r351514 - [analyzer] Introduce proper diagnostic for freeing unowned object
Vlad Tsyrklevich via cfe-commits
cfe-commits at lists.llvm.org
Fri Jan 18 00:47:57 PST 2019
Hi, I've reverted r351508-351514 as they were causing MSan failures on the
sanitizer bots. It looks like isLeak is not initialized by one of the
RefCountReport constructors and it is not immediately obvious to me what an
appropriate value for it is. You can observe the failures here
<http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux-bootstrap-msan/builds/9894/steps/check-clang%20msan/logs/stdio>,
they look like the following:
FAIL: Clang :: Analysis/inlining/path-notes.m (525 of 13800)
******************** TEST 'Clang :: Analysis/inlining/path-notes.m'
FAILED ********************
Script:
--
: 'RUN: at line 1';
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/bin/clang
-cc1 -internal-isystem
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/lib/clang/9.0.0/include
-nostdsysteminc -analyze -analyzer-constraints=range
-analyzer-checker=core,osx.cocoa.NilArg,osx.cocoa.RetainCount
-analyzer-output=text -analyzer-config
suppress-null-return-paths=false -fblocks -verify
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/test/Analysis/inlining/path-notes.m
: 'RUN: at line 2';
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/bin/clang
-cc1 -internal-isystem
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/lib/clang/9.0.0/include
-nostdsysteminc -analyze -analyzer-constraints=range
-analyzer-checker=core,osx.cocoa.NilArg,osx.cocoa.RetainCount
-analyzer-output=plist-multi-file -analyzer-config
suppress-null-return-paths=false -fblocks
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/test/Analysis/inlining/path-notes.m
-o /b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/tools/clang/test/Analysis/inlining/Output/path-notes.m.tmp.plist
: 'RUN: at line 3'; cat
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/tools/clang/test/Analysis/inlining/Output/path-notes.m.tmp.plist
| diff -u -w -I "<string>/" -I "<string>.:" -I "version"
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/test/Analysis/inlining/Inputs/expected-plists/path-notes.m.plist
-
--
Exit Code: 77
Command Output (stderr):
--
==93612==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0xa0635a8 in
clang::ento::retaincountchecker::RefCountReport::getRanges()
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.h:65:9
#1 0xa18bb67 in
clang::ento::BugReporterVisitor::getDefaultEndPath(clang::ento::BugReporterContext&,
clang::ento::ExplodedNode const*, clang::ento::BugReport&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp:176:27
#2 0xa05cf02 in
clang::ento::retaincountchecker::RefCountReportVisitor::getEndPath(clang::ento::BugReporterContext&,
clang::ento::ExplodedNode const*, clang::ento::BugReport&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.cpp:681:10
#3 0xa15b9aa in
generateVisitorsDiagnostics(clang::ento::BugReport*,
clang::ento::ExplodedNode const*, clang::ento::BugReporterContext&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2564:29
#4 0xa1429dc in findValidReport
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2621:9
#5 0xa1429dc in
clang::ento::GRBugReporter::generatePathDiagnostics(llvm::ArrayRef<clang::ento::PathDiagnosticConsumer*>,
llvm::ArrayRef<clang::ento::BugReport*>&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2670
#6 0xa14f991 in
clang::ento::BugReporter::generateDiagnosticForConsumerMap(clang::ento::BugReport*,
llvm::ArrayRef<clang::ento::PathDiagnosticConsumer*>,
llvm::ArrayRef<clang::ento::BugReport*>)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:3092:5
#7 0xa13cbc1 in
clang::ento::BugReporter::FlushReport(clang::ento::BugReportEquivClass&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2948:7
#8 0xa13a171 in clang::ento::BugReporter::FlushReports()
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2254:5
#9 0x99e9463 in RunPathSensitiveChecks
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:752:24
#10 0x99e9463 in (anonymous
namespace)::AnalysisConsumer::HandleCode(clang::Decl*, unsigned int,
clang::ento::ExprEngine::InliningModes, llvm::DenseSet<clang::Decl
const*, llvm::DenseMapInfo<clang::Decl const*> >*)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:716
#11 0x99ca7d6 in HandleDeclsCallGraph
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:507:5
#12 0x99ca7d6 in runAnalysisOnTranslationUnit
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:554
#13 0x99ca7d6 in (anonymous
namespace)::AnalysisConsumer::HandleTranslationUnit(clang::ASTContext&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:585
