pghs975uc
/
infer_clone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Modified the hardcoded CTL formulas in preparation to dispatcher removal

Browse Source 
Reviewed By: dulmarod

Differential Revision: D4130612

fbshipit-source-id: d482966
master
Dino Distefano 9 years ago committed by Facebook Github Bot
parent 0085417e0d
commit 6ffaded4be
9 changed files with 136 additions and 89 deletions
Show Stats Download Patch File Download Diff File

2
infer/src/clang/CLintersContext.ml
Unescape View File

@ -18,6 +18,7 @@ type context = {
current_objc_impl : Clang_ast_t.decl option; current_objc_impl : Clang_ast_t.decl option;
(** True if inside an objc static factory method (a class-level initializer, like +new) *) (** True if inside an objc static factory method (a class-level initializer, like +new) *)
in_objc_static_factory_method : bool; in_objc_static_factory_method : bool;
et_evaluation_node : string option;
} }
let empty translation_unit_context = { let empty translation_unit_context = {
@ -27,4 +28,5 @@ let empty translation_unit_context = {
is_ck_translation_unit = false; is_ck_translation_unit = false;
current_objc_impl = None; current_objc_impl = None;
in_objc_static_factory_method = false; in_objc_static_factory_method = false;
et_evaluation_node = None;
} }

