[clang] [analyzer] Switch to PostStmt callbacks in ArrayBoundV2 (PR #72107)
via cfe-commits
cfe-commits at lists.llvm.org
Thu Nov 16 07:22:57 PST 2023
DonatNagyE wrote:
I evaluated a mostly [1] clean analysis run and it reveals that this change has almost no effects when CSA analyses stable open source code (this is the expected behavior, stable code doesn't contain out of bounds memory access). The only differences are apparently caused by the inherent instability of the exploded graph traversal:
| Project | New Reports | Lost Reports | Evaluation |
|---------|-------------|--------------|----------|
| memcached | [new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=memcached_1.6.8_baseline_72107&newcheck=memcached_1.6.8_new_72107&is-unique=on&diff-mode=New) | [lost reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=memcached_1.6.8_baseline_72107&newcheck=memcached_1.6.8_new_72107&is-unique=on&diff-mode=Resolved) | no change |
| tmux | [new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=tmux_2.6_baseline_72107&newcheck=tmux_2.6_new_72107&is-unique=on&diff-mode=New) | [lost reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=tmux_2.6_baseline_72107&newcheck=tmux_2.6_new_72107&is-unique=on&diff-mode=Resolved) | no change |
| curl | [new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=curl_curl-7_66_0_baseline_72107&newcheck=curl_curl-7_66_0_new_72107&is-unique=on&diff-mode=New) | [lost reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=curl_curl-7_66_0_baseline_72107&newcheck=curl_curl-7_66_0_new_72107&is-unique=on&diff-mode=Resolved) | no change |
| twin | [new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=twin_v0.8.1_baseline_72107&newcheck=twin_v0.8.1_new_72107&is-unique=on&diff-mode=New) | [lost reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=twin_v0.8.1_baseline_72107&newcheck=twin_v0.8.1_new_72107&is-unique=on&diff-mode=Resolved) | no change |
| vim | [new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=vim_v8.2.1920_baseline_72107&newcheck=vim_v8.2.1920_new_72107&is-unique=on&diff-mode=New) | [lost reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=vim_v8.2.1920_baseline_72107&newcheck=vim_v8.2.1920_new_72107&is-unique=on&diff-mode=Resolved) | no change |
| openssl | [new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=openssl_openssl-3.0.0-alpha7_baseline_72107&newcheck=openssl_openssl-3.0.0-alpha7_new_72107&is-unique=on&diff-mode=New) | [lost reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=openssl_openssl-3.0.0-alpha7_baseline_72107&newcheck=openssl_openssl-3.0.0-alpha7_new_72107&is-unique=on&diff-mode=Resolved) | no change |
| sqlite | [new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=sqlite_version-3.33.0_baseline_72107&newcheck=sqlite_version-3.33.0_new_72107&is-unique=on&diff-mode=New) | [lost reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=sqlite_version-3.33.0_baseline_72107&newcheck=sqlite_version-3.33.0_new_72107&is-unique=on&diff-mode=Resolved) | no change |
| ffmpeg | [new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=ffmpeg_n4.3.1_baseline_72107&newcheck=ffmpeg_n4.3.1_new_72107&is-unique=on&diff-mode=New) | [lost reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=ffmpeg_n4.3.1_baseline_72107&newcheck=ffmpeg_n4.3.1_new_72107&is-unique=on&diff-mode=Resolved) | one [alpha.core.Conversion report](https://codechecker-demo.eastus.cloudapp.azure.com/Default/report-detail?run=ffmpeg_n4.3.1_baseline_72107&newcheck=ffmpeg_n4.3.1_new_72107&is-unique=on&diff-type=Resolved&report-id=3397759&report-hash=cc903dc919499b9bee4f52a9fcc8d4e5&report-filepath=%2asnow_dwt.c) lost for unclear reasons |
| postgres | [new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=postgres_REL_13_0_baseline_72107&newcheck=postgres_REL_13_0_new_72107&is-unique=on&diff-mode=New) | [lost reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=postgres_REL_13_0_baseline_72107&newcheck=postgres_REL_13_0_new_72107&is-unique=on&diff-mode=Resolved) | no change |
| tinyxml2 | [new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=tinyxml2_8.0.0_baseline_72107&newcheck=tinyxml2_8.0.0_new_72107&is-unique=on&diff-mode=New) | [lost reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=tinyxml2_8.0.0_baseline_72107&newcheck=tinyxml2_8.0.0_new_72107&is-unique=on&diff-mode=Resolved) | no change |
| libwebm | [new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=libwebm_libwebm-1.0.0.27_baseline_72107&newcheck=libwebm_libwebm-1.0.0.27_new_72107&is-unique=on&diff-mode=New) | [lost reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=libwebm_libwebm-1.0.0.27_baseline_72107&newcheck=libwebm_libwebm-1.0.0.27_new_72107&is-unique=on&diff-mode=Resolved) | no change |
| xerces | [new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=xerces_v3.2.3_baseline_72107&newcheck=xerces_v3.2.3_new_72107&is-unique=on&diff-mode=New) | [lost reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=xerces_v3.2.3_baseline_72107&newcheck=xerces_v3.2.3_new_72107&is-unique=on&diff-mode=Resolved) | no change |
| bitcoin | [new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=bitcoin_v0.20.1_baseline_72107&newcheck=bitcoin_v0.20.1_new_72107&is-unique=on&diff-mode=New) | [lost reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=bitcoin_v0.20.1_baseline_72107&newcheck=bitcoin_v0.20.1_new_72107&is-unique=on&diff-mode=Resolved) | no change |
| protobuf | [new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=protobuf_v3.13.0_baseline_72107&newcheck=protobuf_v3.13.0_new_72107&is-unique=on&diff-mode=New) | [lost reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=protobuf_v3.13.0_baseline_72107&newcheck=protobuf_v3.13.0_new_72107&is-unique=on&diff-mode=Resolved) | no change |
| qtbase | [new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=qtbase_v6.2.0_baseline_72107&newcheck=qtbase_v6.2.0_new_72107&is-unique=on&diff-mode=New) | [lost reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=qtbase_v6.2.0_baseline_72107&newcheck=qtbase_v6.2.0_new_72107&is-unique=on&diff-mode=Resolved) | two convoluted core.DivideZero reports are replaced by one that's very similar to them |
[1] During the analysis of contour both the baseline (main snapshot created a few days ago) and the new revision crashed with the message `fatal error: error in backend: Z3 error: out of memory` (at slightly different steps of the analysis). As this crash seems to be non-deterministic, environment-dependent and not affected by the commit under review, I think that we can safely ignore it. As this interrupted the CI job, I have no results for contour, acid and openrct2, but I think the rest of the projects are already sufficient to evaluate this patch.
https://github.com/llvm/llvm-project/pull/72107
More information about the cfe-commits
mailing list