llvmbot wrote:
<!--LLVM PR SUMMARY COMMENT--> @llvm/pr-subscribers-clang-static-analyzer-1 Author: Balazs Benics (steakhal) <details> <summary>Changes</summary> Reverts llvm/llvm-project#<!-- -->128251 ASAN bots reported some errors: https://lab.llvm.org/buildbot/#/builders/55/builds/10398 Reverting for investigation. ``` Failed Tests (6): Clang :: Analysis/loop-widening-ignore-static-methods.cpp Clang :: Analysis/loop-widening-notes.cpp Clang :: Analysis/loop-widening-preserve-reference-type.cpp Clang :: Analysis/loop-widening.c Clang :: Analysis/loop-widening.cpp Clang :: Analysis/this-pointer.cpp Testing Time: 411.55s Total Discovered Tests: 118563 Skipped : 33 (0.03%) Unsupported : 2015 (1.70%) Passed : 116291 (98.08%) Expectedly Failed: 218 (0.18%) Failed : 6 (0.01%) FAILED: CMakeFiles/check-all /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/CMakeFiles/check-all cd /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan && /usr/bin/python3 /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/./bin/llvm-lit -sv --param USE_Z3_SOLVER=0 /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/utils/mlgo-utils /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/tools/lld/test /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/tools/mlir/test /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/tools/clang/test /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/utils/lit /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/test ninja: build stopped: subcommand failed. ``` ``` /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/bin/clang -cc1 -internal-isystem /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/lib/clang/21/include -nostdsysteminc -analyze -analyzer-constraints=range -setup-static-analyzer -analyzer-checker=core,unix.Malloc,debug.ExprInspection -analyzer-max-loop 4 -analyzer-config widen-loops=true -verify -analyzer-config eagerly-assume=false /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/test/Analysis/loop-widening.c # RUN: at line 1 + /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/bin/clang -cc1 -internal-isystem /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/lib/clang/21/include -nostdsysteminc -analyze -analyzer-constraints=range -setup-static-analyzer -analyzer-checker=core,unix.Malloc,debug.ExprInspection -analyzer-max-loop 4 -analyzer-config widen-loops=true -verify -analyzer-config eagerly-assume=false /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/test/Analysis/loop-widening.c PLEASE submit a bug report to https://github.com/llvm/llvm-project/issues/ and include the crash backtrace, preprocessed source, and associated run script. Stack dump: 0. Program arguments: /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/bin/clang -cc1 -internal-isystem /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/lib/clang/21/include -nostdsysteminc -analyze -analyzer-constraints=range -setup-static-analyzer -analyzer-checker=core,unix.Malloc,debug.ExprInspection -analyzer-max-loop 4 -analyzer-config widen-loops=true -verify -analyzer-config eagerly-assume=false /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/test/Analysis/loop-widening.c 1. <eof> parser at end of file 2. While analyzing stack: #<!-- -->0 Calling nested_loop_inner_widen #<!-- -->0 0x0000c894cca289cc llvm::sys::PrintStackTrace(llvm::raw_ostream&, int) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/llvm/lib/Support/Unix/Signals.inc:804:13 #<!-- -->1 0x0000c894cca23324 llvm::sys::RunSignalHandlers() /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/llvm/lib/Support/Signals.cpp:106:18 #<!-- -->2 0x0000c894cca29bbc SignalHandler(int, siginfo_t*, void*) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/llvm/lib/Support/Unix/Signals.inc:0:3 #<!-- -->3 0x0000f6898da4a8f8 (linux-vdso.so.1+0x8f8) #<!-- -->4 0x0000f6898d377608 (/lib/aarch64-linux-gnu/libc.so.6+0x87608) #<!-- -->5 0x0000f6898d32cb3c raise (/lib/aarch64-linux-gnu/libc.so.6+0x3cb3c) #<!-- -->6 0x0000f6898d317e00 abort (/lib/aarch64-linux-gnu/libc.so.6+0x27e00) #<!-- -->7 0x0000c894c5e77fec __sanitizer::Atexit(void (*)()) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_posix_libcdep.cpp:168:10 #<!