#14 0xa5083e5 in clang::ParseAST(clang::Sema&, bool, bool)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/Parse/ParseAST.cpp:170:13
#15 0x7660470 in clang::FrontendAction::Execute()
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/Frontend/FrontendAction.cpp:935:8
#16 0x757956b in
clang::CompilerInstance::ExecuteAction(clang::FrontendAction&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/Frontend/CompilerInstance.cpp:955:11
#17 0x788b6ea in
clang::ExecuteCompilerInvocation(clang::CompilerInstance*)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:268:25
#18 0xb2c545 in cc1_main(llvm::ArrayRef<char const*>, char const*,
void*) /b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/tools/driver/cc1_main.cpp:219:13
#19 0xb2567e in ExecuteCC1Tool
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/tools/driver/driver.cpp:310:12
#20 0xb2567e in main
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/tools/driver/driver.cpp:382
#21 0x7f65de62a2e0 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x202e0)
#22 0xaa6779 in _start
(/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/bin/clang-9+0xaa6779)
SUMMARY: MemorySanitizer: use-of-uninitialized-value
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.h:65:9
in clang::ento::retaincountchecker::RefCountReport::getRanges()
Exiting
--
********************
Testing: 0
FAIL: Clang :: Analysis/objc-subscript.m (717 of 13800)
******************** TEST 'Clang :: Analysis/objc-subscript.m' FAILED
********************
Script:
--
: 'RUN: at line 1';
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/bin/clang
-cc1 -internal-isystem
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/lib/clang/9.0.0/include
-nostdsysteminc -analyze -analyzer-constraints=range
-analyzer-checker=core,osx.cocoa.RetainCount -analyzer-store=region
-verify -Wno-objc-root-class
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/test/Analysis/objc-subscript.m
--
Exit Code: 77
Command Output (stderr):
--
==94025==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0xa0635a8 in
clang::ento::retaincountchecker::RefCountReport::getRanges()
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.h:65:9
#1 0xa18bb67 in
clang::ento::BugReporterVisitor::getDefaultEndPath(clang::ento::BugReporterContext&,
clang::ento::ExplodedNode const*, clang::ento::BugReport&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp:176:27
#2 0xa05cf02 in
clang::ento::retaincountchecker::RefCountReportVisitor::getEndPath(clang::ento::BugReporterContext&,
clang::ento::ExplodedNode const*, clang::ento::BugReport&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.cpp:681:10
#3 0xa15b9aa in
generateVisitorsDiagnostics(clang::ento::BugReport*,
clang::ento::ExplodedNode const*, clang::ento::BugReporterContext&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2564:29
#4 0xa1429dc in findValidReport
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2621:9
#5 0xa1429dc in
clang::ento::GRBugReporter::generatePathDiagnostics(llvm::ArrayRef<clang::ento::PathDiagnosticConsumer*>,
llvm::ArrayRef<clang::ento::BugReport*>&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2670
#6 0xa14f991 in
clang::ento::BugReporter::generateDiagnosticForConsumerMap(clang::ento::BugReport*,
llvm::ArrayRef<clang::ento::PathDiagnosticConsumer*>,
llvm::ArrayRef<clang::ento::BugReport*>)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:3092:5
#7 0xa13cbc1 in
clang::ento::BugReporter::FlushReport(clang::ento::BugReportEquivClass&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2948:7
#8 0xa13a171 in clang::ento::BugReporter::FlushReports()
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2254:5
#9 0x99e9463 in RunPathSensitiveChecks
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:752:24
#10 0x99e9463 in (anonymous
namespace)::AnalysisConsumer::HandleCode(clang::Decl*, unsigned int,
clang::ento::ExprEngine::InliningModes, llvm::DenseSet<clang::Decl
const*, llvm::DenseMapInfo<clang::Decl const*> >*)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:716
#11 0x99ca7d6 in HandleDeclsCallGraph
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:507:5
#12 0x99ca7d6 in runAnalysisOnTranslationUnit
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:554
#13 0x99ca7d6 in (anonymous
namespace)::AnalysisConsumer::HandleTranslationUnit(clang::ASTContext&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:585
#14 0xa5083e5 in clang::ParseAST(clang::Sema&, bool, bool)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/Parse/ParseAST.cpp:170:13
#15 0x7660470 in clang::FrontendAction::Execute()
