https://github.com/fangyi-zhou created
https://github.com/llvm/llvm-project/pull/128251
Closes #57270.
This PR changes the `Stmt *` field in `SymbolConjured` with
`CFGBlock::ConstCFGElementRef`. The motivation is that, when conjuring a
symbol, there might not always be a statement available,
@@ -1376,8 +1379,8 @@ StoreRef RegionStoreManager::invalidateRegions(
}
RegionBindingsRef B = getRegionBindings(store);
- InvalidateRegionsWorker W(*this, StateMgr, B, S, Count, LCtx, IS, ITraits,
-Invalidated, GlobalsFilter);
+ InvalidateRegi
@@ -171,20 +172,27 @@ class SValBuilder {
// Forwarding methods to SymbolManager.
- const SymbolConjured* conjureSymbol(const Stmt *stmt,
- const LocationContext *LCtx,
- QualType type,
-
@@ -113,19 +120,21 @@ class SymbolConjured : public SymbolData {
void dumpToStream(raw_ostream &os) const override;
- static void Profile(llvm::FoldingSetNodeID &profile, const Stmt *S,
+ static void Profile(llvm::FoldingSetNodeID &profile,
+ const CF
@@ -867,18 +868,18 @@ ProgramStateRef createContainerBegin(ProgramStateRef
State,
return setContainerData(State, Cont, CData);
}
-ProgramStateRef createContainerEnd(ProgramStateRef State, const MemRegion
*Cont,
- const Expr *E, QualType T,
@@ -844,7 +845,7 @@ SymbolRef getContainerEnd(ProgramStateRef State, const
MemRegion *Cont) {
return CDataPtr->getEnd();
}
-ProgramStateRef createContainerBegin(ProgramStateRef State,
+ProgramStateRef createContainerBegin(CheckerContext &C, ProgramStateRef State,
@@ -111,8 +111,13 @@ class SValExplainer : public
FullSValVisitor {
}
std::string VisitSymbolConjured(const SymbolConjured *S) {
-return "symbol of type '" + S->getType().getAsString() +
- "' conjured at statement '" + printStmt(S->getStmt()) + "'";
+std
https://github.com/fangyi-zhou ready_for_review
https://github.com/llvm/llvm-project/pull/128251
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
fangyi-zhou wrote:
I've made some more progress, the crash goes away, there are still some review
comments that I need to address, which I'll try to complete later.
```
/home/fangyi/playground/bug.cc:21:5: warning: value derived from (symbol of
type 'int' conjured at statement '->~S() (Implici
@@ -111,8 +111,13 @@ class SValExplainer : public
FullSValVisitor {
}
std::string VisitSymbolConjured(const SymbolConjured *S) {
-return "symbol of type '" + S->getType().getAsString() +
- "' conjured at statement '" + printStmt(S->getStmt()) + "'";
+std
@@ -151,72 +151,63 @@ SValBuilder::getRegionValueSymbolVal(const
TypedValueRegion *region) {
return nonloc::SymbolVal(sym);
}
-DefinedOrUnknownSVal SValBuilder::conjureSymbolVal(const void *SymbolTag,
- const Expr *Ex,
-
https://github.com/fangyi-zhou edited
https://github.com/llvm/llvm-project/pull/128251
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
@@ -494,7 +494,7 @@ void IteratorModeling::handleComparison(CheckerContext &C,
const Expr *CE,
auto &SymMgr = C.getSymbolManager();
auto *LCtx = C.getLocationContext();
RetVal = nonloc::SymbolVal(SymMgr.conjureSymbol(
-CE, LCtx, C.getASTContext().BoolTy, C.
@@ -27,7 +27,8 @@ namespace ento {
/// by the loop body in any iteration.
ProgramStateRef getWidenedLoopState(ProgramStateRef PrevState,
const LocationContext *LCtx,
-unsigned BlockCount, const Stmt *LoopSt
@@ -171,19 +172,11 @@ class SValBuilder {
// Forwarding methods to SymbolManager.
