Summary:
When someone runs --changed-only mode, there is a risk of corrupting the results
for future analyses. The problem is that changed-only mode does not analyze the callers of changed
procedures. If a subsequent analysis relies on the specs of one of these callers, they will be stale
and may give the wrong results. To be concrete, let's say we know `Parent.foo()` calls `Child.bar()` and we do the following rounds of analysis:
Analysis round 1: Analyze all files, including `Parent` and `Child`
Analysis round 2: Analyze `Child.bar()` only with `--changed-only flag`. `Parent.foo()` is now stale.
Analysis round 3: Add procedure `Parent.baz()` that calls `Parent.foo()`, analyze in (any) incremental mode.
The analysis will only analyze `Parent.baz()`. However, the specs for `Parent.foo()` are stale and may give us bad results for `Parent.baz()`. We want the analysis to re-analyze `Parent.baz()`, but before this diff it will not.
This diff fixes this problem by adding a `STALE` status bit to procedure summaries. In `--changed-only` mode,
the callers of a changed procedures are not re-analyzed, but their summaries are marked as stale. For both
`--changed-only` and regular incremental mode, callees of changed procedures that are marked as stale are
re-analyzed even if they have not changed. This is better than a more obvious solution like deleting stale
procedure summaries, since that would force the next analysis to re-analyze all stale procedures even if it
does not need the results for whatever analysis it is doing. This scheme implemented in this diff ensures
that each analysis only does the work that it needs to compute reliable results for its changed procedures.
Summary:
It can be useful in some situations for Infer to exit with an error code in
case it found a bug. A bug is anything Infer reports in infer-out/report.json.
This adds a flag `--fail-on-bug` to the toplevel infer script.
closes#139
Summary:
Use the new clang plugin that outputs biniou instead of Yojson. This binary format is more compact, which makes the frontend a little faster (5 to 10%).
@update-submodule: facebook-clang-plugins
Summary:
Passing the list of SuppressWarnings annotations detected during the compilation to InferPrint. The next step will be to add support for error filtering in .inferconfig and use the same mechanism. The annotation processor will generate an .inferconfig like config file and use it to suppress the reports.
Summary:
In order to use the annotation processor to detect the classes and methods annotated with `@SuppressWarnings`, we need to modified javac commands of the form:
javac -cp classpath File.java
into:
javac -cp annotations/processor.jar:classpath File.java
This diff is just a non-functional re-factoring step.
Summary:
Procdesc comparison can be fragile because internal variable names
and source positions in a procedure can vary even if the procedure stays exactly the
same. This diff makes pdesc comparisons less fragile by defining structural comparsions
over instructions, nodes and expressions. These structural comparsions work by lazily
creating a mapping between names in the two procdesc's that and checking that the mapped
names are used consistently.
Summary:
Use the map of pointers to find method declarations and build method signatures.
Remove the need for having an extra map for method signatures (and remove that map).
Summary:
Setting up a basic annotation processor. Right now, the processor
just saves a map of class -> methods that should be suppressed. Next, this map
needs to be turned into a .inferconfig file.
Summary: Another step toward getting procedure-level incrementality for Infer. Here, we just assume that *all* procs in a file have changed when the file changes, but we will filter this list using the pd_changed field of the procdesc for each procedure in the future.
Summary: Handler.postDelayed keeps a persistent reference to its Runnable argument that may cause a memory leak if an Activity is reachable from the Runnable.
Summary: The Nullable checker reported FP's when a Nullable field/param was reassigned to a non-Nullable value in the footprint. This diff fixes the problem.
Summary:
The @NonNull annotation, with camel case, can now be used to inform Eradicate that some fields that are not initialized by the constructor can be initialized by other means, e.g. via dependency injection.
Summary:
This test was actually testing: "at least one Field not initialized error is found" where we actualy want to test "exactly one Field not initialized error is found". The case of @Inject was also missing from the tests.
Summary:
see title. It will make number of arguments
less ridiculous and make it easier to share C/C++ structs.
Another diff that adds base class information for C++ will
follow.