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/Frontend/FrontendAction.cpp:935:8
#16 0x757956b in
clang::CompilerInstance::ExecuteAction(clang::FrontendAction&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/Frontend/CompilerInstance.cpp:955:11
#17 0x788b6ea in
clang::ExecuteCompilerInvocation(clang::CompilerInstance*)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:268:25
#18 0xb2c545 in cc1_main(llvm::ArrayRef<char const*>, char const*,
void*) /b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/tools/driver/cc1_main.cpp:219:13
#19 0xb2567e in ExecuteCC1Tool
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/tools/driver/driver.cpp:310:12
#20 0xb2567e in main
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/tools/driver/driver.cpp:382
#21 0x7f6b71c1d2e0 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x202e0)
#22 0xaa6779 in _start
(/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/bin/clang-9+0xaa6779)
SUMMARY: MemorySanitizer: use-of-uninitialized-value
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.h:65:9
in clang::ento::retaincountchecker::RefCountReport::getRanges()
Exiting
--
********************
Testing: 0
FAIL: Clang :: Analysis/retain-release-path-notes.m (814 of 13800)
******************** TEST 'Clang ::
Analysis/retain-release-path-notes.m' FAILED ********************
Script:
--
: 'RUN: at line 1';
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/bin/clang
-cc1 -internal-isystem
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/lib/clang/9.0.0/include
-nostdsysteminc -analyze -analyzer-constraints=range -triple
x86_64-apple-darwin10
-analyzer-checker=core,osx.coreFoundation.CFRetainRelease,osx.cocoa.ClassRelease,osx.cocoa.RetainCount
-analyzer-store=region -analyzer-output=text -verify
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/test/Analysis/retain-release-path-notes.m
: 'RUN: at line 2';
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/bin/clang
-cc1 -internal-isystem
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/lib/clang/9.0.0/include
-nostdsysteminc -analyze -analyzer-constraints=range -triple
x86_64-apple-darwin10
-analyzer-checker=core,osx.coreFoundation.CFRetainRelease,osx.cocoa.ClassRelease,osx.cocoa.RetainCount
-analyzer-store=region -analyzer-output=plist-multi-file
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/test/Analysis/retain-release-path-notes.m
-o /b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/tools/clang/test/Analysis/Output/retain-release-path-notes.m.tmp
: 'RUN: at line 3'; cat
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/tools/clang/test/Analysis/Output/retain-release-path-notes.m.tmp
| diff -u -w -I "<string>/" -I "<string>.:" -I "version"
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/test/Analysis/Inputs/expected-plists/retain-release-path-notes.m.plist
-
--
Exit Code: 77
Command Output (stderr):
--
==94175==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0xa0635a8 in
clang::ento::retaincountchecker::RefCountReport::getRanges()
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.h:65:9
#1 0xa18bb67 in
clang::ento::BugReporterVisitor::getDefaultEndPath(clang::ento::BugReporterContext&,
clang::ento::ExplodedNode const*, clang::ento::BugReport&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp:176:27
#2 0xa05cf02 in
clang::ento::retaincountchecker::RefCountReportVisitor::getEndPath(clang::ento::BugReporterContext&,
clang::ento::ExplodedNode const*, clang::ento::BugReport&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.cpp:681:10
#3 0xa15b9aa in
generateVisitorsDiagnostics(clang::ento::BugReport*,
clang::ento::ExplodedNode const*, clang::ento::BugReporterContext&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2564:29
#4 0xa1429dc in findValidReport
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2621:9
#5 0xa1429dc in
clang::ento::GRBugReporter::generatePathDiagnostics(llvm::ArrayRef<clang::ento::PathDiagnosticConsumer*>,
llvm::ArrayRef<clang::ento::BugReport*>&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2670
#6 0xa14f991 in
clang::ento::BugReporter::generateDiagnosticForConsumerMap(clang::ento::BugReport*,
llvm::ArrayRef<clang::ento::PathDiagnosticConsumer*>,
llvm::ArrayRef<clang::ento::BugReport*>)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:3092:5
#7 0xa13cbc1 in
clang::ento::BugReporter::FlushReport(clang::ento::BugReportEquivClass&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2948:7
#8 0xa13a171 in clang::ento::BugReporter::FlushReports()
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2254:5
#9 0x99e9463 in RunPathSensitiveChecks
