Anopfuura makore maviri apfuura kubva pakupedzisira kodhi cheki chechirongwa cheLLVM uchishandisa yedu PVS-Studio analyzer. Ngativei nechokwadi chekuti PVS-Studio analyzer ichiri chishandiso chinotungamira chekuziva zvikanganiso uye zvinogona kuitika. Kuti tiite izvi, isu tichatarisa uye nekuwana zvikanganiso zvitsva mukuburitswa kweLLVM 8.0.0.
Nyaya inofanira kunyorwa
Kutaura chokwadi handina kuda kunyora nyaya iyi. Hazvinakidze kunyora nezve purojekiti yatakatotarisa kakawanda (
Nguva dzese vhezheni nyowani yeLLVM inoburitswa kana kuvandudzwa
Tarisa, iyo nyowani vhezheni yeClang Static Analyzer yadzidza kutsvaga zvikanganiso zvitsva! Zvinoita kwandiri kuti kukosha kwekushandisa PVS-Studio kuri kudzikira. Clang anowana zvikanganiso zvakawanda kupfuura kare uye anobata nekugona kwePVS-Studio. Unofungei pamusoro peizvi?
Kune izvi ini ndinogara ndichida kupindura chimwe chinhu senge:
Nesuwo hatigare tisina basa! Isu takavandudza zvakanyanya kugona kwePVS-Studio analyzer. Saka usazvinetse, tinoramba tichitungamira sepakutanga.
Zvinosuruvarisa, iyi imhinduro yakaipa. Hamuna humbowo mariri. Uye ndicho chikonzero ndiri kunyora chinyorwa ichi ikozvino. Saka, chirongwa cheLLVM chakatariswa zvakare uye zvikanganiso zvakasiyana-siyana zvakawanikwa mairi. Ini zvino ndicharatidza izvo zvaiita sezvinonakidza kwandiri. Clang Static Analyzer haigone kuwana izvi zvikanganiso (kana zvakanyanya kunetsa kuzviita nerubatsiro rwayo). Asi tinogona. Uyezve, ndakawana uye ndakanyora zvikanganiso zvose izvi manheru mamwe chete.
Asi kunyora nyaya yacho kwakatora mavhiki akati kuti. Ini handina kukwanisa kuzviunza kuti ndiise zvese izvi mumavara :).
Nenzira, kana iwe uchifarira kuti ndeapi matekinoroji anoshandiswa muPVS-Studio analyzer kuona zvikanganiso uye zvinogona kukanganisa, saka ini ndinokurudzira kujairana neizvi.
New uye yekare diagnostics
Sezvatotaurwa, anenge makore maviri apfuura chirongwa cheLLVM chakatariswa zvakare, uye zvikanganiso zvakawanikwa zvakagadziriswa. Iye zvino chinyorwa ichi chichaunza batch itsva yezvikanganiso. Nei tsikidzi itsva dzakawanikwa? Pane zvikonzero zvitatu zveizvi:
- Iyo LLVM purojekiti iri kubuda, kuchinja kodhi yekare uye kuwedzera kodhi nyowani. Nomuzvarirwo, pane zvikanganiso zvitsva mukodhi yakagadziridzwa uye yakanyorwa. Izvi zvinoratidza zvakajeka kuti static analysis inofanira kushandiswa nguva dzose, uye kwete nguva nenguva. Zvinyorwa zvedu zvinoratidza zvakanaka kugona kwePVS-Studio analyzer, asi izvi hazvina chekuita nekuvandudza kodhi yemhando uye kuderedza mutengo wekugadzirisa zvikanganiso. Shandisa static code analyzer nguva dzose!
- Tiri kupedzisa nekuvandudza madiagnostics aripo. Naizvozvo, analyzer anogona kuona zvikanganiso zvaasina kuona panguva yapfuura scans.
- Kutsva kwekuongorora kwakaonekwa muPVS-Studio yakanga isipo makore maviri apfuura. Ndakasarudza kuvasimbisa muchikamu chakasiyana kuratidza zvakajeka kuvandudzwa kwePVS-Studio.
Kukanganisa kwakaonekwa nekuongorora kwaivepo makore maviri apfuura
Chikamu N1: Copy-Namira
static bool ShouldUpgradeX86Intrinsic(Function *F, StringRef Name) {
if (Name == "addcarryx.u32" || // Added in 8.0
....
Name == "avx512.mask.cvtps2pd.128" || // Added in 7.0
Name == "avx512.mask.cvtps2pd.256" || // Added in 7.0
Name == "avx512.cvtusi2sd" || // Added in 7.0
Name.startswith("avx512.mask.permvar.") || // Added in 7.0 // <=
Name.startswith("avx512.mask.permvar.") || // Added in 7.0 // <=
Name == "sse2.pmulu.dq" || // Added in 7.0
Name == "sse41.pmuldq" || // Added in 7.0
Name == "avx2.pmulu.dq" || // Added in 7.0
....
}
PVS-Studio yambiro:
Inotariswa kaviri kuti zita rinotanga ne substring "avx512.mask.permvar.". Mucheki yechipiri, zviri pachena kuti vaida kunyora chimwe chinhu, asi vakakanganwa kugadzirisa mashoko akakopwa.
Chikamu N2: Typo
enum CXNameRefFlags {
CXNameRange_WantQualifier = 0x1,
CXNameRange_WantTemplateArgs = 0x2,
CXNameRange_WantSinglePiece = 0x4
};
void AnnotateTokensWorker::HandlePostPonedChildCursor(
CXCursor Cursor, unsigned StartTokenIndex) {
const auto flags = CXNameRange_WantQualifier | CXNameRange_WantQualifier;
....
}
Yambiro PVS-Studio: V501 Kune akafanana madiki-mazwi 'CXNameRange_WantQualifier' kuruboshwe uye kurudyi rwe'|' opareta. CIndex.cpp 7245
Nekuda kwe typo, iyo yakafanana yakanzi nguva dzose inoshandiswa kaviri CXNameRange_WantQualifier.
