Summary: The `Utils` module has another version of try-finally than can swallow exceptions from the restart scheduler. This diff fixes that, but has to also fix the dependency cycle introduced between `SymOp` and `Utils`. This is done by extracting the exception handling from `SymOp` into a new base module `Exception`.
Reviewed By: jvillard
Differential Revision: D28930082
fbshipit-source-id: 7894d8c89
Summary:
We were defaulting to treating some values as strings regardless of
their intended types. In particular, for options that take no arguments
this was making it impossible to specify them in .inferconfig. Now they
take "null" as argument.
Reviewed By: ezgicicek
Differential Revision: D28959484
fbshipit-source-id: 46327f3d3
Summary:
Bumps [ws](https://github.com/websockets/ws) from 6.2.1 to 6.2.2.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/websockets/ws/commits">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ws&package-manager=npm_and_yarn&previous-version=6.2.1&new-version=6.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/facebook/infer/network/alerts).
</details>
Pull Request resolved: https://github.com/facebook/infer/pull/1451
Reviewed By: skcho
Differential Revision: D28929739
Pulled By: jvillard
fbshipit-source-id: b0bcd031c
Summary: Adapted the AST to reflect the official [documentation](https://erlang.org/doc/apps/erts/absform.html): a clause can have a *guard sequence*, which is a list of *guards*. Each *guard* is a list of *guard tests*. A *guard test* is a (restricted) expression. Therefore, in the AST we now have `guard_test = expression`, and a clause has `guard_test list list`. Furthermore, the JSON translator simply applies `to_expression` to the 2D list, instead of flattening one level with `andalso`. Using `andalso` to flatten was wrong because it handles exceptions differently, see [note](https://learnyousomeerlang.com/syntax-in-functions#guards-guards).
Reviewed By: rgrig
Differential Revision: D28936558
fbshipit-source-id: 510930998
Summary:
- Break down large and deeply nested report function for readability
- Move callees closer to callers
Reviewed By: skcho
Differential Revision: D28873391
fbshipit-source-id: fc3f22708
Summary:
Add a mode which executes randomly-chosen paths depth-first, without
duplicating the work of executing shared prefixes. This mode is to be
used when hoping to get lucky and quickly choose a path that exhibits
a bug, but is slower to achieve coverage than the default.
Differential Revision: D27996963
fbshipit-source-id: 20a7a32c5
Summary:
Make the biabduction machinery for detecting (biabduction) exceptions that can be swallowed recognise the one thrown by the restart scheduler.
The dependency hierarchy requires declaring that exception in `base`.
Reviewed By: jvillard
Differential Revision: D28773898
fbshipit-source-id: 2136346da
Summary:
Translates case_clause, ignoring guards for now.
Also, refactored a bit `translate_one_function`, because trying cases
one by one in sequence is similar to trying argument patterns one by
one in sequence.
Also, changed the strategy for storing the value of an (Erlang)
expression: instead of letting the translation function decide where to
put the result and return their choice (in a `block`), the choice is
done at a higher level and passed down in the environment. (This means,
for example, theres no need to copy the result of each case_clause to
the special `return` variable of the function.)
Reviewed By: skcho
Differential Revision: D28834672
fbshipit-source-id: d5d33be5f
Summary: Die loudly if DB to merge is not accessible, before even getting to the Sqlite statement.
Reviewed By: skcho
Differential Revision: D28872539
fbshipit-source-id: af38edd9a
Summary:
`Initializer` is used (mostly by Nullsafe) to signal that a method will only be run from/as a constructor, even if public.
RacerD should recognise this annotation; this diff makes RacerD treat methods annotated as `Initializer` like constructors with regards to the ownership of the receiver object.
Reviewed By: skcho
Differential Revision: D28748068
fbshipit-source-id: 5dd060865
Summary: The number of times summaries get overwritten is useful as a measure of wasted work. Use a hashtable to remember how many times each procedure is overwritten. Use integers as the keys to avoid wasting memory, with the keys set to the string hashes of the procedure UID.
