pghs975uc
/
infer_clone
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

[inferbo] Ignore error memory status

Browse Source 
Summary:
This ignores the error memory status (e.g. when condition expression is evaluated to bottom), in
order to keep analyze following code.

```
if ( e ) // e is evaluated to bottom due to a problem of Inferbo {
   ... // code here was not analyzed before
}
```

Reviewed By: ezgicicek

Differential Revision: D20067434

fbshipit-source-id: a1713722c
master
Sungkeun Cho 5 years ago committed by Facebook Github Bot
parent 3e9702edf2
commit da7cd0b45a
5 changed files with 16 additions and 34 deletions
Show Stats Download Patch File Download Diff File

4
infer/src/bufferoverrun/bufferOverrunChecker.ml
Unescape View File

@ -341,7 +341,7 @@ let check_instrs :
match state with match state with
| _ when Instrs.is_empty instrs -> | _ when Instrs.is_empty instrs ->
checks checks
| {AbstractInterpreter.State.pre= Dom.Mem.(Unreachable | Error | ExcRaised)} -> | {AbstractInterpreter.State.pre= Dom.Mem.(Unreachable | ExcRaised)} ->
checks checks
| {AbstractInterpreter.State.pre= Reachable _ as pre; post} -> | {AbstractInterpreter.State.pre= Reachable _ as pre; post} ->
if Instrs.nth_exists instrs 1 then L.(die InternalError) "Did not expect several instructions" ; if Instrs.nth_exists instrs 1 then L.(die InternalError) "Did not expect several instructions" ;
@ -350,7 +350,7 @@ let check_instrs :
match post with match post with
| Dom.Mem.(Unreachable | ExcRaised) -> | Dom.Mem.(Unreachable | ExcRaised) ->
add_unreachable_code cfg node instr Instrs.empty checks add_unreachable_code cfg node instr Instrs.empty checks
| Dom.Mem.(Error | Reachable _) -> | Dom.Mem.Reachable _ ->
checks checks
in in
let cond_set = let cond_set =

25
infer/src/bufferoverrun/bufferOverrunDomain.ml
Unescape View File

@ -2332,7 +2332,7 @@ module MemReach = struct
end end
module Mem = struct module Mem = struct
type 'has_oenv t0 = Unreachable | Error | ExcRaised | Reachable of 'has_oenv MemReach.t0 type 'has_oenv t0 = Unreachable | ExcRaised | Reachable of 'has_oenv MemReach.t0
type no_oenv_t = GOption.none t0 type no_oenv_t = GOption.none t0
@ -2340,8 +2340,6 @@ module Mem = struct
let unreachable : t = Unreachable let unreachable : t = Unreachable
let error : t = Error
let exc_raised : t = ExcRaised let exc_raised : t = ExcRaised
let is_exc_raised = function ExcRaised -> true | _ -> false let is_exc_raised = function ExcRaised -> true | _ -> false
@ -2354,10 +2352,6 @@ module Mem = struct
true true
| _, Unreachable -> | _, Unreachable ->
false false
| Error, _ ->
true
| _, Error ->
false
| ExcRaised, _ -> | ExcRaised, _ ->
true true
| _, ExcRaised -> | _, ExcRaised ->
@ -2372,8 +2366,6 @@ module Mem = struct
match (x, y) with match (x, y) with
| Unreachable, m | m, Unreachable -> | Unreachable, m | m, Unreachable ->
m m
| Error, m | m, Error ->
m
| ExcRaised, m | m, ExcRaised -> | ExcRaised, m | m, ExcRaised ->
m m
| Reachable m1, Reachable m2 -> | Reachable m1, Reachable m2 ->
@ -2386,8 +2378,6 @@ module Mem = struct
match (prev0, next0) with match (prev0, next0) with
| Unreachable, m | m, Unreachable -> | Unreachable, m | m, Unreachable ->
m m
| Error, m | m, Error ->
m
| ExcRaised, m | m, ExcRaised -> | ExcRaised, m | m, ExcRaised ->
m m
| Reachable prev, Reachable next -> | Reachable prev, Reachable next ->
@ -2396,7 +2386,7 @@ module Mem = struct
let map ~f x = let map ~f x =
match x with match x with
| Unreachable | Error | ExcRaised -> | Unreachable | ExcRaised ->
x x
| Reachable m -> | Reachable m ->
let m' = f m in let m' = f m in
@ -2414,8 +2404,7 @@ module Mem = struct
let f_lift_default : default:'a -> ('h MemReach.t0 -> 'a) -> 'h t0 -> 'a = let f_lift_default : default:'a -> ('h MemReach.t0 -> 'a) -> 'h t0 -> 'a =
fun ~default f m -> fun ~default f m -> match m with Unreachable | ExcRaised -> default | Reachable m' -> f m'
match m with Unreachable | Error | ExcRaised -> default | Reachable m' -> f m'
let is_stack_loc : Loc.t -> _ t0 -> bool = let is_stack_loc : Loc.t -> _ t0 -> bool =
@ -2460,7 +2449,7 @@ module Mem = struct
let find_ret_alias : _ t0 -> AliasTargets.t bottom_lifted = let find_ret_alias : _ t0 -> AliasTargets.t bottom_lifted =
fun m -> fun m ->
match m with match m with
| Unreachable | Error | ExcRaised -> | Unreachable | ExcRaised ->
Bottom Bottom
| Reachable m' -> | Reachable m' ->
NonBottom (MemReach.find_ret_alias m') NonBottom (MemReach.find_ret_alias m')
@ -2566,7 +2555,7 @@ module Mem = struct
let apply_latest_prune : Exp.t -> t -> t * PrunePairs.t = let apply_latest_prune : Exp.t -> t -> t * PrunePairs.t =
fun e -> function fun e -> function
| (Unreachable | Error | ExcRaised) as x -> | (Unreachable | ExcRaised) as x ->
(x, PrunePairs.empty) (x, PrunePairs.empty)
| Reachable m -> | Reachable m ->
let m, prune_pairs = MemReach.apply_latest_prune e m in let m, prune_pairs = MemReach.apply_latest_prune e m in
@ -2592,7 +2581,7 @@ module Mem = struct
let forget_size_alias arr_locs = map ~f:(MemReach.forget_size_alias arr_locs) let forget_size_alias arr_locs = map ~f:(MemReach.forget_size_alias arr_locs)
let unset_oenv = function let unset_oenv = function
| (Unreachable | Error | ExcRaised) as x -> | (Unreachable | ExcRaised) as x ->
x x
| Reachable m -> | Reachable m ->
Reachable (MemReach.unset_oenv m) Reachable (MemReach.unset_oenv m)
@ -2613,8 +2602,6 @@ module Mem = struct
match m with match m with
| Unreachable -> | Unreachable ->
F.fprintf f "%s_unreachable" SpecialChars.up_tack F.fprintf f "%s_unreachable" SpecialChars.up_tack
| Error ->
F.fprintf f "%s_our_fault" SpecialChars.up_tack
| ExcRaised -> | ExcRaised ->
F.pp_print_string f (SpecialChars.up_tack ^ " by exception") F.pp_print_string f (SpecialChars.up_tack ^ " by exception")
| Reachable m -> | Reachable m ->

