NoQ (Artem Dergachev)
User

Projects

User does not belong to any projects.

User Details

User Since
Sep 3 2015, 9:16 AM (85 w, 4 d)

Recent Activity

Yesterday

NoQ created D32437: [analyzer] Nullability: fix a crash when adding notes inside a synthesized property accessor..
Mon, Apr 24, 8:45 AM

Fri, Apr 21

NoQ added a comment to D31975: [Analyzer] Iterator Checkers.

I had a look at how hard it is to split the patch.

Fri, Apr 21, 3:50 AM

Thu, Apr 20

NoQ added inline comments to D31982: [analyzer] Improve suppression for inlined defensive checks when operator& is involved..
Thu, Apr 20, 6:47 AM
NoQ added inline comments to D31982: [analyzer] Improve suppression for inlined defensive checks when operator& is involved..
Thu, Apr 20, 6:46 AM
NoQ added a dependency for D32291: [analyzer] Implement handling array subscript into null pointer, improve null dereference checks for array subscripts: D31982: [analyzer] Improve suppression for inlined defensive checks when operator& is involved..
Thu, Apr 20, 6:45 AM
NoQ added a dependent revision for D31982: [analyzer] Improve suppression for inlined defensive checks when operator& is involved.: D32291: [analyzer] Implement handling array subscript into null pointer, improve null dereference checks for array subscripts.
Thu, Apr 20, 6:45 AM
NoQ created D32291: [analyzer] Implement handling array subscript into null pointer, improve null dereference checks for array subscripts.
Thu, Apr 20, 6:44 AM

Wed, Apr 19

NoQ added inline comments to D31982: [analyzer] Improve suppression for inlined defensive checks when operator& is involved..
Wed, Apr 19, 11:06 PM
NoQ updated the diff for D31982: [analyzer] Improve suppression for inlined defensive checks when operator& is involved..

Fix comments!

Wed, Apr 19, 11:04 PM
NoQ added a comment to D31975: [Analyzer] Iterator Checkers.
  1. Could you do renaming the checker file in a separate patch, so that we saw an actual diff, not a whole greenish file, here on phabricator?
  2. The invalidated iterator checker looks relatively small (a single check and a few rounds of iterator invalidations), would it be hard to split it up into a separate patch? That'd leave us with just one checker added.
Wed, Apr 19, 10:59 PM
NoQ added a comment to D30771: [analyzer] Teach the MallocChecker about Glib API for two arguments.

Yay, now that's a lot cleaner!

Wed, Apr 19, 10:11 PM
NoQ added a comment to D31975: [Analyzer] Iterator Checkers.

I think for this case it'd be great to (instead) add comments all over the place (especially in checker callbacks, eg. check[Pre|Post]Call() function bodies) to indicate what check every piece of code is for. That'd be equally easy to review, at least for me, but it'd also help greatly if we start splitting up checkers into modelling and checking parts.

Wed, Apr 19, 9:57 PM

Tue, Apr 18

NoQ added a comment to D31868: [analyzer] Check NULL pointer dereference issue for memset function.

Wow, so you're doing the binding thing now? Thanks! It was not critical for landing this patch, so you could have fixed comments here, allowing us to commit what's already done, and then proceed with further improvements. It's also easier to review and aligns with the LLVM's policy of incremental development.

Tue, Apr 18, 7:17 AM
NoQ added inline comments to D30771: [analyzer] Teach the MallocChecker about Glib API for two arguments.
Tue, Apr 18, 7:02 AM
NoQ added inline comments to D30909: [Analyzer] Finish taint propagation to derived symbols of tainted regions.
Tue, Apr 18, 6:55 AM

Thu, Apr 13

NoQ added a comment to D31541: [analyzer] MisusedMovedObjectChecker: Add a printState() method..

Hmm, i've been thinking of writing a test for this via ExprInspection's clang_analyzer_printState(), however printState() functionality is only enabled in debug builds, and i'm not seeing how to enable the test only on debug builds (there's REQUIRES: but it only seems to have an asserts flag).

Thu, Apr 13, 4:17 AM
NoQ added a comment to D31868: [analyzer] Check NULL pointer dereference issue for memset function.

