This is an archive of the discontinued LLVM Phabricator instance.

Differential D121306

[Sema] add warning for tautological FP compare with literal
ClosedPublic

Authored by spatel on Mar 9 2022, 9:44 AM.

Details

Reviewers
rsmith
xbolva00
aaron.ballman
efriedma
Commits
rGab982eace6e4: [Sema] add warning for tautological FP compare with literal
Summary

If we are comparing an FP literal with a value that is casted from a type where the literal can't be represented, that's probably a programmer error.

This is a fix for:
https://github.com/llvm/llvm-project/issues/54222

Note - I added the optimizer change with:
9397bdc67eb2
...and as discussed in the post-commit comments, that transform might be too dangerous without this warning in place (and we might want to revert it anyway until this patch has had some time to bake in the wild).

Diff Detail

Event Timeline

spatel created this revision.Mar 9 2022, 9:44 AM
Herald added a project: Restricted Project. · View Herald TranscriptMar 9 2022, 9:44 AM
Herald added a subscriber: mcrosier. · View Herald Transcript
spatel requested review of this revision.Mar 9 2022, 9:44 AM
spatel mentioned this in rG9397bdc67eb2: [InstCombine] fold fcmp with lossy casted constant.Mar 9 2022, 9:52 AM
Harbormaster completed remote builds in B153381: Diff 414129.Mar 9 2022, 10:14 AM
xbolva00 added a reviewer: aaron.ballman.Mar 9 2022, 10:47 AM
xbolva00 added a comment.Mar 9 2022, 10:56 AM

Thanks! Yeah, we need a warning like this one.

Some nits added.

clang/include/clang/Basic/DiagnosticSemaKinds.td
122

maybe even say why this is always false?

clang/test/Sema/floating-point-compare.c
26

// expected-warning {{result of floating-point comparison is always false}}

35

Same here.

spatel marked 3 inline comments as done.Mar 9 2022, 12:26 PM
spatel added inline comments.
clang/include/clang/Basic/DiagnosticSemaKinds.td
122

Sure. I'm not sure how wordy we want to be, but I can add the source type as a parameter, so that should make it clearer.

Then we would show something like this:

54222.c:4:12: warning: floating-point comparison is always false: constant cannot be represented exactly in type 'float' [-Wliteral-range]
  return f == 0.1;
spatel updated this revision to Diff 414185.Mar 9 2022, 12:28 PM
spatel marked an inline comment as done.

Patch updated:

  1. Improved warning message.
  2. Check warning string more exactly in test file.
xbolva00 added inline comments.Mar 9 2022, 12:36 PM
clang/include/clang/Basic/DiagnosticSemaKinds.td
122

Sounds good

Harbormaster completed remote builds in B153416: Diff 414185.Mar 9 2022, 1:09 PM
spatel mentioned this in rG9fac110bf708: Revert "[InstCombine] fold fcmp with lossy casted constant".Mar 10 2022, 7:25 AM
spatel updated this revision to Diff 415478.Mar 15 2022, 9:40 AM

No code changes, just updated test comments.

spatel added a reviewer: efriedma.Mar 15 2022, 9:41 AM

Ping.

efriedma added a comment.Mar 15 2022, 10:07 AM

This check seems a little narrow, but fine, I guess.

clang/lib/Sema/SemaChecking.cpp
11432

Fix comments?

11439

Maybe consider IgnoreParens().

11450

There's a helper for this pattern: SourceTy->getAs<BuiltinType>()

clang/test/Sema/floating-point-compare.c
26–36

Maybe also add a testcase with an explicit float->double cast?

Harbormaster completed remote builds in B154358: Diff 415478.Mar 15 2022, 10:08 AM
spatel updated this revision to Diff 415517.Mar 15 2022, 11:25 AM
spatel marked 4 inline comments as done.

Patch updated:

  1. Updated function comment.
  2. Look through optional parentheses.
  3. Use getAs<BuiltinType>.
  4. Add tests with explicit casts, parens.
Harbormaster completed remote builds in B154386: Diff 415517.Mar 15 2022, 11:26 AM
xbolva00 added inline comments.Mar 15 2022, 11:44 AM
clang/test/Sema/floating-point-compare.c
35

One test with macro?
#define CST 0.3

f == CST

spatel updated this revision to Diff 415543.Mar 15 2022, 12:37 PM
spatel marked an inline comment as done.

Added test with macro.