Fragment N3: Kuvhiringika nekutangira opareta
int PPCTTIImpl::getVectorInstrCost(unsigned Opcode, Type *Val, unsigned Index) {
....
if (ISD == ISD::EXTRACT_VECTOR_ELT && Index == ST->isLittleEndian() ? 1 : 0)
return 0;
....
}
PVS-Studio yambiro:
Mukuona kwangu, ichi chikanganiso chakanaka kwazvo. Hongu, ndinoziva ndine pfungwa dzisinganzwisisiki pamusoro perunako :).
Zvino, maererano
(ISD == ISD::EXTRACT_VECTOR_ELT && (Index == ST->isLittleEndian())) ? 1 : 0
Kubva pamaonero anoshanda, mamiriro akadaro haaite musoro, nekuti anogona kuderedzwa kusvika:
(ISD == ISD::EXTRACT_VECTOR_ELT && Index == ST->isLittleEndian())
Ichi chikanganiso chakajeka. Zvingangodaro, ivo vaida kuenzanisa 0/1 neshanduko indekisi. Kugadzirisa kodhi iwe unofanirwa kuwedzera maparentheses akatenderedza ternary opareta:
if (ISD == ISD::EXTRACT_VECTOR_ELT && Index == (ST->isLittleEndian() ? 1 : 0))
Nenzira, ternary operator ine ngozi zvikuru uye inomutsa zvikanganiso zvine musoro. Nyatsochenjerera nazvo uye usaite makaro nezvibodzwa. Ndakatarisa nyaya iyi zvakadzama
Chimedu N4, N5: Null pointer
Init *TGParser::ParseValue(Record *CurRec, RecTy *ItemType, IDParseMode Mode) {
....
TypedInit *LHS = dyn_cast<TypedInit>(Result);
....
LHS = dyn_cast<TypedInit>(
UnOpInit::get(UnOpInit::CAST, LHS, StringRecTy::get())
->Fold(CurRec));
if (!LHS) {
Error(PasteLoc, Twine("can't cast '") + LHS->getAsString() +
"' to string");
return nullptr;
}
....
}
PVS-Studio yambiro:
Kana pointer LHS haina maturo, yambiro inofanira kupiwa. Nekudaro, pachinzvimbo, iyi imwechete null pointer ichabviswa: LHS-> getAsString ().
Aya ndiwo mamiriro akajairwa kana chikanganiso chakavigwa mumubati wekukanganisa, sezvo pasina anovayedza. Static analyzers tarisa ese anosvikika kodhi, zvisinei kuti inoshandiswa kakawanda sei. Uyu muenzaniso wakanaka kwazvo wekuti static ongororo inozadzisa sei kumwe kuyedzwa uye kukanganisa nzira dzekudzivirira.
Mhosho yekubata pointer yakafanana RHS inobvumirwa mukodhi iri pazasi: V522 [CWE-476] Kudzoreredzwa kweiyo null pointer 'RHS' inogona kuitika. TGParser.cpp 2186
Fragment N6: Kushandisa chinongedzo mushure mekufamba
static Expected<bool>
ExtractBlocks(....)
{
....
std::unique_ptr<Module> ProgClone = CloneModule(BD.getProgram(), VMap);
....
BD.setNewProgram(std::move(ProgClone)); // <=
MiscompiledFunctions.clear();
for (unsigned i = 0, e = MisCompFunctions.size(); i != e; ++i) {
Function *NewF = ProgClone->getFunction(MisCompFunctions[i].first); // <=
assert(NewF && "Function not found??");
MiscompiledFunctions.push_back(NewF);
}
....
}
PVS-Studio Yambiro: V522 [CWE-476] Kudzoreredzwa kweiyo null pointer 'ProgClone' inogona kuitika. Miscompilation.cpp 601
Pakutanga a smart pointer ProgClone anorega kuva nechinhu:
BD.setNewProgram(std::move(ProgClone));
Chokwadi, zvino ProgClone i null pointer. Naizvozvo, null pointer dereference inofanira kuitika pazasi:
Function *NewF = ProgClone->getFunction(MisCompFunctions[i].first);
Asi, chaizvoizvo, izvi hazvizoitiki! Ziva kuti loop haina kunyatso kuurayiwa.
Pakutanga kwemudziyo MiscompiledFunctions cleared:
MiscompiledFunctions.clear();
Tevere, saizi yemudziyo uyu inoshandiswa mune loop mamiriro:
for (unsigned i = 0, e = MisCompFunctions.size(); i != e; ++i) {
Zviri nyore kuona kuti loop haina kutanga. Ini ndinofunga iyi zvakare ibug uye iyo kodhi inofanira kunyorwa zvakasiyana.
Zvinoita sekuti tasangana nemhosho dzakakurumbira! Imwe kukanganisa inovhara imwe :).
Fragment N7: Kushandisa chinongedzo mushure mekufamba
static Expected<bool> TestOptimizer(BugDriver &BD, std::unique_ptr<Module> Test,
std::unique_ptr<Module> Safe) {
outs() << " Optimizing functions being tested: ";
std::unique_ptr<Module> Optimized =
BD.runPassesOn(Test.get(), BD.getPassesToRun());
if (!Optimized) {
errs() << " Error running this sequence of passes"
<< " on the input program!n";
BD.setNewProgram(std::move(Test)); // <=
BD.EmitProgressBitcode(*Test, "pass-error", false); // <=
if (Error E = BD.debugOptimizerCrash())
return std::move(E);
return false;
}
....
}
PVS-Studio yambiro: V522 [CWE-476] Kudzoreredzwa kweiyo null pointer 'Test' inogona kuitika. Miscompilation.cpp 709
Mamiriro akafanana zvakare. Pakutanga, zviri mukati mechinhu chacho zvinofambiswa, zvobva zvashandiswa sokunge kuti hapana chakaitika. Ini ndinoona mamiriro aya kakawanda uye kazhinji mukodhi yepurogiramu mushure mekufamba semantics yaonekwa muC ++. Ichi ndicho chikonzero ndinoda mutauro weC ++! Kune dzakawanda uye dzakawanda nzira itsva dzekupfura gumbo rako kubva. Iyo PVS-Studio analyzer inogara iine basa :).
