This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
include/clang/AST/
-
clang/
-
AST/
-
Expr.h
-
lib/Analysis/
-
Analysis/
3/12
ExprMutationAnalyzer.cpp
-
unittests/Analysis/
-
Analysis/
-
ExprMutationAnalyzerTest.cpp

Differential D58894

[analyzer] Handle modification of vars inside an expr with comma operator
ClosedPublic

Authored by djtodoro on Mar 3 2019, 11:43 PM.

Download Raw Diff

Details

Reviewers

shuaiwang
lebedev.ri

Commits

rGeb39991c8b40: [analyzer] handle modification of vars inside an expr with comma operator
rC355605: [analyzer] handle modification of vars inside an expr with comma operator
rL355605: [analyzer] handle modification of vars inside an expr with comma operator

Summary

We should track mutation of a variable within a comma operator expression.
Current code in ExprMutationAnalyzer does not handle it.

This will handle cases like:

(a, b) ++ < == b is modified
(a, b) = c < == b is modifed

Diff Detail

Event Timeline

djtodoro created this revision.Mar 3 2019, 11:43 PM

Herald added subscribers: Charusso, jdoerfert, dkrupp and 7 others. · View Herald TranscriptMar 3 2019, 11:43 PM

Thank you for working on this!

Is there any way to model this more generically?
I.e don't duplicate every naive matcher (ignoring possible presence of , op) with an variant that does not ignore ,.
E.g. will this handle (a,b)+=1 ?
What about (a,b).callNonConstMethod(), (a,b).callConstMethod() ?

@lebedev.ri Thanks for your comment!

Is there any way to model this more generically?
I.e don't duplicate every naive matcher (ignoring possible presence of , op) with an variant that does not ignore ,.
E.g. will this handle (a,b)+=1 ?

Hmm, I am not sure if there is a place for that, since this is very specific to comma operators. Any suggestions ?
It handles the situation ((a,b)+=1).

What about (a,b).callNonConstMethod(), (a,b).callConstMethod() ?

This needs to be extended to support function/method calls. I guess ExprMutationAnalyzer::findFunctionArgMutation requires an improvement.

djtodoro added subscribers: NikolaPrica, petarj, asowda, ivanbaev.Mar 4 2019, 1:05 AM

In D58894#1416691, @djtodoro wrote:

@lebedev.ri Thanks for your comment!

Is there any way to model this more generically?
I.e don't duplicate every naive matcher (ignoring possible presence of , op) with an variant that does not ignore ,.
E.g. will this handle (a,b)+=1 ?

Hmm, I am not sure if there is a place for that, since this is very specific to comma operators. Any suggestions ?
It handles the situation ((a,b)+=1).

What about (a,b).callNonConstMethod(), (a,b).callConstMethod() ?

This needs to be extended to support function/method calls. I guess ExprMutationAnalyzer::findFunctionArgMutation requires an improvement.

Well, given

// LHS of any assignment operators.
const auto AsAssignmentLhs =
    binaryOperator(isAssignmentOperator(), hasLHS(equalsNode(Exp)));

The problem is that hasLHS() may get , op.
In isAssigmentWithCommma(), you check if that is , op, and if so, return it's right hand.
And this duplication is the problem as far as i can see.

Now, i don't know the final solution, but have you considered adding something like:

AST_MATCHER_P(Expr, skipCommaOps,
              ast_matchers::internal::Matcher<Expr>, InnerMatcher) {
  const Expr* Result = Node;
  while (const auto *BOComma =
               dyn_cast_or_null<BinaryOperator>(Result->IgnoreParens())) {
    if (!BOComma->isCommaOp())
      break;
    Result = BOComma->getRHS();
  }
  return Result;
}

and then simply changing

// LHS of any assignment operators.
const auto AsAssignmentLhs =
    binaryOperator(isAssignmentOperator(), hasLHS(equalsNode(Exp)));

// LHS of any assignment operators.
const auto AsAssignmentLhs =
    binaryOperator(isAssignmentOperator(), hasLHS(skipCommaOps(equalsNode(Exp))));

@lebedev.ri I agree, thank you! I needed to be more precise in my previous reply, sorry for that. I thought it will be (somehow) overhead if I change existing, very basic, matchers.