Harbormaster completed remote builds in B154405: Diff 415543.Mar 15 2022, 1:35 PM
xbolva00 added a comment.Mar 15 2022, 1:57 PM

Thanks. One last thing - small info in Clang release notes?

spatel added a comment.Mar 16 2022, 5:44 AM
In D121306#3383771, @xbolva00 wrote:

Thanks. One last thing - small info in Clang release notes?

Sure - but if we're going to document this as a feature, I will add the != sibling warning now, so we don't advertise a half-implemented enhancement. :)

xbolva00 added a comment.Mar 16 2022, 6:01 AM

Yes, support for != would be fine.

spatel updated this revision to Diff 415802.Mar 16 2022, 6:19 AM
spatel edited the summary of this revision. (Show Details)

Patch updated:

  1. Implemented warning for != with selective text.
  2. Added tests for != warning.
  3. Mentioned improvement in release notes.
Harbormaster completed remote builds in B154583: Diff 415802.Mar 16 2022, 6:55 AM
efriedma added a comment.Mar 16 2022, 12:04 PM

I don't think "floating-point comparison is only true for NaN" is accurate? It should just be "floating-point comparison is always true ", I think.

spatel added a comment.Mar 16 2022, 12:31 PM
In D121306#3387016, @efriedma wrote:

I don't think "floating-point comparison is only true for NaN" is accurate? It should just be "floating-point comparison is always true ", I think.

Ah, right. I mistakenly was thinking of C "!=" as "fcmp one" in IR, but the semantics are "fcmp une":
https://godbolt.org/z/TP7145Psv
https://alive2.llvm.org/ce/z/sbRVpA

spatel updated this revision to Diff 415949.Mar 16 2022, 1:06 PM

Updated code comments and warning message for != case; that's always true.

efriedma accepted this revision.Mar 16 2022, 1:28 PM

LGTM

This revision is now accepted and ready to land.Mar 16 2022, 1:28 PM
Harbormaster completed remote builds in B154680: Diff 415949.Mar 16 2022, 1:36 PM
Closed by commit rGab982eace6e4: [Sema] add warning for tautological FP compare with literal (authored by spatel). · Explain WhyMar 17 2022, 5:27 AM
This revision was automatically updated to reflect the committed changes.
spatel added a commit: rGab982eace6e4: [Sema] add warning for tautological FP compare with literal.
Herald added a project: Restricted Project. · View Herald TranscriptMar 17 2022, 5:27 AM
Herald added a subscriber: cfe-commits. · View Herald Transcript
alexfh added a subscriber: alexfh.Mar 24 2022, 10:08 AM

What's the right fix for this warning, using a literal of the same floating point type? Did you consider adding a fixit hint to the diagnostic?

efriedma added a comment.Mar 24 2022, 11:11 AM
In D121306#3405824, @alexfh wrote:

What's the right fix for this warning, using a literal of the same floating point type?

Probably? Depends on why you're trying to use equality on floating-point numbers; "x == 0.3" is inherently a bit suspicious.

Did you consider adding a fixit hint to the diagnostic?

A fixit to do what? Replacing the comparison with a literal "true"/"false" would probably be unwelcome. And I don't really want a "fixit" to change the meaning of well-defined code.

Revision Contents

PathSize
clang/
include/
clang/
Basic/
3 lines
Sema/
3 lines
lib/
Sema/
39 lines
4 lines
test/
Sema/
14 lines

Diff 414129

clang/include/clang/Basic/DiagnosticSemaKinds.td

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 112 Lines▼ Show 20 Linesdef ext_predef_outside_function : Warning<
"predefined identifier is only valid inside function">, "predefined identifier is only valid inside function">,
InGroup<DiagGroup<"predefined-identifier-outside-function">>; InGroup<DiagGroup<"predefined-identifier-outside-function">>;
def warn_float_overflow : Warning< def warn_float_overflow : Warning<
"magnitude of floating-point constant too large for type %0; maximum is %1">, "magnitude of floating-point constant too large for type %0; maximum is %1">,
InGroup<LiteralRange>; InGroup<LiteralRange>;
def warn_float_underflow : Warning< def warn_float_underflow : Warning<
"magnitude of floating-point constant too small for type %0; minimum is %1">, "magnitude of floating-point constant too small for type %0; minimum is %1">,
InGroup<LiteralRange>; InGroup<LiteralRange>;
def warn_tautological_float_compare : Warning<
"result of floating-point comparison is always false">,
xbolva00Unsubmitted
Done
ReplyInline Actions

maybe even say why this is always false?

xbolva00: maybe even say why this is always false?
spatelAuthorUnsubmitted
Done
ReplyInline Actions

Sure. I'm not sure how wordy we want to be, but I can add the source type as a parameter, so that should make it clearer.