-- -->8 0x0000c894c5e76680 __sanitizer::Die() /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/compiler-rt/lib/sanitizer_common/sanitizer_termination.cpp:52:5 #<!-- -->9 0x0000c894c5e69650 Unlock /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/compiler-rt/lib/hwasan/../sanitizer_common/sanitizer_mutex.h:250:16 #<!-- -->10 0x0000c894c5e69650 ~GenericScopedLock /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/compiler-rt/lib/hwasan/../sanitizer_common/sanitizer_mutex.h:386:51 #<!-- -->11 0x0000c894c5e69650 __hwasan::ScopedReport::~ScopedReport() /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/compiler-rt/lib/hwasan/hwasan_report.cpp:54:5 #<!-- -->12 0x0000c894c5e68de0 __hwasan::(anonymous namespace)::BaseReport::~BaseReport() /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/compiler-rt/lib/hwasan/hwasan_report.cpp:476:7 #<!-- -->13 0x0000c894c5e66b74 __hwasan::ReportTagMismatch(__sanitizer::StackTrace*, unsigned long, unsigned long, bool, bool, unsigned long*) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/compiler-rt/lib/hwasan/hwasan_report.cpp:1091:1 #<!-- -->14 0x0000c894c5e52cf8 Destroy /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/compiler-rt/lib/hwasan/../sanitizer_common/sanitizer_common.h:532:31 #<!-- -->15 0x0000c894c5e52cf8 ~InternalMmapVector /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/compiler-rt/lib/hwasan/../sanitizer_common/sanitizer_common.h:642:56 #<!-- -->16 0x0000c894c5e52cf8 __hwasan::HandleTagMismatch(__hwasan::AccessInfo, unsigned long, unsigned long, void*, unsigned long*) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/compiler-rt/lib/hwasan/hwasan.cpp:245:1 #<!-- -->17 0x0000c894c5e551c8 __hwasan_tag_mismatch4 /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/compiler-rt/lib/hwasan/hwasan.cpp:764:1 #<!-- -->18 0x0000c894c5e6a2f8 __interception::InterceptFunction(char const*, unsigned long*, unsigned long, unsigned long) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/compiler-rt/lib/interception/interception_linux.cpp:60:0 #<!-- -->19 0x0000c894d166f664 getBlock /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/include/clang/StaticAnalyzer/Core/PathSensitive/CoreEngine.h:217:45 #<!-- -->20 0x0000c894d166f664 getCFGElementRef /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/include/clang/StaticAnalyzer/Core/PathSensitive/ExprEngine.h:230:59 #<!-- -->21 0x0000c894d166f664 clang::ento::ExprEngine::processCFGBlockEntrance(clang::BlockEdge const&, clang::ento::NodeBuilderWithSinks&, clang::ento::ExplodedNode*) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/lib/StaticAnalyzer/Core/ExprEngine.cpp:2570:45 #<!-- -->22 0x0000c894d15f3a1c hasGeneratedNodes /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/include/clang/StaticAnalyzer/Core/PathSensitive/CoreEngine.h:333:37 #<!-- -->23 0x0000c894d15f3a1c clang::ento::CoreEngine::HandleBlockEdge(clang::BlockEdge const&, clang::ento::ExplodedNode*) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/lib/StaticAnalyzer/Core/CoreEngine.cpp:319:20 #<!-- -->24 0x0000c894d15f2c34 clang::ento::CoreEngine::dispatchWorkItem(clang::ento::ExplodedNode*, clang::ProgramPoint, clang::ento::WorkListUnit const&) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/lib/StaticAnalyzer/Core/CoreEngine.cpp:220:7 #<!-- -->25 0x0000c894d15f2398 operator-> /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/libcxx_install_hwasan/include/c++/v1/__memory/unique_ptr.h:267:101 #<!-- -->26 0x0000c894d15f2398 clang::ento::CoreEngine::ExecuteWorkList(clang::LocationContext const*, unsigned int, llvm::IntrusiveRefCntPtr<clang::ento::ProgramState const>)::$_0::operator()(unsigned int) const /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/lib/StaticAnalyzer/Core/CoreEngine.cpp:140:12 #<!-- -->27 0x0000c894d15f14b4 clang::ento::CoreEngine::ExecuteWorkList(clang::LocationContext const*, unsigned int, llvm::IntrusiveRefCntPtr<clang::ento::ProgramState const>) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/lib/StaticAnalyzer/Core/CoreEngine.cpp:165:7 #<!-- -->28 0x0000c894d0ebb9dc release /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/llvm/include/llvm/ADT/IntrusiveRefCntPtr.h:232:9 #<!