Skip to content

Comments

C++: SSA and range analysis for reference parameters#4162

Merged
MathiasVP merged 6 commits intogithub:mainfrom
jbj:ssa-ref-parameters
Sep 1, 2020
Merged

C++: SSA and range analysis for reference parameters#4162
MathiasVP merged 6 commits intogithub:mainfrom
jbj:ssa-ref-parameters

Conversation

@jbj
Copy link
Contributor

@jbj jbj commented Aug 28, 2020

This PR changes the AST-based SSA and RangeSSA libraries to make the same assumption about reference-typed parameters that the IR does: that they don't alias any value that'll be mutated from within the function body.

A further commit, authored by @lcartey, adds support for reference-typed parameters in SimpleRangeAnalysis.

jbj and others added 5 commits August 28, 2020 14:33
@jbj
C++: Treat reference parameters as non-references
a3a3423
@jbj
C++: Test that range analysis ignores references
027f22d
@lcartey @jbj
C++: Support dereferenced variables in simple range analysis
a4cb774 
 - Support inference of guards on reference variables
 - Support type bounds for reference variables
 - Support reference variables when widening
 - Support reference variables when determining arithmetic assignment
@jbj
C++: Accept range-analysis test results
a25cc2d
@jbj
C++: Autoformat
2c613a7
@jbj jbj added the C++ label Aug 28, 2020
@jbj jbj requested a review from a team as a code owner August 28, 2020 13:03
@jbj
Copy link
Contributor Author

jbj commented Aug 28, 2020

Started https://jenkins.internal.semmle.com/job/Changes/job/CPP-Differences/1373/. I expect to see a lot of differences on real-world code.

MathiasVP
MathiasVP reviewed Aug 28, 2020
View reviewed changes
Copy link
Contributor

@MathiasVP MathiasVP left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this LGTM, but I'll wait with the formal approval until we've validated the CPP-difference.

@jbj
Copy link
Contributor Author

jbj commented Aug 31, 2020

The CPP-Differences LGTM. The only changes are three new results from cpp/comparison-with-wider-type similar to this one. The index variable on the LHS is of type PropertyIndex&, which is a typedef for unsigned short &.

I had expected to see changes in all the queries that use SSA, and I can't really explain why the impact is so small.

@jbj
Copy link
Contributor Author

jbj commented Aug 31, 2020

I'd be tempted to say that the use of a reference-parameter SsaDefinition is actually the ReferenceDereferenceExpr conversion. With this PR, the SsaDefinition.getAUse predicate still has a VariableAccess result since I think it would be too disruptive to relax that to Expr. Almost all our queries and libraries assume that variable uses are of type VariableAccess. Unfortunately, getType() on these variable accesses gives T& instead of T, and I don't know if all queries deal with that properly. The cpp/comparison-with-wider-type query already had support for reference types.

On balance, I think this change is the least disruptive thing we can do that fixes the range analysis. Queries that want more information about indirections will have to use IR.

MathiasVP
MathiasVP approved these changes Sep 1, 2020
View reviewed changes
Copy link
Contributor

@MathiasVP MathiasVP left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@MathiasVP MathiasVP merged commit aa3b268 into github:main Sep 1, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MathiasVP MathiasVP MathiasVP approved these changes

Assignees

No one assigned

Labels

C++

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jbj @MathiasVP @lcartey