Then we would show something like this:

54222.c:4:12: warning: floating-point comparison is always false: constant cannot be represented exactly in type 'float' [-Wliteral-range]
  return f == 0.1;
spatel: Sure. I'm not sure how wordy we want to be, but I can add the source type as a parameter, so…
xbolva00Unsubmitted
Not Done
ReplyInline Actions

Sounds good

xbolva00: Sounds good
InGroup<LiteralRange>;
def warn_double_const_requires_fp64 : Warning< def warn_double_const_requires_fp64 : Warning<
"double precision constant requires %select{cl_khr_fp64|cl_khr_fp64 and __opencl_c_fp64}0, " "double precision constant requires %select{cl_khr_fp64|cl_khr_fp64 and __opencl_c_fp64}0, "
"casting to single precision">; "casting to single precision">;
def err_half_const_requires_fp16 : Error< def err_half_const_requires_fp16 : Error<
"half precision constant requires cl_khr_fp16">; "half precision constant requires cl_khr_fp16">;
// C99 variable-length arrays // C99 variable-length arrays
def ext_vla : Extension<"variable length arrays are a C99 feature">, def ext_vla : Extension<"variable length arrays are a C99 feature">,
▲ Show 20 LinesShow All 11,403 LinesShow Last 20 Lines

clang/include/clang/Sema/Sema.h

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 12,912 Lines▼ Show 20 Linesprivate:
void CheckReturnValExpr(Expr *RetValExp, QualType lhsType, void CheckReturnValExpr(Expr *RetValExp, QualType lhsType,
SourceLocation ReturnLoc, SourceLocation ReturnLoc,
bool isObjCMethod = false, bool isObjCMethod = false,
const AttrVec *Attrs = nullptr, const AttrVec *Attrs = nullptr,
const FunctionDecl *FD = nullptr); const FunctionDecl *FD = nullptr);
public: public:
void CheckFloatComparison(SourceLocation Loc, Expr *LHS, Expr *RHS); void CheckFloatComparison(SourceLocation Loc, Expr *LHS, Expr *RHS,
BinaryOperatorKind Opcode);
private: private:
void CheckImplicitConversions(Expr *E, SourceLocation CC = SourceLocation()); void CheckImplicitConversions(Expr *E, SourceLocation CC = SourceLocation());
void CheckBoolLikeConversion(Expr *E, SourceLocation CC); void CheckBoolLikeConversion(Expr *E, SourceLocation CC);
void CheckForIntOverflow(Expr *E); void CheckForIntOverflow(Expr *E);
void CheckUnsequencedOperations(const Expr *E); void CheckUnsequencedOperations(const Expr *E);
/// Perform semantic checks on a completed expression. This will either /// Perform semantic checks on a completed expression. This will either
▲ Show 20 LinesShow All 381 LinesShow Last 20 Lines

clang/lib/Sema/SemaChecking.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 11,423 Lines▼ Show 20 LinesSema::CheckReturnValExpr(Expr *RetValExp, QualType lhsType,
if (Context.getTargetInfo().getTriple().isPPC64()) if (Context.getTargetInfo().getTriple().isPPC64())
CheckPPCMMAType(RetValExp->getType(), ReturnLoc); CheckPPCMMAType(RetValExp->getType(), ReturnLoc);
} }
//===--- CHECK: Floating-Point comparisons (-Wfloat-equal) ---------------===// //===--- CHECK: Floating-Point comparisons (-Wfloat-equal) ---------------===//
/// Check for comparisons of floating point operands using != and ==. /// Check for comparisons of floating point operands using != and ==.
/// Issue a warning if these are no self-comparisons, as they are not likely /// Issue a warning if these are no self-comparisons, as they are not likely
/// to do what the programmer intended. /// to do what the programmer intended.
efriedmaUnsubmitted
Done
ReplyInline Actions

Fix comments?

