This is an archive of the discontinued LLVM Phabricator instance.

Do we have a comprehensive list of non-inclusive terms and their inclusive correspondent somewhere available?
I mean master -> main, white list -> inclusive list, sanity -> validation, ...
I'd assume that we go through that list, and that could give me a clue of how many such patches to expect in the future.

Also, I was wondering that in list perhaps we could provide why we consider a term non-inclusive. Maybe it is just me but why is sanity considered non-inclusive?

In D114025#3140161, @martong wrote:

Do we have a comprehensive list of non-inclusive terms and their inclusive correspondent somewhere available?
I mean master -> main, white list -> inclusive list, sanity -> validation, ...
I'd assume that we go through that list, and that could give me a clue of how many such patches to expect in the future.

Also, I was wondering that in list perhaps we could provide why we consider a term non-inclusive. Maybe it is just me but why is sanity considered non-inclusive?

I don't know of an official LLVM list, there could be one but I am not certain.

These two sources have been a good place to start for me:
https://tools.ietf.org/id/draft-knodel-terminology-00.html
https://developers.google.com/style/inclusive-documentation

I have been working on finding replacements for blacklist, whitelist, and sanity in Clang/LLVM and @quinnp has been working on replacing master when possible. That's the extent of our list.

Peanut gallery says: I'd recommend not taking this particular patch; it seems much less "obvious" than the whitelist/inclusionlist type of patch. Whereas "whitelist" is just a made-up buzzword that can easily be replaced with a different made-up buzzword, "sanity check" is not at all the same as "validation test." In many cases, I think "sanity-check" could be reasonably replaced with "smoke-test," but (1) this PR doesn't do that, and (2) the phrase "smoke-test" is probably harder to understand, and (3) this PR currently touches many instances of "sanity/insanity/sane/insane" in code comments which have nothing to do with testing or checking at all.

"We could do X, but that would be insane" does not mean "We could do X, but that would not pass validations." It means it would be stupid, irrational, foolish for obvious reasons, something along those lines.

I agree that "X is dumb/stupid/insane" is a bad code comment and should be improved. It is bad not just because it is un-PC but because it is vague and therefore not (directly) helpful to the reader. However, you cannot fix this kind of comment by just substituting some made-up reason like "it would fail validation," because a lying comment is worse than a vague comment.

Not all of the individual diffs in this PR are bad. But some of them are.

clang/lib/Sema/SemaDeclCXX.cpp
9175–9176	This comment seems incorrectly translated.
12260	This comment seems incorrectly translated.
clang/lib/StaticAnalyzer/Core/Store.cpp
252–255	This comment seems incorrectly translated. I interpret the writer's intent as, "We really don't ever expect to get here from a reinterpret_cast; but if we ever do, let's just return something plausible [so that we avoid doing anything insane in the following codepath]." According to my interpretation, this would be better expressed as a simple `assert`, and you should file a bug if the assert ever gets hit. Alternatively, this `if` is necessary for correctness, and the comment should simply say something like "We can get here from a reinterpret_cast; in that case, return UnknownVal so that [whatever the reason is]."

This revision now requires changes to proceed.Nov 18 2021, 7:25 AM

In D114025#3140161, @martong wrote:

Do we have a comprehensive list of non-inclusive terms and their inclusive correspondent somewhere available?
I mean master -> main, white list -> inclusive list, sanity -> validation, ...
I'd assume that we go through that list, and that could give me a clue of how many such patches to expect in the future.

Also, I was wondering that in list perhaps we could provide why we consider a term non-inclusive. Maybe it is just me but why is sanity considered non-inclusive?

How dare you question our world's new overlords.

In D114025#3140161, @martong wrote:

Do we have a comprehensive list of non-inclusive terms and their inclusive correspondent somewhere available?
I mean master -> main, white list -> inclusive list, sanity -> validation, ...
I'd assume that we go through that list, and that could give me a clue of how many such patches to expect in the future.

Also, I was wondering that in list perhaps we could provide why we consider a term non-inclusive. Maybe it is just me but why is sanity considered non-inclusive?

https://gist.github.com/seanmhanson/fe370c2d8bd2b3228680e38899baf5cc has a pretty reasonable explanation about why sanity is problematic.

In D114025#3140204, @lebedev.ri wrote:

How dare you question our world's new overlords.

This is not a particularly constructive comment...

Reword comments based on suggestions.

In D114025#3140192, @Quuxplusone wrote:

Peanut gallery says: I'd recommend not taking this particular patch; it seems much less "obvious" than the whitelist/inclusionlist type of patch. Whereas "whitelist" is just a made-up buzzword that can easily be replaced with a different made-up buzzword, "sanity check" is not at all the same as "validation test." In many cases, I think "sanity-check" could be reasonably replaced with "smoke-test," but (1) this PR doesn't do that, and (2) the phrase "smoke-test" is probably harder to understand, and (3) this PR currently touches many instances of "sanity/insanity/sane/insane" in code comments which have nothing to do with testing or checking at all.

I think I understand your point and have tried to address that. Additionally, I would also argue that sanity check/test also serve as buzzwords and, while we may need to take greater care of how we reword things so they convey the meaning better, it shouldn't be fine to find replacements for them. Your review helps, thanks.

"We could do X, but that would be insane" does not mean "We could do X, but that would not pass validations." It means it would be stupid, irrational, foolish for obvious reasons, something along those lines.

I agree that "X is dumb/stupid/insane" is a bad code comment and should be improved. It is bad not just because it is un-PC but because it is vague and therefore not (directly) helpful to the reader. However, you cannot fix this kind of comment by just substituting some made-up reason like "it would fail validation," because a lying comment is worse than a vague comment.

Not all of the individual diffs in this PR are bad. But some of them are.

I've tried to address this in the updated diff. However, I think this also makes a case that there is a general issue with using sanity check/test aside from inclusive language.

Harbormaster completed remote builds in B134909: Diff 388207.Nov 18 2021, 8:34 AM

• Quuxplusone added inline comments.Nov 18 2021, 9:35 AM

clang/include/clang/AST/Redeclarable.h
261–262	`// Make sure we don't infinite-loop on an invalid redecl chain. This should never happen.`
clang/include/clang/CodeGen/CGFunctionInfo.h
253	This still feels like a misuse of "validation." I'd say something like `// Check that unpaddedCoerceToType has roughly the right shape.` To me, "validation" suggests the phrase "passes validations," which is like a Quality Assurance thing, and means "we did a lot of tests and couldn't break it, it's definitely valid," which is the exact opposite of the rough-cut quick-and-dirty smoke-test we mean when we say "sanity check." After we have validated an input, the postcondition should be that the input is valid. That's not what's happening in any of these cases. These sanity-checks are just rejecting specific easy-to-detect invalid cases. They're not digging deep to actually validate the input. They're just sanity-checking it.
clang/include/clang/Sema/Lookup.h
708–709	The original comment strikes me as pretty useless, except that it's kind of obliquely explaining the meaning of the ungrammatical `bool sanity() const`. It could have been fixed better, pre-PC, by just removing the comment and changing the function to `bool isSane() const`. I have no particular suggestion for this one, other than "you'll have to look at how it's used" and/or "just leave the comment alone, until you're ready to rename the actual identifiers too" and/or "just delete the comment because it's useless."
clang/lib/Analysis/BodyFarm.cpp
793–795	`// We expect that the property is...` although again it's not clear to me why this isn't an assertion.
clang/lib/Basic/SourceManager.cpp
61–67	This code seems silly to me. I would just delete these lines; or else how about llvm::MemoryBuffer::BufferKind ContentCache::getMemoryBufferKind() const { if (Buffer == nullptr) { assert(0 && "Buffer should never be null"); return llvm::MemoryBuffer::MemoryBuffer_Malloc; } return Buffer->getBufferKind(); }
864–865	Throughout this file, I'd just delete these comments. This isn't the use of "sanity-checking" I'm familiar with, btw. This is what I would call "defensive programming," where we believe a codepath is unreachable but we leave it in the codebase anyway "just in case." I think the fact that the codepath starts with `assert(0 && "reason")` is sufficient to mark it as a defensive codepath, and it doesn't need any comment about why it's "sane" and/or "required". The codepath on line 64 is the same deal. Validation: Ensure that the state is good. (Can generally be done only to user inputs. Once pointers are in the mix, "validation" of an intermediate state quickly becomes Halting-Problem-hard.) Sanity-checking/smoke-testing: Quickly reject some states that are obviously bad. (Assert-fail when "this should never be happening.") Defensive programming: Do something sensible even when in a bad state. ("This should never be happening," but describe what to do instead of asserting, anyway.) "For sanity": This data field should never be read ever again, but just in case it is, put something sensible into it. ("That should never happen.")
clang/lib/Driver/ToolChains/Clang.cpp
4305–4306	This comment can just be eliminated.
clang/lib/Sema/SemaChecking.cpp
5535–5536	This is the "for sanity" idiom; it has nothing to do with validation or even smoke-testing. This comment translates to something like // GCC does not enforce these rules for GNU atomics, but we do, // because if we didn't, it would be very confusing. [For whom? How so?] Ditto line 5577.
clang/lib/Sema/SemaDecl.cpp
12624–12626	I suggest that lines 12627-12628 should be moved up here and combined with this comment in some way. We have the power to be much less vague here about the precise form of sanity we're attempting to restore.
clang/lib/Sema/SemaDeclCXX.cpp
9175–9176	This comment still seems incorrectly translated. Things we do "for sanity's sake" aren't necessarily required, technically; but we're doing them anyway, for sanity.
clang/lib/Sema/SemaExpr.cpp
11187–11188	`// Reject obviously incorrect shift values.` or just eliminate the comment because it's redundant with line 11189
clang/lib/Sema/SemaExprCXX.cpp
1510–1513	This comment is incorrectly translated. I'm not sure I understand what's going on on this codepath, but it seems like the right comment is just `// Functions aren't objects, so they can't take initializers.` The original commenter would have added, `The Standard doesn't seem to say this anywhere, but it makes sense, right?` However, I'm sure there must be at least an open issue about this, if it hasn't already been fixed; that second sentence would just bit-rot, so I wouldn't bother adding it.
clang/lib/StaticAnalyzer/Checkers/UnixAPIChecker.cpp
185	I believe this is another instance of someone misusing the term "sanity check" for (something like) "defensive programming." We're not checking anything on this codepath; we're doing something sensible in a case that has already been dealt with elsewhere (but in this case, it actually can fall through to here; asserting here would be wrong). I'd write: `// The frontend has already issued a warning. Just return.`
clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp
1672–1673	`// At this point, the negation of the constraint should be infeasible. If it is feasible,...`
clang/lib/StaticAnalyzer/Core/ExprEngine.cpp
329–333	This seems to be the "for sanity" idiom, but I have no idea what it's trying to say (because I don't know this code).

Address review comments
Also rename some variables

@Quuxplusone Thanks for thorough review.

In D114025#3140192, @Quuxplusone wrote:

I think "sanity-check" could be reasonably replaced with "smoke-test," but (1) this PR doesn't do that, and (2) the phrase "smoke-test" is probably harder to understand,

It seems difficult considering the potential atmospheric pollution, carbon footprint, health issues, lung cancer, drug abuse, etc. implied.

