Feature request & new analyze regression

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Feature request & new analyze regression

Andy Wick
Would it be possible to configure check for arc4random function existence,
and if not available turn off the rand function security errors?  (I assume
this is some MacOS function?) Or is there a ­Wno* to turn them off?


Updated to TIP this morning, last update was I think 2 days ago.

void test (void *uw1) {
    unsigned int foo;
    foo = ((long)(uw1));
}

clang --analyze test.c

clang: SValuator.cpp:119: clang::SValuator::CastResult
clang::SValuator::EvalCast(clang::SVal, const clang::GRState*,
clang::QualType, clang::QualType): Assertion `Loc::IsLocType(castTy)'
failed.
0  clang           0x000000000142a77f
1  clang           0x000000000142af81
2  libpthread.so.0 0x0000002a9567f160
3  libc.so.6       0x0000002a95d5f745 gsignal + 69
4  libc.so.6       0x0000002a95d60eb3 abort + 467
5  libc.so.6       0x0000002a95d58dc9
6  clang           0x00000000006c057e
7  clang           0x000000000067efcf
8  clang           0x0000000000679ac4
9  clang           0x0000000000679fe8
10 clang           0x0000000000679a54
11 clang           0x0000000000680bfd
12 clang           0x000000000066e708
13 clang           0x000000000066e972
14 clang           0x00000000004d9b2f
15 clang           0x00000000004d84d0
16 clang           0x00000000004d89b5
17 clang           0x00000000006e39f6
18 clang           0x00000000004347c8
19 clang           0x0000000000437851 main + 1585
20 libc.so.6       0x0000002a95d4d1d7 __libc_start_main + 215
21 clang           0x000000000043263a
Stack dump:
0.    Program arguments: /usr/local/bin/clang -cc1 -triple
x86_64-unknown-linux-gnu -analyze -disable-free -main-file-name test.c
-analyzer-store=region -analyzer-opt-analyze-nested-blocks -warn-dead-stores
-warn-security-syntactic -checker-cfref -analyzer-eagerly-assume
-warn-objc-methodsigs -warn-objc-unused-ivars -analyzer-output plist
-mrelocation-model static -mdisable-fp-elim -munwind-tables -target-cpu
x86-64 -v -resource-dir /usr/local/lib/clang/1.1 -fmessage-length 166
-fgnu-runtime -fdiagnostics-show-option -fcolor-diagnostics -o test.plist -x
c test.c
1.    <eof> parser at end of file
2.    test.c:3:5: Error evaluating statement
3.    test.c:3:5: Error evaluating statement
4.    test.c:3:11: Error evaluating statement


_______________________________________________
cfe-dev mailing list
[hidden email]
http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: Feature request & new analyze regression

Ted Kremenek
Hi Andy,

This is a static analyzer check, not a compiler warning.  There is no plans to ever have configure support for static analyzer checks, but having more fine-grain control over checks is something I'd like to have in the future.

It looks like there are two issues here.  The first is that arc4random appears to be architecture specific.  Getting that right doesn't require configure support, as Clang is a cross-compiler and always has a notion of the intended target.  That check should be tailored to only emit a warning when arc4random is available.  Please file a bugzilla report so that we can track the resolution of this issue off this list.

The second issue is the crash.  Can you provide a preprocessed version of test.c (assuming it depends on headers) and submit a separate bugzilla report?

Cheers,
Ted

On Jan 12, 2010, at 6:41 AM, Andy Wick wrote:

