This is an archive of the discontinued LLVM Phabricator instance.

Differential D68526

[Diagnostics] Silence -Wsizeof-array-div for character buffers
ClosedPublic

Authored by jrtc27 on Oct 4 2019, 4:26 PM.

Details

Reviewers
rsmith
xbolva00
thakis
Commits
rG67f542aba72f: [Diagnostics] Silence -Wsizeof-array-div for character buffers
rL374035: [Diagnostics] Silence -Wsizeof-array-div for character buffers
rC374035: [Diagnostics] Silence -Wsizeof-array-div for character buffers
Summary

Character buffers are sometimes used to represent a pool of memory that
contains non-character objects, due to them being synonymous with a stream of
bytes on almost all modern architectures. Often, when interacting with hardware
devices, byte buffers are therefore used as an intermediary and so we can end
Character buffers are sometimes used to represent a pool of memory that
contains non-character objects, due to them being synonymous with a stream of
bytes on almost all modern architectures. Often, when interacting with hardware
devices, byte buffers are therefore used as an intermediary and so we can end
up generating lots of false-positives.

Moreover, due to the ability of character pointers to alias non-character
pointers, the strict aliasing violations that would generally be implied by the
calculations caught by the warning (if the calculation itself is in fact
correct) do not apply here, and so although the length calculation may be
wrong, that is the only possible issue.

Diff Detail

Event Timeline

jrtc27 created this revision.Oct 4 2019, 4:26 PM
Herald added a project: Restricted Project. · View Herald TranscriptOct 4 2019, 4:26 PM
Herald added a subscriber: cfe-commits. · View Herald Transcript
Harbormaster completed remote builds in B39016: Diff 223337.Oct 4 2019, 4:28 PM
xbolva00 accepted this revision.Oct 4 2019, 5:52 PM

I think this is reasonable change.

This revision is now accepted and ready to land.Oct 4 2019, 5:52 PM
jrtc27 added a comment.Oct 6 2019, 5:56 AM

Having said that, the one warning this raised in FreeBSD (at least for our configuration) was a completely unnecessary use of a character buffer and could be cleaned up, so maybe this case is a useful one to catch. Does anyone else have an opinion on this?

lebedev.ri added a subscriber: lebedev.ri.Oct 6 2019, 6:10 AM

There's not a single word in the patch's description.

jrtc27 added a comment.Oct 6 2019, 7:29 AM
In D68526#1696587, @lebedev.ri wrote:

There's not a single word in the patch's description.

If I were to add a description, it would be something like:

Character buffers are sometimes used to represent a pool of memory that
contains non-character objects, due to them being synonymous with a stream of
bytes on almost all modern architectures. Often, when interacting with hardware
devices, byte buffers are therefore used as an intermediary and so we can end
Character buffers are sometimes used to represent a pool of memory that
contains non-character objects, due to them being synonymous with a stream of
bytes on almost all modern architectures. Often, when interacting with hardware
devices, byte buffers are therefore used as an intermediary and so we can end
up generating lots of false-positives.

Moreover, due to the ability of character pointers to alias non-character
pointers, the strict aliasing violations that would generally be implied by the
calculations caught by the warning (if the calculation itself is in fact
correct) do not apply here, and so although the length calculation may be
wrong, that is the only possible issue.

But it seems that this first premise is actually wrong; at least in FreeBSD, and using a quick grep through Linux for obvious names (sizeof.*buf) /, sizeof.*buffer) / and sizeof.*data) /) I couldn't find one instance of an array where the types didn't match, but that was for u64 vs u32 so isn't even covered by this. Maybe it was true in the past, but these days people seem to be diligent about using the right types, with proper unions when needed.

The aliasing point still applies (in that this case is slightly less dangerous), but given it draws attention to code that may be able to be written more nicely with better types, I'd be inclined to abandon this. Unless people come screaming that we're spewing too many warnings for their code, that is, of course.

xbolva00 added a comment.Oct 6 2019, 7:38 AM

I think I saw some false positives with char buffers, so I am not against this patch personally.

xbolva00 added a comment.Oct 7 2019, 9:06 AM

@tkanis wrote in post commit review:

“What do you think about also not emitting the warning if the lhs sizeof is an array of signed or unsigned char? The warning wants the rhs sizeof to be sizeof(char) which is 1, and dividing by that doesn't really make sense. ”

I agree with him. I think you can land this patch.

thakis accepted this revision.Oct 7 2019, 11:27 AM
thakis added a subscriber: thakis.

Thanks, I think this is a good change. It fixes a false positive in wayland and one somewhere in Chromium's windows sandbox. See the commit thread of r371605 for examples.

jrtc27 edited the summary of this revision. (Show Details)Oct 7 2019, 7:48 PM
jrtc27 updated this revision to Diff 223823.Oct 8 2019, 4:22 AM

Rebased

Harbormaster completed remote builds in B39160: Diff 223823.Oct 8 2019, 4:23 AM
Closed by commit rG67f542aba72f: [Diagnostics] Silence -Wsizeof-array-div for character buffers (authored by jrtc27). · Explain WhyOct 8 2019, 4:33 AM
This revision was automatically updated to reflect the committed changes.

