Page MenuHomePhabricator

xazax.hun (Gábor Horváth)
User

Projects

User does not belong to any projects.

User Details

User Since
Sep 17 2012, 3:16 AM (447 w, 2 d)

Recent Activity

Feb 27 2021

xazax.hun committed rGdd6738d93de1: [clang][Lifetimes] Fix false positive warning from BUG 49342 (authored by xazax.hun).
[clang][Lifetimes] Fix false positive warning from BUG 49342
Feb 27 2021, 8:16 AM
xazax.hun closed D97605: [Lifetimes] Fix false positive warning from BUG 49342 .
Feb 27 2021, 8:16 AM · Restricted Project

Feb 26 2021

xazax.hun requested review of D97605: [Lifetimes] Fix false positive warning from BUG 49342 .
Feb 26 2021, 6:59 PM · Restricted Project

Feb 23 2021

xazax.hun accepted D96570: [scan-build-py] Add sarif-html support in scan-build-py.

It would be nice, if you could also open a PR for the github version: https://github.com/rizsotto/scan-build

Feb 23 2021, 7:20 AM · Restricted Project

Jan 14 2021

xazax.hun added a comment to D93224: [analyzer] Use the MacroExpansionContext for macro expansions in plists.

Do you think it's acceptable?
@xazax.hun @NoQ

Jan 14 2021, 4:05 AM · Restricted Project

Jan 13 2021

xazax.hun added a comment to D93224: [analyzer] Use the MacroExpansionContext for macro expansions in plists.

Do we really promise ABI compatibility for AST dumps? If we support it to some extent, then we would have a problem - which would mean that we can not target clang-12 anymore with this patch stack.

Jan 13 2021, 3:53 AM · Restricted Project

Jan 12 2021

xazax.hun added a comment to D93224: [analyzer] Use the MacroExpansionContext for macro expansions in plists.

How should I continue to get this working with CTU?

Jan 12 2021, 9:59 AM · Restricted Project
xazax.hun added inline comments to D94476: [analyzer] Implement conversion from Clang diagnostics to PathDiagnostics..
Jan 12 2021, 7:52 AM · Restricted Project

Dec 16 2020

xazax.hun added inline comments to D93110: [analyzer] Implement fine-grained suppressions via attributes.
Dec 16 2020, 7:19 AM · Restricted Project
xazax.hun added inline comments to D93222: [analyzer] Introduce MacroExpansionContext to libAnalysis.
Dec 16 2020, 4:23 AM · Restricted Project
xazax.hun added inline comments to D93222: [analyzer] Introduce MacroExpansionContext to libAnalysis.
Dec 16 2020, 3:22 AM · Restricted Project

Dec 15 2020

xazax.hun accepted D93224: [analyzer] Use the MacroExpansionContext for macro expansions in plists.

Yay! Deleting code is always nice.

Dec 15 2020, 5:23 AM · Restricted Project
xazax.hun added inline comments to D93223: [analyzer] Create MacroExpansionContext member in AnalysisConsumer.
Dec 15 2020, 5:21 AM · Restricted Project
xazax.hun added a comment to D93222: [analyzer] Introduce MacroExpansionContext to libAnalysis.

Overall looks good to me, I have some minor nits and questions inline.

Dec 15 2020, 5:16 AM · Restricted Project

Dec 2 2020

xazax.hun accepted D91902: [analyzer] Ignore annotations if func is inlined..

LGTM, thanks!

Dec 2 2020, 3:49 AM · Restricted Project
xazax.hun accepted D92432: [analyzer] Add a thin abstraction layer between libCrossTU and libAnalysis..

LGTM!

Dec 2 2020, 3:47 AM · Restricted Project

Nov 26 2020

xazax.hun requested changes to D91902: [analyzer] Ignore annotations if func is inlined..
Nov 26 2020, 3:03 AM · Restricted Project
xazax.hun added a comment to D91902: [analyzer] Ignore annotations if func is inlined..

Thanks for working on this check! Please add the [analyzer] tag to the title of these patches.

Nov 26 2020, 3:03 AM · Restricted Project

Nov 21 2020

xazax.hun accepted D91223: Support struct annotations in FuchsiaHandleChecker..

LGTM!

