This is an archive of the discontinued LLVM Phabricator instance.

Differential D157018

[-Wunsafe-buffer-usage] Replace assert that declarations are always found
ClosedPublic

Authored by t-rasmud on Aug 3 2023, 11:06 AM.

Details

Reviewers
NoQ
ziqingluo-90
jkorous
malavikasamak
jdoerfert
Commits
rGcf1c64b94d94: [-Wunsafe-buffer-usage] Replace assert that declarations are always found

Diff Detail

Event Timeline

t-rasmud created this revision.Aug 3 2023, 11:06 AM
Herald added a reviewer: NoQ. · View Herald TranscriptAug 3 2023, 11:06 AM
Herald added a project: Restricted Project. · View Herald Transcript
t-rasmud requested review of this revision.Aug 3 2023, 11:06 AM
t-rasmud added reviewers: ziqingluo-90, jkorous, malavikasamak.
Harbormaster completed remote builds in B250129: Diff 546946.Aug 3 2023, 2:24 PM
ziqingluo-90 added a comment.Aug 3 2023, 3:50 PM

How about having some tests?

t-rasmud added a comment.Aug 7 2023, 11:24 AM
In D157018#4559135, @ziqingluo-90 wrote:

How about having some tests?

My understanding is that we are not sure of when this assert might be hit. This was probably hit when lambda captures were not handled but not anymore. We want to replace the assert with a debug note to catch cases when we can't find a VarDecl for a declaration statement. @NoQ Could you please confirm if my understanding is correct?

t-rasmud updated this revision to Diff 547868.Aug 7 2023, 11:24 AM
ziqingluo-90 added a comment.Aug 7 2023, 1:56 PM

My understanding is that we are not sure of when this assert might be hit.

aha, I cannot think of an example either so I was curious. What you said makes sense to me.

NoQ added a comment.Aug 7 2023, 2:35 PM

I don't have any test cases in mind immediately. We could try our usual suspects such as globals and DecompositionDecls (they're subclass of VarDecl, unlike BindingDecl). But it could totally be that it dodges them because of other checks we already have.

But I agree that the assertion should be removed: we just no longer believe that it needs to hold!

clang/lib/Analysis/UnsafeBufferUsage.cpp
2058

Other notes start with small letter 😅

Harbormaster completed remote builds in B250852: Diff 547868.Aug 7 2023, 3:08 PM
t-rasmud updated this revision to Diff 547999.Aug 7 2023, 5:11 PM
Herald added a reviewer: jdoerfert. · View Herald TranscriptAug 7 2023, 5:11 PM
Herald added subscribers: jplehr, sstefan1. · View Herald Transcript
NoQ added a comment.Aug 7 2023, 5:33 PM

Oo I think I broke it! https://godbolt.org/z/7efM6TvxM

We needed to use the tuple mode of decomposition because it eagerly unpacks the tuple into, in our case, a raw pointer that we can try to analyze.

This, of course, makes it much harder to write the test because you'll need to mock <tuple>. Looks like we have some existing mocks in test/Analysis/uninit-structured-binding-tuple.cpp, they might help.

I suspect it'll be much easier to break this assertion once we start supporting std::array. So it's great that we're removing it.

Harbormaster completed remote builds in B250951: Diff 547999.Aug 7 2023, 8:20 PM
NoQ accepted this revision.Aug 15 2023, 3:36 PM

Yeah nvm that's a different assertion and an unrelated crash. Which we'll also need to fix but not in this patch. LGTM then!

This revision is now accepted and ready to land.Aug 15 2023, 3:36 PM
This revision was landed with ongoing or failed builds.Aug 15 2023, 3:42 PM
Closed by commit rGcf1c64b94d94: [-Wunsafe-buffer-usage] Replace assert that declarations are always found (authored by t-rasmud). · Explain Why
This revision was automatically updated to reflect the committed changes.
t-rasmud added a commit: rGcf1c64b94d94: [-Wunsafe-buffer-usage] Replace assert that declarations are always found.
Herald added a project: Restricted Project. · View Herald TranscriptAug 15 2023, 3:42 PM
Herald added a subscriber: cfe-commits. · View Herald Transcript

