This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
lib/StaticAnalyzer/Checkers/UninitializedObject/
-
StaticAnalyzer/
-
Checkers/
-
UninitializedObject/
-
UninitializedObject.h
-
test/Analysis/
-
Analysis/
1
cxx-uninitialized-object.cpp

Differential D61106

[analyzer][UninitializedObjectChecker] PR41590: Regard _Atomic types as primitive
ClosedPublic

Authored by Szelethus on Apr 24 2019, 5:25 PM.

Download Raw Diff

Details

Reviewers

NoQ
dcoughlin
baloghadamsoftware
Charusso
rnkovacs
xazax.hun
gribozavr
alexfh

Commits

rGf46c58e0c610: [analyzer][UninitializedObjectChecker] PR41590: Regard _Atomic types as…
rL359230: [analyzer][UninitializedObjectChecker] PR41590: Regard _Atomic types as…
rC359230: [analyzer][UninitializedObjectChecker] PR41590: Regard _Atomic types as…

Summary

https://bugs.llvm.org/show_bug.cgi?id=41590

For the following code snippet, UninitializedObjectChecker crashed:

struct MyAtomicInt {
  _Atomic(int) x;
  MyAtomicInt() {}
};

void entry() {
  MyAtomicInt b;
}

The problem was that _Atomic types were not regular records, unions, dereferencable or primitive, making the checker hit the llvm_unreachable at [[ https://github.com/llvm-mirror/clang/blob/master/lib/StaticAnalyzer/Checkers/UninitializedObject/UninitializedObjectChecker.cpp#L347 |lib/StaticAnalyzer/Checkers/UninitializedObject/UninitializedObjectChecker.cpp:347 ]]. The solution is to regard these types as primitive as well. The test case shows that with this addition, not only are we able to get rid of the crash, but we can identify x as uninitialized.

Diff Detail

Repository: rC Clang

Event Timeline

Szelethus created this revision.Apr 24 2019, 5:25 PM

Herald added subscribers: cfe-commits, gamesh411, dkrupp and 6 others. · View Herald TranscriptApr 24 2019, 5:25 PM

Szelethus edited the summary of this revision. (Show Details)Apr 24 2019, 5:32 PM

LG. Thanks for the fix!

This revision is now accepted and ready to land.Apr 24 2019, 5:40 PM

Thanks for the fix!

test/Analysis/cxx-uninitialized-object.cpp
1145	`c11atomicTest()`

Closed by commit rC359230: [analyzer][UninitializedObjectChecker] PR41590: Regard _Atomic types as… (authored by Szelethus). · Explain WhyApr 25 2019, 12:58 PM

This revision was automatically updated to reflect the committed changes.

Have you checked what the C and C++ standards say about _Atomic / std::atomic initialization, and how they should actually be initialized by developers?

In D61106#1479336, @jfb wrote:

Have you checked what the C and C++ standards say about _Atomic / std::atomic initialization, and how they should actually be initialized by developers?

No, I have not, I'll admit. Did I make a mistake here? Can you tell me where I can read up on it maybe?

Upon further investigation, this still seems to be okay. This is not a bug-finding checker, but rather a tool to enforce the idiom of every non-trivial object should be fully initialized after construction. From what I've seen, ATOMIC_VAR_INIT should be used here, but it isn't.

Do you think that I still should be more forgiving with atomics?

Szelethus mentioned this in D61246: [analyzer][UninitializedObjectChecker] PR41611: Regard vector types as primitive.Apr 28 2019, 4:07 PM

Szelethus mentioned this in rL359539: [analyzer][UninitializedObjectChecker] PR41611: Regard vector types as primitive.Apr 30 2019, 1:48 AM

Szelethus mentioned this in rC359539: [analyzer][UninitializedObjectChecker] PR41611: Regard vector types as primitive.

