Commit Graph

11213 Commits

Author SHA1 Message Date
Daniel Marjamäki 9a2b71494f ValueFlow: Set value for :: 2019-10-19 21:08:59 +02:00
Daniel Marjamäki 574141a492 shadowVariable: Add comment 2019-10-19 18:51:36 +02:00
Daniel Marjamäki 24db81adb5 Fixed #8903 (False positive 'shadows outer variable' when using GCC statement expressions) 2019-10-19 18:50:27 +02:00
IOBYTE 5658dfcaf3 better fix for #9392 that also handles namespaces (#2282) 2019-10-18 18:05:48 +02:00
Daniel Marjamäki e0093c99ce Fixed #9276 (False positive: ValueFlow does not handle return in switch properly.) 2019-10-18 16:16:56 +02:00
Daniel Marjamäki 3a0a0fdefb Fixed #9424 (False positive: known condition after function call) 2019-10-18 08:21:07 +02:00
Daniel Marjamäki 99ef64459b Fixed #9344 (FP redundantAssignment related to increasing index variable for vector) 2019-10-17 18:31:05 +02:00
Daniel Marjamäki 15d7b9c83f Fixed #9347 (FP uninitvar for pointer passed to sscanf) 2019-10-17 17:41:54 +02:00
IOBYTE e4d2e9d2af Fix #9421 (syntaxError on incomplete code (from z3)) (#2274) 2019-10-16 20:56:53 +02:00
Ken-Patrick Lehrmann 24211cf8b9 Fix crashes in valueflow (#2236)
* Fix crashes in valueflow

http://cppcheck1.osuosl.org:8000/crash.html

For instance in http://cppcheck1.osuosl.org:8000/styx
```
==19651==ERROR: AddressSanitizer: SEGV on unknown address 0x00000000001c (pc 0x556f21abc3df bp 0x7ffc140d2720 sp 0x7ffc140d2710 T0)
==19651==The signal is caused by a READ memory access.
==19651==Hint: address points to the zero page.
    #0 0x556f21abc3de in Variable::isGlobal() const ../lib/symboldatabase.h:342
    #1 0x556f221f801a in valueFlowForwardVariable ../lib/valueflow.cpp:2471
    #2 0x556f22208130 in valueFlowForward ../lib/valueflow.cpp:3204
    #3 0x556f221e9e14 in valueFlowReverse ../lib/valueflow.cpp:1892
    #4 0x556f221f1a43 in valueFlowBeforeCondition ../lib/valueflow.cpp:2200
    #5 0x556f2223dbb5 in ValueFlow::setValues(TokenList*, SymbolDatabase*, ErrorLogger*, Settings const*) ../lib/valueflow.cpp:6521
    #6 0x556f220e5991 in Tokenizer::simplifyTokens1(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) ../lib/tokenize.cpp:2342
    #7 0x556f21d8d066 in CppCheck::checkFile(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::istream&) ../lib/cppcheck.cpp:508
    #8 0x556f21d84cd3 in CppCheck::check(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) ../lib/cppcheck.cpp:192
    #9 0x556f21a28796 in CppCheckExecutor::check_internal(CppCheck&, int, char const* const*) ../cli/cppcheckexecutor.cpp:884
    #10 0x556f21a24be8 in CppCheckExecutor::check(int, char const* const*) ../cli/cppcheckexecutor.cpp:198
    #11 0x556f22313063 in main ../cli/main.cpp:95
```

* Add test case for crash in valueflow
2019-10-16 20:54:07 +02:00
Rikard Falkeborn 297360920a Keep prefix in string and char literals (#2272)
Keeping the prefix in the token allows cppcheck to print the correct
string and char literals in debug and error messages.

To achieve this, move some of the helper functions from token.cpp to
utils.h so that checks that look at string and char literals can reuse
them. This is a large part of this commit.

Note that the only user visible change is that when string and char
literals are printed in error messages, the prefix is now included.

For example:

	int f() {
		return test.substr( 0 , 4 ) == U"Hello" ? 0 : 1 ;
	};

