search

llvm / llvm-project

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
http://llvm.org
Other
27.84k stars 11.47k forks source link

Analyzer misses uninitialzed variable usage in nested blocks #19355

Open llvmbot opened 10 years ago

llvmbot commented 10 years ago
Bugzilla Link 18981
Version 3.4
OS MacOS X
Attachments Xcode project illustrating the code structure leading to the bad analysis
Reporter LLVM Bugzilla Contributor
CC @belkadan

Extended Description

Found using Xcode 5.1b5.

clang -v
Apple LLVM version 5.1 (clang-503.0.19) (based on LLVM 3.4svn) Target: x86_64-apple-darwin13.1.0 Thread model: posix

A bug was reported in our software that was traced down to an uninitialized variable in our code. Since we have been running the analyzer relatively frequently we wondered why this wasn't caught.

Investigation seems to point to the use of nested blocks and objects created at differing block scope. I've attached an Xcode project which should warn about usage of an uninitialized variable (objC in this case), but no warnings are generated when using the command line or within Xcode

xcodebuild -configuration Debug RUN_CLANG_STATIC_ANALYZER=YES Build settings from command line: RUN_CLANG_STATIC_ANALYZER = YES

=== ANALYZE TARGET analyzer_bug OF PROJECT analyzer_bug WITH CONFIGURATION Debug ===

Check dependencies

Write auxiliary files /bin/mkdir -p /var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-adxiqvmusqxaudccopzacbohyevn write-file /var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-adxiqvmusqxaudccopzacbohyevn/analyzer_bug-Prefix.pch.pch.hash-criteria /bin/mkdir -p /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/Objects-normal/x86_64 write-file /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/Objects-normal/x86_64/analyzer_bug.LinkFileList write-file /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-generated-files.hmap /bin/mkdir -p /var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-fkbcbfpaeemtechctnsnsurvihui write-file /var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-fkbcbfpaeemtechctnsnsurvihui/analyzer_bug-Prefix.pch.pch.hash-criteria write-file /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-all-target-headers.hmap write-file /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug.hmap write-file /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-project-headers.hmap write-file /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-own-target-headers.hmap

ProcessPCH /var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-fkbcbfpaeemtechctnsnsurvihui/analyzer_bug-Prefix.pch.pch analyzer_bug/analyzer_bug-Prefix.pch normal x86_64 objective-c com.apple.compilers.llvm.clang.1_0.compiler cd /tmp/analyzer_bug export LANG=en_US.US-ASCII /Applications/Xcode51-Beta5.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang -x objective-c-header -arch x86_64 -fmessage-length=209 -fdiagnostics-show-note-include-stack -fmacro-backtrace-limit=0 -fcolor-diagnostics -std=gnu99 -fobjc-arc -fmodules -Wno-trigraphs -fpascal-strings -O0 -Wno-missing-field-initializers -Wno-missing-prototypes -Werror=return-type -Wno-implicit-atomic-properties -Werror=deprecated-objc-isa-usage -Werror=objc-root-class -Wno-receiver-is-weak -Wno-arc-repeated-use-of-weak -Wduplicate-method-match -Wno-missing-braces -Wparentheses -Wswitch -Wunused-function -Wno-unused-label -Wno-unused-parameter -Wunused-variable -Wunused-value -Wempty-body -Wconditional-uninitialized -Wno-unknown-pragmas -Wno-shadow -Wno-four-char-constants -Wno-conversion -Wconstant-conversion -Wint-conversion -Wbool-conversion -Wenum-conversion -Wshorten-64-to-32 -Wpointer-sign -Wno-newline-eof -Wno-selector -Wno-strict-selector-match -Wundeclared-selector -Wno-deprecated-implementations -DDEBUG=1 -isysroot /Applications/Xcode51-Beta5.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk -fasm-blocks -fstrict-aliasing -Wprotocol -Wdeprecated-declarations -mmacosx-version-min=10.9 -g -Wno-sign-conversion -iquote /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-generated-files.hmap -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-own-target-headers.hmap -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-all-target-headers.hmap -iquote /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-project-headers.hmap -I/tmp/analyzer_bug/build/Debug/include -I/Applications/Xcode51-Beta5.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/include -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/DerivedSources/x86_64 -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/DerivedSources -F/tmp/analyzer_bug/build/Debug --serialize-diagnostics /var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-fkbcbfpaeemtechctnsnsurvihui/analyzer_bug-Prefix.pch.dia -MMD -MT dependencies -MF /var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-fkbcbfpaeemtechctnsnsurvihui/analyzer_bug-Prefix.pch.d -c /tmp/analyzer_bug/analyzer_bug/analyzer_bug-Prefix.pch -o /var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-fkbcbfpaeemtechctnsnsurvihui/analyzer_bug-Prefix.pch.pch

