[cfe-commits] r151287 - in /cfe/trunk: include/clang/StaticAnalyzer/Core/BugReporter/BugReporter.h lib/StaticAnalyzer/Checkers/MallocChecker.cpp lib/StaticAnalyzer/Core/BugReporter.cpp test/Analysis/malloc.c
Anna Zaks
ganna at apple.com
Thu Feb 23 18:50:17 PST 2012
Actually, The bot is green. So I assume it was the Ted's diagnostic rewrite commit, which got reverted by Chad.
Cheers,
Anna.
On Feb 23, 2012, at 6:44 PM, Anna Zaks wrote:
> Thanks, I'll look at it right now.
> Anna.
> On Feb 23, 2012, at 5:53 PM, Eric Christopher wrote:
>
>> Hi Anna,
>>
>> I think one of your recent changes is breaking the buildbot:
>>
>> http://smooshlab.apple.com:8013/builders/clang-x86_64-darwin10-gcc42-RA/builds/12286
>>
>> but you may not have gotten a message because it was hidden before due to the tree not compiling.
>>
>> Thanks!
>>
>> -eric
>>
>> On Feb 23, 2012, at 1:38 PM, Anna Zaks <ganna at apple.com> wrote:
>>
>>> Author: zaks
>>> Date: Thu Feb 23 15:38:21 2012
>>> New Revision: 151287
>>>
>>> URL: http://llvm.org/viewvc/llvm-project?rev=151287&view=rev
>>> Log:
>>> [analyzer] Malloc: unique leak reports by allocation site.
>>>
>>> When we find two leak reports with the same allocation site, report only
>>> one of them.
>>>
>>> Provide a helper method to BugReporter to facilitate this.
>>>
>>> Modified:
>>> cfe/trunk/include/clang/StaticAnalyzer/Core/BugReporter/BugReporter.h
>>> cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
>>> cfe/trunk/lib/StaticAnalyzer/Core/BugReporter.cpp
>>> cfe/trunk/test/Analysis/malloc.c
>>>
>>> Modified: cfe/trunk/include/clang/StaticAnalyzer/Core/BugReporter/BugReporter.h
>>> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/StaticAnalyzer/Core/BugReporter/BugReporter.h?rev=151287&r1=151286&r2=151287&view=diff
>>> ==============================================================================
>>> --- cfe/trunk/include/clang/StaticAnalyzer/Core/BugReporter/BugReporter.h (original)
>>> +++ cfe/trunk/include/clang/StaticAnalyzer/Core/BugReporter/BugReporter.h Thu Feb 23 15:38:21 2012
>>> @@ -71,6 +71,7 @@
>>> std::string ShortDescription;
>>> std::string Description;
>>> PathDiagnosticLocation Location;
>>> + PathDiagnosticLocation UniqueingLocation;
>>> const ExplodedNode *ErrorNode;
>>> SmallVector<SourceRange, 4> Ranges;
>>> ExtraTextList ExtraText;
>>> @@ -95,6 +96,18 @@
>>> : BT(bt), Description(desc), Location(l), ErrorNode(0),
>>> Callbacks(F.getEmptyList()) {}
>>>
>>> + /// \brief Create a BugReport with a custom uniqueing location.
>>> + ///
>>> + /// The reports that have the same report location, description, bug type, and
>>> + /// ranges are uniqued - only one of the equivalent reports will be presented
>>> + /// to the user. This method allows to rest the location which should be used
>>> + /// for uniquing reports. For example, memory leaks checker, could set this to
>>> + /// the allocation site, rather then the location where the bug is reported.
>>> + BugReport(BugType& bt, StringRef desc, const ExplodedNode *errornode,
>>> + PathDiagnosticLocation LocationToUnique)
>>> + : BT(bt), Description(desc), UniqueingLocation(LocationToUnique),
>>> + ErrorNode(errornode), Callbacks(F.getEmptyList()) {}
>>> +
>>> virtual ~BugReport();
>>>
>>> const BugType& getBugType() const { return BT; }
>>>
>>> Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
>>> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp?rev=151287&r1=151286&r2=151287&view=diff
>>> ==============================================================================
>>> --- cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp (original)
>>> +++ cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp Thu Feb 23 15:38:21 2012
>>> @@ -186,6 +186,11 @@
>>> static bool SummarizeRegion(raw_ostream &os, const MemRegion *MR);
>>> void ReportBadFree(CheckerContext &C, SVal ArgVal, SourceRange range) const;
>>>
>>> + /// Find the location of the allocation for Sym on the path leading to the
>>> + /// exploded node N.
>>> + const Stmt *getAllocationSite(const ExplodedNode *N, SymbolRef Sym,
>>> + CheckerContext &C) const;
>>> +
>>> void reportLeak(SymbolRef Sym, ExplodedNode *N, CheckerContext &C) const;
>>>
>>> /// The bug visitor which allows us to print extra diagnostics along the
>>> @@ -766,6 +771,24 @@
>>> return MallocMemAux(C, CE, TotalSize, zeroVal, state);
>>> }
>>>
>>> +const Stmt *
>>> +MallocChecker::getAllocationSite(const ExplodedNode *N, SymbolRef Sym,
>>> + CheckerContext &C) const {
>>> + // Walk the ExplodedGraph backwards and find the first node that referred to
>>> + // the tracked symbol.