Diffusion mentioned this in rGc21ec00d2852: [analyzer][UninitializedObjectChecker] PR41611: Regard vector types as primitive.Apr 30 2019, 1:48 AM

Szelethus mentioned this in D61569: [analyzer][UninitializedObjectChecker] PR41741: Regard all scalar types as primitive..May 5 2019, 8:35 AM

Szelethus mentioned this in rC359998: [analyzer][UninitializedObjectChecker] PR41741: Regard all scalar types as….May 5 2019, 12:40 PM

Szelethus mentioned this in rL359998: [analyzer][UninitializedObjectChecker] PR41741: Regard all scalar types as….

Diffusion mentioned this in rGaa9d2623a055: [analyzer][UninitializedObjectChecker] PR41741: Regard all scalar types as….May 5 2019, 12:44 PM

sidorovd mentioned this in rGc8f3e713eadf: [analyzer][UninitializedObjectChecker] PR41741: Regard all scalar types as….May 30 2019, 8:25 AM

sidorovd mentioned this in rG8ec96c7b45a5: [analyzer][UninitializedObjectChecker] PR41741: Regard all scalar types as….May 30 2019, 9:37 AM

Revision Contents

Path

Size

lib/

StaticAnalyzer/

Checkers/

UninitializedObject/

UninitializedObject.h

2 lines

test/

Analysis/

cxx-uninitialized-object.cpp

15 lines

Diff 196705

lib/StaticAnalyzer/Checkers/UninitializedObject/UninitializedObject.h

Show First 20 Lines • Show All 318 Lines • ▼ Show 20 Lines	bool addFieldToUninits(FieldChainInfo LocalChain,
const MemRegion *PointeeR = nullptr);		const MemRegion *PointeeR = nullptr);
};		};

/// Returns true if T is a primitive type. An object of a primitive type only		/// Returns true if T is a primitive type. An object of a primitive type only
/// needs to be analyzed as much as checking whether their value is undefined.		/// needs to be analyzed as much as checking whether their value is undefined.
inline bool isPrimitiveType(const QualType &T) {		inline bool isPrimitiveType(const QualType &T) {
return T->isBuiltinType() \|\| T->isEnumeralType() \|\|		return T->isBuiltinType() \|\| T->isEnumeralType() \|\|
T->isMemberPointerType() \|\| T->isBlockPointerType() \|\|		T->isMemberPointerType() \|\| T->isBlockPointerType() \|\|
T->isFunctionType();		T->isFunctionType() \|\| T->isAtomicType();
}		}

inline bool isDereferencableType(const QualType &T) {		inline bool isDereferencableType(const QualType &T) {
return T->isAnyPointerType() \|\| T->isReferenceType();		return T->isAnyPointerType() \|\| T->isReferenceType();
}		}

// Template method definitions.		// Template method definitions.

Show All 21 Lines

test/Analysis/cxx-uninitialized-object.cpp

Show First 20 Lines • Show All 1,124 Lines • ▼ Show 20 Lines	struct CXX11MemberInitTest2 {

CXX11MemberInitTest2() {}		CXX11MemberInitTest2() {}
};		};

void fCXX11MemberInitTest2() {		void fCXX11MemberInitTest2() {
// TODO: we'd expect the warning: {{2 uninitializeds field}}		// TODO: we'd expect the warning: {{2 uninitializeds field}}
CXX11MemberInitTest2(); // no-warning		CXX11MemberInitTest2(); // no-warning
}		}

		//===----------------------------------------------------------------------===//
		// _Atomic tests.
		//===----------------------------------------------------------------------===//

		struct MyAtomicInt {
		_Atomic(int) x; // expected-note{{uninitialized field 'this->x'}}
		int dontGetFilteredByNonPedanticMode = 0;

		MyAtomicInt() {} // expected-warning{{1 uninitialized field}}
		};

		void entry() {
		gribozavrUnsubmitted Not Done Reply Inline Actions `c11atomicTest()` gribozavr: `c11atomicTest()`
		MyAtomicInt b;
		}