Summary:
Create model of C++ std::vector to find occurrences when vector which might be empty is accessed. Do it by triggering null dereference every time empty vector access is performed.
Note: model will be used only when c++11 (or c++14) are used.
Reviewed By: sblackshear
Differential Revision: D3276203
fbshipit-source-id: 420a95a
Summary:
The checkers check was causing perf issues because it kept loading the json of
inferconfig. To prevent this from happening again, load json files inside
config.ml, and only export `Yojson.Basic.json Lazy.t` values to other modules.
Also move the list of checks disabled by default into config.ml for better
discoverability.
Reviewed By: jberdine
Differential Revision: D3293041
fbshipit-source-id: 4a38b26
Summary:
F for files, . for procedures, and a few more for developer mode.
Also add the crash message to the crash symbol, because if infer crashes we
want as much information as possible.
```
$ infer -- javac Hello.java
Starting analysis (Infer version v0.8.1-8e8c6fa)
legend:
"F" analyzing a file
"." analyzing a procedure
F..
Analyzed 1 file
Found 1 issue
Hello.java:13: error: NULL_DEREFERENCE
object s last assigned on line 12 could be null and is dereferenced at line 13
11. int test() {
12. String s = null;
13. > return s.length();
14. }
15. }
16.
Summary of the reports
NULL_DEREFERENCE: 1
$ infer -g -- javac Hello.java
...
Starting analysis (Infer version v0.8.1-8e8c6fa)
legend:
"F" analyzing a file
"." analyzing a procedure
"C" analyzer crashed
"T" timeout: procedure analysis took too much time
"S" timeout: procedure analysis took too many symbolic execution steps
"R" timeout: procedure analysis took too many recursive iterations
...
```
Reviewed By: sblackshear
Differential Revision: D3288081
fbshipit-source-id: becea34
Summary:
Reimplement command line options in preparation for uniformly passing
options from the top-level infer driver that invokes a build command
through the build system to the descendant infer processes.
All command line options of all executables are collected into Config,
and declared using a new CommandLineOption module that supports
maintining backward compatibility with the current command line
interface. Very few values representing command line options are
mutable now, as they are set once during parsing but are constant
thereafter. All ordering dependencies are contained within the
implementation of Config, and the implementation of Config is careful to
avoid unintended interactions and ordering dependencies between options.
Reviewed By: jvillard
Differential Revision: D3273345
fbshipit-source-id: 8e8c6fa
Summary:
Infer prepends the directory containing the ananotation processor and
the current working directory to the classpath javac option. This diff
enables prepending these to the classpath when it is passing in an args
file (as the classpath can get too long to pass on the command line).
Reviewed By: jvillard
Differential Revision: D3270348
fbshipit-source-id: 208077f
Summary:
Add a module target to the src Makefile that builds a single module and
its dependencies, perhaps with extra flags. Useful for generating
assembly or interfaces, as well as directing the typechecker when
refactoring.
Execute: `make INFER_CFLAGS=<flags> M=<Module>.cm{o,x} module`
Reviewed By: jeremydubreil
Differential Revision: D3273437
fb-gh-sync-id: 65a51d6
fbshipit-source-id: 65a51d6
Summary:
Handle building in debug mode by passing command line options set in
the Makefile, as all the other configuration of ocamlbuild is done
through command line options.
Reviewed By: jvillard
Differential Revision: D3202085
fb-gh-sync-id: d467019
fbshipit-source-id: d467019
Summary:
The computation of the perf stats file did not work in case -cluster was
passed a (relative) path.
Also, do not fail if the perf stats file cannot be opened/written, just
log a warning to stdout.
Reviewed By: jvillard
Differential Revision: D3269727
fb-gh-sync-id: c141ffa
fbshipit-source-id: c141ffa
Summary: Create "empty" vector model header. The actual model implementation will come in next diffs to simplify review process.
