pghs975uc
/
infer_clone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4ac252120b'
${ noResults }
infer_clone/infer/src/pulse/PulseDiagnostic.ml

144 lines
6.1 KiB
Raw Normal View History Unescape

[pulse] split PulseDomain.ml Summary: Split into: - `PulseDiagnostic`, formerly `PulseDomain.Diagnostic` - `PulseOperations`, formerly `PulseDomain.Operations` This breaks down the now quite large and complex PulseDomain.ml into more manageable pieces. More importantly, it will allow us to build a bigger pulse domain later, where elements of the domain are pairs of the base domain that include a biabductive "footprint". What's not as nice is that more of the interface of `PulseDomain` is exposed, in particular `PulseDomain.Memory` and `PulseDomain.Stack`. We'll have to be careful not to break abstraction barriers and prefer `PulseOperations` to `PulseDomain` outside of the domain implementation. OCaml forces us to do that because of the multi-file approach. It could be solved by introducing pulse domains as a library but who has time for that... Sending early because rebasing that diff is painful. Reviewed By: ngorogiannis Differential Revision: D13537602 fbshipit-source-id: d211d6e84
6 years ago
(*
[copyright] Remove years Reviewed By: jvillard Differential Revision: D15771884 fbshipit-source-id: e2997e3a3
6 years ago
* Copyright (c) Facebook, Inc. and its affiliates.
[pulse] split PulseDomain.ml Summary: Split into: - `PulseDiagnostic`, formerly `PulseDomain.Diagnostic` - `PulseOperations`, formerly `PulseDomain.Operations` This breaks down the now quite large and complex PulseDomain.ml into more manageable pieces. More importantly, it will allow us to build a bigger pulse domain later, where elements of the domain are pairs of the base domain that include a biabductive "footprint". What's not as nice is that more of the interface of `PulseDomain` is exposed, in particular `PulseDomain.Memory` and `PulseDomain.Stack`. We'll have to be careful not to break abstraction barriers and prefer `PulseOperations` to `PulseDomain` outside of the domain implementation. OCaml forces us to do that because of the multi-file approach. It could be solved by introducing pulse domains as a library but who has time for that... Sending early because rebasing that diff is painful. Reviewed By: ngorogiannis Differential Revision: D13537602 fbshipit-source-id: d211d6e84
6 years ago
*
* This source code is licensed under the MIT license found in the
* LICENSE file in the root directory of this source tree.
*)
open! IStd
module F = Format
type t =
| AccessToInvalidAddress of
[pulse] explain SIL logical variables in terms of program access paths Summary: Now that HIL doesn't help us anymore we need to reconstruct its mapping "SIL logical var -> program access path". We already have everything we need in pulse: it suffices to walk the current memory graph starting from program variables until we find the value of the temporary we are interested in. This diff also builds some type machinery to make sure all accesses are explained. Reviewed By: mbouaziz Differential Revision: D15824959 fbshipit-source-id: 722c81b39
6 years ago
{ access: HilExp.AccessExpression.t PulseDomain.explained
[pulse] move [PulseTrace] inside [PulseDomain] Summary: Just moving code around. This is needed later to make some types in `PulseTrace` depend on a new that I'll have to define in `PulseDomain`. Also, this gives better names all around I think Reviewed By: mbouaziz Differential Revision: D15881281 fbshipit-source-id: e86c1472e
6 years ago
; invalidated_by: PulseDomain.Invalidation.t PulseDomain.Trace.t
[pulse] explain SIL logical variables in terms of program access paths Summary: Now that HIL doesn't help us anymore we need to reconstruct its mapping "SIL logical var -> program access path". We already have everything we need in pulse: it suffices to walk the current memory graph starting from program variables until we find the value of the temporary we are interested in. This diff also builds some type machinery to make sure all accesses are explained. Reviewed By: mbouaziz Differential Revision: D15824959 fbshipit-source-id: 722c81b39
6 years ago
; accessed_by: HilExp.AccessExpression.t PulseDomain.explained PulseDomain.Trace.t }