This change is big enough to deserve separate diff
Summary:
This diff allows to use to make Infer failing when using the function `failwith`. This is especially useful to use while applying complex refactoring.
Summary: Infer cannot tell if a procdesc has changed across procedure runs. If we want procedure-level incrementality, it has to know how to compute this information. This diff implements this capability by comparing a procdesc to an existing one before it is saved to disk, and marking the new one as unchanged if applicable.
Summary:
Handle C++ method declarations and create cfgs for them.
Doesn't do:
Method calls (CXXMethodCall)
Using `this` expression in methods (including implicit ones)
Summary:
Refactor of creating method signatures. First step to use the map of pointers to find method declarations.
The idea is to have a function that creates a method signature from a declaration, later we can get the declaration from a pointer
and use this function to retrieve the method signature.
(authored by @dulmarod)
Summary:
Add basic translation for C++ `new` keyword.
Currently, it's modeled as simple `malloc` call.
Following constructs are still not working properly:
- array new `new [size_expr]`
- run initializer attached to `new` (such as `new int(5)`)
- `delete[]`
Summary:
When detecting a resource leak, Infer used to raise an Leak exception and then prevent the specs to be computed for the paths containing a leak. This diff prevents resource leak to stop the analysis.
Summary:
1. Unify the code now that MemberExpr has more information available and it can be shared with ObjCIvarRefExpr
2. Use type from decl_ref instead of expression type. For methods, expression type is useless (`<bound something something`>). For fields it should be the same
Summary:
No longer swallow compilation failures for javac. Before this diff, the compilation failures where raised:
> infer -- javac Test.java
Test.java:5: error: ';' expected
static String str = "Hello"
^
1 error
but the exit code was incorrect:
> echo $?
0
With this diff, the failing command is printed in standard error:
> infer -- javac Test.java
Javac compilation error with:
['javac', '-g', 'Test.java', '-J-Duser.language=en']
and the exit code is different from 0.
> echo $?
1
Summary:
Creating a persistent reference to an Activity leads to a nasty form of memory leaks (see http://android-developers.blogspot.com/2009/01/avoiding-memory-leaks.html, https://corner.squareup.com/2015/05/leak-canary.html). There are many ways to create a bad persistent reference to an Activity, but the most obvious one is via a static field.
This diff implements a very simple form of Activity leak checking by inspecting postconditions to see if a subtype of Activity is reachable from a static field (and it reports an error if so). This is a very simple and limited form of leak checking that does not understand the Android lifecycle at all. In particular, if one creates a persistent reference to an Activity and then nulls it out in `onDestroy` (a reasonably common pattern), this approach will wrongly report a bug.
Summary:
The methods in objc can have the same name in the same class, but one be instance and the other class,
so that we need to take the instance flag into account when defining unique names for ObjC methods.
Summary:
This is mostly useful to authors of annotation processors and
`javac`-based static analysis tools. The nullable return models
cover these packages pretty comprehensively (with the exception
of the various visitor classes). The non-nullable parameter models
are mostly there to help make the nullable return models more useful,
as some codepaths will pass a nullable object to one of the utility
classes but never actually invoke a method on the nullable object itself.
Summary:
While `-results_dir` is still the main place to look for specs files and to write reports,
it's necessary to load specs from multiple folders because some build tools that run Infer with a target-level granularity may need to move specs files around in order to get complete reports, whereas with this change they just need to keep track of the `specs` folders generated for each target, and pass them through `-lib dir1 -lib dir2 ... -lib dirN`
Summary:
Buck is creating javac compilation commands with arguments of the form:
-Opt={"list": ["pif", "paf", "pouf"]}
While converting command lines from bash to python, these option gets split into
['-Opt={"list":', '["pif",', '"paf",', '"pouf"]}']
instead of:
['-Opt={"list": ["pif", "paf", "pouf"]}']
which create the compilation to fail when running Infer even though the original files are compiling correctly.
Summary:
The symbolic execution was not stopping in case an unitialized dangling pointer was
passed to a function and then dereferenced inside the callee.
