search

Quuxplusone / LLVMBugzillaTest

0 stars 0 forks source link

Analyzer misses uninitialzed variable usage in nested blocks #18980

Open Quuxplusone opened 10 years ago

Quuxplusone commented 10 years ago
Bugzilla Link PR18981
Status NEW
Importance P normal
Reported by Mike Shields (mshields@mac.com)
Reported on 2014-02-26 16:46:31 -0800
Last modified on 2014-02-27 10:40:01 -0800
Version 3.4
Hardware Macintosh MacOS X
CC jrose@belkadan.com, llvm-bugs@lists.llvm.org
Fixed by commit(s)
Attachments analyzer_bug.zip (24628 bytes, application/zip)
Blocks
Blocked by
See also PR18991 
Created attachment 12156
Xcode project illustrating the code structure leading to the bad analysis

Found using Xcode 5.1b5.

clang -v
Apple LLVM version 5.1 (clang-503.0.19) (based on LLVM 3.4svn)
Target: x86_64-apple-darwin13.1.0
Thread model: posix

A bug was reported in our software that was traced down to an uninitialized
variable in our code. Since we have been running the analyzer relatively
frequently we wondered why this wasn't caught.

Investigation seems to point to the use of nested blocks and objects created at
differing block scope. I've attached an Xcode project which should warn about
usage of an uninitialized variable (objC in this case), but no warnings are
generated when using the command line or within Xcode

xcodebuild -configuration Debug RUN_CLANG_STATIC_ANALYZER=YES
Build settings from command line:
    RUN_CLANG_STATIC_ANALYZER = YES

=== ANALYZE TARGET analyzer_bug OF PROJECT analyzer_bug WITH CONFIGURATION
Debug ===

Check dependencies

Write auxiliary files
/bin/mkdir -p
/var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-adxiqvmusqxaudccopzacbohyevn
write-file
/var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-adxiqvmusqxaudccopzacbohyevn/analyzer_bug-Prefix.pch.pch.hash-criteria
/bin/mkdir -p
/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/Objects-normal/x86_64
write-file
/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/Objects-normal/x86_64/analyzer_bug.LinkFileList
write-file
/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-generated-files.hmap
/bin/mkdir -p
/var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-fkbcbfpaeemtechctnsnsurvihui
write-file
/var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-fkbcbfpaeemtechctnsnsurvihui/analyzer_bug-Prefix.pch.pch.hash-criteria
write-file
/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-all-target-headers.hmap
write-file
/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug.hmap
write-file
/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-project-headers.hmap
write-file
/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-own-target-headers.hmap