ProcessPCH /var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-adxiqvmusqxaudccopzacbohyevn/analyzer_bug-Prefix.pch.pch analyzer_bug/analyzer_bug-Prefix.pch normal x86_64 objective-c com.apple.compilers.llvm.clang.1_0.analyzer cd /tmp/analyzer_bug export LANG=en_US.US-ASCII /Applications/Xcode51-Beta5.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang -x objective-c-header -arch x86_64 -fmessage-length=209 -fdiagnostics-show-note-include-stack -fmacro-backtrace-limit=0 -fcolor-diagnostics -std=gnu99 -fobjc-arc -fmodules -Wno-trigraphs -fpascal-strings -O0 -Wno-missing-field-initializers -Wno-missing-prototypes -Werror=return-type -Wno-implicit-atomic-properties -Werror=deprecated-objc-isa-usage -Werror=objc-root-class -Wno-receiver-is-weak -Wno-arc-repeated-use-of-weak -Wduplicate-method-match -Wno-missing-braces -Wparentheses -Wswitch -Wunused-function -Wno-unused-label -Wno-unused-parameter -Wunused-variable -Wunused-value -Wempty-body -Wconditional-uninitialized -Wno-unknown-pragmas -Wno-shadow -Wno-four-char-constants -Wno-conversion -Wconstant-conversion -Wint-conversion -Wbool-conversion -Wenum-conversion -Wshorten-64-to-32 -Wpointer-sign -Wno-newline-eof -Wno-selector -Wno-strict-selector-match -Wundeclared-selector -Wno-deprecated-implementations -DDEBUG=1 -isysroot /Applications/Xcode51-Beta5.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk -fasm-blocks -fstrict-aliasing -Wprotocol -Wdeprecated-declarations -mmacosx-version-min=10.9 -g -Wno-sign-conversion -D__clang_analyzer__ -Xclang -analyzer-output=plist-multi-file -Xclang -analyzer-config -Xclang path-diagnostics-alternate=true -Xclang -analyzer-config -Xclang report-in-main-source-file=true -Xclang -analyzer-config -Xclang mode=shallow -Xclang -analyzer-checker -Xclang security.insecureAPI.UncheckedReturn -Xclang -analyzer-checker -Xclang security.insecureAPI.getpw -Xclang -analyzer-checker -Xclang security.insecureAPI.gets -Xclang -analyzer-checker -Xclang security.insecureAPI.mkstemp -Xclang -analyzer-checker -Xclang security.insecureAPI.mktemp -Xclang -analyzer-disable-checker -Xclang security.insecureAPI.rand -Xclang -analyzer-disable-checker -Xclang security.insecureAPI.strcpy -Xclang -analyzer-checker -Xclang security.insecureAPI.vfork -iquote /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-generated-files.hmap -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-own-target-headers.hmap -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-all-target-headers.hmap -iquote /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-project-headers.hmap -I/tmp/analyzer_bug/build/Debug/include -I/Applications/Xcode51-Beta5.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/include -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/DerivedSources/x86_64 -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/DerivedSources -F/tmp/analyzer_bug/build/Debug -c /tmp/analyzer_bug/analyzer_bug/analyzer_bug-Prefix.pch -o /var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-adxiqvmusqxaudccopzacbohyevn/analyzer_bug-Prefix.pch.pch

CompileC build/analyzer_bug.build/Debug/analyzer_bug.build/Objects-normal/x86_64/main.o analyzer_bug/main.m normal x86_64 objective-c com.apple.compilers.llvm.clang.1_0.compiler cd /tmp/analyzer_bug export LANG=en_US.US-ASCII /Applications/Xcode51-Beta5.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang -x objective-c -arch x86_64 -fmessage-length=209 -fdiagnostics-show-note-include-stack -fmacro-backtrace-limit=0 -fcolor-diagnostics -std=gnu99 -fobjc-arc -fmodules -Wno-trigraphs -fpascal-strings -O0 -Wno-missing-field-initializers -Wno-missing-prototypes -Werror=return-type -Wno-implicit-atomic-properties -Werror=deprecated-objc-isa-usage -Werror=objc-root-class -Wno-receiver-is-weak -Wno-arc-repeated-use-of-weak -Wduplicate-method-match -Wno-missing-braces -Wparentheses -Wswitch -Wunused-function -Wno-unused-label -Wno-unused-parameter -Wunused-variable -Wunused-value -Wempty-body -Wconditional-uninitialized -Wno-unknown-pragmas -Wno-shadow -Wno-four-char-constants -Wno-conversion -Wconstant-conversion -Wint-conversion -Wbool-conversion -Wenum-conversion -Wshorten-64-to-32 -Wpointer-sign -Wno-newline-eof -Wno-selector -Wno-strict-selector-match -Wundeclared-selector -Wno-deprecated-implementations -DDEBUG=1 -isysroot /Applications/Xcode51-Beta5.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk -fasm-blocks -fstrict-aliasing -Wprotocol -Wdeprecated-declarations -mmacosx-version-min=10.9 -g -Wno-sign-conversion -iquote /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-generated-files.hmap -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-own-target-headers.hmap -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-all-target-headers.hmap -iquote /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-project-headers.hmap -I/tmp/analyzer_bug/build/Debug/include -I/Applications/Xcode51-Beta5.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/include -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/DerivedSources/x86_64 -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/DerivedSources -F/tmp/analyzer_bug/build/Debug -include /var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-fkbcbfpaeemtechctnsnsurvihui/analyzer_bug-Prefix.pch -MMD -MT dependencies -MF /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/Objects-normal/x86_64/main.d --serialize-diagnostics /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/Objects-normal/x86_64/main.dia -c /tmp/analyzer_bug/analyzer_bug/main.m -o /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/Objects-normal/x86_64/main.o