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:752:24
#10 0x99e9463 in (anonymous
namespace)::AnalysisConsumer::HandleCode(clang::Decl*, unsigned int,
clang::ento::ExprEngine::InliningModes, llvm::DenseSet<clang::Decl
const*, llvm::DenseMapInfo<clang::Decl const*> >*)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:716
#11 0x99ca7d6 in HandleDeclsCallGraph
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:507:5
#12 0x99ca7d6 in runAnalysisOnTranslationUnit
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:554
#13 0x99ca7d6 in (anonymous
namespace)::AnalysisConsumer::HandleTranslationUnit(clang::ASTContext&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:585
#14 0xa5083e5 in clang::ParseAST(clang::Sema&, bool, bool)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/Parse/ParseAST.cpp:170:13
#15 0x7660470 in clang::FrontendAction::Execute()
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/Frontend/FrontendAction.cpp:935:8
#16 0x757956b in
clang::CompilerInstance::ExecuteAction(clang::FrontendAction&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/Frontend/CompilerInstance.cpp:955:11
#17 0x788b6ea in
clang::ExecuteCompilerInvocation(clang::CompilerInstance*)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:268:25
#18 0xb2c545 in cc1_main(llvm::ArrayRef<char const*>, char const*,
void*) /b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/tools/driver/cc1_main.cpp:219:13
#19 0xb2567e in ExecuteCC1Tool
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/tools/driver/driver.cpp:310:12
#20 0xb2567e in main
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/tools/driver/driver.cpp:382
#21 0x7f2d9deff2e0 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x202e0)
#22 0xaa6779 in _start
(/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/bin/clang-9+0xaa6779)
SUMMARY: MemorySanitizer: use-of-uninitialized-value
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.h:65:9
in clang::ento::retaincountchecker::RefCountReport::getRanges()
Exiting
--
********************
Testing: 0 .
FAIL: Clang :: Analysis/retain-release.m (870 of 13800)
******************** TEST 'Clang :: Analysis/retain-release.m' FAILED
********************
Script:
--
: 'RUN: at line 1'; rm -f
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/tools/clang/test/Analysis/Output/retain-release.m.tmp.objc.plist
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/tools/clang/test/Analysis/Output/retain-release.m.tmp.objcpp.plist
: 'RUN: at line 2';
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/bin/clang
-cc1 -internal-isystem
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/lib/clang/9.0.0/include
-nostdsysteminc -analyze -analyzer-constraints=range -triple
x86_64-apple-darwin10
-analyzer-checker=core,osx.coreFoundation.CFRetainRelease
-analyzer-checker=osx.cocoa.ClassRelease,osx.cocoa.RetainCount
-analyzer-checker=debug.ExprInspection -fblocks -verify
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/test/Analysis/retain-release.m
-Wno-objc-root-class -analyzer-output=plist -o
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/tools/clang/test/Analysis/Output/retain-release.m.tmp.objc.plist
: 'RUN: at line 7';
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/bin/clang
-cc1 -internal-isystem
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/lib/clang/9.0.0/include
-nostdsysteminc -analyze -analyzer-constraints=range -triple
x86_64-apple-darwin10
-analyzer-checker=core,osx.coreFoundation.CFRetainRelease
-analyzer-checker=osx.cocoa.ClassRelease,osx.cocoa.RetainCount
-analyzer-checker=debug.ExprInspection -fblocks -verify
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/test/Analysis/retain-release.m
-Wno-objc-root-class -analyzer-output=plist -o
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/tools/clang/test/Analysis/Output/retain-release.m.tmp.objcpp.plist
-x objective-c++ -std=gnu++98
: 'RUN: at line 13'; cat
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/tools/clang/test/Analysis/Output/retain-release.m.tmp.objcpp.plist
| diff -u -w -I "<string>/" -I "<string>.:" -I "version"
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/test/Analysis/Inputs/expected-plists/retain-release.m.objcpp.plist
-
: 'RUN: at line 14'; cat
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/tools/clang/test/Analysis/Output/retain-release.m.tmp.objc.plist
| diff -u -w -I "<string>/" -I "<string>.:" -I "version"
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/test/Analysis/Inputs/expected-plists/retain-release.m.objc.plist
-
--
Exit Code: 77
Command Output (stderr):
--
==94235==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0xa0635a8 in