ProcessPCH
/var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-
5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-
fkbcbfpaeemtechctnsnsurvihui/analyzer_bug-Prefix.pch.pch
analyzer_bug/analyzer_bug-Prefix.pch normal x86_64 objective-c
com.apple.compilers.llvm.clang.1_0.compiler
    cd /tmp/analyzer_bug
    export LANG=en_US.US-ASCII
    /Applications/Xcode51-Beta5.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang -x objective-c-header -arch x86_64 -fmessage-length=209 -fdiagnostics-show-note-include-stack -fmacro-backtrace-limit=0 -fcolor-diagnostics -std=gnu99 -fobjc-arc -fmodules -Wno-trigraphs -fpascal-strings -O0 -Wno-missing-field-initializers -Wno-missing-prototypes -Werror=return-type -Wno-implicit-atomic-properties -Werror=deprecated-objc-isa-usage -Werror=objc-root-class -Wno-receiver-is-weak -Wno-arc-repeated-use-of-weak -Wduplicate-method-match -Wno-missing-braces -Wparentheses -Wswitch -Wunused-function -Wno-unused-label -Wno-unused-parameter -Wunused-variable -Wunused-value -Wempty-body -Wconditional-uninitialized -Wno-unknown-pragmas -Wno-shadow -Wno-four-char-constants -Wno-conversion -Wconstant-conversion -Wint-conversion -Wbool-conversion -Wenum-conversion -Wshorten-64-to-32 -Wpointer-sign -Wno-newline-eof -Wno-selector -Wno-strict-selector-match -Wundeclared-selector -Wno-deprecated-implementations -DDEBUG=1 -isysroot /Applications/Xcode51-Beta5.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk -fasm-blocks -fstrict-aliasing -Wprotocol -Wdeprecated-declarations -mmacosx-version-min=10.9 -g -Wno-sign-conversion -iquote /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-generated-files.hmap -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-own-target-headers.hmap -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-all-target-headers.hmap -iquote /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-project-headers.hmap -I/tmp/analyzer_bug/build/Debug/include -I/Applications/Xcode51-Beta5.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/include -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/DerivedSources/x86_64 -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/DerivedSources -F/tmp/analyzer_bug/build/Debug --serialize-diagnostics /var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-fkbcbfpaeemtechctnsnsurvihui/analyzer_bug-Prefix.pch.dia -MMD -MT dependencies -MF /var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-fkbcbfpaeemtechctnsnsurvihui/analyzer_bug-Prefix.pch.d -c /tmp/analyzer_bug/analyzer_bug/analyzer_bug-Prefix.pch -o /var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-fkbcbfpaeemtechctnsnsurvihui/analyzer_bug-Prefix.pch.pch

ProcessPCH
/var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-
5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-
adxiqvmusqxaudccopzacbohyevn/analyzer_bug-Prefix.pch.pch
analyzer_bug/analyzer_bug-Prefix.pch normal x86_64 objective-c
com.apple.compilers.llvm.clang.1_0.analyzer
    cd /tmp/analyzer_bug
    export LANG=en_US.US-ASCII
    /Applications/Xcode51-Beta5.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang -x objective-c-header -arch x86_64 -fmessage-length=209 -fdiagnostics-show-note-include-stack -fmacro-backtrace-limit=0 -fcolor-diagnostics -std=gnu99 -fobjc-arc -fmodules -Wno-trigraphs -fpascal-strings -O0 -Wno-missing-field-initializers -Wno-missing-prototypes -Werror=return-type -Wno-implicit-atomic-properties -Werror=deprecated-objc-isa-usage -Werror=objc-root-class -Wno-receiver-is-weak -Wno-arc-repeated-use-of-weak -Wduplicate-method-match -Wno-missing-braces -Wparentheses -Wswitch -Wunused-function -Wno-unused-label -Wno-unused-parameter -Wunused-variable -Wunused-value -Wempty-body -Wconditional-uninitialized -Wno-unknown-pragmas -Wno-shadow -Wno-four-char-constants -Wno-conversion -Wconstant-conversion -Wint-conversion -Wbool-conversion -Wenum-conversion -Wshorten-64-to-32 -Wpointer-sign -Wno-newline-eof -Wno-selector -Wno-strict-selector-match -Wundeclared-selector -Wno-deprecated-implementations -DDEBUG=1 -isysroot /Applications/Xcode51-Beta5.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk -fasm-blocks -fstrict-aliasing -Wprotocol -Wdeprecated-declarations -mmacosx-version-min=10.9 -g -Wno-sign-conversion -D__clang_analyzer__ -Xclang -analyzer-output=plist-multi-file -Xclang -analyzer-config -Xclang path-diagnostics-alternate=true -Xclang -analyzer-config -Xclang report-in-main-source-file=true -Xclang -analyzer-config -Xclang mode=shallow -Xclang -analyzer-checker -Xclang security.insecureAPI.UncheckedReturn -Xclang -analyzer-checker -Xclang security.insecureAPI.getpw -Xclang -analyzer-checker -Xclang security.insecureAPI.gets -Xclang -analyzer-checker -Xclang security.insecureAPI.mkstemp -Xclang -analyzer-checker -Xclang security.insecureAPI.mktemp -Xclang -analyzer-disable-checker -Xclang security.insecureAPI.rand -Xclang -analyzer-disable-checker -Xclang security.insecureAPI.strcpy -Xclang -analyzer-checker -Xclang security.insecureAPI.vfork -iquote /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-generated-files.hmap -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-own-target-headers.hmap -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-all-target-headers.hmap -iquote /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-project-headers.hmap -I/tmp/analyzer_bug/build/Debug/include -I/Applications/Xcode51-Beta5.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/include -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/DerivedSources/x86_64 -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/DerivedSources -F/tmp/analyzer_bug/build/Debug -c /tmp/analyzer_bug/analyzer_bug/analyzer_bug-Prefix.pch -o /var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-adxiqvmusqxaudccopzacbohyevn/analyzer_bug-Prefix.pch.pch