AnalyzeShallow analyzer_bug/main.m cd /tmp/analyzer_bug export LANG=en_US.US-ASCII /Applications/Xcode51-Beta5.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang -x objective-c -arch x86_64 -fmessage-length=209 -fdiagnostics-show-note-include-stack -fmacro-backtrace-limit=0 -fcolor-diagnostics -std=gnu99 -fobjc-arc -fmodules -Wno-trigraphs -fpascal-strings -O0 -Wno-missing-field-initializers -Wno-missing-prototypes -Werror=return-type -Wno-implicit-atomic-properties -Werror=deprecated-objc-isa-usage -Werror=objc-root-class -Wno-receiver-is-weak -Wno-arc-repeated-use-of-weak -Wduplicate-method-match -Wno-missing-braces -Wparentheses -Wswitch -Wunused-function -Wno-unused-label -Wno-unused-parameter -Wunused-variable -Wunused-value -Wempty-body -Wconditional-uninitialized -Wno-unknown-pragmas -Wno-shadow -Wno-four-char-constants -Wno-conversion -Wconstant-conversion -Wint-conversion -Wbool-conversion -Wenum-conversion -Wshorten-64-to-32 -Wpointer-sign -Wno-newline-eof -Wno-selector -Wno-strict-selector-match -Wundeclared-selector -Wno-deprecated-implementations -DDEBUG=1 -isysroot /Applications/Xcode51-Beta5.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk -fasm-blocks -fstrict-aliasing -Wprotocol -Wdeprecated-declarations -mmacosx-version-min=10.9 -g -Wno-sign-conversion -D__clang_analyzer__ -Xclang -analyzer-output=plist-multi-file -Xclang -analyzer-config -Xclang path-diagnostics-alternate=true -Xclang -analyzer-config -Xclang report-in-main-source-file=true -Xclang -analyzer-config -Xclang mode=shallow -Xclang -analyzer-checker -Xclang security.insecureAPI.UncheckedReturn -Xclang -analyzer-checker -Xclang security.insecureAPI.getpw -Xclang -analyzer-checker -Xclang security.insecureAPI.gets -Xclang -analyzer-checker -Xclang security.insecureAPI.mkstemp -Xclang -analyzer-checker -Xclang security.insecureAPI.mktemp -Xclang -analyzer-disable-checker -Xclang security.insecureAPI.rand -Xclang -analyzer-disable-checker -Xclang security.insecureAPI.strcpy -Xclang -analyzer-checker -Xclang security.insecureAPI.vfork -iquote /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-generated-files.hmap -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-own-target-headers.hmap -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-all-target-headers.hmap -iquote /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/analyzer_bug-project-headers.hmap -I/tmp/analyzer_bug/build/Debug/include -I/Applications/Xcode51-Beta5.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/include -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/DerivedSources/x86_64 -I/tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/DerivedSources -F/tmp/analyzer_bug/build/Debug -include /var/folders/z2/vygr_7050dqcdpfnt1mmn16w0000gn/C/com.apple.DeveloperTools/5.1-5B103i/Xcode/SharedPrecompiledHeaders/analyzer_bug-Prefix-adxiqvmusqxaudccopzacbohyevn/analyzer_bug-Prefix.pch --analyze /tmp/analyzer_bug/analyzer_bug/main.m -o /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/StaticAnalyzer/analyzer_bug/analyzer_bug/normal/x86_64/main.plist

Ld build/Debug/analyzer_bug normal x86_64 cd /tmp/analyzer_bug export MACOSX_DEPLOYMENT_TARGET=10.9 /Applications/Xcode51-Beta5.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang -arch x86_64 -isysroot /Applications/Xcode51-Beta5.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.9.sdk -L/tmp/analyzer_bug/build/Debug -F/tmp/analyzer_bug/build/Debug -filelist /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/Objects-normal/x86_64/analyzer_bug.LinkFileList -mmacosx-version-min=10.9 -fobjc-arc -fobjc-link-runtime -framework Foundation -Xlinker -dependency_info -Xlinker /tmp/analyzer_bug/build/analyzer_bug.build/Debug/analyzer_bug.build/Objects-normal/x86_64/analyzer_bug_dependency_info.dat -o /tmp/analyzer_bug/build/Debug/analyzer_bug

BUILD SUCCEEDED

belkadan commented 10 years ago

Unfortunately (for you), this does not count as uninitialized under ARC. For safety reasons, all strong references are initialized to 'nil', which means this is a completely standard message to nil case. If you turn off ARC, you get the expected warning (along with leak warnings, of course).

It would probably be reasonable to ask for a compiler warning for relying on this implicit initialization.

llvmbot commented 10 years ago

assigned to @tkremenek