I already implemented a static function that skips comma operands, and extended this to support member calls, functions, etc.
But, implementing it as a new matcher sounds like better idea.

Thanks!

In D58894#1418251, @djtodoro wrote:

@lebedev.ri I agree, thank you! I needed to be more precise in my previous reply, sorry for that. I thought it will be (somehow) overhead if I change existing, very basic, matchers.

I indeed don't think the existing matchers should be changed to ignore these , ops (or implicit casts, like some issue reports propose).

I already implemented a static function that skips comma operands, and extended this to support member calls, functions, etc.

But, implementing it as a new matcher sounds like better idea.

Yes. I think this matcher will be very baseline, and can just be added where needed
(with appropriate test coverage, of course), without matcher duplication like in this current diff.

Thanks!

Thanks for working on this.

-add AST matcher that skips operands in comma expression
-add unit tests for extended support

@lebedev.ri I agree, thank you! I needed to be more precise in my previous reply, sorry for that. I thought it will be (somehow) overhead if I change existing, very basic, matchers.

I indeed don't think the existing matchers should be changed to ignore these , ops (or implicit casts, like some issue reports propose).

I already implemented a static function that skips comma operands, and extended this to support member calls, functions, etc.
But, implementing it as a new matcher sounds like better idea.

Yes. I think this matcher will be very baseline, and can just be added where needed
(with appropriate test coverage, of course), without matcher duplication like in this current diff.

@lebedev.ri I agree, we are on the same page! Thanks!

Nice, i like this!
I think the test coverage is good.
But what about other equalsNode() that you didn't change?
Do some of them need this change too?

lib/Analysis/ExprMutationAnalyzer.cpp
27	(Can anyone suggest a better name maybe? I'm not sure this is the most correct name, but i can't suggest a better alternative.)
223	Not changed?
225–227	Can these two happen with comma op?
240	Same, can this happen with comma op?
248	And here too
265	And here
279	And here

Nice, i like this!
I think the test coverage is good.

@lebedev.ri Thanks!

But what about other equalsNode() that you didn't change?
Do some of them need this change too?

For sure some of them (maybe all of them) needs usage of the new comma matcher.
I didn't check all of them, for those I checked I've created test cases.
But I agree, it should handle all possible situation.

lib/Analysis/ExprMutationAnalyzer.cpp
27	Maybe `evalCommaExpr`?

lebedev.ri added inline comments.Mar 6 2019, 2:45 AM

lib/Analysis/ExprMutationAnalyzer.cpp
27	Ah, yes, `eval` sounds better. But, it won't always eval comma op or bailout. It will eval if it is there. So maybe `maybeEvalCommaExpr` (pun intended!).

djtodoro marked an inline comment as done.Mar 6 2019, 4:06 AM

djtodoro added inline comments.

lib/Analysis/ExprMutationAnalyzer.cpp
27	Sure, `maybeEvalCommaExpr` sounds better. Or, one more suggestion is `tryEvalCommaExpr` ?

Anyways, this looks good in this state.
Thank you for working on this!

If you don't intend to immediately work on fixing the rest of , cases here,
*please* do file a bug so it won't get lost. (and link it here)

lib/Analysis/ExprMutationAnalyzer.cpp
27	`try`, at least to me, has the same meaning as `evalCommaExpr`, i.e. one might expect that if it fails, it will fail. So not sure.

This revision is now accepted and ready to land.Mar 6 2019, 9:46 AM

Anyways, this looks good in this state.
Thank you for working on this!

Thanks!

If you don't intend to immediately work on fixing the rest of , cases here,
*please* do file a bug so it won't get lost. (and link it here)

I already extended this in order to support the rest of direct mutations.

lib/Analysis/ExprMutationAnalyzer.cpp
27	Hmm, I agree. You are right. Let it be `maybeEvalCommaExpr` (for now), if there is no better suggestion.

-add support for the rest of direct mutation cases

Still LG.
I'm sure you have verified that there is test coverage for all the newly-supported cases.

Closed by commit rL355605: [analyzer] handle modification of vars inside an expr with comma operator (authored by petarj). · Explain WhyMar 7 2019, 7:50 AM

This revision was automatically updated to reflect the committed changes.