> Would it be possible to configure check for arc4random function existence,
> and if not available turn off the rand function security errors?  (I assume
> this is some MacOS function?) Or is there a –Wno* to turn them off?
>
>
> Updated to TIP this morning, last update was I think 2 days ago.
>
> void test (void *uw1) {
>    unsigned int foo;
>    foo = ((long)(uw1));
> }
>
> clang --analyze test.c
>
> clang: SValuator.cpp:119: clang::SValuator::CastResult
> clang::SValuator::EvalCast(clang::SVal, const clang::GRState*,
> clang::QualType, clang::QualType): Assertion `Loc::IsLocType(castTy)'
> failed.
> 0  clang           0x000000000142a77f
> 1  clang           0x000000000142af81
> 2  libpthread.so.0 0x0000002a9567f160
> 3  libc.so.6       0x0000002a95d5f745 gsignal + 69
> 4  libc.so.6       0x0000002a95d60eb3 abort + 467
> 5  libc.so.6       0x0000002a95d58dc9
> 6  clang           0x00000000006c057e
> 7  clang           0x000000000067efcf
> 8  clang           0x0000000000679ac4
> 9  clang           0x0000000000679fe8
> 10 clang           0x0000000000679a54
> 11 clang           0x0000000000680bfd
> 12 clang           0x000000000066e708
> 13 clang           0x000000000066e972
> 14 clang           0x00000000004d9b2f
> 15 clang           0x00000000004d84d0
> 16 clang           0x00000000004d89b5
> 17 clang           0x00000000006e39f6
> 18 clang           0x00000000004347c8
> 19 clang           0x0000000000437851 main + 1585
> 20 libc.so.6       0x0000002a95d4d1d7 __libc_start_main + 215
> 21 clang           0x000000000043263a
> Stack dump:
> 0.    Program arguments: /usr/local/bin/clang -cc1 -triple
> x86_64-unknown-linux-gnu -analyze -disable-free -main-file-name test.c
> -analyzer-store=region -analyzer-opt-analyze-nested-blocks -warn-dead-stores
> -warn-security-syntactic -checker-cfref -analyzer-eagerly-assume
> -warn-objc-methodsigs -warn-objc-unused-ivars -analyzer-output plist
> -mrelocation-model static -mdisable-fp-elim -munwind-tables -target-cpu
> x86-64 -v -resource-dir /usr/local/lib/clang/1.1 -fmessage-length 166
> -fgnu-runtime -fdiagnostics-show-option -fcolor-diagnostics -o test.plist -x
> c test.c
> 1.    <eof> parser at end of file
> 2.    test.c:3:5: Error evaluating statement
> 3.    test.c:3:5: Error evaluating statement
> 4.    test.c:3:11: Error evaluating statement
>
>
> _______________________________________________
> cfe-dev mailing list
> [hidden email]
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev


_______________________________________________
cfe-dev mailing list
[hidden email]
http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: Feature request & new analyze regression

Andy Wick
I've submitted bugzilla for both.


On 1/12/10 11:07 AM, "Ted Kremenek" <[hidden email]> wrote:
> The second issue is the crash.  Can you provide a preprocessed version of
> test.c (assuming it depends on headers) and submit a separate bugzilla report?

No include files, all the file contained was
void test (void *uw1) {
    unsigned int foo;
    foo = ((long)(uw1));
}