Reviewed By: dulmarod
Differential Revision: D3240683
fb-gh-sync-id: 03ee002
fbshipit-source-id: 03ee002
Summary:
- [python] decode strings coming from `os.*` commands
- [python] decode strings coming from the command-line
- [python] encode a few remaining unicodes into strings
- [java] replace lex/yacc parser for javac verbose output by regex-based matching to handle unicode in paths
- [make] random fix of `make test` to have `make clean test` work
- [integration tests] add e2e build integration tests for utf8 in the PWD
Closes#76
Reviewed By: martinoluca
Differential Revision: D3240809
fb-gh-sync-id: 8c2e1ed
fbshipit-source-id: 8c2e1ed
Summary:
Results of AbsInt checkers are node id -> abstract state maps.
It's hard to compare/combine the results of multiple analyses if the node id types are different.
Needed for the upcoming improvements of the preanalysis.
Reviewed By: jvillard
Differential Revision: D3235669
fb-gh-sync-id: c5251cf
fbshipit-source-id: c5251cf
Summary:
The case where the right hand side of the `Letderef` expression is an identifier was missing. With this diff, the following example is now working as expected:
class A {
public Object foo() {
return new Object();
}
}
class B extends A {
public Object foo() {
return null;
}
}
public class Test {
static Object bar(A a) {
return a.foo();
}
static void shoulReport() {
B b = new B();
bar(b).toString();
}
}
using the command:
INFER_LAZY_DYNAMIC_DISPATCH=1 infer -- javac Test.java
Reviewed By: sblackshear
Differential Revision: D3238986
fb-gh-sync-id: d6059fb
fbshipit-source-id: d6059fb
Summary:
The philosophy of the tracing mode reporting is to not report the errors in a method if reaching this error does depend on information that can be false at call site. Typically with:
void foo(Object obj, int x) {
if (x == 3) {
obj.toString();
}
}
it may be that we always call `foo` with a non-null parameter or `x != 3`.
Thechnically, the reporting code matches the pairs of the form (precondition, error) and filtering out the cases where the precondtions was not imposing constraints on the calling context, and report the other cases. So the NPE could be reported in the following case:
void bar() {
foo(null, 3);
}
However, we were missing the case where there was anyway no way to call a method in a safe way, i.e. all the preconditions were of the form: (precondition, error), for example:
void baz(boolean b) {
if (b) {
foo(null, 3);
} else {
foo(null, 3);
}
}
In that case, the summary is of the form
PRE (1): b = false
POST: NullPointerException
PRE (2): b = true
POST: NullPointerException
In which case it is legit to report `NullPointerException` in `baz`.
Reviewed By: sblackshear, jberdine
Differential Revision: D3220501
fb-gh-sync-id: 7fb7d70
fbshipit-source-id: 7fb7d70
Summary: So that we no longer have to run `Tabulation.prop_is_exn` before running `Tabulation.prop_get_exn_name`.
Reviewed By: jberdine
Differential Revision: D3222545
fb-gh-sync-id: a7faa06
fbshipit-source-id: a7faa06
Summary:
As suggested in the discussion https://github.com/facebook/infer/issues/326 this pull request implements
```ocaml
get_overriden_method : Tenv.t -> Procname.java -> Procname.t
```
to get the method of a superclass that is being overridden by a specific java pname.
I thought of unit test this, but unfortunately I wasn't able to figure out how to create the proper context with OUnit2. Perhaps the easiest way to test this will be integration tests.
Feel free to reject the pull request if unit tests are mandatory (or for any other reason, of course).
Closes https://github.com/facebook/infer/pull/341
Reviewed By: jeremydubreil
Differential Revision: D3221254
Pulled By: sblackshear
fb-gh-sync-id: 9c26258
fbshipit-source-id: 9c26258
Summary: Example of dynamic dispatch with interfaces were already working. Adding some tests now so that we don't break this.
Reviewed By: sblackshear
Differential Revision: D3220360
fb-gh-sync-id: 11395dd
fbshipit-source-id: 11395dd
Summary:
I ran perf on rocksdb analysis and found out that ~40% of time is spent inside ocaml GC originating
from Prop.typ_normalize.
After this change, profile shows that GC is ~2% and Prop.typ_normalize takes 50% of the time.