Nov 21 2020, 10:20 AM · Restricted Project

Nov 19 2020

xazax.hun accepted D91223: Support struct annotations in FuchsiaHandleChecker..

Overall looks good, but please resolve the two nits before commiting.

Nov 19 2020, 9:03 PM · Restricted Project
xazax.hun added a comment to D91223: Support struct annotations in FuchsiaHandleChecker..

I think I might have an idea of what is going on. The handles are released in a PostCall. This is intended, as the handles are in the released state AFTER the call. When you call an unknown function with a pointer, that function is free to modify the contents of the pointer. Since the analyzer has no knowledge about the body of the function, it will do a conservative evaluation, escape the symbols in the struct, and create new symbols. This is why new symbols might be introduced. I think you could subscribe to escapes and check if you access the old symbols there. If that is the case and the escape is the result of calling an annotated function, maybe you can correctly mark those symbols as deleted.

Nov 19 2020, 6:48 AM · Restricted Project

Nov 18 2020

xazax.hun added a comment to D91223: Support struct annotations in FuchsiaHandleChecker..

I also have some questions:

  1. This patch does not work for case where the structure is passed in as pointer. The structure becomes lazycompoundval and I could not find the symbol there. Do you know what is going on?
Nov 18 2020, 2:59 AM · Restricted Project

Nov 16 2020

xazax.hun added inline comments to D91223: Support struct annotations in FuchsiaHandleChecker..
Nov 16 2020, 2:30 AM · Restricted Project
xazax.hun added a comment to D91223: Support struct annotations in FuchsiaHandleChecker..

I have a question about pointer members and I'd like to see some tests added. Otherwise, I like the direction.

Where should i add the tests?

Nov 16 2020, 2:28 AM · Restricted Project

Nov 13 2020

xazax.hun requested changes to D91223: Support struct annotations in FuchsiaHandleChecker..

I have a question about pointer members and I'd like to see some tests added. Otherwise, I like the direction.

Nov 13 2020, 7:17 AM · Restricted Project
xazax.hun updated the summary of D91223: Support struct annotations in FuchsiaHandleChecker..
Nov 13 2020, 7:05 AM · Restricted Project

Nov 2 2020

xazax.hun added a comment to D90362: scan-build supprot relative 'file' in cdb..

What's the plan regarding updating scan-build-py to match the upstream? It seems like this issue has already been address in the upstream version.

Nov 2 2020, 1:36 PM · Restricted Project

Oct 29 2020

xazax.hun added a comment to D90362: scan-build supprot relative 'file' in cdb..

I know that the current situation is a mess, but there is an alternative version of scan-build-py on Github, which is also distributed on pypi. Could you check if that version is also susceptible to this problem and open a pull request for the author in case it is?

Oct 29 2020, 2:36 AM · Restricted Project

Sep 11 2020

xazax.hun added inline comments to D87519: [analyzer][Liveness][NFC] Enqueue the CFGBlocks post-order.
Sep 11 2020, 11:10 AM · Restricted Project
xazax.hun added inline comments to D87518: [analyzer][Liveness][NFC] Remove an unneeded pass to collect variables that appear in an assignment.
Sep 11 2020, 10:54 AM · Restricted Project
xazax.hun accepted D87518: [analyzer][Liveness][NFC] Remove an unneeded pass to collect variables that appear in an assignment.

LGTM! Looks a lot cleaner this way.

Sep 11 2020, 10:52 AM · Restricted Project
xazax.hun added inline comments to D87518: [analyzer][Liveness][NFC] Remove an unneeded pass to collect variables that appear in an assignment.
Sep 11 2020, 10:51 AM · Restricted Project
xazax.hun added inline comments to D87518: [analyzer][Liveness][NFC] Remove an unneeded pass to collect variables that appear in an assignment.
Sep 11 2020, 10:50 AM · Restricted Project
xazax.hun accepted D82598: [analyzer][Liveness][NFC] Get rid of statement liveness, because such a thing doesn't exist.

So now all of the dependencies are landed and this should be ready for its prime time, right?

Sep 11 2020, 10:34 AM · Restricted Project

Aug 31 2020

xazax.hun accepted D86027: [analyzer] Add bool operator modeling for unque_ptr.

LG! Thanks!

