Age | Commit message (Collapse) | Author |
|
for halting the propagation of uninitialized value tracking along
a path. Unlike __attribute__((noreturn)), this attribute (which
is used by clients of the static analyzer) can be used to annotate
functions that essentially never return, but in rare cares may be
allowed to return for (special) debugging purposes. This attribute
has been shown in reducing false positives in the static analyzer
by pruning false postives, and is equally applicable here.
Handling this attribute in the CFG itself is another option, but
this is not something all clients (e.g., possibly -Wunreachable-code)
would want to see.
Addresses <rdar://problem/12281583>.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@163681 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
short-circuiting when building the CFG. Also be sure to skip parens before
checking for the && / || special cases. Finally, fix some crashes in CFG
printing in the presence of calls to destructors for array of array of class
type.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160691 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
* Treat compound assignment as a use, at Jordy's request.
* Always add compound assignments into the CFG, so we can correctly diagnose the use in 'return x += 1;'
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160334 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
use out of TransferFunctions, and compute it in advance rather than on-the-fly.
This allows us to handle compound assignments with DeclRefExprs on the RHS
correctly, and also makes it trivial to treat const& function parameters as not
initializing the argument. The patch also makes both of those changes.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160330 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
used in a branch, but
instead push the terminator for the branch down into the basic blocks of the subexpressions of '&&' and '||'
respectively. This eliminates some artifical control-flow from the CFG and results in a more
compact CFG.
Note that this patch only alters the branches 'while', 'if' and 'for'. This was complex enough for
one patch. The remaining branches (e.g., do...while) can be handled in a separate patch, but they
weren't immediately tackled because they were less important.
It is possible that this patch introduces some subtle bugs, particularly w.r.t. to destructor placement.
I've tried to audit these changes, but it is also known that the destructor logic needs some refinement
in the area of '||' and '&&' regardless (i.e., their are known bugs).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@160218 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
initialize any variable. This is extremely conservative, but is sufficient for
now.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@159620 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
the member expression is in parentheses.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158651 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
initializer, it is uninitialized, even if we may be coming from somewhere where
it was initialized.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@158611 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
-Wsometimes-uninitialized diagnostics to make it clearer that the cause
of the issue may be a condition which must always evaluate to true or
false, rather than an uninitialized variable.
To emphasize this, add a new note with a fixit which removes the
impossible condition or replaces it with a constant.
Also, downgrade the diagnostic from -Wsometimes-uninitialized to
-Wconditional-uninitialized when it applies to a range-based for loop,
since the condition is not written explicitly in the code in that case.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@157511 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
-Wsometimes-uninitialized. This detects cases where an explicitly-written branch
inevitably leads to an uninitialized variable use (so either the branch is dead
code or there is an uninitialized use bug).
This chunk of warnings tentatively lives within -Wuninitialized, in order to
give it more visibility to existing Clang users.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@157458 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
#define TEST int y; int x = y;
void foo() {
TEST
}
-Wuninitialized gives this warning:
invalid-loc.cc:4:3: warning: variable 'y' is uninitialized when used here
[-Wuninitialized]
TEST
^~~~
invalid-loc.cc:2:29: note: expanded from macro 'TEST'
#define TEST int y; int x = y;
^
note: initialize the variable 'y' to silence this warning
1 warning generated.
The second note lacks filename, line number, and code snippet. This change
will remove the fixit and only point to variable declaration.
invalid-loc.cc:4:3: warning: variable 'y' is uninitialized when used here
[-Wuninitialized]
TEST
^~~~
invalid-loc.cc:2:29: note: expanded from macro 'TEST'
#define TEST int y; int x = y;
^
invalid-loc.cc:4:3: note: variable 'y' is declared here
TEST
^
invalid-loc.cc:2:14: note: expanded from macro 'TEST'
#define TEST int y; int x = y;
^
1 warning generated.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@156045 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@142538 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
cause of an uninitialized variable IFF there are other uses of that uninitialized variable. Fixes <rdar://problem/9259237>.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141881 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
always flagged as being uninitialized. Addresses <rdar://problem/9432305>.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141346 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@141345 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
warnings.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@139463 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
dead code. Fixes <rdar://problem/10060250>.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@139027 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
modeling sizeof(VLAs)
incorrectly in the CFG, and also the static analyzer. This patch regresses the analyzer a bit, but
that needs to be followed up with a better solution.
