[cfe-dev] GSoC Final Report | ISL Memory Management Using Clang Static Analyzer

Malhar Thakkar via cfe-dev cfe-dev at lists.llvm.org
Wed Aug 23 21:16:07 PDT 2017

Hello everyone,

is the final report of my GSoC project. The aim of my project was to add
support to RetainCountChecker to perform reference counting of objects in
frameworks written in C, primarily for the Integer Set Library (ISL).

My work in this GSoC project primarily involved the following two tasks:

   - Analyze how the RetainCountChecker performs (in terms of true/false
   positives and true/false negatives) on the ISL codebase.
   - Fix most of the true positives (due to missing annotations) and false
   positives by adding certain functionalities to the RetainCountChecker.

Patches submitted to clang and ISL:


   Missing annotations in various functions in ISL resulted in a lot of
   leak warnings for reference counted objects. To suppress these warnings, I
   submitted patches
   <http://repo.or.cz/isl.git/search/HEAD?s=Malhar+Thakkar;st=author> to
   add missing annotations to such functions.

   False positives were raised when the RetainCountChecker analyzed the
   bodies of functions (which perform reference counting) of the form
   obj_free(), obj_copy() and obj_cow(). To prevent such false positives, I
   submitted this patch <https://reviews.llvm.org/D34937>. This patch makes
   the checker trust the implementations of these functions and hence,
   prevents it to analyze the bodies of these functions.

   Diagnostic notes emitted by the RetainCountChecker were specific to Core
   Foundation and Objective-C objects. To support more generalized reference
   counting annotations and emit more generalized diagnostic notes, I
   submitted this patch <https://reviews.llvm.org/D35613>.
   - Original RetainCountChecker did not have the functionality of
   performing reference counting of function parameters on the callee-side
   which can prove to be very useful for various kinds of debugging. This
   patch <https://reviews.llvm.org/D36441> adds that functionality.

Analysis of building the ISL codebase with Clang Static Analyzer during
various stages can be found here
Note that the “View Report” hyperlinks will not work on your systems since
their paths are pertaining to my local system.



   Download the latest clang source code by git clone
   http://llvm.org/git/clang.git and build it from source.

   Download the latest ISL source code by git clone git://repo.or.cz/isl.git

   Prepend obj_free(), obj_cow() and obj_free() functions in ISL with
   __attribute__((annotate("rc_ownership_trusted_implementation")) as
   mentioned above.

   Run the following scripts (in order) in the ISL home directory to build
   it using Clang Static Analyzer.

      $LLVM_BUILD/bin/scan-build --use-analyzer $LLVM_BUILD/bin/clang
      --use-cc $LLVM_BUILD/bin/clang -o <output_folder_path> -enable-checker
      osx.cocoa.RetainCount ./configure CC="gcc"
      CFLAGS='-Wno-nullability-completeness -I/usr/local/include'

      $LLVM_BUILD/bin/scan-build --use-analyzer $LLVM_BUILD/bin/clang
      --use-cc $LLVM_BUILD/bin/clang -o <output_folder_path> -enable-checker
      osx.cocoa.RetainCount make CC="gcc" CFLAGS='-Wno-nullability-completeness
      -I/usr/local/include -I/$ISL_SRC
      - Run $LLVM_BUILD/bin/scan-view on the output directory to view the

Let me know your thoughts on my final report.

Thank you.

Malhar Thakkar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20170824/7b6be804/attachment.html>

More information about the cfe-dev mailing list