Index: clang/include/clang/Sema/AnalysisBasedWarnings.h =================================================================== --- clang/include/clang/Sema/AnalysisBasedWarnings.h +++ clang/include/clang/Sema/AnalysisBasedWarnings.h @@ -13,6 +13,7 @@ #ifndef LLVM_CLANG_SEMA_ANALYSISBASEDWARNINGS_H #define LLVM_CLANG_SEMA_ANALYSISBASEDWARNINGS_H +#include "clang/AST/Decl.h" #include "llvm/ADT/DenseMap.h" #include @@ -95,6 +96,9 @@ void IssueWarnings(Policy P, FunctionScopeInfo *fscope, const Decl *D, QualType BlockType); + // Issue warnings that require whole-translation-unit analysis. + void IssueWarnings(const TranslationUnitDecl *D); + Policy getDefaultPolicy() { return DefaultPolicy; } void PrintStats() const; Index: clang/lib/Sema/AnalysisBasedWarnings.cpp =================================================================== --- clang/lib/Sema/AnalysisBasedWarnings.cpp +++ clang/lib/Sema/AnalysisBasedWarnings.cpp @@ -13,6 +13,7 @@ //===----------------------------------------------------------------------===// #include "clang/Sema/AnalysisBasedWarnings.h" +#include "clang/AST/Decl.h" #include "clang/AST/DeclCXX.h" #include "clang/AST/DeclObjC.h" #include "clang/AST/EvaluatedExprVisitor.h" @@ -25,6 +26,8 @@ #include "clang/AST/StmtCXX.h" #include "clang/AST/StmtObjC.h" #include "clang/AST/StmtVisitor.h" +#include "clang/AST/RecursiveASTVisitor.h" +#include "clang/AST/Type.h" #include "clang/Analysis/Analyses/CFGReachabilityAnalysis.h" #include "clang/Analysis/Analyses/CalledOnceCheck.h" #include "clang/Analysis/Analyses/Consumed.h" @@ -35,6 +38,7 @@ #include "clang/Analysis/AnalysisDeclContext.h" #include "clang/Analysis/CFG.h" #include "clang/Analysis/CFGStmtMap.h" +#include "clang/Basic/Diagnostic.h" #include "clang/Basic/SourceLocation.h" #include "clang/Basic/SourceManager.h" #include "clang/Lex/Preprocessor.h" @@ -2290,6 +2294,87 @@ S.Diag(D.Loc, D.PD); } +void clang::sema::AnalysisBasedWarnings::IssueWarnings( + const TranslationUnitDecl *TU) { + if (!TU) + return; // This is unexpected, give up quietly. + + DiagnosticsEngine &Diags = S.getDiagnostics(); + // Whether -Wunsafe-buffer-usage should emit fix-its: + const bool UnsafeBufferEmitFixits = + Diags.getDiagnosticOptions().ShowFixits && S.getLangOpts().CPlusPlus20; + + if (S.hasUncompilableErrorOccurred() || Diags.getIgnoreAllWarnings()) + // exit if having uncompilable errors or ignoring all warnings: + return; + + // An AST Visitor that calls analyzers on each callable definition: + class CallableVisitor : public RecursiveASTVisitor { + private: + Sema &S; + const bool UnsafeBufferEmitFixits; + const DiagnosticsEngine &Diags; + + void checkUnsafeBufferUsage(Decl *Node) { + if (!Diags.isIgnored(diag::warn_unsafe_buffer_operation, + Node->getBeginLoc()) || + !Diags.isIgnored(diag::warn_unsafe_buffer_variable, + Node->getBeginLoc())) { + UnsafeBufferUsageReporter R(S); + clang::checkUnsafeBufferUsage(Node, R, UnsafeBufferEmitFixits); + } + } + + public: + CallableVisitor(Sema &S, bool EmitFixits) + : S(S), UnsafeBufferEmitFixits(EmitFixits), Diags(S.getDiagnostics()) {} + + bool VisitFunctionDecl(FunctionDecl *Node) { + if (S.SourceMgr.isInSystemHeader(Node->getLocation()) || + cast(Node)->isDependentContext()) + return true; // Not to analyze dependent decl + // `FunctionDecl->hasBody()` returns true if the function has a body + // somewhere defined. But we want to know if this `Node` has a body + // child. So we use `doesThisDeclarationHaveABody`: + if (Node->doesThisDeclarationHaveABody()) + checkUnsafeBufferUsage(Node); + return true; + } + + bool VisitBlockDecl(BlockDecl *Node) { + if (S.SourceMgr.isInSystemHeader(Node->getLocation()) || + cast(Node)->isDependentContext()) + return true; // Not to analyze dependent decl + checkUnsafeBufferUsage(Node); + return true; + } + + bool VisitObjCMethodDecl(ObjCMethodDecl *Node) { + if (S.SourceMgr.isInSystemHeader(Node->getLocation()) || + cast(Node)->isDependentContext()) + return true; // Not to analyze dependent decl + if (Node->hasBody()) + checkUnsafeBufferUsage(Node); + return true; + } + + bool VisitLambdaExpr(LambdaExpr *Node) { + return VisitFunctionDecl(Node->getCallOperator()); + } + + bool shouldVisitTemplateInstantiations() const { return true; } + bool shouldVisitImplicitCode() const { return false; } + }; + + // Emit unsafe buffer usage warnings and fixits. + if (!Diags.isIgnored(diag::warn_unsafe_buffer_operation, SourceLocation()) || + !Diags.isIgnored(diag::warn_unsafe_buffer_variable, SourceLocation())) { + CallableVisitor(S, EmitFixits) + .TraverseTranslationUnitDecl( + std::remove_const_t(TU)); + } +} + void clang::sema::AnalysisBasedWarnings::IssueWarnings( sema::AnalysisBasedWarnings::Policy P, sema::FunctionScopeInfo *fscope, const Decl *D, QualType BlockType) { @@ -2518,16 +2603,6 @@ if (S.getLangOpts().CPlusPlus && !fscope->isCoroutine() && isNoexcept(FD)) checkThrowInNonThrowingFunc(S, FD, AC); - // Emit unsafe buffer usage warnings and fixits. - if (!Diags.isIgnored(diag::warn_unsafe_buffer_operation, D->getBeginLoc()) || - !Diags.isIgnored(diag::warn_unsafe_buffer_variable, D->getBeginLoc())) { - UnsafeBufferUsageReporter R(S); - checkUnsafeBufferUsage( - D, R, - /*EmitFixits=*/S.getDiagnostics().getDiagnosticOptions().ShowFixits && - S.getLangOpts().CPlusPlus20); - } - // If none of the previous checks caused a CFG build, trigger one here // for the logical error handler. if (LogicalErrorHandler::hasActiveDiagnostics(Diags, D->getBeginLoc())) { Index: clang/lib/Sema/Sema.cpp =================================================================== --- clang/lib/Sema/Sema.cpp +++ clang/lib/Sema/Sema.cpp @@ -1426,6 +1426,8 @@ } } + AnalysisWarnings.IssueWarnings(Context.getTranslationUnitDecl()); + // Check we've noticed that we're no longer parsing the initializer for every // variable. If we miss cases, then at best we have a performance issue and // at worst a rejects-valid bug. Index: clang/test/SemaCXX/warn-unsafe-buffer-usage.cpp =================================================================== --- clang/test/SemaCXX/warn-unsafe-buffer-usage.cpp +++ clang/test/SemaCXX/warn-unsafe-buffer-usage.cpp @@ -220,11 +220,11 @@ void testTemplate(int * p) { int *a[10]; foo(f(p, &p, a, a)[1]); // expected-warning{{unsafe buffer access}} - // expected-note@-1{{in instantiation of function template specialization 'f' requested here}} + // FIXME: expected note@-1{{in instantiation of function template specialization 'f' requested here}} const int **q = const_cast(&p); - testPointerArithmetic(p, q, p); //expected-note{{in instantiation of}} + testPointerArithmetic(p, q, p); //FIXME: expected note{{in instantiation of}} } void testPointerToMember() { @@ -315,7 +315,7 @@ foo(ar[5]); // expected-note{{used in buffer access here}} } -template void fArr(int t[]); // expected-note {{in instantiation of}} +template void fArr(int t[]); // FIXME: expected note {{in instantiation of}} int testReturn(int t[]) { // expected-warning@-1{{'t' is an unsafe pointer used for buffer access}}