[clang] [analyzer] Suppress out of bounds reports after weak loop assumptions (PR #109804)
DonĂ¡t Nagy via cfe-commits
cfe-commits at lists.llvm.org
Tue Sep 24 07:52:15 PDT 2024
NagyDonat wrote:
Instead of the loop widening plans that I discussed earlier (e.g. on discourse) I ended up implementing this suppression heuristic, which is currently in a "minimal stable product" state: it is working and ready to be merged IMO, but I'm also open to suggestions about technical improvements and generalizations.
This change significantly reduces the amount of ArrayBoundV2 false positives, for example on FFMPEG (the project where I've seen the most results) **the number of ArrayBoundV2 results is reduced from 316 to 80**.
I hope that after this change ArrayBoundV2 can be brought out of the alpha state, because the new result count is comparable to stable checkers: e.g. on ffmpeg where ArrayBoundV2 produces 80 results, there are 166 core.NullDereference results, 135 core.UndefinedBinaryOperatorResult results and 120 core.uninitialized.Assign results.
My first impression is that the remaining ArrayBoundV2 results are still mostly false positives (which is not surprising because these are stable open source projects), but I didn't find any "typical issue" among the first 20 results (on ffmpeg) that I investigated.
The following diff shows the effect of enabling ArrayBoundV2 (in addition to the core, cplusplus, nullability, unix and valist checkers, which are enabled on both sides of the diff).
| Project | New Reports | Resolved Reports |
|---------|-------------|------------------|
| memcached | [2 new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=memcached_1.6.8_ericsson-weak-loop-assumptions_8890e0a&newcheck=memcached_1.6.8_ericsson-weak-loop-assumptions_742b07a&diff-type=New) | [0 resolved reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=memcached_1.6.8_ericsson-weak-loop-assumptions_8890e0a&newcheck=memcached_1.6.8_ericsson-weak-loop-assumptions_742b07a&diff-type=Resolved)
| tmux | [1 new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=tmux_2.6_ericsson-weak-loop-assumptions_8890e0a&newcheck=tmux_2.6_ericsson-weak-loop-assumptions_742b07a&diff-type=New) | [0 resolved reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=tmux_2.6_ericsson-weak-loop-assumptions_8890e0a&newcheck=tmux_2.6_ericsson-weak-loop-assumptions_742b07a&diff-type=Resolved)
| curl | [4 new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=curl_curl-7_66_0_ericsson-weak-loop-assumptions_8890e0a&newcheck=curl_curl-7_66_0_ericsson-weak-loop-assumptions_742b07a&diff-type=New) | [1 resolved reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=curl_curl-7_66_0_ericsson-weak-loop-assumptions_8890e0a&newcheck=curl_curl-7_66_0_ericsson-weak-loop-assumptions_742b07a&diff-type=Resolved)
| twin | [12 new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=twin_v0.8.1_ericsson-weak-loop-assumptions_8890e0a&newcheck=twin_v0.8.1_ericsson-weak-loop-assumptions_742b07a&diff-type=New) | [1 resolved reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=twin_v0.8.1_ericsson-weak-loop-assumptions_8890e0a&newcheck=twin_v0.8.1_ericsson-weak-loop-assumptions_742b07a&diff-type=Resolved)
| vim | [38 new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=vim_v8.2.1920_ericsson-weak-loop-assumptions_8890e0a&newcheck=vim_v8.2.1920_ericsson-weak-loop-assumptions_742b07a&diff-type=New) | [1 resolved reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=vim_v8.2.1920_ericsson-weak-loop-assumptions_8890e0a&newcheck=vim_v8.2.1920_ericsson-weak-loop-assumptions_742b07a&diff-type=Resolved)
| openssl | [18 new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=openssl_openssl-3.0.0-alpha7_ericsson-weak-loop-assumptions_8890e0a&newcheck=openssl_openssl-3.0.0-alpha7_ericsson-weak-loop-assumptions_742b07a&diff-type=New) | [0 resolved reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=openssl_openssl-3.0.0-alpha7_ericsson-weak-loop-assumptions_8890e0a&newcheck=openssl_openssl-3.0.0-alpha7_ericsson-weak-loop-assumptions_742b07a&diff-type=Resolved)
| sqlite | [5 new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=sqlite_version-3.33.0_ericsson-weak-loop-assumptions_8890e0a&newcheck=sqlite_version-3.33.0_ericsson-weak-loop-assumptions_742b07a&diff-type=New) | [1 resolved reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=sqlite_version-3.33.0_ericsson-weak-loop-assumptions_8890e0a&newcheck=sqlite_version-3.33.0_ericsson-weak-loop-assumptions_742b07a&diff-type=Resolved)