- const SymbolConjured* conjureSymbol(const Stmt *stmt,
- const LocationContext *LCtx,
- QualType type,
-
@@ -171,19 +172,11 @@ class SValBuilder {
// Forwarding methods to SymbolManager.
- const SymbolConjured* conjureSymbol(const Stmt *stmt,
- const LocationContext *LCtx,
- QualType type,
-
@@ -198,32 +191,24 @@ class SValBuilder {
/// The advantage of symbols derived/built from other symbols is that we
/// preserve the relation between related(or even equivalent) expressions, so
/// conjured symbols should be used sparingly.
- DefinedOrUnknownSVal conjureS
@@ -533,18 +538,12 @@ class SymbolManager {
template
const SymExprT *acquire(Args &&...args);
- const SymbolConjured *conjureSymbol(const Stmt *E,
- const LocationContext *LCtx, QualType T,
- unsig
@@ -1515,7 +1515,8 @@ void CStringChecker::evalCopyCommon(CheckerContext &C,
const CallEvent &Call,
// conjure a return value for later.
if (lastElement.isUnknown())
lastElement = C.getSValBuilder().conjureSymbolVal(
-nullptr, Call.getOriginExpr
@@ -198,32 +191,24 @@ class SValBuilder {
/// The advantage of symbols derived/built from other symbols is that we
/// preserve the relation between related(or even equivalent) expressions, so
/// conjured symbols should be used sparingly.
- DefinedOrUnknownSVal conjureS
@@ -1376,8 +1379,8 @@ StoreRef RegionStoreManager::invalidateRegions(
}
RegionBindingsRef B = getRegionBindings(store);
- InvalidateRegionsWorker W(*this, StateMgr, B, S, Count, LCtx, IS, ITraits,
-Invalidated, GlobalsFilter);
+ InvalidateRegi
@@ -151,10 +151,10 @@ SValBuilder::getRegionValueSymbolVal(const
TypedValueRegion *region) {
return nonloc::SymbolVal(sym);
}
-DefinedOrUnknownSVal SValBuilder::conjureSymbolVal(const void *SymbolTag,
fangyi-zhou wrote:
This overload would have been remove
@@ -166,57 +166,47 @@ DefinedOrUnknownSVal SValBuilder::conjureSymbolVal(const
void *SymbolTag,
if (Ex->isGLValue())
T = LCtx->getAnalysisDeclContext()->getASTContext().getPointerType(ExType);
- return conjureSymbolVal(SymbolTag, Ex, LCtx, T, Count);
+ return conjureS
@@ -695,6 +695,21 @@ class CFGBlock {
void dump() const {
dumpToStream(llvm::errs());
}
+
+void Profile(llvm::FoldingSetNodeID &ID) const {
+ ID.AddPointer(Parent);
+ ID.AddInteger(Index);
+}
+
+int64_t getID() const {
fangyi
fangyi-zhou wrote:
May I get a re-review for the changes please?