CompileC build/analyzer_bug.build/Debug/analyzer_bug.build/Objects-
normal/x86_64/main.o analyzer_bug/main.m normal x86_64 objective-c
com.apple.compilers.llvm.clang.1_0.compiler
    cd /tmp/analyzer_bug
    export LANG=en_US.US-ASCII
    /Applications/Xcode51-Beta5.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang -x objective-c -arch x86_64 -fmessage-length=209 -fdiagnostics-show-note-include-stack -fmacro-backtrace-limit=0 -fcolor-diagnostics -std=gnu99 -fobjc-arc -fmodules -Wno-trigraphs -fpascal-strings -O0 -Wno-missing-field-initializers -Wno-missing-prototypes -Werror=return-type -Wno-implicit-atomic-properties -Werror=deprecated-objc-isa-usage -Werror=objc-root-class -Wno-receiver-is-weak -Wno-arc-repeated-use-of-weak -Wduplicate-method-match -Wno-missing-braces -Wparentheses -Wswitch -Wunused-function -Wno-unused-label -Wno-unused-parameter -Wunused-variable -Wunused-value -Wempty-body -Wconditional-uninitialized -Wno-unknown-pragmas -Wno-shadow -Wno-four-char-constants -Wno-conversion -Wconstant-conversion -Wint-conversion -Wbool-conversion -Wenum-conversion -Wshorten-64-to-32 -Wpointer-sign -Wno-newline-eof -Wno-selector -Wno-strict-selector-match -Wundeclared-selector -Wno-deprecated-implementations -DDEBUG=1 -isysroot /Applications/Xcode51-Beta5.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk -fasm-blocks -fstrict-aliasing -Wprotocol -Wdeprecated-declarations -mmacosx-version-min=10.9 -g -Wno-sign-conversion -iquote /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-generated-files.hmap -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-own-target-headers.hmap -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-all-target-headers.hmap -iquote /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-project-headers.hmap -I/tmp/analyzer_bug/build/Debug/include -I/Applications/Xcode51-Beta5.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/include -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/DerivedSources/x86_64 -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/DerivedSources -F/tmp/analyzer_bug/build/Debug -include /var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-fkbcbfpaeemtechctnsnsurvihui/analyzer_bug-Prefix.pch -MMD -MT dependencies -MF /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/Objects-normal/x86_64/main.d --serialize-diagnostics /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/Objects-normal/x86_64/main.dia -c /tmp/analyzer_bug/analyzer_bug/main.m -o /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/Objects-normal/x86_64/main.o

