[cfe-commits] r151287 - in /cfe/trunk: include/clang/StaticAnalyzer/Core/BugReporter/BugReporter.h lib/StaticAnalyzer/Checkers/MallocChecker.cpp lib/StaticAnalyzer/Core/BugReporter.cpp test/Analysis/malloc.c

Eric Christopher echristo at apple.com
Thu Feb 23 18:51:02 PST 2012 

Looks like it.

Thanks for looking!

-eric

On Feb 23, 2012, at 6:50 PM, Anna Zaks <ganna at apple.com> wrote:

> Actually, The bot is green. So I assume it was the Ted's diagnostic rewrite commit, which got reverted by Chad.
> 
> Cheers,
> Anna.
> On Feb 23, 2012, at 6:44 PM, Anna Zaks wrote:
> 
>> Thanks, I'll look at it right now.
>> Anna.
>> On Feb 23, 2012, at 5:53 PM, Eric Christopher wrote:
>> 
>>> Hi Anna,
>>> 
>>> I think one of your recent changes is breaking the buildbot:
>>> 
>>> http://smooshlab.apple.com:8013/builders/clang-x86_64-darwin10-gcc42-RA/builds/12286
>>> 
>>> but you may not have gotten a message because it was hidden before due to the tree not compiling.
>>> 
>>> Thanks!
>>> 
>>> -eric
>>> 
>>> On Feb 23, 2012, at 1:38 PM, Anna Zaks <ganna at apple.com> wrote:
>>> 
>>>> Author: zaks
>>>> Date: Thu Feb 23 15:38:21 2012
>>>> New Revision: 151287
>>>> 
>>>> URL: http://llvm.org/viewvc/llvm-project?rev=151287&view=rev
>>>> Log:
>>>> [analyzer] Malloc: unique leak reports by allocation site.
>>>> 
>>>> When we find two leak reports with the same allocation site, report only
>>>> one of them.
>>>> 
>>>> Provide a helper method to BugReporter to facilitate this.
>>>> 
>>>> Modified:
>>>> cfe/trunk/include/clang/StaticAnalyzer/Core/BugReporter/BugReporter.h
>>>> cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
>>>> cfe/trunk/lib/StaticAnalyzer/Core/BugReporter.cpp
>>>> cfe/trunk/test/Analysis/malloc.c
>>>> 
>>>> Modified: cfe/trunk/include/clang/StaticAnalyzer/Core/BugReporter/BugReporter.h
>>>> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/include/clang/StaticAnalyzer/Core/BugReporter/BugReporter.h?rev=151287&r1=151286&r2=151287&view=diff
>>>> ==============================================================================
>>>> --- cfe/trunk/include/clang/StaticAnalyzer/Core/BugReporter/BugReporter.h (original)
>>>> +++ cfe/trunk/include/clang/StaticAnalyzer/Core/BugReporter/BugReporter.h Thu Feb 23 15:38:21 2012
>>>> @@ -71,6 +71,7 @@
>>>> std::string ShortDescription;
>>>> std::string Description;
>>>> PathDiagnosticLocation Location;
>>>> +  PathDiagnosticLocation UniqueingLocation;
>>>> const ExplodedNode *ErrorNode;
>>>> SmallVector<SourceRange, 4> Ranges;
>>>> ExtraTextList ExtraText;
>>>> @@ -95,6 +96,18 @@
>>>>  : BT(bt), Description(desc), Location(l), ErrorNode(0),
>>>>    Callbacks(F.getEmptyList()) {}
>>>> 
>>>> +  /// \brief Create a BugReport with a custom uniqueing location.
>>>> +  ///
>>>> +  /// The reports that have the same report location, description, bug type, and
>>>> +  /// ranges are uniqued - only one of the equivalent reports will be presented
>>>> +  /// to the user. This method allows to rest the location which should be used
>>>> +  /// for uniquing reports. For example, memory leaks checker, could set this to
>>>> +  /// the allocation site, rather then the location where the bug is reported.
>>>> +  BugReport(BugType& bt, StringRef desc, const ExplodedNode *errornode,
>>>> +            PathDiagnosticLocation LocationToUnique)
>>>> +    : BT(bt), Description(desc), UniqueingLocation(LocationToUnique),
>>>> +      ErrorNode(errornode), Callbacks(F.getEmptyList()) {}
>>>> +
>>>> virtual ~BugReport();
>>>> 
>>>> const BugType& getBugType() const { return BT; }
>>>> 
>>>> Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp
>>>> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp?rev=151287&r1=151286&r2=151287&view=diff
>>>> ==============================================================================
>>>> --- cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp (original)
>>>> +++ cfe/trunk/lib/StaticAnalyzer/Checkers/MallocChecker.cpp Thu Feb 23 15:38:21 2012
>>>> @@ -186,6 +186,11 @@
>>>> static bool SummarizeRegion(raw_ostream &os, const MemRegion *MR);
>>>> void ReportBadFree(CheckerContext &C, SVal ArgVal, SourceRange range) const;
>>>> 
>>>> +  /// Find the location of the allocation for Sym on the path leading to the
>>>> +  /// exploded node N.
>>>> +  const Stmt *getAllocationSite(const ExplodedNode *N, SymbolRef Sym,
>>>> +                                CheckerContext &C) const;
>>>> +
>>>> void reportLeak(SymbolRef Sym, ExplodedNode *N, CheckerContext &C) const;
>>>> 
>>>> /// The bug visitor which allows us to print extra diagnostics along the
>>>> @@ -766,6 +771,24 @@