[pulse] rename PulseTrace.t -> PulseTrace.breadcrumbs Summary: In preparation for the next diff that re-uses `PulseTrace.t` for a type that combines breadcrumbs + action. No change intended. Reviewed By: mbouaziz, jberdine Differential Revision: D15354437 fbshipit-source-id: cbb8757b4
6 years ago
| StackVariableAddressEscape of
{ variable: Var.t
[pulse] move [PulseTrace] inside [PulseDomain] Summary: Just moving code around. This is needed later to make some types in `PulseTrace` depend on a new that I'll have to define in `PulseDomain`. Also, this gives better names all around I think Reviewed By: mbouaziz Differential Revision: D15881281 fbshipit-source-id: e86c1472e
6 years ago
; history: PulseDomain.ValueHistory.t
[pulse] rename PulseTrace.t -> PulseTrace.breadcrumbs Summary: In preparation for the next diff that re-uses `PulseTrace.t` for a type that combines breadcrumbs + action. No change intended. Reviewed By: mbouaziz, jberdine Differential Revision: D15354437 fbshipit-source-id: cbb8757b4
6 years ago
; location: Location.t }
[pulse] split PulseDomain.ml Summary: Split into: - `PulseDiagnostic`, formerly `PulseDomain.Diagnostic` - `PulseOperations`, formerly `PulseDomain.Operations` This breaks down the now quite large and complex PulseDomain.ml into more manageable pieces. More importantly, it will allow us to build a bigger pulse domain later, where elements of the domain are pairs of the base domain that include a biabductive "footprint". What's not as nice is that more of the interface of `PulseDomain` is exposed, in particular `PulseDomain.Memory` and `PulseDomain.Stack`. We'll have to be careful not to break abstraction barriers and prefer `PulseOperations` to `PulseDomain` outside of the domain implementation. OCaml forces us to do that because of the multi-file approach. It could be solved by introducing pulse domains as a library but who has time for that... Sending early because rebasing that diff is painful. Reviewed By: ngorogiannis Differential Revision: D13537602 fbshipit-source-id: d211d6e84
6 years ago
let get_location = function
[pulse][interproc 3/3] interproc call Summary: biggest_diff Reviewed By: jberdine Differential Revision: D14387150 fbshipit-source-id: 6d6ddeffc
6 years ago
| AccessToInvalidAddress {accessed_by} ->
[pulse] move [PulseTrace] inside [PulseDomain] Summary: Just moving code around. This is needed later to make some types in `PulseTrace` depend on a new that I'll have to define in `PulseDomain`. Also, this gives better names all around I think Reviewed By: mbouaziz Differential Revision: D15881281 fbshipit-source-id: e86c1472e
6 years ago
PulseDomain.InterprocAction.to_outer_location accessed_by.action
[pulse][interproc 3/3] interproc call Summary: biggest_diff Reviewed By: jberdine Differential Revision: D14387150 fbshipit-source-id: 6d6ddeffc
6 years ago
| StackVariableAddressEscape {location} ->
[pulse] split PulseDomain.ml Summary: Split into: - `PulseDiagnostic`, formerly `PulseDomain.Diagnostic` - `PulseOperations`, formerly `PulseDomain.Operations` This breaks down the now quite large and complex PulseDomain.ml into more manageable pieces. More importantly, it will allow us to build a bigger pulse domain later, where elements of the domain are pairs of the base domain that include a biabductive "footprint". What's not as nice is that more of the interface of `PulseDomain` is exposed, in particular `PulseDomain.Memory` and `PulseDomain.Stack`. We'll have to be careful not to break abstraction barriers and prefer `PulseOperations` to `PulseDomain` outside of the domain implementation. OCaml forces us to do that because of the multi-file approach. It could be solved by introducing pulse domains as a library but who has time for that... Sending early because rebasing that diff is painful. Reviewed By: ngorogiannis Differential Revision: D13537602 fbshipit-source-id: d211d6e84
6 years ago
location
let get_message = function
[pulse] improve error messages and traces Summary: Feedback from peterogithub: - mention which access path is being invalidated and accessed in the message - mention the line at which it was invalidated (the line at which it's accessed is already the line at which we report) - traces for stack variable/C++ temporary address escapes - delete double implementation of the same functionality in `PulseTrace`: `location_of_action_start` is the same as `outer_location_of_action`... Reviewed By: jberdine Differential Revision: D14800294 fbshipit-source-id: 3d9ab9b3d