Chikamu N8: Null pointer
void FunctionDumper::dump(const PDBSymbolTypeFunctionArg &Symbol) {
uint32_t TypeId = Symbol.getTypeId();
auto Type = Symbol.getSession().getSymbolById(TypeId);
if (Type)
Printer << "<unknown-type>";
else
Type->dump(*this);
}
PVS-Studio yambiro: V522 [CWE-476] Kudzoreredzwa kweiyo null pointer 'Type' inogona kuitika. PrettyFunctionDumper.cpp 233
Pamusoro pevashandisi vezvikanganiso, dhizaini yekudhinda mabasa haawanzo kuyedzwa. Tine nyaya yakadaro pamberi pedu. Basa racho rakamirira mushandisi, uyo, panzvimbo pekugadzirisa matambudziko ake, achamanikidzwa kugadzirisa.
Zvakarurama:
if (Type)
Type->dump(*this);
else
Printer << "<unknown-type>";
Chikamu N9: Null pointer
void SearchableTableEmitter::collectTableEntries(
GenericTable &Table, const std::vector<Record *> &Items) {
....
RecTy *Ty = resolveTypes(Field.RecType, TI->getType());
if (!Ty) // <=
PrintFatalError(Twine("Field '") + Field.Name + "' of table '" +
Table.Name + "' has incompatible type: " +
Ty->getAsString() + " vs. " + // <=
TI->getType()->getAsString());
....
}
PVS-Studio yambiro: V522 [CWE-476] Kudzoreredzwa kweiyo null pointer 'Ty' inogona kuitika. SearchableTableEmitter.cpp 614
Ndinofunga zvinhu zvose zvakajeka uye hazvidi tsanangudzo.
Chikamu N10: Typo
bool FormatTokenLexer::tryMergeCSharpNullConditionals() {
....
auto &Identifier = *(Tokens.end() - 2);
auto &Question = *(Tokens.end() - 1);
....
Identifier->ColumnWidth += Question->ColumnWidth;
Identifier->Type = Identifier->Type; // <=
Tokens.erase(Tokens.end() - 1);
return true;
}
PVS-Studio yambiro:
Hapana chikonzero chekugovera shanduko kune pachayo. Zvingangodaro vaida kunyora:
Identifier->Type = Question->Type;
Chimedu N11: Kushungurudza kutyora
void SystemZOperand::print(raw_ostream &OS) const {
switch (Kind) {
break;
case KindToken:
OS << "Token:" << getToken();
break;
case KindReg:
OS << "Reg:" << SystemZInstPrinter::getRegisterName(getReg());
break;
....
}
PVS-Studio yambiro:
Pane anonyanya kufungidzira mushandisi pakutanga zororo. Wakanganwa kunyora zvimwewo here?
Fragment N12: Kutarisa chinongedzo mushure mekurevera
InlineCost AMDGPUInliner::getInlineCost(CallSite CS) {
Function *Callee = CS.getCalledFunction();
Function *Caller = CS.getCaller();
TargetTransformInfo &TTI = TTIWP->getTTI(*Callee);
if (!Callee || Callee->isDeclaration())
return llvm::InlineCost::getNever("undefined callee");
....
}
PVS-Studio yambiro:
Pointer Callee pakutanga inodzimwa panguva iyo basa rinodanwa getTTI.
Uye zvino zvinozoitika kuti pointer iyi inofanirwa kuongororwa kuenzana nullptr:
if (!Callee || Callee->isDeclaration())
Asi nguva yapera...
Fragment N13 - N...: Kutarisa chinongedzo mushure mekurevera
Mamiriro akakurukurwa mune yapfuura kodhi chidimbu haasi oga. Zvinoonekwa pano:
static Value *optimizeDoubleFP(CallInst *CI, IRBuilder<> &B,
bool isBinary, bool isPrecise = false) {
....
Function *CalleeFn = CI->getCalledFunction();
StringRef CalleeNm = CalleeFn->getName(); // <=
AttributeList CalleeAt = CalleeFn->getAttributes();
if (CalleeFn && !CalleeFn->isIntrinsic()) { // <=
....
}
PVS-Studio yambiro: V595 [CWE-476] Iyo 'CalleeFn' pointer yakashandiswa isati yasimbiswa ne nullptr. Tarisa mitsetse: 1079, 1081. SimplifyLibCalls.cpp 1079
Uye pano:
void Sema::InstantiateAttrs(const MultiLevelTemplateArgumentList &TemplateArgs,
const Decl *Tmpl, Decl *New,
LateInstantiatedAttrVec *LateAttrs,
LocalInstantiationScope *OuterMostScope) {
....
NamedDecl *ND = dyn_cast<NamedDecl>(New);
CXXRecordDecl *ThisContext =
dyn_cast_or_null<CXXRecordDecl>(ND->getDeclContext()); // <=
CXXThisScopeRAII ThisScope(*this, ThisContext, Qualifiers(),
ND && ND->isCXXInstanceMember()); // <=
....
}
PVS-Studio yambiro: V595 [CWE-476] Iyo 'ND' pointer yakashandiswa isati yasimbiswa ne nullptr. Tarisa mitsetse: 532, 534. SemaTemplateInstantiateDecl.cpp 532
Uye pano:
- V595 [CWE-476] Iyo 'U' pointer yakashandiswa isati yasimbiswa ne nullptr. Tarisa mitsetse: 404, 407. DWARFormValue.cpp 404
- V595 [CWE-476] Iyo 'ND' poyiri yakashandiswa isati yasimbiswa ne nullptr. Tarisa mitsetse: 2149, 2151. SemaTemplateInstantiate.cpp 2149
Zvino ndakabva ndave kusafarira kudzidza yambiro nenhamba V595. Saka ini handizive kana paine mamwe zvikanganiso zvakafanana kunze kweakanyorwa pano. Zvingangodaro zviripo.
Chimedu N17, N18: Kufungidzira kushanduka
static inline bool processLogicalImmediate(uint64_t Imm, unsigned RegSize,
uint64_t &Encoding) {
....
unsigned Size = RegSize;
....
uint64_t NImms = ~(Size-1) << 1;
....
}
PVS-Studio yambiro:
Iyo inogona kunge isiri bug uye iyo kodhi inoshanda chaizvo sezvakarongwa. Asi izvi zviri pachena kuti inzvimbo inofungirwa zvakanyanya uye inoda kuongororwa.