5
infer/src/bufferoverrun/bufferOverrunDomain.mli
Unescape View File

@ -464,9 +464,6 @@ end
module Mem : sig module Mem : sig
type 'has_oenv t0 = type 'has_oenv t0 =
| Unreachable (** Memory of unreachable node *) | Unreachable (** Memory of unreachable node *)
| Error
(** Error status due to Inferbo's incorrect semantics/models, e.g., when a value of an
abstract location is not found from the abstract memory inadvertently *)
| ExcRaised | ExcRaised
(** Memory of node that can be reachable only with exception raises that we want to ignore *) (** Memory of node that can be reachable only with exception raises that we want to ignore *)
| Reachable of 'has_oenv MemReach.t0 | Reachable of 'has_oenv MemReach.t0
@ -485,8 +482,6 @@ module Mem : sig
val unreachable : t val unreachable : t
val error : t
type get_summary = Procname.t -> no_oenv_t option type get_summary = Procname.t -> no_oenv_t option
val init : get_summary -> BufferOverrunOndemandEnv.t -> t val init : get_summary -> BufferOverrunOndemandEnv.t -> t

10
infer/src/bufferoverrun/bufferOverrunSemantics.ml
Unescape View File

@ -753,7 +753,7 @@ module Prune = struct
let prune_unreachable : Typ.IntegerWidths.t -> Exp.t -> t -> t = let prune_unreachable : Typ.IntegerWidths.t -> Exp.t -> t -> t =
fun integer_type_widths e ({mem} as astate) -> fun integer_type_widths e ({mem} as astate) ->
match mem with match mem with
| Mem.(Unreachable | Error | ExcRaised) -> | Mem.(Unreachable | ExcRaised) ->
astate astate
| Mem.Reachable _ -> | Mem.Reachable _ ->
let v = eval integer_type_widths e mem in let v = eval integer_type_widths e mem in
@ -762,7 +762,13 @@ module Prune = struct
Itv.leq ~lhs:itv_v ~rhs:(Itv.of_int 0) Itv.leq ~lhs:itv_v ~rhs:(Itv.of_int 0)
&& PowLoc.is_bot (Val.get_pow_loc v) && PowLoc.is_bot (Val.get_pow_loc v)
&& ArrayBlk.is_bot (Val.get_array_blk v) && ArrayBlk.is_bot (Val.get_array_blk v)
then {astate with mem= (if Itv.is_bottom itv_v then Mem.error else Mem.unreachable)} then
if Itv.is_bottom itv_v then
let () =
Logging.d_printfln_escaped "Warning: the condition expression is evaluated to bottom"
in
astate
else {astate with mem= Mem.unreachable}
else astate else astate

6
infer/src/cost/boundMap.ml
Unescape View File

@ -61,12 +61,6 @@ let compute_upperbound_map node_cfg inferbo_invariant_map control_invariant_map
[COST ANALYSIS INTERNAL WARNING:] No 'env' found. This location is \ [COST ANALYSIS INTERNAL WARNING:] No 'env' found. This location is \
unreachable returning cost 0 \n" ; unreachable returning cost 0 \n" ;
BasicCost.zero BasicCost.zero
| Error ->
L.debug Analysis Medium
"@\n\
[COST ANALYSIS INTERNAL WARNING:] No 'env' found. The Inferbo memory of this \
location is erroneous \n" ;
BasicCost.zero
| ExcRaised -> | ExcRaised ->
BasicCost.one BasicCost.one
| Reachable mem -> | Reachable mem ->

Write Preview
Loading…
Cancel
Save