-- -->29 0x0000c894d0ebb9dc ~IntrusiveRefCntPtr /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/llvm/include/llvm/ADT/IntrusiveRefCntPtr.h:196:27 #<!-- -->30 0x0000c894d0ebb9dc ExecuteWorkList /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/include/clang/StaticAnalyzer/Core/PathSensitive/ExprEngine.h:192:5 #<!-- -->31 0x0000c894d0ebb9dc RunPathSensitiveChecks /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:772:7 #<!-- -->32 0x0000c894d0ebb9dc (anonymous namespace)::AnalysisConsumer::HandleCode(clang::Decl*, unsigned int, clang::ento::ExprEngine::InliningModes, llvm::DenseSet<clang::Decl const*, llvm::DenseMapInfo<clang::Decl const*, void>>*) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:741:5 #<!-- -->33 0x0000c894d0eb6ee4 begin /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/llvm/include/llvm/ADT/DenseMap.h:0:0 #<!-- -->34 0x0000c894d0eb6ee4 begin /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/llvm/include/llvm/ADT/DenseSet.h:187:45 #<!-- -->35 0x0000c894d0eb6ee4 HandleDeclsCallGraph /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:516:29 #<!-- -->36 0x0000c894d0eb6ee4 runAnalysisOnTranslationUnit /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:584:5 #<!-- -->37 0x0000c894d0eb6ee4 (anonymous namespace)::AnalysisConsumer::HandleTranslationUnit(clang::ASTContext&) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:647:3 #<!-- -->38 0x0000c894d18a7a38 clang::ParseAST(clang::Sema&, bool, bool) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/lib/Parse/ParseAST.cpp:0:13 #<!-- -->39 0x0000c894ce81ed70 clang::FrontendAction::Execute() /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/lib/Frontend/FrontendAction.cpp:1231:10 #<!-- -->40 0x0000c894ce6f2144 getPtr /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/llvm/include/llvm/Support/Error.h:278:42 #<!-- -->41 0x0000c894ce6f2144 operator bool /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/llvm/include/llvm/Support/Error.h:241:16 #<!-- -->42 0x0000c894ce6f2144 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/lib/Frontend/CompilerInstance.cpp:1058:23 #<!-- -->43 0x0000c894cea718cc operator-> /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/libcxx_install_hwasan/include/c++/v1/__memory/shared_ptr.h:635:12 #<!-- -->44 0x0000c894cea718cc getFrontendOpts /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/include/clang/Frontend/CompilerInstance.h:307:12 #<!-- -->45 0x0000c894cea718cc clang::ExecuteCompilerInvocation(clang::CompilerInstance*) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:301:14 #<!-- -->46 0x0000c894c5e9cf28 cc1_main(llvm::ArrayRef<char const*>, char const*, void*) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/tools/driver/cc1_main.cpp:294:15 #<!-- -->47 0x0000c894c5e92a9c ExecuteCC1Tool(llvm::SmallVectorImpl<char const*>&, llvm::ToolContext const&) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/tools/driver/driver.cpp:223:12 #<!-- -->48 0x0000c894c5e902ac clang_main(int, char**, llvm::ToolContext const&) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/tools/driver/driver.cpp:0:12 #<!-- -->49 0x0000c894c5eb2e34 main /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/tools/clang/tools/driver/clang-driver.cpp:17:3 #<!-- -->50 0x0000f6898d3184c4 (/lib/aarch64-linux-gnu/libc.so.6+0x284c4) #<!-- -->51 0x0000f6898d318598 __libc_start_main (/lib/aarch64-linux-gnu/libc.so.6+0x28598) #<!-- -->52 0x0000c894c5e52a30 _start (/home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/bin/clang+0x6512a30) /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/tools/clang/test/Analysis/Output/loop-widening.c.script: line 2: 2870204 Aborted /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/bin/clang -cc1 -internal-isystem /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm_build_hwasan/lib/clang/21/include -nostdsysteminc -analyze -analyzer-constraints=range -setup-static-analyzer -analyzer-checker=core,unix.Malloc,debug.ExprInspection -analyzer-max-loop 4 -analyzer-config widen-loops=true -verify -analyzer-config eagerly-assume=false /home/b/sanitizer-aarch64-linux-bootstrap-hwasan/build/llvm-project/clang/test/Analysis/loop-widening.c ``` --- Patch is 131.33 KiB, truncated to 20.00 KiB below, full version: https://github.com/llvm/llvm-project/pull/137304.diff 41 Files Affected: - (modified) clang/include/clang/Analysis/CFG.h (+1-9) - (modified) clang/include/clang/StaticAnalyzer/Checkers/SValExplainer.h (+1-10) - (modified) clang/include/clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h (-2) - (modified) clang/include/clang/StaticAnalyzer/Core/PathSensitive/ExprEngine.h (+1-1) - (modified) clang/include/clang/StaticAnalyzer/Core/PathSensitive/LoopWidening.h (+1-2) - (modified) clang/include/clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h (+7-8) - (modified) clang/include/clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h (+27-10) - (modified) clang/include/clang/StaticAnalyzer/Core/PathSensitive/Store.h (+4-4) - (modified) clang/include/clang/StaticAnalyzer/Core/PathSensitive/SymbolManager.h (+22-49) - (modified) clang/lib/Analysis/CFG.cpp (+20-26) - (modified) clang/lib/StaticAnalyzer/Checkers/CStringChecker.cpp (+52-55) - (modified) clang/lib/StaticAnalyzer/Checkers/ContainerModeling.cpp (+26-29) - (modified) clang/lib/StaticAnalyzer/Checkers/ErrnoModeling.cpp (+3-3) - (modified) clang/lib/StaticAnalyzer/Checkers/ErrnoModeling.h (+2-3) - (modified) clang/lib/StaticAnalyzer/Checkers/ErrnoTesterChecker.cpp (+1-2) - (modified) clang/lib/StaticAnalyzer/Checkers/Iterator.cpp (+2-3) - (modified) clang/lib/StaticAnalyzer/Checkers/Iterator.h (+1-2) - (modified) clang/lib/StaticAnalyzer/Checkers/IteratorModeling.cpp (+42-51) - (modified) clang/lib/StaticAnalyzer/Checkers/MallocChecker.cpp (+3-5) - (modified) clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountChecker.cpp (+1-2) - (modified) clang/lib/StaticAnalyzer/Checkers/STLAlgorithmModeling.cpp (+12-14) - (modified) clang/lib/StaticAnalyzer/Checkers/SmartPtrModeling.cpp (+13-15) - (modified) clang/lib/StaticAnalyzer/Checkers/StdLibraryFunctionsChecker.cpp (+3-4) - (modified) clang/lib/StaticAnalyzer/Checkers/StreamChecker.cpp (+21-22) - (modified) clang/lib/StaticAnalyzer/Checkers/cert/InvalidPtrChecker.cpp (+1-1) - (modified) clang/lib/StaticAnalyzer/Core/CallEvent.cpp (+1-1) - (modified) clang/lib/StaticAnalyzer/Core/ExprEngine.cpp (+19-28) - (modified) clang/lib/StaticAnalyzer/Core/ExprEngineC.cpp (+24-29) - (modified) clang/lib/StaticAnalyzer/Core/ExprEngineCXX.cpp (+6-7) - (modified) clang/lib/StaticAnalyzer/Core/ExprEngineCallAndReturn.cpp (+3-4) - (modified) clang/lib/StaticAnalyzer/Core/ExprEngineObjC.cpp (+6-8) - (modified) clang/lib/StaticAnalyzer/Core/LoopWidening.cpp (+24-5) - (modified) clang/lib/StaticAnalyzer/Core/ProgramState.cpp (+4-4) - (modified) clang/lib/StaticAnalyzer/Core/RegionStore.cpp (+26-27) - (modified) clang/lib/StaticAnalyzer/Core/SValBuilder.cpp (+15-10) - (modified) clang/lib/StaticAnalyzer/Core/SymbolManager.cpp (+1-1) - (removed) clang/test/Analysis/PR57270.cpp (-30) - (modified) clang/test/Analysis/container-modeling.cpp (+2-2) - (modified) clang/test/Analysis/dump_egraph.cpp (+1) - (modified) clang/test/Analysis/explain-svals.cpp (+6-6) - (modified) clang/test/Analysis/explain-svals.m (+2-2) ``````````diff diff --git a/clang/include/clang/Analysis/CFG.h b/clang/include/clang/Analysis/CFG.h index e70c70335e597..a7ff38c786a8f 100644 --- a/clang/include/clang/Analysis/CFG.h +++ b/clang/include/clang/Analysis/CFG.h @@ -122,8 +122,7 @@ class CFGElement { return (Kind) x; } - void dumpToStream(llvm::raw_ostream &OS, - bool TerminateWithNewLine = true) const; + void dumpToStream(llvm::raw_ostream &OS) const; void dump() const { dumpToStream(llvm::errs()); @@ -696,11 +695,6 @@ class CFGBlock { void dump() const { dumpToStream(llvm::errs()); } - - void Profile(llvm::FoldingSetNodeID &ID) const { - ID.AddPointer(Parent); - ID.AddInteger(Index); - } }; template <bool IsReverse, bool IsConst> class ElementRefIterator { @@ -1196,8 +1190,6 @@ class CFGBlock { } }; -using ConstCFGElementRef = CFGBlock::ConstCFGElementRef; - /// CFGCallback defines methods that should be called when a logical /// operator error is found when building the CFG. class CFGCallback { diff --git