This is an archive of the discontinued LLVM Phabricator instance.

[-Wunsafe-buffer-usage][WIP] Add fixit for variables that have an assignment from another spanified pointer
AbandonedPublic

Authored by t-rasmud on Feb 1 2023, 8:10 PM.

Diff Detail

Event Timeline

t-rasmud created this revision.Feb 1 2023, 8:10 PM
Herald added a project: Restricted Project. · View Herald TranscriptFeb 1 2023, 8:10 PM
t-rasmud requested review of this revision.Feb 1 2023, 8:10 PM
NoQ added a comment.Feb 6 2023, 3:52 PM

Ooo, that's a big one. Our first fixable that can connect multiple variables together. IIUC this patch doesn't yet teach the strategy machine how to pick related strategies for related variables, it just teaches the fixit machine what to do when the strategy is already picked.

clang/lib/Analysis/UnsafeBufferUsage.cpp
463–465

Shouldn't it also claim the RHS? Otherwise, how would the machine know that it's covered?

764

I suspect you want to check the strategy for LHS here as well. Just because the method was called, doesn't mean we plan to use span over it specifically.

1051

Oh, that's probably why it worked without the other claim!

NoQ added a comment.Feb 7 2023, 3:53 PM

Wait, I completely misread, you *were* trying to mutate the strategy. I think it makes sense to split this work the way I thought it's already split: first get fixits when the strategy is already set (which this patch almost has), then try to figure out how to mutate and fixpoint-iterate-over the strategy.

t-rasmud updated this revision to Diff 495958.Feb 8 2023, 2:37 PM

WIP: Fixable for ptr1 = ptr2 when both LHS and RHS have their fixit strategies set as std::span.

t-rasmud updated this revision to Diff 496243.Feb 9 2023, 2:41 PM
t-rasmud updated this revision to Diff 496267.Feb 9 2023, 3:44 PM
  • Fixes crash caused by FixableGadgetSets and WarningGadgetSets being unique pointers in the context of multiple declaration gadgets.
t-rasmud updated this revision to Diff 496269.Feb 9 2023, 3:47 PM
NoQ added a comment.Feb 9 2023, 4:08 PM

Aha, great! Looks like our fancy ownership model couldn't handle shared ownership for multi-variable gadgets, so we're back to raw pointers. Works for me, it's not like they're buffers or something. I have minor nitpicks and then I think we can land!

clang/lib/Analysis/UnsafeBufferUsage.cpp
452–453

I think this overruns the 80-column limit.

463–464

I think these checks should be included in the matcher(). There could be a different Fixable that takes care of these non-variable cases, and if there indeed is one, we really don't want to it to overlap with this Fixable.

694

clang-format will probably recommend a space there.

1048

Now that they're in the same scope, the move doesn't really accomplish anything. You can probably drop the Tracker variable and rename TrackerRes to Tracker.

t-rasmud updated this revision to Diff 496282.Feb 9 2023, 4:37 PM
t-rasmud marked 3 inline comments as done.

Address feedback.

ziqingluo-90 added inline comments.Feb 9 2023, 5:30 PM
clang/lib/Analysis/UnsafeBufferUsage.cpp
467

Since the matcher only requires PtrLHS (or PtrRHS) to be Expr instead of specifically DeclRefExpr, we could have LDRE (or RDRE respectively) be null here.

jkorous added inline comments.Feb 9 2023, 10:09 PM
clang/lib/Analysis/UnsafeBufferUsage.cpp
467

I am wondering if we should simply move the logic related to DeclRefExpr and IgnoreParenImpCasts to the matcher() method (expressed as AST matcher).

t-rasmud updated this revision to Diff 496613.Feb 10 2023, 3:16 PM
t-rasmud marked 4 inline comments as done.
t-rasmud marked 2 inline comments as done.Feb 13 2023, 9:08 AM
jkorous added inline comments.Feb 13 2023, 10:36 AM
clang/lib/Analysis/UnsafeBufferUsage.cpp
425

Nit: assignment seems to have only one form :)

761

Isn't LeftDRE identical to PtrLHS and RightDRE identical to PtrRHS?

NoQ added a comment.Feb 15 2023, 6:53 PM

We've noticed a subtle problem offline yesterday: sounds like if fixits for both sides are desired (like in the primary test case) but one of them can't be emitted (eg., due to unsupported variable use) then the other fixit alone will be incorrect: it'll act as if both p and q are spanified, so it'll emit no change for p = q. Also generally, we really don't want users to apply fixits for p and q independently; that won't lead to correct code. So it sounds like we cannot land this patch until we learn how to group related variables together.

t-rasmud abandoned this revision.Mar 14 2023, 11:42 AM

Abandoning patch in favor of D145739