AnalyzeShallow analyzer_bug/main.m
    cd /tmp/analyzer_bug
    export LANG=en_US.US-ASCII
    /Applications/Xcode51-Beta5.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang -x objective-c -arch x86_64 -fmessage-length=209 -fdiagnostics-show-note-include-stack -fmacro-backtrace-limit=0 -fcolor-diagnostics -std=gnu99 -fobjc-arc -fmodules -Wno-trigraphs -fpascal-strings -O0 -Wno-missing-field-initializers -Wno-missing-prototypes -Werror=return-type -Wno-implicit-atomic-properties -Werror=deprecated-objc-isa-usage -Werror=objc-root-class -Wno-receiver-is-weak -Wno-arc-repeated-use-of-weak -Wduplicate-method-match -Wno-missing-braces -Wparentheses -Wswitch -Wunused-function -Wno-unused-label -Wno-unused-parameter -Wunused-variable -Wunused-value -Wempty-body -Wconditional-uninitialized -Wno-unknown-pragmas -Wno-shadow -Wno-four-char-constants -Wno-conversion -Wconstant-conversion -Wint-conversion -Wbool-conversion -Wenum-conversion -Wshorten-64-to-32 -Wpointer-sign -Wno-newline-eof -Wno-selector -Wno-strict-selector-match -Wundeclared-selector -Wno-deprecated-implementations -DDEBUG=1 -isysroot /Applications/Xcode51-Beta5.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk -fasm-blocks -fstrict-aliasing -Wprotocol -Wdeprecated-declarations -mmacosx-version-min=10.9 -g -Wno-sign-conversion -D__clang_analyzer__ -Xclang -analyzer-output=plist-multi-file -Xclang -analyzer-config -Xclang path-diagnostics-alternate=true -Xclang -analyzer-config -Xclang report-in-main-source-file=true -Xclang -analyzer-config -Xclang mode=shallow -Xclang -analyzer-checker -Xclang security.insecureAPI.UncheckedReturn -Xclang -analyzer-checker -Xclang security.insecureAPI.getpw -Xclang -analyzer-checker -Xclang security.insecureAPI.gets -Xclang -analyzer-checker -Xclang security.insecureAPI.mkstemp -Xclang -analyzer-checker -Xclang security.insecureAPI.mktemp -Xclang -analyzer-disable-checker -Xclang security.insecureAPI.rand -Xclang -analyzer-disable-checker -Xclang security.insecureAPI.strcpy -Xclang -analyzer-checker -Xclang security.insecureAPI.vfork -iquote /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-generated-files.hmap -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-own-target-headers.hmap -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-all-target-headers.hmap -iquote /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-project-headers.hmap -I/tmp/analyzer_bug/build/Debug/include -I/Applications/Xcode51-Beta5.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/include -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/DerivedSources/x86_64 -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/DerivedSources -F/tmp/analyzer_bug/build/Debug -include /var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-adxiqvmusqxaudccopzacbohyevn/analyzer_bug-Prefix.pch --analyze /tmp/analyzer_bug/analyzer_bug/main.m -o /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/StaticAnalyzer/analyzer_bug/analyzer_bug/normal/x86_64/main.plist

Ld build/Debug/analyzer_bug normal x86_64
    cd /tmp/analyzer_bug
    export MACOSX_DEPLOYMENT_TARGET=10.9
    /Applications/Xcode51-Beta5.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang -arch x86_64 -isysroot /Applications/Xcode51-Beta5.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk -L/tmp/analyzer_bug/build/Debug -F/tmp/analyzer_bug/build/Debug -filelist /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/Objects-normal/x86_64/analyzer_bug.LinkFileList -mmacosx-version-min=10.9 -fobjc-arc -fobjc-link-runtime -framework Foundation -Xlinker -dependency_info -Xlinker /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/Objects-normal/x86_64/analyzer_bug_dependency_info.dat -o /tmp/analyzer_bug/build/Debug/analyzer_bug

** BUILD SUCCEEDED **
Quuxplusone commented 10 years ago

Attached analyzer_bug.zip (24628 bytes, application/zip): Xcode project illustrating the code structure leading to the bad analysis

Quuxplusone commented 10 years ago

Unfortunately (for you), this does not count as uninitialized under ARC. For safety reasons, all strong references are initialized to 'nil', which means this is a completely standard message to nil case. If you turn off ARC, you get the expected warning (along with leak warnings, of course).

It would probably be reasonable to ask for a compiler warning for relying on this implicit initialization.