Ngatitii shanduko zera yakaenzana ne16, uye ipapo munyori wekodhi akaronga kuiwana mune shanduko NImms kukosha:
1111111111111111111111111111111111111111111111111111111111100000
Nekudaro, muchokwadi chigumisiro chichava:
0000000000000000000000000000000011111111111111111111111111100000
Chokwadi ndechekuti macalculation ese anoitika uchishandisa iyo 32-bit isina kusaina mhando. Uye chete ipapo, iyi 32-bit isina kusaina mhando inozowedzerwa zvizere kusvika uint64_t. Muchiitiko ichi, zvimedu zvakakosha zvichave zero.
Unogona kugadzirisa mamiriro seizvi:
uint64_t NImms = ~static_cast<uint64_t>(Size-1) << 1;
Mamiriro akafanana: V629 [CWE-190] Funga kuongorora iyo 'Immr << 6' kutaura. Kuchinja kudiki kweiyo 32-bit kukosha nekuwedzera kunotevera kune iyo 64-bit mhando. AArch64AddressingModes.h 269
Chimedu N19: Chisipo kiyi kiyi mumwe?
void AMDGPUAsmParser::cvtDPP(MCInst &Inst, const OperandVector &Operands) {
....
if (Op.isReg() && Op.Reg.RegNo == AMDGPU::VCC) {
// VOP2b (v_add_u32, v_sub_u32 ...) dpp use "vcc" token.
// Skip it.
continue;
} if (isRegOrImmWithInputMods(Desc, Inst.getNumOperands())) { // <=
Op.addRegWithFPInputModsOperands(Inst, 2);
} else if (Op.isDPPCtrl()) {
Op.addImmOperands(Inst, 1);
} else if (Op.isImm()) {
// Handle optional arguments
OptionalIdx[Op.getImmTy()] = I;
} else {
llvm_unreachable("Invalid operand type");
}
....
}
PVS-Studio yambiro:
Hapana kukanganisa apa. Kubva ipapo-block yekutanga if inopera ne rambai, saka hazvina basa, pane keyword mumwe kana kuti kwete. Chero nzira iyo kodhi ichashanda zvakafanana. Ndichiri kupotsa mumwe inoita kuti kodhi ive isina kujeka uye ine njodzi. Kana mune ramangwana rambai inonyangarika, kodhi ichatanga kushanda zvakasiyana zvachose. Mukuona kwangu zviri nani kuwedzera mumwe.
Fragment N20: Mataipi mana emhando imwechete
LLVM_DUMP_METHOD void Symbol::dump(raw_ostream &OS) const {
std::string Result;
if (isUndefined())
Result += "(undef) ";
if (isWeakDefined())
Result += "(weak-def) ";
if (isWeakReferenced())
Result += "(weak-ref) ";
if (isThreadLocalValue())
Result += "(tlv) ";
switch (Kind) {
case SymbolKind::GlobalSymbol:
Result + Name.str(); // <=
break;
case SymbolKind::ObjectiveCClass:
Result + "(ObjC Class) " + Name.str(); // <=
break;
case SymbolKind::ObjectiveCClassEHType:
Result + "(ObjC Class EH) " + Name.str(); // <=
break;
case SymbolKind::ObjectiveCInstanceVariable:
Result + "(ObjC IVar) " + Name.str(); // <=
break;
}
OS << Result;
}
PVS-Studio yambiro:
- V655 [CWE-480] Tambo dzakabatanidzwa asi hadzina kushandiswa. Funga kuongorora 'Result + Name.str()' kutaura. Symbol.cpp 32
- V655 [CWE-480] Tambo dzakabatanidzwa asi hadzina kushandiswa. Funga kuongorora 'Result + "(ObjC Class)" + Name.str()' kutaura. Symbol.cpp 35
- V655 [CWE-480] Tambo dzakabatanidzwa asi hadzina kushandiswa. Funga kuongorora 'Result + "(ObjC Kirasi EH) " + Name.str()' kutaura. Symbol.cpp 38
- V655 [CWE-480] Tambo dzakabatanidzwa asi hadzina kushandiswa. Funga kuongorora 'Result + "(ObjC IVar)" + Name.str()' kutaura. Symbol.cpp 41
Netsaona, + opareta anoshandiswa pachinzvimbo che += opareta. Mhedzisiro yacho magadzirirwo asina chirevo.
Fragment N21: Maitiro asina kutsanangurwa
static void getReqFeatures(std::map<StringRef, int> &FeaturesMap,
const std::vector<Record *> &ReqFeatures) {
for (auto &R : ReqFeatures) {
StringRef AsmCondString = R->getValueAsString("AssemblerCondString");
SmallVector<StringRef, 4> Ops;
SplitString(AsmCondString, Ops, ",");
assert(!Ops.empty() && "AssemblerCondString cannot be empty");
for (auto &Op : Ops) {
assert(!Op.empty() && "Empty operator");
if (FeaturesMap.find(Op) == FeaturesMap.end())
FeaturesMap[Op] = FeaturesMap.size();
}
}
}
Edza kutsvaga kodhi ine ngozi iwe pachako. Uye uyu mufananidzo wekukanganisa kutarisa kuitira kuti usakurumidza kutarisa mhinduro:
PVS-Studio yambiro:
Dambudziko mutsetse:
FeaturesMap[Op] = FeaturesMap.size();
Kana element Op haina kuwanikwa, ipapo chinhu chitsva chinogadzirwa mumepu uye nhamba yezvinhu mumepu ino inonyorwa ipapo. Izvo hazvizivikanwe kana basa racho richadaidzwa zera usati kana mushure mekuwedzera chinhu chitsva.
Fragment N22-N24: Inodzokororwa migove
Error MachOObjectFile::checkSymbolTable() const {
....
} else {
MachO::nlist STE = getSymbolTableEntry(SymDRI);
NType = STE.n_type; // <=
NType = STE.n_type; // <=
NSect = STE.n_sect;
NDesc = STE.n_desc;
NStrx = STE.n_strx;
NValue = STE.n_value;
}
....