49
infer/src/clang/cFrontend_checkers.ml
Unescape View File

@ -59,13 +59,12 @@ let ivar_name stmt =
|| is_CXXOperatorCallExpr || is_ObjCMessageExpr *) || is_CXXOperatorCallExpr || is_ObjCMessageExpr *)
let ctl_makes_an_expensive_call () = let ctl_makes_an_expensive_call () =
let open CTL in let open CTL in
let white_list_functions = ["CGPointMake"] in Or (Or (Or (Or (And (Atomic ("is_stmt", ["CallExpr"]),
Or (Or (Or (Or (And (Atomic ("is_statement_kind", ["CallExpr"]), Not (Atomic("call_function_named", ["CGPointMake"]))),
Not(Atomic("call_function_named", white_list_functions))), Atomic ("is_stmt", ["CXXTemporaryObjectExpr"])),
Atomic ("is_statement_kind", ["CXXTemporaryObjectExpr"])), Atomic ("is_stmt", ["CXXMemberCallExpr"])),
Atomic ("is_statement_kind", ["CXXMemberCallExpr"])), Atomic ("is_stmt", ["CXXOperatorCallExpr"])),
Atomic ("is_statement_kind", ["CXXOperatorCallExpr"])), Atomic ("is_stmt", ["ObjCMessageExpr"]))
Atomic ("is_statement_kind", ["ObjCMessageExpr"]))
(* (*
@ -128,7 +127,8 @@ let ctl_bad_pointer_comparison_warning lctx stmt =
*) *)
let p = Or (is_expr_with_cleanups, Or (is_implicit_cast_expr, Or (is_binop, is_unop_lnot))) in let p = Or (is_expr_with_cleanups, Or (is_implicit_cast_expr, Or (is_binop, is_unop_lnot))) in
let p' = And (Not is_binop_neq, p) in let p' = And (Not is_binop_neq, p) in
let condition = EU (None, p', is_nsnumber) in let condition = ETX (["IfStmt"; "ForStmt"; "WhileStmt"; "ConditionalOperator"], Some Cond,
EU (None, p', is_nsnumber)) in
let issue_desc = let issue_desc =
{ CIssue. { CIssue.
issue = CIssue.Bad_pointer_comparison; issue = CIssue.Bad_pointer_comparison;
@ -150,9 +150,9 @@ let ctl_strong_delegate lctx dec =
Not(Atomic ("property_name_contains_word", ["queue"])) in Not(Atomic ("property_name_contains_word", ["queue"])) in
let is_strong_property = let is_strong_property =
Atomic("is_strong_property", []) in Atomic("is_strong_property", []) in
let condition = And (name_contains_delegate, let condition = ET (["ObjCPropertyDecl"], None, And (name_contains_delegate,
And (name_does_not_contains_queue, And (name_does_not_contains_queue,
is_strong_property)) in is_strong_property))) in
let issue_desc = { let issue_desc = {
CIssue.issue = CIssue.Strong_delegate_warning; CIssue.issue = CIssue.Strong_delegate_warning;
CIssue.description = Printf.sprintf CIssue.description = Printf.sprintf
@ -172,7 +172,8 @@ let ctl_global_var_init_with_calls_warning lctx decl =
Not (Atomic ("is_const_var", []))) in Not (Atomic ("is_const_var", []))) in
let ctl_is_initialized_with_expensive_call = let ctl_is_initialized_with_expensive_call =
ET(["VarDecl"], Some InitExpr, EF (None, (ctl_makes_an_expensive_call ()))) in ET(["VarDecl"], Some InitExpr, EF (None, (ctl_makes_an_expensive_call ()))) in
let condition = And (ctl_is_global_var, ctl_is_initialized_with_expensive_call) in let condition =
ET (["VarDecl"], None, And (ctl_is_global_var, ctl_is_initialized_with_expensive_call)) in
let issue_desc = { let issue_desc = {
CIssue.issue = CIssue.Global_variable_initialized_with_function_or_method_call; CIssue.issue = CIssue.Global_variable_initialized_with_function_or_method_call;
CIssue.description = Printf.sprintf CIssue.description = Printf.sprintf
@ -187,8 +188,9 @@ let ctl_global_var_init_with_calls_warning lctx decl =
(* is_assign_property AND is_property_pointer_type *) (* is_assign_property AND is_property_pointer_type *)
let ctl_assign_pointer_warning lctx decl = let ctl_assign_pointer_warning lctx decl =
let open CTL in let open CTL in
let condition = let condition = ET(["ObjCPropertyDecl"], None,
And (Atomic("is_assign_property", []), Atomic("is_property_pointer_type", [])) in And (Atomic ("is_assign_property", []),
Atomic ("is_property_pointer_type", []))) in
let issue_desc = let issue_desc =
{ CIssue.issue = CIssue.Assign_pointer_warning; { CIssue.issue = CIssue.Assign_pointer_warning;
CIssue.description = CIssue.description =
@ -206,12 +208,12 @@ let ctl_assign_pointer_warning lctx decl =
*) *)
let ctl_direct_atomic_property_access_warning lctx stmt = let ctl_direct_atomic_property_access_warning lctx stmt =
let open CTL in let open CTL in
let condition = let condition = ET (["ObjCIvarRefExpr"], None,
And (And (And (And (Not (Atomic ("context_in_synchronized_block", [])), And (And (And (And (Not (Atomic ("context_in_synchronized_block", [])),
Atomic("is_ivar_atomic", [])), Atomic("is_ivar_atomic", [])),
Not (Atomic ("is_method_property_accessor_of_ivar", []))), Not (Atomic ("is_method_property_accessor_of_ivar", []))),
Not (Atomic ("is_objc_constructor", []))), Not (Atomic ("is_objc_constructor", []))),
Not (Atomic ("is_objc_dealloc", []))) in Not (Atomic ("is_objc_dealloc", [])))) in
let issue_desc = { let issue_desc = {
CIssue.issue = CIssue.Direct_atomic_property_access; CIssue.issue = CIssue.Direct_atomic_property_access;
CIssue.description = Printf.sprintf CIssue.description = Printf.sprintf
@ -224,7 +226,8 @@ let ctl_direct_atomic_property_access_warning lctx stmt =
let ctl_captured_cxx_ref_in_objc_block_warning lctx stmt = let ctl_captured_cxx_ref_in_objc_block_warning lctx stmt =
(* Fire if the list of captured references is not empty *) (* Fire if the list of captured references is not empty *)
let condition = CTL.Atomic ("captures_cxx_references", []) in let open CTL in
let condition = ET (["BlockDecl"], None, Atomic ("captures_cxx_references", [])) in
let issue_desc = { let issue_desc = {
CIssue.issue = CIssue.Cxx_reference_captured_in_objc_block; CIssue.issue = CIssue.Cxx_reference_captured_in_objc_block;
CIssue.description = Printf.sprintf CIssue.description = Printf.sprintf
@ -232,7 +235,9 @@ let ctl_captured_cxx_ref_in_objc_block_warning lctx stmt =
(Predicates.var_descs_name stmt); (Predicates.var_descs_name stmt);
CIssue.suggestion = Some ("C++ References are unmanaged and may be invalid " ^ CIssue.suggestion = Some ("C++ References are unmanaged and may be invalid " ^
"by the time the block executes."); "by the time the block executes.");
CIssue.loc = location_from_stmt lctx stmt CIssue.loc = match stmt with
| Clang_ast_t.BlockExpr (_, _ , _, decl) -> location_from_decl lctx decl
| _ -> location_from_stmt lctx stmt;
} in } in
condition, issue_desc condition, issue_desc