Aug 31 2020, 10:05 AM · Restricted Project
xazax.hun added inline comments to D86027: [analyzer] Add bool operator modeling for unque_ptr.
Aug 31 2020, 3:09 AM · Restricted Project

Aug 24 2020

xazax.hun accepted D86446: [analyzer][docs][NFC] Document the ento namespace in the llvm/Lexicon.

LGTM with a nit.

Aug 24 2020, 7:37 AM · Restricted Project
xazax.hun added a comment to D86135: [analyzer][MacroExpansion] Fix a crash where multiple parameters resolved to __VA_ARGS__.

Is this related to https://bugs.llvm.org/show_bug.cgi?id=44493?

Aug 24 2020, 7:33 AM · Restricted Project

Aug 22 2020

xazax.hun added a comment to D85528: [analyzer] Fix cast evaluation on scoped enums in ExprEngine.

It would be nice to have this fix in clang11.
Do you think it's qualified for it?

Aug 22 2020, 10:42 AM · Restricted Project
xazax.hun added inline comments to D86293: [analyzer] Add modeling of Eq operator in smart ptr.
Aug 22 2020, 9:13 AM · Restricted Project
xazax.hun requested changes to D86027: [analyzer] Add bool operator modeling for unque_ptr.

Please add a test case, where the unique_ptr is initialized from a pointer parameter that has no assumptions. I think that case is not handled correctly.

Aug 22 2020, 9:01 AM · Restricted Project
xazax.hun added inline comments to D86223: [analyzer][z3] Use more elaborate Z3 variable names.
Aug 22 2020, 8:44 AM · Restricted Project
xazax.hun accepted D86223: [analyzer][z3] Use more elaborate Z3 variable names.

This is what I had in mind, thanks!

Aug 22 2020, 8:43 AM · Restricted Project

Aug 21 2020

xazax.hun accepted D86334: [analyzer] Remove redundant output errs.

LGTM, thanks!

Aug 21 2020, 2:19 AM · Restricted Project

Aug 20 2020

xazax.hun added a comment to D86223: [analyzer][z3] Use more elaborate Z3 variable names.

I wanted to conditionally, aka. in debug configuration override the base implementation of the SymbolData::getKindStr

Aug 20 2020, 10:11 AM · Restricted Project
xazax.hun added a comment to D86295: [analyzer] Reorder the layout of MemRegion and cache by hand for optimal size.

MemRegion is a popular class to instantiate in the analyzer so it looks good to me.
But unless you add a comment one will probably replace the offset with an optional as the part of a refactoring.

Aug 20 2020, 9:22 AM · Restricted Project
xazax.hun added a comment to D86223: [analyzer][z3] Use more elaborate Z3 variable names.

Eh, I'm not sure if it worth it to put these into virtual functions - as conditionally overriding functions is not really a good idea.

Aug 20 2020, 9:17 AM · Restricted Project

Aug 19 2020

xazax.hun added a comment to D86223: [analyzer][z3] Use more elaborate Z3 variable names.

Exactly, but you could return a StringRef to static storage.

Aug 19 2020, 12:22 PM · Restricted Project
xazax.hun accepted D86223: [analyzer][z3] Use more elaborate Z3 variable names.

I wonder whether having a virtual method for symbols to get the prefix would be cleaner (something like getKindCStr), but I do not insist.

Aug 19 2020, 10:24 AM · Restricted Project

Aug 17 2020

xazax.hun accepted D84715: [FIX] Avoid creating BFI when emitting remarks for dead functions.

Thanks! Sorry for not noticing this earlier. The fix looks good to me and indeed the original intention was to report dead functions with ORE.

Aug 17 2020, 9:36 PM · Restricted Project
xazax.hun added inline comments to D86027: [analyzer] Add bool operator modeling for unque_ptr.
Aug 17 2020, 4:18 AM · Restricted Project
xazax.hun accepted D86029: [analyzer] Add modeling for unque_ptr::get().
Aug 17 2020, 3:55 AM · Restricted Project

Aug 11 2020

xazax.hun added inline comments to D85752: [Analyzer] Store the pointed/referenced type for dynamic casts.
Aug 11 2020, 11:11 AM · Restricted Project

Aug 10 2020

xazax.hun added a comment to D85528: [analyzer] Fix cast evaluation on scoped enums in ExprEngine.
In D85528#2205799, @NoQ wrote:

I expect at least one LIT test without -analyzer-config crosscheck-with-z3=true

Aug 10 2020, 8:07 AM · Restricted Project

Aug 9 2020

xazax.hun added a comment to D85528: [analyzer] Fix cast evaluation on scoped enums in ExprEngine.