What would happen is that a wrong footprint would be added to the unititialized pointer
at the end of the function call in the caller proposition.
This checks that if we do:
frame * new_footprint
checks that we do not add heap predicates to the frame into uninitialized local variables.
If we can identify the variable then we raise a danglind pointer dereference. If instead
we cannot give a good explanation we give an internal error.
The latter case should be temporary. We should find a general way to raise dangling pointer
deref instead of the internal error.
I also fixed the model of getc that was the way I found the problem.
Summary:
Update fcp version and make infer build with it.
It's not using new features yet, diffs will follow.
New stuff:
Proper type information in form of pointer->type
Expose more information about cxx classes (superclass info)
Add pointers to objc method decls when possible
Summary:
This is small code cleanup of the code to report leaks. No functional changes, just removing code that is longer used and reorganising the control flow.
Summary:
This commit is the result of
`find infer/src -name '*.ml' -or -name '*.mli' -exec ocp-indent -i \{\} \;`
and
`INFER_CHECK_COPYRIGHT=1 InferPrint`
Summary:
The old scheme for pruning away garbage from abducted retvars/abducted params passed by ref failed to eliminate garbage in the pure constraints (pi). This occasionally caused PRECONDITION_NOT_FOUND errors that stop the analysis.
Summary:
In preparation for C++ methods, we need to have type with
class, method, mangled (for overloading?)
1. Change objc method to support it
2. Do some renames to be less confusing
Summary:
Added phase to construct (incomplete) CFG from existing AST.
Individual instructions are not yet translated so any nonempty functions will
result in a runtime exception.
Added some very short examples of LLVM programs.
Summary:
This adds a sentinel check every time a function carrying a sentinel attribute
is called, regardless of whether we have a definition for that function or not.
Summary:
In objC we already prefix field names with classes.
It's better to make it consistent since it'll allow
us to share more code between C++ and objC
Summary:
The json files that were written by json.dump were valid, machine readable but they had no indentation/return lines making them a long single line and hard to read. Dump the json with an indent of
2.
Closes https://github.com/facebook/infer/pull/149
Github Author: =?UTF-8?q?Deniz=20T=C3=BCrkoglu?= <deniz@spotify.com>
Summary:
Add a partial copy of TextUtils from Android source for commonly used TextUtils.isEmpty method.
Fixes#141
Closes https://github.com/facebook/infer/pull/143
Github Author: Deniz Türkoglu <deniz@spotify.com>
Summary:
Bumping up the version of the libraries javalib and sawja to 2.3.1 and 1.5.1 respectively in order to use the upstream fix about classnames with $$.
Summary:
The models for InputStreamReader and OutputStreamWriter are taking into consideration the charset passed as parameter in order to follow the exception branch when the charset is not valid. However, the previsous models were only considering encoding literals with uppercase letters. This diff adds the lowercase encoding names to the list.
Closes https://github.com/facebook/infer/issues/127
Summary:
This adds support for having lookup from pointer to decl in C frontend
NOTE: with this diff atdgen 1.6 or later is required.
To upgrade atdgen, please run `opam install atdgen.1.6.0`
Summary:
The current way gradle plugin works is by parsing the verbose output to figure out which files to compile. This becomes a problem when the number of files exceed allowed argument parameter
length. Use javac's @sources file instead.
This patch will leave the tempfiles behind (also noted by Jyrki during the review), however I would like to leave that to a follow up commit and first make sure the tool works for people experiencing this problem.
Fixes#22
Closes https://github.com/facebook/infer/pull/131
Github Author: =?UTF-8?q?Deniz=20T=C3=BCrkoglu?= <deniz@spotify.com>
Summary:
inferTraceBugs filters the bugs to only show those which have a trace attached
to them. However, the number selected by the user would then be used in the
unfiltered list of bugs. This led to sometimes selecting the wrong bug from the
text interface and from the --select option.