Herald added a project: Restricted Project. · View Herald TranscriptMar 7 2019, 7:50 AM

Herald added a subscriber: llvm-commits. · View Herald Transcript

Revision Contents

Path

Size

include/

clang/

AST/

Expr.h

3 lines

lib/

Analysis/

ExprMutationAnalyzer.cpp

25 lines

unittests/

Analysis/

ExprMutationAnalyzerTest.cpp

59 lines

Diff 189461

include/clang/AST/Expr.h

Show First 20 Lines • Show All 3,392 Lines • ▼ Show 20 Lines	public:
bool isRelationalOp() const { return isRelationalOp(getOpcode()); }		bool isRelationalOp() const { return isRelationalOp(getOpcode()); }

static bool isEqualityOp(Opcode Opc) { return Opc == BO_EQ \|\| Opc == BO_NE; }		static bool isEqualityOp(Opcode Opc) { return Opc == BO_EQ \|\| Opc == BO_NE; }
bool isEqualityOp() const { return isEqualityOp(getOpcode()); }		bool isEqualityOp() const { return isEqualityOp(getOpcode()); }

static bool isComparisonOp(Opcode Opc) { return Opc >= BO_Cmp && Opc<=BO_NE; }		static bool isComparisonOp(Opcode Opc) { return Opc >= BO_Cmp && Opc<=BO_NE; }
bool isComparisonOp() const { return isComparisonOp(getOpcode()); }		bool isComparisonOp() const { return isComparisonOp(getOpcode()); }

		static bool isCommaOp(Opcode Opc) { return Opc == BO_Comma; }
		bool isCommaOp() const { return isCommaOp(getOpcode()); }

static Opcode negateComparisonOp(Opcode Opc) {		static Opcode negateComparisonOp(Opcode Opc) {
switch (Opc) {		switch (Opc) {
default:		default:
llvm_unreachable("Not a comparison operator.");		llvm_unreachable("Not a comparison operator.");
case BO_LT: return BO_GE;		case BO_LT: return BO_GE;
case BO_GT: return BO_LE;		case BO_GT: return BO_LE;
case BO_LE: return BO_GT;		case BO_LE: return BO_GT;
case BO_GE: return BO_LT;		case BO_GE: return BO_LT;
▲ Show 20 Lines • Show All 2,381 Lines • Show Last 20 Lines

lib/Analysis/ExprMutationAnalyzer.cpp

Show All 18 Lines
}		}

AST_MATCHER_P(CXXForRangeStmt, hasRangeStmt,		AST_MATCHER_P(CXXForRangeStmt, hasRangeStmt,
ast_matchers::internal::Matcher<DeclStmt>, InnerMatcher) {		ast_matchers::internal::Matcher<DeclStmt>, InnerMatcher) {
const DeclStmt *const Range = Node.getRangeStmt();		const DeclStmt *const Range = Node.getRangeStmt();
return InnerMatcher.matches(*Range, Finder, Builder);		return InnerMatcher.matches(*Range, Finder, Builder);
}		}

		AST_MATCHER_P(Expr, skipCommaOps,
		lebedev.riUnsubmitted Not Done Reply Inline Actions (Can anyone suggest a better name maybe? I'm not sure this is the most correct name, but i can't suggest a better alternative.) lebedev.ri: (Can anyone suggest a better name maybe? I'm not sure this is the most correct name, but i…
		djtodoroAuthorUnsubmitted Done Reply Inline Actions Maybe `evalCommaExpr`? djtodoro: Maybe `evalCommaExpr`?
		lebedev.riUnsubmitted Not Done Reply Inline Actions Ah, yes, `eval` sounds better. But, it won't always eval comma op or bailout. It will eval if it is there. So maybe `maybeEvalCommaExpr` (pun intended!). lebedev.ri: Ah, yes, `eval` sounds better. But, it won't always eval comma op or bailout. It will eval if…
		djtodoroAuthorUnsubmitted Done Reply Inline Actions Sure, `maybeEvalCommaExpr` sounds better. Or, one more suggestion is `tryEvalCommaExpr` ? djtodoro: Sure, `maybeEvalCommaExpr ` sounds better. Or, one more suggestion is `tryEvalCommaExpr` ?
		lebedev.riUnsubmitted Not Done Reply Inline Actions `try`, at least to me, has the same meaning as `evalCommaExpr`, i.e. one might expect that if it fails, it will fail. So not sure. lebedev.ri: `try`, at least to me, has the same meaning as `evalCommaExpr`, i.e. one might expect that if…
		djtodoroAuthorUnsubmitted Done Reply Inline Actions Hmm, I agree. You are right. Let it be `maybeEvalCommaExpr` (for now), if there is no better suggestion. djtodoro: Hmm, I agree. You are right. Let it be `maybeEvalCommaExpr` (for now), if there is no better…
		ast_matchers::internal::Matcher<Expr>, InnerMatcher) {
		const Expr* Result = &Node;
		while (const auto *BOComma =
		dyn_cast_or_null<BinaryOperator>(Result->IgnoreParens())) {
		if (!BOComma->isCommaOp())
		break;
		Result = BOComma->getRHS();
		}
		return InnerMatcher.matches(*Result, Finder, Builder);
		}

