[PATCH][StaticAnalyzer] new check comparing equal expression

Jordan Rose jordan_rose at apple.com
Tue Nov 5 09:26:22 PST 2013 

I got a chance to look at the results of analyzing LLVM/Clang with this checker, and also found zero reports—true or false positives. On the one hand, these mistakes probably don't last long in an open-source project. On the other, is it worth having a checker that catches problems that don't show up in the real world? Anna?

(The answer is probably "yes", but I thought I might as well bring it up. Perhaps it's disabled in our "shallow" analysis mode.)
Jordan


On Oct 31, 2013, at 3:20 , Per Viberg <Per.Viberg at evidente.se> wrote:

> 
> Hi Jordan, 
> 
> here is the new patch changed according to your comments below. I have renamed the check from EqualCompareChecker to IdenticalExpChecker to accommodate for upcoming tests in this category. I also ran the analysis on an open source project called cppchecker to check performance.
> 
> Without IdenticalExpChecker: 5197  seconds
> With IdenticalExpChecker: 5239 seconds.
> Result: approximately 40 seconds longer, which amounts to < 1% increase in analyse time.
> 
> Depending on the coding style of the source code analysed, this could differ dramatically. If someone uses a lot of sub-expressions within sub-expression the analysis time increases, but then this check becomes more important to do since the error will be more difficult to detect by manual review.
> 
> The checker didn't find any "real" errors in the cppChecker project, and not any false positives.
> 
> best regards,
> Per
> .......................................................................................................................
> Per Viberg Senior Engineer
> Evidente ES East AB  Warfvinges väg 34  SE-112 51 Stockholm  Sweden
> Phone:    +46 (0)8 402 79 00
> Mobile:    +46 (0)70 912 42 52
> E-mail:     Per.Viberg at evidente.se 
> 
> www.evidente.se
> This e-mail, which might contain confidential information, is addressed to the above stated person/company. If you are not the correct addressee, employee or in any other way the person concerned, please notify the sender immediately. At the same time, please delete this e-mail and destroy any prints. Thank You.
> Från: Jordan Rose [jordan_rose at apple.com]
> Skickat: den 11 oktober 2013 02:43
> Till: Per Viberg
> Cc: cfe-commits at cs.uiuc.edu
> Ämne: Re: [PATCH][StaticAnalyzer] new check comparing equal expression
> 
> Hi, Per. Looking good; more comments for you. The performance thing is also something I'd like to get resolved soon: how long does this checker alone take over a large body of code, compared to the existing path-sensitive analysis? (It looks like it's linear on average, quadratic at worst, so I'd expect it to be much cheaper, but still.)
> 
> 
> +static bool isSameExpr(const ASTContext &Ctx, Expr *Expr1, Expr *Expr2);
> 
> const Expr *, please?
> 
> 
> +  // only visit nodes that are binary expressions
> 
> LLVM convention says that all comments should be complete sentences, including capitalization and a final period.
> 
> 
> +  bool isSameExpression;
> 
> No reason to declare this way ahead of time. Please move this down to where it's actually used—or eliminate it altogether, and just put the call in the if-condition.
> 
> 
> +  DeclRefExpr *declref1 = dyn_cast<DeclRefExpr>(LHS);
> +  DeclRefExpr *declref2 = dyn_cast<DeclRefExpr>(RHS);
> 
> LLVM convention says that all variable names are UpperCamelCased. There are some of these in isSameExpr as well.
> 
> 
> +    // If any side of comparison still has floatingpointrepresentation,
> +    // then it's an expression-> don't warn.
> +    // (here only LHS is checked since RHS will be implicit casted to float)
> 
> Please turn these into complete sentences (and split up "floating-point representation").
> 
> 
> +  } else { // No special case with floating point representation, report as
> +           // usual
> +  }
> 
> I get that it's important to call out this case, but please put the comment on its own line within the body of the if.
> 
> 
> +// t*(u + t) and t*u + t*t are not considered equal.
> 
> I wouldn't even worry about this. This is a pretty unlikely typo or copy-paste error. Also, no reason not to make this whole block a proper Doxygen comment. Even if it's not a public function, IDEs can still make use of the comment if it's marked up as Doxygen (and with ///).
> 
> 
> Has this checker found any real errors in code you have access to? Has it found any false positives?
> 
> Thanks for working on this!
> Jordan
> 
> 
> On Oct 10, 2013, at 8:42 , Per Viberg <Per.Viberg at evidente.se> wrote:
> 
> > 
> > Hello,
> > 
> > changed patch according to review comments.
> > 
> > Please review revised patch. 
> > 
> > The patch adds a check that warns for comparison of equal expressions.
> > example:
> > x + 1 == x +1;
> > 
> > best regards,
> > Per
> > 
> > .......................................................................................................................
> > Per Viberg Senior Engineer
> > Evidente ES East AB  Warfvinges väg 34  SE-112 51 Stockholm  Sweden
> > Phone:    +46 (0)8 402 79 00
> > Mobile:    +46 (0)70 912 42 52
> > E-mail:     Per.Viberg at evidente.se
> > 
> > www.evidente.se
> > This e-mail, which might contain confidential information, is addressed to the above stated person/company. If you are not the correct addressee, employee or in any other way the person concerned, please notify the sender immediately. At the same time, please delete this e-mail and destroy any prints. Thank You.
> > _______________________________________________
> > cfe-commits mailing list
> > cfe-commits at cs.uiuc.edu
> > http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
> 
> _______________________________________________
> cfe-commits mailing list
> cfe-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20131105/447c2218/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: IdenticalExpr_rev3.diff
Type: text/x-patch
Size: 34391 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20131105/447c2218/attachment.bin>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20131105/447c2218/attachment-0001.html>

More information about the cfe-commits mailing list