42
infer/src/clang/cFrontend_errors.ml
Unescape View File

@ -63,13 +63,6 @@ let var_checker_list = [CFrontend_checkers.global_var_init_with_calls_warning;
let checker_for_var dec checker context = let checker_for_var dec checker context =
checker context dec checker context dec
(* List of checkers on conditional operator *)
let conditional_op_checker_list = [CFrontend_checkers.bad_pointer_comparison_warning]
(* Invocation of checker belonging to conditional_op_checker_list *)
let checker_for_conditional_op first_stmt checker context =
checker context first_stmt
(* List of checkers on if-statement *) (* List of checkers on if-statement *)
let if_stmt_checker_list = [CFrontend_checkers.bad_pointer_comparison_warning] let if_stmt_checker_list = [CFrontend_checkers.bad_pointer_comparison_warning]
@ -77,20 +70,6 @@ let if_stmt_checker_list = [CFrontend_checkers.bad_pointer_comparison_warning]
let checker_for_if_stmt cond checker context = let checker_for_if_stmt cond checker context =
checker context cond checker context cond
(* List of checkers on for statement *)
let for_stmt_checker_list = [CFrontend_checkers.bad_pointer_comparison_warning]
(* Invocation of checker belonging to for_stmt_checker_list *)
let checker_for_for_stmt cond checker context =
checker context cond
(* List of checkers on while statement *)
let while_stmt_checker_list = [CFrontend_checkers.bad_pointer_comparison_warning]
(* Invocation of checker belonging to while_stmt_checker_list *)
let checker_for_while_stmt cond checker context =
checker context cond
let function_decl_checker_list = [ComponentKit.component_factory_function_advice] let function_decl_checker_list = [ComponentKit.component_factory_function_advice]
let checker_for_function_decl decl checker context = let checker_for_function_decl decl checker context =
@ -146,26 +125,11 @@ let run_frontend_checkers_on_stmt context instr =
invoke_set_of_checkers call_captured_vars_checker context key invoke_set_of_checkers call_captured_vars_checker context key
captured_vars_checker_list; captured_vars_checker_list;
context context
| IfStmt (_, _ :: _ :: cond :: _) -> | IfStmt _ | ConditionalOperator _ | ForStmt _ | WhileStmt _ ->
let call_checker = checker_for_if_stmt cond in let call_checker = checker_for_if_stmt instr in
let key = Ast_utils.generate_key_stmt cond in let key = Ast_utils.generate_key_stmt instr in
invoke_set_of_checkers call_checker context key if_stmt_checker_list; invoke_set_of_checkers call_checker context key if_stmt_checker_list;
context context
| ConditionalOperator (_, first_stmt :: _, _) ->
let call_checker = checker_for_conditional_op first_stmt in
let key = Ast_utils.generate_key_stmt first_stmt in
invoke_set_of_checkers call_checker context key conditional_op_checker_list;
context
| ForStmt (_, [_; _; cond; _; _]) ->
let call_checker = checker_for_for_stmt cond in
let key = Ast_utils.generate_key_stmt cond in
invoke_set_of_checkers call_checker context key for_stmt_checker_list;
context
| WhileStmt (_, [_; cond; _]) ->
let call_checker = checker_for_while_stmt cond in
let key = Ast_utils.generate_key_stmt cond in
invoke_set_of_checkers call_checker context key while_stmt_checker_list;
context
| CallExpr (_, called_func_stmt :: _, _) -> | CallExpr (_, called_func_stmt :: _, _) ->
let call_checker = checkers_for_call_expr called_func_stmt in let call_checker = checkers_for_call_expr called_func_stmt in
let key = Ast_utils.generate_key_stmt called_func_stmt in let key = Ast_utils.generate_key_stmt called_func_stmt in