Revision Contents

PathSize
clang/
lib/
Analysis/
8 lines
test/
SemaCXX/
12 lines

Diff 550508

clang/lib/Analysis/UnsafeBufferUsage.cpp

Show First 20 LinesShow All 882 Lines▼ Show 20 Lines for (const Decl *D : DS->decls()) {
// assert(Defs.count(VD) == 0 && "Definition already discovered!"); // assert(Defs.count(VD) == 0 && "Definition already discovered!");
Defs[VD] = DS; Defs[VD] = DS;
} }
} }
} }
const DeclStmt *lookupDecl(const VarDecl *VD) const { const DeclStmt *lookupDecl(const VarDecl *VD) const {
auto It = Defs.find(VD); auto It = Defs.find(VD);
assert(It != Defs.end() && "Definition never discovered!"); if (It == Defs.end())
return nullptr;
return It->second; return It->second;
} }
}; };
} // namespace } // namespace
namespace { namespace {
// Strategy is a map from variables to the way we plan to emit fixes for // Strategy is a map from variables to the way we plan to emit fixes for
// these variables. It is figured out gradually by trying different fixes // these variables. It is figured out gradually by trying different fixes
▲ Show 20 LinesShow All 1,148 Lines▼ Show 20 Linesstatic FixItList fixParamWithSpan(const ParmVarDecl *PVD, const ASTContext &Ctx,
return {}; return {};
} }
static FixItList fixVariableWithSpan(const VarDecl *VD, static FixItList fixVariableWithSpan(const VarDecl *VD,
const DeclUseTracker &Tracker, const DeclUseTracker &Tracker,
ASTContext &Ctx, ASTContext &Ctx,
UnsafeBufferUsageHandler &Handler) { UnsafeBufferUsageHandler &Handler) {
const DeclStmt *DS = Tracker.lookupDecl(VD); const DeclStmt *DS = Tracker.lookupDecl(VD);
assert(DS && "Fixing non-local variables not implemented yet!"); if (!DS) {
DEBUG_NOTE_DECL_FAIL(VD, " : variables declared this way not implemented yet");
NoQUnsubmitted
Not Done
ReplyInline Actions
if (!DS) {
- DEBUG_NOTE_DECL_FAIL(VD, " : Variables declared this way not implemented yet");
+ DEBUG_NOTE_DECL_FAIL(VD, " : variables declared this way not implemented yet");
return {};

Other notes start with small letter 😅

NoQ: Other notes start with small letter 😅
return {};
}
if (!DS->isSingleDecl()) { if (!DS->isSingleDecl()) {
// FIXME: to support handling multiple `VarDecl`s in a single `DeclStmt` // FIXME: to support handling multiple `VarDecl`s in a single `DeclStmt`
DEBUG_NOTE_DECL_FAIL(VD, " : multiple VarDecls"); DEBUG_NOTE_DECL_FAIL(VD, " : multiple VarDecls");
return {}; return {};
} }
// Currently DS is an unused variable but we'll need it when // Currently DS is an unused variable but we'll need it when
// non-single decls are implemented, where the pointee type name // non-single decls are implemented, where the pointee type name
// and the '*' are spread around the place. // and the '*' are spread around the place.
▲ Show 20 LinesShow All 453 LinesShow Last 20 Lines

clang/test/SemaCXX/warn-unsafe-buffer-usage-debug.cpp

Show First 20 LinesShow All 60 Lines▼ Show 20 Lines
void implied_unclaimed_var(int *b) { // expected-warning{{'b' is an unsafe pointer used for buffer access}} void implied_unclaimed_var(int *b) { // expected-warning{{'b' is an unsafe pointer used for buffer access}}
int *a = new int[3]; // expected-warning{{'a' is an unsafe pointer used for buffer access}} int *a = new int[3]; // expected-warning{{'a' is an unsafe pointer used for buffer access}}
a[4] = 7; // expected-note{{used in buffer access here}} a[4] = 7; // expected-note{{used in buffer access here}}
a = b; // debug-note{{safe buffers debug: gadget 'PointerAssignment' refused to produce a fix}} a = b; // debug-note{{safe buffers debug: gadget 'PointerAssignment' refused to produce a fix}}
b++; // expected-note{{used in pointer arithmetic here}} \ b++; // expected-note{{used in pointer arithmetic here}} \
// debug-note{{safe buffers debug: failed to produce fixit for 'b' : has an unclaimed use}} // debug-note{{safe buffers debug: failed to produce fixit for 'b' : has an unclaimed use}}
} }
int *a = new int[3]; // expected-warning{{'a' is an unsafe pointer used for buffer access}} \
// debug-note{{safe buffers debug: failed to produce fixit for 'a' : neither local nor a parameter}}
void test_globals() {
a[7] = 4; // expected-note{{used in buffer access here}}
}
void test_decomp_decl() {
int a[2] = {1, 2};
auto [x, y] = a;
x = 9;
}