Summary:public
Lazy dynamic dispatch handling works as follows:
Assuming a call of the form:
foo(a);
where the static type of `a` is `A`. If during the symbolic execution, the dynamic type of the variable `a` is `B` where `B <: A`, then we create on-demand a copy `foo(B)` of `foo(A)` where all the uses of the typed parameter `a` are replaced with a parameter of type `B`. Especially, if `foo` contains virtual call, say `get` where `a` is the receiver, then the call gets redirected to the overridden method in `B`, which simulates the runtime behavior of Java.
This lazy dynamic dispatch mode is only turn on for the tracing mode for now in order to avoid conflicts with sblackshear's approach for sound dynamic dispatch.
Reviewed By: sblackshear
Differential Revision: D2888922
fb-gh-sync-id: 3250c9e
shipit-source-id: 3250c9e
Summary:public
Remove back-end infrastructure that exists only when on-demand mode is disabled.
This, together with removing a few command-line options, sheds a lot of weight in the back-end.
No changes expected for on-demand mode.
Reviewed By: sblackshear
Differential Revision: D2960242
fb-gh-sync-id: 220d821
shipit-source-id: 220d821
Summary:public
Deprecate the incremental mode.
Several parts of the back-end can be removed.
The options for incremental analysis -i at the python level are now deprecated, and re-routed to --reactive.
The main difference with --reactive is that it does not produce an analysis of the whole project, but is limited to what is reachable via reactive propagation starting from the changed files.
Reviewed By: sblackshear
Differential Revision: D2960078
fb-gh-sync-id: 6e8b46b
shipit-source-id: 6e8b46b
Summary:public
An observer object that registered to a notification center needs to be
unregistered before it is deallocated.
If not, the notification center may send a notification to a gost object.
This diff introduce a checker for this problem.
Reviewed By: dulmarod
Differential Revision: D2949692
fb-gh-sync-id: 1653cec
shipit-source-id: 1653cec
Summary:public
In tracing mode, we translate the runtime checks done by the JVM, so the checks for null happen independently from the what happens before the dereference.
Reviewed By: cristianoc
Differential Revision: D2981515
fb-gh-sync-id: 695de07
shipit-source-id: 695de07
Summary:public
Revamped Timeout module by storing elapsed wallclock seconds, and the status of symops, in case of recursive calls.
Extended the API with suspend() and resume() to pause and resume the current timeout.
These are used before and after an on-demand call to the analysis functions.
This achieves the effect that each procedure, even though is interrupted, has its own time and symop counters, which are suspended and resumed as required.
Reviewed By: jeremydubreil
Differential Revision: D2976918
fb-gh-sync-id: 0ed1079
shipit-source-id: 0ed1079
Summary:public
Improved/simplified framework for fronend checkers.
Now we have a unique hook from cTrans to run checkers on statements and a unique
hook from cFrontent to run checkers on declarations.
So now when adding a checker we don't have to modify cTrans/cFrontend.
Moreover made more sistematic the way checkers are invoked. This simplify the definition
of checkers and the way we use them.
Code is now simpler.
Reviewed By: jvillard
Differential Revision: D2976589
fb-gh-sync-id: fbe22d4
shipit-source-id: fbe22d4
Summary:public
The NoAllocation checker should not report on the creation of exceptions
Reviewed By: sblackshear
Differential Revision: D2969719
fb-gh-sync-id: 4a8ffc8
shipit-source-id: 4a8ffc8
Summary:public
Add extra dereference when accessing fields that have T& type. It is similar
to what is done when accessing variables of T& type.
The only difference is that we need to handle constructor initializer list
separately (this is the only place where the field can be initialized)
Reviewed By: ddino
Differential Revision: D2965887
fb-gh-sync-id: 1b8708b
shipit-source-id: 1b8708b
Summary:public
Do same thing we do to CXXDefaultArgExpr
Reviewed By: dulmarod
Differential Revision: D2954128
fb-gh-sync-id: 2c92c16
shipit-source-id: 2c92c16
Summary:Resolve a bug that Infer does not analyze procedures when the analyzer is run on '/'.
This bug is reported by btakeya on facebook/infer#283.
