This is an archive of the discontinued LLVM Phabricator instance.

Differential D34430

[Clang][TypoCorrection] Clang hangs in typo correction
Needs ReviewPublic

Authored by iid_iunknown on Jun 20 2017, 5:00 PM.

Details

Reviewers
asl
rsmith
Summary

This is a patch for PR33484.
The clang's typo correction logic may fall into an infinite loop when reaching the typo correction limit.

When some complex expression has multiple typos in it, clang finds possible corrections for each typo and processes various permutations of these corrections. The typo corrections counter is incremented during the process and compared to the max allowed limit (50 by default). Hang may happen if the limit is reached in the middle of complex expression processing. In this case transform of the current part of the expression fails, making clang ignore its subsequent parts and bail out to the main transform loop in TransformTypos::Transform(Expr *E). On the next iteration, clang fails at the very beginning of transform and no longer reaches the rest of the expression immediately bailing out to the main loop. The transform cannot advance since this moment. As the loop exit condition requires either a fully successful transform or having all the permutations processed, it can never become true.

Yet another reproducer with a readable C++ code:

namespace
{
  struct V
  {
    float x;
  };

  class H
  {
  public:
    const V& getV() const { return mV; }
    int getN() const { return mN; }
  private:
    V mV;
    int mN;
  };

  class T
  {
  public:
    const H& getH0() const { return mH0; }
    const H& getH1() const { return mH1; }

    const V& getV0() const { return mH0.getV(); }
    const V& getV1() const { return mH1.getV(); }

  private:
    H mH0;
    H mH1;
  };
	
  T sT;
  H sH;
}

void func()
{
  ( sT.getH2().getM() > sH.getM() ?
    sT.getH3() :
    0 );
}

Here, both the condition and LHS of ?: have typos. If the limit is exceeded, the transform will fail on the condition and will no longer proceed to LHS and process its substitutions.

The patch adds a limit check into the main loop exit condition.

Diff Detail

Repository
rL LLVM

Event Timeline

iid_iunknown created this revision.Jun 20 2017, 5:00 PM
iid_iunknown updated this revision to Diff 103297.Jun 20 2017, 5:05 PM

Fixed white spaces.

iid_iunknown added a comment.Jun 21 2017, 7:32 AM

No hang with this patch on the test case from PR33484. Clang reports a number of expected compilation errors instead.

iid_iunknown added a reviewer: rsmith.Jun 21 2017, 7:33 AM
iid_iunknown added a subscriber: kcc.
iid_iunknown added a comment.Jul 10 2017, 7:28 AM

A gentle reminder about this patch.

kcc added a comment.Jul 17 2017, 6:29 PM

Looks good, but I don't know this code well enough to stamp LGTM. Richard?

Revision Contents

PathSize
lib/
Sema/
SemaExprCXX.cpp
SemaExprCXX.cpp (revision 303570)
5 lines

Diff 103297

lib/Sema/SemaExprCXX.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 7,240 Lines▼ Show 20 Linesclass TransformTypos : public TreeTransform<TransformTypos> {
/// the next combination of substitutions for the other TypoExprs by advancing /// the next combination of substitutions for the other TypoExprs by advancing
/// to the next potential correction of the second TypoExpr. For the second /// to the next potential correction of the second TypoExpr. For the second
/// and subsequent TypoExprs, if its stream of corrections has been exhausted, /// and subsequent TypoExprs, if its stream of corrections has been exhausted,
/// the stream is reset and the next TypoExpr's stream is advanced by one (a /// the stream is reset and the next TypoExpr's stream is advanced by one (a
/// TypoExpr's correction stream is advanced by removing the TypoExpr from the /// TypoExpr's correction stream is advanced by removing the TypoExpr from the
/// TransformCache). Returns true if there is still any untried combinations /// TransformCache). Returns true if there is still any untried combinations
/// of corrections. /// of corrections.
bool CheckAndAdvanceTypoExprCorrectionStreams() { bool CheckAndAdvanceTypoExprCorrectionStreams() {
bool CheckLimitExceeded =
SemaRef.TyposCorrected >=
SemaRef.getDiagnostics().getDiagnosticOptions().SpellCheckingLimit;
for (auto TE : TypoExprs) { for (auto TE : TypoExprs) {
auto &State = SemaRef.getTypoExprState(TE); auto &State = SemaRef.getTypoExprState(TE);
TransformCache.erase(TE); TransformCache.erase(TE);
if (!State.Consumer->finished()) if (!CheckLimitExceeded && !State.Consumer->finished())
return true; return true;
State.Consumer->resetCorrectionStream(); State.Consumer->resetCorrectionStream();
} }
return false; return false;
} }
NamedDecl *getDeclFromExpr(Expr *E) { NamedDecl *getDeclFromExpr(Expr *E) {
if (auto *OE = dyn_cast_or_null<OverloadExpr>(E)) if (auto *OE = dyn_cast_or_null<OverloadExpr>(E))
▲ Show 20 LinesShow All 329 LinesShow Last 20 Lines