This looks correct! Thanks for taking this up.

Thu, Apr 13, 4:09 AM
NoQ updated the diff for D31982: [analyzer] Improve suppression for inlined defensive checks when operator& is involved..

Remove accidentally added braces in unrelated code.

Thu, Apr 13, 12:00 AM

Wed, Apr 12

NoQ added inline comments to D31982: [analyzer] Improve suppression for inlined defensive checks when operator& is involved..
Wed, Apr 12, 10:05 AM
NoQ created D31982: [analyzer] Improve suppression for inlined defensive checks when operator& is involved..
Wed, Apr 12, 9:55 AM
NoQ added a comment to D31886: [analyzer] Simplify values in binary operations more aggressively.

maybe we want to skip this kind of simplification in case of Z3?

Wed, Apr 12, 9:04 AM
NoQ updated the diff for D31886: [analyzer] Simplify values in binary operations more aggressively.

Thanks for the comments! Updated.

Wed, Apr 12, 5:23 AM

Mon, Apr 10

NoQ added a comment to D30691: [analyzer] Support for naive cross translational unit analysis.

One more obvious observation regarding scan-build: because you are already reading a compilation database, the whole tool is essentially usable in combination with the current scan-build-py (which can create compilation databases). So it's already quite usable, but you're forced to do regular analysis before cross-translation-unit analysis. So all we need is an extra mode in scan-build-py that does the interception and leaves the rest of the work to us, either by piping commands to us directly, or by providing us with a compilation database (if --intercept-first is passed). Having some kind of --intercept-only would solve half of the problems. Of course, ideally the logic that adds the -analyzer* options should also be re-used, but for usability it isn't immediately necessary.

Mon, Apr 10, 9:32 AM
NoQ added a comment to D30691: [analyzer] Support for naive cross translational unit analysis.

Yeah, of course, ideally sticking this into scan-build, one way or another, would be great. I understand that it'd require quite a bit of communication with Laszlo. Otherwise we're just duplicating a whole lot of things.

Mon, Apr 10, 9:26 AM
NoQ created D31886: [analyzer] Simplify values in binary operations more aggressively.
Mon, Apr 10, 8:08 AM

Thu, Apr 6

NoQ added a comment to D23418: [analyzer] Added a reusable constraint system to the CloneDetector.
$ cat test.c
#include <stdio.h>
int main() {
  int i = 5;
  {
    int i = i;
    printf("%d\n", i);
  }
  return 0;
}
$ clang test.c
$ ./a.out
32767
$ clang test.c -Xclang -ast-dump
...
`-FunctionDecl 0x7ff82d8eac78 <test.c:2:1, line:9:1> line:2:5 main 'int ()'
  `-CompoundStmt 0x7ff82d8eb070 <col:12, line:9:1>
    |-DeclStmt 0x7ff82d8eadb0 <line:3:3, col:12>
    | `-VarDecl 0x7ff82d8ead30 <col:3, col:11> col:7 i 'int' cinit
    |   `-IntegerLiteral 0x7ff82d8ead90 <col:11> 'int' 5
    |-CompoundStmt 0x7ff82d8eb010 <line:4:3, line:7:3>
    | |-DeclStmt 0x7ff82d8eae78 <line:5:5, col:14>
    | | `-VarDecl 0x7ff82d8eadd8 <col:5, col:13> col:9 used i 'int' cinit
    | |   `-ImplicitCastExpr 0x7ff82d8eae60 <col:13> 'int' <LValueToRValue>
    | |     `-DeclRefExpr 0x7ff82d8eae38 <col:13> 'int' lvalue Var 0x7ff82d8eadd
...
Thu, Apr 6, 3:56 AM
NoQ added inline comments to D31320: [analyzer] Teach CloneDetection about Qt Meta-Object Compiler.
Thu, Apr 6, 3:40 AM

Wed, Apr 5

NoQ reopened D23418: [analyzer] Added a reusable constraint system to the CloneDetector.

Hmm, reverted because i'm seeing crashes on some buildbots (works for me though).