Looks reasonable to me, but I am not very familiar with the impacts of the additional casts. Do we lose some modeling power when we are using the regular constraint solver?

Aug 9 2020, 2:53 AM · Restricted Project

Aug 7 2020

xazax.hun added inline comments to D85319: [analyzer][RFC] Get info from the LLVM IR for precision.
Aug 7 2020, 1:38 AM · Restricted Project
xazax.hun accepted D84600: [Analyzer] Support note tags for smart ptr checker.

I think all the problems that left should be solved in a separate patch or even out of the scope for the GSoC.

Aug 7 2020, 1:26 AM · Restricted Project

Aug 4 2020

xazax.hun added inline comments to D84600: [Analyzer] Support note tags for smart ptr checker.
Aug 4 2020, 10:51 PM · Restricted Project

Jul 28 2020

xazax.hun added a comment to D84736: [analyzer] Handle pointer difference of ElementRegion and SymbolicRegion.

I think adding code snippets that are affected by this patch would make it much easier to evaluate the changes and whether this is a good idea or not.

Jul 28 2020, 11:04 AM · Restricted Project

Jul 23 2020

xazax.hun added a comment to D82598: [analyzer][Liveness][NFC] Get rid of statement liveness, because such a thing doesn't exist.

Actually, what I said initially is true:

[...] the only non-expression statements it queried are ObjCForCollectionStmts [...]

Jul 23 2020, 12:57 PM · Restricted Project

Jul 21 2020

xazax.hun added inline comments to D82598: [analyzer][Liveness][NFC] Get rid of statement liveness, because such a thing doesn't exist.
Jul 21 2020, 8:57 AM · Restricted Project

Jul 20 2020

xazax.hun added a comment to D82598: [analyzer][Liveness][NFC] Get rid of statement liveness, because such a thing doesn't exist.

I chased my own tail for weeks before realizing that there is indeed another instance when a live statement is stored, other then ObjCForCollectionStmt...

void clang_analyzer_eval(bool);

void test_lambda_refcapture() {
  int a = 6;
  [&](int &a) { a = 42; }(a);
  clang_analyzer_eval(a == 42); // expected-warning{{TRUE}}
}
Jul 20 2020, 9:08 AM · Restricted Project

Jul 15 2020

xazax.hun added inline comments to D83877: [Analyzer] Handle unique_ptr::swap() in SmartPtrModeling.
Jul 15 2020, 9:59 AM · Restricted Project
xazax.hun added inline comments to D83836: [Analyzer] Add checkRegionChanges for SmartPtrModeling.
Jul 15 2020, 8:27 AM · Restricted Project
xazax.hun accepted D83877: [Analyzer] Handle unique_ptr::swap() in SmartPtrModeling.

LGTM, thanks!

Jul 15 2020, 8:21 AM · Restricted Project

Jul 14 2020

xazax.hun added a comment to D83286: [analyzer][solver] Track symbol disequalities.

@xazax.hun You were interested in performance ⏫

These results here compare this patch together with D82445 against master.

Jul 14 2020, 4:45 AM · Restricted Project

Jul 7 2020

xazax.hun accepted D82445: [analyzer][solver] Track symbol equivalence.

Thanks, LGTM!

Jul 7 2020, 4:59 AM · Restricted Project
xazax.hun added inline comments to D82445: [analyzer][solver] Track symbol equivalence.
Jul 7 2020, 2:37 AM · Restricted Project
xazax.hun added inline comments to D82445: [analyzer][solver] Track symbol equivalence.
Jul 7 2020, 2:31 AM · Restricted Project

Jun 30 2020

xazax.hun added a comment to D82856: [analyzer][Z3-refutation] Add statistics for refutation visitor.