https://github.com/llvm/llvm-project/pull/128251
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/fangyi-zhou ready_for_review
https://github.com/llvm/llvm-project/pull/136041
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/fangyi-zhou created
https://github.com/llvm/llvm-project/pull/136041
As reported in #135665, C++20 parenthesis initializer list expressions are not
handled correctly and were causing crashes. This commit attempts to fix the
issue by handing parenthesis initializer lists alon
fangyi-zhou wrote:
Sorry I've been a bit busy with other things, just had some time to address the
review comments. Please let me know if anything else needs changing
https://github.com/llvm/llvm-project/pull/128251
___
cfe-commits mailing list
cfe-co
https://github.com/fangyi-zhou updated
https://github.com/llvm/llvm-project/pull/136041
>From 6379f403e0967b820f9385581f9d23dd18297831 Mon Sep 17 00:00:00 2001
From: Fangyi Zhou
Date: Wed, 16 Apr 2025 23:52:39 +0100
Subject: [PATCH] [clang][analyzer] Handle CXXParenInitListExpr alongside
InitL
https://github.com/fangyi-zhou updated
https://github.com/llvm/llvm-project/pull/136041
>From 5dc9d55eb04d94c01dba0364b51a509f975e542a Mon Sep 17 00:00:00 2001
From: Fangyi Zhou
Date: Thu, 17 Apr 2025 23:02:37 +0100
Subject: [PATCH] [clang][analyzer] Handle CXXParenInitListExpr alongside
InitL
https://github.com/fangyi-zhou updated
https://github.com/llvm/llvm-project/pull/136041
>From a0b769ee35df18418ed410e30ac6cdde9024a4f1 Mon Sep 17 00:00:00 2001
From: Fangyi Zhou
Date: Wed, 16 Apr 2025 23:52:39 +0100
Subject: [PATCH 1/4] [clang][analyzer] Handle CXXParenInitListExpr alongside
I
fangyi-zhou wrote:
Sorry I didn't notice, will fix.
https://github.com/llvm/llvm-project/pull/136041
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/fangyi-zhou updated
https://github.com/llvm/llvm-project/pull/136041
>From a0b769ee35df18418ed410e30ac6cdde9024a4f1 Mon Sep 17 00:00:00 2001
From: Fangyi Zhou
Date: Wed, 16 Apr 2025 23:52:39 +0100
Subject: [PATCH] [clang][analyzer] Handle CXXParenInitListExpr alongside
InitL
https://github.com/fangyi-zhou updated
https://github.com/llvm/llvm-project/pull/136041
>From a0b769ee35df18418ed410e30ac6cdde9024a4f1 Mon Sep 17 00:00:00 2001
From: Fangyi Zhou
Date: Wed, 16 Apr 2025 23:52:39 +0100
Subject: [PATCH 1/3] [clang][analyzer] Handle CXXParenInitListExpr alongside
I
https://github.com/fangyi-zhou updated
https://github.com/llvm/llvm-project/pull/136041
>From a0b769ee35df18418ed410e30ac6cdde9024a4f1 Mon Sep 17 00:00:00 2001
From: Fangyi Zhou
Date: Wed, 16 Apr 2025 23:52:39 +0100
Subject: [PATCH 1/4] [clang][analyzer] Handle CXXParenInitListExpr alongside
I
@@ -93,9 +76,8 @@ ProgramStateRef getWidenedLoopState(ProgramStateRef PrevState,
RegionAndSymbolInvalidationTraits::TK_PreserveContents);
}
- return PrevState->invalidateRegions(Regions, getLoopCondition(LoopStmt),
-
@@ -645,6 +645,7 @@ struct StreamOperationEvaluator {
SymbolRef StreamSym = nullptr;
const StreamState *SS = nullptr;
const CallExpr *CE = nullptr;
+ std::optional ElemRef;
fangyi-zhou wrote:
I'm not entirely sure whether I get your point correctly. Thi
https://github.com/fangyi-zhou ready_for_review
https://github.com/llvm/llvm-project/pull/137182
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/fangyi-zhou created
https://github.com/llvm/llvm-project/pull/137182
Per suggestion in
https://github.com/llvm/llvm-project/pull/128251#discussion_r2055916229, adding
a new helper function in `SValBuilder` to conjure a symbol when given a
`CallEvent`.
Tested manually (with
@@ -2463,19 +2473,19 @@ void CStringChecker::evalStrsep(CheckerContext &C,
// character to NUL.
// As the replacement never overflows, do not invalidate its super region.