a/clang/include/clang/StaticAnalyzer/Checkers/SValExplainer.h b/clang/include/clang/StaticAnalyzer/Checkers/SValExplainer.h index 6c1025ecc7f4d..519d2d5b3676b 100644 --- a/clang/include/clang/StaticAnalyzer/Checkers/SValExplainer.h +++ b/clang/include/clang/StaticAnalyzer/Checkers/SValExplainer.h @@ -19,7 +19,6 @@ #include "clang/AST/DeclCXX.h" #include "clang/StaticAnalyzer/Core/PathSensitive/SValVisitor.h" #include "llvm/ADT/StringExtras.h" -#include "llvm/Support/raw_ostream.h" namespace clang { @@ -30,13 +29,6 @@ class SValExplainer : public FullSValVisitor<SValExplainer, std::string> { ASTContext &ACtx; ProgramStateRef State; - std::string printCFGElementRef(ConstCFGElementRef Elem) { - std::string Str; - llvm::raw_string_ostream OS(Str); - Elem->dumpToStream(OS, /*TerminateWithNewLine=*/false); - return Str; - } - std::string printStmt(const Stmt *S) { std::string Str; llvm::raw_string_ostream OS(Str); @@ -122,8 +114,7 @@ class SValExplainer : public FullSValVisitor<SValExplainer, std::string> { std::string VisitSymbolConjured(const SymbolConjured *S) { return "symbol of type '" + S->getType().getAsString() + - "' conjured at CFG element '" + - printCFGElementRef(S->getCFGElementRef()) + "'"; + "' conjured at statement '" + printStmt(S->getStmt()) + "'"; } std::string VisitSymbolDerived(const SymbolDerived *S) { diff --git a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h index 63ca3efc6d228..bb33a6912bec7 100644 --- a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h +++ b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/CheckerContext.h @@ -151,8 +151,6 @@ class CheckerContext { return Pred->getSVal(S); } - ConstCFGElementRef getCFGElementRef() const { return Eng.getCFGElementRef(); } - /// Returns true if the value of \p E is greater than or equal to \p /// Val under unsigned comparison. bool isGreaterOrEqual(const Expr *E, unsigned long long Val); diff --git a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/ExprEngine.h b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/ExprEngine.h index 285194148d3d3..5f855251b3cde 100644 --- a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/ExprEngine.h +++ b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/ExprEngine.h @@ -226,7 +226,7 @@ class ExprEngine { return (*G.roots_begin())->getLocation().getLocationContext(); } - ConstCFGElementRef getCFGElementRef() const { + CFGBlock::ConstCFGElementRef getCFGElementRef() const { const CFGBlock *blockPtr = currBldrCtx ? currBldrCtx->getBlock() : nullptr; return {blockPtr, currStmtIdx}; } diff --git a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/LoopWidening.h b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/LoopWidening.h index 50f2197b8a174..e75228f92a8e5 100644 --- a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/LoopWidening.h +++ b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/LoopWidening.h @@ -27,8 +27,7 @@ namespace ento { /// by the loop body in any iteration. ProgramStateRef getWidenedLoopState(ProgramStateRef PrevState, const LocationContext *LCtx, - unsigned BlockCount, - ConstCFGElementRef Elem); + unsigned BlockCount, const Stmt *LoopStmt); } // end namespace ento } // end namespace clang diff --git a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h index 52714535e7907..4d66e086a2c2c 100644 --- a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h +++ b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/ProgramState.h @@ -313,7 +313,7 @@ class ProgramState : public llvm::FoldingSetNode { /// be triggered by this event. /// /// \param Regions the set of regions to be invalidated. - /// \param Elem The CFG Element that caused the invalidation. + /// \param E the expression that caused the invalidation. /// \param BlockCount The number of times the current basic block has been /// visited. /// \param CausesPointerEscape the flag is set to true when the invalidation @@ -325,17 +325,16 @@ class ProgramState : public llvm::FoldingSetNode { /// \param ITraits information about special handling for particular regions /// or symbols. [[nodiscard]] ProgramStateRef - invalidateRegions(ArrayRef<const MemRegion *> Regions, - ConstCFGElementRef