Summary:
This makes infer C frontend compatible
with new scheme for naming which has:
1. plain name (like 'fun')
2. qualified name (reversed list like ['fun', 'class', 'top_class', 'namespace'])
Summary:
This attribute was used to tag arguments to variadic functions, as a way to
detect premature sentinels. The approach to detect premature sentinels has
changed making it obsolete.
Summary:
Treat `arrayWithObjects` as a special case of a sentinel attribute check. This
will make it easier to extend to other variadic functions that use a sentinel
attribute.
This also removes the need for the `Sil.Avariadic_function_argument` attribute,
which will be removed in a subsequent diff.
Summary:
the name of the return variable of a procedure only depends on the name of that procedure. This simplifies the need for the procedure description in a couple of places
Summary:
This is a refactoring diff with no functional changes in order to move the code using the procedure description of the callees in a single place, in order to replace the approach to use a summary instead in a subsequent step.
Summary:
This reverts commit 306f5b71c24042c89f71848898402cbc9269c543.
Turns out that developers think that this bugs should be fixed. So leaving it in for now until I gather more information.
Summary:
@public
There are many FPs of the form init method that contains
if ((self = [super initWithFrame:frame])) {
...
}
return self;
then an object being initialised with that constructor and added to an array or dictionary.
There we flag NPE and very likely that won't be a bug. So I'm removing the option for self
to be nil in the constructor, which should solve the problem.
Test Plan: Changed the relevant test.
Summary:
@public
Previously, if the close() method was throwing an exception, then code overriding the file attribute with a mem attribute would be skipped, resulting in reporting a wrong resource leak. This diff fixes this.
Test Plan: Added new end-to-end tests which would previously have been failing
Summary:
@public
Add support for default function arguments.
As a side change - always create cmethod_signature for a function
Test Plan:
1. Call function with default parameter and confirm that it gets parsed and reports null dereference (B5 but still). It didn't before.
2. Created a test case
Summary: @public JavacCapture does not have an args field, which crashes Python with an AttributeError if we hit self.args.debug. Replaced with the correct expression.
Test Plan: Cause AttributeError with small test case, error no longer happens after fix
Summary:
@public
This is a non-functional refactoring to remove the need for having the procedure description of the callee when execution function calls.
Test Plan: Infer CI. Expecting no change in the results.
Summary: @publicThe first argument of builtin calls in C gets translated twice, which is bad if the argument is a side-effecting expression like a function call.
Test Plan: Attached test previously reported a memory leak because the translation introduces an extra call to malloc(), now reports nothing.
Summary:
@public
utils.remove_bucket no longer exists and is no longer needed.
Test Plan:
cd ~/infer/examples
infer -- clang -c hello.c
inferTraceBugs
no longer crashes
Summary:
This patch forces javac to report verbose output in English.
In my environment, the debug report in Japanese had caused Parsing.Parse_error at
https://github.com/facebook/infer/blob/master/infer/src/java/jClasspath.ml#L108.
This patch solved the error I encountered on compiling Hello.java.
I think `$ infer -- javac -J-Duser.language=ja Hello.java` will reproduce my bug if system supports the language. (My patch will not work with this case since the argument-specified language will override the language setting.)
Possible related issue: #30
Closes https://github.com/facebook/infer/pull/94
Github Author: Tomoyuki Saito <aocchoda@gmail.com>
Test Plan: Imported from GitHub, without a `Test Plan:` line.
Summary:
@public
Translate CXXStaticCastExpr
Test Plan:
Add test, confirm that it gets translated.
Also create example to see that infer reports null dereference with this change:
struct X { int a; };
int main() {
X *x = static_cast<X*>(nullptr); // <- reports now
//X *x = (X*)nullptr; // <- reported before
return x->a;
}
Summary:
@public
Currently InferAnalyze always adds bucket to the message. Later, python code
strips it, but not everywhere. Changes:
1. Since it's easy to not write bucket in ocaml, stop writing them by default.
2. Add option to print them to InferAnalyze and pass it if infer is in debug mode.
Test Plan:
1. Run on openssl, confirm that no bucket info is written to stdout and csv
2. Run on small example in debug mode and see buckets on stdout
Summary:
@public
Make c frontend understand CXXNullPtrLiteralExpr.