Harbormaster completed remote builds in B134996: Diff 388332.Nov 18 2021, 3:44 PM

In D114025#3141414, @keryell wrote:

In D114025#3140192, @Quuxplusone wrote:

I think "sanity-check" could be reasonably replaced with "smoke-test," but (1) this PR doesn't do that, and (2) the phrase "smoke-test" is probably harder to understand,

It seems difficult considering the potential atmospheric pollution, carbon footprint, health issues, lung cancer, drug abuse, etc. implied.

This is not a constructive comment either, please stop.

In D114025#3141358, @ZarkoCA wrote:

@Quuxplusone Thanks for thorough review.

+1, you caught some stuff I was glossing over, but this is much improved. I made a few tiny suggestions (take them or leave them). Continues to LGTM

clang/include/clang/AST/Redeclarable.h
261–262	Alternatively, "Make sure we don't infinitely loop..."
clang/lib/Sema/SemaChecking.cpp
5536
5578

In D114025#3142565, @aaron.ballman wrote:

In D114025#3141414, @keryell wrote:

In D114025#3140192, @Quuxplusone wrote:

I think "sanity-check" could be reasonably replaced with "smoke-test," but (1) this PR doesn't do that, and (2) the phrase "smoke-test" is probably harder to understand,

It seems difficult considering the potential atmospheric pollution, carbon footprint, health issues, lung cancer, drug abuse, etc. implied.

This is not a constructive comment either, please stop.

In D114025#3141358, @ZarkoCA wrote:

@Quuxplusone Thanks for thorough review.

+1, you caught some stuff I was glossing over, but this is much improved. I made a few tiny suggestions (take them or leave them). Continues to LGTM

Yes, agreed, the suggestions made this much better. Thanks.

Add FIXME to comments and fix grammar on one comment

Harbormaster completed remote builds in B135117: Diff 388494.Nov 19 2021, 7:56 AM

(Re repeated thanks: You're welcome. :) For the record, I personally see nothing wrong with the phrase "sanity-check" either; but given that it's gonna happen, and we're re-wording comments on by definition the subtlest and most confusing parts of the code, I'm trying to help us not to lose/distort the semantics of those comments. Some of these comments are even improving through this exercise.)

clang/include/clang/AST/Redeclarable.h
261–262	s/on on/on an/ Also, I think comments should always end with a period `.`, or is it the other way around? :)
clang/include/clang/Sema/Lookup.h
708–709	The new version has the problem that `check()` is really vague, which again means that in order to explain what it does, you have to use the term "sanity-check". ;) Perhaps change the identifier to `checkAssumptions()` or even `checkDebugAssumptions()`? (Pre-existing problem: the name of the function still doesn't describe what it does, because it doesn't check or assert anything; it simply returns true or false, and it's up to the caller to `assert` on the return value. But `conformsToAssumptions()` is a silly name.)
clang/lib/Basic/DiagnosticIDs.cpp
695	`Minimum`, and also, I think it's a maximum? :P
clang/lib/Sema/SemaDeclCXX.cpp
9175–9176	"Don't check ... but check it anyway"?

Address latest round of comments
Fix unrelated formatting to stop distracting clang-format linter complaints

ZarkoCA added inline comments.Nov 19 2021, 10:05 AM

clang/lib/Sema/SemaDeclCXX.cpp
9175–9176	Right, that didn't make sense :). I noticed that there were warnings for this case in SemaDecl.cpp AFAIU so edited the comment to state that. Should be better now?

• Quuxplusone added inline comments.Nov 19 2021, 10:31 AM

clang/lib/Sema/SemaDeclCXX.cpp
9175–9176	Well, this version of the comment now gives the impression that it must be clear to someone. ;) I don't understand its implications, but I also don't know the code. Specifically, I don't know what "This" refers to (grammatically) — "Anonymous union types aren't conforming, but we support them anyway, and this is the right thing to do with them"? "Our behavior in this case isn't conforming, but it wouldn't make sense to do the conforming thing [wat]"? or something else? More fundamentally to my confusion (but not to that hypothetical other someone), I don't know what "the implicit member of the anonymous union type" actually means (in terms of the arcane details of C++), i.e., I personally don't know when this codepath is hit or what its effect is when it does get hit.
12260	Perhaps just `// where they may be used by two-phase lookup.` (But this is now just a nit.)

• Quuxplusone accepted this revision.Nov 19 2021, 10:35 AM

This revision is now accepted and ready to land.Nov 19 2021, 10:35 AM

Harbormaster completed remote builds in B135155: Diff 388550.Nov 19 2021, 11:44 AM

Thanks @aaron.ballman and @Quuxplusone for the constructive reviews.

Closed by commit rGd8e5a0c42bd8: [clang][NFC] Inclusive terms: replace some uses of sanity in clang (authored by ZarkoCA). · Explain WhyNov 19 2021, 11:58 AM

This revision was automatically updated to reflect the committed changes.

ZarkoCA added a commit: rGd8e5a0c42bd8: [clang][NFC] Inclusive terms: replace some uses of sanity in clang.

gandhi21299 mentioned this in D113925: [HIP] Add HIP scope atomic operations.Nov 24 2021, 4:07 PM

gandhi21299 added a subscriber: gandhi21299.Nov 24 2021, 4:13 PM

gandhi21299 added inline comments.

clang/lib/Sema/SemaChecking.cpp
5536	Is this change really necessary? It is a confusing comment and probably not too helpful for the developers.

If you aren't sure what a comment means, please feel free to CC Richard or me, and we might be able to help.

clang/include/clang/Analysis/CFG.h
520	Proper translation here is probably "assertions". A "validity check" sounds like a semantic restriction on the source language.
clang/lib/Sema/SemaChecking.cpp
5536	Perhaps "but we do to help catch trivial type errors."
5578	We enforce this for consistency with other atomics, which generally all require a trivially-copyable type because atomics just copy bits.
clang/lib/Sema/SemaDeclCXX.cpp
9175–9176	@rsmith probably has a better idea. I think it's saying that we shouldn't fall down into the generic path for the implicit field created for an anonymous union, presumably because we do special-case checks on the members of the anonymous union just above this point. I guess this isn't explicitly sanctioned by the standard but is the only sensible approach.
12260	This comment seems to be missing something — I think the previous comment was implying that the language rule really needs tags to be hidden when instantiating a `using` declaration. I don't know why that would be true, though; @rsmith might.
clang/lib/Sema/SemaExprCXX.cpp
1510–1513	I would prefer something like: The standard doesn't explicitly forbid function types here, but that's an obvious oversight, as there's no way to dynamically construct a function in general.

@ZarkoCA If you are planning to do a lot of this, it might be good to write a script (or a clang-tidy check even) that we can add to CI, so these terms don't get re-introduced.

@rjmccall thanks for having a look, I will clarify the comments with your suggestions.

In D114025#3152900, @tstellar wrote:

@ZarkoCA If you are planning to do a lot of this, it might be good to write a script (or a clang-tidy check even) that we can add to CI, so these terms don't get re-introduced.

That's a good idea, I will look into this definitely.

@rjmccall These are the proposed changes which address some of your comments. I am planning on waiting for further clarification on some of the others.

clang/include/clang/Analysis/CFG.h
520	Changed to: /// Number of different kinds, for assertions. We subtract 1 so that /// to keep receiving compiler warnings when we don't cover all enum values /// in a switch
clang/lib/Sema/SemaChecking.cpp
5536	Changed to: // GCC does not enforce these rules for GNU atomics, but we do to help catch // trivial type errors.
5578	Changed to: // For GNU atomics, require a trivially-copyable type. This is not part of // the GNU atomics specification but we enforce it for consistency with // other atomics which generally all require a trivially-copyable type. This // is because atomics just copy bits.
clang/lib/Sema/SemaExprCXX.cpp
1510–1513	Changed to: // The standard doesn't explicitly forbid function types here, but that's an // obvious oversight, as there's no way to dynamically construct a function // in general.

Those all look good, thanks.

ZarkoCA mentioned this in rG3ee685f98abf: [NFC][Clang] Fix some comments in clang.Dec 1 2021, 10:37 AM

In D114025#3162140, @rjmccall wrote:

Those all look good, thanks.

Committed here

• galapoz1996 added a subscriber: • galapoz1996.Feb 24 2023, 6:39 PM

This comment was removed by mehdi_amini.

Herald added a reviewer: NoQ. · View Herald TranscriptFeb 24 2023, 6:39 PM

Herald added a project: Restricted Project. · View Herald Transcript

Herald added subscribers: steakhal, MaskRay. · View Herald Transcript

mehdi_amini added a subscriber: mehdi_amini.Feb 27 2023, 7:25 AM

Revision Contents

Path

Size

clang/

include/

clang/

AST/

Redeclarable.h

3 lines

Analysis/

CFG.h

2 lines

CodeGen/

CGFunctionInfo.h

2 lines

Sema/

Lookup.h

7 lines

lib/

Analysis/

BodyFarm.cpp

5 lines

RetainSummaryManager.cpp

2 lines

Basic/

DiagnosticIDs.cpp

2 lines

SourceManager.cpp

11 lines

Driver/

ToolChains/

Clang.cpp

1 line

Format/

Format.cpp

2 lines

Frontend/

FrontendActions.cpp

2 lines

Sema/

7 lines

8 lines

5 lines

1 line

5 lines

4 lines

StaticAnalyzer/

Checkers/

CStringChecker.cpp

6 lines

MIGChecker.cpp

2 lines

StdLibraryFunctionsChecker.cpp

6 lines

UnixAPIChecker.cpp

5 lines

Core/

BugReporterVisitors.cpp

7 lines

ExprEngine.cpp

4 lines

Store.cpp

2 lines

Tooling/

Syntax/

Tree.cpp

2 lines

Diff 388587

clang/include/clang/AST/Redeclarable.h

Show First 20 Lines • Show All 252 Lines • ▼ Show 20 Lines	public:
redecl_iterator() = default;		redecl_iterator() = default;
explicit redecl_iterator(decl_type *C) : Current(C), Starter(C) {}		explicit redecl_iterator(decl_type *C) : Current(C), Starter(C) {}

reference operator*() const { return Current; }		reference operator*() const { return Current; }
pointer operator->() const { return Current; }		pointer operator->() const { return Current; }

redecl_iterator& operator++() {		redecl_iterator& operator++() {
assert(Current && "Advancing while iterator has reached end");		assert(Current && "Advancing while iterator has reached end");
// Sanity check to avoid infinite loop on invalid redecl chain.		// Make sure we don't infinitely loop on an invalid redecl chain. This
		// should never happen.
		QuuxplusoneUnsubmitted Done Reply Inline Actions `// Make sure we don't infinite-loop on an invalid redecl chain. This should never happen.` Quuxplusone: `// Make sure we don't infinite-loop on an invalid redecl chain. This should never happen.`
		aaron.ballmanUnsubmitted Done Reply Inline Actions Alternatively, "Make sure we don't infinitely loop..." aaron.ballman: Alternatively, "Make sure we don't infinitely loop..."
		QuuxplusoneUnsubmitted Done Reply Inline Actions s/on on/on an/ Also, I think comments should always end with a period `.`, or is it the other way around? :) Quuxplusone: s/on on/on an/ Also, I think comments should always end with a period `.`, or is it the other…
if (Current->isFirstDecl()) {		if (Current->isFirstDecl()) {
if (PassedFirst) {		if (PassedFirst) {
assert(0 && "Passed first decl twice, invalid redecl chain!");		assert(0 && "Passed first decl twice, invalid redecl chain!");
Current = nullptr;		Current = nullptr;
return *this;		return *this;
}		}
PassedFirst = true;		PassedFirst = true;
}		}
▲ Show 20 Lines • Show All 159 Lines • Show Last 20 Lines

clang/include/clang/Analysis/CFG.h

Show First 20 Lines • Show All 509 Lines • ▼ Show 20 Lines	enum Kind {
/// terminator statement is the same statement that branches control flow		/// terminator statement is the same statement that branches control flow
/// in evaluation of matching full expression.		/// in evaluation of matching full expression.
TemporaryDtorsBranch,		TemporaryDtorsBranch,
/// A shortcut around virtual base initializers. It gets taken when		/// A shortcut around virtual base initializers. It gets taken when
/// virtual base classes have already been initialized by the constructor		/// virtual base classes have already been initialized by the constructor
/// of the most derived class while we're in the base class.		/// of the most derived class while we're in the base class.
VirtualBaseBranch,		VirtualBaseBranch,

