: 591)
After, gcc.c: 69958 block visits (max: 33090, avg: 429)
Before, PR10183: 2540494 block vists (max: 2536495, avg: 37360)
After, PR10183: 137803 block visits (max: 134406, avg: 2026)
The nearly 20x reduction in work for PR10183 corresponds to a roughly
100x speedup in compile time.
I've tested it on all the code I can get my hands on, and I've seen no
slowdowns due to this change. Where I've collected stats, the ammount of
work done is on average less. I'll also commit shortly some synthetic
test cases useful in analyzing the performance of CFG-based warnings.
Submitting this based on Doug's feedback that post-commit review should
be good. Ted, please review! Hopefully this helps compile times until
then.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@134697 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Special detail is added for uninitialized variable analysis as this has
serious performance problems than need to be tracked.
Computing some of this data is expensive, for example walking the CFG to
determine its size. To avoid doing that unless the stats data is going
to be used, we thread a bit into the Sema object to track whether
detailed stats should be collected or not. This bit is used to avoid
computations whereever the computations are likely to be more expensive
than checking the state of the flag. Thus, counters are in some cases
unconditionally updated, but the more expensive (and less frequent)
aggregation steps are skipped.
With this patch, we're able to see that for 'gcc.c':
*** Analysis Based Warnings Stats:
232 functions analyzed (0 w/o CFGs).
7151 CFG blocks built.
30 average CFG blocks per function.
1167 max CFG blocks per function.
163 functions analyzed for uninitialiazed variables
640 variables analyzed.
3 average variables per function.
94 max variables per function.
96409 block visits.
591 average block visits per function.
61546 max block visits per function.
And for the reduced testcase in PR10183:
*** Analysis Based Warnings Stats:
98 functions analyzed (0 w/o CFGs).
8526 CFG blocks built.
87 average CFG blocks per function.
7277 max CFG blocks per function.
68 functions analyzed for uninitialiazed variables
1359 variables analyzed.
19 average variables per function.
1196 max variables per function.
2540494 block visits.
37360 average block visits per function.
2536495 max block visits per function.
That last number is the somewhat scary one that indicates the problem in
PR10183.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@134494 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
obey the objc_method_family attribute when provided. Fixes
<rdar://problem/9726279>.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@134493 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@134454 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
specifiers. Fixes <rdar://problem/9607158>." because it causes false positives
on some code that uses CF toll free bridging.
- I'll let Doug or Ted figure out the right fix here, possibly just to accept
any pointer type.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@134041 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
MaterializeTemporaryExpr captures a reference binding to a temporary
value, making explicit that the temporary value (a prvalue) needs to
be materialized into memory so that its address can be used. The
intended AST invariant here is that a reference will always bind to a
glvalue, and MaterializeTemporaryExpr will be used to convert prvalues
into glvalues for that binding to happen. For example, given
const int& r = 1.0;
The initializer of "r" will be a MaterializeTemporaryExpr whose
subexpression is an implicit conversion from the double literal "1.0"
to an integer value.
IR generation benefits most from this new node, since it was
previously guessing (badly) when to materialize temporaries for the
purposes of reference binding. There are likely more refactoring and
cleanups we could perform there, but the introduction of
MaterializeTemporaryExpr fixes PR9565, a case where IR generation
would effectively bind a const reference directly to a bitfield in a
struct. Addresses <rdar://problem/9552231>.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133521 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133214 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Language-design credit goes to a lot of people, but I particularly want
to single out Blaine Garst and Patrick Beard for their contributions.
Compiler implementation credit goes to Argyrios, Doug, Fariborz, and myself,
in no particular order.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133103 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
<rdar://problem/9607158>.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@133024 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Related result types apply Cocoa conventions to the type of message
sends and property accesses to Objective-C methods that are known to
always return objects whose type is the same as the type of the
receiving class (or a subclass thereof), such as +alloc and
-init. This tightens up static type safety for Objective-C, so that we
now diagnose mistakes like this:
t.m:4:10: warning: incompatible pointer types initializing 'NSSet *'
with an
expression of type 'NSArray *' [-Wincompatible-pointer-types]
NSSet *array = [[NSArray alloc] init];
^ ~~~~~~~~~~~~~~~~~~~~~~
/System/Library/Frameworks/Foundation.framework/Headers/NSObject.h:72:1:
note:
instance method 'init' is assumed to return an instance of its
receiver
type ('NSArray *')
- (id)init;
^
It also means that we get decent type inference when writing code in
Objective-C++0x:
auto array = [[NSMutableArray alloc] initWithObjects:@"one", @"two",nil];
// ^ now infers NSMutableArray* rather than id
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@132868 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
expressions (by calling IgnoreParens before adding expressions to blocks). Undo 132769 (LiveVariables' local IgnoreParens), since it's no longer necessary.
Also, have Environment stop looking through NoOp casts; it didn't match the behavior of LiveVariables. And once that's gone, the whole cast block of that switch is unnecessary.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@132840 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
liveness. Fixes the other half of PR8962.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@132769 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@132326 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@132001 91177308-0d34-0410-b5e6-96231b3b80d8
|