}
PVS-Studio yambiro:
Handifungi kuti pane kukanganisa chaiko pano. Ingori basa risingakoshi rinodzokororwa. Asi zvakadaro blunder.
Saizvozvowo:
- V519 [CWE-563] Iyo 'B.NDesc' shanduko inopihwa kukosha kaviri zvakateerana. Zvichida uku kukanganisa. Tarisa mitsetse: 1488, 1489. llvm-nm.cpp 1489
- V519 [CWE-563] Musiyano unopihwa kukosha kaviri zvakateerana. Zvichida uku kukanganisa. Tarisa mitsetse: 59, 61. coff2yaml.cpp 61
Fragment N25-N27: Mamwe mabasa zvakare
Zvino ngatitarisei imwe vhezheni yakati siyanei yereassignment.
bool Vectorizer::vectorizeLoadChain(
ArrayRef<Instruction *> Chain,
SmallPtrSet<Instruction *, 16> *InstructionsProcessed) {
....
unsigned Alignment = getAlignment(L0);
....
unsigned NewAlign = getOrEnforceKnownAlignment(L0->getPointerOperand(),
StackAdjustedAlignment,
DL, L0, nullptr, &DT);
if (NewAlign != 0)
Alignment = NewAlign;
Alignment = NewAlign;
....
}
PVS-Studio yambiro: V519 [CWE-563] Iyo 'Alignment' inosiyana inopihwa kukosha kaviri zvakateerana. Zvichida uku kukanganisa. Tarisa mitsetse: 1158, 1160. LoadStoreVectorizer.cpp 1160
Iyi kodhi isinganzwisisike iyo sezviri pachena ine chikanganiso chine musoro. Pakutanga, kuchinja Kugadzirisa kukosha kunopihwa zvichienderana nemamiriro. Uye ipapo kugoverwa kunoitika zvakare, asi iko zvino pasina cheki.
Mamiriro akafanana anogona kuonekwa pano:
- V519 [CWE-563] Iyo 'Effects' shanduko inopihwa kukosha kaviri zvakateerana. Zvichida uku kukanganisa. Tarisa mitsetse: 152, 165. WebAssemblyRegStackify.cpp 165
- V519 [CWE-563] Iyo 'ExpectNoDerefChunk' inosiyana inopihwa kukosha kaviri zvakateerana. Zvichida uku kukanganisa. Tarisa mitsetse: 4970, 4973. SemaType.cpp 4973
Fragment N28: Nguva dzose mamiriro echokwadi
static int readPrefixes(struct InternalInstruction* insn) {
....
uint8_t byte = 0;
uint8_t nextByte;
....
if (byte == 0xf3 && (nextByte == 0x88 || nextByte == 0x89 ||
nextByte == 0xc6 || nextByte == 0xc7)) {
insn->xAcquireRelease = true;
if (nextByte != 0x90) // PAUSE instruction support // <=
break;
}
....
}
PVS-Studio yambiro:
Kuongorora hakuna musoro. Variable nextByte nguva dzose haina kuenzana nekukosha 0x90, iyo inotevera kubva kune cheki yapfuura. Iyi imhando yezvikanganiso zvine musoro.
Fragment N29 - N...: Nguva dzose ichokwadi / nhema mamiriro
Iyo analyzer inopa yambiro yakawanda kuti iyo yese mamiriro (
static DecodeStatus DecodeGPRPairRegisterClass(MCInst &Inst, unsigned RegNo,
uint64_t Address, const void *Decoder) {
DecodeStatus S = MCDisassembler::Success;
if (RegNo > 13)
return MCDisassembler::Fail;
if ((RegNo & 1) || RegNo == 0xe)
S = MCDisassembler::SoftFail;
....
}
PVS-Studio yambiro:
Iyo inogara 0xE kukosha kwegumi neina mudesimali. Examination RegNo == 0xe hazvina musoro nekuti kana RegNo> 13, ipapo basa racho richapedzisa kuurayiwa kwaro.
Paive nedzimwe yambiro dzakawanda dzine maID V547 neV560, asi sekunge
Ini ndichakupa muenzaniso wekuti nei kudzidza izvi zvinokonzeresa zvichifinha. Iyo analyzer ndeyechokwadi mukuburitsa yambiro kune inotevera kodhi. Asi uku hakusi kukanganisa.
bool UnwrappedLineParser::parseBracedList(bool ContinueOnSemicolons,
tok::TokenKind ClosingBraceKind) {
bool HasError = false;
....
HasError = true;
if (!ContinueOnSemicolons)
return !HasError;
....
}
PVS-Studio Yambiro: V547 [CWE-570] Matauriro '!HasError' anogara ari emanyepo. UnwrappedLineParser.cpp 1635
Fragment N30: ββKufungidzira kudzoka
static bool
isImplicitlyDef(MachineRegisterInfo &MRI, unsigned Reg) {
for (MachineRegisterInfo::def_instr_iterator It = MRI.def_instr_begin(Reg),
E = MRI.def_instr_end(); It != E; ++It) {
return (*It).isImplicitDef();
}
....
}
PVS-Studio yambiro:
Uku kungave kukanganisa kana imwe nzira inoitirwa kutsanangura chimwe chinhu kune vanogadzira purogiramu vachiverenga kodhi. Ichi dhizaini hachitsananguri chero chinhu kwandiri uye chinotaridzika zvakanyanya kufungidzira. Zviri nani kusanyora saizvozvo :).
Waneta? Ipapo inguva yekubika tii kana kofi.
Kukanganisa kunoonekwa nekuongorora kutsva
Ini ndinofunga 30 activation yekare diagnostics yakakwana. Ngationei zvino kuti ndezvipi zvinhu zvinonakidza zvinogona kuwanikwa neiyo nyowani diagnostics yakaonekwa mune analyzer mushure
Chikamu N31: Kodhi isingasvikike
Error CtorDtorRunner::run() {
....
if (auto CtorDtorMap =
ES.lookup(JITDylibSearchList({{&JD, true}}), std::move(Names),
NoDependenciesToRegister, true))
{
....
return Error::success();
} else
return CtorDtorMap.takeError();
CtorDtorsByPriority.clear();
return Error::success();
}
PVS-Studio yambiro:
Sezvauri kuona, ese matavi emushandisi if inopera nekufona kumushandisi dzokera. Saizvozvowo, mudziyo CtorDtorsByPriority hazvizocheneswi.