/// Number of different kinds, for sanity checks. We subtract 1 so that		/// Number of different kinds, for validity checks. We subtract 1 so that
/// to keep receiving compiler warnings when we don't cover all enum values		/// to keep receiving compiler warnings when we don't cover all enum values
/// in a switch.		/// in a switch.
		rjmccallUnsubmitted Not Done Reply Inline Actions Proper translation here is probably "assertions". A "validity check" sounds like a semantic restriction on the source language. rjmccall: Proper translation here is probably "assertions". A "validity check" sounds like a semantic…
		ZarkoCAAuthorUnsubmitted Done Reply Inline Actions Changed to: /// Number of different kinds, for assertions. We subtract 1 so that /// to keep receiving compiler warnings when we don't cover all enum values /// in a switch ZarkoCA: Changed to: ``` /// Number of different kinds, for assertions. We subtract 1 so…
NumKindsMinusOne = VirtualBaseBranch		NumKindsMinusOne = VirtualBaseBranch
};		};

private:		private:
static constexpr int KindBits = 2;		static constexpr int KindBits = 2;
static_assert((1 << KindBits) > NumKindsMinusOne,		static_assert((1 << KindBits) > NumKindsMinusOne,
"Not enough room for kind!");		"Not enough room for kind!");
llvm::PointerIntPair<Stmt *, KindBits> Data;		llvm::PointerIntPair<Stmt *, KindBits> Data;
▲ Show 20 Lines • Show All 1,071 Lines • Show Last 20 Lines

clang/include/clang/CodeGen/CGFunctionInfo.h

Show First 20 Lines • Show All 244 Lines • ▼ Show 20 Lines	public:
}		}

/// \param unpaddedCoerceToType The coerce-to type with padding elements		/// \param unpaddedCoerceToType The coerce-to type with padding elements
/// removed, canonicalized to a single element if it would otherwise		/// removed, canonicalized to a single element if it would otherwise
/// have exactly one element.		/// have exactly one element.
static ABIArgInfo getCoerceAndExpand(llvm::StructType *coerceToType,		static ABIArgInfo getCoerceAndExpand(llvm::StructType *coerceToType,
llvm::Type *unpaddedCoerceToType) {		llvm::Type *unpaddedCoerceToType) {
#ifndef NDEBUG		#ifndef NDEBUG
// Sanity checks on unpaddedCoerceToType.		// Check that unpaddedCoerceToType has roughly the right shape.
		QuuxplusoneUnsubmitted Done Reply Inline Actions This still feels like a misuse of "validation." I'd say something like `// Check that unpaddedCoerceToType has roughly the right shape.` To me, "validation" suggests the phrase "passes validations," which is like a Quality Assurance thing, and means "we did a lot of tests and couldn't break it, it's definitely valid," which is the exact opposite of the rough-cut quick-and-dirty smoke-test we mean when we say "sanity check." After we have validated an input, the postcondition should be that the input is valid. That's not what's happening in any of these cases. These sanity-checks are just rejecting specific easy-to-detect invalid cases. They're not digging deep to actually validate the input. They're just sanity-checking it. Quuxplusone: This still feels like a misuse of "validation." I'd say something like `// Check that…

// Assert that we only have a struct type if there are multiple elements.		// Assert that we only have a struct type if there are multiple elements.
auto unpaddedStruct = dyn_cast<llvm::StructType>(unpaddedCoerceToType);		auto unpaddedStruct = dyn_cast<llvm::StructType>(unpaddedCoerceToType);
assert(!unpaddedStruct \|\| unpaddedStruct->getNumElements() != 1);		assert(!unpaddedStruct \|\| unpaddedStruct->getNumElements() != 1);

// Assert that all the non-padding elements have a corresponding element		// Assert that all the non-padding elements have a corresponding element
// in the unpadded type.		// in the unpadded type.
unsigned unpaddedIndex = 0;		unsigned unpaddedIndex = 0;
▲ Show 20 Lines • Show All 529 Lines • Show Last 20 Lines

clang/include/clang/Sema/Lookup.h

Show First 20 Lines • Show All 313 Lines • ▼ Show 20 Lines	bool isOverloadedResult() const {
return getResultKind() == FoundOverloaded;		return getResultKind() == FoundOverloaded;
}		}

bool isUnresolvableResult() const {		bool isUnresolvableResult() const {
return getResultKind() == FoundUnresolvedValue;		return getResultKind() == FoundUnresolvedValue;
}		}

LookupResultKind getResultKind() const {		LookupResultKind getResultKind() const {
assert(sanity());		assert(checkDebugAssumptions());
return ResultKind;		return ResultKind;
}		}

AmbiguityKind getAmbiguityKind() const {		AmbiguityKind getAmbiguityKind() const {
assert(isAmbiguous());		assert(isAmbiguous());
return Ambiguity;		return Ambiguity;
}		}

▲ Show 20 Lines • Show All 369 Lines • ▼ Show 20 Lines	private:

void setAmbiguous(AmbiguityKind AK) {		void setAmbiguous(AmbiguityKind AK) {
ResultKind = Ambiguous;		ResultKind = Ambiguous;
Ambiguity = AK;		Ambiguity = AK;
}		}

void addDeclsFromBasePaths(const CXXBasePaths &P);		void addDeclsFromBasePaths(const CXXBasePaths &P);
void configure();		void configure();

// Sanity checks.		bool checkDebugAssumptions() const;
		QuuxplusoneUnsubmitted Done Reply Inline Actions The original comment strikes me as pretty useless, except that it's kind of obliquely explaining the meaning of the ungrammatical `bool sanity() const`. It could have been fixed better, pre-PC, by just removing the comment and changing the function to `bool isSane() const`. I have no particular suggestion for this one, other than "you'll have to look at how it's used" and/or "just leave the comment alone, until you're ready to rename the actual identifiers too" and/or "just delete the comment because it's useless." Quuxplusone: The original comment strikes me as pretty useless, except that it's kind of obliquely…
		QuuxplusoneUnsubmitted Done Reply Inline Actions The new version has the problem that `check()` is really vague, which again means that in order to explain what it does, you have to use the term "sanity-check". ;) Perhaps change the identifier to `checkAssumptions()` or even `checkDebugAssumptions()`? (Pre-existing problem: the name of the function still doesn't describe what it does, because it doesn't check or assert anything; it simply returns true or false, and it's up to the caller to `assert` on the return value. But `conformsToAssumptions()` is a silly name.) Quuxplusone: The new version has the problem that `check()` is really vague, which again means that in order…
bool sanity() const;

bool sanityCheckUnresolved() const {		bool checkUnresolved() const {
for (iterator I = begin(), E = end(); I != E; ++I)		for (iterator I = begin(), E = end(); I != E; ++I)
if (isa<UnresolvedUsingValueDecl>((*I)->getUnderlyingDecl()))		if (isa<UnresolvedUsingValueDecl>((*I)->getUnderlyingDecl()))
return true;		return true;
return false;		return false;
}		}

static void deletePaths(CXXBasePaths *);		static void deletePaths(CXXBasePaths *);

▲ Show 20 Lines • Show All 107 Lines • Show Last 20 Lines

clang/lib/Analysis/BodyFarm.cpp

Show First 20 Lines • Show All 784 Lines • ▼ Show 20 Lines	for (const auto *I : ImplDecl->property_impls()) {

if (I->getGetterCXXConstructor()) {		if (I->getGetterCXXConstructor()) {
ASTMaker M(Ctx);		ASTMaker M(Ctx);
return M.makeReturn(I->getGetterCXXConstructor());		return M.makeReturn(I->getGetterCXXConstructor());
}		}
}		}
}		}

// Sanity check that the property is the same type as the ivar, or a		// We expect that the property is the same type as the ivar, or a reference to
// reference to it, and that it is either an object pointer or trivially		// it, and that it is either an object pointer or trivially copyable.
// copyable.
if (!Ctx.hasSameUnqualifiedType(IVar->getType(),		if (!Ctx.hasSameUnqualifiedType(IVar->getType(),
		QuuxplusoneUnsubmitted Done Reply Inline Actions `// We expect that the property is...` although again it's not clear to me why this isn't an assertion. Quuxplusone: `// We expect that the property is...` although again it's not clear to me why this isn't an…
Prop->getType().getNonReferenceType()))		Prop->getType().getNonReferenceType()))
return nullptr;		return nullptr;
if (!IVar->getType()->isObjCLifetimeType() &&		if (!IVar->getType()->isObjCLifetimeType() &&
!IVar->getType().isTriviallyCopyableType(Ctx))		!IVar->getType().isTriviallyCopyableType(Ctx))
return nullptr;		return nullptr;

// Generate our body:		// Generate our body:
// return self->_ivar;		// return self->_ivar;
▲ Show 20 Lines • Show All 59 Lines • Show Last 20 Lines

clang/lib/Analysis/RetainSummaryManager.cpp

	Show First 20 Lines • Show All 785 Lines • ▼ Show 20 Lines

	const RetainSummary *			const RetainSummary *
	RetainSummaryManager::getUnarySummary(const FunctionType* FT,			RetainSummaryManager::getUnarySummary(const FunctionType* FT,
	ArgEffectKind AE) {			ArgEffectKind AE) {

	// Unary functions have no arg effects by definition.			// Unary functions have no arg effects by definition.
	ArgEffects ScratchArgs(AF.getEmptyMap());			ArgEffects ScratchArgs(AF.getEmptyMap());

	// Sanity check that this is really a unary function. This can			// Verify that this is really a unary function. This can
	// happen if people do weird things.			// happen if people do weird things.
	const FunctionProtoType* FTP = dyn_cast<FunctionProtoType>(FT);			const FunctionProtoType* FTP = dyn_cast<FunctionProtoType>(FT);
	if (!FTP \|\| FTP->getNumParams() != 1)			if (!FTP \|\| FTP->getNumParams() != 1)
	return getPersistentStopSummary();			return getPersistentStopSummary();

	ArgEffect Effect(AE, ObjKind::CF);			ArgEffect Effect(AE, ObjKind::CF);

