Merge remote-tracking branch 'upstream/master'

Author: Machiry

clang/include/clang/AST/ASTContext.h

@@ -2372,6 +2372,25 @@ class ASTContext : public RefCountedBase<ASTContext> {
            getCanonicalType(T2).getTypePtr();
   }
 
+  /// Determine whether the given types are equivalent after
+  /// cvr-qualifiers have been removed, ignoring any difference
+  /// in pointer checkedness.
+  bool hasSameUnqualifiedUncheckedType(QualType T1, QualType T2) const {
+    if (hasSameUnqualifiedType(T1, T2))
+      return true;
+
+    // See if the only difference between T1 and T2 is that one is a
+    // checked pointer type and one is an unchecked pointer type.
+    if (T1->isPointerType() && T2->isPointerType()) {
+      const PointerType *PtrType1 = T1->getAs<PointerType>();
+      const PointerType *PtrType2 = T2->getAs<PointerType>();
+      return hasSameUnqualifiedUncheckedType(PtrType1->getPointeeType(),
+                                             PtrType2->getPointeeType());
+    }
+
+    return false;
+  }
+
   bool hasSameNullabilityTypeQualifier(QualType SubT, QualType SuperT,
                                        bool IsParam) const {
     auto SubTnullability = SubT->getNullability(*this);

clang/include/clang/AST/CanonBounds.h

@@ -118,6 +118,10 @@ namespace clang {
     /// \brief Lexicographic comparison of expressions that can occur in
     /// bounds expressions.
     Result CompareExpr(const Expr *E1, const Expr *E2);
+    /// \brief Semantic comparison of expressions that can occur in
+    /// bounds expressions. A return value of true indicates that the two
+    /// expressions are equivalent semantically.
+    bool CompareExprSemantically(const Expr *E1, const Expr *E2);
 
     /// \brief Compare declarations that may be used by expressions or
     /// or types.

clang/include/clang/AST/Decl.h

@@ -708,9 +708,10 @@ class DeclaratorDecl : public ValueDecl {
                  DeclarationName N, QualType T, TypeSourceInfo *TInfo,
                  SourceLocation StartL)
       : ValueDecl(DK, DC, L, N, T), DeclInfo(TInfo), InnerLocStart(StartL),
-        Annotations(nullptr) {}
+        Annotations(nullptr), NormalizedBounds(nullptr) {}
 
   BoundsAnnotations *Annotations;
+  BoundsExpr *NormalizedBounds;
 public:
   friend class ASTDeclReader;
   friend class ASTDeclWriter;
@@ -819,6 +820,30 @@ class DeclaratorDecl : public ValueDecl {
     Annotations->setBoundsExpr(E);
   }
 
+  // \brief The bounds expression for this declaration, expanded to a
+  // range bounds expression.
+  BoundsExpr *getNormalizedBounds() const {
+    return const_cast<DeclaratorDecl *>(this)->getNormalizedBounds();
+  }
+
+  // \brief The bounds expression for this declaration, expanded to a
+  // range bounds expression.
+  BoundsExpr *getNormalizedBounds() {
+    return NormalizedBounds;
+  }
+
+  // \brief Set the bounds expression for this declaration, expanded to a
+  // range bounds expression.
+  void setNormalizedBounds(BoundsExpr *E) const {
+    const_cast<DeclaratorDecl *>(this)->setNormalizedBounds(E);
+  }
+
+  // \brief Set the bounds expression for this declaration, expanded to a
+  // range bounds expression.
+  void setNormalizedBounds(BoundsExpr *E) {
+    NormalizedBounds = E;
+  }
+
   /// \brief The Checked C interop type declared or inferred for this
   /// declaration.  For function declarations, this is the return
   /// interop type of the function.  Null if none has been declared

clang/include/clang/AST/PreorderAST.h

@@ -0,0 +1,128 @@
+//===------- PreorderAST.h: An n-ary preorder abstract syntax tree -------===//
+//
+//                     The LLVM Compiler Infrastructure
+//
+// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
+// See https://llvm.org/LICENSE.txt for license information.
+// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
+//
+//===----------------------------------------------------------------------===//
+//
+//  This file defines the interface for an n-ary preorder abstract syntax tree
+//  which is used to semantically compare two expressions.
+//
+//===----------------------------------------------------------------------===//
+
+#ifndef LLVM_CLANG_PREORDER_AST_H
+#define LLVM_CLANG_PREORDER_AST_H
+
+#include "clang/AST/ASTContext.h"
+#include "clang/AST/CanonBounds.h"
+#include "clang/AST/Expr.h"
+
+namespace clang {
+
+  using Result = Lexicographic::Result;
+
+  // Each binary operator of an expression results in a new node of the
+  // PreorderAST. Each node contains 3 fields:
+  // Opc: The opcode of the operator.
+  // Vars: A list of variables in the sub expression.
+  // Const: Constants of the sub expression are folded.
+
+  struct Node {
+    BinaryOperator::Opcode Opc;
+    std::vector<const VarDecl *> Vars;
+    llvm::APSInt Const;
+    // HasConst indicates whether there is a constant in the node. This is used
+    // to differentiate between an absence of a constant and a constant of value
+    // 0.
+    bool HasConst;
+    Node *Parent, *Left, *Right;
+
+    Node(Node *Parent) :
+      Opc(BO_Add), HasConst(false),
+      Parent(Parent), Left(nullptr), Right(nullptr) {}
+
+    // Is the operator commutative and associative?
+    bool IsOpCommutativeAndAssociative() {
+      return Opc == BO_Add || Opc == BO_Mul;
+    }
+  };
+
+  class PreorderAST {
+  private:
+    ASTContext &Ctx;
+    Lexicographic Lex;
+    llvm::raw_ostream &OS;
+    bool Error;
+    Node *Root;
+
+    // Create a PreorderAST for the expression E.
+    // @param[in] E is the sub expression which needs to be added to N.
+    // @param[in] N is the current node of the AST.
+    // @param[in] Parent is the parent node for N.
+    void Create(Expr *E, Node *N = nullptr, Node *Parent = nullptr);
+
+    // Sort the variables in a node of the AST.
+    // @param[in] N is current node of the AST.
+    void Sort(Node *N);
+
+    // Check if the two AST nodes N1 and N2 are equal.
+    // @param[in] N1 is the first node.
+    // @param[in] N2 is the second node.
+    // @return Returns a boolean indicating whether N1 and N2 are equal.
+    bool IsEqual(Node *N1, Node *N2);
+
+    // Set Error in case an error occurs during transformation of the AST.
+    void SetError() { Error = true; }
+
+    // Print the PreorderAST.
+    // @param[in] N is the current node of the AST.
+    void PrettyPrint(Node *N);
+
+    // Cleanup the memory consumed by node N.
+    // @param[in] N is the current node of the AST.
+    void Cleanup(Node *N);
+
+    // A DeclRefExpr can be a reference either to an array subscript (in which
+    // case it is wrapped around a ArrayToPointerDecay cast) or to a pointer
+    // dereference (in which case it is wrapped around an LValueToRValue cast).
+    // @param[in] An expression E.
+    // @return Returns a DeclRefExpr if E is a DeclRefExpr, otherwise nullptr.
+    DeclRefExpr *GetDeclOperand(Expr *E);
+
+  public:
+    PreorderAST(ASTContext &Ctx, Expr *E) :
+      Ctx(Ctx), Lex(Lexicographic(Ctx, nullptr)), OS(llvm::outs()),
+      Error(false), Root(nullptr) {
+      Create(E);
+    }
+
+    // Normalize the input expression through a series of transforms on the
+    // preorder AST. The Error field is set if an error is encountered during
+    // transformation of the AST.
+    void Normalize();
+
+    // Check if the two ASTs are equal. This is intended to be called from
+    // outside this class and invokes IsEqual on the root nodes of the two ASTs
+    // to recursively compare the AST nodes.
+    // @param[in] this is the first AST.
+    // @param[in] P is the second AST.
+    // @return Returns a bool indicating whether the two ASTs are equal.
+    bool IsEqual(PreorderAST &P) { return IsEqual(Root, P.Root); }
+
+    // Check if an error has occurred during transformation of the AST. This
+    // is intended to be called from outside this class to check if an error
+    // has occurred during comparison of expressions.
+    // @return Whether an error has occurred or not.
+    bool GetError() { return Error; }
+
+    // Cleanup the memory consumed by the AST. This is intended to be called
+    // from outside this class and invokes Cleanup on the root node which
+    // recursively deletes the AST.
+    void Cleanup() { Cleanup(Root); }
+  };
+
+} // end namespace clang
+#endif