Chikamu N32: Kodhi isingasvikike
bool LLParser::ParseSummaryEntry() {
....
switch (Lex.getKind()) {
case lltok::kw_gv:
return ParseGVEntry(SummaryID);
case lltok::kw_module:
return ParseModuleEntry(SummaryID);
case lltok::kw_typeid:
return ParseTypeIdEntry(SummaryID); // <=
break; // <=
default:
return Error(Lex.getLoc(), "unexpected summary kind");
}
Lex.setIgnoreColonInIdentifiers(false); // <=
return false;
}
PVS-Studio yambiro: V779 [CWE-561] Kodhi isingasvikike yaonekwa. Zvinokwanisika kuti kukanganisa kuripo. LLParser.cpp 835
Inonakidza mamiriro. Ngatitarisei nzvimbo ino kutanga:
return ParseTypeIdEntry(SummaryID);
break;
Pakutanga kuona, zvinoita sekunge hapana chikanganiso apa. Inotaridzika semushandisi zororo pane yekuwedzera pano, uye unogona kungoidzima. Zvisinei, hazvisi zvose zviri nyore.
Iyo analyzer inopa yambiro pamitsetse:
Lex.setIgnoreColonInIdentifiers(false);
return false;
Uye zvechokwadi, iyi kodhi haisvikike. Macases ese ari mukati chinja inopera nerunhare kubva kumushandisi dzokera. Uye zvino ndoga ndoga zororo hairatidzike isingakuvadzi! Zvichida rimwe rematavi rinofanira kupera zororo, kwete kuvhura dzokera?
Fragment N33: Random reset yemabheti akakwira
unsigned getStubAlignment() override {
if (Arch == Triple::systemz)
return 8;
else
return 1;
}
Expected<unsigned>
RuntimeDyldImpl::emitSection(const ObjectFile &Obj,
const SectionRef &Section,
bool IsCode) {
....
uint64_t DataSize = Section.getSize();
....
if (StubBufSize > 0)
DataSize &= ~(getStubAlignment() - 1);
....
}
PVS-Studio yambiro:
Ndapota cherechedza kuti basa getStubAlignment returns type isina kunyorwa. Ngativerengei kukosha kwechirevo, tichifunga kuti basa rinodzosa kukosha 8:
~(getStubAlignment() - 1)
~(8u-1)
0xFFFFFFFF8u
Zvino cherechedza kuti variable DataSize ine 64-bit isina kusaina mhando. Zvinoitika kuti kana uchiita iyo DataSize & 0xFFFFFFF8u oparesheni, ese makumi matatu nemaviri akakwira-odha mabhiti anozoiswa pazero. Zvingangodaro, izvi handizvo zvaidiwa nemugadziri. Ini ndinofungidzira kuti aida kuverenga: DataSize & 0xFFFFFFFFFFFFFFF8u.
Kugadzirisa kukanganisa, unofanira kunyora izvi:
DataSize &= ~(static_cast<uint64_t>(getStubAlignment()) - 1);
Kana zvakadaro:
DataSize &= ~(getStubAlignment() - 1ULL);
Chimedu N34: Yakakundikana yakajeka mhando yakakandwa
template <typename T>
void scaleShuffleMask(int Scale, ArrayRef<T> Mask,
SmallVectorImpl<T> &ScaledMask) {
assert(0 < Scale && "Unexpected scaling factor");
int NumElts = Mask.size();
ScaledMask.assign(static_cast<size_t>(NumElts * Scale), -1);
....
}
PVS-Studio yambiro:
Kukandira kwakajeka kunoshandiswa kudzivirira kufashukira kana uchiwanza mhando dzakasiyana Int. Nekudaro, kukanda kwemhando yemhando pano hakudzivirire kubva pakufashukira. Chekutanga, machinjiro achawedzerwa, uye ipapo chete iyo 32-bit mhedzisiro yekuwedzera ichawedzerwa kune iyo mhando.
Chimedu N35: Yakundikana Copy-Paste
Instruction *InstCombiner::visitFCmpInst(FCmpInst &I) {
....
if (!match(Op0, m_PosZeroFP()) && isKnownNeverNaN(Op0, &TLI)) {
I.setOperand(0, ConstantFP::getNullValue(Op0->getType()));
return &I;
}
if (!match(Op1, m_PosZeroFP()) && isKnownNeverNaN(Op1, &TLI)) {
I.setOperand(1, ConstantFP::getNullValue(Op0->getType())); // <=
return &I;
}
....
}
Iyi itsva yekuongorora inonakidza inoratidza mamiriro ezvinhu apo chidimbu chekodhi chakakopwa uye mamwe mazita mairi akatanga kuchinjwa, asi pane imwe nzvimbo havana kuigadzirisa.
Ndapota cherechedza kuti mubhokisi rechipiri vakachinja Op0 pamusoro Op1. Asi pane imwe nzvimbo havana kuzvigadzirisa. Zvingangodaro kuti yaifanira kunge yakanyorwa seizvi:
if (!match(Op1, m_PosZeroFP()) && isKnownNeverNaN(Op1, &TLI)) {
I.setOperand(1, ConstantFP::getNullValue(Op1->getType()));
return &I;
}
Fragment N36: Variable Kuvhiringidzika
struct Status {
unsigned Mask;
unsigned Mode;
Status() : Mask(0), Mode(0){};
Status(unsigned Mask, unsigned Mode) : Mask(Mask), Mode(Mode) {
Mode &= Mask;
};
....
};
PVS-Studio yambiro:
Zvine ngozi zvikuru kupa nharo dzebasa mazita mamwe chete senhengo dzekirasi. Zviri nyore kwazvo kuvhiringika. Tine nyaya yakadaro pamberi pedu. Kutaura uku hakuna musoro:
Mode &= Mask;
Basa rekuita rinoshanduka. Ndizvo zvose. Nharo iyi haichashandiswi. Zvichida waifanira kunge wakanyora seizvi:
Status(unsigned Mask, unsigned Mode) : Mask(Mask), Mode(Mode) {
this->Mode &= Mask;
};
Fragment N37: Variable Kuvhiringidzika
class SectionBase {
....
uint64_t Size = 0;
....