State = invalidateDestinationBufferNeverOverflows(
-C, State, SearchStrPtr.Expression,
https://github.com/fangyi-zhou updated
https://github.com/llvm/llvm-project/pull/137182
>From 79e5875e75d46edcf15c5df536ac8f1d93e13a16 Mon Sep 17 00:00:00 2001
From: Fangyi Zhou
Date: Thu, 24 Apr 2025 15:12:12 +0100
Subject: [PATCH 1/2] [clang][analyzer][NFC] Add a helper for conjuring symbols
@@ -2556,10 +2556,19 @@ void ExprEngine::processCFGBlockEntrance(const
BlockEdge &L,
const Stmt *Term =
nodeBuilder.getContext().getBlock()->getTerminatorStmt();
if (!isa_and_nonnull(Term))
return;
+
+// FIXME:
fangyi-zhou wrote:
Fair enoug
fangyi-zhou wrote:
Thanks for the review. I might have missed some comments since I was away from
this pull request for quite a while and I probably forgot. I'll have another
revision.
https://github.com/llvm/llvm-project/pull/128251
___
cfe-commits
@@ -114,7 +128,8 @@ class SValExplainer : public FullSValVisitor {
std::string VisitSymbolConjured(const SymbolConjured *S) {
return "symbol of type '" + S->getType().getAsString() +
- "' conjured at statement '" + printStmt(S->getStmt()) + "'";
+ "'
fangyi-zhou wrote:
Could you please merge this pull request first, now that the other one got
reverted?
https://github.com/llvm/llvm-project/pull/137182
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/lis
@@ -853,7 +853,7 @@ void SmartPtrModeling::handleBoolConversion(const CallEvent
&Call,
const LocationContext *LC = C.getLocationContext();
InnerPointerVal = C.getSValBuilder().conjureSymbolVal(
-CallExpr, LC, InnerPointerType, C.blockCount());
+Call, I
@@ -584,11 +584,9 @@ class StdLibraryFunctionsChecker
const Summary &Summary,
CheckerContext &C) const override {
SValBuilder &SVB = C.getSValBuilder();
- NonLoc ErrnoSVal =
- SVB.conjureSymbolVal(&Tag, Cal
https://github.com/fangyi-zhou updated
https://github.com/llvm/llvm-project/pull/137182
>From 79e5875e75d46edcf15c5df536ac8f1d93e13a16 Mon Sep 17 00:00:00 2001
From: Fangyi Zhou
Date: Thu, 24 Apr 2025 15:12:12 +0100
Subject: [PATCH 1/3] [clang][analyzer][NFC] Add a helper for conjuring symbols
fangyi-zhou wrote:
Range diff against previous PR:
https://gist.github.com/fangyi-zhou/7d3a73a9b95f93755af3e823228c7a0d
https://github.com/llvm/llvm-project/pull/137355
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi
fangyi-zhou wrote:
On first look the buildbot failure seems to be unrelated to this change
https://github.com/llvm/llvm-project/pull/137182
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-comm
@@ -2556,10 +2556,19 @@ void ExprEngine::processCFGBlockEntrance(const
BlockEdge &L,
const Stmt *Term =
nodeBuilder.getContext().getBlock()->getTerminatorStmt();
if (!isa_and_nonnull(Term))
return;
+
+// FIXME:
fangyi-zhou wrote:
I suspect
fangyi-zhou wrote:
Looks like there's an Asan issue at the stale CFG element for loop widening
https://lab.llvm.org/buildbot/#/builders/55/builds/10398. Do we need to revert?
https://github.com/llvm/llvm-project/pull/128251
___
cfe-commits mailing lis
https://github.com/fangyi-zhou edited
https://github.com/llvm/llvm-project/pull/137355
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
fangyi-zhou wrote:
@steakhal
https://github.com/llvm/llvm-project/pull/137355
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
fangyi-zhou wrote:
gentle ping
https://github.com/llvm/llvm-project/pull/137355
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
https://github.com/fangyi-zhou updated
https://github.com/llvm/llvm-project/pull/137355
Rate limit ยท GitHub
body {
background-color: #f6f8fa;
color: #24292e;
font-family: -apple-system,BlinkMacSystemFont,Segoe
UI,Helvetica,Arial,sa
56 matches
Mail list logo