6 years ago
| AccessToInvalidAddress {access; accessed_by; invalidated_by; _} ->
[pulse] better error messages Summary: Improve the error messages, change is more or less documented in the code. Reviewed By: mbouaziz Differential Revision: D15374334 fbshipit-source-id: f1dd54180
6 years ago
(* The goal is to get one of the following messages depending on the scenario:
42: delete x; return x->f
"`x->f` accesses `x`, which was invalidated at line 42 by `delete` on `x`"
42: bar(x); return x->f
"`x->f` accesses `x`, which was invalidated at line 42 by `delete` on `x` in call to `bar`"
42: bar(x); foo(x);
"call to `foo` eventually accesses `x->f` but `x` was invalidated at line 42 by `delete` on `x` in call to `bar`"
If we don't have "x->f" but instead some non-user-visible expression, then
"access to `x`, which was invalidated at line 42 by `delete` on `x`"
Likewise if we don't have "x" in the second part but instead some non-user-visible expression, then
"`x->f` accesses `x`, which was invalidated at line 42 by `delete`"
*)
[pulse] explain SIL logical variables in terms of program access paths Summary: Now that HIL doesn't help us anymore we need to reconstruct its mapping "SIL logical var -> program access path". We already have everything we need in pulse: it suffices to walk the current memory graph starting from program variables until we find the value of the temporary we are interested in. This diff also builds some type machinery to make sure all accesses are explained. Reviewed By: mbouaziz Differential Revision: D15824959 fbshipit-source-id: 722c81b39
6 years ago
let pp_access_trace invalidated f
(trace : HilExp.AccessExpression.t PulseDomain.explained PulseDomain.Trace.t) =
[pulse] move [PulseTrace] inside [PulseDomain] Summary: Just moving code around. This is needed later to make some types in `PulseTrace` depend on a new that I'll have to define in `PulseDomain`. Also, this gives better names all around I think Reviewed By: mbouaziz Differential Revision: D15881281 fbshipit-source-id: e86c1472e
6 years ago
match trace.action with
[pulse] better error messages Summary: Improve the error messages, change is more or less documented in the code. Reviewed By: mbouaziz Differential Revision: D15374334 fbshipit-source-id: f1dd54180
6 years ago
| Immediate {imm= access; _} -> (
[pulse] explain SIL logical variables in terms of program access paths Summary: Now that HIL doesn't help us anymore we need to reconstruct its mapping "SIL logical var -> program access path". We already have everything we need in pulse: it suffices to walk the current memory graph starting from program variables until we find the value of the temporary we are interested in. This diff also builds some type machinery to make sure all accesses are explained. Reviewed By: mbouaziz Differential Revision: D15824959 fbshipit-source-id: 722c81b39
6 years ago
match HilExp.AccessExpression.to_source_string (access :> HilExp.AccessExpression.t) with
| Some access_s
when HilExp.AccessExpression.equal (access :> HilExp.AccessExpression.t) invalidated ->
[pulse] better error messages Summary: Improve the error messages, change is more or less documented in the code. Reviewed By: mbouaziz Differential Revision: D15374334 fbshipit-source-id: f1dd54180
6 years ago
F.fprintf f "`%s` " access_s
| Some access_s -> (
match HilExp.AccessExpression.to_source_string invalidated with
| Some invalidated_s ->
F.fprintf f "`%s` accesses `%s`, which " access_s invalidated_s
| None ->
F.fprintf f "access to `%s`, which " access_s )
| None -> (
match HilExp.AccessExpression.to_source_string invalidated with
| Some invalidated_s ->
F.fprintf f "`%s` " invalidated_s
| None ->
F.fprintf f "accessing memory that " ) )
| ViaCall {action; proc_name; _} -> (
let access_and_invalidated_s =
match
[pulse] move [PulseTrace] inside [PulseDomain] Summary: Just moving code around. This is needed later to make some types in `PulseTrace` depend on a new that I'll have to define in `PulseDomain`. Also, this gives better names all around I think Reviewed By: mbouaziz Differential Revision: D15881281 fbshipit-source-id: e86c1472e
6 years ago
( HilExp.AccessExpression.to_source_string
(PulseDomain.InterprocAction.get_immediate action :> HilExp.AccessExpression.t)
