Summary:
This diff adds some semantic models for C++ string length. It introduces
an virtual field for string length and use the value in the models.
* basic_string constructor given a constant string
* string.empty
* string.length
Reviewed By: jvillard
Differential Revision: D29390815
fbshipit-source-id: 99d67e48e
Summary: Option is not used anywhere. More importantly the list of source file extensions in `Config` might give someone the impression the rest of Infer cares about it somehow.
Reviewed By: skcho
Differential Revision: D29361222
fbshipit-source-id: 22f7f66b2
Summary: Narrow container read/write modelled methods by requiring they are all non-static.
Reviewed By: ezgicicek
Differential Revision: D29331533
fbshipit-source-id: e0e445573
Summary:
After activation, a few bugs manifested and are fixed in this commit:
1. Create an (empty) Tenv per file. Previously, each file said there
will be a global Tenv, but no such global Tenv was ever saved. (There is
no static typing at all at the moment in the Erlang frontend.)
2. Procedures are now marked as defined. If the is_defined attribute is
false, then the analysis will not run even if the flowgraph in Procdesc
is nontrivial.
3. Non-dummy Start/Exit nodes for Procdesc. When a Procdesc is created,
it gets dummy Start/Exit nodes. These dummy nodes have a dummy location,
which causes debug output to have wrong directories/links.
4. Filenames from Erlang function names. By default, the verbose
procedure name was used to make file names for the debug output. But,
Erlang function names contain '/', which doesn't play well with
filenames. That's now replaced by '#' for the purposes of constructing
filenames.
Reviewed By: jvillard
Differential Revision: D29166049
fbshipit-source-id: 48346a05b
Summary:
Generates Sil instructions for Erlang some expressions:
- empty list: e.g. []
- cons: e.g. [1,2]
- atom literals: e.g. ok
- string literals: e.g. "foo"
- calls to particular (no higher-order), unqualified functions
Differential Revision: D28996467
fbshipit-source-id: fc7f7e3e9
Summary: Associations in map patterns should only be exact (`:=`). We did not validate this previously (D28832961 (65884018dc)), because we didn't have certain AST transformation passes that would eliminate some special functions that allowed invalid association kinds (later removed by transformation). However, with D29103633 (25711189a8), we get the AST from a different source and these invalid cases are removed, so the check is added.
Reviewed By: mmarescotti
Differential Revision: D29162325
fbshipit-source-id: a47d9f05d
Summary: This workflow still uses the parse transform hook to detect which files are compiled. The parse transform now adds an entry to a list of compiled BEAMs that will be traversed after compilation by the new `extract.escript` to produce the JSON ASTs in the provided outdir.
Differential Revision: D29103633
fbshipit-source-id: 12b8720f4
Summary: There was a typo (probably copy paste) in an error message for unknown unary operators in the Erlang frontend.
Differential Revision: D29062028
fbshipit-source-id: b79e783ba
Summary:
The formatting of sugared list syntax regressed with
https://github.com/ocaml-ppx/ocamlformat/pull/1567.
Reviewed By: ngorogiannis
Differential Revision: D28907812
fbshipit-source-id: 16ad68218
Summary: The llvm code to avoid formatting is now under `vendor` not `llvm`.
Reviewed By: da319
Differential Revision: D28907808
fbshipit-source-id: ae9444f49
Summary:
Implement validator for Erlang AST to check various invariants and well-formedness constraints (based on https://erlang.org/doc/apps/erts/absform.html), including:
- Restrictions on expressions used as patterns
- Restrictions on expressions used as guards
- Case and catch clauses have 1 pattern
- If clause has no patterns
See comments for some limitations:
- Some constraints would require type information (e.g., unary/binary operators in patterns/guards), we are not enforcing these yet.
- Map patterns can only have `:=` association, except in some special functions that get translated during compilation. However, we get the AST before these transformation so we are not enforcing this rule yet.