91
infer/src/clang/cTL.ml
Unescape View File

@ -22,6 +22,7 @@ type transitions =
| Body (* decl to stmt *) | Body (* decl to stmt *)
| InitExpr (* decl to stmt *) | InitExpr (* decl to stmt *)
| Super (* decl to decl *) | Super (* decl to decl *)
| Cond
(* In formulas below prefix (* In formulas below prefix
"E" means "exists a path" "E" means "exists a path"
@ -46,6 +47,7 @@ type t = (* A ctl formula *)
| EU of transitions option * t * t | EU of transitions option * t * t
| EH of string list * t | EH of string list * t
| ET of string list * transitions option * t | ET of string list * transitions option * t
| ETX of string list * transitions option * t
(* the kind of AST nodes where formulas are evaluated *) (* the kind of AST nodes where formulas are evaluated *)
type ast_node = type ast_node =
@ -57,19 +59,28 @@ module Debug = struct
let pp_aux fmt trans = match trans with let pp_aux fmt trans = match trans with
| Body -> Format.pp_print_string fmt "Body" | Body -> Format.pp_print_string fmt "Body"
| InitExpr -> Format.pp_print_string fmt "InitExpr" | InitExpr -> Format.pp_print_string fmt "InitExpr"
| Super -> Format.pp_print_string fmt "Super" in | Super -> Format.pp_print_string fmt "Super"
| Cond -> Format.pp_print_string fmt "Cond" in
match trans_opt with match trans_opt with
| Some trans -> pp_aux fmt trans | Some trans -> pp_aux fmt trans
| None -> Format.pp_print_string fmt "_" | None -> Format.pp_print_string fmt "_"
(* a flag to print more or less in the dotty graph *)
let full_print = true
let rec pp_formula fmt phi = let rec pp_formula fmt phi =
match phi with match phi with
| True -> Format.fprintf fmt "True" | True -> Format.fprintf fmt "True"
| False -> Format.fprintf fmt "False" | False -> Format.fprintf fmt "False"
| Atomic p -> Predicates.pp_predicate fmt p | Atomic p -> Predicates.pp_predicate fmt p
| Not phi -> Format.fprintf fmt "NOT(%a)" pp_formula phi | Not phi -> if full_print then Format.fprintf fmt "NOT(%a)" pp_formula phi
| And (phi1, phi2) -> Format.fprintf fmt "(%a AND %a)" pp_formula phi1 pp_formula phi2 else Format.fprintf fmt "NOT(...)"
| Or (phi1, phi2) -> Format.fprintf fmt "(%a OR %a)" pp_formula phi1 pp_formula phi2 | And (phi1, phi2) -> if full_print then
Format.fprintf fmt "(%a AND %a)" pp_formula phi1 pp_formula phi2
else Format.fprintf fmt "(... AND ...)"
| Or (phi1, phi2) -> if full_print then
Format.fprintf fmt "(%a OR %a)" pp_formula phi1 pp_formula phi2
else Format.fprintf fmt "(... OR ...)"
| Implies (phi1, phi2) -> Format.fprintf fmt "(%a ==> %a)" pp_formula phi1 pp_formula phi2 | Implies (phi1, phi2) -> Format.fprintf fmt "(%a ==> %a)" pp_formula phi1 pp_formula phi2
| InNode (nl, phi) -> Format.fprintf fmt "IN-NODE %a: (%a)" | InNode (nl, phi) -> Format.fprintf fmt "IN-NODE %a: (%a)"
(Utils.pp_comma_seq Format.pp_print_string) nl (Utils.pp_comma_seq Format.pp_print_string) nl
@ -86,10 +97,11 @@ module Debug = struct
| EH (arglist, phi) -> Format.fprintf fmt "EH[%a](%a)" | EH (arglist, phi) -> Format.fprintf fmt "EH[%a](%a)"
(Utils.pp_comma_seq Format.pp_print_string) arglist (Utils.pp_comma_seq Format.pp_print_string) arglist
pp_formula phi pp_formula phi
| ET (arglist, trans, phi) -> Format.fprintf fmt "ET[%a][%a](%a)" | ET (arglist, trans, phi)
(Utils.pp_comma_seq Format.pp_print_string) arglist | ETX (arglist, trans, phi) -> Format.fprintf fmt "ET[%a][%a](%a)"
pp_transition trans (Utils.pp_comma_seq Format.pp_print_string) arglist
pp_formula phi pp_transition trans
pp_formula phi
module EvaluationTracker = struct module EvaluationTracker = struct
exception Empty_stack of string exception Empty_stack of string
@ -99,6 +111,7 @@ module Debug = struct
type content = { type content = {
ast_node: ast_node; ast_node: ast_node;
phi: t; phi: t;
lcxt: CLintersContext.context;
eval_result: eval_result; eval_result: eval_result;
} }
@ -115,9 +128,9 @@ module Debug = struct
forest: tree list; forest: tree list;
} }
let create_content ast_node phi = {ast_node; phi; eval_result = Eval_undefined} let create_content ast_node phi lcxt = {ast_node; phi; eval_result = Eval_undefined; lcxt = lcxt; }
let create () = {next_id = 0; eval_stack = Stack.create(); forest = []} let create () = {next_id = 0; eval_stack = Stack.create(); forest = [] }