[pulse] better error messages Summary: Improve the error messages, change is more or less documented in the code. Reviewed By: mbouaziz Differential Revision: D15374334 fbshipit-source-id: f1dd54180
6 years ago
, HilExp.AccessExpression.to_source_string invalidated )
with
| Some access_s, Some invalidated_s ->
Some (access_s, invalidated_s)
| Some s, None | None, Some s ->
Some (s, s)
| None, None ->
None
in
match access_and_invalidated_s with
| Some (access_s, invalidated_s) ->
F.fprintf f "call to `%a` eventually accesses `%s` but `%s` " Typ.Procname.describe
proc_name access_s invalidated_s
| None ->
F.fprintf f "call to `%a` eventually accesses `%a`, which " Typ.Procname.describe
proc_name HilExp.AccessExpression.pp invalidated )
in
let pp_invalidation_trace line f trace =
[pulse] move [PulseTrace] inside [PulseDomain] Summary: Just moving code around. This is needed later to make some types in `PulseTrace` depend on a new that I'll have to define in `PulseDomain`. Also, this gives better names all around I think Reviewed By: mbouaziz Differential Revision: D15881281 fbshipit-source-id: e86c1472e
6 years ago
match trace.PulseDomain.Trace.action with
[pulse] better error messages Summary: Improve the error messages, change is more or less documented in the code. Reviewed By: mbouaziz Differential Revision: D15374334 fbshipit-source-id: f1dd54180
6 years ago
| Immediate {imm= invalidation; _} ->
[pulse] move PulseInvalidation inside PulseDomain Summary: Just moving code around. This is needed later to make some types in `PulseInvalidation` depend on a new type that I'll have to define in `PulseDomain`. Reviewed By: mbouaziz Differential Revision: D15824962 fbshipit-source-id: 86cba2bfb
6 years ago
F.fprintf f "%a on line %d" PulseDomain.Invalidation.describe invalidation line
[pulse] better error messages Summary: Improve the error messages, change is more or less documented in the code. Reviewed By: mbouaziz Differential Revision: D15374334 fbshipit-source-id: f1dd54180
6 years ago
| ViaCall {action; proc_name; _} ->
F.fprintf f "%a on line %d indirectly during the call to `%a`"
[pulse] move PulseInvalidation inside PulseDomain Summary: Just moving code around. This is needed later to make some types in `PulseInvalidation` depend on a new type that I'll have to define in `PulseDomain`. Reviewed By: mbouaziz Differential Revision: D15824962 fbshipit-source-id: 86cba2bfb
6 years ago
PulseDomain.Invalidation.describe
[pulse] move [PulseTrace] inside [PulseDomain] Summary: Just moving code around. This is needed later to make some types in `PulseTrace` depend on a new that I'll have to define in `PulseDomain`. Also, this gives better names all around I think Reviewed By: mbouaziz Differential Revision: D15881281 fbshipit-source-id: e86c1472e
6 years ago
(PulseDomain.InterprocAction.get_immediate action)
[pulse] better error messages Summary: Improve the error messages, change is more or less documented in the code. Reviewed By: mbouaziz Differential Revision: D15374334 fbshipit-source-id: f1dd54180
6 years ago
line Typ.Procname.describe proc_name
in
[pulse] traces record how values were constructed Summary: Before: the trace would explain how a value was invalidated and accessed, but not how the value that was invalidated had been constructed. Now: `PulseTrace.t` records breadcrumbs of how the value was constructed in addition to the interproc "action" trace leading to the invalidation or access action. Concretely: ``` void bad(X &x) { X *y = x; X *z = x; delete y; access(z); } ``` will produce the trace: Invalidation part: y = x delete y Access part: z = x access(z) access to z->f inside of access(z) Before this diff the "Access part" would be missing the "z = x" part of the trace, so it might be confusing why `z` has anything to do with `y`. However, such "breadcrumbs" are not recorded in the inter-procedural part, only the sequence of calls is. This is a trade-off for simplicity, maybe it's enough for developers maybe it isn't, we'll find out later. Reviewed By: jberdine Differential Revision: D15354438 fbshipit-source-id: 8d0aed717
6 years ago
let line_of_trace trace =
[pulse] move [PulseTrace] inside [PulseDomain] Summary: Just moving code around. This is needed later to make some types in `PulseTrace` depend on a new that I'll have to define in `PulseDomain`. Also, this gives better names all around I think Reviewed By: mbouaziz Differential Revision: D15881281 fbshipit-source-id: e86c1472e