Reviewed By: ezgicicek
Differential Revision: D28794862
fbshipit-source-id: b2737ab23
Summary: Sometimes the type definition is missing, especially in not-well supported build systems. When missing, default to true if on Java since you'd have to explicitly select a non-recursive one on purpose, and vice versa for clang.
Reviewed By: jvillard
Differential Revision: D28745172
fbshipit-source-id: 8b0e26e1a
Summary:
This seems like a bug in opam, probably started after we moved the opam
files to opam/ in D27326495 (673c944fc3). I reported the strange behaviour in
https://github.com/ocaml/opam/issues/4313#issuecomment-853179145.
Reviewed By: rgrig
Differential Revision: D28837624
fbshipit-source-id: f91a58dbc
Summary:
This handles function definitions. (Expressions, aka function bodies,
are not translated.)
Reviewed By: skcho
Differential Revision: D28606721
fbshipit-source-id: 0fd5dc57e
Summary:
Some funky C++ way of calling the parent's constructor triggers a
function in the frontend that used to reverse the order of parameters.
Reviewed By: skcho
Differential Revision: D28832500
fbshipit-source-id: 1032de2ca
Summary:
Unknown functions may create false positives as well as false negatives
for Pulse. Let's consider that unknown functions behave "functionally",
or at least that a functional behaviour is a possible behaviour for
them: when called with the same parameter values, they should return the
same value.
This is implemented purely in the arithmetic domain by recording
`v_return = f_unknown(v1, v2, ..., vN)` for each call to unknown
functions `f_unknown` with values `v1`, `v2`, ..., `vN` (and return
`v_return`). The hope is that this will create more false negatives than
false positives, as several FPs have been observed on real code that
would be suppressed with this heuristic.
The other effect this has on reports is to record hypotheses made on the
return values of unknown functions into the "pruned" part of formulas,
which inhibits reporting on paths whose feasibility depends on the
return value of unknown functions (by making these issues latent
instead). This should allow us to control the amount of FPs until we
model more functions.
Reviewed By: skcho
Differential Revision: D27798275
fbshipit-source-id: d31cfb8b6
Summary: Auditing exception handling so as to remove catch-all clauses that could potentially swallow exceptions from the restart scheduler.
Reviewed By: jvillard
Differential Revision: D28772739
fbshipit-source-id: 99a8d516d
Summary:
Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 1.3.1 to 1.3.4.
<details>
<summary>Commits</summary>
<ul>
<li><a href="ebdf849da5"><code>ebdf849</code></a> 1.3.4</li>
<li><a href="ac578722f2"><code>ac57872</code></a> move all allocUnsafes to allocs for easier maintenance</li>
<li><a href="c64c9507e5"><code>c64c950</code></a> 1.3.3</li>
<li><a href="0598ba19d1"><code>0598ba1</code></a> fix .. in encodingLength</li>
<li><a href="010aedb33c"><code>010aedb</code></a> 1.3.2</li>
<li><a href="0d0d593f8d"><code>0d0d593</code></a> backport encodingLength fix to v1</li>
<li>See full diff in <a href="https://github.com/mafintosh/dns-packet/compare/v1.3.1...v1.3.4">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dns-packet&package-manager=npm_and_yarn&previous-version=1.3.1&new-version=1.3.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/facebook/infer/network/alerts).
</details>
Pull Request resolved: https://github.com/facebook/infer/pull/1449
Reviewed By: ngorogiannis
Differential Revision: D28795053
Pulled By: jvillard
fbshipit-source-id: 5a0f6cf79
Summary:
This complements a bug fix for InferSharp in which we weren't handling type-checking correctly.
Pull Request resolved: https://github.com/facebook/infer/pull/1447
Reviewed By: ngorogiannis
Differential Revision: D28772069
Pulled By: jvillard
fbshipit-source-id: be0210836
Summary:
Hi.
Thanks for the great tool!
This is just a simple correction for string literals in the `Util` module.
Pull Request resolved: https://github.com/facebook/infer/pull/1448
Reviewed By: ngorogiannis
Differential Revision: D28772080
Pulled By: jvillard
fbshipit-source-id: 36e2145c9
Summary:
This seems needed in some cases, might as well provide the option since
Infer is supposed to work with or without it.