now prints U"Hello" instead of "Hello" in the error message.
2019-10-16 11:41:33 +02:00
Daniel Marjamäki 7d6d561c84 SymbolDatabase: Better handling of function call using smart pointer 2019-10-15 19:33:25 +02:00
Daniel Marjamäki 4a4b4963cc SymbolDatabase: Fix function lookup for '::func()' 2019-10-15 12:39:02 +02:00
Daniel Marjamäki d98ac017f7 ExprEngine: Improved handling of struct member assignments in loops 2019-10-14 22:04:12 +02:00
Daniel Marjamäki 62d972061b astyle formatting
[ci skip]
2019-10-14 19:41:51 +02:00
Daniel Marjamäki 8c5c070d6a ExprEngine: Improved handling of struct member assignments in loop 2019-10-14 19:41:32 +02:00
Daniel Marjamäki ee280a94fb ExprEngine: New handling of << and >> 2019-10-14 17:20:35 +02:00
Daniel Marjamäki 4e49b14721 ExprEngine: << and >> are not handled well, throw exception for now. 2019-10-14 11:56:39 +02:00
Daniel Marjamäki c7a56529bb ExprEngine: Clarify verificationIntegerOverflow message 2019-10-14 11:54:43 +02:00
Daniel Marjamäki bf61bcf402 ValueType: Set ValueType for constructor calls 2019-10-14 09:19:16 +02:00
Sebastian 267d23f1b8
gnu.cfg: Define `__typeof__` as `typeof`, fix simplifyTypedef() (#2260)
`__typeof__` is just an alternative keyword for `typeof`, see
https://gcc.gnu.org/onlinedocs/gcc/Typeof.html
Since `typeof` is handled in several checkers it makes sense to define
`__typeof__` as `typeof`.
Tokenizer::simplifyTypedef(): Use `typeof` instead of `__typeof__` to
be consistent with the rest of the code.
2019-10-14 08:20:22 +02:00
Paul Fultz II bf5c90a2be Fix issue 9409: FP returnTempReference (#2266)
* Fix issue 9409: FP returnTempReference

* Format
2019-10-13 19:12:46 +02:00
KenPatrickLehrmann 5a08ac361a Better handle const/noexcept methods (#2211)
* Better handle const/noexcept methods/conversion operator

const or noexcept in a method / (conversion) operator definition were
badly parsed, ending in a bad ast.
This patch tries to make it better, at least making the ast less bad,
so as to avoid errors in later checks.

* Fix parsing of some operator

It is still very broken, but at least, it does not fail.

Here is the previous error:
```
TestSimplifyTypedef::simplifyTypedef129
terminate called after throwing an instance of 'InternalError'

Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
51	../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) bt
 #0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
 #1  0x00007ffff612a801 in __GI_abort () at abort.c:79
 #2  0x00007ffff6b1d957 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
 #3  0x00007ffff6b23ab6 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
 #4  0x00007ffff6b23af1 in std::terminate() () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
 #5  0x00007ffff6b23d24 in __cxa_throw () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
 #6  0x0000555556366bf8 in Tokenizer::cppcheckError (this=0x7fffffffc2d0, tok=0x607000006760) at ../lib/tokenize.cpp:8721
 #7  0x000055555636a4bb in Tokenizer::validate (this=0x7fffffffc2d0) at ../lib/tokenize.cpp:9154
 #8  0x000055555633e3aa in Tokenizer::simplifyTokenList1 (this=0x7fffffffc2d0, FileName=0x603000002d50 "test.cpp") at ../lib/tokenize.cpp:4477
 #9  0x00005555563223ca in Tokenizer::simplifyTokens1 (this=0x7fffffffc2d0, configuration="") at ../lib/tokenize.cpp:2286
 #10 0x00005555563235c8 in Tokenizer::tokenize (this=0x7fffffffc2d0, code=..., FileName=0x555556fda9a0 "test.cpp", configuration="") at ../lib/tokenize.cpp:2345
 #11 0x00005555569410ea in TestSimplifyTypedef::tok[abi:cxx11](char const*, bool, cppcheck::Platform::PlatformType, bool) (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>,
     code=0x7fffffffcb70 "class c {\n  typedef char foo[4];\n  foo _a;\n  constexpr operator foo &() const noexcept { return _a; }\n};", simplify=false, type=cppcheck::Platform::Native, debugwarnings=true) at ../test/testsimplifytypedef.cpp:192
 #12 0x000055555697239e in TestSimplifyTypedef::simplifyTypedef129 (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>) at ../test/testsimplifytypedef.cpp:2599
 #13 0x000055555694092c in TestSimplifyTypedef::run (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>) at ../test/testsimplifytypedef.cpp:167
 #14 0x00005555569cab84 in TestFixture::run (this=0x555557728580 <(anonymous namespace)::instance_TestSimplifyTypedef>, str="simplifyTypedef129") at ../test/testsuite.cpp:306
 #15 0x00005555569cb445 in TestFixture::runTests (args=...) at ../test/testsuite.cpp:329
 #16 0x000055555687bdfb in main (argc=2, argv=0x7fffffffd988) at ../test/testrunner.cpp:44
```

* Replace some ASSERT_EQUALS with TODO_ASSERT_EQUALS when the actual result is still wrong

* Remove invalid code from simplifyTypedef129

* Properly skip parentheses
2019-10-12 11:46:00 +02:00
Paul Fultz II 19cf636a4a Move necessary code into valuetype (#2265)
* Fix parsing of smart pointers

