Name Description Size
.clang-format 19
alpha
ArithmeticArgChecker.cpp 2891
ArithmeticArgChecker.h 600
AssertAssignmentChecker.cpp 771
AssertAssignmentChecker.h 612
BaseCheck.h 1096
CanRunScriptChecker.cpp This checker implements the "can run script" analysis. The idea is to detect functions that can run script that are being passed reference-counted arguments (including "this") whose refcount might go to zero as a result of the script running. We want to prevent that. The approach is to attempt to enforce the following invariants on the call graph: 1) Any caller of a MOZ_CAN_RUN_SCRIPT function is itself MOZ_CAN_RUN_SCRIPT. 2) If a virtual MOZ_CAN_RUN_SCRIPT method overrides a base class method, that base class method is also MOZ_CAN_RUN_SCRIPT. Invariant 2 ensures that we don't accidentally call a MOZ_CAN_RUN_SCRIPT function via a base-class virtual call. Invariant 1 ensures that the property of being able to run script propagates up the callstack. There is an opt-out for invariant 1: A function (declaration _or_ implementation) can be decorated with MOZ_CAN_RUN_SCRIPT_BOUNDARY to indicate that we do not require it or any of its callers to be MOZ_CAN_RUN_SCRIPT even if it calls MOZ_CAN_RUN_SCRIPT functions. There are two known holes in invariant 1, apart from the MOZ_CAN_RUN_SCRIPT_BOUNDARY opt-out: - Functions called via function pointers can be MOZ_CAN_RUN_SCRIPT even if their caller is not, because we have no way to determine from the function pointer what function is being called. - MOZ_CAN_RUN_SCRIPT destructors can happen in functions that are not MOZ_CAN_RUN_SCRIPT. https://bugzilla.mozilla.org/show_bug.cgi?id=1535523 tracks this. Given those invariants we then require that when calling a MOZ_CAN_RUN_SCRIPT function all refcounted arguments (including "this") satisfy one of these conditions: a) The argument is held via a strong pointer on the stack. b) The argument is a const strong pointer member of "this". We know "this" is being kept alive, and a const strong pointer member can't drop its ref until "this" dies. c) The argument is an argument of the caller (and hence held by a strong pointer somewhere higher up the callstack). d) The argument is explicitly annotated with MOZ_KnownLive, which indicates that something is guaranteed to keep it alive (e.g. it's rooted via a JS reflector). e) The argument is constexpr and therefore cannot disappear. 20387
CanRunScriptChecker.h 1040
Checks.inc 2335
ChecksIncludes.inc 1720
CustomAttributes.cpp Having annotations in the AST unexpectedly impacts codegen. Ideally, we'd avoid having annotations at all, by using an API such as the one from https://reviews.llvm.org/D31338, and storing the attributes data separately from the AST on our own. Unfortunately, there is no such API currently in clang, so we must do without. We can do something similar, though, where we go through the AST before running the checks, create a mapping of AST nodes to attributes, and remove the attributes/annotations from the AST nodes. Not all declarations can be reached from the decl() AST matcher, though, so we do our best effort (getting the other declarations we look at in checks). We emit a warning when checks look at a note that still has annotations attached (aka, hasn't been seen during our first pass), so that those don't go unnoticed. (-Werror should then take care of making that an error) 4708
CustomAttributes.h CustomAttributes_h__ 1218
CustomAttributes.inc 919
CustomMatchers.h 17827
CustomTypeAnnotation.cpp 6352
CustomTypeAnnotation.h 2852
DanglingOnTemporaryChecker.cpp 10210
DanglingOnTemporaryChecker.h 653
DiagnosticsMatcher.cpp 644
DiagnosticsMatcher.h 802
ExplicitImplicitChecker.cpp 1319
ExplicitImplicitChecker.h 612
ExplicitOperatorBoolChecker.cpp 1187
ExplicitOperatorBoolChecker.h 658
external
FopenUsageChecker.cpp 3313
FopenUsageChecker.h 588
import_mozilla_checks.py set(LLVM_LINK_COMPONENTS support) add_definitions( -DCLANG_TIDY ) add_clang_library(clangTidyMozillaModule ThirdPartyPaths.cpp %(names)s LINK_LIBS clangTidy clangTidyReadabilityModule clangTidyUtils clangTidyMPIModule ) clang_target_link_libraries(clangTidyMozillaModule PRIVATE clangAST clangASTMatchers clangBasic clangLex ) 5663
JSHandleRootedTypedefChecker.cpp 1404
JSHandleRootedTypedefChecker.h 699
KnownLiveChecker.cpp 1399
KnownLiveChecker.h 620
KungFuDeathGripChecker.cpp 4177
KungFuDeathGripChecker.h 608
LoadLibraryUsageChecker.cpp 1352
LoadLibraryUsageChecker.h 653
Makefile.in 992
MemMoveAnnotation.h 1966
moz.build 4393
MozCheckAction.cpp 985
MozillaTidyModule.cpp 1300
mozsearch-plugin
MustOverrideChecker.cpp 2273
MustOverrideChecker.h 708
MustReturnFromCallerChecker.cpp 4329
MustReturnFromCallerChecker.h 907
NaNExprChecker.cpp 2328
NaNExprChecker.h 576
NeedsNoVTableTypeChecker.cpp 1381
NeedsNoVTableTypeChecker.h 616
NoAddRefReleaseOnReturnChecker.cpp 1381
NoAddRefReleaseOnReturnChecker.h 673
NoAutoTypeChecker.cpp 809
NoAutoTypeChecker.h 588
NoDuplicateRefCntMemberChecker.cpp 2627
NoDuplicateRefCntMemberChecker.h 673
NoExplicitMoveConstructorChecker.cpp 892
NoExplicitMoveConstructorChecker.h 683
NoNewThreadsChecker.cpp 1459
NoNewThreadsChecker.h 633
NonMemMovableMemberChecker.cpp 1299
NonMemMovableMemberChecker.h 653
NonMemMovableTemplateArgChecker.cpp 2129
NonMemMovableTemplateArgChecker.h 678
NonParamInsideFunctionDeclChecker.cpp 7898
NonParamInsideFunctionDeclChecker.h 688
NonTrivialTypeInFfiChecker.cpp 1945
NonTrivialTypeInFfiChecker.h 653
NoPrincipalGetURI.cpp 1102
NoPrincipalGetURI.h 588
NoUsingNamespaceMozillaJavaChecker.cpp 906
NoUsingNamespaceMozillaJavaChecker.h 693
OverrideBaseCallChecker.cpp 3677
OverrideBaseCallChecker.h 1065
OverrideBaseCallUsageChecker.cpp 798
OverrideBaseCallUsageChecker.h This is a companion checker for OverrideBaseCallChecker that rejects the usage of MOZ_REQUIRED_BASE_METHOD on non-virtual base methods. 843
ParamTraitsEnumChecker.cpp 1334
ParamTraitsEnumChecker.h 608
plugin.h 1699
RecurseGuard.h 1658
RefCountedCopyConstructorChecker.cpp 1427
RefCountedCopyConstructorChecker.h 683
RefCountedInsideLambdaChecker.cpp 6194
RefCountedInsideLambdaChecker.h 1031
RefCountedThisInsideConstructorChecker.cpp 1144
RefCountedThisInsideConstructorChecker.h 744
ScopeChecker.cpp 7183
ScopeChecker.h 568
SprintfLiteralChecker.cpp 3194
SprintfLiteralChecker.h 604
StmtToBlockMap.h 2926
tests
ThirdPartyPaths.h 497
ThirdPartyPaths.py This file generates a ThirdPartyPaths.cpp file from the ThirdPartyPaths.txt file in /tools/rewriting, which is used by the Clang Plugin to help identify sources which should be ignored. 918
ThreadAllows.py \ static const char *allow_thread_{which}[] = {{ {allowed_list_s} }}; 2863
ThreadAllows.txt 2692
ThreadFileAllows.txt 2637
TrivialCtorDtorChecker.cpp 1229
TrivialCtorDtorChecker.h 608
TrivialDtorChecker.cpp 815
TrivialDtorChecker.h 592
Utils.h 15813
VariableUsageHelpers.cpp 9808
VariableUsageHelpers.h 2638