Reviewed By: ngorogiannis
Differential Revision: D28712272
fbshipit-source-id: 35c0708f2
Summary: This diff prints cost and config impact checkers' json reports only for the changed files.
Reviewed By: ezgicicek
Differential Revision: D28707192
fbshipit-source-id: d949771f2
Summary:
Freenode.net has changed ownership and many communities are moving to
Libera.chat as a result.
Reviewed By: ngorogiannis
Differential Revision: D28708298
fbshipit-source-id: 4395adc55
Summary: Litho (https://fblitho.com/) does some operations in the background. Add RacerD messaging specific to Litho.
Reviewed By: ezgicicek
Differential Revision: D28675504
fbshipit-source-id: e76f9f538
Summary: Same as MustBeValid: we want to report the first error on the path.
Reviewed By: skcho
Differential Revision: D28674724
fbshipit-source-id: a2ac04b5b
Summary:
Add a new `PathContext.t` component to the abstract state. For now it
tracks only the current "timestamp" of symbolic execution inside the
procedure, i.e. which step of symbolic execution we are in (bumped by 1
each time we've executed one instruction). In the future this will also
hold, eg, which conditionals we've been through on the path (for
reporting traces with that information).
Most of the diff is about propagating the path context through many of
the APIs.
We use timestamps only in `MustBeValid` attributes to report the first
incorrect access in a function call for now.
Reviewed By: skcho
Differential Revision: D28674726
fbshipit-source-id: 2cd825e73
Summary:
It's better to remember the first reason why an address must be valid,
etc.
Reviewed By: skcho
Differential Revision: D28674729
fbshipit-source-id: 3b69de7ef
Summary:
Spoiler alert: we don't. The next diffs fix that.
When there are several invalid accesses to report at a function call
instruction, we want to report the first one to occur within the
function. This is to avoid confusing reports where pulse reports, eg, a
null dereference for a pointer at a point where it's already been
dereferenced before in the same function.
Reviewed By: skcho
Differential Revision: D28674730
fbshipit-source-id: acb029e4b
Summary:
That was just broken before, but apparently nothing cared. It's needed
for the next diffs.
Reviewed By: skcho
Differential Revision: D28674731
fbshipit-source-id: 2f080238b
Summary:
Each Erlang function now has a Procdesc in `results.db`. The
ProcAttributes record if a function is exported or not by using the
access Public or Private, respectively.
This adds also `ErlangTypeName`. We use a fixed set of "type names" for
the different types of values in Erlang (i.e., for Erlang's "dynamic types").
Reviewed By: jvillard
Differential Revision: D28385954
fbshipit-source-id: f8278505a
Summary:
Update the website to include nil related issues for objective-c
Also fixed a typo + syntax highlighting
Reviewed By: jvillard
Differential Revision: D28638621
fbshipit-source-id: 148f2dd3f
Summary:
This is needed for the next diff. It was a bit annoying to report leaks
in two different places, now it's just in one.
Reviewed By: skcho
Differential Revision: D28576768
fbshipit-source-id: 4f23b43cb
Summary:
Add an option for realloc and fiddle with the other options' help for
consistency.
Moved the memory leak test to memory_leak.c and added more.
Moved the place where we take the options into account closer to their
corresponding models to defend a bit against modifying one without
modifying the other.
Reviewed By: da319
Differential Revision: D28543340
fbshipit-source-id: 75894d06d
Summary:
Let's model all the dynamic memory management functions as they all work
together and are important for a lot of C projects.
Reviewed By: ezgicicek
Differential Revision: D28543008
fbshipit-source-id: f130e1ab6
Summary: We even have matchers in PulseModels that can do the same thing.
Reviewed By: skcho
Differential Revision: D28540278
fbshipit-source-id: 4bfd8a13e
Summary:
It's unclear whether this can happen but it doesn't cost much to do a
last check before reporting an error to the user.
Reviewed By: skcho
Differential Revision: D28382670
fbshipit-source-id: e23f07ebd