6 years ago
let {Location.line; _} =
PulseDomain.InterprocAction.to_outer_location trace.PulseDomain.Trace.action
in
[pulse] improve error messages and traces Summary: Feedback from peterogithub: - mention which access path is being invalidated and accessed in the message - mention the line at which it was invalidated (the line at which it's accessed is already the line at which we report) - traces for stack variable/C++ temporary address escapes - delete double implementation of the same functionality in `PulseTrace`: `location_of_action_start` is the same as `outer_location_of_action`... Reviewed By: jberdine Differential Revision: D14800294 fbshipit-source-id: 3d9ab9b3d
6 years ago
line
in
[pulse] traces record how values were constructed Summary: Before: the trace would explain how a value was invalidated and accessed, but not how the value that was invalidated had been constructed. Now: `PulseTrace.t` records breadcrumbs of how the value was constructed in addition to the interproc "action" trace leading to the invalidation or access action. Concretely: ``` void bad(X &x) { X *y = x; X *z = x; delete y; access(z); } ``` will produce the trace: Invalidation part: y = x delete y Access part: z = x access(z) access to z->f inside of access(z) Before this diff the "Access part" would be missing the "z = x" part of the trace, so it might be confusing why `z` has anything to do with `y`. However, such "breadcrumbs" are not recorded in the inter-procedural part, only the sequence of calls is. This is a trade-off for simplicity, maybe it's enough for developers maybe it isn't, we'll find out later. Reviewed By: jberdine Differential Revision: D15354438 fbshipit-source-id: 8d0aed717
6 years ago
let invalidation_line = line_of_trace invalidated_by in
[pulse] explain SIL logical variables in terms of program access paths Summary: Now that HIL doesn't help us anymore we need to reconstruct its mapping "SIL logical var -> program access path". We already have everything we need in pulse: it suffices to walk the current memory graph starting from program variables until we find the value of the temporary we are interested in. This diff also builds some type machinery to make sure all accesses are explained. Reviewed By: mbouaziz Differential Revision: D15824959 fbshipit-source-id: 722c81b39
6 years ago
F.asprintf "%a%a"
(pp_access_trace (access :> HilExp.AccessExpression.t))
accessed_by
[pulse] better error messages Summary: Improve the error messages, change is more or less documented in the code. Reviewed By: mbouaziz Differential Revision: D15374334 fbshipit-source-id: f1dd54180
6 years ago
(pp_invalidation_trace invalidation_line)
invalidated_by
[pulse] improve error messages and traces Summary: Feedback from peterogithub: - mention which access path is being invalidated and accessed in the message - mention the line at which it was invalidated (the line at which it's accessed is already the line at which we report) - traces for stack variable/C++ temporary address escapes - delete double implementation of the same functionality in `PulseTrace`: `location_of_action_start` is the same as `outer_location_of_action`... Reviewed By: jberdine Differential Revision: D14800294 fbshipit-source-id: 3d9ab9b3d
6 years ago
| StackVariableAddressEscape {variable; _} ->
[pulse] split PulseDomain.ml Summary: Split into: - `PulseDiagnostic`, formerly `PulseDomain.Diagnostic` - `PulseOperations`, formerly `PulseDomain.Operations` This breaks down the now quite large and complex PulseDomain.ml into more manageable pieces. More importantly, it will allow us to build a bigger pulse domain later, where elements of the domain are pairs of the base domain that include a biabductive "footprint". What's not as nice is that more of the interface of `PulseDomain` is exposed, in particular `PulseDomain.Memory` and `PulseDomain.Stack`. We'll have to be careful not to break abstraction barriers and prefer `PulseOperations` to `PulseDomain` outside of the domain implementation. OCaml forces us to do that because of the multi-file approach. It could be solved by introducing pulse domains as a library but who has time for that... Sending early because rebasing that diff is painful. Reviewed By: ngorogiannis Differential Revision: D13537602 fbshipit-source-id: d211d6e84