const ast_matchers::internal::VariadicDynCastAllOfMatcher<Stmt, CXXTypeidExpr>		const ast_matchers::internal::VariadicDynCastAllOfMatcher<Stmt, CXXTypeidExpr>
cxxTypeidExpr;		cxxTypeidExpr;

AST_MATCHER(CXXTypeidExpr, isPotentiallyEvaluated) {		AST_MATCHER(CXXTypeidExpr, isPotentiallyEvaluated) {
return Node.isPotentiallyEvaluated();		return Node.isPotentiallyEvaluated();
}		}

const ast_matchers::internal::VariadicDynCastAllOfMatcher<Stmt, CXXNoexceptExpr>		const ast_matchers::internal::VariadicDynCastAllOfMatcher<Stmt, CXXNoexceptExpr>
▲ Show 20 Lines • Show All 153 Lines • ▼ Show 20 Lines	const Stmt *ExprMutationAnalyzer::findDeclPointeeMutation(
ArrayRef<ast_matchers::BoundNodes> Matches) {		ArrayRef<ast_matchers::BoundNodes> Matches) {
return tryEachMatch<Decl>(Matches, this,		return tryEachMatch<Decl>(Matches, this,
&ExprMutationAnalyzer::findPointeeMutation);		&ExprMutationAnalyzer::findPointeeMutation);
}		}

const Stmt ExprMutationAnalyzer::findDirectMutation(const Expr Exp) {		const Stmt ExprMutationAnalyzer::findDirectMutation(const Expr Exp) {
// LHS of any assignment operators.		// LHS of any assignment operators.
const auto AsAssignmentLhs =		const auto AsAssignmentLhs =
binaryOperator(isAssignmentOperator(), hasLHS(equalsNode(Exp)));		binaryOperator(isAssignmentOperator(),
		hasLHS(skipCommaOps(equalsNode(Exp))));

// Operand of increment/decrement operators.		// Operand of increment/decrement operators.
const auto AsIncDecOperand =		const auto AsIncDecOperand =
unaryOperator(anyOf(hasOperatorName("++"), hasOperatorName("--")),		unaryOperator(anyOf(hasOperatorName("++"), hasOperatorName("--")),
hasUnaryOperand(equalsNode(Exp)));		hasUnaryOperand(skipCommaOps(equalsNode(Exp))));

// Invoking non-const member function.		// Invoking non-const member function.
// A member function is assumed to be non-const when it is unresolved.		// A member function is assumed to be non-const when it is unresolved.
const auto NonConstMethod = cxxMethodDecl(unless(isConst()));		const auto NonConstMethod = cxxMethodDecl(unless(isConst()));
const auto AsNonConstThis =		const auto AsNonConstThis =
expr(anyOf(cxxMemberCallExpr(callee(NonConstMethod), on(equalsNode(Exp))),		expr(anyOf(cxxMemberCallExpr(callee(NonConstMethod),
		on(skipCommaOps(equalsNode(Exp)))),
cxxOperatorCallExpr(callee(NonConstMethod),		cxxOperatorCallExpr(callee(NonConstMethod),
hasArgument(0, equalsNode(Exp))),		hasArgument(0, equalsNode(Exp))),
		lebedev.riUnsubmitted Not Done Reply Inline Actions Not changed? lebedev.ri: Not changed?
callExpr(callee(expr(anyOf(		callExpr(callee(expr(anyOf(
unresolvedMemberExpr(hasObjectExpression(equalsNode(Exp))),		unresolvedMemberExpr(hasObjectExpression(equalsNode(Exp))),
cxxDependentScopeMemberExpr(		cxxDependentScopeMemberExpr(
hasObjectExpression(equalsNode(Exp)))))))));		hasObjectExpression(equalsNode(Exp)))))))));
		lebedev.riUnsubmitted Not Done Reply Inline Actions Can these two happen with comma op? lebedev.ri: Can these two happen with comma op?

// Taking address of 'Exp'.		// Taking address of 'Exp'.
// We're assuming 'Exp' is mutated as soon as its address is taken, though in		// We're assuming 'Exp' is mutated as soon as its address is taken, though in
// theory we can follow the pointer and see whether it escaped `Stm` or is		// theory we can follow the pointer and see whether it escaped `Stm` or is
// dereferenced and then mutated. This is left for future improvements.		// dereferenced and then mutated. This is left for future improvements.
const auto AsAmpersandOperand =		const auto AsAmpersandOperand =
unaryOperator(hasOperatorName("&"),		unaryOperator(hasOperatorName("&"),
// A NoOp implicit cast is adding const.		// A NoOp implicit cast is adding const.
unless(hasParent(implicitCastExpr(hasCastKind(CK_NoOp)))),		unless(hasParent(implicitCastExpr(hasCastKind(CK_NoOp)))),
hasUnaryOperand(equalsNode(Exp)));		hasUnaryOperand(skipCommaOps(equalsNode(Exp))));
const auto AsPointerFromArrayDecay =		const auto AsPointerFromArrayDecay =
castExpr(hasCastKind(CK_ArrayToPointerDecay),		castExpr(hasCastKind(CK_ArrayToPointerDecay),
unless(hasParent(arraySubscriptExpr())), has(equalsNode(Exp)));		unless(hasParent(arraySubscriptExpr())), has(equalsNode(Exp)));
		lebedev.riUnsubmitted Not Done Reply Inline Actions Same, can this happen with comma op? lebedev.ri: Same, can this happen with comma op?
// Treat calling `operator->()` of move-only classes as taking address.		// Treat calling `operator->()` of move-only classes as taking address.
// These are typically smart pointers with unique ownership so we treat		// These are typically smart pointers with unique ownership so we treat
// mutation of pointee as mutation of the smart pointer itself.		// mutation of pointee as mutation of the smart pointer itself.
const auto AsOperatorArrowThis =		const auto AsOperatorArrowThis =
cxxOperatorCallExpr(hasOverloadedOperatorName("->"),		cxxOperatorCallExpr(hasOverloadedOperatorName("->"),
callee(cxxMethodDecl(ofClass(isMoveOnly()),		callee(cxxMethodDecl(ofClass(isMoveOnly()),
returns(nonConstPointerType()))),		returns(nonConstPointerType()))),
argumentCountIs(1), hasArgument(0, equalsNode(Exp)));		argumentCountIs(1), hasArgument(0, equalsNode(Exp)));
		lebedev.riUnsubmitted Not Done Reply Inline Actions And here too lebedev.ri: And here too