Closes https://github.com/facebook/infer/pull/284
Reviewed By: cristianoc
Differential Revision: D2960328
Pulled By: jvillard
fb-gh-sync-id: 55e8b0c
shipit-source-id: 55e8b0c
Summary:public
Add command-line argument --reactive to enable reactive propagation mode.
When the mode is active, the files changed during compilation are detected, and the analysis propagates reactively starting from the modified files.
The reactive mode allows to analyze a subset of the files in a project and follow their dependencies, without storing the results of previous analyses (specs files). Captured files are preserved from previous runs of the analysis (for example, when the previous analysis was the initial capture), so the mode can be used repeatedly while changing code.
Reviewed By: jvillard
Differential Revision: D2931697
fb-gh-sync-id: 9d6dda0
shipit-source-id: 9d6dda0
Summary:public
Adds test_build target to toplevel Makefile, which compiles
InferAnalyze, InferPrint, InferClang, and InferJava where warnings
listed in OCAML_FATAL_WARNINGS defined in infer/src/Makefile are fatal.
Other builds do not treat warnings as fatal. The test build is
performed in parallel with the tests by scripts/test.sh. This makes
refactoring and debugging easier, but prevents warnings from slipping
into the repo.
Also, make test target robust wrt parallel make.
Reviewed By: jvillard
Differential Revision: D2953085
fb-gh-sync-id: 5c0282a
shipit-source-id: 5c0282a
Summary:public
This is intended as a target to build during development when quick
compilation and no duplicate compilation warnings are desired.
This builds byte code for InferAnalyze, InferPrint, InferJava, and
InferClang. This is one ocamlbuild invocation, so builds (and reports
warnings on) each source file once. Building bytecode is currently
about twice as fast as native code.
The llvm frontend is currently not built by this since it requires
menhir and standard ocamlyacc is required by the backend, and ocamlbuild
can only use one at a time.
Reviewed By: jvillard
Differential Revision: D2953050
fb-gh-sync-id: 2e90fcd
shipit-source-id: 2e90fcd
Summary:public
Create separate specs for C models compiled in C++. It will allow us to tweak behavior/names of certain
functions based on the compilation language (such as adding `std::` namespace in C++).
Reviewed By: jvillard
Differential Revision: D2938992
fb-gh-sync-id: 73902f8
shipit-source-id: 73902f8
Summary:public
Now use -safe-string and the Bytes module and bytes type.
Reviewed By: jvillard
Differential Revision: D2949369
fb-gh-sync-id: 58aa688
shipit-source-id: 58aa688
Summary:public
Names of templated types can be very long. The default 4k characters is not long
enough to handle folly library. Increase it to 16k characters and log when deserialization
fails.
Reviewed By: jberdine
Differential Revision: D2948935
fb-gh-sync-id: a659b23
shipit-source-id: a659b23
Summary:public
I have seen enough comments in this space by people during code review to switch on the analyses the compiler can already do. This diff is an automated renaming of unused identifiers to _, with a few additional changes made when reading the diff of the results for things that stood out as particularly strange. This base-lines all of the existing warnings. I'm not sure this is a good idea, since it might be better for those familiar with each part of the code to look at these warnings and use them as pointers to suspicious code.
Reviewed By: jeremydubreil
Differential Revision: D2938376
fb-gh-sync-id: 6e67817
shipit-source-id: 6e67817
Summary:public
Add to the code to detect violation of the `NoAllocation` annotation. This diff adds the code to detect such issue based on the code of the `PerformanceCritical` checker. In the next diff, I will refine the list of acceptable allocations, like new exceptions, etc, and add the list of corresponding tests.
Reviewed By: sblackshear
Differential Revision: D2938641
fb-gh-sync-id: 9a047dd
shipit-source-id: 9a047dd
Summary:public
Before this diff, the checker was collecting in a bottom-up fashion all possible call trees from `PerforamanceCritical`-annotated methods to `Expensive`-annotated ones. With this diff, we just collect the names of the direct transitively expensive callees and compute the expensive call stacks when reporting errors only.
Reviewed By: sblackshear
Differential Revision: D2938635
fb-gh-sync-id: dcdd13c
shipit-source-id: dcdd13c
jrm
Sam Blackshear
Dino Distefano
Cristiano Calcagno
Dulma Rodriguez
Josh Berdine
Peter O'Hearn
Andrzej Kotulski
kstreee