let eval_begin t content = let eval_begin t content =
let node = {id = t.next_id; content} in let node = {id = t.next_id; content} in
@ -169,6 +182,10 @@ module Debug = struct
| Eval_false -> "red" | Eval_false -> "red"
| _ -> failwith "Tree is not fully evaluated" in | _ -> failwith "Tree is not fully evaluated" in
let label = let label =
let string_of_lcxt c =
match c.CLintersContext.et_evaluation_node with
| Some s -> ("et_evaluation_node = "^s)
| _ -> "et_evaluation_node = NONE" in
let string_of_ast_node an = let string_of_ast_node an =
match an with match an with
| Stmt stmt -> Clang_ast_proj.get_stmt_kind_string stmt | Stmt stmt -> Clang_ast_proj.get_stmt_kind_string stmt
@ -181,9 +198,10 @@ module Debug = struct
| Implies _ when num_children = 2 -> "(...) ==> (...)" | Implies _ when num_children = 2 -> "(...) ==> (...)"
| Not _ -> "NOT(...)" | Not _ -> "NOT(...)"
| _ -> Utils.pp_to_string pp_formula phi in | _ -> Utils.pp_to_string pp_formula phi in
Format.sprintf "(%d)\\n%s\\n%s" Format.sprintf "(%d)\\n%s\\n%s\\n%s"
root_node.id root_node.id
(Escape.escape_dotty (string_of_ast_node root_node.content.ast_node)) (Escape.escape_dotty (string_of_ast_node root_node.content.ast_node))
(Escape.escape_dotty (string_of_lcxt root_node.content.lcxt))
(Escape.escape_dotty (smart_string_of_formula root_node.content.phi)) in (Escape.escape_dotty (smart_string_of_formula root_node.content.phi)) in
let edges = let edges =
let buf = Buffer.create 16 in let buf = Buffer.create 16 in
@ -212,9 +230,9 @@ let ctl_evaluation_tracker = match Config.debug_mode with
| true -> Some (ref (Debug.EvaluationTracker.create ())) | true -> Some (ref (Debug.EvaluationTracker.create ()))
| false -> None | false -> None
let debug_create_payload ast_node phi = let debug_create_payload ast_node phi lcxt =
match ctl_evaluation_tracker with match ctl_evaluation_tracker with
| Some _ -> Some (Debug.EvaluationTracker.create_content ast_node phi) | Some _ -> Some (Debug.EvaluationTracker.create_content ast_node phi lcxt)
| None -> None | None -> None
let debug_eval_begin payload = let debug_eval_begin payload =
@ -258,6 +276,15 @@ let node_to_string an =
| Decl d -> Clang_ast_proj.get_decl_kind_string d | Decl d -> Clang_ast_proj.get_decl_kind_string d
| Stmt s -> Clang_ast_proj.get_stmt_kind_string s | Stmt s -> Clang_ast_proj.get_stmt_kind_string s
let node_to_unique_string_id an =
match an with
| Decl d ->
let di = Clang_ast_proj.get_decl_tuple d in
(Clang_ast_proj.get_decl_kind_string d) ^ (string_of_int di.Clang_ast_t.di_pointer)
| Stmt s ->
let si, _ = Clang_ast_proj.get_stmt_tuple s in
Clang_ast_proj.get_stmt_kind_string s ^ (string_of_int si.Clang_ast_t.si_pointer)
(* true iff an ast node is a node of type among the list tl *) (* true iff an ast node is a node of type among the list tl *)
let node_has_type tl an = let node_has_type tl an =
let an_str = node_to_string an in let an_str = node_to_string an in
@ -298,12 +325,22 @@ let transition_decl_to_decl_via_super d =
| _ -> None) | _ -> None)
| None -> None | None -> None
let transition_stmt_to_stmt_via_condition st =
let open Clang_ast_t in
match st with
| IfStmt (_, _ :: _ :: cond :: _)
| ConditionalOperator (_, cond:: _, _)
| ForStmt (_, [_; _; cond; _; _])
| WhileStmt (_, [_; cond; _]) -> Some (Stmt cond)
| _ -> None
(* given a node an returns the node an' such that an transition to an' via label trans *) (* given a node an returns the node an' such that an transition to an' via label trans *)
let next_state_via_transition an trans = let next_state_via_transition an trans =
match an, trans with match an, trans with
| Decl d, Some Super -> transition_decl_to_decl_via_super d | Decl d, Some Super -> transition_decl_to_decl_via_super d
| Decl d, Some InitExpr | Decl d, Some InitExpr
| Decl d, Some Body -> transition_decl_to_stmt d trans | Decl d, Some Body -> transition_decl_to_stmt d trans
| Stmt st, Some Cond -> transition_stmt_to_stmt_via_condition st
| _, _ -> None | _, _ -> None
(* Evaluation of formulas *) (* Evaluation of formulas *)
@ -318,7 +355,6 @@ let eval_Atomic pred_name params an lcxt =
| "is_global_var", [], Decl d -> Predicates.is_syntactically_global_var d | "is_global_var", [], Decl d -> Predicates.is_syntactically_global_var d
| "is_const_var", [], Decl d -> Predicates.is_const_expr_var d | "is_const_var", [], Decl d -> Predicates.is_const_expr_var d
| "call_function_named", _, Stmt st -> Predicates.call_function_named st params | "call_function_named", _, Stmt st -> Predicates.call_function_named st params
| "is_statement_kind", [p1], Stmt st -> Predicates.is_statement_kind st p1
| "is_declaration_kind", [p1], Decl d -> Predicates.is_declaration_kind d p1 | "is_declaration_kind", [p1], Decl d -> Predicates.is_declaration_kind d p1
| "is_strong_property", [], Decl d -> Predicates.is_strong_property d | "is_strong_property", [], Decl d -> Predicates.is_strong_property d
| "is_assign_property", [], Decl d -> Predicates.is_assign_property d | "is_assign_property", [], Decl d -> Predicates.is_assign_property d
@ -329,7 +365,7 @@ let eval_Atomic pred_name params an lcxt =
Predicates.is_method_property_accessor_of_ivar st lcxt Predicates.is_method_property_accessor_of_ivar st lcxt
| "is_objc_constructor", [], _ -> Predicates.is_objc_constructor lcxt | "is_objc_constructor", [], _ -> Predicates.is_objc_constructor lcxt
| "is_objc_dealloc", [], _ -> Predicates.is_objc_dealloc lcxt | "is_objc_dealloc", [], _ -> Predicates.is_objc_dealloc lcxt
| "captures_cxx_references", [], Stmt st -> Predicates.captures_cxx_references st | "captures_cxx_references", [], Decl d -> Predicates.captures_cxx_references d
| "is_binop_with_kind", [kind], Stmt st -> Predicates.is_binop_with_kind st kind | "is_binop_with_kind", [kind], Stmt st -> Predicates.is_binop_with_kind st kind
| "is_unop_with_kind", [kind], Stmt st -> Predicates.is_unop_with_kind st kind | "is_unop_with_kind", [kind], Stmt st -> Predicates.is_unop_with_kind st kind
| "is_stmt", [stmt_name], Stmt st -> Predicates.is_stmt st stmt_name | "is_stmt", [stmt_name], Stmt st -> Predicates.is_stmt st stmt_name
@ -428,7 +464,14 @@ and eval_AU phi1 phi2 an lcxt =
an is a node of type in node_type_list and an satifies phi an is a node of type in node_type_list and an satifies phi
*) *)
and in_node node_type_list phi an lctx = and in_node node_type_list phi an lctx =
(node_has_type node_type_list an) && (eval_formula phi an lctx) let holds_for_one_node n =
match lctx.CLintersContext.et_evaluation_node with
| Some id ->
(string_equal id (node_to_unique_string_id an)) && (eval_formula phi an lctx)
| None ->
(node_has_type [n] an) && (eval_formula phi an lctx) in
IList.exists holds_for_one_node node_type_list
(* Intuitive meaning: (an,lcxt) satifies EH[Classes] phi (* Intuitive meaning: (an,lcxt) satifies EH[Classes] phi
if the node an is among the declaration specified by the list Classes and if the node an is among the declaration specified by the list Classes and
@ -458,9 +501,20 @@ and eval_ET tl trs phi an lcxt =
| None -> EF (None, (InNode (tl, phi))) in | None -> EF (None, (InNode (tl, phi))) in
eval_formula f an lcxt eval_formula f an lcxt
and eval_ETX tl trs phi an lcxt =
let lcxt', tl' = match lcxt.CLintersContext.et_evaluation_node, node_has_type tl an with
| None, true ->
let an_str = node_to_string an in
{lcxt with CLintersContext.et_evaluation_node = Some (node_to_unique_string_id an) }, [an_str]
| _, _ -> lcxt, tl in
let f = match trs with
| Some _ -> EF (None, (InNode (tl', EX (trs, phi))))
| None -> EF (None, (InNode (tl', phi))) in
eval_formula f an lcxt'
(* Formulas are evaluated on a AST node an and a linter context lcxt *) (* Formulas are evaluated on a AST node an and a linter context lcxt *)
and eval_formula f an lcxt = and eval_formula f an lcxt =
debug_eval_begin (debug_create_payload an f); debug_eval_begin (debug_create_payload an f lcxt);
let res = match f with let res = match f with
| True -> true | True -> true
| False -> false | False -> false
@ -483,6 +537,7 @@ and eval_formula f an lcxt =
| EH (cl, phi) -> eval_EH cl phi an lcxt | EH (cl, phi) -> eval_EH cl phi an lcxt
| EG (trans, f1) -> (* st |= EG f1 <=> st |= f1 /\ EX EG f1 *) | EG (trans, f1) -> (* st |= EG f1 <=> st |= f1 /\ EX EG f1 *)
eval_formula (And (f1, EX (trans, (EG (trans, f1))))) an lcxt eval_formula (And (f1, EX (trans, (EG (trans, f1))))) an lcxt
| ET (tl, sw, phi) -> eval_ET tl sw phi an lcxt in | ET (tl, sw, phi) -> eval_ET tl sw phi an lcxt
| ETX (tl, sw, phi) -> eval_ETX tl sw phi an lcxt in
debug_eval_end res; debug_eval_end res;
res res

4
infer/src/clang/cTL.mli
Unescape View File

@ -17,6 +17,7 @@ type transitions =
| Body (* decl to stmt *) | Body (* decl to stmt *)
| InitExpr (* decl to stmt *) | InitExpr (* decl to stmt *)
| Super (* decl to decl *) | Super (* decl to decl *)
| Cond
(* In formulas below prefix (* In formulas below prefix
"E" means "exists a path" "E" means "exists a path"
@ -49,6 +50,9 @@ type t =
| ET of string list * transitions option * t (** ET[T][l] phi <=> | ET of string list * transitions option * t (** ET[T][l] phi <=>
there exists a descentant an of the current node such that an is of type in set T there exists a descentant an of the current node such that an is of type in set T
making a transition to a node an' via label l, such that in an phi holds. *) making a transition to a node an' via label l, such that in an phi holds. *)
| ETX of string list * transitions option * t (** ET[T][l] phi <=>
there exists a descentant an of the current node such that an is of type in set T
making a transition to a node an' via label l, such that in an phi holds. *)
(** the kind of AST nodes where formulas are evaluated *) (** the kind of AST nodes where formulas are evaluated *)
type ast_node = type ast_node =

14
infer/src/clang/predicates.ml
Unescape View File

@ -23,7 +23,7 @@ let get_ivar_attributes ivar_decl =
| _ -> [] | _ -> []
(* list of cxx references captured by stmt *) (* list of cxx references captured by stmt *)
let captured_variables_cxx_ref stmt = let captured_variables_cxx_ref dec =
let capture_var_is_cxx_ref reference_captured_vars captured_var = let capture_var_is_cxx_ref reference_captured_vars captured_var =
let decl_ref_opt = captured_var.Clang_ast_t.bcv_variable in let decl_ref_opt = captured_var.Clang_ast_t.bcv_variable in
match Ast_utils.get_decl_opt_with_decl_ref decl_ref_opt with match Ast_utils.get_decl_opt_with_decl_ref decl_ref_opt with
@ -35,14 +35,17 @@ let captured_variables_cxx_ref stmt =
named_decl_info::reference_captured_vars named_decl_info::reference_captured_vars
| _ -> reference_captured_vars) | _ -> reference_captured_vars)
| _ -> reference_captured_vars in | _ -> reference_captured_vars in
let captured_vars = match stmt with let captured_vars = match dec with
| Clang_ast_t.BlockExpr (_, _ , _, Clang_ast_t.BlockDecl (_, bdi)) -> | Clang_ast_t.BlockDecl (_, bdi) ->
bdi.Clang_ast_t.bdi_captured_variables bdi.Clang_ast_t.bdi_captured_variables
| _ -> [] in | _ -> [] in
IList.fold_left capture_var_is_cxx_ref [] captured_vars IList.fold_left capture_var_is_cxx_ref [] captured_vars
let var_descs_name stmt = let var_descs_name stmt =
let capt_refs = captured_variables_cxx_ref stmt in let capt_refs = match stmt with
| Clang_ast_t.BlockExpr (_, _ , _, decl) ->
captured_variables_cxx_ref decl
| _ -> [] in
let var_desc vars var_named_decl_info = let var_desc vars var_named_decl_info =
vars ^ "'" ^ var_named_decl_info.Clang_ast_t.ni_name ^ "'" in vars ^ "'" ^ var_named_decl_info.Clang_ast_t.ni_name ^ "'" in
IList.fold_left var_desc "" capt_refs IList.fold_left var_desc "" capt_refs
@ -56,9 +59,6 @@ let pp_predicate fmt (name, arglist) =
let is_declaration_kind decl s = let is_declaration_kind decl s =
Clang_ast_proj.get_decl_kind_string decl = s Clang_ast_proj.get_decl_kind_string decl = s
let is_statement_kind stmt s =
Clang_ast_proj.get_stmt_kind_string stmt = s
(* st |= call_method(m) *) (* st |= call_method(m) *)
let call_method m st = let call_method m st =
match st with match st with