It broke between 93136 and 93238

Thanks,
Andy

>
> Cheers,
> Ted
>
> On Jan 12, 2010, at 6:41 AM, Andy Wick wrote:
>
>> Would it be possible to configure check for arc4random function existence,
>> and if not available turn off the rand function security errors?  (I assume
>> this is some MacOS function?) Or is there a ­Wno* to turn them off?
>>
>>
>> Updated to TIP this morning, last update was I think 2 days ago.
>>
>> void test (void *uw1) {
>>    unsigned int foo;
>>    foo = ((long)(uw1));
>> }
>>
>> clang --analyze test.c
>>
>> clang: SValuator.cpp:119: clang::SValuator::CastResult
>> clang::SValuator::EvalCast(clang::SVal, const clang::GRState*,
>> clang::QualType, clang::QualType): Assertion `Loc::IsLocType(castTy)'
>> failed.
>> 0  clang           0x000000000142a77f
>> 1  clang           0x000000000142af81
>> 2  libpthread.so.0 0x0000002a9567f160
>> 3  libc.so.6       0x0000002a95d5f745 gsignal + 69
>> 4  libc.so.6       0x0000002a95d60eb3 abort + 467
>> 5  libc.so.6       0x0000002a95d58dc9
>> 6  clang           0x00000000006c057e
>> 7  clang           0x000000000067efcf
>> 8  clang           0x0000000000679ac4
>> 9  clang           0x0000000000679fe8
>> 10 clang           0x0000000000679a54
>> 11 clang           0x0000000000680bfd
>> 12 clang           0x000000000066e708
>> 13 clang           0x000000000066e972
>> 14 clang           0x00000000004d9b2f
>> 15 clang           0x00000000004d84d0
>> 16 clang           0x00000000004d89b5
>> 17 clang           0x00000000006e39f6
>> 18 clang           0x00000000004347c8
>> 19 clang           0x0000000000437851 main + 1585
>> 20 libc.so.6       0x0000002a95d4d1d7 __libc_start_main + 215
>> 21 clang           0x000000000043263a
>> Stack dump:
>> 0.    Program arguments: /usr/local/bin/clang -cc1 -triple
>> x86_64-unknown-linux-gnu -analyze -disable-free -main-file-name test.c
>> -analyzer-store=region -analyzer-opt-analyze-nested-blocks -warn-dead-stores
>> -warn-security-syntactic -checker-cfref -analyzer-eagerly-assume
>> -warn-objc-methodsigs -warn-objc-unused-ivars -analyzer-output plist
>> -mrelocation-model static -mdisable-fp-elim -munwind-tables -target-cpu
>> x86-64 -v -resource-dir /usr/local/lib/clang/1.1 -fmessage-length 166
>> -fgnu-runtime -fdiagnostics-show-option -fcolor-diagnostics -o test.plist -x
>> c test.c
>> 1.    <eof> parser at end of file
>> 2.    test.c:3:5: Error evaluating statement
>> 3.    test.c:3:5: Error evaluating statement
>> 4.    test.c:3:11: Error evaluating statement
>>
>>
>> _______________________________________________
>> cfe-dev mailing list
>> [hidden email]
>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
>
>


_______________________________________________
cfe-dev mailing list
[hidden email]
http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: Feature request & new analyze regression

Andy Wick
In reply to this post by Andy Wick
I track my regression down to the following change with
llvm/tools/clang/lib/Analysis/SVals.cpp

If I comment it out I work again.

------------------------------------------------------------------------
r93146 | zhongxingxu | 2010-01-11 01:52:53 -0500 (Mon, 11 Jan 2010) | 3
lines

Enhance SVals::getAsRegion: get the region that is converted to an integer.
This with previous patch fixes a OSAtomic test case.




On 1/12/10 9:41 AM, "Andy Wick" <[hidden email]> wrote:


> Updated to TIP this morning, last update was I think 2 days ago.
>
> void test (void *uw1) {
>     unsigned int foo;
>     foo = ((long)(uw1));
> }
>
> clang --analyze test.c
>
> clang: SValuator.cpp:119: clang::SValuator::CastResult
> clang::SValuator::EvalCast(clang::SVal, const clang::GRState*,
> clang::QualType, clang::QualType): Assertion `Loc::IsLocType(castTy)' failed.
> 0  clang           0x000000000142a77f
> 1  clang           0x000000000142af81
> 2  libpthread.so.0 0x0000002a9567f160
> 3  libc.so.6       0x0000002a95d5f745 gsignal + 69
> 4  libc.so.6       0x0000002a95d60eb3 abort + 467
> 5  libc.so.6       0x0000002a95d58dc9
> 6  clang           0x00000000006c057e
> 7  clang           0x000000000067efcf
> 8  clang           0x0000000000679ac4
> 9  clang           0x0000000000679fe8
> 10 clang           0x0000000000679a54
> 11 clang           0x0000000000680bfd
> 12 clang           0x000000000066e708
> 13 clang           0x000000000066e972
> 14 clang           0x00000000004d9b2f
> 15 clang           0x00000000004d84d0
> 16 clang           0x00000000004d89b5
> 17 clang           0x00000000006e39f6
> 18 clang           0x00000000004347c8
> 19 clang           0x0000000000437851 main + 1585
> 20 libc.so.6       0x0000002a95d4d1d7 __libc_start_main + 215
> 21 clang           0x000000000043263a
> Stack dump:
> 0.    Program arguments: /usr/local/bin/clang -cc1 -triple
> x86_64-unknown-linux-gnu -analyze -disable-free -main-file-name test.c
> -analyzer-store=region -analyzer-opt-analyze-nested-blocks -warn-dead-stores
> -warn-security-syntactic -checker-cfref -analyzer-eagerly-assume
> -warn-objc-methodsigs -warn-objc-unused-ivars -analyzer-output plist
> -mrelocation-model static -mdisable-fp-elim -munwind-tables -target-cpu x86-64
> -v -resource-dir /usr/local/lib/clang/1.1 -fmessage-length 166 -fgnu-runtime
> -fdiagnostics-show-option -fcolor-diagnostics -o test.plist -x c test.c
> 1.    <eof> parser at end of file
> 2.    test.c:3:5: Error evaluating statement
> 3.    test.c:3:5: Error evaluating statement
> 4.    test.c:3:11: Error evaluating statement