clang::ento::retaincountchecker::RefCountReport::getRanges()
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.h:65:9
#1 0xa18bb67 in
clang::ento::BugReporterVisitor::getDefaultEndPath(clang::ento::BugReporterContext&,
clang::ento::ExplodedNode const*, clang::ento::BugReport&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp:176:27
#2 0xa05cf02 in
clang::ento::retaincountchecker::RefCountReportVisitor::getEndPath(clang::ento::BugReporterContext&,
clang::ento::ExplodedNode const*, clang::ento::BugReport&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.cpp:681:10
#3 0xa15b9aa in
generateVisitorsDiagnostics(clang::ento::BugReport*,
clang::ento::ExplodedNode const*, clang::ento::BugReporterContext&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2564:29
#4 0xa1429dc in findValidReport
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2621:9
#5 0xa1429dc in
clang::ento::GRBugReporter::generatePathDiagnostics(llvm::ArrayRef<clang::ento::PathDiagnosticConsumer*>,
llvm::ArrayRef<clang::ento::BugReport*>&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2670
#6 0xa14f991 in
clang::ento::BugReporter::generateDiagnosticForConsumerMap(clang::ento::BugReport*,
llvm::ArrayRef<clang::ento::PathDiagnosticConsumer*>,
llvm::ArrayRef<clang::ento::BugReport*>)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:3092:5
#7 0xa13cbc1 in
clang::ento::BugReporter::FlushReport(clang::ento::BugReportEquivClass&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2948:7
#8 0xa13a171 in clang::ento::BugReporter::FlushReports()
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2254:5
#9 0x99e9463 in RunPathSensitiveChecks
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:752:24
#10 0x99e9463 in (anonymous
namespace)::AnalysisConsumer::HandleCode(clang::Decl*, unsigned int,
clang::ento::ExprEngine::InliningModes, llvm::DenseSet<clang::Decl
const*, llvm::DenseMapInfo<clang::Decl const*> >*)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:716
#11 0x99ca7d6 in HandleDeclsCallGraph
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:507:5
#12 0x99ca7d6 in runAnalysisOnTranslationUnit
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:554
#13 0x99ca7d6 in (anonymous
namespace)::AnalysisConsumer::HandleTranslationUnit(clang::ASTContext&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:585
#14 0xa5083e5 in clang::ParseAST(clang::Sema&, bool, bool)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/Parse/ParseAST.cpp:170:13
#15 0x7660470 in clang::FrontendAction::Execute()
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/Frontend/FrontendAction.cpp:935:8
#16 0x757956b in
clang::CompilerInstance::ExecuteAction(clang::FrontendAction&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/Frontend/CompilerInstance.cpp:955:11
#17 0x788b6ea in
clang::ExecuteCompilerInvocation(clang::CompilerInstance*)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:268:25
#18 0xb2c545 in cc1_main(llvm::ArrayRef<char const*>, char const*,
void*) /b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/tools/driver/cc1_main.cpp:219:13
#19 0xb2567e in ExecuteCC1Tool
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/tools/driver/driver.cpp:310:12
#20 0xb2567e in main
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/tools/driver/driver.cpp:382
#21 0x7ff6ee07c2e0 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x202e0)
#22 0xaa6779 in _start
(/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/bin/clang-9+0xaa6779)
SUMMARY: MemorySanitizer: use-of-uninitialized-value
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.h:65:9
in clang::ento::retaincountchecker::RefCountReport::getRanges()
Exiting
--
********************
Testing: 0 .
FAIL: Clang :: Analysis/properties.m (1045 of 13800)
******************** TEST 'Clang :: Analysis/properties.m' FAILED
********************
Script:
--
: 'RUN: at line 1';
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/bin/clang
-cc1 -internal-isystem
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/lib/clang/9.0.0/include
-nostdsysteminc -analyze -analyzer-constraints=range
-analyzer-checker=core,osx.cocoa.RetainCount,osx.cocoa.Dealloc,debug.ExprInspection
-analyzer-store=region -verify -Wno-objc-root-class -analyzer-config
eagerly-assume=false
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/test/Analysis/properties.m
: 'RUN: at line 2';
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/bin/clang
-cc1 -internal-isystem
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/lib/clang/9.0.0/include
-nostdsysteminc -analyze -analyzer-constraints=range