>>> + const ExplodedNode *AllocNode = N;
>>> +
>>> + while (N) {
>>> + if (!N->getState()->get<RegionState>(Sym))
>>> + break;
>>> + AllocNode = N;
>>> + N = N->pred_empty() ? NULL : *(N->pred_begin());
>>> + }
>>> +
>>> + ProgramPoint P = AllocNode->getLocation();
>>> + return cast<clang::PostStmt>(P).getStmt();
>>> +}
>>> +
>>> void MallocChecker::reportLeak(SymbolRef Sym, ExplodedNode *N,
>>> CheckerContext &C) const {
>>> assert(N);
>>> @@ -779,8 +802,16 @@
>>> BT_Leak->setSuppressOnSink(true);
>>> }
>>>
>>> + // Most bug reports are cached at the location where they occurred.
>>> + // With leaks, we want to unique them by the location where they were
>>> + // allocated, and only report a single path.
>>> + const Stmt *AllocStmt = getAllocationSite(N, Sym, C);
>>> + PathDiagnosticLocation LocUsedForUniqueing =
>>> + PathDiagnosticLocation::createBegin(AllocStmt, C.getSourceManager(),
>>> + N->getLocationContext());
>>> +
>>> BugReport *R = new BugReport(*BT_Leak,
>>> - "Memory is never released; potential memory leak", N);
>>> + "Memory is never released; potential memory leak", N, LocUsedForUniqueing);
>>> R->addVisitor(new MallocBugVisitor(Sym));
>>> C.EmitReport(R);
>>> }
>>> @@ -818,14 +849,17 @@
>>> }
>>> }
>>>
>>> - ExplodedNode *N = C.addTransition(state->set<RegionState>(RS));
>>> + // Generate leak node.
>>> + static SimpleProgramPointTag Tag("MallocChecker : DeadSymbolsLeak");
>>> + ExplodedNode *N = C.addTransition(C.getState(), C.getPredecessor(), &Tag);
>>>
>>> - if (N && generateReport) {
>>> + if (generateReport) {
>>> for (llvm::SmallVector<SymbolRef, 2>::iterator
>>> I = Errors.begin(), E = Errors.end(); I != E; ++I) {
>>> reportLeak(*I, N, C);
>>> }
>>> }
>>> + C.addTransition(state->set<RegionState>(RS), N);
>>> }
>>>
>>> void MallocChecker::checkEndPath(CheckerContext &C) const {
>>>
>>> Modified: cfe/trunk/lib/StaticAnalyzer/Core/BugReporter.cpp
>>> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/BugReporter.cpp?rev=151287&r1=151286&r2=151287&view=diff
>>> ==============================================================================
>>> --- cfe/trunk/lib/StaticAnalyzer/Core/BugReporter.cpp (original)
>>> +++ cfe/trunk/lib/StaticAnalyzer/Core/BugReporter.cpp Thu Feb 23 15:38:21 2012
>>> @@ -1270,7 +1270,9 @@
>>> void BugReport::Profile(llvm::FoldingSetNodeID& hash) const {
>>> hash.AddPointer(&BT);
>>> hash.AddString(Description);
>>> - if (Location.isValid()) {
>>> + if (UniqueingLocation.isValid()) {
>>> + UniqueingLocation.Profile(hash);
>>> + } else if (Location.isValid()) {
>>> Location.Profile(hash);
>>> } else {
>>> assert(ErrorNode);
>>>
>>> Modified: cfe/trunk/test/Analysis/malloc.c
>>> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/malloc.c?rev=151287&r1=151286&r2=151287&view=diff
>>> ==============================================================================
>>> --- cfe/trunk/test/Analysis/malloc.c (original)
>>> +++ cfe/trunk/test/Analysis/malloc.c Thu Feb 23 15:38:21 2012
>>> @@ -379,7 +379,7 @@
>>>
>>> void mallocMalloc() {
>>> int *p = malloc(12);
>>> - p = malloc(12); // expected-warning{{Memory is never released; potential memory leak}}
>>> + p = malloc(12); // expected-warning 2 {{Memory is never released; potential memory leak}}
>>> }
>>>
>>> void mallocFreeMalloc() {
>>> @@ -666,7 +666,7 @@
>>> char *s2 = strndup(s, size);
>>> s2 [validIndex + 1] = 'b';
>>> if (s2[validIndex] != 'a')
>>> - return 0;// expected-warning {{Memory is never released; potential memory leak}}
>>> + return 0;
>>> else
>>> return 1;// expected-warning {{Memory is never released; potential memory leak}}
>>> }
>>>
>>>
>>> _______________________________________________
>>> cfe-commits mailing list
>>> cfe-commits at cs.uiuc.edu
>>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
>>
>
> _______________________________________________
> cfe-commits mailing list
> cfe-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
More information about the cfe-commits
mailing list