Reviewed By: rgrig
Differential Revision: D28832961
fbshipit-source-id: 7df4425e4
Summary:
{F623534971}
instead, we want the procedure name/type to be stylized as code
Reviewed By: skcho
Differential Revision: D29027480
fbshipit-source-id: 35f8e0c4a
Summary:
Patterns like X, [], [H | T], [X, Y | T] should now be translated.
Also, environment now stores Location.t rather than SourceFile.t: this
simplifies tracking locations during translation.
Reviewed By: skcho
Differential Revision: D28873581
fbshipit-source-id: 09171f9bf
Summary: The `Utils` module has another version of try-finally than can swallow exceptions from the restart scheduler. This diff fixes that, but has to also fix the dependency cycle introduced between `SymOp` and `Utils`. This is done by extracting the exception handling from `SymOp` into a new base module `Exception`.
Reviewed By: jvillard
Differential Revision: D28930082
fbshipit-source-id: 7894d8c89
Summary:
We were defaulting to treating some values as strings regardless of
their intended types. In particular, for options that take no arguments
this was making it impossible to specify them in .inferconfig. Now they
take "null" as argument.
Reviewed By: ezgicicek
Differential Revision: D28959484
fbshipit-source-id: 46327f3d3
Summary:
Bumps [ws](https://github.com/websockets/ws) from 6.2.1 to 6.2.2.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/websockets/ws/commits">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ws&package-manager=npm_and_yarn&previous-version=6.2.1&new-version=6.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/facebook/infer/network/alerts).
</details>
Pull Request resolved: https://github.com/facebook/infer/pull/1451
Reviewed By: skcho
Differential Revision: D28929739
Pulled By: jvillard
fbshipit-source-id: b0bcd031c
Summary: Adapted the AST to reflect the official [documentation](https://erlang.org/doc/apps/erts/absform.html): a clause can have a *guard sequence*, which is a list of *guards*. Each *guard* is a list of *guard tests*. A *guard test* is a (restricted) expression. Therefore, in the AST we now have `guard_test = expression`, and a clause has `guard_test list list`. Furthermore, the JSON translator simply applies `to_expression` to the 2D list, instead of flattening one level with `andalso`. Using `andalso` to flatten was wrong because it handles exceptions differently, see [note](https://learnyousomeerlang.com/syntax-in-functions#guards-guards).
Reviewed By: rgrig
Differential Revision: D28936558
fbshipit-source-id: 510930998
Summary:
- Break down large and deeply nested report function for readability
- Move callees closer to callers
Reviewed By: skcho
Differential Revision: D28873391
fbshipit-source-id: fc3f22708
Summary:
Add a mode which executes randomly-chosen paths depth-first, without
duplicating the work of executing shared prefixes. This mode is to be
used when hoping to get lucky and quickly choose a path that exhibits
a bug, but is slower to achieve coverage than the default.
Differential Revision: D27996963
fbshipit-source-id: 20a7a32c5
Summary:
Make the biabduction machinery for detecting (biabduction) exceptions that can be swallowed recognise the one thrown by the restart scheduler.
The dependency hierarchy requires declaring that exception in `base`.
Reviewed By: jvillard
Differential Revision: D28773898
fbshipit-source-id: 2136346da
Summary:
Translates case_clause, ignoring guards for now.
Also, refactored a bit `translate_one_function`, because trying cases
one by one in sequence is similar to trying argument patterns one by
one in sequence.
Also, changed the strategy for storing the value of an (Erlang)
expression: instead of letting the translation function decide where to
put the result and return their choice (in a `block`), the choice is
done at a higher level and passed down in the environment. (This means,
for example, theres no need to copy the result of each case_clause to
the special `return` variable of the function.)
Reviewed By: skcho
Differential Revision: D28834672
fbshipit-source-id: d5d33be5f
Summary: Die loudly if DB to merge is not accessible, before even getting to the Sqlite statement.
Reviewed By: skcho
Differential Revision: D28872539
fbshipit-source-id: af38edd9a
Summary:
`Initializer` is used (mostly by Nullsafe) to signal that a method will only be run from/as a constructor, even if public.