	ScratchArgs = AF.add(ScratchArgs, 0, Effect);			ScratchArgs = AF.add(ScratchArgs, 0, Effect);
	▲ Show 20 Lines • Show All 494 Lines • Show Last 20 Lines

clang/lib/Basic/DiagnosticIDs.cpp

Show First 20 Lines • Show All 686 Lines • ▼ Show 20 Lines	void DiagnosticIDs::getAllDiagnostics(diag::Flavor Flavor,
for (unsigned i = 0; i != StaticDiagInfoSize; ++i)		for (unsigned i = 0; i != StaticDiagInfoSize; ++i)
if (StaticDiagInfo[i].getFlavor() == Flavor)		if (StaticDiagInfo[i].getFlavor() == Flavor)
Diags.push_back(StaticDiagInfo[i].DiagID);		Diags.push_back(StaticDiagInfo[i].DiagID);
}		}

StringRef DiagnosticIDs::getNearestOption(diag::Flavor Flavor,		StringRef DiagnosticIDs::getNearestOption(diag::Flavor Flavor,
StringRef Group) {		StringRef Group) {
StringRef Best;		StringRef Best;
unsigned BestDistance = Group.size() + 1; // Sanity threshold.		unsigned BestDistance = Group.size() + 1; // Maximum threshold.
		QuuxplusoneUnsubmitted Done Reply Inline Actions `Minimum`, and also, I think it's a maximum? :P Quuxplusone: `Minimum`, and also, I think it's a maximum? :P
for (const WarningOption &O : OptionTable) {		for (const WarningOption &O : OptionTable) {
// Don't suggest ignored warning flags.		// Don't suggest ignored warning flags.
if (!O.Members && !O.SubGroups)		if (!O.Members && !O.SubGroups)
continue;		continue;

unsigned Distance = O.getName().edit_distance(Group, true, BestDistance);		unsigned Distance = O.getName().edit_distance(Group, true, BestDistance);
if (Distance > BestDistance)		if (Distance > BestDistance)
continue;		continue;
▲ Show 20 Lines • Show All 141 Lines • Show Last 20 Lines

clang/lib/Basic/SourceManager.cpp

Show First 20 Lines • Show All 52 Lines • ▼ Show 20 Lines
/// getSizeBytesMapped - Returns the number of bytes actually mapped for this		/// getSizeBytesMapped - Returns the number of bytes actually mapped for this
/// ContentCache. This can be 0 if the MemBuffer was not actually expanded.		/// ContentCache. This can be 0 if the MemBuffer was not actually expanded.
unsigned ContentCache::getSizeBytesMapped() const {		unsigned ContentCache::getSizeBytesMapped() const {
return Buffer ? Buffer->getBufferSize() : 0;		return Buffer ? Buffer->getBufferSize() : 0;
}		}

/// Returns the kind of memory used to back the memory buffer for		/// Returns the kind of memory used to back the memory buffer for
/// this content cache. This is used for performance analysis.		/// this content cache. This is used for performance analysis.
llvm::MemoryBuffer::BufferKind ContentCache::getMemoryBufferKind() const {		llvm::MemoryBuffer::BufferKind ContentCache::getMemoryBufferKind() const {
assert(Buffer);		if (Buffer == nullptr) {
		assert(0 && "Buffer should never be null");
// Should be unreachable, but keep for sanity.
if (!Buffer)
return llvm::MemoryBuffer::MemoryBuffer_Malloc;		return llvm::MemoryBuffer::MemoryBuffer_Malloc;
		}
return Buffer->getBufferKind();		return Buffer->getBufferKind();
}		}
		QuuxplusoneUnsubmitted Done Reply Inline Actions This code seems silly to me. I would just delete these lines; or else how about llvm::MemoryBuffer::BufferKind ContentCache::getMemoryBufferKind() const { if (Buffer == nullptr) { assert(0 && "Buffer should never be null"); return llvm::MemoryBuffer::MemoryBuffer_Malloc; } return Buffer->getBufferKind(); } Quuxplusone: This code seems silly to me. I would just delete these lines; or else how about ``` llvm…

/// getSize - Returns the size of the content encapsulated by this ContentCache.		/// getSize - Returns the size of the content encapsulated by this ContentCache.
/// This can be the size of the source file or the size of an arbitrary		/// This can be the size of the source file or the size of an arbitrary
/// scratch buffer. If the ContentCache encapsulates a source file, that		/// scratch buffer. If the ContentCache encapsulates a source file, that
/// file is not lazily brought in from disk to satisfy this query.		/// file is not lazily brought in from disk to satisfy this query.
unsigned ContentCache::getSize() const {		unsigned ContentCache::getSize() const {
return Buffer ? (unsigned)Buffer->getBufferSize()		return Buffer ? (unsigned)Buffer->getBufferSize()
: (unsigned)ContentsEntry->getSize();		: (unsigned)ContentsEntry->getSize();
▲ Show 20 Lines • Show All 780 Lines • ▼ Show 20 Lines	while (true) {
LessIndex = MiddleIndex;		LessIndex = MiddleIndex;
}		}
}		}

/// Return the FileID for a SourceLocation with a high offset.		/// Return the FileID for a SourceLocation with a high offset.
///		///
/// This function knows that the SourceLocation is in a loaded buffer, not a		/// This function knows that the SourceLocation is in a loaded buffer, not a
/// local one.		/// local one.
FileID SourceManager::getFileIDLoaded(SourceLocation::UIntTy SLocOffset) const {		FileID SourceManager::getFileIDLoaded(SourceLocation::UIntTy SLocOffset) const {
// Sanity checking, otherwise a bug may lead to hanging in release build.
if (SLocOffset < CurrentLoadedOffset) {		if (SLocOffset < CurrentLoadedOffset) {
		QuuxplusoneUnsubmitted Done Reply Inline Actions Throughout this file, I'd just delete these comments. This isn't the use of "sanity-checking" I'm familiar with, btw. This is what I would call "defensive programming," where we believe a codepath is unreachable but we leave it in the codebase anyway "just in case." I think the fact that the codepath starts with `assert(0 && "reason")` is sufficient to mark it as a defensive codepath, and it doesn't need any comment about why it's "sane" and/or "required". The codepath on line 64 is the same deal. Validation: Ensure that the state is good. (Can generally be done only to user inputs. Once pointers are in the mix, "validation" of an intermediate state quickly becomes Halting-Problem-hard.) Sanity-checking/smoke-testing: Quickly reject some states that are obviously bad. (Assert-fail when "this should never be happening.") Defensive programming: Do something sensible even when in a bad state. ("This should never be happening," but describe what to do instead of asserting, anyway.) "For sanity": This data field should never be read ever again, but just in case it is, put something sensible into it. ("That should never happen.") Quuxplusone: Throughout this file, I'd just delete these comments. This isn't the use of "sanity-checking"…
assert(0 && "Invalid SLocOffset or bad function choice");		assert(0 && "Invalid SLocOffset or bad function choice");
return FileID();		return FileID();
}		}

// Essentially the same as the local case, but the loaded array is sorted		// Essentially the same as the local case, but the loaded array is sorted
// in the other direction.		// in the other direction.

// First do a linear scan from the last lookup position, if possible.		// First do a linear scan from the last lookup position, if possible.
Show All 27 Lines	while (true) {
unsigned MiddleIndex = (LessIndex - GreaterIndex) / 2 + GreaterIndex;		unsigned MiddleIndex = (LessIndex - GreaterIndex) / 2 + GreaterIndex;
const SrcMgr::SLocEntry &E = getLoadedSLocEntry(MiddleIndex);		const SrcMgr::SLocEntry &E = getLoadedSLocEntry(MiddleIndex);
if (E.getOffset() == 0)		if (E.getOffset() == 0)
return FileID(); // invalid entry.		return FileID(); // invalid entry.

++NumProbes;		++NumProbes;

if (E.getOffset() > SLocOffset) {		if (E.getOffset() > SLocOffset) {
// Sanity checking, otherwise a bug may lead to hanging in release build.
if (GreaterIndex == MiddleIndex) {		if (GreaterIndex == MiddleIndex) {
assert(0 && "binary search missed the entry");		assert(0 && "binary search missed the entry");
return FileID();		return FileID();
}		}
GreaterIndex = MiddleIndex;		GreaterIndex = MiddleIndex;
continue;		continue;
}		}

if (isOffsetInFileID(FileID::get(-int(MiddleIndex) - 2), SLocOffset)) {		if (isOffsetInFileID(FileID::get(-int(MiddleIndex) - 2), SLocOffset)) {
FileID Res = FileID::get(-int(MiddleIndex) - 2);		FileID Res = FileID::get(-int(MiddleIndex) - 2);
LastFileIDLookup = Res;		LastFileIDLookup = Res;
NumBinaryProbes += NumProbes;		NumBinaryProbes += NumProbes;
return Res;		return Res;
}		}

// Sanity checking, otherwise a bug may lead to hanging in release build.
if (LessIndex == MiddleIndex) {		if (LessIndex == MiddleIndex) {
assert(0 && "binary search missed the entry");		assert(0 && "binary search missed the entry");
return FileID();		return FileID();
}		}
LessIndex = MiddleIndex;		LessIndex = MiddleIndex;
}		}
}		}

▲ Show 20 Lines • Show All 1,336 Lines • Show Last 20 Lines

clang/lib/Driver/ToolChains/Clang.cpp

This file is larger than 256 KB, so syntax highlighting is disabled by default.

Show First 20 Lines • Show All 4,296 Lines • ▼ Show 20 Lines	void Clang::ConstructJob(Compilation &C, const JobAction &JA,
const llvm::Triple &RawTriple = TC.getTriple();		const llvm::Triple &RawTriple = TC.getTriple();
const llvm::Triple &Triple = TC.getEffectiveTriple();		const llvm::Triple &Triple = TC.getEffectiveTriple();
const std::string &TripleStr = Triple.getTriple();		const std::string &TripleStr = Triple.getTriple();

bool KernelOrKext =		bool KernelOrKext =
Args.hasArg(options::OPT_mkernel, options::OPT_fapple_kext);		Args.hasArg(options::OPT_mkernel, options::OPT_fapple_kext);
const Driver &D = TC.getDriver();		const Driver &D = TC.getDriver();
ArgStringList CmdArgs;		ArgStringList CmdArgs;

// Check number of inputs for sanity. We need at least one input.
assert(Inputs.size() >= 1 && "Must have at least one input.");		assert(Inputs.size() >= 1 && "Must have at least one input.");
		QuuxplusoneUnsubmitted Done Reply Inline Actions This comment can just be eliminated. Quuxplusone: This comment can just be eliminated.
// CUDA/HIP compilation may have multiple inputs (source file + results of		// CUDA/HIP compilation may have multiple inputs (source file + results of
// device-side compilations). OpenMP device jobs also take the host IR as a		// device-side compilations). OpenMP device jobs also take the host IR as a
// second input. Module precompilation accepts a list of header files to		// second input. Module precompilation accepts a list of header files to
// include as part of the module. All other jobs are expected to have exactly		// include as part of the module. All other jobs are expected to have exactly
// one input.		// one input.
bool IsCuda = JA.isOffloading(Action::OFK_Cuda);		bool IsCuda = JA.isOffloading(Action::OFK_Cuda);
bool IsCudaDevice = JA.isDeviceOffloading(Action::OFK_Cuda);		bool IsCudaDevice = JA.isDeviceOffloading(Action::OFK_Cuda);
bool IsHIP = JA.isOffloading(Action::OFK_HIP);		bool IsHIP = JA.isOffloading(Action::OFK_HIP);
▲ Show 20 Lines • Show All 3,690 Lines • Show Last 20 Lines

clang/lib/Format/Format.cpp

Show First 20 Lines • Show All 2,573 Lines • ▼ Show 20 Lines	tooling::Replacements sortCppIncludes(const FormatStyle &Style, StringRef Code,
SmallVector<StringRef, 4> Matches;		SmallVector<StringRef, 4> Matches;
SmallVector<IncludeDirective, 16> IncludesInBlock;		SmallVector<IncludeDirective, 16> IncludesInBlock;