| ffmpeg | [80 new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=ffmpeg_n4.3.1_ericsson-weak-loop-assumptions_8890e0a&newcheck=ffmpeg_n4.3.1_ericsson-weak-loop-assumptions_742b07a&diff-type=New) | [16 resolved reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=ffmpeg_n4.3.1_ericsson-weak-loop-assumptions_8890e0a&newcheck=ffmpeg_n4.3.1_ericsson-weak-loop-assumptions_742b07a&diff-type=Resolved)
| postgres | [49 new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=postgres_REL_13_0_ericsson-weak-loop-assumptions_8890e0a&newcheck=postgres_REL_13_0_ericsson-weak-loop-assumptions_742b07a&diff-type=New) | [6 resolved reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=postgres_REL_13_0_ericsson-weak-loop-assumptions_8890e0a&newcheck=postgres_REL_13_0_ericsson-weak-loop-assumptions_742b07a&diff-type=Resolved)
| tinyxml2 | [1 new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=tinyxml2_8.0.0_ericsson-weak-loop-assumptions_8890e0a&newcheck=tinyxml2_8.0.0_ericsson-weak-loop-assumptions_742b07a&diff-type=New) | [0 resolved reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=tinyxml2_8.0.0_ericsson-weak-loop-assumptions_8890e0a&newcheck=tinyxml2_8.0.0_ericsson-weak-loop-assumptions_742b07a&diff-type=Resolved)
| libwebm | [15 new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=libwebm_libwebm-1.0.0.27_ericsson-weak-loop-assumptions_8890e0a&newcheck=libwebm_libwebm-1.0.0.27_ericsson-weak-loop-assumptions_742b07a&diff-type=New) | [1 resolved reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=libwebm_libwebm-1.0.0.27_ericsson-weak-loop-assumptions_8890e0a&newcheck=libwebm_libwebm-1.0.0.27_ericsson-weak-loop-assumptions_742b07a&diff-type=Resolved)
| xerces | [2 new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=xerces_v3.2.3_ericsson-weak-loop-assumptions_8890e0a&newcheck=xerces_v3.2.3_ericsson-weak-loop-assumptions_742b07a&diff-type=New) | [1 resolved reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=xerces_v3.2.3_ericsson-weak-loop-assumptions_8890e0a&newcheck=xerces_v3.2.3_ericsson-weak-loop-assumptions_742b07a&diff-type=Resolved)
| bitcoin | [7 new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=bitcoin_v0.20.1_ericsson-weak-loop-assumptions_8890e0a&newcheck=bitcoin_v0.20.1_ericsson-weak-loop-assumptions_742b07a&diff-type=New) | [0 resolved reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=bitcoin_v0.20.1_ericsson-weak-loop-assumptions_8890e0a&newcheck=bitcoin_v0.20.1_ericsson-weak-loop-assumptions_742b07a&diff-type=Resolved)
| protobuf | [8 new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=protobuf_v3.13.0_ericsson-weak-loop-assumptions_8890e0a&newcheck=protobuf_v3.13.0_ericsson-weak-loop-assumptions_742b07a&diff-type=New) | [2 resolved reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=protobuf_v3.13.0_ericsson-weak-loop-assumptions_8890e0a&newcheck=protobuf_v3.13.0_ericsson-weak-loop-assumptions_742b07a&diff-type=Resolved)
| qtbase | [63 new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=qtbase_v6.2.0_ericsson-weak-loop-assumptions_8890e0a&newcheck=qtbase_v6.2.0_ericsson-weak-loop-assumptions_742b07a&diff-type=New) | [0 resolved reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=qtbase_v6.2.0_ericsson-weak-loop-assumptions_8890e0a&newcheck=qtbase_v6.2.0_ericsson-weak-loop-assumptions_742b07a&diff-type=Resolved)
| contour | [1 new reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=contour_v0.2.0.173_ericsson-weak-loop-assumptions_8890e0a&newcheck=contour_v0.2.0.173_ericsson-weak-loop-assumptions_742b07a&diff-type=New) | [0 resolved reports](https://codechecker-demo.eastus.cloudapp.azure.com/Default/reports?run=contour_v0.2.0.173_ericsson-weak-loop-assumptions_8890e0a&newcheck=contour_v0.2.0.173_ericsson-weak-loop-assumptions_742b07a&diff-type=Resolved)
Note that **an almost-final version of this patch is enabled on both sides of this diff**, the difference is that ArrayBoundV2 is only enabled on the "new" side. I'm currently running another evaluation which compares ArrayBoundV2 without and with this patch; I'll also upload those results when they're ready.
https://github.com/llvm/llvm-project/pull/109804
More information about the cfe-commits
mailing list