Note that the implementation differs from GNUNullExpr
Test Plan:
Create function that returns nullptr:
int* getPtr() {return nullptr;}
look at specs:
InferPrint infer-out/specs/getPtr\{831F\}.specs
Procedure: getPtr
int *getPtr()
Timestamp: 1
Status: INACTIVE
Phase: RE_EXECUTION
Dependency_map:
TIME:0.002853 s TIMEOUT:N SYMOPS:10 CALLS:1,0
ERRORS:
--------------------------- 1 of 1 [nvisited: 1] ---------------------------
PRE:
POST 1 of 1:
return = null:
----------------------------------------------------------------
Add test for it
Summary:
@public
Remove setjmp that is causing problems in the models in linux.
Will investigate and add it again later.
Test Plan: All the models are now created. In particular strcpy, strdup and a few others in the beginning of the file.
Summary:
@public
Using InferBuiltins.assume previously caused an assertion failure in the analyzer. Fixed this, and fixed the implementation of the assume builtin to block when the assumed condition cannot hold.
Test Plan: Added several new tests.
Summary:
@public
Modeling bypasses the Closeable as resource assumption for `java.io.StringReader`, `java.io.ByteArrayInputStream` and `java.io.ByteArrayOutputStream`.
Test Plan: Infer CI. Some resource leak should also disappear on Instagram.
Summary:
@public
Sorting the fields in structs and classes. Was needed in the backend and forgotten.
Fixes the github issue https://github.com/facebook/infer/issues/90.
Test Plan: Added a new test that shows that we now get a spec for the example from the github issue.
Summary:
@public
Add some logging to the script and capture modules so it is easier to troubleshoot.
What will be logged:
versions of infer, platform, versions of java, build systems etc.
In the future we will add more info that we might find useful while troubleshooting
Test Plan:
run infer with gradle, ant, buck, xcode, mvn and see the logging output
Run symbolic link pointing to infer:
[INFO] Path to infer script /Users/akotulski/tmp/infer_link (/Users/akotulski/infer/infer/bin/infer)
Summary:
@public
The models for Java no longer require to keep the original fields since we now make the union of the fields from the models and the fields from the code to analyze.
Test Plan: Infer CI. No functional change intended.
Summary:
@public
The empty string '' is a valid classpath information. This diff parses it and skips it when detecting the parts of the classpath. This case is happening when analyzing Buck. This one be one possibility why Infer does not load any bytecode in some cases, leading the
TODO: print error message
failure happening with the release (now `Failed to load any Java source code`).
Test Plan: Infer CI.
Summary:
@public
Adds a small example of a Ant project in order to test that there is not regresssion when modifying the toplevel scripts
Test Plan:
cd infer/tests/codetoanalyze/java/infer
ant clean && infer -- ant compile
Summary:
@public
This will enable support for the same set of arguments already supported by the `make` module, e.g. `--frontend-stats`, `--frontend-debug`
Test Plan:
Tested on an Xcode project with the `-fs` argument, and checked that `.astlog` files have been generated on the same location of the .o files
infer -fs -- xcodebuild -workspace Project.xcworkspace -scheme Project -sdk iphonesimulator
Summary:
@public
Attaching the resource attribute to the object allows to more easily remove this attribute during the symbolic execution when the resource is passed as a argument, e.g. with `res.close()` or when this resource is passed around via a skipped function.
Test Plan: Infer CI.
Summary:
@public
This adds basic support for function attributes in Sil, and for translating
attributes from the clang frontend to these new Sil attributes. For now only
the sentinel attribute is translated.
Note that attributes normally have parameters, but they are currently missing
from the clang plugin.