// Used as non-const-ref argument when calling a function.		// Used as non-const-ref argument when calling a function.
// An argument is assumed to be non-const-ref when the function is unresolved.		// An argument is assumed to be non-const-ref when the function is unresolved.
// Instantiated template functions are not handled here but in		// Instantiated template functions are not handled here but in
// findFunctionArgMutation which has additional smarts for handling forwarding		// findFunctionArgMutation which has additional smarts for handling forwarding
// references.		// references.
const auto NonConstRefParam = forEachArgumentWithParam(		const auto NonConstRefParam = forEachArgumentWithParam(
equalsNode(Exp), parmVarDecl(hasType(nonConstReferenceType())));		skipCommaOps(equalsNode(Exp)),
		parmVarDecl(hasType(nonConstReferenceType())));
const auto NotInstantiated = unless(hasDeclaration(isInstantiated()));		const auto NotInstantiated = unless(hasDeclaration(isInstantiated()));
const auto AsNonConstRefArg = anyOf(		const auto AsNonConstRefArg = anyOf(
callExpr(NonConstRefParam, NotInstantiated),		callExpr(NonConstRefParam, NotInstantiated),
cxxConstructExpr(NonConstRefParam, NotInstantiated),		cxxConstructExpr(NonConstRefParam, NotInstantiated),
callExpr(callee(expr(anyOf(unresolvedLookupExpr(), unresolvedMemberExpr(),		callExpr(callee(expr(anyOf(unresolvedLookupExpr(), unresolvedMemberExpr(),
cxxDependentScopeMemberExpr(),		cxxDependentScopeMemberExpr(),
hasType(templateTypeParmType())))),		hasType(templateTypeParmType())))),
hasAnyArgument(equalsNode(Exp))),		hasAnyArgument(equalsNode(Exp))),
		lebedev.riUnsubmitted Not Done Reply Inline Actions And here lebedev.ri: And here
cxxUnresolvedConstructExpr(hasAnyArgument(equalsNode(Exp))));		cxxUnresolvedConstructExpr(hasAnyArgument(equalsNode(Exp))));

// Captured by a lambda by reference.		// Captured by a lambda by reference.
// If we're initializing a capture with 'Exp' directly then we're initializing		// If we're initializing a capture with 'Exp' directly then we're initializing
// a reference capture.		// a reference capture.
// For value captures there will be an ImplicitCastExpr <LValueToRValue>.		// For value captures there will be an ImplicitCastExpr <LValueToRValue>.
const auto AsLambdaRefCaptureInit = lambdaExpr(hasCaptureInit(Exp));		const auto AsLambdaRefCaptureInit = lambdaExpr(hasCaptureInit(Exp));

// Returned as non-const-ref.		// Returned as non-const-ref.
// If we're returning 'Exp' directly then it's returned as non-const-ref.		// If we're returning 'Exp' directly then it's returned as non-const-ref.
// For returning by value there will be an ImplicitCastExpr <LValueToRValue>.		// For returning by value there will be an ImplicitCastExpr <LValueToRValue>.
// For returning by const-ref there will be an ImplicitCastExpr <NoOp> (for		// For returning by const-ref there will be an ImplicitCastExpr <NoOp> (for
// adding const.)		// adding const.)
const auto AsNonConstRefReturn = returnStmt(hasReturnValue(equalsNode(Exp)));		const auto AsNonConstRefReturn = returnStmt(hasReturnValue(equalsNode(Exp)));
		lebedev.riUnsubmitted Not Done Reply Inline Actions And here lebedev.ri: And here

const auto Matches =		const auto Matches =
match(findAll(stmt(anyOf(AsAssignmentLhs, AsIncDecOperand, AsNonConstThis,		match(findAll(stmt(anyOf(AsAssignmentLhs, AsIncDecOperand, AsNonConstThis,
AsAmpersandOperand, AsPointerFromArrayDecay,		AsAmpersandOperand, AsPointerFromArrayDecay,
AsOperatorArrowThis, AsNonConstRefArg,		AsOperatorArrowThis, AsNonConstRefArg,
AsLambdaRefCaptureInit, AsNonConstRefReturn))		AsLambdaRefCaptureInit, AsNonConstRefReturn))
.bind("stmt")),		.bind("stmt")),
Stm, Context);		Stm, Context);
▲ Show 20 Lines • Show All 172 Lines • Show Last 20 Lines

unittests/Analysis/ExprMutationAnalyzerTest.cpp

Show First 20 Lines • Show All 875 Lines • ▼ Show 20 Lines	TEST(ExprMutationAnalyzerTest, CastToConstRef) {
EXPECT_FALSE(isMutated(Results, AST.get()));		EXPECT_FALSE(isMutated(Results, AST.get()));

AST = buildASTFromCode("typedef const int& CIntRef;"		AST = buildASTFromCode("typedef const int& CIntRef;"
"void f() { int x; static_cast<CIntRef>(x); }");		"void f() { int x; static_cast<CIntRef>(x); }");
Results = match(withEnclosingCompound(declRefTo("x")), AST->getASTContext());		Results = match(withEnclosingCompound(declRefTo("x")), AST->getASTContext());
EXPECT_FALSE(isMutated(Results, AST.get()));		EXPECT_FALSE(isMutated(Results, AST.get()));
}		}