-analyzer-checker=core,osx.cocoa.RetainCount,osx.cocoa.Dealloc,debug.ExprInspection
-analyzer-store=region -verify -Wno-objc-root-class -fobjc-arc
-analyzer-config eagerly-assume=false
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/test/Analysis/properties.m
--
Exit Code: 77
Command Output (stderr):
--
==94119==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0xa0635a8 in
clang::ento::retaincountchecker::RefCountReport::getRanges()
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.h:65:9
#1 0xa18bb67 in
clang::ento::BugReporterVisitor::getDefaultEndPath(clang::ento::BugReporterContext&,
clang::ento::ExplodedNode const*, clang::ento::BugReport&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporterVisitors.cpp:176:27
#2 0xa05cf02 in
clang::ento::retaincountchecker::RefCountReportVisitor::getEndPath(clang::ento::BugReporterContext&,
clang::ento::ExplodedNode const*, clang::ento::BugReport&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.cpp:681:10
#3 0xa15b9aa in
generateVisitorsDiagnostics(clang::ento::BugReport*,
clang::ento::ExplodedNode const*, clang::ento::BugReporterContext&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2564:29
#4 0xa1429dc in findValidReport
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2621:9
#5 0xa1429dc in
clang::ento::GRBugReporter::generatePathDiagnostics(llvm::ArrayRef<clang::ento::PathDiagnosticConsumer*>,
llvm::ArrayRef<clang::ento::BugReport*>&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2670
#6 0xa14f991 in
clang::ento::BugReporter::generateDiagnosticForConsumerMap(clang::ento::BugReport*,
llvm::ArrayRef<clang::ento::PathDiagnosticConsumer*>,
llvm::ArrayRef<clang::ento::BugReport*>)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:3092:5
#7 0xa13cbc1 in
clang::ento::BugReporter::FlushReport(clang::ento::BugReportEquivClass&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2948:7
#8 0xa13a171 in clang::ento::BugReporter::FlushReports()
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Core/BugReporter.cpp:2254:5
#9 0x99e9463 in RunPathSensitiveChecks
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:752:24
#10 0x99e9463 in (anonymous
namespace)::AnalysisConsumer::HandleCode(clang::Decl*, unsigned int,
clang::ento::ExprEngine::InliningModes, llvm::DenseSet<clang::Decl
const*, llvm::DenseMapInfo<clang::Decl const*> >*)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:716
#11 0x99ca7d6 in HandleDeclsCallGraph
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:507:5
#12 0x99ca7d6 in runAnalysisOnTranslationUnit
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:554
#13 0x99ca7d6 in (anonymous
namespace)::AnalysisConsumer::HandleTranslationUnit(clang::ASTContext&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Frontend/AnalysisConsumer.cpp:585
#14 0xa5083e5 in clang::ParseAST(clang::Sema&, bool, bool)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/Parse/ParseAST.cpp:170:13
#15 0x7660470 in clang::FrontendAction::Execute()
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/Frontend/FrontendAction.cpp:935:8
#16 0x757956b in
clang::CompilerInstance::ExecuteAction(clang::FrontendAction&)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/Frontend/CompilerInstance.cpp:955:11
#17 0x788b6ea in
clang::ExecuteCompilerInvocation(clang::CompilerInstance*)
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/FrontendTool/ExecuteCompilerInvocation.cpp:268:25
#18 0xb2c545 in cc1_main(llvm::ArrayRef<char const*>, char const*,
void*) /b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/tools/driver/cc1_main.cpp:219:13
#19 0xb2567e in ExecuteCC1Tool
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/tools/driver/driver.cpp:310:12
#20 0xb2567e in main
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/tools/driver/driver.cpp:382
#21 0x7ff5537e82e0 in __libc_start_main
(/lib/x86_64-linux-gnu/libc.so.6+0x202e0)
#22 0xaa6779 in _start
(/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm_build_msan/bin/clang-9+0xaa6779)
SUMMARY: MemorySanitizer: use-of-uninitialized-value
/b/sanitizer-x86_64-linux-bootstrap-msan/build/llvm/tools/clang/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.h:65:9
in clang::ento::retaincountchecker::RefCountReport::getRanges()
On Thu, Jan 17, 2019 at 7:17 PM George Karpenkov via cfe-commits <
cfe-commits at lists.llvm.org> wrote:
> Author: george.karpenkov
> Date: Thu Jan 17 19:13:53 2019
> New Revision: 351514
>
> URL: http://llvm.org/viewvc/llvm-project?rev=351514&view=rev
> Log:
> [analyzer] Introduce proper diagnostic for freeing unowned object
>
> Insert a note when the object becomes not (exclusively) owned.
>
> Differential Revision: https://reviews.llvm.org/D56891
>
> Modified:
>
> cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountChecker.cpp
>
> cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountChecker.h
>
> cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.cpp
>
> cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.h
> cfe/trunk/test/Analysis/osobject-retain-release.cpp
>
> Modified:
> cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountChecker.cpp
> URL:
> http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountChecker.cpp?rev=351514&r1=351513&r2=351514&view=diff
>
> ==============================================================================
> ---
> cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountChecker.cpp
> (original)
> +++
> cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountChecker.cpp
> Thu Jan 17 19:13:53 2019
> @@ -803,13 +803,16 @@ ProgramStateRef RetainCountChecker::upda
> }
>
> const RefCountBug &
> -RetainCountChecker::errorKindToBugKind(RefVal::Kind ErrorKind) const {
> +RetainCountChecker::errorKindToBugKind(RefVal::Kind ErrorKind,
> + SymbolRef Sym) const {
> switch (ErrorKind) {
> case RefVal::ErrorUseAfterRelease:
> return useAfterRelease;
> case RefVal::ErrorReleaseNotOwned:
> return releaseNotOwned;
> case RefVal::ErrorDeallocNotOwned:
> + if (Sym->getType()->getPointeeCXXRecordDecl())
> + return freeNotOwned;
> return deallocNotOwned;
> default:
> llvm_unreachable("Unhandled error.");
> @@ -836,7 +839,8 @@ void RetainCountChecker::processNonLeakE
> return;
>
> auto report = llvm::make_unique<RefCountReport>(
> - errorKindToBugKind(ErrorKind), C.getASTContext().getLangOpts(), N,
> Sym);
> + errorKindToBugKind(ErrorKind, Sym),
> + C.getASTContext().getLangOpts(), N, Sym);
> report->addRange(ErrorRange);
> C.emitReport(std::move(report));
> }
>
> Modified:
> cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountChecker.h
> URL:
> http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountChecker.h?rev=351514&r1=351513&r2=351514&view=diff
>
> ==============================================================================
> ---
> cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountChecker.h
> (original)
> +++
> cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountChecker.h
> Thu Jan 17 19:13:53 2019
> @@ -255,6 +255,7 @@ class RetainCountChecker
> RefCountBug useAfterRelease{this, RefCountBug::UseAfterRelease};
> RefCountBug releaseNotOwned{this, RefCountBug::ReleaseNotOwned};
> RefCountBug deallocNotOwned{this, RefCountBug::DeallocNotOwned};
> + RefCountBug freeNotOwned{this, RefCountBug::FreeNotOwned};
> RefCountBug overAutorelease{this, RefCountBug::OverAutorelease};
> RefCountBug returnNotOwnedForOwned{this,
> RefCountBug::ReturnNotOwnedForOwned};
> RefCountBug leakWithinFunction{this, RefCountBug::LeakWithinFunction};
> @@ -336,8 +337,8 @@ public:
> RefVal V, ArgEffect E, RefVal::Kind
> &hasErr,
> CheckerContext &C) const;
>
> -
> - const RefCountBug &errorKindToBugKind(RefVal::Kind ErrorKind) const;
> + const RefCountBug &errorKindToBugKind(RefVal::Kind ErrorKind,
> + SymbolRef Sym) const;
>
> void processNonLeakError(ProgramStateRef St, SourceRange ErrorRange,
> RefVal::Kind ErrorKind, SymbolRef Sym,
>
> Modified:
> cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.cpp
> URL:
> http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.cpp?rev=351514&r1=351513&r2=351514&view=diff
>
> ==============================================================================
> ---
> cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.cpp
> (original)
> +++
> cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.cpp
> Thu Jan 17 19:13:53 2019
> @@ -27,6 +27,8 @@ StringRef RefCountBug::bugTypeToName(Ref
> return "Bad release";
> case DeallocNotOwned:
> return "-dealloc sent to non-exclusively owned object";
> + case FreeNotOwned:
> + return "freeing non-exclusively owned object";
> case OverAutorelease:
> return "Object autoreleased too many times";
> case ReturnNotOwnedForOwned:
> @@ -47,6 +49,8 @@ StringRef RefCountBug::getDescription()
> "not owned at this point by the caller";
> case DeallocNotOwned:
> return "-dealloc sent to object that may be referenced elsewhere";
> + case FreeNotOwned:
> + return "'free' called on an object that may be referenced elsewhere";
> case OverAutorelease:
> return "Object autoreleased too many times";
> case ReturnNotOwnedForOwned:
> @@ -86,7 +90,8 @@ static std::string getPrettyTypeName(Qua
> /// Write information about the type state change to {@code os},
> /// return whether the note should be generated.
> static bool shouldGenerateNote(llvm::raw_string_ostream &os,
> - const RefVal *PrevT, const RefVal &CurrV,
> + const RefVal *PrevT,
> + const RefVal &CurrV,
> bool DeallocSent) {
> // Get the previous type state.
> RefVal PrevV = *PrevT;
> @@ -416,6 +421,11 @@ std::shared_ptr<PathDiagnosticPiece>
> RefCountReportVisitor::VisitNode(const ExplodedNode *N,
> BugReporterContext &BRC, BugReport &BR) {
>
> + const auto &BT = static_cast<const RefCountBug&>(BR.getBugType());
> +
> + bool IsFreeUnowned = BT.getBugType() == RefCountBug::FreeNotOwned ||
> + BT.getBugType() == RefCountBug::DeallocNotOwned;
> +
> const SourceManager &SM = BRC.getSourceManager();
> CallEventManager &CEMgr = BRC.getStateManager().getCallEventManager();
> if (auto CE = N->getLocationAs<CallExitBegin>())
> @@ -434,7 +444,8 @@ RefCountReportVisitor::VisitNode(const E
> const LocationContext *LCtx = N->getLocationContext();
>
> const RefVal* CurrT = getRefBinding(CurrSt, Sym);
> - if (!CurrT) return nullptr;
> + if (!CurrT)
> + return nullptr;
>
> const RefVal &CurrV = *CurrT;
> const RefVal *PrevT = getRefBinding(PrevSt, Sym);
> @@ -444,6 +455,12 @@ RefCountReportVisitor::VisitNode(const E
> std::string sbuf;
> llvm::raw_string_ostream os(sbuf);
>
> + if (PrevT && IsFreeUnowned && CurrV.isNotOwned() && PrevT->isOwned()) {
> + os << "Object is now not exclusively owned";
> + auto Pos = PathDiagnosticLocation::create(N->getLocation(), SM);
> + return std::make_shared<PathDiagnosticEventPiece>(Pos, os.str());
> + }
> +
> // This is the allocation site since the previous node had no bindings
> // for this symbol.
> if (!PrevT) {
> @@ -490,9 +507,9 @@ RefCountReportVisitor::VisitNode(const E
> // program point
> bool DeallocSent = false;
>
> - if (N->getLocation().getTag() &&
> - N->getLocation().getTag()->getTagDescription().contains(
> - RetainCountChecker::DeallocTagDescription)) {
> + const ProgramPointTag *Tag = N->getLocation().getTag();
> + if (Tag && Tag->getTagDescription().contains(
> + RetainCountChecker::DeallocTagDescription)) {
> // We only have summaries attached to nodes after evaluating CallExpr
> and
> // ObjCMessageExprs.
> const Stmt *S = N->getLocation().castAs<StmtPoint>().getStmt();
>
> Modified:
> cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.h
> URL:
> http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.h?rev=351514&r1=351513&r2=351514&view=diff
>
> ==============================================================================
> ---
> cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.h
> (original)
> +++
> cfe/trunk/lib/StaticAnalyzer/Checkers/RetainCountChecker/RetainCountDiagnostics.h
> Thu Jan 17 19:13:53 2019
> @@ -30,6 +30,7 @@ public:
> UseAfterRelease,
> ReleaseNotOwned,
> DeallocNotOwned,
> + FreeNotOwned,
> OverAutorelease,
> ReturnNotOwnedForOwned,
> LeakWithinFunction,
>
> Modified: cfe/trunk/test/Analysis/osobject-retain-release.cpp
> URL:
> http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/osobject-retain-release.cpp?rev=351514&r1=351513&r2=351514&view=diff
>
> ==============================================================================
> --- cfe/trunk/test/Analysis/osobject-retain-release.cpp (original)
> +++ cfe/trunk/test/Analysis/osobject-retain-release.cpp Thu Jan 17
> 19:13:53 2019
> @@ -634,3 +634,13 @@ void test_ostypealloc_correct_diagnostic
> arr->release(); // expected-note{{Reference count decremented. The
> object now has a +1 retain count}}
> } // expected-note{{Object leaked: object allocated and stored into 'arr'
> is not referenced later in this execution path and has a retain count of
> +1}}
> // expected-warning at -1{{Potential leak of an object stored into 'arr'}}
> +
> +void escape_elsewhere(OSObject *obj);
> +
> +void test_free_on_escaped_object_diagnostics() {
> + OSObject *obj = new OSObject; // expected-note{{Operator 'new' returns
> an OSObject of type 'OSObject' with a +1 retain count}}
> + escape_elsewhere(obj); // expected-note{{Object is now not exclusively
> owned}}
> + obj->free(); // expected-note{{'free' called on an object that may be
> referenced elsewhere}}
> + // expected-warning at -1{{'free' called on an object that may be
> referenced elsewhere}}
> +}
> +
>
>
> _______________________________________________
> cfe-commits mailing list
> cfe-commits at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20190118/c4813dd2/attachment-0001.html>
More information about the cfe-commits
mailing list