_______________________________________________
cfe-dev mailing list
[hidden email]
http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: Feature request & new analyze regression

Ted Kremenek
Awesome.  Thanks Andy.

On Jan 13, 2010, at 8:20 AM, Andy Wick wrote:

> I track my regression down to the following change with
> llvm/tools/clang/lib/Analysis/SVals.cpp
>
> If I comment it out I work again.
>
> ------------------------------------------------------------------------
> r93146 | zhongxingxu | 2010-01-11 01:52:53 -0500 (Mon, 11 Jan 2010) | 3
> lines
>
> Enhance SVals::getAsRegion: get the region that is converted to an integer.
> This with previous patch fixes a OSAtomic test case.
>
>
>
>
> On 1/12/10 9:41 AM, "Andy Wick" <[hidden email]> wrote:
>
>
>> Updated to TIP this morning, last update was I think 2 days ago.
>>
>> void test (void *uw1) {
>>    unsigned int foo;
>>    foo = ((long)(uw1));
>> }
>>
>> clang --analyze test.c
>>
>> clang: SValuator.cpp:119: clang::SValuator::CastResult
>> clang::SValuator::EvalCast(clang::SVal, const clang::GRState*,
>> clang::QualType, clang::QualType): Assertion `Loc::IsLocType(castTy)' failed.
>> 0  clang           0x000000000142a77f
>> 1  clang           0x000000000142af81
>> 2  libpthread.so.0 0x0000002a9567f160
>> 3  libc.so.6       0x0000002a95d5f745 gsignal + 69
>> 4  libc.so.6       0x0000002a95d60eb3 abort + 467
>> 5  libc.so.6       0x0000002a95d58dc9
>> 6  clang           0x00000000006c057e
>> 7  clang           0x000000000067efcf
>> 8  clang           0x0000000000679ac4
>> 9  clang           0x0000000000679fe8
>> 10 clang           0x0000000000679a54
>> 11 clang           0x0000000000680bfd
>> 12 clang           0x000000000066e708
>> 13 clang           0x000000000066e972
>> 14 clang           0x00000000004d9b2f
>> 15 clang           0x00000000004d84d0
>> 16 clang           0x00000000004d89b5
>> 17 clang           0x00000000006e39f6
>> 18 clang           0x00000000004347c8
>> 19 clang           0x0000000000437851 main + 1585
>> 20 libc.so.6       0x0000002a95d4d1d7 __libc_start_main + 215
>> 21 clang           0x000000000043263a
>> Stack dump:
>> 0.    Program arguments: /usr/local/bin/clang -cc1 -triple
>> x86_64-unknown-linux-gnu -analyze -disable-free -main-file-name test.c
>> -analyzer-store=region -analyzer-opt-analyze-nested-blocks -warn-dead-stores
>> -warn-security-syntactic -checker-cfref -analyzer-eagerly-assume
>> -warn-objc-methodsigs -warn-objc-unused-ivars -analyzer-output plist
>> -mrelocation-model static -mdisable-fp-elim -munwind-tables -target-cpu x86-64
>> -v -resource-dir /usr/local/lib/clang/1.1 -fmessage-length 166 -fgnu-runtime
>> -fdiagnostics-show-option -fcolor-diagnostics -o test.plist -x c test.c
>> 1.    <eof> parser at end of file
>> 2.    test.c:3:5: Error evaluating statement
>> 3.    test.c:3:5: Error evaluating statement
>> 4.    test.c:3:11: Error evaluating statement
>
> _______________________________________________
> cfe-dev mailing list
> [hidden email]
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev


_______________________________________________
cfe-dev mailing list
[hidden email]
http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
Reply | Threaded
Open this post in threaded view
|

Re: Feature request & new analyze regression

Zhongxing Xu
In reply to this post by Andy Wick
This should have been fixed in r93422.

2010/1/14 Andy Wick <[hidden email]>
I track my regression down to the following change with
llvm/tools/clang/lib/Analysis/SVals.cpp

If I comment it out I work again.

------------------------------------------------------------------------
r93146 | zhongxingxu | 2010-01-11 01:52:53 -0500 (Mon, 11 Jan 2010) | 3
lines

Enhance SVals::getAsRegion: get the region that is converted to an integer.
This with previous patch fixes a OSAtomic test case.




On 1/12/10 9:41 AM, "Andy Wick" <[hidden email]> wrote:


> Updated to TIP this morning, last update was I think 2 days ago.
>
> void test (void *uw1) {
>     unsigned int foo;
>     foo = ((long)(uw1));
> }
>
> clang --analyze test.c
>
> clang: SValuator.cpp:119: clang::SValuator::CastResult
> clang::SValuator::EvalCast(clang::SVal, const clang::GRState*,
> clang::QualType, clang::QualType): Assertion `Loc::IsLocType(castTy)' failed.
> 0  clang           0x000000000142a77f
> 1  clang           0x000000000142af81
> 2  libpthread.so.0 0x0000002a9567f160
> 3  libc.so.6       0x0000002a95d5f745 gsignal + 69
> 4  libc.so.6       0x0000002a95d60eb3 abort + 467
> 5  libc.so.6       0x0000002a95d58dc9
> 6  clang           0x00000000006c057e
> 7  clang           0x000000000067efcf
> 8  clang           0x0000000000679ac4
> 9  clang           0x0000000000679fe8
> 10 clang           0x0000000000679a54
> 11 clang           0x0000000000680bfd
> 12 clang           0x000000000066e708
> 13 clang           0x000000000066e972
> 14 clang           0x00000000004d9b2f
> 15 clang           0x00000000004d84d0
> 16 clang           0x00000000004d89b5
> 17 clang           0x00000000006e39f6
> 18 clang           0x00000000004347c8
> 19 clang           0x0000000000437851 main + 1585
> 20 libc.so.6       0x0000002a95d4d1d7 __libc_start_main + 215
> 21 clang           0x000000000043263a
> Stack dump:
> 0.    Program arguments: /usr/local/bin/clang -cc1 -triple
> x86_64-unknown-linux-gnu -analyze -disable-free -main-file-name test.c
> -analyzer-store=region -analyzer-opt-analyze-nested-blocks -warn-dead-stores
> -warn-security-syntactic -checker-cfref -analyzer-eagerly-assume
> -warn-objc-methodsigs -warn-objc-unused-ivars -analyzer-output plist
> -mrelocation-model static -mdisable-fp-elim -munwind-tables -target-cpu x86-64
> -v -resource-dir /usr/local/lib/clang/1.1 -fmessage-length 166 -fgnu-runtime
> -fdiagnostics-show-option -fcolor-diagnostics -o test.plist -x c test.c
> 1.    <eof> parser at end of file
> 2.    test.c:3:5: Error evaluating statement
> 3.    test.c:3:5: Error evaluating statement
> 4.    test.c:3:11: Error evaluating statement

_______________________________________________
cfe-dev mailing list
[hidden email]
http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev


_______________________________________________
cfe-dev mailing list
[hidden email]
http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev