Граф коммитов

144 Коммитов

Автор SHA1 Сообщение Дата
Boris Zbarsky e348ad0b6c Improve the documentation around the MOZ_CAN_RUN_SCRIPT analysis. No bug. r=emilio
Differential Revision: https://phabricator.services.mozilla.com/D23762

--HG--
extra : moz-landing-system : lando
2019-03-16 12:52:33 +00:00
Ehsan Akhgari e5e885ae31 Bug 1521000 - Part 2: Adjust our clang-format rules to include spaces after the hash for nested preprocessor directives r=sylvestre
# ignore-this-changeset

--HG--
extra : amend_source : 7221c8d15a765df71171099468e7c7faa648f37c
extra : histedit_source : a0cce6015636202bff09e35a13f72e03257a7695
2019-01-18 10:16:18 +01:00
Sylvestre Ledru 265e672179 Bug 1511181 - Reformat everything to the Google coding style r=ehsan a=clang-format
# ignore-this-changeset

--HG--
extra : amend_source : 4d301d3b0b8711c4692392aa76088ba7fd7d1022
2018-11-30 11:46:48 +01:00
Ehsan Akhgari ca162bee20 Bug 1508472 - Part 4: Fourth batch of comment fix-ups in preparation for the tree reformat r=sylvestre
This is a best effort attempt at ensuring that the adverse impact of
reformatting the entire tree over the comments would be minimal.  I've used a
combination of strategies including disabling of formatting, some manual
formatting and some changes to formatting to work around some clang-format
limitations.

Differential Revision: https://phabricator.services.mozilla.com/D13193

--HG--
extra : moz-landing-system : lando
2018-11-28 09:16:55 +00:00
Jeff Walden f2196f8c8f Bug 1503086 - Initialize all SourceBufferHolders with a fallible function that in all cases assumes ownership of given-ownership data. r=tcampbell, r=bz, r=mrbkap on some finicky worker code lightly touched here
--HG--
extra : rebase_source : 94b1a13dc03a7f1a5d07a2c665fdc0cde162d411
2018-10-23 12:27:16 -07:00
Steve Fink b5b78d5525 Bug 1321014 - Respect MOZ_INHERIT_TYPE_ANNOTATIONS_FROM_TEMPLATE_ARGS for the purpose of identifying GC types and pointers, r=jonco
--HG--
extra : topic : hazard
extra : rebase_source : bdaf0ae60a6b45c9d44294aa9c2bc31a8811bdbd
extra : source : c7b32ffa822e353b5479b6224194e3cdfd135e65
2018-07-20 18:36:20 -07:00
Mike Hommey b487ebbc58 Bug 1493093 - Allow to relax MOZ_NON_TEMPORARY_CLASS for some specific constructors r=andi
Differential Revision: https://phabricator.services.mozilla.com/D6566

--HG--
extra : moz-landing-system : lando
2018-09-24 22:47:12 +00:00
Mike Hommey 88314c2170 Bug 1488631 - Remove annotations that the clang plugin doesn't handle. r=andi
As per bug 1487622, annotations have side effects on codegen, one of
which changes a leak signature that the wpt harness doesn't match
against its whitelist anymore.

Interestingly, while looking at the issue, I found multiple moz_*
annotations that weren't actually looked for by the clang plugin,
making them useless. Even more interestingly, removing them changes
codegen in such a way that the leak signature mentioned above is not
altered anymore.

Differential Revision: https://phabricator.services.mozilla.com/D5000
2018-09-08 06:49:48 +09:00
Jeff Walden 04d21ccac0 Bug 1451248. r=jorendorff, r=bz
--HG--
extra : rebase_source : e26439a5954162bdaf332fbd63d623a3810e19e0
2018-04-25 19:40:09 -07:00
Nicholas Nethercote 374e333b76 Bug 1451658 - Add MOZ_STATIC_CLASS. r=mystor
MozReview-Commit-ID: HlbfoQypMcI

--HG--
extra : rebase_source : 3f91229f7190f04a9f512a6ac594674e05829039
2018-04-10 17:31:31 +10:00
Sylvestre Ledru 78c25c6d82 Bug 1437482 - gcc 8 has no-sanitize but not the {un,}signed-integer-overflow option r=Waldo
MozReview-Commit-ID: EfRYhaISZfL

--HG--
extra : rebase_source : 2a5f32a71be4688d260786f6f762183f38b682a8
2018-02-12 12:07:52 +01:00
Jeff Walden 0e77ce073b Bug 1435484 - Split the integer-overflow blacklist into two blacklists, one for signed integer overflow and one for unsigned integer overflow, and rename both configure flags to be clearer. r=decoder, r=froydnj
--HG--
rename : build/sanitizers/ubsan_blacklist_int.txt => build/sanitizers/ubsan_signed_overflow_blacklist.txt
rename : build/sanitizers/ubsan_blacklist_int.txt => build/sanitizers/ubsan_unsigned_overflow_blacklist.txt
2018-02-02 21:25:31 -08:00
Eric Rahm 61c1f85e41 Bug 1434689 - Part 2: Add MOZ_TEMPORARY_CLASS attribute. r=mystor
This adds the MOZ_TEMPORARY_CLASS attribute to Attributes.h.

--HG--
extra : rebase_source : aea2ac53705863a839bcf11245b67a9fc1da08bf
2018-01-31 15:22:42 -08:00
Nika Layzell a124bfae77 Bug 1418465 - Add an opt-out to the MOZ_CAN_RUN_SCRIPT analysis, r=andi
MozReview-Commit-ID: 2YKncUdrT5p
2017-11-24 11:15:17 -05:00
Nicholas Nethercote d225f7151b Bug 1400460 - Rename nsIAtom as nsAtom. r=hiro.
(Path is actually r=froydnj.)

Bug 1400459 devirtualized nsIAtom so that it is no longer a subclass of
nsISupports. This means that nsAtom is now a better name for it than nsIAtom.

MozReview-Commit-ID: 91U22X2NydP

--HG--
rename : xpcom/ds/nsIAtom.h => xpcom/ds/nsAtom.h
extra : rebase_source : ac3e904a21b8b48e74534fff964f1623ee937c67
2017-10-03 09:05:19 +11:00
Tom Ritter 92ff663a31 Bug 1393498 Mark the stub_BaseThreadInitThunk as MOZ_NORETURN to silence a warning about a noreturn function not returning r=dmajor,froydnj
/home/worker/workspace/build/src/mozglue/build/WindowsDllBlocklist.cpp:816:1: error: 'noreturn' function does return [-Werror]

MozReview-Commit-ID: SYgPDW0sMV

--HG--
extra : rebase_source : 27b1dda404b3fc5fab95dd524677387bad921751
2017-08-24 22:49:09 -05:00
Tristan Bourvon ba0998ae31 Bug 1380423 - Add static-analysis to enforce strict rules on functions which can run scripts. r=mystor
MozReview-Commit-ID: GGSyq0z5msB
2017-08-08 19:48:53 +03:00
Luke Wagner e59ff0294c Bug 1351488 - Add MOZ_XPCOM_ABI to mfbt (r=froydnj)
MozReview-Commit-ID: Hw3zDX3TOhs

--HG--
extra : rebase_source : 96d93215f9d79e376df25108d0f4d82a178bda28
2017-08-23 10:16:56 -05:00
Tristan Bourvon 2e77c99160 Bug 1374024 - add checker to prevent dangling pointers returned by method calls on temporaries. r=mystor
MozReview-Commit-ID: 9khNt59ONF
2017-07-05 16:14:21 +02:00
Cykesiopka ec8581113b Bug 1355692 - Add MOZ_FALLTHROUGH macro definition for gcc 7 to suppress -Wimplicit-fallthrough warnings. r=glandium
The generic fallback MOZ_FALLTHROUGH definition is insufficient for GCC 7 and
above, resulting in --enable-warnings-as-errors builds failing.

The check for clang support is changed to use the __has_cpp_attribute macro,
which is more robust than checking the __cplusplus version.

Also, MOZ_FALLTHROUGH is now only defined in C++ code, since GCC errors out if
it encounters a scoped attribute being used with __has_cpp_attribute in C code.
No C code uses MOZ_FALLTHROUGH or derivatives at the moment.

MozReview-Commit-ID: 4nKFBRD5jSF

--HG--
extra : rebase_source : 0c37ae39c806ca24a3271d3ec19531dd16e05daf
2017-07-28 00:11:28 +08:00
Carsten "Tomcat" Book 6f930b42b1 Backed out changeset 1a0693cc418b (bug 1374024) for bustage 2017-07-13 15:14:51 +02:00
Tristan Bourvon 473b245885 Bug 1374024 - add checker to prevent dangling pointers returned by method calls on temporaries. r=mystor
MozReview-Commit-ID: 9khNt59ONFE
2017-07-05 16:14:21 +02:00
Carsten "Tomcat" Book 2332473008 Backed out changeset 1a49d403a9a4 (bug 1374024) for bustage 2017-07-13 11:10:31 +02:00
Tristan Bourvon 20068f7ba3 Bug 1374024 - add checker to prevent dangling pointers returned by method calls
on temporaries. r=mystor

MozReview-Commit-ID: 9khNt59ONFE
2017-07-05 16:14:21 +02:00
Christian Holler b8ee76ebd8 Bug 1373256 - Changes to support -fsanitize=integer in the codebase. r=froydnj
The -fsanitize=integer analysis from UBSan can be helpful to detect signed and unsigned integer overflows in the codebase. Unfortunately, those occur very frequently, making it impossible to test anything with it without the use of a huge blacklist. This patch includes a blacklist that is broad enough to silence everything that would drain performance too much. But even with this blacklist, neither tests nor fuzzing is "clean". We can however in the future combine this with static analysis to limit ourselves to interesting places to look at, or improve the dynamic analysis to omit typical benign overflows.

It also adds another attribute that can be used on functions. It is not used right now because it was initially easier to add things to the compile-time blacklist to get started.

Finally, it includes a runtime suppression list and patches various parts in the test harnesses to support that. It is currently empty and it should not be used on frequent overflows because it is expensive. However, it has the advantage that it can be used to differentiate between signed and unsigned overflows while the compile-time blacklist cannot do that. So it can be used to e.g. silence unsigned integer overflows on a file or function while still reporting signed issues. We can also use this suppression list for any other UBSan related suppressions, should we ever want to use other features from that sanitizer.

MozReview-Commit-ID: C5ofhfJdpCS

--HG--
extra : rebase_source : 952043a441b41b2f58ec4abc51ac15fa71fc142f
2017-04-09 12:59:26 +02:00
Carsten "Tomcat" Book d8e080c10c Backed out changeset 07e0c4e4ae85 (bug 1373256) for breaking android tests 2017-06-28 14:47:55 +02:00
Christian Holler 9924ab3046 Bug 1373256 - Changes to support -fsanitize=integer in the codebase. r=froydnj
The -fsanitize=integer analysis from UBSan can be helpful to detect signed and unsigned integer overflows in the codebase. Unfortunately, those occur very frequently, making it impossible to test anything with it without the use of a huge blacklist. This patch includes a blacklist that is broad enough to silence everything that would drain performance too much. But even with this blacklist, neither tests nor fuzzing is "clean". We can however in the future combine this with static analysis to limit ourselves to interesting places to look at, or improve the dynamic analysis to omit typical benign overflows.

It also adds another attribute that can be used on functions. It is not used right now because it was initially easier to add things to the compile-time blacklist to get started.

Finally, it includes a runtime suppression list and patches various parts in the test harnesses to support that. It is currently empty and it should not be used on frequent overflows because it is expensive. However, it has the advantage that it can be used to differentiate between signed and unsigned overflows while the compile-time blacklist cannot do that. So it can be used to e.g. silence unsigned integer overflows on a file or function while still reporting signed issues. We can also use this suppression list for any other UBSan related suppressions, should we ever want to use other features from that sanitizer.

MozReview-Commit-ID: C5ofhfJdpCS

--HG--
extra : rebase_source : 64aa804965d24bb90b103c00c692a2ac6859e408
2017-04-09 12:59:26 +02:00
Jonathan Kew 67ca6e1f88 Bug 1365928 - patch 1 - Add a MOZ_NONNULL_RETURN annotation to mfbt/Attributes.h. r=froydnj 2017-05-22 19:00:19 +01:00
Tom Tromey aa6e054b71 Bug 1334279 - mark vsprintf-likes with MOZ_FORMAT_PRINTF; r=froydnj
This annotates vsprintf-like functions with MOZ_FORMAT_PRINTF.  This may
provide some minimal checking of such calls (the GCC docs say that it
checks for the string for "consistency"); but in any case shouldn't
hurt.

MozReview-Commit-ID: HgnAK1LiorE

--HG--
extra : rebase_source : 9c8d715d6560f89078c26ba3934e52a2b5778b6a
2017-05-04 12:10:19 -06:00
Tom Ritter fcb35c70f7 Bug 1331349 Fix printf formatting errors in MinGW compilation r=froydnj
MozReview-Commit-ID: A4PMABfxzez

--HG--
extra : rebase_source : d0c40a495ad390aeb71ddc81c33daa081f6e0ba7
2017-03-31 00:14:43 -05:00
Michael Layzell 4689eec07a Bug 1331434 - Part 1: Add an analysis to require a return after calls to annotated functions, r=ehsan
MozReview-Commit-ID: 7NqXap8FdSn
2017-03-07 19:06:48 -05:00
David Major 0cf4adb5f3 Bug 1324093 - Part 3.5: Add MOZ_MAYBE_UNUSED to mfbt/Attributes.h. r=froydnj
MozReview-Commit-ID: Ef1nkRipaDg

--HG--
extra : rebase_source : ea298dc948a027e5a686c2f022cce5d8cb170f27
2017-01-18 09:37:54 +13:00
Nicholas Nethercote ceb22bead5 Bug 1325541 - Expand comments for MOZ_MUST_USE. r=froydnj.
DONTBUILD because it's a comment-only change.

--HG--
extra : rebase_source : 1b2343279f15a05ba633a0407f3eba07d6231083
2016-12-23 16:11:33 +11:00
Chris Peterson 20bc668a02 Bug 1280295 - Remove MOZ_HAVE_REF_QUALIFIERS. r=froydnj 2017-01-03 22:42:33 -08:00
Tom Tromey 06530c20e7 Bug 553032 - document MOZ_FORMAT_PRINTF; r=froydnj
MozReview-Commit-ID: 4qX1nltLBxf

--HG--
extra : rebase_source : 5d82dbe8108fc5d9926cc0586a78dc753251f896
2016-10-13 13:08:39 -06:00
Tom Tromey 4fa10fe6d8 Bug 553032 - move MOZ_FORMAT_PRINTF to mfbt; r=froydnj
MozReview-Commit-ID: 2aC4ZUOsGPK

--HG--
extra : rebase_source : ec936e8447624653980d9168587223694a9e10c7
2016-10-11 12:42:58 -06:00
Sebastian Hengst 4a6a9cdc8b Backed out changeset 16f326945f38 (bug 553032) for spidermonkey bustage. r=backout on a CLOSED TREE 2016-10-19 18:33:37 +02:00
Sebastian Hengst 37ca79e0a6 Backed out changeset e832fc3b5a03 (bug 553032) 2016-10-19 18:29:45 +02:00
Tom Tromey 0c5f301aeb Bug 553032 - document MOZ_FORMAT_PRINTF; r=froydnj
MozReview-Commit-ID: 4qX1nltLBxf

--HG--
extra : rebase_source : f3b97164a51996a48a28fd74df76988858dacfcf
2016-10-13 13:08:39 -06:00
Tom Tromey f1365f75b0 Bug 553032 - move MOZ_FORMAT_PRINTF to mfbt; r=froydnj
MozReview-Commit-ID: 2aC4ZUOsGPK

--HG--
extra : rebase_source : 9b72f9e9af80f165b82772e82ef64e66317805a5
2016-10-11 12:42:58 -06:00
Tooru Fujisawa 19d7f7bb03 Bug 1290337 - Part 22: Add moz_non_param annotation. r=ehsan,jwalden 2016-09-11 18:23:11 +09:00
Andi-Bogdan Postelnicu 8240adec88 Bug 1230311 - add annotation to enforce that if a method is overridden also base method is called. r=nfroyd
MozReview-Commit-ID: AQ3Kx2qidU0
2016-10-04 17:00:17 +03:00
Terrence Cole 76b800594e Backed out changeset d85334f696eb (bug 1285057) for implicitly depending on clang 3.8.
--HG--
extra : rebase_source : 472f9411c9d528d63d523c99f4842a1216bdd560
2016-09-23 15:59:55 -07:00
Terrence Cole b605dece0c Bug 1285057 - Blacklist UBSan detection of the GC's generic interfaces; r=sfink
--HG--
extra : rebase_source : f5367a8685ec462edb7e30e5ed3d274b4a9bcd0f
2016-07-07 08:59:36 -07:00
Andi-Bogdan Postelnicu 5a1fd6c4d4 Bug 525063 - add attribute to mark functions that initialize member variables for their parent class, in order to be scanned by clang-plugin static analysis. r=froydnj
MozReview-Commit-ID: 5yTnTUVLpSC
2016-08-30 10:07:03 +03:00
Michelangelo De Simone 0b2d2c0e55 Bug 1120059 - Remove unnecessary MOZ_EXPLICIT_CONVERSION macros. r=jwalden
MozReview-Commit-ID: 7CX1VnBRDpk

--HG--
extra : rebase_source : 36be7e6c91d2767c5a610a2806f89efa69ff1c74
2016-07-13 15:07:52 -07:00
Chris Peterson 43c2748f66 Bug 1277775 - Replace MOZ_CONSTEXPR{_VAR,_TMPL} with constexpr. r=froydnj 2016-07-08 14:39:53 -07:00
Andi-Bogdan Postelnicu 5e3fc1519f Bug 525063 - renamed MOZ_INITIALIZED_OUTSIDE_CONSTRUCTOR -> MOZ_INIT_OUTSIDE_CTOR. r=nfroyd
MozReview-Commit-ID: GPQY8b2OM2V
2016-06-28 16:30:49 +03:00
Andi-Bogdan Postelnicu 12bac0f757 Bug 525063 - add attribute to mark member variables that should be skipped by clang plugin initialization checker. r=nfroyd
MozReview-Commit-ID: 4V1YcK2thiF
2016-06-09 09:32:11 +03:00
Nicholas Nethercote 2511b2c327 Bug 1267550 (part 2) - Rename MOZ_WARN_UNUSED_RESULT as MOZ_MUST_USE. r=froydnj.
It's an annotation that is used a lot, and should be used even more, so a
shorter name is better.

MozReview-Commit-ID: 1VS4Dney4WX

--HG--
extra : rebase_source : b26919c1b0fcb32e5339adeef5be5becae6032cf
2016-04-27 14:16:50 +10:00