Wed, Apr 5, 8:22 AM
NoQ added inline comments to D31320: [analyzer] Teach CloneDetection about Qt Meta-Object Compiler.
Wed, Apr 5, 5:37 AM
NoQ added inline comments to D30909: [Analyzer] Finish taint propagation to derived symbols of tainted regions.
Wed, Apr 5, 5:30 AM
NoQ added inline comments to D30771: [analyzer] Teach the MallocChecker about Glib API for two arguments.
Wed, Apr 5, 5:17 AM
NoQ added a comment to D30771: [analyzer] Teach the MallocChecker about Glib API for two arguments.

I updated my patch using if () {} else {} instead of ? :

Wed, Apr 5, 5:15 AM
NoQ added a comment to D31453: [analyzer] Fix SimpleSValBuilder evalBinOpLN elementType might be nullptr issue.

Oh, sorry, i didn't notice this detail. I see it now.

Wed, Apr 5, 5:07 AM

Tue, Apr 4

NoQ added a comment to D31453: [analyzer] Fix SimpleSValBuilder evalBinOpLN elementType might be nullptr issue.

Hmm. I could not instantly reproduce the crash on your k3bdevice.cpp example, it doesn't crash both with and without both your and my patches.

Tue, Apr 4, 8:55 AM
NoQ added inline comments to D30771: [analyzer] Teach the MallocChecker about Glib API for two arguments.
Tue, Apr 4, 8:50 AM
NoQ accepted D23418: [analyzer] Added a reusable constraint system to the CloneDetector.

Yay, i think this is good to go. Sorry again for being slow>< I guess i'd go ahead and land this patch soon.

Tue, Apr 4, 8:41 AM
NoQ added a comment to D30295: [analyzer] clarify undef shift result when shift count is negative or exceeds the bit width.

Hello, sorry for your having to wait on me. The implementation looks good, i'm only having a couple of public API concerns.

Tue, Apr 4, 8:27 AM
NoQ added a comment to D28771: [Analyzer] Various fixes for the IteratorPastEnd checker.

Because i couldn't reproduce the loc-nonloc problem on my standard library, could you share a preprocessed file with the issue? I'm really curious at what's going on here, and it's the only issue remaining, so maybe we could squash it together.

Tue, Apr 4, 7:53 AM
NoQ added a comment to D27918: [analyzer] OStreamChecker.

Sorry again for the delays, thank you for your patience. Your checker is in good shape, very well-structured and easy to follow, you definitely know your stuff, and my comments here are relatively minor.

Tue, Apr 4, 7:50 AM
NoQ accepted D25596: alpha.core.Conversion - Fix false positive for 'U32 += S16;' expression, that is not unsafe.

There are several undetected "TODO: loss of precision" right now in the tests that I would like to fix.

Tue, Apr 4, 6:10 AM
NoQ added a comment to D31650: [Analyzer] Detect when function pointer is freed.

Hello, thanks for the patch!

Tue, Apr 4, 1:06 AM

Fri, Mar 31

NoQ created D31541: [analyzer] MisusedMovedObjectChecker: Add a printState() method..
Fri, Mar 31, 9:16 AM
NoQ created D31538: [analyzer] MisusedMovedObjectChecker: Fix a false positive on state-resetting a base-class sub-object..
Fri, Mar 31, 9:05 AM
NoQ added a comment to D31453: [analyzer] Fix SimpleSValBuilder evalBinOpLN elementType might be nullptr issue.

Thanks for looking into this!
I've heard that this may fail, but i didn't have a good reproduction case. I might also have fixed it partially or completely as a side effect of https://reviews.llvm.org/rL298927 .

Fri, Mar 31, 7:47 AM

Mar 24 2017

NoQ added a comment to D30909: [Analyzer] Finish taint propagation to derived symbols of tainted regions.

Thanks again for the awesome stuff! It took years for me to even come up with the idea.

Mar 24 2017, 7:16 AM
NoQ added a comment to D24246: StaticAnalyzer - MisusedMovedObjectChecker.

I committed the checker. Thanks / congrats / all the stuff!