Reviewed By: jberdine
Differential Revision: D3219113
fb-gh-sync-id: 27c34d9
fbshipit-source-id: 27c34d9
Summary: Provide possibility to replace clang internal headers path if they are overwritten by `-isystem`. User needs to specify path to wrong headers to be replaced with infer's clang.
Reviewed By: martinoluca
Differential Revision: D3212850
fb-gh-sync-id: be3d51c
fbshipit-source-id: be3d51c
Summary:Open-source clang has caught up a bit with apple's clang, so we don't need to
filter as many compilation flags as we used to.
Reviewed By: akotulski, martinoluca
Differential Revision: D3212553
fb-gh-sync-id: 5638dc8
fbshipit-source-id: 5638dc8
Summary:This enables controlling the encoding chosen by infer via the usual environment
variables. For instance:
```
LC_ALL="C" infer ... # sets LOCALE to "ascii"
LC_ALL="en_US.UTF-8" infer ... # sets LOCALE to "UTF-8"
```
This gives an easy solution to #320: run `LC_ALL="en_US.UTF-8" infer ...`.
Right now the only solution is to edit the Python scripts by hand instead!
Reviewed By: jberdine
Differential Revision: D3207573
fb-gh-sync-id: 62d5b98
fbshipit-source-id: 62d5b98
Summary:stdlibc++ headers didn't like the fact that hash<unique_ptr> didn't have defined operator() directly.
Do that and provide empty body. Keep inheritance in case it helps compilation to succeed.
Reviewed By: dulmarod
Differential Revision: D3207721
fb-gh-sync-id: 8c950da
fbshipit-source-id: 8c950da
Summary:Local variable created by conditional operator translation is now declared in scope of whole
procedure. Semantically there is no difference, hopefuly backend will not complain about this
change. Also, nullifying that variable is deferred to preanalysis instead of calling it manually
Reviewed By: jvillard
Differential Revision: D3155733
fb-gh-sync-id: 6cec8fc
fbshipit-source-id: 6cec8fc
Summary:`exc.output` can be (always is?) `None`. Other places in the code only print
using `traceback.print_exc()` and this was the only place trying to print this
extra info (`git grep CalledProcessError`). This caused `utils.stdout()` to
raise an exception, which was further confusing.
closes#330
Reviewed By: jberdine
Differential Revision: D3203896
fb-gh-sync-id: d2988d8
fbshipit-source-id: d2988d8
Summary:It turns out, apple clang turns off cxx-modules under the hood. Open source clang doesn't do it by default
and we need to do it ourselves.
Reviewed By: jvillard, martinoluca
Differential Revision: D3201604
fb-gh-sync-id: 82cea0f
fbshipit-source-id: 82cea0f
Summary: For performance critical sections of the code, this checker detects memory allocations or calls to methods annotated as expensive. However, such cases of memory allocations or expensive calls are acceptable is occuring in rare cases. This diff adds supports for the "unlikely" branch prediction method and does not track expensive calls in unlikely branches.
Reviewed By: sblackshear
Differential Revision: D3193473
fb-gh-sync-id: ea87e49
fbshipit-source-id: ea87e49
Summary:InferPrint has a special case code path that does not add results_dir to
the specs_library if it is the default. This seems to be unnecessary.
Reviewed By: jeremydubreil
Differential Revision: D3195088
fb-gh-sync-id: 67e968a
fbshipit-source-id: 67e968a
Summary:BinaryConditionalOperator should evaluate condition expression once, but we used to evaluate it twice.
Fix translation to account for it.
Reviewed By: dulmarod
Differential Revision: D3179803
fb-gh-sync-id: a801a7e
fbshipit-source-id: a801a7e
Summary:Improve the error traces so that:
- the error get reported on the first offending call, which is more intuitive for inline comments
- the traces now jump from call location to callee definition and so forth until the end of the call stack
Reviewed By: sblackshear
Differential Revision: D3183756
fb-gh-sync-id: 089ddaf
fbshipit-source-id: 089ddaf
Summary:This diff translate cpp lambdas. For the moment it does not take care of
captured variables. Captured variables will come in the next diff.
Reviewed By: dulmarod
Differential Revision: D3114790
fb-gh-sync-id: bf36450
fbshipit-source-id: bf36450
Summary:Make node ids be `private int` to make sure we don't mix them with random
integers from other sources.