6 years ago
let pp_var f var =
if Var.is_cpp_temporary var then F.pp_print_string f "C++ temporary"
else F.fprintf f "stack variable `%a`" Var.pp var
in
F.asprintf "address of %a is returned by the function" pp_var variable
let get_trace = function
[pulse] traces record how values were constructed Summary: Before: the trace would explain how a value was invalidated and accessed, but not how the value that was invalidated had been constructed. Now: `PulseTrace.t` records breadcrumbs of how the value was constructed in addition to the interproc "action" trace leading to the invalidation or access action. Concretely: ``` void bad(X &x) { X *y = x; X *z = x; delete y; access(z); } ``` will produce the trace: Invalidation part: y = x delete y Access part: z = x access(z) access to z->f inside of access(z) Before this diff the "Access part" would be missing the "z = x" part of the trace, so it might be confusing why `z` has anything to do with `y`. However, such "breadcrumbs" are not recorded in the inter-procedural part, only the sequence of calls is. This is a trade-off for simplicity, maybe it's enough for developers maybe it isn't, we'll find out later. Reviewed By: jberdine Differential Revision: D15354438 fbshipit-source-id: 8d0aed717
6 years ago
| AccessToInvalidAddress {accessed_by; invalidated_by} ->
[pulse] move [PulseTrace] inside [PulseDomain] Summary: Just moving code around. This is needed later to make some types in `PulseTrace` depend on a new that I'll have to define in `PulseDomain`. Also, this gives better names all around I think Reviewed By: mbouaziz Differential Revision: D15881281 fbshipit-source-id: e86c1472e
6 years ago
PulseDomain.Trace.add_to_errlog ~header:"invalidation part of the trace starts here"
[pulse] move PulseInvalidation inside PulseDomain Summary: Just moving code around. This is needed later to make some types in `PulseInvalidation` depend on a new type that I'll have to define in `PulseDomain`. Reviewed By: mbouaziz Differential Revision: D15824962 fbshipit-source-id: 86cba2bfb
6 years ago
(fun f invalidation ->
F.fprintf f "memory %a" PulseDomain.Invalidation.describe invalidation )
[pulse] better error messages Summary: Improve the error messages, change is more or less documented in the code. Reviewed By: mbouaziz Differential Revision: D15374334 fbshipit-source-id: f1dd54180
6 years ago
invalidated_by
[pulse] move [PulseTrace] inside [PulseDomain] Summary: Just moving code around. This is needed later to make some types in `PulseTrace` depend on a new that I'll have to define in `PulseDomain`. Also, this gives better names all around I think Reviewed By: mbouaziz Differential Revision: D15881281 fbshipit-source-id: e86c1472e
6 years ago
@@ PulseDomain.Trace.add_to_errlog ~header:"use-after-lifetime part of the trace starts here"
[pulse] explain SIL logical variables in terms of program access paths Summary: Now that HIL doesn't help us anymore we need to reconstruct its mapping "SIL logical var -> program access path". We already have everything we need in pulse: it suffices to walk the current memory graph starting from program variables until we find the value of the temporary we are interested in. This diff also builds some type machinery to make sure all accesses are explained. Reviewed By: mbouaziz Differential Revision: D15824959 fbshipit-source-id: 722c81b39
6 years ago
(fun f (access : HilExp.AccessExpression.t PulseDomain.explained) ->
[pulse] move [PulseTrace] inside [PulseDomain] Summary: Just moving code around. This is needed later to make some types in `PulseTrace` depend on a new that I'll have to define in `PulseDomain`. Also, this gives better names all around I think Reviewed By: mbouaziz Differential Revision: D15881281 fbshipit-source-id: e86c1472e
6 years ago
F.fprintf f "invalid access to `%a`" HilExp.AccessExpression.pp
(access :> HilExp.AccessExpression.t) )
[pulse] better error messages Summary: Improve the error messages, change is more or less documented in the code. Reviewed By: mbouaziz Differential Revision: D15374334 fbshipit-source-id: f1dd54180
6 years ago
accessed_by