// In compiled files, consider the first #include to be the main #include of		// In compiled files, consider the first #include to be the main #include of
// the file if it is not a system #include. This ensures that the header		// the file if it is not a system #include. This ensures that the header
// doesn't have hidden dependencies		// doesn't have hidden dependencies
// (http://llvm.org/docs/CodingStandards.html#include-style).		// (http://llvm.org/docs/CodingStandards.html#include-style).
//		//
// FIXME: Do some sanity checking, e.g. edit distance of the base name, to fix		// FIXME: Do some validation, e.g. edit distance of the base name, to fix
// cases where the first #include is unlikely to be the main header.		// cases where the first #include is unlikely to be the main header.
tooling::IncludeCategoryManager Categories(Style.IncludeStyle, FileName);		tooling::IncludeCategoryManager Categories(Style.IncludeStyle, FileName);
bool FirstIncludeBlock = true;		bool FirstIncludeBlock = true;
bool MainIncludeFound = false;		bool MainIncludeFound = false;
bool FormattingOff = false;		bool FormattingOff = false;

for (;;) {		for (;;) {
auto Pos = Code.find('\n', SearchFrom);		auto Pos = Code.find('\n', SearchFrom);
▲ Show 20 Lines • Show All 780 Lines • Show Last 20 Lines

clang/lib/Frontend/FrontendActions.cpp

Show First 20 Lines • Show All 836 Lines • ▼ Show 20 Lines	if (llvm::Triple(LLVM_HOST_TRIPLE).isOSWindows()) {
const SourceManager &SM = CI.getSourceManager();		const SourceManager &SM = CI.getSourceManager();
if (llvm::Optional<llvm::MemoryBufferRef> Buffer =		if (llvm::Optional<llvm::MemoryBufferRef> Buffer =
SM.getBufferOrNone(SM.getMainFileID())) {		SM.getBufferOrNone(SM.getMainFileID())) {
const char *cur = Buffer->getBufferStart();		const char *cur = Buffer->getBufferStart();
const char *end = Buffer->getBufferEnd();		const char *end = Buffer->getBufferEnd();
const char *next = (cur != end) ? cur + 1 : end;		const char *next = (cur != end) ? cur + 1 : end;

// Limit ourselves to only scanning 256 characters into the source		// Limit ourselves to only scanning 256 characters into the source
// file. This is mostly a sanity check in case the file has no		// file. This is mostly a check in case the file has no
// newlines whatsoever.		// newlines whatsoever.
if (end - cur > 256)		if (end - cur > 256)
end = cur + 256;		end = cur + 256;

while (next < end) {		while (next < end) {
if (*cur == 0x0D) { // CR		if (*cur == 0x0D) { // CR
if (*next == 0x0A) // CRLF		if (*next == 0x0A) // CRLF
BinaryMode = false;		BinaryMode = false;
▲ Show 20 Lines • Show All 156 Lines • Show Last 20 Lines

clang/lib/Sema/SemaChecking.cpp

This file is larger than 256 KB, so syntax highlighting is disabled by default.

Show First 20 Lines • Show All 5,526 Lines • ▼ Show 20 Lines

if (ValType.isConstQualified()) {

Diag(ExprRange.getBegin(), diag::err_atomic_op_needs_non_const_pointer)

<< Ptr->getType() << Ptr->getSourceRange();

return ExprError();

}

// For an arithmetic operation, the implied arithmetic must be well-formed.

if (Form == Arithmetic) {

// gcc does not enforce these rules for GNU atomics, but we do so for

// GCC does not enforce these rules for GNU atomics, but we do, because if

// sanity.

// we didn't it would be very confusing. FIXME: For whom? How so?

QuuxplusoneUnsubmitted

Done

This is the "for sanity" idiom; it has nothing to do with validation or even smoke-testing. This comment translates to something like

// GCC does not enforce these rules for GNU atomics, but we do,
// because if we didn't, it would be very confusing. [For whom? How so?]

Ditto line 5577.

Quuxplusone: This is the "for sanity" idiom; it has nothing to do with validation or even smoke-testing.

aaron.ballmanUnsubmitted

Done

// GCC does not enforce these rules for GNU atomics, but we do, because if

- // we didn't it would be very confusing [For whom? How so?]

+ // we didn't it would be very confusing. FIXME: For whom? How so?

auto IsAllowedValueType = [&](QualType ValType) {

aaron.ballman:

rjmccallUnsubmitted

Not Done

Perhaps "but we do to help catch trivial type errors."

rjmccall: Perhaps "but we do to help catch trivial type errors."

ZarkoCAAuthorUnsubmitted

Done

Changed to:

// GCC does not enforce these rules for GNU atomics, but we do to help catch
// trivial type errors.

ZarkoCA: Changed to: ``` // GCC does not enforce these rules for GNU atomics, but we do to help…

gandhi21299Unsubmitted

Not Done

Is this change really necessary? It is a confusing comment and probably not too helpful for the developers.

gandhi21299: Is this change really necessary? It is a confusing comment and probably not too helpful for the…

auto IsAllowedValueType = [&](QualType ValType) {

if (ValType->isIntegerType())

return true;

if (ValType->isPointerType())

return true;

if (!ValType->isFloatingType())

return false;

// LLVM Parser does not allow atomicrmw with x86_fp80 type.

Show All 24 Lines

if (Form == Arithmetic) {

Diag(ExprRange.getBegin(), diag::err_atomic_op_needs_atomic_int_or_ptr)

<< IsC11 << Ptr->getType() << Ptr->getSourceRange();

return ExprError();

}

if (!IsC11 && !AtomTy.isTriviallyCopyableType(Context) &&

!AtomTy->isScalarType()) {

// For GNU atomics, require a trivially-copyable type. This is not part of

// the GNU atomics specification, but we enforce it for sanity.

// the GNU atomics specification, but we enforce it, because if we didn't it

// would be very confusing. FIXME: For whom? How so?

aaron.ballmanUnsubmitted

Done

// the GNU atomics specification, but we enforce it, because if we didn't it

- // would be very confusing [For whom? How so?]

+ // would be very confusing. FIXME: For whom? How so?

Diag(ExprRange.getBegin(), diag::err_atomic_op_needs_trivial_copy)

aaron.ballman:

rjmccallUnsubmitted

Not Done

We enforce this for consistency with other atomics, which generally all require a trivially-copyable type because atomics just copy bits.

rjmccall: We enforce this for consistency with other atomics, which generally all require a trivially…

ZarkoCAAuthorUnsubmitted

Done

Changed to:

// For GNU atomics, require a trivially-copyable type. This is not part of
// the GNU atomics specification but we enforce it for consistency with
// other atomics which generally all require a trivially-copyable type. This
// is because atomics just copy bits.

ZarkoCA: Changed to: ``` // For GNU atomics, require a trivially-copyable type. This is not part of…

Diag(ExprRange.getBegin(), diag::err_atomic_op_needs_trivial_copy)

<< Ptr->getType() << Ptr->getSourceRange();

return ExprError();

}

switch (ValType.getObjCLifetime()) {

case Qualifiers::OCL_None:

case Qualifiers::OCL_ExplicitNone:

▲ Show 20 Lines • Show All 11,468 Lines • Show Last 20 Lines

clang/lib/Sema/SemaDecl.cpp

This file is larger than 256 KB, so syntax highlighting is disabled by default.

Show First 20 Lines • Show All 12,615 Lines • ▼ Show 20 Lines	void Sema::AddInitializerToDecl(Decl RealDecl, Expr Init, bool DirectInit) {
if (LangOpts.OpenMP &&		if (LangOpts.OpenMP &&
(LangOpts.OpenMPIsDevice \|\| !LangOpts.OMPTargetTriples.empty()) &&		(LangOpts.OpenMPIsDevice \|\| !LangOpts.OMPTargetTriples.empty()) &&
VDecl->isFileVarDecl())		VDecl->isFileVarDecl())
DeclsToCheckForDeferredDiags.insert(VDecl);		DeclsToCheckForDeferredDiags.insert(VDecl);
CheckCompleteVariableDeclaration(VDecl);		CheckCompleteVariableDeclaration(VDecl);
}		}

/// ActOnInitializerError - Given that there was an error parsing an		/// ActOnInitializerError - Given that there was an error parsing an
/// initializer for the given declaration, try to return to some form		/// initializer for the given declaration, try to at least re-establish
/// of sanity.		/// invariants such as whether a variable's type is either dependent or
		/// complete.
		QuuxplusoneUnsubmitted Done Reply Inline Actions I suggest that lines 12627-12628 should be moved up here and combined with this comment in some way. We have the power to be much less vague here about the precise form of sanity we're attempting to restore. Quuxplusone: I suggest that lines 12627-12628 should be moved up here and combined with this comment in some…
void Sema::ActOnInitializerError(Decl *D) {		void Sema::ActOnInitializerError(Decl *D) {
// Our main concern here is re-establishing invariants like "a		// Our main concern here is re-establishing invariants like "a
// variable's type is either dependent or complete".		// variable's type is either dependent or complete".
if (!D \|\| D->isInvalidDecl()) return;		if (!D \|\| D->isInvalidDecl()) return;

VarDecl *VD = dyn_cast<VarDecl>(D);		VarDecl *VD = dyn_cast<VarDecl>(D);
if (!VD) return;		if (!VD) return;

▲ Show 20 Lines • Show All 3,358 Lines • ▼ Show 20 Lines	if (Previous.empty() && SkipBody && SkipBody->Previous)
Previous.addDecl(SkipBody->Previous);		Previous.addDecl(SkipBody->Previous);

if (!Previous.empty()) {		if (!Previous.empty()) {
NamedDecl *PrevDecl = Previous.getFoundDecl();		NamedDecl *PrevDecl = Previous.getFoundDecl();
NamedDecl *DirectPrevDecl = Previous.getRepresentativeDecl();		NamedDecl *DirectPrevDecl = Previous.getRepresentativeDecl();

// It's okay to have a tag decl in the same scope as a typedef		// It's okay to have a tag decl in the same scope as a typedef
// which hides a tag decl in the same scope. Finding this		// which hides a tag decl in the same scope. Finding this
// insanity with a redeclaration lookup can only actually happen		// with a redeclaration lookup can only actually happen in C++.
// in C++.
//		//
// This is also okay for elaborated-type-specifiers, which is		// This is also okay for elaborated-type-specifiers, which is
// technically forbidden by the current standard but which is		// technically forbidden by the current standard but which is
// okay according to the likely resolution of an open issue;		// okay according to the likely resolution of an open issue;
// see http://www.open-std.org/jtc1/sc22/wg21/docs/cwg_active.html#407		// see http://www.open-std.org/jtc1/sc22/wg21/docs/cwg_active.html#407
if (getLangOpts().CPlusPlus) {		if (getLangOpts().CPlusPlus) {
if (TypedefNameDecl *TD = dyn_cast<TypedefNameDecl>(PrevDecl)) {		if (TypedefNameDecl *TD = dyn_cast<TypedefNameDecl>(PrevDecl)) {
if (const TagType *TT = TD->getUnderlyingType()->getAs<TagType>()) {		if (const TagType *TT = TD->getUnderlyingType()->getAs<TagType>()) {
▲ Show 20 Lines • Show All 2,657 Lines • Show Last 20 Lines

clang/lib/Sema/SemaDeclCXX.cpp

This file is larger than 256 KB, so syntax highlighting is disabled by default.