};
class SymbolTableSection : public SectionBase {
....
};
void SymbolTableSection::addSymbol(Twine Name, uint8_t Bind, uint8_t Type,
SectionBase *DefinedIn, uint64_t Value,
uint8_t Visibility, uint16_t Shndx,
uint64_t Size) {
....
Sym.Value = Value;
Sym.Visibility = Visibility;
Sym.Size = Size;
Sym.Index = Symbols.size();
Symbols.emplace_back(llvm::make_unique<Symbol>(Sym));
Size += this->EntrySize;
}
Yambiro PVS-Studio: V1001 [CWE-563] Iyo 'Size' inosiyana inopihwa asi haishandiswe panopera basa. Object.cpp 424
Mamiriro acho akafanana neakapfuura. Zvinofanira kunyorwa:
this->Size += this->EntrySize;
Fragment N38-N47: Vakakanganwa kutarisa index
Kare, takatarisa mienzaniso yekuongorora kukonzeresa
int getGEPCost(Type *PointeeType, const Value *Ptr,
ArrayRef<const Value *> Operands) {
....
if (Ptr != nullptr) { // <=
assert(....);
BaseGV = dyn_cast<GlobalValue>(Ptr->stripPointerCasts());
}
bool HasBaseReg = (BaseGV == nullptr);
auto PtrSizeBits = DL.getPointerTypeSizeInBits(Ptr->getType()); // <=
....
}
PVS-Studio yambiro: V1004 [CWE-476] Iyo 'Ptr' pointer yakashandiswa zvisina kuchengetedzeka mushure mekunge yasimbiswa ne nullptr. Tarisa mitsetse: 729, 738. TargetTransformInfoImpl.h 738
Variable Ptr zvinogona kuenzana nullptr, sezvinoratidzwa necheki:
if (Ptr != nullptr)
Nekudaro, pazasi peiyi pointer inodzorwa pasina kutanga kutarisa:
auto PtrSizeBits = DL.getPointerTypeSizeInBits(Ptr->getType());
Ngatikurukurei imwe nyaya yakafanana.
llvm::DISubprogram *CGDebugInfo::getFunctionFwdDeclOrStub(GlobalDecl GD,
bool Stub) {
....
auto *FD = dyn_cast<FunctionDecl>(GD.getDecl());
SmallVector<QualType, 16> ArgTypes;
if (FD) // <=
for (const ParmVarDecl *Parm : FD->parameters())
ArgTypes.push_back(Parm->getType());
CallingConv CC = FD->getType()->castAs<FunctionType>()->getCallConv(); // <=
....
}
PVS-Studio yambiro: V1004 [CWE-476] Iyo 'FD' pointer yakashandiswa zvisina kuchengetedzeka mushure mekunge yasimbiswa ne nullptr. Tarisa mitsetse: 3228, 3231. CGDebugInfo.cpp 3231
Teerera chiratidzo FD. Ndine chokwadi chekuti dambudziko rinonyatsooneka uye hapana tsananguro yakakosha inodiwa.
Uye zvakare:
static void computePolynomialFromPointer(Value &Ptr, Polynomial &Result,
Value *&BasePtr,
const DataLayout &DL) {
PointerType *PtrTy = dyn_cast<PointerType>(Ptr.getType());
if (!PtrTy) { // <=
Result = Polynomial();
BasePtr = nullptr;
}
unsigned PointerBits =
DL.getIndexSizeInBits(PtrTy->getPointerAddressSpace()); // <=
....
}
PVS-Studio yambiro: V1004 [CWE-476] Iyo 'PtrTy' pointer yakashandiswa zvisina kuchengetedzeka mushure mekunge yasimbiswa pane nullptr. Tarisa mitsetse: 960, 965. InterleavedLoadCombinePass.cpp 965
Nzira yekuzvidzivirira sei kubva pane zvikanganiso zvakadaro? Nyatsoteerera paCode-Ongororo uye shandisa iyo PVS-Studio static analyzer kuti ugare uchitarisa kodhi yako.
Hapana chikonzero chekutaura zvimwe zvimedu zvekodhi zvine zvikanganiso zverudzi urwu. Ini ndichasiya chete rondedzero yeyambiro muchinyorwa:
- V1004 [CWE-476] Iyo 'Expr' pointer yakashandiswa zvisina kuchengetedzeka mushure mekunge yasimbiswa pane nullptr. Tarisa mitsetse: 1049, 1078. DebugInfoMetadata.cpp 1078
- V1004 [CWE-476] Iyo 'PI' pointer yakashandiswa zvisina kuchengetedzeka mushure mekunge yasimbiswa pane nullptr. Tarisa mitsetse: 733, 753. LegacyPassManager.cpp 753
- V1004 [CWE-476] Iyo 'StatepointCall' pointer yakashandiswa zvisina kuchengetedzeka mushure mekunge yasimbiswa pane nullptr. Tarisa mitsetse: 4371, 4379. Verifier.cpp 4379
- V1004 [CWE-476] Iyo 'RV' pointer yakashandiswa zvisina kuchengetedzeka mushure mekunge yasimbiswa pane nullptr. Tarisa mitsetse: 2263, 2268. TGParser.cpp 2268
- V1004 [CWE-476] Iyo 'CalleeFn' pointer yakashandiswa zvisina kuchengetedzeka mushure mekunge yasimbiswa pane nullptr. Tarisa mitsetse: 1081, 1096. SimplifyLibCalls.cpp 1096
- V1004 [CWE-476] Iyo 'TC' pointer yakashandiswa zvisina kuchengetedzeka mushure mekunge yasimbiswa pane nullptr. Tarisa mitsetse: 1819, 1824. Driver.cpp 1824
Fragment N48-N60: Haisi kutsoropodza, asi kukanganisa (inogoneka ndangariro leak)
std::unique_ptr<IRMutator> createISelMutator() {
....
std::vector<std::unique_ptr<IRMutationStrategy>> Strategies;
Strategies.emplace_back(
new InjectorIRStrategy(InjectorIRStrategy::getDefaultOps()));
....