Yay! This looks good to me and I love statistics, so a huge +1.
I have one question though. Isn't this counting all the reports in an equivalence class? I.e. if the analyzer finds something multiple times it will only be displayed once but here it will be counted multiple times. I think it might be worth to have two statistics, one for all bug reports and one for equivalence classes. What do you think?

Jun 30 2020, 4:18 AM · Restricted Project

Jun 29 2020

xazax.hun added inline comments to D81315: [analyzer] Warning for default constructed unique pointer dereferences.
Jun 29 2020, 4:17 AM · Restricted Project
xazax.hun accepted D82598: [analyzer][Liveness][NFC] Get rid of statement liveness, because such a thing doesn't exist.

@Szelethus
The patch looks good to me and I find it a welcome change that should make things easier to understand and maybe even a bit more efficient, I hope this won't break ObjC :) My discussion with Artem is orthogonal to this change.

Jun 29 2020, 3:44 AM · Restricted Project

Jun 26 2020

xazax.hun added a comment to D82598: [analyzer][Liveness][NFC] Get rid of statement liveness, because such a thing doesn't exist.
In D82598#2115656, @NoQ wrote:

We could just kill all subexpr at the end of the full expression

I suspect that it would be pretty bad if you, say, kill the condition of the if-statement before picking the branch. Or kill the initializer in the DeclStmt before putting it into the variable (same for CXXCtorInitializer which isn't even a Stmt!).

Jun 26 2020, 2:40 AM · Restricted Project
xazax.hun added a comment to D82561: [analyzer][CrossTU] Lower CTUImportThreshold default value.

That means perform a get CTU definition if the TU to be imported (where the function comes from) is small? Otherwise it does not matter how small the function is, it can result in importing of large amount of code. Determining parameters (like "smallness") of the TU is probably not simple.

Measuring the smallness of a function is currently not trivial if the function is in another TU. But theoretically, the creation process of the CTU index has access to the number of declarations in a function, which could be used as a metric for complexity.

Jun 26 2020, 2:40 AM · Restricted Project

Jun 25 2020

xazax.hun added a comment to D82598: [analyzer][Liveness][NFC] Get rid of statement liveness, because such a thing doesn't exist.

I always wondered if we actually need to track the liveness of exprs at all. We could just kill all subexpr at the end of the full expression without precomputing anything. But I might miss something.

Jun 25 2020, 3:18 PM · Restricted Project
xazax.hun added a comment to D82561: [analyzer][CrossTU] Lower CTUImportThreshold default value.

The analyzer inlines small functions within a TU regardless of the thresholds. I think it would be sensible to do the same across TUs in the case we don't do this already.

Jun 25 2020, 3:18 PM · Restricted Project

Jun 24 2020

xazax.hun added a comment to D82445: [analyzer][solver] Track symbol equivalence.

I only checked the test cases and the comments so far and it looks very useful and promising. I really hope that the performance will be ok :) I'll look at the actual code changes later.

Jun 24 2020, 4:17 AM · Restricted Project
xazax.hun added inline comments to D82381: [analyzer] Introduce small improvements to the solver infra.
Jun 24 2020, 4:17 AM · Restricted Project

Jun 14 2020

xazax.hun added inline comments to D81315: [analyzer] Warning for default constructed unique pointer dereferences.
Jun 14 2020, 2:40 AM · Restricted Project

Jun 12 2020

xazax.hun accepted D78933: [analyzer] Reasoning about comparison expressions in RangeConstraintManager.

I would not call the results of the measurement within the margin of error but the results do not look bad. Unless there is some objection from someone else I am ok with committing this but please change the title of revision before committing. When one says optimization we often think about performance. It should say something like reasoning about more comparison operations.

Jun 12 2020, 9:45 AM · Restricted Project

Jun 10 2020

xazax.hun added inline comments to D81564: [analyzer] SATest: Add posibility to download source from git and zip.
Jun 10 2020, 11:04 AM · Restricted Project

Jun 6 2020

xazax.hun added inline comments to D81315: [analyzer] Warning for default constructed unique pointer dereferences.
Jun 6 2020, 1:02 AM · Restricted Project
xazax.hun added a comment to D81315: [analyzer] Warning for default constructed unique pointer dereferences.

Please add the [analyzer] tag in front of your patches as some folks have automated scripts based on that tag to add themselves as subscriber/reviewer.