Mar 24 2017, 3:18 AM
NoQ added a comment to D31320: [analyzer] Teach CloneDetection about Qt Meta-Object Compiler.

This checker would definitely benefit from suppression in all auto-generated files, which definitely includes MOC files.

Mar 24 2017, 3:16 AM

Mar 23 2017

NoQ created D31289: [analyzer] Fix symbolication for unknown unary increment/decrement results..
Mar 23 2017, 9:06 AM

Mar 22 2017

NoQ added inline comments to D30534: [analyzer] When creating a temporary object copy, properly copy the value into it..
Mar 22 2017, 4:54 AM
NoQ updated the diff for D30534: [analyzer] When creating a temporary object copy, properly copy the value into it..

Fix review comments!

Mar 22 2017, 4:53 AM

Mar 20 2017

NoQ added a comment to D30771: [analyzer] Teach the MallocChecker about Glib API for two arguments.

Hello, thanks for the patch!

Mar 20 2017, 7:17 AM
NoQ added a comment to D23418: [analyzer] Added a reusable constraint system to the CloneDetector.

I think this is awesome.

Mar 20 2017, 6:57 AM

Mar 10 2017

NoQ added a comment to D30798: [analyzer] Turn suppress-c++-stdlib on by default .

I'd like to clarify that in case of path-sensitive analysis there are actually three warning classes to consider.

Mar 10 2017, 6:35 AM

Mar 7 2017

NoQ accepted D28445: [Analyzer] Extend taint propagation and checking.

I believe this should land. Thank you very much for getting this far to get this fixed.

Mar 7 2017, 7:52 AM
NoQ accepted D30157: [analyzer] Improve valist check.

It's great to see things move out of alpha and finally become actually accessible to the majority of users. Thanks!

Mar 7 2017, 7:28 AM
NoQ added a comment to D23418: [analyzer] Added a reusable constraint system to the CloneDetector.

I'm sorry for the delays; i'm humbly requesting a couple more weeks to get back to this awesome stuff.

Mar 7 2017, 7:22 AM
NoQ added a comment to D24246: StaticAnalyzer - MisusedMovedObjectChecker.

I tested this checker on WebKit code. It seems to work as expected, and i liked the support for WTFMove(). However i suddenly realized that it is not always unsafe to use a moved-from object, as discussed in detail at, for example, http://stackoverflow.com/a/7028318 . The checker already includes a state-reset method list, however there are also methods that are generally safe to call and possibly useful (such as .size()) or methods that don't entirely reset the state but affect it (.resize()?). People may use these tricks to improve performance. We shouldn't flag these tricks in a checker that is enabled by default, because it'd make people change and regress working code.

Mar 7 2017, 2:24 AM

Mar 6 2017

NoQ accepted D30341: [analyzer] clarify error messages about uninitialized function arguments.

Oh well, that's not good. Probably that's because we always highlight the current statement in path-sensitive reports. I guess we could improve upon that in the bug reporter.

Mar 6 2017, 11:52 PM
NoQ planned changes to D30534: [analyzer] When creating a temporary object copy, properly copy the value into it..
Mar 6 2017, 5:46 AM

Mar 3 2017

NoQ added a comment to D30489: [analyzer] catch out of bounds for VLA.

Do you agree that this is the problem? Would it be a good idea to try to keep the sz in the ProgramState?

Mar 3 2017, 2:59 PM
NoQ added a comment to D30341: [analyzer] clarify error messages about uninitialized function arguments.

The code looks good to me, but i'm expressing a tiny doubt: regardless of the output format, the user always has the relevant argument highlighted anyway (column number, tilde-underlined in command line, blue-ish box in scan-build, etc.), so the only significant clarification i see is on test files, where the column is not obvious.

Mar 3 2017, 2:45 PM
NoQ accepted D30589: [ExprInspectionChecker] Improve usability for C.

Thanks! This bugged me as well, but i didn't think of this trick :)

Mar 3 2017, 2:29 PM

Mar 2 2017

NoQ created D30534: [analyzer] When creating a temporary object copy, properly copy the value into it..
Mar 2 2017, 6:25 AM

Mar 1 2017

NoQ created D30499: [analyzer] pr32088: Don't destroy the temporary if its initializer causes return..
Mar 1 2017, 7:25 AM

Feb 28 2017

NoQ updated subscribers of D30406: [Analyzer] Add support for displaying cross-file diagnostic paths in HTML output.