Fixes <rdar://problem/10008112>.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@138372 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
AnalysisBasedWarnings Sema layer and out of the Analysis library itself.
This returns the uninitialized values analysis to a more pure form,
allowing its original logic to correctly detect some categories of
definitely uninitialized values. Fixes PR10358 (again).
Thanks to Ted for reviewing and updating this patch after his rewrite of
several portions of this analysis.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135748 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
lvalue-to-rvalue conversion in a DeclStmt.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135525 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
conversion is wrapped in a parenthesis.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135519 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
patch, we actually move the state-machine for the value set backwards
one step. This can pretty easily lead to infinite loops where we
continually try to propagate a bit, succeed for one iteration, but then
back up because we find an uninitialized use.
A reduced test case from PR10379 is included.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135359 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
-Wuninitialized to avoid cascading warnings. Patch by Kaelyn Uhrain.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@135217 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
a logical operation.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@131158 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Chris's feedback.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@129127 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
definitely have a path leading to them, and possibly have a path leading
to them; reflect that distinction in the warning text emitted.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@129126 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
marked explicitly as uninitialized through direct self initialization:
int x = x;
With r128894 we prevented warnings about this code, and this patch
teaches the analysis engine to continue analyzing subsequent uses of
'x'. This should wrap up PR9624.
There is still an open question of whether we should suppress the
maybe-uninitialized warnings resulting from variables initialized in
this fashion. The definitely-uninitialized uses should always be warned.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128932 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
int x = x;
GCC disables its warnings on this construct as a way of indicating that
the programmer intentionally wants the variable to be uninitialized.
Only the warning on the initializer is turned off in this iteration.
This makes the code a lot more ugly, but starts commenting the
surprising behavior here. This is a WIP, I want to refactor it
substantially for clarity, and to determine whether subsequent warnings
should be suppressed or not.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128894 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
numerous CFG and UninitializedValues analysis changes:
1) Change the CFG to include the DeclStmt for conditional variables, instead of using the condition itself as a faux DeclStmt.
2) Update ExprEngine (the static analyzer) to understand (1), so not to regress.
3) Update UninitializedValues.cpp to initialize all tracked variables to Uninitialized at the start of the function/method.
4) Only use the SelfReferenceChecker (SemaDecl.cpp) on global variables, leaving the dataflow analysis to handle other cases.
The combination of (1) and (3) allows the dataflow-based -Wuninitialized to find self-init problems when the initializer
contained control-flow.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128858 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
warnings from the dataflow analysis that include within the initializer of a variable.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128843 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
already has an initializer.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128838 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
Note this can potentially be enhanced to detect if the __block variable
is actually written by the block, or only when the block "escapes" or
is actually used, but that requires more analysis than it is probably worth
for this simple check.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@128681 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@127793 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
*must-be-uninitialized* warnings are reported, with *maybe-uninitialized* under a separate flag. I await any fallout/comments/feedback, although hopefully this will produce no noise for users.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@127670 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
and "may-be-initialized" warnings, each controlled by different flags.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@127666 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@127656 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
-Wuninitialized-experimental. It is clear from user feedback that this warning is not quite ready.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@125007 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124782 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
refer to the bad use, and the note to the variable declaration.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124758 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
dataflow facts and properly merging them.
Fixes PR 9076.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124666 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124394 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
blocks that reference captured variables.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124348 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124279 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
a warning for uses of an uninitialized variable
when the use is a void cast, e.g. (void) x.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124278 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
about uninitialized variables captured by blocks.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124213 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124076 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
for floats, and also check if 'nil' is declared
when suggesting it for initializing ObjC pointers.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@124004 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
to suggest initializations for pointer and
ObjC pointer types.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123995 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
to issue the warning at an uninitialized variable's
declaration, but to issue notes at possible
uninitialized uses (which could be multiple).
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123994 91177308-0d34-0410-b5e6-96231b3b80d8
|
|
analysis for short-circuited operations. For branch written like "if (x && y)",
we maintain two sets of dataflow values for the outgoing
branches. This suppresses some common false positives
for -Wuninitialized-experimental.
This change introduces some assertion failures
when running on the LLVM codebase. WIP.
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@123923 91177308-0d34-0410-b5e6-96231b3b80d8
|