Revision Contents

PathSize
clang/
lib/
Sema/
1 line
test/
Sema/
2 lines

Diff 223826

clang/lib/Sema/SemaExpr.cpp

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 9,191 Lines▼ Show 20 Lines if (const auto *DRE = dyn_cast<DeclRefExpr>(LHSArg)) {
if (const ValueDecl *LHSArgDecl = DRE->getDecl()) if (const ValueDecl *LHSArgDecl = DRE->getDecl())
S.Diag(LHSArgDecl->getLocation(), diag::note_pointer_declared_here) S.Diag(LHSArgDecl->getLocation(), diag::note_pointer_declared_here)
<< LHSArgDecl; << LHSArgDecl;
} }
} else if (const auto *ArrayTy = S.Context.getAsArrayType(LHSTy)) { } else if (const auto *ArrayTy = S.Context.getAsArrayType(LHSTy)) {
QualType ArrayElemTy = ArrayTy->getElementType(); QualType ArrayElemTy = ArrayTy->getElementType();
if (ArrayElemTy != S.Context.getBaseElementType(ArrayTy) || if (ArrayElemTy != S.Context.getBaseElementType(ArrayTy) ||
ArrayElemTy->isDependentType() || RHSTy->isDependentType() || ArrayElemTy->isDependentType() || RHSTy->isDependentType() ||
ArrayElemTy->isCharType() ||
S.Context.getTypeSize(ArrayElemTy) == S.Context.getTypeSize(RHSTy)) S.Context.getTypeSize(ArrayElemTy) == S.Context.getTypeSize(RHSTy))
return; return;
S.Diag(Loc, diag::warn_division_sizeof_array) S.Diag(Loc, diag::warn_division_sizeof_array)
<< LHSArg->getSourceRange() << ArrayElemTy << RHSTy; << LHSArg->getSourceRange() << ArrayElemTy << RHSTy;
if (const auto *DRE = dyn_cast<DeclRefExpr>(LHSArg)) { if (const auto *DRE = dyn_cast<DeclRefExpr>(LHSArg)) {
if (const ValueDecl *LHSArgDecl = DRE->getDecl()) if (const ValueDecl *LHSArgDecl = DRE->getDecl())
S.Diag(LHSArgDecl->getLocation(), diag::note_array_declared_here) S.Diag(LHSArgDecl->getLocation(), diag::note_array_declared_here)
<< LHSArgDecl; << LHSArgDecl;
▲ Show 20 LinesShow All 8,697 LinesShow Last 20 Lines

clang/test/Sema/div-sizeof-array.cpp

Show All 19 Linesvoid test(void) {
// expected-note@-1 {{place parentheses around the 'sizeof(short)' expression to silence this warning}} // expected-note@-1 {{place parentheses around the 'sizeof(short)' expression to silence this warning}}
int a6 = sizeof(arr) / sizeof(int32); int a6 = sizeof(arr) / sizeof(int32);
int a7 = sizeof(arr) / sizeof(int); int a7 = sizeof(arr) / sizeof(int);
int a9 = sizeof(arr) / sizeof(unsigned int); int a9 = sizeof(arr) / sizeof(unsigned int);
const char arr3[2] = "A"; const char arr3[2] = "A";
int a10 = sizeof(arr3) / sizeof(char); int a10 = sizeof(arr3) / sizeof(char);
int a11 = sizeof(arr2) / (sizeof(unsigned)); int a11 = sizeof(arr2) / (sizeof(unsigned));
int a12 = sizeof(arr) / (sizeof(short)); int a12 = sizeof(arr) / (sizeof(short));
int a13 = sizeof(arr3) / sizeof(p);
int a14 = sizeof(arr3) / sizeof(int);
int arr4[10][12]; int arr4[10][12];
int b1 = sizeof(arr4) / sizeof(arr2[12]); int b1 = sizeof(arr4) / sizeof(arr2[12]);
int b2 = sizeof(arr4) / sizeof(int *); int b2 = sizeof(arr4) / sizeof(int *);
int b3 = sizeof(arr4) / sizeof(short *); int b3 = sizeof(arr4) / sizeof(short *);
int arr5[][5] = { int arr5[][5] = {
{1, 2, 3, 4, 5}, {1, 2, 3, 4, 5},
{6, 7, 8, 9, 0}, {6, 7, 8, 9, 0},
}; };
int c1 = sizeof(arr5) / sizeof(*arr5); int c1 = sizeof(arr5) / sizeof(*arr5);
int c2 = sizeof(arr5) / sizeof(**arr5); int c2 = sizeof(arr5) / sizeof(**arr5);
int c3 = sizeof(arr5) / sizeof(int); int c3 = sizeof(arr5) / sizeof(int);
float m[4][4]; float m[4][4];
int d1 = sizeof(m) / sizeof(**m); int d1 = sizeof(m) / sizeof(**m);
} }