Reviewed By: sblackshear, cristianoc
Differential Revision: D3179670
fb-gh-sync-id: 4bcf4f0
fbshipit-source-id: 4bcf4f0
Summary:This wasn't used anywhere. Frontends that wish to do something like goto can
just set the targets of the goto as successors of the current node, no need for
a special instruction to do that.
Reviewed By: sblackshear
Differential Revision: D3179826
fb-gh-sync-id: 572a6f2
fbshipit-source-id: 572a6f2
Summary:public
When a conditional is the last instruction, there will be a join node leading directly to the exit node.
Some instructions, such as nullification of dead variables, and abstraction, are added to the control flow graph automatically. But, join nodes cannot contain instructions. So when a procedure ends with a conditional, there might be no place to store these instructions.
This diff adds one extra node between the join and the exit node in that situation.
Reviewed By: jvillard
Differential Revision: D3179056
fb-gh-sync-id: 2b9cd7e
fbshipit-source-id: 2b9cd7e
Summary:public
This extends infer/src/Makefile with a mod_dep.dot target that builds a
dot graph of module dependencies.
This also adds ocamldot, which is in the public domain and available
from http://trevorjim.com/projects/ocamldot/ocamldot.tar .
Reviewed By: cristianoc
Differential Revision: D3168488
fb-gh-sync-id: 267fb0e
fbshipit-source-id: 267fb0e
Summary:public
The code:
DataInputStream in = new DataInputStream(new BufferedInputStream(new FileInputStream(file)));
creates a resource with `FileInputStream()` and wraps it twice as a field of `BufferedInputStream` and then as a field of `DataInputStream`. Then calling:
in.close();
needs to go down the wrappers hierachy: `DataInputStream.close()` -> `FilterInputStream.close()` which then calls `BufferedInputStream.close()` -> `FilterInputStream.close()` -> `FileInputStream.close()`.
Going down the wrapper was not working before because `FilterInputStream.close()` was only going further when the type of field `in` was `FileInputStream` wheras it should also continue when the type of the field is any subtype of `FilterInputStream`, e.g. `DataInputStream` and `BufferedInputStream` like in the test example. This diff fixes this last aspect.
Reviewed By: sblackshear
Differential Revision: D3174822
fb-gh-sync-id: 3adbb7e
fbshipit-source-id: 3adbb7e
Summary:public
Report statistics on consumed time and memory in results_dir/perf_stats.json.
Reviewed By: martinoluca
Differential Revision: D3162381
fb-gh-sync-id: e802faa
fbshipit-source-id: e802faa
Summary:public
Instead of translating code from headers blindly, translate only gets transitively referenced from source code.
It won't translate functions from system headers, but in the future we could do that as well
since most of them aren't used and it shouldn't add much overhead.
For now this functionality is hidden behind --cxx-experimental flag
Reviewed By: dulmarod
Differential Revision: D3163519
fb-gh-sync-id: 0c53b10
fbshipit-source-id: 0c53b10
Summary:public
Refactor Utils.SymOp into a separate module, bringing the failure_kind
type and associated operations.
Reviewed By: cristianoc
Differential Revision: D3161640
fb-gh-sync-id: be3d7c9
fbshipit-source-id: be3d7c9
Summary:public
Eliminate the use of the -open Utils command line option passed to the compiler in favor of `open! Utils` in each source file. While slightly convenient, this option causes more headaches than it is worth with other tools e.g. merlin.
Reviewed By: jvillard
Differential Revision: D3168193
fb-gh-sync-id: 4285ef6
fbshipit-source-id: 4285ef6
Summary:public
This will allow us to run translation of more than one function at the same time.
Reviewed By: dulmarod
Differential Revision: D3167965
fb-gh-sync-id: 41e9935
fbshipit-source-id: 41e9935
Sam Blackshear
Dulma Churchill
Andrzej Kotulski
Jules Villard
Josh Berdine
Jeremy Dubreil
Luis Cruz
Dino Distefano
Peter O'Hearn
Cristiano Calcagno