* Improve deduction of return type

* Valuetype computation for decayed pointers
2019-10-12 11:40:02 +02:00
IOBYTE f99e83ece0 Fix #9411 (new daca crash related to using namespace) (#2264) 2019-10-12 11:39:14 +02:00
Daniel Marjamäki 530d4d2427 ExprEngine: Throw exception if we do not handle array well yet 2019-10-10 20:29:43 +02:00
IOBYTE fe1f601b91 Fix #9389 ("debug: Executable scope 'x' with unknown function." with … (#2261)
* Fix #9389 ("debug: Executable scope 'x' with unknown function." with "using namespace")

* use static rather than anonymous namespace for new functions
2019-10-10 20:25:09 +02:00
Daniel Marjamäki c2b514dc45 ExprEngine: Throw exception if assignment in loop is not handled 2019-10-10 11:12:36 +02:00
orbitcowboy a9386fa093 Running astyle [ci skip] 2019-10-10 08:17:41 +02:00
Paul Fultz II a5c6ae1e08 Fix issue 9400: FP returnTempReference - triggered by cast (#2259) 2019-10-10 06:52:11 +02:00
Daniel Marjamäki 0c1e979af7 SymbolDatabase: Refactor handling of variable declarations in if condition 2019-10-09 22:27:48 +02:00
Daniel Marjamäki 5b9bc4918e ExprEngine: Better error output when solver fails 2019-10-09 22:16:30 +02:00
Daniel Marjamäki 63bd182e83 ExprEngine: Adapt to z3 handling of bool/int expressions 2019-10-09 20:18:17 +02:00
Daniel Marjamäki 9f4db5018d SymbolDatabase: Added testcase for variable in if-scope 2019-10-09 16:41:07 +02:00
Daniel Marjamäki 3776604f06 SymbolDatabase: Add variable in if condition 'if (auto x = bar())' 2019-10-09 15:55:54 +02:00
Daniel Marjamäki 273a1a7402 ExprEngine: Fix FP for 'int' overflows 2019-10-09 11:24:57 +02:00
Sebastian b7e48a9b27
Fix #9399 (Build Failure on x86: error: unknown type name '__int128_t') (#2254)
https://stackoverflow.com/questions/16088282/is-there-a-128-bit-integer-in-gcc
suggests to test for __SIZEOF_INT128__. This test is added now and
Cppcheck now also compiles for a 32 bit target with the expected
warning that there is no 128-bit integer. "make test" also works.
2019-10-09 10:25:21 +02:00
Daniel Marjamäki ab6354754f ExprEngine: Catch z3::exception and print message 2019-10-09 09:42:18 +02:00
Daniel Marjamäki c04e25e936 Revert "#9391 Detecting uninited member variables with default ctor (#2249)"
This reverts commit 08bc369296.
2019-10-09 08:17:47 +02:00
Daniel Marjamäki b27fe83da4 ExprEngine: Handle << and >> 2019-10-08 21:38:10 +02:00
Daniel Marjamäki 3e50150dbf ExprEngine: Fix the checking for integer overflows 2019-10-08 20:13:25 +02:00
blacktea 08bc369296 #9391 Detecting uninited member variables with default ctor (#2249) 2019-10-08 19:33:07 +02:00
IOBYTE c98732dd8b fix using type aliases in out of class destructors (#2250) 2019-10-08 19:30:41 +02:00
Daniel Marjamäki 1abf70a7cb SymbolDatabase: Add null pointer check for ast operand for '(' token 2019-10-08 17:53:29 +02:00
Steve Mokris 506a952ad2 Parse `extern "C"`, and use it to avoid FP reference warnings (#2234)
Previously, cppcheck discarded the `extern "C"` specifier.  This patch modifies cppcheck to parse each as a Scope in the symbol database, then uses that scope to avoid false positives when making recommendations about changing a function argument to be a reference (since variable references is a C++ feature, unavailable in C, and thus unavailable in `extern "C"`).
2019-10-08 17:48:09 +02:00
Daniel Marjamäki 9f40341ba8 SymbolDatabase: Hardcoded handling for std::make_shared and std::make_unique , todo: library configuration would be better than hard coding 2019-10-08 17:19:24 +02:00
Daniel Marjamäki 79356b1883 SymbolDatabase: Better ValueType handling of 'LibraryType(..)' 2019-10-08 11:25:05 +02:00
Paul Fultz II 4eb4762d95 Extend lifetime checking to temporaries (#2242)
* Use lifetimes to check for returning reference to temporaries

* Check for dangling temporaries

* Check for unknown types for returining by reference

* Remove old returnTemporary check

* Format

* Check for deref op

* Ternary operator return an lvalue reference

* Warn when returning temporaries from member functions

* Improve handling of pointer to function

* Extend lifetimes of const references
2019-10-08 09:28:39 +02:00
Daniel Marjamäki 21774cbdc4 ExprEngine: Handle while/for loops 2019-10-07 17:45:06 +02:00
Daniel Marjamäki d82b1b29ce ExprEngine: Initial handling of switch 2019-10-06 19:58:51 +02:00