clang/include/clang/Basic/DiagnosticSemaKinds.td

@@ -10164,17 +10164,20 @@ def err_bounds_type_annotation_lost_checking : Error<
 
   def warn_bounds_declaration_invalid : Warning<
     "cannot prove declared bounds for %1 are valid after "
-    "%select{assignment|initialization}0">,
+    "%select{assignment|initialization|statement}0">,
     InGroup<CheckBoundsDeclsUnchecked>;
 
   def warn_checked_scope_bounds_declaration_invalid : Warning<
     "cannot prove declared bounds for %1 are valid after "
-    "%select{assignment|initialization}0">,
+    "%select{assignment|initialization|statement}0">,
     InGroup<CheckBoundsDeclsChecked>;
 
   def error_bounds_declaration_invalid : Error<
     "declared bounds for %1 are invalid after "
-    "%select{assignment|initialization}0">;
+    "%select{assignment|initialization|statement}0">;
+
+  def err_unknown_inferred_bounds : Error<
+    "inferred bounds for %0 are unknown after statement">;
 
   def note_declared_bounds : Note<
     "(expanded) declared bounds are '%0'">;
@@ -10188,6 +10191,13 @@ def err_bounds_type_annotation_lost_checking : Error<
   def note_required_bounds : Note<
     "(expanded) required bounds are '%0'">;
 
+  def note_lost_variable : Note<
+    "lost the value of the variable '%0' "
+    "which is used in the (expanded) inferred bounds '%1' of %2">;
+
+  def note_unknown_source_bounds : Note<
+    "assigned expression '%0' with unknown bounds to %1">;
+
   def err_modifying_expr_not_supported : Error<
    "argument must be a non-modifying expression because %ordinal0 parameter "
    "is used in a bounds expression">;

clang/include/clang/Basic/LangOptions.def

@@ -94,6 +94,7 @@ LANGOPT(CPlusPlus17       , 1, 0, "C++17")
 LANGOPT(CPlusPlus2a       , 1, 0, "C++2a")
 LANGOPT(ObjC              , 1, 0, "Objective-C")
 LANGOPT(CheckedC          , 1, 0, "Checked C extension")
+LANGOPT(CheckedCConverter , 1, 0, "Automated Checked C converter mode")
 BENIGN_LANGOPT(ObjCDefaultSynthProperties , 1, 0,
                "Objective-C auto-synthesized properties")
 BENIGN_LANGOPT(EncodeExtendedBlockSig , 1, 0,

clang/include/clang/Driver/Options.td

@@ -800,7 +800,9 @@ def fbuiltin_module_map : Flag <["-"], "fbuiltin-module-map">, Group<f_Group>,
 def fcheckedc_extension : Flag<["-"], "fcheckedc-extension">, Group<f_Group>, Flags<[CC1Option]>,
   HelpText<"Accept Checked C extension">;
 def fno_checkedc_extension : Flag<["-"], "fno-checkedc-extension">, Group<f_Group>, Flags<[CC1Option]>,
-  HelpText<"Do ont accept Checked C extension">;
+  HelpText<"Do not accept Checked C extension">;
+def fcheckedc_convert_tool : Flag<["-"], "fcheckedc-convert-tool">, Group<f_Group>, Flags<[CC1Option]>,
+  HelpText<"Enable Checked C converter tool mode (supposed to be run by tools that needs only AST)">;
 def fdump_extracted_comparison_facts : Flag<["-"], "fdump-extracted-comparison-facts">, Group<f_Group>, Flags<[CC1Option]>,
   HelpText<"Dump extracted comparison facts">;
 def fdump_widened_bounds : Flag<["-"], "fdump-widened-bounds">, Group<f_Group>, Flags<[CC1Option]>,

clang/include/clang/Sema/BoundsAnalysis.h

@@ -96,6 +96,9 @@ namespace clang {
   // 2. any variable used in the bounds expr of V is assigned to in S.
   using StmtDeclSetTy = llvm::DenseMap<const Stmt *, DeclSetTy>;
 
+  // StmtSet denotes a set of Stmts.
+  using StmtSet = llvm::SmallPtrSet<const Stmt *, 16>;
+
   class BoundsAnalysis {
   private:
     Sema &S;
@@ -184,7 +187,9 @@ namespace clang {
 
     // Run the dataflow analysis to widen bounds for ntptr's.
     // @param[in] FD is the current function.
-    void WidenBounds(FunctionDecl *FD);
+    // @param[in] NestedStmts is a set of top-level statements that are
+    // nested in another top-level statement.
+    void WidenBounds(FunctionDecl *FD, StmtSet NestedStmts);
 