Jun 6 2020, 1:02 AM · Restricted Project

Jun 2 2020

xazax.hun added a comment to D77866: [analyzer][CallAndMessage] Add checker options for each bug category.
In D77866#2069144, @NoQ wrote:

Like, i mean, the tree of packages that we currently have is a wrong abstraction.

Jun 2 2020, 10:58 AM · Restricted Project

May 29 2020

xazax.hun added a comment to D80016: [analyzer] StdLibraryFunctionsChecker: Add support to lookup types.

A high level comment.

May 29 2020, 9:12 AM · Restricted Project
xazax.hun added a comment to D78933: [analyzer] Reasoning about comparison expressions in RangeConstraintManager.

@xazax.hun, any thoughts?

May 29 2020, 5:56 AM · Restricted Project

May 26 2020

xazax.hun added inline comments to D77148: [analyzer] ApiModeling: Add buffer size arg constraint with multiplier involved.
May 26 2020, 10:16 AM · Restricted Project
xazax.hun added inline comments to D77148: [analyzer] ApiModeling: Add buffer size arg constraint with multiplier involved.
May 26 2020, 9:44 AM · Restricted Project

May 19 2020

xazax.hun added inline comments to D80171: [analyzer] LoopUnrolling: fix crash when a parameter is a loop counter.
May 19 2020, 5:54 AM · Restricted Project
xazax.hun added reviewers for D80171: [analyzer] LoopUnrolling: fix crash when a parameter is a loop counter: NoQ, vsavchenko.

Thanks for finding this bug! Adding some reviewers.

May 19 2020, 5:54 AM · Restricted Project
xazax.hun added inline comments to D80117: [analyzer] Introduce reasoning about symbolic remainder operator.
May 19 2020, 5:54 AM · Restricted Project

May 13 2020

xazax.hun added inline comments to D78933: [analyzer] Reasoning about comparison expressions in RangeConstraintManager.
May 13 2020, 7:32 AM · Restricted Project

May 8 2020

xazax.hun added a comment to D78933: [analyzer] Reasoning about comparison expressions in RangeConstraintManager.

I still have some nits inline, but overall the implementation looks good to me.
I think, however, that we should not only focus on the implementation but on the high-level questions.
Is this the way forward we want? Can we do it more efficiently? What is the performance penalty of this solution?

May 8 2020, 4:47 AM · Restricted Project
xazax.hun added a comment to D75430: [analyzer][NFC] Introduce CXXDeallocatorCall, deploy it in MallocChecker.

Overall looks good to me some questions and nits inline.

May 8 2020, 4:15 AM · Restricted Project

May 7 2020

xazax.hun added a comment to D79423: [analyzer][NFC] StdLibraryFunctionsChecker: Add empty Signatures.
  1. Some function types contain non-builtin types. E.g. FILE*. We cannot get this type as easily as we do with builtin types (we can get builtins simply from the ASTContext). In case of such a compound type, we should be digging up the type from the AST, and that can be done by doing a lookup.
May 7 2020, 9:05 AM · Restricted Project

May 6 2020

xazax.hun added inline comments to D78933: [analyzer] Reasoning about comparison expressions in RangeConstraintManager.
May 6 2020, 12:25 PM · Restricted Project
xazax.hun added a comment to D79423: [analyzer][NFC] StdLibraryFunctionsChecker: Add empty Signatures.

I don't think that could be a concern.
Actually, redefinition of a reserved name either in the C or in the C++ standard library is undefined behavior:

May 6 2020, 9:07 AM · Restricted Project
xazax.hun added inline comments to D78933: [analyzer] Reasoning about comparison expressions in RangeConstraintManager.
May 6 2020, 8:02 AM · Restricted Project
xazax.hun added a comment to D78933: [analyzer] Reasoning about comparison expressions in RangeConstraintManager.

I have never run them before. How I can do this? What project to use as a sample?

May 6 2020, 8:02 AM · Restricted Project
xazax.hun accepted D79415: [analyzer][MallocChecker] When modeling realloc-like functions, don't early return if the argument is symbolic.

I do agree that the warning message is not the best but it is not horrible either :)

May 6 2020, 5:52 AM · Restricted Project