>>>> return MallocMemAux(C, CE, TotalSize, zeroVal, state);
>>>> }
>>>> 
>>>> +const Stmt *
>>>> +MallocChecker::getAllocationSite(const ExplodedNode *N, SymbolRef Sym,
>>>> +                                 CheckerContext &C) const {
>>>> +  // Walk the ExplodedGraph backwards and find the first node that referred to
>>>> +  // the tracked symbol.
>>>> +  const ExplodedNode *AllocNode = N;
>>>> +
>>>> +  while (N) {
>>>> +    if (!N->getState()->get<RegionState>(Sym))
>>>> +      break;
>>>> +    AllocNode = N;
>>>> +    N = N->pred_empty() ? NULL : *(N->pred_begin());
>>>> +  }
>>>> +
>>>> +  ProgramPoint P = AllocNode->getLocation();
>>>> +  return cast<clang::PostStmt>(P).getStmt();
>>>> +}
>>>> +
>>>> void MallocChecker::reportLeak(SymbolRef Sym, ExplodedNode *N,
>>>>                             CheckerContext &C) const {
>>>> assert(N);
>>>> @@ -779,8 +802,16 @@
>>>>  BT_Leak->setSuppressOnSink(true);
>>>> }
>>>> 
>>>> +  // Most bug reports are cached at the location where they occurred.
>>>> +  // With leaks, we want to unique them by the location where they were
>>>> +  // allocated, and only report a single path.
>>>> +  const Stmt *AllocStmt = getAllocationSite(N, Sym, C);
>>>> +  PathDiagnosticLocation LocUsedForUniqueing =
>>>> +    PathDiagnosticLocation::createBegin(AllocStmt, C.getSourceManager(),
>>>> +                                        N->getLocationContext());
>>>> +
>>>> BugReport *R = new BugReport(*BT_Leak,
>>>> -                  "Memory is never released; potential memory leak", N);
>>>> +    "Memory is never released; potential memory leak", N, LocUsedForUniqueing);
>>>> R->addVisitor(new MallocBugVisitor(Sym));
>>>> C.EmitReport(R);
>>>> }
>>>> @@ -818,14 +849,17 @@
>>>>  }
>>>> }
>>>> 
>>>> -  ExplodedNode *N = C.addTransition(state->set<RegionState>(RS));
>>>> +  // Generate leak node.
>>>> +  static SimpleProgramPointTag Tag("MallocChecker : DeadSymbolsLeak");
>>>> +  ExplodedNode *N = C.addTransition(C.getState(), C.getPredecessor(), &Tag);
>>>> 
>>>> -  if (N && generateReport) {
>>>> +  if (generateReport) {
>>>>  for (llvm::SmallVector<SymbolRef, 2>::iterator
>>>>       I = Errors.begin(), E = Errors.end(); I != E; ++I) {
>>>>    reportLeak(*I, N, C);
>>>>  }
>>>> }
>>>> +  C.addTransition(state->set<RegionState>(RS), N);
>>>> }
>>>> 
>>>> void MallocChecker::checkEndPath(CheckerContext &C) const {
>>>> 
>>>> Modified: cfe/trunk/lib/StaticAnalyzer/Core/BugReporter.cpp
>>>> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Core/BugReporter.cpp?rev=151287&r1=151286&r2=151287&view=diff
>>>> ==============================================================================
>>>> --- cfe/trunk/lib/StaticAnalyzer/Core/BugReporter.cpp (original)
>>>> +++ cfe/trunk/lib/StaticAnalyzer/Core/BugReporter.cpp Thu Feb 23 15:38:21 2012
>>>> @@ -1270,7 +1270,9 @@
>>>> void BugReport::Profile(llvm::FoldingSetNodeID& hash) const {
>>>> hash.AddPointer(&BT);
>>>> hash.AddString(Description);
>>>> -  if (Location.isValid()) {
>>>> +  if (UniqueingLocation.isValid()) {
>>>> +    UniqueingLocation.Profile(hash);
>>>> +  } else if (Location.isValid()) {
>>>>  Location.Profile(hash);
>>>> } else {
>>>>  assert(ErrorNode);
>>>> 
>>>> Modified: cfe/trunk/test/Analysis/malloc.c
>>>> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/malloc.c?rev=151287&r1=151286&r2=151287&view=diff
>>>> ==============================================================================
>>>> --- cfe/trunk/test/Analysis/malloc.c (original)
>>>> +++ cfe/trunk/test/Analysis/malloc.c Thu Feb 23 15:38:21 2012
>>>> @@ -379,7 +379,7 @@
>>>> 
>>>> void mallocMalloc() {
>>>> int *p = malloc(12);
>>>> -  p = malloc(12); // expected-warning{{Memory is never released; potential memory leak}}
>>>> +  p = malloc(12); // expected-warning 2 {{Memory is never released; potential memory leak}}
>>>> }
>>>> 
>>>> void mallocFreeMalloc() {
>>>> @@ -666,7 +666,7 @@
>>>> char *s2 = strndup(s, size);
>>>> s2 [validIndex + 1] = 'b';
>>>> if (s2[validIndex] != 'a')
>>>> -    return 0;// expected-warning {{Memory is never released; potential memory leak}}
>>>> +    return 0;
>>>> else
>>>>  return 1;// expected-warning {{Memory is never released; potential memory leak}}
>>>> }
>>>> 
>>>> 
>>>> _______________________________________________
>>>> cfe-commits mailing list
>>>> cfe-commits at cs.uiuc.edu
>>>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
>>> 
>> 
>> _______________________________________________
>> cfe-commits mailing list
>> cfe-commits at cs.uiuc.edu
>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
>

More information about the cfe-commits mailing list