     // Get the widened bounds for block B.
     // @param[in] B is the block for which the widened bounds are needed.
@@ -214,7 +219,9 @@ namespace clang {
     // Compute Kill set for each block in BlockMap. For a block B, if a
     // variable V is assigned to in B by Stmt S, then the pair S:V is added to
     // the Kill set for the block.
-    void ComputeKillSets();
+    // @param[in] NestedStmts is a set of top-level statements that are
+    // nested in another top-level statement.
+    void ComputeKillSets(StmtSet NestedStmts);
 
     // Compute In set for each block in BlockMap. In[B1] = n Out[B*->B1], where
     // B* are all preds of B1.
@@ -314,10 +321,12 @@ namespace clang {
     // @param[in] FD is the current function.
     void CollectNtPtrsInScope(FunctionDecl *FD);
 
-    // If variable V is killed by Stmt S in Block B, add S:V pair to EB->Kill.
+    // If variable V is killed by Stmt S in Block B, add TopLevelStmt:V pair
+    // to EB->Kill, where TopLevelStmt is the top-level Stmt that contains S.
     // @param[in] EB is the ElevatedCFGBlock for the current block.
+    // @param[in] TopLevelStmt is the top-level Stmt in the block.
     // @param[in] S is the current Stmt in the block.
-    void FillKillSet(ElevatedCFGBlock *EB, const Stmt *S);
+    void FillKillSet(ElevatedCFGBlock *EB, const Stmt *TopLevelStmt, const Stmt *S);
 
     // Initialize the In and Out sets for all blocks, except the Entry block,
     // as Top.

clang/include/clang/Sema/Sema.h

@@ -5186,7 +5186,8 @@ class Sema {
 
   enum BoundsDeclarationCheck {
       BDC_Assignment,
-      BDC_Initialization
+      BDC_Initialization,
+      BDC_Statement
   };
 
   /// \brief Check that address=of operation is not taking the
@@ -5213,6 +5214,12 @@ class Sema {
   // will always fail.
   void WarnDynamicCheckAlwaysFails(const Expr *Condition);
 
+  // If the VarDecl D has a byte_count or count bounds expression,
+  // NormalizeBounds expands it to a range bounds expression.  The expanded
+  // range bounds are attached to the VarDecl D to avoid recomputing the
+  // normalized bounds for D.
+  BoundsExpr *NormalizeBounds(const VarDecl *D);
+
   // This is wrapper around CheckBoundsDeclaration::ExpandToRange. This
   // provides an easy way to invoke this function from outside the class. Given
   // a byte_count or count bounds expression for the VarDecl D, ExpandToRange

clang/lib/AST/ASTContext.cpp

@@ -8804,7 +8804,9 @@ QualType ASTContext::mergeFunctionTypes(QualType lhs, QualType rhs,
         // For unchecked return types, a return with
         // bounds is compatible with a return without bounds.
         // The merged type includes the bounds.
-        if (!retType->isUncheckedPointerType())
+        // Ignore the error if we do not want to consider checked pointers.
+        if (!retType->isUncheckedPointerType() &&
+            !getLangOpts().CheckedCConverter)
           return QualType();
         if (!lReturnAnnots.IsEmpty() && rReturnAnnots.IsEmpty()) {
           ReturnAnnots = lReturnAnnots;
@@ -8858,7 +8860,9 @@ QualType ASTContext::mergeFunctionTypes(QualType lhs, QualType rhs,
           // For unchecked parameter types, a parameter with
           // bounds is compatible with a parameter without bounds.
           // The merged type includes the bounds.
-          if (!paramType->isUncheckedPointerType())
+          // Ignored the error if we do not want to consider checked pointers.
+          if (!paramType->isUncheckedPointerType() &&
+              !getLangOpts().CheckedCConverter)
             return QualType();
           if (!lBounds.IsEmpty() && rBounds.IsEmpty()) {
             bounds.push_back(lBounds);

clang/lib/AST/CMakeLists.txt

@@ -56,6 +56,7 @@ add_clang_library(clangAST
   OSLog.cpp
   OpenMPClause.cpp
   ParentMap.cpp
+  PreorderAST.cpp
   PrintfFormatString.cpp
   QualTypeNames.cpp
   RawCommentList.cpp