4
infer/src/clang/predicates.mli
Unescape View File

@ -23,8 +23,6 @@ val is_const_expr_var : Clang_ast_t.decl -> bool
val is_declaration_kind : Clang_ast_t.decl -> string -> bool val is_declaration_kind : Clang_ast_t.decl -> string -> bool
val is_statement_kind : Clang_ast_t.stmt -> string -> bool
val call_function_named : Clang_ast_t.stmt -> string list -> bool val call_function_named : Clang_ast_t.stmt -> string list -> bool
val is_strong_property : Clang_ast_t.decl -> bool val is_strong_property : Clang_ast_t.decl -> bool
@ -43,7 +41,7 @@ val is_objc_constructor : CLintersContext.context -> bool
val is_objc_dealloc : CLintersContext.context -> bool val is_objc_dealloc : CLintersContext.context -> bool
val captures_cxx_references : Clang_ast_t.stmt -> bool val captures_cxx_references : Clang_ast_t.decl -> bool
val is_binop_with_kind : Clang_ast_t.stmt -> string -> bool val is_binop_with_kind : Clang_ast_t.stmt -> string -> bool

17
infer/tests/codetoanalyze/objc/linters/badpointer.m
Unescape View File

@ -142,4 +142,21 @@ int bad10(NSNumber* number, Simple* simple) {
return 0; return 0;
} }
int bad11(int i, NSNumber* number) {
if (i > 10) {
return 11;
} else if (number) {
return 0;
}
return 1;
}
int good6(NSNumber* number) { return (number.integerValue > 5 ? 1 : 0); } int good6(NSNumber* number) { return (number.integerValue > 5 ? 1 : 0); }
NSNumber* good7(NSNumber* number) {
return (number.integerValue > 5 ? number : @0);
}
NSNumber* bad12(NSNumber* number) {
return (number.integerValue > 5 ? (number ? @1 : @0) : @0);
}

2
infer/tests/codetoanalyze/objc/linters/issues.exp
Unescape View File

@ -10,6 +10,8 @@ atomic_prop.m, A_writeQ:, 82, DIRECT_ATOMIC_PROPERTY_ACCESS
atomic_prop.m, __objc_anonymous_block_______1, 114, DIRECT_ATOMIC_PROPERTY_ACCESS atomic_prop.m, __objc_anonymous_block_______1, 114, DIRECT_ATOMIC_PROPERTY_ACCESS
badpointer.m, bad1, 17, BAD_POINTER_COMPARISON badpointer.m, bad1, 17, BAD_POINTER_COMPARISON
badpointer.m, bad10, 139, BAD_POINTER_COMPARISON badpointer.m, bad10, 139, BAD_POINTER_COMPARISON
badpointer.m, bad11, 148, BAD_POINTER_COMPARISON
badpointer.m, bad12, 161, BAD_POINTER_COMPARISON
badpointer.m, bad2, 26, BAD_POINTER_COMPARISON badpointer.m, bad2, 26, BAD_POINTER_COMPARISON
badpointer.m, bad3, 33, BAD_POINTER_COMPARISON badpointer.m, bad3, 33, BAD_POINTER_COMPARISON
badpointer.m, bad4, 85, BAD_POINTER_COMPARISON badpointer.m, bad4, 85, BAD_POINTER_COMPARISON

Write Preview
Loading…
Cancel
Save