I think this is great. We've been hearing a lot of complaints on the mailing lists recently about that problem.

Feb 28 2017, 9:06 AM

Feb 23 2017

NoQ added inline comments to D28771: [Analyzer] Various fixes for the IteratorPastEnd checker.
Feb 23 2017, 9:20 AM
NoQ added inline comments to D28771: [Analyzer] Various fixes for the IteratorPastEnd checker.
Feb 23 2017, 8:16 AM
NoQ added a comment to D30289: [Analyzer] Add bug visitor for taint checker.

Yay, this is awesome!

Feb 23 2017, 1:44 AM

Feb 20 2017

NoQ added a comment to D28445: [Analyzer] Extend taint propagation and checking.

Yeah, i think this is now as easy as i expected it to be :)

Feb 20 2017, 6:50 AM
NoQ added inline comments to D30157: [analyzer] Improve valist check.
Feb 20 2017, 5:47 AM

Feb 16 2017

NoQ accepted D24246: StaticAnalyzer - MisusedMovedObjectChecker.

I believe this checker is great and should be merged. Do you have commit access? If not, could you rebase the checker to the top of trunk? because the patch doesn't apply cleanly anymore.

Feb 16 2017, 8:11 AM

Feb 15 2017

NoQ added inline comments to D29884: [analyzer] Proper caching in CallDescription objects..
Feb 15 2017, 8:36 AM
NoQ added inline comments to D29884: [analyzer] Proper caching in CallDescription objects..
Feb 15 2017, 8:17 AM
NoQ accepted D28297: [StaticAnalyzer] Fix crash in CastToStructChecker.

I sometimes wish ASTContext methods just didn't crash :)
Oh well, let's just see if more problems show up.

Feb 15 2017, 7:20 AM
NoQ accepted D29884: [analyzer] Proper caching in CallDescription objects..

Yep, seems that somebody has missed these issues :)

Feb 15 2017, 7:14 AM

Feb 9 2017

NoQ added inline comments to D28771: [Analyzer] Various fixes for the IteratorPastEnd checker.
Feb 9 2017, 7:05 AM
NoQ added a comment to D24246: StaticAnalyzer - MisusedMovedObjectChecker.

This checker would need a bit of rebase before landing, but i think it's almost good to land. I'd even consider enabling by default after some evaluation, unless there are many known false positives - with an awesome test suite and very detailed bugreports, i think it's quite worth it.

Feb 9 2017, 6:59 AM
NoQ added a comment to D29419: [Analyzer] Checker for mismatched iterators.

Hello, thanks for another useful checker! I make quite a few of these mistakes regularly.

Feb 9 2017, 5:55 AM
NoQ added inline comments to D28771: [Analyzer] Various fixes for the IteratorPastEnd checker.
Feb 9 2017, 5:28 AM

Feb 1 2017

NoQ updated subscribers of D28445: [Analyzer] Extend taint propagation and checking.

Hello! Sorry, i'm very distracted recently.

Feb 1 2017, 1:01 AM

Jan 26 2017

NoQ accepted D28905: [analyzer] Consider function call arguments while building CallGraph.

LGTM!

Jan 26 2017, 9:48 AM
NoQ added a comment to D29183: [Analysis] Fix for call graph to correctly handle nested call expressions.

Hmm, we should have done better work reviewing D28905.

Jan 26 2017, 9:16 AM

Jan 24 2017

NoQ requested review of D28946: [analyzer] Fix memory space for block-captured static locals..
Jan 24 2017, 7:54 AM
NoQ reopened D28946: [analyzer] Fix memory space for block-captured static locals..
Jan 24 2017, 7:54 AM
NoQ updated the diff for D28946: [analyzer] Fix memory space for block-captured static locals..

Reopening due to a revert.