RacerD should recognise this annotation; this diff makes RacerD treat methods annotated as `Initializer` like constructors with regards to the ownership of the receiver object.
Reviewed By: skcho
Differential Revision: D28748068
fbshipit-source-id: 5dd060865
Summary: The number of times summaries get overwritten is useful as a measure of wasted work. Use a hashtable to remember how many times each procedure is overwritten. Use integers as the keys to avoid wasting memory, with the keys set to the string hashes of the procedure UID.
Reviewed By: ezgicicek
Differential Revision: D28794862
fbshipit-source-id: b2737ab23
Summary: Sometimes the type definition is missing, especially in not-well supported build systems. When missing, default to true if on Java since you'd have to explicitly select a non-recursive one on purpose, and vice versa for clang.
Reviewed By: jvillard
Differential Revision: D28745172
fbshipit-source-id: 8b0e26e1a
Summary:
This seems like a bug in opam, probably started after we moved the opam
files to opam/ in D27326495 (673c944fc3). I reported the strange behaviour in
https://github.com/ocaml/opam/issues/4313#issuecomment-853179145.
Reviewed By: rgrig
Differential Revision: D28837624
fbshipit-source-id: f91a58dbc
Summary:
This handles function definitions. (Expressions, aka function bodies,
are not translated.)
Reviewed By: skcho
Differential Revision: D28606721
fbshipit-source-id: 0fd5dc57e
Summary:
Some funky C++ way of calling the parent's constructor triggers a
function in the frontend that used to reverse the order of parameters.
Reviewed By: skcho
Differential Revision: D28832500
fbshipit-source-id: 1032de2ca
Summary:
Unknown functions may create false positives as well as false negatives
for Pulse. Let's consider that unknown functions behave "functionally",
or at least that a functional behaviour is a possible behaviour for
them: when called with the same parameter values, they should return the
same value.
This is implemented purely in the arithmetic domain by recording
`v_return = f_unknown(v1, v2, ..., vN)` for each call to unknown
functions `f_unknown` with values `v1`, `v2`, ..., `vN` (and return
`v_return`). The hope is that this will create more false negatives than
false positives, as several FPs have been observed on real code that
would be suppressed with this heuristic.
The other effect this has on reports is to record hypotheses made on the
return values of unknown functions into the "pruned" part of formulas,
which inhibits reporting on paths whose feasibility depends on the
return value of unknown functions (by making these issues latent
instead). This should allow us to control the amount of FPs until we
model more functions.
Reviewed By: skcho
Differential Revision: D27798275
fbshipit-source-id: d31cfb8b6
Summary: Auditing exception handling so as to remove catch-all clauses that could potentially swallow exceptions from the restart scheduler.
Reviewed By: jvillard
Differential Revision: D28772739
fbshipit-source-id: 99a8d516d
Summary:
Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 1.3.1 to 1.3.4.
<details>
<summary>Commits</summary>
<ul>
<li><a href="ebdf849da5"><code>ebdf849</code></a> 1.3.4</li>
<li><a href="ac578722f2"><code>ac57872</code></a> move all allocUnsafes to allocs for easier maintenance</li>
<li><a href="c64c9507e5"><code>c64c950</code></a> 1.3.3</li>
<li><a href="0598ba19d1"><code>0598ba1</code></a> fix .. in encodingLength</li>
<li><a href="010aedb33c"><code>010aedb</code></a> 1.3.2</li>
<li><a href="0d0d593f8d"><code>0d0d593</code></a> backport encodingLength fix to v1</li>
<li>See full diff in <a href="https://github.com/mafintosh/dns-packet/compare/v1.3.1...v1.3.4">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dns-packet&package-manager=npm_and_yarn&previous-version=1.3.1&new-version=1.3.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/facebook/infer/network/alerts).
</details>
Pull Request resolved: https://github.com/facebook/infer/pull/1449
Reviewed By: ngorogiannis
Differential Revision: D28795053
Pulled By: jvillard
fbshipit-source-id: 5a0f6cf79