Show First 20 Lines • Show All 9,166 Lines • ▼ Show 20 Lines	if (!inUnion() && FieldRecord->isUnion() &&
if (Diagnose)		if (Diagnose)
S.Diag(FieldRecord->getLocation(),		S.Diag(FieldRecord->getLocation(),
diag::note_deleted_default_ctor_all_const)		diag::note_deleted_default_ctor_all_const)
<< !!ICI << MD->getParent() << /anonymous union/1;		<< !!ICI << MD->getParent() << /anonymous union/1;
return true;		return true;
}		}

// Don't check the implicit member of the anonymous union type.		// Don't check the implicit member of the anonymous union type.
// This is technically non-conformant, but sanity demands it.		// This is technically non-conformant but supported, and we have a
		// diagnostic for this elsewhere.
		QuuxplusoneUnsubmitted Not Done Reply Inline Actions This comment seems incorrectly translated. Quuxplusone: This comment seems incorrectly translated.
		QuuxplusoneUnsubmitted Not Done Reply Inline Actions This comment still seems incorrectly translated. Things we do "for sanity's sake" aren't necessarily required, technically; but we're doing them anyway, for sanity. Quuxplusone: This comment //still// seems incorrectly translated. Things we do "for sanity's sake" aren't…
		QuuxplusoneUnsubmitted Not Done Reply Inline Actions "Don't check ... but check it anyway"? Quuxplusone: "Don't check ... but check it anyway"?
		ZarkoCAAuthorUnsubmitted Done Reply Inline Actions Right, that didn't make sense :). I noticed that there were warnings for this case in SemaDecl.cpp AFAIU so edited the comment to state that. Should be better now? ZarkoCA: Right, that didn't make sense :). I noticed that there were warnings for this case in SemaDecl.
		QuuxplusoneUnsubmitted Not Done Reply Inline Actions Well, this version of the comment now gives the impression that it must be clear to someone. ;) I don't understand its implications, but I also don't know the code. Specifically, I don't know what "This" refers to (grammatically) — "Anonymous union types aren't conforming, but we support them anyway, and this is the right thing to do with them"? "Our behavior in this case isn't conforming, but it wouldn't make sense to do the conforming thing [wat]"? or something else? More fundamentally to my confusion (but not to that hypothetical other someone), I don't know what "the implicit member of the anonymous union type" actually means (in terms of the arcane details of C++), i.e., I personally don't know when this codepath is hit or what its effect is when it does get hit. Quuxplusone: Well, this version of the comment now gives the //impression// that it must be clear to…
		rjmccallUnsubmitted Not Done Reply Inline Actions @rsmith probably has a better idea. I think it's saying that we shouldn't fall down into the generic path for the implicit field created for an anonymous union, presumably because we do special-case checks on the members of the anonymous union just above this point. I guess this isn't explicitly sanctioned by the standard but is the only sensible approach. rjmccall: @rsmith probably has a better idea. I think it's saying that we shouldn't fall down into the…
return false;		return false;
}		}

if (shouldDeleteForClassSubobject(FieldRecord, FD,		if (shouldDeleteForClassSubobject(FieldRecord, FD,
FieldType.getCVRQualifiers()))		FieldType.getCVRQualifiers()))
return true;		return true;
}		}

▲ Show 20 Lines • Show All 3,067 Lines • ▼ Show 20 Lines	if (RequireCompleteDeclContext(SS, LookupContext))
return BuildInvalid();		return BuildInvalid();

// Look up the target name.		// Look up the target name.
LookupResult R(*this, NameInfo, LookupOrdinaryName);		LookupResult R(*this, NameInfo, LookupOrdinaryName);

// Unlike most lookups, we don't always want to hide tag		// Unlike most lookups, we don't always want to hide tag
// declarations: tag names are visible through the using declaration		// declarations: tag names are visible through the using declaration
// even if hidden by ordinary names, except in a dependent context		// even if hidden by ordinary names, except in a dependent context
// where it's important for the sanity of two-phase lookup.		// where they may be used by two-phase lookup.
		QuuxplusoneUnsubmitted Not Done Reply Inline Actions This comment seems incorrectly translated. Quuxplusone: This comment seems incorrectly translated.
		QuuxplusoneUnsubmitted Done Reply Inline Actions Perhaps just `// where they may be used by two-phase lookup.` (But this is now just a nit.) Quuxplusone: Perhaps just `// where they may be used by two-phase lookup.` (But this is now just a nit.)
		rjmccallUnsubmitted Not Done Reply Inline Actions This comment seems to be missing something — I think the previous comment was implying that the language rule really needs tags to be hidden when instantiating a `using` declaration. I don't know why that would be true, though; @rsmith might. rjmccall: This comment seems to be missing something — I think the previous comment was implying that the…
if (!IsInstantiation)		if (!IsInstantiation)
R.setHideTags(false);		R.setHideTags(false);

// For the purposes of this lookup, we have a base object type		// For the purposes of this lookup, we have a base object type
// equal to that of the current context.		// equal to that of the current context.
if (CurContext->isRecord()) {		if (CurContext->isRecord()) {
R.setBaseObjectType(		R.setBaseObjectType(
Context.getTypeDeclType(cast<CXXRecordDecl>(CurContext)));		Context.getTypeDeclType(cast<CXXRecordDecl>(CurContext)));
▲ Show 20 Lines • Show All 5,939 Lines • Show Last 20 Lines

clang/lib/Sema/SemaExpr.cpp

This file is larger than 256 KB, so syntax highlighting is disabled by default.

Show First 20 Lines • Show All 11,178 Lines • ▼ Show 20 Lines	if ((!LHSType->isFixedPointOrIntegerType() &&
!RHSType->hasIntegerRepresentation())		!RHSType->hasIntegerRepresentation())
return InvalidOperands(Loc, LHS, RHS);		return InvalidOperands(Loc, LHS, RHS);

// C++0x: Don't allow scoped enums. FIXME: Use something better than		// C++0x: Don't allow scoped enums. FIXME: Use something better than
// hasIntegerRepresentation() above instead of this.		// hasIntegerRepresentation() above instead of this.
if (isScopedEnumerationType(LHSType) \|\|		if (isScopedEnumerationType(LHSType) \|\|
isScopedEnumerationType(RHSType)) {		isScopedEnumerationType(RHSType)) {
return InvalidOperands(Loc, LHS, RHS);		return InvalidOperands(Loc, LHS, RHS);
}		}
// Sanity-check shift operands
DiagnoseBadShiftValues(*this, LHS, RHS, Loc, Opc, LHSType);		DiagnoseBadShiftValues(*this, LHS, RHS, Loc, Opc, LHSType);
		QuuxplusoneUnsubmitted Done Reply Inline Actions `// Reject obviously incorrect shift values.` or just eliminate the comment because it's redundant with line 11189 Quuxplusone: `// Reject obviously incorrect shift values.` or just eliminate the comment because it's…

// "The type of the result is that of the promoted left operand."		// "The type of the result is that of the promoted left operand."
return LHSType;		return LHSType;
}		}

/// Diagnose bad pointer comparisons.		/// Diagnose bad pointer comparisons.
static void diagnoseDistinctPointerComparison(Sema &S, SourceLocation Loc,		static void diagnoseDistinctPointerComparison(Sema &S, SourceLocation Loc,
ExprResult &LHS, ExprResult &RHS,		ExprResult &LHS, ExprResult &RHS,
▲ Show 20 Lines • Show All 8,719 Lines • Show Last 20 Lines

clang/lib/Sema/SemaExprCXX.cpp

This file is larger than 256 KB, so syntax highlighting is disabled by default.

Show First 20 Lines • Show All 1,501 Lines • ▼ Show 20 Lines	Sema::BuildCXXTypeConstructExpr(TypeSourceInfo *TInfo,
QualType ElemTy = Ty;		QualType ElemTy = Ty;
if (Ty->isArrayType()) {		if (Ty->isArrayType()) {
if (!ListInitialization)		if (!ListInitialization)
return ExprError(Diag(TyBeginLoc, diag::err_value_init_for_array_type)		return ExprError(Diag(TyBeginLoc, diag::err_value_init_for_array_type)
<< FullRange);		<< FullRange);
ElemTy = Context.getBaseElementType(Ty);		ElemTy = Context.getBaseElementType(Ty);
}		}

// There doesn't seem to be an explicit rule against this but sanity demands		// Only construct objects with object types.
// we only construct objects with object types.		// There doesn't seem to be an explicit rule for this but functions are
		// not objects, so they cannot take initializers.
if (Ty->isFunctionType())		if (Ty->isFunctionType())
		QuuxplusoneUnsubmitted Done Reply Inline Actions This comment is incorrectly translated. I'm not sure I understand what's going on on this codepath, but it seems like the right comment is just `// Functions aren't objects, so they can't take initializers.` The original commenter would have added, `The Standard doesn't seem to say this anywhere, but it makes sense, right?` However, I'm sure there must be at least an open issue about this, if it hasn't already been fixed; that second sentence would just bit-rot, so I wouldn't bother adding it. Quuxplusone: This comment is incorrectly translated. I'm not sure I understand what's going on on this…
		rjmccallUnsubmitted Not Done Reply Inline Actions I would prefer something like: The standard doesn't explicitly forbid function types here, but that's an obvious oversight, as there's no way to dynamically construct a function in general. rjmccall: I would prefer something like: > The standard doesn't explicitly forbid function types here…
		ZarkoCAAuthorUnsubmitted Done Reply Inline Actions Changed to: // The standard doesn't explicitly forbid function types here, but that's an // obvious oversight, as there's no way to dynamically construct a function // in general. ZarkoCA: Changed to: ``` // The standard doesn't explicitly forbid function types here, but that's an…
return ExprError(Diag(TyBeginLoc, diag::err_init_for_function_type)		return ExprError(Diag(TyBeginLoc, diag::err_init_for_function_type)
<< Ty << FullRange);		<< Ty << FullRange);