Elem, unsigned BlockCount, - const LocationContext *LCtx, bool CausesPointerEscape, - InvalidatedSymbols *IS = nullptr, + invalidateRegions(ArrayRef<const MemRegion *> Regions, const Stmt *S, + unsigned BlockCount, const LocationContext *LCtx, + bool CausesPointerEscape, InvalidatedSymbols *IS = nullptr, const CallEvent *Call = nullptr, RegionAndSymbolInvalidationTraits *ITraits = nullptr) const; [[nodiscard]] ProgramStateRef - invalidateRegions(ArrayRef<SVal> Values, ConstCFGElementRef Elem, - unsigned BlockCount, const LocationContext *LCtx, - bool CausesPointerEscape, InvalidatedSymbols *IS = nullptr, + invalidateRegions(ArrayRef<SVal> Values, const Stmt *S, unsigned BlockCount, + const LocationContext *LCtx, bool CausesPointerEscape, + InvalidatedSymbols *IS = nullptr, const CallEvent *Call = nullptr, RegionAndSymbolInvalidationTraits *ITraits = nullptr) const; diff --git a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h index bd5d245645788..54430d426a82a 100644 --- a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h +++ b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h @@ -19,7 +19,6 @@ #include "clang/AST/Expr.h" #include "clang/AST/ExprObjC.h" #include "clang/AST/Type.h" -#include "clang/Analysis/CFG.h" #include "clang/Basic/LLVM.h" #include "clang/Basic/LangOptions.h" #include "clang/StaticAnalyzer/Core/PathSensitive/BasicValueFactory.h" @@ -172,11 +171,19 @@ class SValBuilder { // Forwarding methods to SymbolManager. - const SymbolConjured *conjureSymbol(ConstCFGElementRef Elem, + const SymbolConjured* conjureSymbol(const Stmt *stmt, const LocationContext *LCtx, - QualType type, unsigned visitCount, + QualType type, + unsigned visitCount, const void *symbolTag = nullptr) { - return SymMgr.conjureSymbol(Elem, LCtx, type, visitCount, symbolTag); + return SymMgr.conjureSymbol(stmt, LCtx, type, visitCount, symbolTag); + } + + const SymbolConjured* conjureSymbol(const Expr *expr, + const LocationContext *LCtx, + unsigned visitCount, + const void *symbolTag = nullptr) { + return SymMgr.conjureSymbol(expr, LCtx, visitCount, symbolTag); } /// Construct an SVal representing '0' for the specified type. @@ -192,19 +199,29 @@ class SValBuilder { /// preserve the relation between related(or even equivalent) expressions, so /// conjured symbols should be used sparingly. DefinedOrUnknownSVal conjureSymbolVal(const void *symbolTag, - ConstCFGElementRef elem, + const Expr *expr, const LocationContext *LCtx, unsigned count); - DefinedOrUnknownSVal conjureSymbolVal(const void *symbolTag, - ConstCFGElementRef elem, + DefinedOrUnknownSVal conjureSymbolVal(const void *symbolTag, const Stmt *S, const LocationContext *LCtx, QualType type, unsigned count); - DefinedOrUnknownSVal conjureSymbolVal(ConstCFGElementRef elem, + DefinedOrUnknownSVal conjureSymbolVal(const Stmt *stmt, const LocationContext *LCtx, - QualType type, unsigned visitCount); + QualType type, + unsigned visitCount); /// Conjure a symbol representing heap allocated memory region. - DefinedSVal getConjuredHeapSymbolVal(ConstCFGElementRef elem, + /// + /// Note, the expression should represent a location. + DefinedSVal getConjuredHeapSymbolVal(const Expr *E, + const LocationContext *LCtx, + unsigned Count); + + /// Conjure a symbol representing heap allocated memory region. + /// + /// Note, now, the expression *doesn't* need to represent a location. + /// But the type need to! + DefinedSVal getConjuredHeapSymbolVal(const Expr *E, const LocationContext *LCtx, QualType type, unsigned Count); diff --git a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/Store.h b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/Store.h index 29a53fcc9e28d..cf7623c7be409 100644 --- a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/Store.h +++ b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/Store.h @@ -14,13 +14,13 @@ #define LLVM_CLANG_STATICANALYZER_CORE_PATHSENSITIVE_STORE_H #include "clang/AST/Type.h" -#include "clang/Basic/LLVM.h" #include "clang/StaticAnalyzer/Core/PathSensitive/MemRegion.h" #include "clang/StaticAnalyzer/Core/PathSensitive/ProgramState_Fwd.h" #include "clang/StaticAnalyzer/Core/PathSensitive/SValBuilder.h" #include "clang/StaticAnalyzer/Core/PathSensitive/SVals.h" #include "clang/StaticAnalyzer/Core/PathSensitive/StoreRef.h" #include "clang/StaticAnalyzer/Core/PathSensitive/SymExpr.h" +#include "clang/Basic/LLVM.h" #include "llvm/ADT/ArrayRef.h" #include "llvm/ADT/DenseSet.h" #include "llvm/ADT/SmallVector.h" @@ -223,7 +223,7 @@ class StoreManager { /// /// \param[in] store The initial store. /// \param[in] Values The values to invalidate. - /// \param[in] Elem The current CFG Element being evaluated. Used to conjure + /// \param[in] S The current statement being evaluated. Used to conjure /// symbols to mark the values of invalidated regions. /// \param[in] Count The current block count. Used to conjure /// symbols to mark the values of invalidated regions. @@ -241,8 +241,8 @@ class StoreManager { /// even if they do not currently have bindings. Pass \c NULL if this /// information will not be used. virtual StoreRef invalidateRegions( - Store store, ArrayRef<SVal> Values, ConstCFGElementRef Elem, - unsigned Count, const LocationContext *LCtx, const CallEvent *Call, + Store store, ArrayRef<SVal> Values, const Stmt *S, unsigned Count, + const LocationContext *LCtx, const CallEvent *Call, InvalidatedSymbols &IS, RegionAndSymbolInvalidationTraits &ITraits, InvalidatedRegions *TopLevelRegions, InvalidatedRegions *Invalidated) = 0; diff --git a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/SymbolManager.h b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/SymbolManager.h index 9e7c98fdded17..cbbea1b56bb40 100644 --- a/clang/include/clang/StaticAnalyzer/Core/PathSensitive/SymbolManager.h +++ b/clang/include/clang/StaticAnalyzer/Core/PathSensitive/SymbolManager.h @@ -80,62 +80,29 @@ class SymbolRegionValue : public SymbolData { /// A symbol representing the result of an expression in the case when we do /// not know anything about what the expression is. class SymbolConjured : public SymbolData { - ConstCFGElementRef Elem; + const Stmt *S; QualType T; unsigned Count; const LocationContext *LCtx; const void *SymbolTag; friend class SymExprAllocator; - SymbolConjured(SymbolID sym, ConstCFGElementRef elem, - const LocationContext *lctx, QualType t, unsigned count, - const void *symbolTag) - : SymbolData(SymbolConjuredKind, sym), Elem(elem), T(t), Count(count), + SymbolConjured(SymbolID sym, const Stmt *s, const LocationContext *lctx, + QualType t, unsigned count, const void *symbolTag) + : SymbolData(SymbolConjuredKind, sym), S(s), T(t), Count(count), LCtx(lctx), SymbolTag(symbolTag) { + // FIXME: 's' might be a nullptr if we're conducting invalidation + // that was caused by a destructor call on a temporary object, + // which has no statement associated with it. + // Due to this, we might be creating the same invalidation symbol for + // two different invalidation passes (for two different temporaries). assert(lctx); assert(isValidTypeForSymbol(t)); } public: - ConstCFGElementRef getCFGElementRef() const { return Elem; } - - // It might return null. - const Stmt *getStmt() const { - switch (Elem->getKind()) { - case CFGElement::Initializer: - return Elem->castAs<CFGInitializer>().getInitializer()->getInit(); - case CFGElement::ScopeBegin: - return Elem->castAs<CFGScopeBegin>().getTriggerStmt(); - case CFGElement::ScopeEnd: - return Elem->castAs<CFGScopeEnd>().getTriggerStmt(); - case CFGElement::NewAllocator: - return Elem->castAs<CFGNewAllocator>().getAllocatorExpr(); - case CFGElement::LifetimeEnds: - return Elem->castAs<CFGLifetimeEnds>().getTriggerStmt(); - case CFGElement::LoopExit: - return Elem->castAs<CFGLoopExit>().getLoopStmt(); - case CFGElement::Statement: - return Elem->castAs<CFGStmt>().getStmt(); - case CFGElement::Constructor: - return Elem->castAs<CFGConstructor>().getStmt(); - case CFGElement::CXXRecordTypedCall: - return Elem->castAs<CFGCXXRecordTypedCall>().getStmt(); - case CFGElement::AutomaticObjectDtor: - return Elem->castAs<CFGAutomaticObjDtor>().getTriggerStmt(); - case CFGElement::DeleteDtor: - return Elem->castAs<CFGDeleteDtor>().getDeleteExpr(); - case CFGElement::BaseDtor: - return nullptr; - case CFGElement::MemberDtor: - return nullptr; - case CFGElement::TemporaryDtor: - return Elem->castAs<CFGTemporaryDtor>().getBindTemporaryExpr(); - case CFGElement::CleanupFunction: - return nullptr; - } - return nullptr; - } - + /// It might return null. + const Stmt *getStmt() const { return S; } unsigned getCount() const { return Count; } /// It might return null. const void *getTag() const { return SymbolTag; } @@ -146,11 +113,11 @@ class SymbolConjured : public SymbolData { void dumpToStream(raw_ostream &os) const override; - static void Profile(llvm::FoldingSetNodeID &profile, ConstCFGElementRef Elem, + static void Profile(llvm::FoldingSetNodeID &profile, const Stmt *S, const LocationContext *LCtx, QualType T, unsigned Count, const void *SymbolTag) { profile.AddInteger((unsigned)SymbolConjuredKind); - profile.Add(Elem); + profile.AddPointer(S); profile.AddPointer(LCtx); profile.Add(T); profile.AddInteger(Count); @@ -158,7 +125,7 @@ class SymbolConjured : public SymbolData { } void Profile(llvm::FoldingSetNodeID& profile) override { - Profile(profile, Elem, LCtx, T, Count, SymbolTag); + Profile(profile, S, LCtx, T, Count, SymbolTag); } // Implement isa<T> support. @@ -566,12 +533,18 @@ class SymbolManager { template <typename SymExprT, typename... Args> const SymExprT *acquire(Args &&...args); - const SymbolConjured *conjureSymbol(ConstCFGElementRef Elem, + const SymbolConjured *conjureSymbol(const Stmt *E, const LocationContext *LCtx, QualType T, unsigned VisitCount, const void *SymbolTag = nullptr) { + return acquire<SymbolConjured>(E, LCtx, T, VisitCount, SymbolTag); + } - return acquire<SymbolConjured>(Elem, LCtx, T, VisitCount, SymbolTag); + const SymbolConjured* conjureSymbol(const Expr *E, + const LocationContext *LCtx, + unsigned VisitCount, + const void *SymbolTag = nullptr) { + return conjureSymbol(E, LCtx, E->getType(), VisitCount, SymbolTag); } QualType getType(const SymExpr *SE) const { diff --git a/clang/lib/Analysis/CFG.cpp b/clang/lib/Analysis/CFG.cpp index 4b50b9248d21a..d03a0a544b016 100644 --- a/clang/lib/Analysis/CFG.cpp +++ b/clang/lib/Analysis/CFG.cpp @@ -5803,17 +5803,16 @@ static void print_construction_context(raw_ostream &OS, } static void print_elem(raw_ostream &OS, StmtPrinterHelper &Helper, - const CFGElement &E, bool TerminateWithNewLine = true); + const CFGElement &E); -void CFGElement::dumpToStream(llvm::raw_ostream &OS, - bool TerminateWithNewLine) const { +void CFGElement::dumpToStream(llvm::raw_ostream &OS) const { LangOptions LangOpts; StmtPrinterHelper Helper(nullptr, LangOpts); - print_elem(OS, Helper, *this, TerminateWithNewLine); + print_elem(OS, Helper, *this); } static void print_elem(raw_ostream &OS, StmtPrinterHelper &Helper, - const CFGElement &E, bool TerminateWithNewLine) { + const CFGElement &E) { switch (E.getKind()) { case CFGElement::Kind::Statement: case CFGElement::Kind::CXXRecordTypedCall: @@ -5830,9 +5829,7 @@ static void print_elem(raw_ostream &OS, StmtPrinterHelper &Helper, if (Children.begin() != Children.end()) { OS << "({ ... ; "; Helper.handledStmt(*SE->getSubStmt()->body_rbegin(),OS); - OS << " })"; - if (TerminateWithNewLine) - OS << '\n'; + OS << " })\n"; return; } } @@ -5841,8 +5838,7 @@ static void print_elem(raw_ostream &OS, StmtPrinterHelper &Helper, if (B->getOpcode() == BO_Comma) { OS << "... , "; Helper.handledStmt(B->getRHS(),OS); - if (TerminateWithNewLine) - OS << '\n'; + OS << '\n'; return; } } @@ -5870,14 +5866,15 @@ static void print_elem(raw_ostream &OS, StmtPrinterHelper &Helper, } // Expressions need a newline. - if (isa<Expr>(S) && TerminateWithNewLine) + if (isa<Expr>(S)) OS << '\n'; - return; + break; } case CFGElement::Kind::Initializer: print_initializer(OS, Helper, E.castAs<CFGInitializer>().getInitializer()); + OS << '\n'; break; case CFGElement::Kind::AutomaticObjectDtor: { @@ -5891,44 +5888,43 @@ static void print_elem(raw_ostream &OS, StmtPrinterHelper &Helper, OS << ".~"; T.getUnqualifiedType().print(OS, PrintingPolicy(Helper.getLangOpts())... [truncated] `````````` </details> https://github.com/llvm/llvm-project/pull/137304 _______________________________________________ cfe-commits mailing list cfe-commits@lists.llvm.org https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