Jan 24 2017, 7:54 AM

Jan 21 2017

NoQ added a comment to D28955: [analyzer] Enable support for symbolic extension/truncation.
In D28955#652443, @ddcc wrote:

When I was testing this patch, it was on top of both D28952 and D28953. For malloc.c, the change on line 1708 from int to size_t is necessary to prevent a false positive warning at line 1710.

Jan 21 2017, 12:25 PM
NoQ added a comment to D28952: [analyzer] Add new Z3 constraint manager backend.

Late-joining the round of applause for the awesome progression of this project!

Jan 21 2017, 12:07 PM

Jan 20 2017

NoQ added a comment to D28771: [Analyzer] Various fixes for the IteratorPastEnd checker.

Thanks for the update, most welcome!

Jan 20 2017, 9:13 AM
NoQ added a comment to D27710: [analyzer] Prohibit ExplodedGraph's edges duplicating.

I don't understand why the following test passes, because each of two checkers: MallocChecker and SimpleStreamChecker are using generateNonFatalErrorNode method:

Jan 20 2017, 7:07 AM
NoQ created D28946: [analyzer] Fix memory space for block-captured static locals..
Jan 20 2017, 5:22 AM

Jan 19 2017

NoQ added a comment to D24246: StaticAnalyzer - MisusedMovedObjectChecker.

Thanks for looking into the region-changes approach, and sorry for the delay in replies.
I think we're close to seeing this checker merged, as it looks great.
A few smaller comments.

Jan 19 2017, 4:03 AM

Jan 18 2017

NoQ planned changes to D27202: [analyzer] Do not conjure a symbol for return value of a conservatively evaluated function.

Yep, because there are a lot more places in which the value of the expression suddenly changes, i think i'd want to either fix all of them, or (if i find some of those really reasonable) make a callback for checkers to subscribe to value replacements (which i'd prefer to treat as a trivial but definite step into alpha-renaming support).

Jan 18 2017, 12:03 AM

Jan 12 2017

NoQ retitled D28602: [analyzer] Don't dereference the array bound to a reference. from to [analyzer] Don't dereference the array bound to a reference..
Jan 12 2017, 3:20 AM

Jan 11 2017

NoQ added a comment to D27918: [analyzer] OStreamChecker.

Thanks for the patch, and for the impressing amount of work you put into this. Because the patch is huge, so it's going to take some time for somebody to understand how everything works.

Jan 11 2017, 3:54 AM
NoQ updated subscribers of D28297: [StaticAnalyzer] Fix crash in CastToStructChecker.

Looks good. I assume the crash is in getTypeInfo(); do you have any idea what are exact prerequisites for using this method? So that there were no more crashes here.

Jan 11 2017, 3:32 AM

Jan 10 2017

NoQ added a comment to D28445: [Analyzer] Extend taint propagation and checking.

Thanks for working on the taint! I really wish the taint analysis in the analyzer to flourish, and the part you've digged into is particularly sensitive, so i'd dump some thoughts here, hopefully helpful.

Jan 10 2017, 9:14 AM

Jan 9 2017

NoQ accepted D28330: [analyzer] Fix false positives in Keychain API checker.

I did not think of solution #1! It's definitely better than the pattern matching I've added here. However, this checker fires so infrequently, that I do not think it's worth investing more time into perfecting it.

Jan 9 2017, 2:16 AM

Jan 5 2017

NoQ added a comment to D28330: [analyzer] Fix false positives in Keychain API checker.

Do not check if the return status has been compared to error (or no error) at the time when leaks are reported since the status symbol might no longer be alive. Instead, pattern match on the assume and stop tracking allocated symbols on error paths.

Jan 5 2017, 3:42 AM

Dec 21 2016

NoQ added a comment to D27710: [analyzer] Prohibit ExplodedGraph's edges duplicating.

I think MallocChecker should be (or should have been) affected by the problem you describe, so we can use it as an example.

Dec 21 2016, 10:41 PM
NoQ retitled D28023: [analyzer] Fix leak false positives before no-return functions caused by incomplete analyses. from to [analyzer] Fix leak false positives before no-return functions caused by incomplete analyses..
Dec 21 2016, 5:56 AM