// C++17 [expr.type.conv]p2:		// C++17 [expr.type.conv]p2:
// If the type is cv void and the initializer is (), the expression is a		// If the type is cv void and the initializer is (), the expression is a
// prvalue of the specified type that performs no initialization.		// prvalue of the specified type that performs no initialization.
if (!Ty->isVoidType() &&		if (!Ty->isVoidType() &&
RequireCompleteType(TyBeginLoc, ElemTy,		RequireCompleteType(TyBeginLoc, ElemTy,
▲ Show 20 Lines • Show All 7,377 Lines • Show Last 20 Lines

clang/lib/Sema/SemaLookup.cpp

Show First 20 Lines • Show All 318 Lines • ▼ Show 20 Lines	void LookupResult::configure() {
if (IdentifierInfo *Id = NameInfo.getName().getAsIdentifierInfo()) {		if (IdentifierInfo *Id = NameInfo.getName().getAsIdentifierInfo()) {
if (unsigned BuiltinID = Id->getBuiltinID()) {		if (unsigned BuiltinID = Id->getBuiltinID()) {
if (!getSema().Context.BuiltinInfo.isPredefinedLibFunction(BuiltinID))		if (!getSema().Context.BuiltinInfo.isPredefinedLibFunction(BuiltinID))
AllowHidden = true;		AllowHidden = true;
}		}
}		}
}		}

bool LookupResult::sanity() const {		bool LookupResult::checkDebugAssumptions() const {
// This function is never called by NDEBUG builds.		// This function is never called by NDEBUG builds.
assert(ResultKind != NotFound \|\| Decls.size() == 0);		assert(ResultKind != NotFound \|\| Decls.size() == 0);
assert(ResultKind != Found \|\| Decls.size() == 1);		assert(ResultKind != Found \|\| Decls.size() == 1);
assert(ResultKind != FoundOverloaded \|\| Decls.size() > 1 \|\|		assert(ResultKind != FoundOverloaded \|\| Decls.size() > 1 \|\|
(Decls.size() == 1 &&		(Decls.size() == 1 &&
isa<FunctionTemplateDecl>((*begin())->getUnderlyingDecl())));		isa<FunctionTemplateDecl>((*begin())->getUnderlyingDecl())));
assert(ResultKind != FoundUnresolvedValue \|\| sanityCheckUnresolved());		assert(ResultKind != FoundUnresolvedValue \|\| checkUnresolved());
assert(ResultKind != Ambiguous \|\| Decls.size() > 1 \|\|		assert(ResultKind != Ambiguous \|\| Decls.size() > 1 \|\|
(Decls.size() == 1 && (Ambiguity == AmbiguousBaseSubobjects \|\|		(Decls.size() == 1 && (Ambiguity == AmbiguousBaseSubobjects \|\|
Ambiguity == AmbiguousBaseSubobjectTypes)));		Ambiguity == AmbiguousBaseSubobjectTypes)));
assert((Paths != nullptr) == (ResultKind == Ambiguous &&		assert((Paths != nullptr) == (ResultKind == Ambiguous &&
(Ambiguity == AmbiguousBaseSubobjectTypes \|\|		(Ambiguity == AmbiguousBaseSubobjectTypes \|\|
Ambiguity == AmbiguousBaseSubobjects)));		Ambiguity == AmbiguousBaseSubobjects)));
return true;		return true;
}		}
▲ Show 20 Lines • Show All 5,177 Lines • Show Last 20 Lines

clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp

Show First 20 Lines • Show All 1,511 Lines • ▼ Show 20 Lines	void CStringChecker::evalStrcat(CheckerContext &C, const CallExpr *CE) const {
// char strcat(char restrict s1, const char *restrict s2);		// char strcat(char restrict s1, const char *restrict s2);
evalStrcpyCommon(C, CE,		evalStrcpyCommon(C, CE,
/* ReturnEnd = */ false,		/* ReturnEnd = */ false,
/* IsBounded = */ false,		/* IsBounded = */ false,
/* appendK = */ ConcatFnKind::strcat);		/* appendK = */ ConcatFnKind::strcat);
}		}

void CStringChecker::evalStrncat(CheckerContext &C, const CallExpr *CE) const {		void CStringChecker::evalStrncat(CheckerContext &C, const CallExpr *CE) const {
//char strncat(char restrict s1, const char *restrict s2, size_t n);		// char strncat(char restrict s1, const char *restrict s2, size_t n);
evalStrcpyCommon(C, CE,		evalStrcpyCommon(C, CE,
/* ReturnEnd = */ false,		/* ReturnEnd = */ false,
/* IsBounded = */ true,		/* IsBounded = */ true,
/* appendK = */ ConcatFnKind::strcat);		/* appendK = */ ConcatFnKind::strcat);
}		}

void CStringChecker::evalStrlcat(CheckerContext &C, const CallExpr *CE) const {		void CStringChecker::evalStrlcat(CheckerContext &C, const CallExpr *CE) const {
// size_t strlcat(char dst, const char src, size_t size);		// size_t strlcat(char dst, const char src, size_t size);
▲ Show 20 Lines • Show All 535 Lines • ▼ Show 20 Lines	void CStringChecker::evalStrcmpCommon(CheckerContext &C, const CallExpr *CE,

state = state->BindExpr(CE, LCtx, resultVal);		state = state->BindExpr(CE, LCtx, resultVal);

// Record this as a possible path.		// Record this as a possible path.
C.addTransition(state);		C.addTransition(state);
}		}

void CStringChecker::evalStrsep(CheckerContext &C, const CallExpr *CE) const {		void CStringChecker::evalStrsep(CheckerContext &C, const CallExpr *CE) const {
//char strsep(char stringp, const char delim);		// char strsep(char stringp, const char delim);
// Sanity: does the search string parameter match the return type?		// Verify whether the search string parameter matches the return type.
SourceArgExpr SearchStrPtr = {CE->getArg(0), 0};		SourceArgExpr SearchStrPtr = {CE->getArg(0), 0};

QualType CharPtrTy = SearchStrPtr.Expression->getType()->getPointeeType();		QualType CharPtrTy = SearchStrPtr.Expression->getType()->getPointeeType();
if (CharPtrTy.isNull() \|\|		if (CharPtrTy.isNull() \|\|
CE->getType().getUnqualifiedType() != CharPtrTy.getUnqualifiedType())		CE->getType().getUnqualifiedType() != CharPtrTy.getUnqualifiedType())
return;		return;

CurrentFunctionDescription = "strsep()";		CurrentFunctionDescription = "strsep()";
▲ Show 20 Lines • Show All 381 Lines • Show Last 20 Lines

clang/lib/StaticAnalyzer/Checkers/MIGChecker.cpp

Show First 20 Lines • Show All 154 Lines • ▼ Show 20 Lines	while (LC) {
LC = SFC->getParent();		LC = SFC->getParent();
}		}

const Decl *D = SFC->getDecl();		const Decl *D = SFC->getDecl();

if (Optional<AnyCall> AC = AnyCall::forDecl(D)) {		if (Optional<AnyCall> AC = AnyCall::forDecl(D)) {
// Even though there's a Sema warning when the return type of an annotated		// Even though there's a Sema warning when the return type of an annotated
// function is not a kern_return_t, this warning isn't an error, so we need		// function is not a kern_return_t, this warning isn't an error, so we need
// an extra sanity check here.		// an extra check here.
// FIXME: AnyCall doesn't support blocks yet, so they remain unchecked		// FIXME: AnyCall doesn't support blocks yet, so they remain unchecked
// for now.		// for now.
if (!AC->getReturnType(C.getASTContext())		if (!AC->getReturnType(C.getASTContext())
.getCanonicalType()->isSignedIntegerType())		.getCanonicalType()->isSignedIntegerType())
return false;		return false;
}		}

if (D->hasAttr<MIGServerRoutineAttr>())		if (D->hasAttr<MIGServerRoutineAttr>())
▲ Show 20 Lines • Show All 129 Lines • Show Last 20 Lines

clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp

Show First 20 Lines • Show All 149 Lines • ▼ Show 20 Lines	virtual std::string describe(ProgramStateRef State,
// constraints, e.g. ComparisonConstraint. In that case we can safely		// constraints, e.g. ComparisonConstraint. In that case we can safely
// ignore the implementation of this function.		// ignore the implementation of this function.
llvm_unreachable("Not implemented");		llvm_unreachable("Not implemented");
}		}

protected:		protected:
ArgNo ArgN; // Argument to which we apply the constraint.		ArgNo ArgN; // Argument to which we apply the constraint.

/// Do polymorphic sanity check on the constraint.		/// Do polymorphic validation check on the constraint.
virtual bool checkSpecificValidity(const FunctionDecl *FD) const {		virtual bool checkSpecificValidity(const FunctionDecl *FD) const {
return true;		return true;
}		}
};		};

/// Given a range, should the argument stay inside or outside this range?		/// Given a range, should the argument stay inside or outside this range?
enum RangeKind { OutOfRange, WithinRange };		enum RangeKind { OutOfRange, WithinRange };

▲ Show 20 Lines • Show All 355 Lines • ▼ Show 20 Lines	bool matchesAndSet(const Signature &Sign, const FunctionDecl *FD) {
if (Result) {		if (Result) {
assert(!this->FD && "FD must not be set more than once");		assert(!this->FD && "FD must not be set more than once");
this->FD = FD;		this->FD = FD;
}		}
return Result;		return Result;
}		}

private:		private:
// Once we know the exact type of the function then do sanity check on all		// Once we know the exact type of the function then do validation check on
// the given constraints.		// all the given constraints.
bool validateByConstraints(const FunctionDecl *FD) const {		bool validateByConstraints(const FunctionDecl *FD) const {
for (const ConstraintSet &Case : CaseConstraints)		for (const ConstraintSet &Case : CaseConstraints)
for (const ValueConstraintPtr &Constraint : Case)		for (const ValueConstraintPtr &Constraint : Case)
if (!Constraint->checkValidity(FD))		if (!Constraint->checkValidity(FD))
return false;		return false;
for (const ValueConstraintPtr &Constraint : ArgConstraints)		for (const ValueConstraintPtr &Constraint : ArgConstraints)
if (!Constraint->checkValidity(FD))		if (!Constraint->checkValidity(FD))
return false;		return false;
▲ Show 20 Lines • Show All 2,149 Lines • Show Last 20 Lines

clang/lib/StaticAnalyzer/Checkers/UnixAPIChecker.cpp

Show First 20 Lines • Show All 176 Lines • ▼ Show 20 Lines	void UnixAPIMisuseChecker::CheckOpenVariant(CheckerContext &C,
unsigned int CreateModeArgIndex = FlagsArgIndex + 1;		unsigned int CreateModeArgIndex = FlagsArgIndex + 1;

// The create mode argument should be the last argument.		// The create mode argument should be the last argument.
unsigned int MaxArgCount = CreateModeArgIndex + 1;		unsigned int MaxArgCount = CreateModeArgIndex + 1;

ProgramStateRef state = C.getState();		ProgramStateRef state = C.getState();

if (CE->getNumArgs() < MinArgCount) {		if (CE->getNumArgs() < MinArgCount) {
// The frontend should issue a warning for this case, so this is a sanity		// The frontend should issue a warning for this case. Just return.
		QuuxplusoneUnsubmitted Done Reply Inline Actions I believe this is another instance of someone misusing the term "sanity check" for (something like) "defensive programming." We're not checking anything on this codepath; we're doing something sensible in a case that has already been dealt with elsewhere (but in this case, it actually can fall through to here; asserting here would be wrong). I'd write: `// The frontend has already issued a warning. Just return.` Quuxplusone: I believe this is another instance of someone misusing the term "sanity check" for (something…
// check.
return;		return;
} else if (CE->getNumArgs() == MaxArgCount) {		} else if (CE->getNumArgs() == MaxArgCount) {
const Expr *Arg = CE->getArg(CreateModeArgIndex);		const Expr *Arg = CE->getArg(CreateModeArgIndex);
QualType QT = Arg->getType();		QualType QT = Arg->getType();
if (!QT->isIntegerType()) {		if (!QT->isIntegerType()) {
SmallString<256> SBuf;		SmallString<256> SBuf;
llvm::raw_svector_ostream OS(SBuf);		llvm::raw_svector_ostream OS(SBuf);
OS << "The " << CreateModeArgIndex + 1		OS << "The " << CreateModeArgIndex + 1
▲ Show 20 Lines • Show All 166 Lines • ▼ Show 20 Lines