[pulse] improve error messages and traces Summary: The previous message formatting had regressed and produced non-sensical messages. More importantly, remove template parameters from error messages to trigger the heuristic in `InferPrint` that deduplicates errors that are on the same line with the same error type and message. Without this we get hundreds of reports that correspond to as many instantiations of the same code. Reviewed By: ngorogiannis Differential Revision: D14747979 fbshipit-source-id: 3c4aad2b1
6 years ago
@@ []
[pulse] move [PulseTrace] inside [PulseDomain] Summary: Just moving code around. This is needed later to make some types in `PulseTrace` depend on a new that I'll have to define in `PulseDomain`. Also, this gives better names all around I think Reviewed By: mbouaziz Differential Revision: D15881281 fbshipit-source-id: e86c1472e
6 years ago
| StackVariableAddressEscape {history; location; _} ->
PulseDomain.ValueHistory.add_to_errlog ~nesting:0 history
[pulse] improve error messages and traces Summary: Feedback from peterogithub: - mention which access path is being invalidated and accessed in the message - mention the line at which it was invalidated (the line at which it's accessed is already the line at which we report) - traces for stack variable/C++ temporary address escapes - delete double implementation of the same functionality in `PulseTrace`: `location_of_action_start` is the same as `outer_location_of_action`... Reviewed By: jberdine Differential Revision: D14800294 fbshipit-source-id: 3d9ab9b3d
6 years ago
@@
let nesting = 0 in
[Errlog.make_trace_element nesting location "returned here" []]
[pulse] split PulseDomain.ml Summary: Split into: - `PulseDiagnostic`, formerly `PulseDomain.Diagnostic` - `PulseOperations`, formerly `PulseDomain.Operations` This breaks down the now quite large and complex PulseDomain.ml into more manageable pieces. More importantly, it will allow us to build a bigger pulse domain later, where elements of the domain are pairs of the base domain that include a biabductive "footprint". What's not as nice is that more of the interface of `PulseDomain` is exposed, in particular `PulseDomain.Memory` and `PulseDomain.Stack`. We'll have to be careful not to break abstraction barriers and prefer `PulseOperations` to `PulseDomain` outside of the domain implementation. OCaml forces us to do that because of the multi-file approach. It could be solved by introducing pulse domains as a library but who has time for that... Sending early because rebasing that diff is painful. Reviewed By: ngorogiannis Differential Revision: D13537602 fbshipit-source-id: d211d6e84
6 years ago
let get_issue_type = function
| AccessToInvalidAddress {invalidated_by} ->
[pulse] move [PulseTrace] inside [PulseDomain] Summary: Just moving code around. This is needed later to make some types in `PulseTrace` depend on a new that I'll have to define in `PulseDomain`. Also, this gives better names all around I think Reviewed By: mbouaziz Differential Revision: D15881281 fbshipit-source-id: e86c1472e
6 years ago
PulseDomain.InterprocAction.get_immediate invalidated_by.action
[pulse] move PulseInvalidation inside PulseDomain Summary: Just moving code around. This is needed later to make some types in `PulseInvalidation` depend on a new type that I'll have to define in `PulseDomain`. Reviewed By: mbouaziz Differential Revision: D15824962 fbshipit-source-id: 86cba2bfb
6 years ago
|> PulseDomain.Invalidation.issue_type_of_cause
[pulse] split PulseDomain.ml Summary: Split into: - `PulseDiagnostic`, formerly `PulseDomain.Diagnostic` - `PulseOperations`, formerly `PulseDomain.Operations` This breaks down the now quite large and complex PulseDomain.ml into more manageable pieces. More importantly, it will allow us to build a bigger pulse domain later, where elements of the domain are pairs of the base domain that include a biabductive "footprint". What's not as nice is that more of the interface of `PulseDomain` is exposed, in particular `PulseDomain.Memory` and `PulseDomain.Stack`. We'll have to be careful not to break abstraction barriers and prefer `PulseOperations` to `PulseDomain` outside of the domain implementation. OCaml forces us to do that because of the multi-file approach. It could be solved by introducing pulse domains as a library but who has time for that... Sending early because rebasing that diff is painful. Reviewed By: ngorogiannis Differential Revision: D13537602 fbshipit-source-id: d211d6e84
6 years ago
| StackVariableAddressEscape _ ->
IssueType.stack_variable_address_escape