efriedma: Fix comments?
void Sema::CheckFloatComparison(SourceLocation Loc, Expr* LHS, Expr *RHS) { void Sema::CheckFloatComparison(SourceLocation Loc, Expr *LHS, Expr *RHS,
BinaryOperatorKind Opcode) {
// Match and capture subexpressions such as "(float) X == 0.1".
FloatingLiteral *FPLiteral;
CastExpr *FPCast;
auto getCastAndLiteral = [&FPLiteral, &FPCast](Expr *L, Expr *R) {
FPLiteral = dyn_cast<FloatingLiteral>(L);
efriedmaUnsubmitted
Done
ReplyInline Actions

Maybe consider IgnoreParens().

efriedma: Maybe consider IgnoreParens().
FPCast = dyn_cast<CastExpr>(R);
return FPLiteral && FPCast;
};
if (getCastAndLiteral(LHS, RHS) || getCastAndLiteral(RHS, LHS)) {
const Type *SourceTy =
Context.getCanonicalType(FPCast->getSubExpr()->getType()).getTypePtr();
const Type *TargetTy =
Context.getCanonicalType(FPLiteral->getType()).getTypePtr();
auto *SourceBT = dyn_cast<BuiltinType>(SourceTy);
auto *TargetBT = dyn_cast<BuiltinType>(TargetTy);
efriedmaUnsubmitted
Done
ReplyInline Actions

There's a helper for this pattern: SourceTy->getAs<BuiltinType>()

efriedma: There's a helper for this pattern: `SourceTy->getAs<BuiltinType>()`
// If the literal cannot be represented in the casted source type, then
// this probably is not the intended comparison.
if (SourceBT && TargetBT && SourceBT->isFloatingPoint() &&
TargetBT->isFloatingPoint()) {
bool Lossy;
llvm::APFloat TruncC = FPLiteral->getValue();
TruncC.convert(Context.getFloatTypeSemantics(QualType(SourceBT, 0)),
llvm::APFloat::rmNearestTiesToEven, &Lossy);
if (Lossy) {
if (Opcode == BO_EQ)
Diag(Loc, diag::warn_tautological_float_compare)
<< LHS->getSourceRange() << RHS->getSourceRange();
// TODO: Add warning for != comparison. It's an !isnan() in disguise.
return;
}
}
}
Expr* LeftExprSansParen = LHS->IgnoreParenImpCasts(); Expr* LeftExprSansParen = LHS->IgnoreParenImpCasts();
Expr* RightExprSansParen = RHS->IgnoreParenImpCasts(); Expr* RightExprSansParen = RHS->IgnoreParenImpCasts();
// Special case: check for x == x (which is OK). // Special case: check for x == x (which is OK).
// Do not emit warnings for such cases. // Do not emit warnings for such cases.
if (DeclRefExpr* DRL = dyn_cast<DeclRefExpr>(LeftExprSansParen)) if (DeclRefExpr* DRL = dyn_cast<DeclRefExpr>(LeftExprSansParen))
if (DeclRefExpr* DRR = dyn_cast<DeclRefExpr>(RightExprSansParen)) if (DeclRefExpr* DRR = dyn_cast<DeclRefExpr>(RightExprSansParen))
if (DRL->getDecl() == DRR->getDecl()) if (DRL->getDecl() == DRR->getDecl())
▲ Show 20 LinesShow All 5,906 LinesShow Last 20 Lines