		TEST(ExprMutationAnalyzerTest, CommaExprWithAnAssigment) {
		const auto AST =
		buildASTFromCodeWithArgs("void f() { int x; int y; (x, y) = 5; }",
		{"-Wno-unused-value"});
		const auto Results =
		match(withEnclosingCompound(declRefTo("y")), AST->getASTContext());
		EXPECT_TRUE(isMutated(Results, AST.get()));
		}

		TEST(ExprMutationAnalyzerTest, CommaExprWithDecOp) {
		const auto AST =
		buildASTFromCodeWithArgs("void f() { int x; int y; (x, y)++; }",
		{"-Wno-unused-value"});
		const auto Results =
		match(withEnclosingCompound(declRefTo("y")), AST->getASTContext());
		EXPECT_TRUE(isMutated(Results, AST.get()));
		}

		TEST(ExprMutationAnalyzerTest, CommaExprWithNonConstMemberCall) {
		const auto AST =
		buildASTFromCodeWithArgs("class A { public: int mem; void f() { mem ++; } };"
		"void fn() { A o1, o2; (o1, o2).f(); }",
		{"-Wno-unused-value"});
		const auto Results =
		match(withEnclosingCompound(declRefTo("o2")), AST->getASTContext());
		EXPECT_TRUE(isMutated(Results, AST.get()));
		}

		TEST(ExprMutationAnalyzerTest, CommaExprWithConstMemberCall) {
		const auto AST =
		buildASTFromCodeWithArgs("class A { public: int mem; void f() const { } };"
		"void fn() { A o1, o2; (o1, o2).f(); }",
		{"-Wno-unused-value"});
		const auto Results =
		match(withEnclosingCompound(declRefTo("o2")), AST->getASTContext());
		EXPECT_FALSE(isMutated(Results, AST.get()));
		}

		TEST(ExprMutationAnalyzerTest, CommaExprParmRef) {
		const auto AST =
		buildASTFromCodeWithArgs("class A { public: int mem;};"
		"extern void fn(A &o1);"
		"void fn2 () { A o1, o2; fn((o2, o1)); } ",
		{"-Wno-unused-value"});
		const auto Results =
		match(withEnclosingCompound(declRefTo("o1")), AST->getASTContext());
		EXPECT_TRUE(isMutated(Results, AST.get()));
		}

		TEST(ExprMutationAnalyzerTest, CommaExprWithAmpersandOp) {
		const auto AST =
		buildASTFromCodeWithArgs("class A { public: int mem;};"
		"void fn () { A o1, o2; void *addr = &(o2, o1); } ",
		{"-Wno-unused-value"});
		const auto Results =
		match(withEnclosingCompound(declRefTo("o1")), AST->getASTContext());
		EXPECT_TRUE(isMutated(Results, AST.get()));
		}

TEST(ExprMutationAnalyzerTest, LambdaDefaultCaptureByValue) {		TEST(ExprMutationAnalyzerTest, LambdaDefaultCaptureByValue) {
const auto AST = buildASTFromCode("void f() { int x; [=]() { x; }; }");		const auto AST = buildASTFromCode("void f() { int x; [=]() { x; }; }");
const auto Results =		const auto Results =
match(withEnclosingCompound(declRefTo("x")), AST->getASTContext());		match(withEnclosingCompound(declRefTo("x")), AST->getASTContext());
EXPECT_FALSE(isMutated(Results, AST.get()));		EXPECT_FALSE(isMutated(Results, AST.get()));
}		}

TEST(ExprMutationAnalyzerTest, LambdaExplicitCaptureByValue) {		TEST(ExprMutationAnalyzerTest, LambdaExplicitCaptureByValue) {
▲ Show 20 Lines • Show All 239 Lines • Show Last 20 Lines

This is an archive of the discontinued LLVM Phabricator instance.

[analyzer] Handle modification of vars inside an expr with comma operatorClosedPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 189461

include/clang/AST/Expr.h

lib/Analysis/ExprMutationAnalyzer.cpp

unittests/Analysis/ExprMutationAnalyzerTest.cpp

[analyzer] Handle modification of vars inside an expr with comma operator
ClosedPublic