Summary: public anonymous types have file:line in its name.
Since file is relative path, type name can have '/' in its name.
This is very fragile since we might create file wiht typename in its name (for example for methods).
Replacing '/' with '_' should make frontend more resilient to failure.
Translation of anonymous structs is still pretty fragile (due to relative path in its name),
but at least it doesn't crash frontend
Reviewed By: dulmarod
Differential Revision: D2559936
fb-gh-sync-id: 647fd7f
Summary: public
C++ assignment operation result is lvalue, while in C it was rvalue.
This leads to different AST produced by clang for then same code!
Use language information from clang (`-x` flag) to distinguish these cases.
More specifically, let's look at following code:
int r;
int f = (r = 3);
// type of (r = 3) expression:
// C/objC -> int rvalue
// C++/objC++ -> int lvalue
Existing code did extra dereference because it was rvalue in C and there was no cast afterwards
in C++ there will be extra LValueToRvalue cast when neccesary so we don't have to do extra dereference manually
Reference:
http://en.cppreference.com/w/c/language/value_category (search for 'assignment and compound assignment operators')
NOTE: AST output doesn't change when something is hidden behind `extern "C"`, so we should use global language information
Reviewed By: ddino
Differential Revision: D2549866
fb-gh-sync-id: b193b11
Summary: @public
This removes the old way of finding variable declarations to create sil variables and replaces it with
a a new way based on the map from pointers to declarations.
Basically, every variable dereference contains a pointer to the variable declaration, with that we can
build the corresponding sil variable.
Reviewed By: @akotulski
Differential Revision: D2536000
fb-gh-sync-id: dd29cf9
Summary:
This is the second of 3 stack diffs to deal with replacing the parser of types.
This diff is about changes to translate record types, as well as class types and enum
types. For class types and enum types we store the declaration pointer in the map of
types to find the type easier later.
For record declarations, we change the way we build record names.
Moreover, we don't translate typedefs anymore, because when we have a pointer to a typedef,
we can find the actual type it points to.
Summary:
each procedure has a different scope, so we can restart the fresh name generator and have more stable instructions in the cfg, that don't change when other procedures are changed
Summary:
The symbolic execution was not stopping in case an unitialized dangling pointer was
passed to a function and then dereferenced inside the callee.
What would happen is that a wrong footprint would be added to the unititialized pointer
at the end of the function call in the caller proposition.
This checks that if we do:
frame * new_footprint
checks that we do not add heap predicates to the frame into uninitialized local variables.
If we can identify the variable then we raise a danglind pointer dereference. If instead
we cannot give a good explanation we give an internal error.
The latter case should be temporary. We should find a general way to raise dangling pointer
deref instead of the internal error.
I also fixed the model of getc that was the way I found the problem.
Summary:
This adds a sentinel check every time a function carrying a sentinel attribute
is called, regardless of whether we have a definition for that function or not.
Summary:
In objC we already prefix field names with classes.
It's better to make it consistent since it'll allow
us to share more code between C++ and objC
Summary: @publicThe first argument of builtin calls in C gets translated twice, which is bad if the argument is a side-effecting expression like a function call.
Test Plan: Attached test previously reported a memory leak because the translation introduces an extra call to malloc(), now reports nothing.
Summary:
@public
Sorting the fields in structs and classes. Was needed in the backend and forgotten.
Fixes the github issue https://github.com/facebook/infer/issues/90.
Test Plan: Added a new test that shows that we now get a spec for the example from the github issue.
Summary:
@public
The clang location information is described in an incremental way: each location information is a delta with respect to the previous one in the AST. This is based on a the visit of the AST nodes which corresponds to the order in which the lines are printed with the standard clang AST dump:
clang -cc1 -ast-dump filename.c
This diff adds a preprocessing phase to the front-end so that location information is composed during a visit, and explicit location information is used instead.
In the case of include files, we report the last known location before including the file.
The current file for a function is the file where it is defined. So if a function is entirely defined in a .h file, then the location information will consistently be about the .h file. If instead a function is defined in the source file being analyzed, and some AST nodes come from macro expansion, line information will refer to the original file.
The front-end tests reveal that the location information was incorrect in a few dot files.
Test Plan: arc unit, after having fixed the wrong location in the existing .dot files