clang/lib/Sema/SemaExpr.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 11,883 Lines▼ Show 20 Lines if (Type.isNull())
return S.InvalidOperands(Loc, LHS, RHS); return S.InvalidOperands(Loc, LHS, RHS);
assert(Type->isArithmeticType() || Type->isEnumeralType()); assert(Type->isArithmeticType() || Type->isEnumeralType());
if (Type->isAnyComplexType() && BinaryOperator::isRelationalOp(Opc)) if (Type->isAnyComplexType() && BinaryOperator::isRelationalOp(Opc))
return S.InvalidOperands(Loc, LHS, RHS); return S.InvalidOperands(Loc, LHS, RHS);
// Check for comparisons of floating point operands using != and ==. // Check for comparisons of floating point operands using != and ==.
if (Type->hasFloatingRepresentation() && BinaryOperator::isEqualityOp(Opc)) if (Type->hasFloatingRepresentation() && BinaryOperator::isEqualityOp(Opc))
S.CheckFloatComparison(Loc, LHS.get(), RHS.get()); S.CheckFloatComparison(Loc, LHS.get(), RHS.get(), Opc);
// The result of comparisons is 'bool' in C++, 'int' in C. // The result of comparisons is 'bool' in C++, 'int' in C.
return S.Context.getLogicalOperationType(); return S.Context.getLogicalOperationType();
} }
void Sema::CheckPtrComparisonWithNullChar(ExprResult &E, ExprResult &NullE) { void Sema::CheckPtrComparisonWithNullChar(ExprResult &E, ExprResult &NullE) {
if (!NullE.get()->getType()->isAnyPointerType()) if (!NullE.get()->getType()->isAnyPointerType())
return; return;
▲ Show 20 LinesShow All 574 Lines▼ Show 20 LinesQualType Sema::CheckVectorCompareOperands(ExprResult &LHS, ExprResult &RHS,
// x == x, x != x, x < x, etc. These always evaluate to a constant, and // x == x, x != x, x < x, etc. These always evaluate to a constant, and
// often indicate logic errors in the program. // often indicate logic errors in the program.
diagnoseTautologicalComparison(*this, Loc, LHS.get(), RHS.get(), Opc); diagnoseTautologicalComparison(*this, Loc, LHS.get(), RHS.get(), Opc);
// Check for comparisons of floating point operands using != and ==. // Check for comparisons of floating point operands using != and ==.
if (BinaryOperator::isEqualityOp(Opc) && if (BinaryOperator::isEqualityOp(Opc) &&
LHSType->hasFloatingRepresentation()) { LHSType->hasFloatingRepresentation()) {
assert(RHS.get()->getType()->hasFloatingRepresentation()); assert(RHS.get()->getType()->hasFloatingRepresentation());
CheckFloatComparison(Loc, LHS.get(), RHS.get()); CheckFloatComparison(Loc, LHS.get(), RHS.get(), Opc);
} }
// Return a signed type for the vector. // Return a signed type for the vector.
return GetSignedVectorType(vType); return GetSignedVectorType(vType);
} }
static void diagnoseXorMisusedAsPow(Sema &S, const ExprResult &XorLHS, static void diagnoseXorMisusedAsPow(Sema &S, const ExprResult &XorLHS,
const ExprResult &XorRHS, const ExprResult &XorRHS,
▲ Show 20 LinesShow All 7,589 LinesShow Last 20 Lines

clang/test/Sema/floating-point-compare.c

// RUN: %clang_cc1 -fsyntax-only -Wfloat-equal -verify %s // RUN: %clang_cc1 -fsyntax-only -Wfloat-equal -verify %s
int f1(float x, float y) { int f1(float x, float y) {
return x == y; // expected-warning {{comparing floating point with ==}} return x == y; // expected-warning {{comparing floating point with ==}}
} }
int f2(float x, float y) { int f2(float x, float y) {
return x != y; // expected-warning {{comparing floating point with ==}} return x != y; // expected-warning {{comparing floating point with ==}}
} }
int f3(float x) { int f3(float x) {
return x == x; // no-warning return x == x; // no-warning
} }
// 0.0 can be represented exactly, so don't warn.
int f4(float x) { int f4(float x) {
return x == 0.0; // no-warning {{comparing}} return x == 0.0; // no-warning {{comparing}}
} }
int f5(float x) { int f5(float x) {
return x == __builtin_inf(); // no-warning return x == __builtin_inf(); // no-warning
} }
// The literal is a double that can't be represented exactly as a float.
int f7(float x) { int f7(float x) {
return x == 3.14159; // expected-warning {{comparing}} return x == 3.14159; // expected-warning {{always false}}
xbolva00Unsubmitted
Done
ReplyInline Actions

// expected-warning {{result of floating-point comparison is always false}}

xbolva00: // expected-warning {{result of floating-point comparison is always false}}
}
// The literal is a double that can be represented exactly as a long double,
// but this might not be the comparison what was intended.
int not_tautological_FP_compare(long double f) {
return f == 0.1; // expected-warning {{comparing floating point with ==}}
}
int tautological_FP_compare_commute(float f) {
xbolva00Unsubmitted
Done
ReplyInline Actions

Same here.

xbolva00: Same here.
xbolva00Unsubmitted
Done
ReplyInline Actions

One test with macro?
#define CST 0.3

f == CST

xbolva00: One test with macro? #define CST 0.3 f == CST
return 0.3 == f; // expected-warning {{always false}}
efriedmaUnsubmitted
Done
ReplyInline Actions

Maybe also add a testcase with an explicit float->double cast?

efriedma: Maybe also add a testcase with an explicit float->double cast?
} }