Test Plan:
Add
(match Sil.get_sentinel_func_attribute_value (Cfg.Procdesc.get_attributes callee_pdesc).Sil.func_attributes with
| Some _ -> L.out "found sentinel attribute!\n"
| _ -> ());
between lines 947 and 948 of symbExec.ml, then analyze a file containing:
int add_all_ints(int a, ...) __attribute__ ((sentinel));
int foo(void) { return add_all_ints(1, 2, 3, (void *)0); }
then `grep 'found sentinel' infer-out/log/analyzer_out`
-> the sentinel attribute is correctly passed from the frontend to the backend.
Summary:
@public
- Remove `No such file or directory` unrelated errors when building Infer for Java only:
line 0: cd: infer/../facebook-clang-plugin: No such file or directory
- Remove makefile comments from stdout
Test Plan:
Ran this command without any checkout of `facebook-clang-plugins`
make -C infer java
The misleading error messages are gone.
Summary:
@public
This is a workaround to a clang crash that happens whenever `-fmodules` and `YojsonASTExporter` are used together.
This workaround, uses the `-plugin` argument instead of `-add-plugin` one for the clang frontend, and as a result of that, it overrides the default action of clang, which means no object files are emitted, but just the AST.
To generate the missing data needed by the subsequent building phases of xcodebuild, we run Apple's clang.
Test Plan:
Compiled project containing Pods and `@import`, through a command of the form:
infer -- xcodebuild -workspace project_name.xcworkspace -scheme project_name -sdk iphonesimulator
Summary:
@public
The clang location information is described in an incremental way: each location information is a delta with respect to the previous one in the AST. This is based on a the visit of the AST nodes which corresponds to the order in which the lines are printed with the standard clang AST dump:
clang -cc1 -ast-dump filename.c
This diff adds a preprocessing phase to the front-end so that location information is composed during a visit, and explicit location information is used instead.
In the case of include files, we report the last known location before including the file.
The current file for a function is the file where it is defined. So if a function is entirely defined in a .h file, then the location information will consistently be about the .h file. If instead a function is defined in the source file being analyzed, and some AST nodes come from macro expansion, line information will refer to the original file.
The front-end tests reveal that the location information was incorrect in a few dot files.
Test Plan: arc unit, after having fixed the wrong location in the existing .dot files
Summary:
report_number is zero before the conditions
Closes https://github.com/facebook/infer/pull/74
Github Author: Chase choi <cs09gi@gmail.com>
Test Plan: Imported from GitHub, without a `Test Plan:` line.
Summary:
While working on building a quick Homebrew formula for this, I ran into symlink-related issues around the libs folder. This seems to fix it with minimal impact.
Closes https://github.com/facebook/infer/pull/13
Github Author: Dan Ambrisco <dambrisco@gmail.com>
Test Plan: Imported from GitHub, without a `Test Plan:` line.
Summary:
@public
This adds a script `inferTraceBugs` to `infer/bin/` that
1. shows the list of bugs found by Infer to the user
2. asks which one to display
3. asks what max level of nested procedure calls to display
4. shows the error trace of that bug with some lines of context in the source
code
Also has some options to script more easily, for instance when calling it from
inside an editor to navigate the sources.
Test Plan:
infer -o out -- gcc -c hello.c
inferTraceBugs -o out
also tested on OpenSSL.
In emacs, run `M-x compile` from the directory where `infer-out` is, then enter custom compilation command:
inferTraceBugs --select 0 --max-level max --no-source
Then navigate the trace with `M-g n`.
Summary:
@public
Even though internally we recover from these errors, we still show them on
standard output. Redirect errors to /dev/null instead.
Test Plan:
infer -- buck build target
doesn't complain that git crashes on non-git repositories.
Summary:
@public
This changes "Starting analysis" into
"Starting analysis (Infer version XXX)".
Test Plan:
infer -- clang -c hello.c
shows "Starting analysis (Infer version git-6b9fb8838bcabd2af881554d296963a849b14f50)"
Summary:
@public
We were counting the number of matches for `infer-out/captured/*/*.cfg`, but
some ways of running infer (eg, inferJ) do not produce cfgs. Instead, count the
number of directorys `infer-out/captured/*/`.
Test Plan:
make -C infer java
reports the number of models analysed instead of 0.