}
PVS-Studio yambiro:
Kuwedzera chinhu kumagumo egaba rakafanana std::vector > haugone kungonyora xxx.push_back(X itsva), sezvo pasina kutendeuka kwakazara kubva X* Π² std::unique_ptr.
Mhinduro yakajairika ndeyekunyora xxx.emplace_back(new X)sezvo inounganidza: nzira emplace_back inovaka chinhu chakananga kubva munharo dzayo uye nekudaro inogona kushandisa vagadziri vakajeka.
Hazvina kuchengeteka. Kana iyo vector yakazara, ipapo chiyeuchidzo chinogoverwa zvakare. Memory relocation operation inogona kutadza, zvichikonzera kuti kusarudzika kukandwa std::bad_alloc. Muchiitiko ichi, chinongedzo chicharasika uye chinhu chakasikwa hachizombobviswi.
Mhinduro yakachengeteka ndeyekugadzira unique_ptriyo ichava muridzi wepointer vector isati yaedza kugovera ndangariro:
xxx.push_back(std::unique_ptr<X>(new X))
Kubva C++14, unogona kushandisa 'std::make_unique':
xxx.push_back(std::make_unique<X>())
Iyi mhando yekuremara haina kukosha kuLLVM. Kana ndangariro isingagone kugoverwa, muunganidzi anongomira. Nekudaro, kune maapplication ane refu
Saka, kunyangwe iyi kodhi isingakonzere kutyisidzira kuLLVM, ndakaona zvichibatsira kutaura nezve iyi kukanganisa pateni uye kuti PVS-Studio analyzer akadzidza kuiziva.
Dzimwe yambiro dzerudzi urwu:
- V1023 [CWE-460] Chinongedzo chisina muridzi chinowedzerwa kune 'Passes' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. PassManager.h 546
- V1023 [CWE-460] Chinongedzo chisina muridzi chinowedzerwa kune 'AAs' mudziyo ne'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. AliasAnalysis.h 324
- V1023 [CWE-460] Poinzi isina muridzi inowedzerwa kune 'Entries' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. DWARFDebugFrame.cpp 519
- V1023 [CWE-460] Poinzi isina muridzi inowedzerwa kune 'AllEdges' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. CFGMST.h 268
- V1023 [CWE-460] Poinzi isina muridzi inowedzerwa kune 'VMaps' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. SimpleLoopUnswitch.cpp 2012
- V1023 [CWE-460] Chinongedzo chisina muridzi chinowedzerwa kune 'Rekodi' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. FDRLogBuilder.h 30
- V1023 [CWE-460] Poinzi isina muridzi inowedzerwa kune 'PendingSubmodules' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. ModuleMap.cpp 810
- V1023 [CWE-460] Chinongedzo chisina muridzi chinowedzerwa kune 'Zvinhu' mudziyo ne'emplace_back' nzira. Memory leak ichaitika kana pane imwe sarudzo. DebugMap.cpp 88
- V1023 [CWE-460] Chinongedzo chisina muridzi chinowedzerwa kune 'Stegies' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. llvm-isel-fuzzer.cpp 60
- V1023 [CWE-460] Poinzi isina muridzi inowedzerwa kune 'Modifiers' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. llvm-stress.cpp 685
- V1023 [CWE-460] Poinzi isina muridzi inowedzerwa kune 'Modifiers' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. llvm-stress.cpp 686
- V1023 [CWE-460] Poinzi isina muridzi inowedzerwa kune 'Modifiers' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. llvm-stress.cpp 688
- V1023 [CWE-460] Poinzi isina muridzi inowedzerwa kune 'Modifiers' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. llvm-stress.cpp 689
- V1023 [CWE-460] Poinzi isina muridzi inowedzerwa kune 'Modifiers' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. llvm-stress.cpp 690
- V1023 [CWE-460] Poinzi isina muridzi inowedzerwa kune 'Modifiers' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. llvm-stress.cpp 691
- V1023 [CWE-460] Poinzi isina muridzi inowedzerwa kune 'Modifiers' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. llvm-stress.cpp 692
- V1023 [CWE-460] Poinzi isina muridzi inowedzerwa kune 'Modifiers' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. llvm-stress.cpp 693
- V1023 [CWE-460] Poinzi isina muridzi inowedzerwa kune 'Modifiers' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. llvm-stress.cpp 694
- V1023 [CWE-460] Poinzi isina muridzi inowedzerwa kune 'Operands' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. GlobalISelEmitter.cpp 1911
- V1023 [CWE-460] Poinzi isina muridzi inowedzerwa kune 'Stash' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. GlobalISelEmitter.cpp 2100
- V1023 [CWE-460] Poinzi isina muridzi inowedzerwa kune 'Matchers' mudziyo neiyo 'emplace_back' nzira. Memory leak ichaitika kana pane musiyano. GlobalISelEmitter.cpp 2702
mhedziso
Ndakapa yambiro makumi matanhatu pamwe chete ndokubva ndamira. Pane humwe hurema hunoonekwa nePVS-Studio analyzer muLLVM? Hongu, ndazviita. Nekudaro, pandakanga ndichinyora zvimedu zvekodhi zvechinyorwa, akange ave manheru, kana kuti kunyange husiku, uye ndakafunga kuti yaive nguva yekuridaidza kuti zuva.
Ndinovimba wakawana zvichinakidza uye uchada kuyedza iyo PVS-Studio analyzer.
Unogona kudhawunirodha analyzer uye wotora kiyi ye minesweeper pa
Chinonyanya kukosha, shandisa static analysis nguva dzose. Cheki imwe chete, yakaitwa nesu kuitira kuti tive nemukurumbira nzira ye static ongororo uye PVS-Studio haisi yakajairika mamiriro.
Rombo rakanaka mukuvandudza kunaka uye kuvimbika kwekodhi yako!
Kana iwe uchida kugovera chinyorwa ichi nevateereri vanotaura Chirungu, tapota shandisa shanduro yekushandura: Andrey Karpov.
Source: www.habr.com