This is an archive of the discontinued LLVM Phabricator instance.

[clang][dataflow] Fix double visitation of nested logical operators
ClosedPublic

Authored by li.zhe.hua on May 17 2022, 11:25 AM.

Details

Summary

Sub-expressions that are logical operators are not spelled out
separately in basic blocks, so we need to manually visit them when we
encounter them. We do this in both the TerminatorVisitor
(conditionally) and the TransferVisitor (unconditionally), which can
cause cause an expression to be visited twice when the binary
operators are nested 2+ times.

This changes the visit in TransferVisitor to check if it has been
evaluated before trying to visit the sub-expression.

Diff Detail

Event Timeline

li.zhe.hua created this revision.May 17 2022, 11:25 AM
Herald added a project: Restricted Project. · View Herald TranscriptMay 17 2022, 11:25 AM
li.zhe.hua requested review of this revision.May 17 2022, 11:25 AM
Herald added a project: Restricted Project. · View Herald TranscriptMay 17 2022, 11:25 AM
Herald added a subscriber: cfe-commits. · View Herald Transcript
ymandel added inline comments.May 17 2022, 11:50 AM
clang/lib/Analysis/FlowSensitive/Transfer.cpp
574

I'm afraid this may allow us to hide a bug. Specifically: consider if SubExpr was already evaluated to a RefenceValue and that value's StorageLocation does *not* map to a value. Then, this line will be true, but we won't want to revisit the SubExrp. Now, that may be impossible in practice, so I'm not sure how big a problem this is, but it seems safer to just use SkipPast::None and not rely on any guarantees.

That said, i see why you want the uniformity of Reference because it is used below. That said, any idea if we actually need to use Reference skipping at all? I think so -- the case of a variable or field access as sub-expression, but those probably have a cast around them anyhow, so i'm not sure those will require reference skipping.

Address comments

li.zhe.hua marked an inline comment as done.May 17 2022, 12:11 PM
li.zhe.hua added inline comments.
clang/lib/Analysis/FlowSensitive/Transfer.cpp
574

I'm afraid this may allow us to hide a bug.

Ah, yes, that is definitely true.

That said, any idea if we actually need to use Reference skipping at all?

Whatever we choose, I imagine it should be kept the same as the analogous line in extendFlowCondition? I've opted to not change it for now, given my uncertainty.

ymandel accepted this revision.May 17 2022, 1:27 PM

Thanks!

This revision is now accepted and ready to land.May 17 2022, 1:27 PM
This revision was automatically updated to reflect the committed changes.
li.zhe.hua marked an inline comment as done.