// Does a basic check for 0-sized allocations suitable for most of the below		// Does a basic check for 0-sized allocations suitable for most of the below
// functions (modulo "calloc")		// functions (modulo "calloc")
void UnixAPIPortabilityChecker::BasicAllocationCheck(CheckerContext &C,		void UnixAPIPortabilityChecker::BasicAllocationCheck(CheckerContext &C,
const CallExpr *CE,		const CallExpr *CE,
const unsigned numArgs,		const unsigned numArgs,
const unsigned sizeArg,		const unsigned sizeArg,
const char *fn) const {		const char *fn) const {
// Sanity check for the correct number of arguments		// Check for the correct number of arguments.
if (CE->getNumArgs() != numArgs)		if (CE->getNumArgs() != numArgs)
return;		return;

// Check if the allocation size is 0.		// Check if the allocation size is 0.
ProgramStateRef state = C.getState();		ProgramStateRef state = C.getState();
ProgramStateRef trueState = nullptr, falseState = nullptr;		ProgramStateRef trueState = nullptr, falseState = nullptr;
const Expr *arg = CE->getArg(sizeArg);		const Expr *arg = CE->getArg(sizeArg);
SVal argVal = C.getSVal(arg);		SVal argVal = C.getSVal(arg);
▲ Show 20 Lines • Show All 135 Lines • Show Last 20 Lines

clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp

Show First 20 Lines • Show All 1,663 Lines • ▼ Show 20 Lines	if (!isUnderconstrained(N))
IsTrackingTurnedOn = true;		IsTrackingTurnedOn = true;
if (!IsTrackingTurnedOn)		if (!IsTrackingTurnedOn)
return nullptr;		return nullptr;

// Check if in the previous state it was feasible for this constraint		// Check if in the previous state it was feasible for this constraint
// to not be true.		// to not be true.
if (isUnderconstrained(PrevN)) {		if (isUnderconstrained(PrevN)) {
IsSatisfied = true;		IsSatisfied = true;

// As a sanity check, make sure that the negation of the constraint		// At this point, the negation of the constraint should be infeasible. If it
		QuuxplusoneUnsubmitted Done Reply Inline Actions `// At this point, the negation of the constraint should be infeasible. If it is feasible,...` Quuxplusone: `// At this point, the negation of the constraint should be infeasible. If it is feasible,...`
// was infeasible in the current state. If it is feasible, we somehow		// is feasible, make sure that the negation of the constrainti was
// missed the transition point.		// infeasible in the current state. If it is feasible, we somehow missed
		// the transition point.
assert(!isUnderconstrained(N));		assert(!isUnderconstrained(N));

// We found the transition point for the constraint. We now need to		// We found the transition point for the constraint. We now need to
// pretty-print the constraint. (work-in-progress)		// pretty-print the constraint. (work-in-progress)
SmallString<64> sbuf;		SmallString<64> sbuf;
llvm::raw_svector_ostream os(sbuf);		llvm::raw_svector_ostream os(sbuf);

if (Constraint.getAs<Loc>()) {		if (Constraint.getAs<Loc>()) {
▲ Show 20 Lines • Show All 1,642 Lines • Show Last 20 Lines

clang/lib/StaticAnalyzer/Core/ExprEngine.cpp

Show First 20 Lines • Show All 320 Lines • ▼ Show 20 Lines	if (!Result) {
// mode. Only create a region if the current value is a NonLoc.		// mode. Only create a region if the current value is a NonLoc.
if (!InitValWithAdjustments.getAs<NonLoc>()) {		if (!InitValWithAdjustments.getAs<NonLoc>()) {
if (OutRegionWithAdjustments)		if (OutRegionWithAdjustments)
*OutRegionWithAdjustments = nullptr;		*OutRegionWithAdjustments = nullptr;
return State;		return State;
}		}
Result = InitWithAdjustments;		Result = InitWithAdjustments;
} else {		} else {
// We need to create a region no matter what. For sanity, make sure we don't		// We need to create a region no matter what. Make sure we don't try to
// try to stuff a Loc into a non-pointer temporary region.		// stuff a Loc into a non-pointer temporary region.
assert(!InitValWithAdjustments.getAs<Loc>() \|\|		assert(!InitValWithAdjustments.getAs<Loc>() \|\|
Loc::isLocType(Result->getType()) \|\|		Loc::isLocType(Result->getType()) \|\|
Result->getType()->isMemberPointerType());		Result->getType()->isMemberPointerType());
		QuuxplusoneUnsubmitted Not Done Reply Inline Actions This seems to be the "for sanity" idiom, but I have no idea what it's trying to say (because I don't know this code). Quuxplusone: This seems to be the "for sanity" idiom, but I have no idea what it's trying to say (because I…
}		}

ProgramStateManager &StateMgr = State->getStateManager();		ProgramStateManager &StateMgr = State->getStateManager();
MemRegionManager &MRMgr = StateMgr.getRegionManager();		MemRegionManager &MRMgr = StateMgr.getRegionManager();
StoreManager &StoreMgr = StateMgr.getStoreManager();		StoreManager &StoreMgr = StateMgr.getStoreManager();

// MaterializeTemporaryExpr may appear out of place, after a few field and		// MaterializeTemporaryExpr may appear out of place, after a few field and
// base-class accesses have been made to the object, even though semantically		// base-class accesses have been made to the object, even though semantically
▲ Show 20 Lines • Show All 2,947 Lines • Show Last 20 Lines

clang/lib/StaticAnalyzer/Core/Store.cpp

Show First 20 Lines • Show All 243 Lines • ▼ Show 20 Lines	static bool regionMatchesCXXRecordType(SVal V, QualType Ty) {
const CXXRecordDecl *Expected = Ty->getPointeeCXXRecordDecl();		const CXXRecordDecl *Expected = Ty->getPointeeCXXRecordDecl();
if (!Expected)		if (!Expected)
Expected = Ty->getAsCXXRecordDecl();		Expected = Ty->getAsCXXRecordDecl();

return Expected->getCanonicalDecl() == RD->getCanonicalDecl();		return Expected->getCanonicalDecl() == RD->getCanonicalDecl();
}		}

SVal StoreManager::evalDerivedToBase(SVal Derived, const CastExpr *Cast) {		SVal StoreManager::evalDerivedToBase(SVal Derived, const CastExpr *Cast) {
// Sanity check to avoid doing the wrong thing in the face of		// Early return to avoid doing the wrong thing in the face of
// reinterpret_cast.		// reinterpret_cast.
if (!regionMatchesCXXRecordType(Derived, Cast->getSubExpr()->getType()))		if (!regionMatchesCXXRecordType(Derived, Cast->getSubExpr()->getType()))
return UnknownVal();		return UnknownVal();
		QuuxplusoneUnsubmitted Not Done Reply Inline Actions This comment seems incorrectly translated. I interpret the writer's intent as, "We really don't ever expect to get here from a reinterpret_cast; but if we ever do, let's just return something plausible [so that we avoid doing anything insane in the following codepath]." According to my interpretation, this would be better expressed as a simple `assert`, and you should file a bug if the assert ever gets hit. Alternatively, this `if` is necessary for correctness, and the comment should simply say something like "We can get here from a reinterpret_cast; in that case, return UnknownVal so that [whatever the reason is]." Quuxplusone: This comment seems incorrectly translated. I interpret the writer's intent as, "We really don't…

// Walk through the cast path to create nested CXXBaseRegions.		// Walk through the cast path to create nested CXXBaseRegions.
SVal Result = Derived;		SVal Result = Derived;
for (CastExpr::path_const_iterator I = Cast->path_begin(),		for (CastExpr::path_const_iterator I = Cast->path_begin(),
E = Cast->path_end();		E = Cast->path_end();
I != E; ++I) {		I != E; ++I) {
Result = evalDerivedToBase(Result, (I)->getType(), (I)->isVirtual());		Result = evalDerivedToBase(Result, (I)->getType(), (I)->isVirtual());
}		}
▲ Show 20 Lines • Show All 277 Lines • Show Last 20 Lines

clang/lib/Tooling/Syntax/Tree.cpp

Show First 20 Lines • Show All 120 Lines • ▼ Show 20 Lines	assert((!Begin \|\| Begin->Parent == this) &&
"`Begin` is not a child of `this`.");		"`Begin` is not a child of `this`.");
assert((!End \|\| End->Parent == this) && "`End` is not a child of `this`.");		assert((!End \|\| End->Parent == this) && "`End` is not a child of `this`.");
assert(canModify() && "Cannot modify `this`.");		assert(canModify() && "Cannot modify `this`.");

#ifndef NDEBUG		#ifndef NDEBUG
for (auto *N = New; N; N = N->NextSibling) {		for (auto *N = New; N; N = N->NextSibling) {
assert(N->Parent == nullptr);		assert(N->Parent == nullptr);
assert(N->getRole() != NodeRole::Detached && "Roles must be set");		assert(N->getRole() != NodeRole::Detached && "Roles must be set");
// FIXME: sanity-check the role.		// FIXME: validate the role.
}		}

auto Reachable = [](Node From, Node N) {		auto Reachable = [](Node From, Node N) {
if (!N)		if (!N)
return true;		return true;
for (auto *It = From; It; It = It->NextSibling)		for (auto *It = From; It; It = It->NextSibling)
if (It == N)		if (It == N)
return true;		return true;
▲ Show 20 Lines • Show All 333 Lines • Show Last 20 Lines

This is an archive of the discontinued LLVM Phabricator instance.

[clang][NFC] Inclusive terms: replace some uses of sanity in clangClosedPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 388587

clang/include/clang/AST/Redeclarable.h

clang/include/clang/Analysis/CFG.h

clang/include/clang/CodeGen/CGFunctionInfo.h

clang/include/clang/Sema/Lookup.h

clang/lib/Analysis/BodyFarm.cpp

clang/lib/Analysis/RetainSummaryManager.cpp

clang/lib/Basic/DiagnosticIDs.cpp

clang/lib/Basic/SourceManager.cpp

clang/lib/Driver/ToolChains/Clang.cpp

clang/lib/Format/Format.cpp

clang/lib/Frontend/FrontendActions.cpp

clang/lib/Sema/SemaChecking.cpp

clang/lib/Sema/SemaDecl.cpp

clang/lib/Sema/SemaDeclCXX.cpp

clang/lib/Sema/SemaExpr.cpp

clang/lib/Sema/SemaExprCXX.cpp

clang/lib/Sema/SemaLookup.cpp

clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp

clang/lib/StaticAnalyzer/Checkers/MIGChecker.cpp

clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp

clang/lib/StaticAnalyzer/Checkers/UnixAPIChecker.cpp

clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp

clang/lib/StaticAnalyzer/Core/ExprEngine.cpp

clang/lib/StaticAnalyzer/Core/Store.cpp

clang/lib/Tooling/Syntax/Tree.cpp

[clang][NFC] Inclusive terms: replace some uses of sanity in clang
ClosedPublic