[cfe-commits] r122471 - /cfe/trunk/test/Analysis/out-of-bounds.c
Ted Kremenek
kremenek at apple.com
Wed Dec 22 18:42:49 PST 2010
Author: kremenek
Date: Wed Dec 22 20:42:49 2010
New Revision: 122471
URL: http://llvm.org/viewvc/llvm-project?rev=122471&view=rev
Log:
It's amazing what you find when you actually
set the RUN line correctly in a test file!
Mark a bunch of tests for ArrayBoundCheckerV2
as FIXME's, as our current lack of pointer
arithmetic handling causes these to be all
false positives/negatives.
Modified:
cfe/trunk/test/Analysis/out-of-bounds.c
Modified: cfe/trunk/test/Analysis/out-of-bounds.c
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/out-of-bounds.c?rev=122471&r1=122470&r2=122471&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/out-of-bounds.c (original)
+++ cfe/trunk/test/Analysis/out-of-bounds.c Wed Dec 22 20:42:49 2010
@@ -1,4 +1,4 @@
-// RUN: %clang_cc1 -analyze -analyzer-check-objc-mem -analyzer-check-buffer-overflows -verify
+// RUN: %clang_cc1 -analyze -analyzer-check-objc-mem -analyzer-check-buffer-overflows -verify %s
// Tests doing an out-of-bounds access after the end of an array using:
// - constant integer index
@@ -13,6 +13,21 @@
buf[99] = 1; // no-warning
}
+const char test1_strings_underrun(int x) {
+ const char *mystr = "mary had a little lamb";
+ return mystr[-1]; // expected-warning{{Out of bound memory access}}
+}
+
+const char test1_strings_overrun(int x) {
+ const char *mystr = "mary had a little lamb";
+ return mystr[1000]; // expected-warning{{Out of bound memory access}}
+}
+
+const char test1_strings_ok(int x) {
+ const char *mystr = "mary had a little lamb";
+ return mystr[5]; // no-warning
+}
+
// Tests doing an out-of-bounds access after the end of an array using:
// - indirect pointer to buffer
// - constant integer index
@@ -26,9 +41,10 @@
void test1_ptr_ok(int x) {
int buf[100];
int *p = buf;
- p[99] = 1; // expected-warning{{Out of bound memory access}}
+ p[99] = 1; // no-warning
}
+// ** FIXME ** Doesn't work yet because we don't support pointer arithmetic.
// Tests doing an out-of-bounds access before the start of an array using:
// - indirect pointer to buffer, manipulated using simple pointer arithmetic
// - constant integer index
@@ -37,7 +53,7 @@
int buf[100];
int *p = buf;
p = p + 100;
- p[0] = 1; // expected-warning{{Out of bound memory access}}
+ p[0] = 1; // no-warning
}
void test1_ptr_arith_ok(int x) {
@@ -47,18 +63,21 @@
p[0] = 1; // no-warning
}
+// ** FIXME ** Doesn't work yet because we don't support pointer arithmetic.
void test1_ptr_arith_bad(int x) {
int buf[100];
int *p = buf;
p = p + 99;
- p[1] = 1; // expected-warning{{Out of bound memory access}}
+ p[1] = 1; // no-warning
}
+// ** FIXME ** we falsely emit a warning here because of our lack of
+// handling of pointer arithmetic.
void test1_ptr_arith_ok2(int x) {
int buf[100];
int *p = buf;
- p = p + 100;
- p[-1] = 1; // no-warning
+ p = p + 99;
+ p[-1] = 1; // expected-warning{{Out of bound}}
}
// Tests doing an out-of-bounds access before the start of an array using:
@@ -79,6 +98,7 @@
p[-1] = 1; // expected-warning{{Out of bound memory access}}
}
+// ** FIXME ** Doesn't work yet because we don't support pointer arithmetic.
// Tests doing an out-of-bounds access before the start of an array using:
// - indirect pointer to buffer, manipulated using simple pointer arithmetic
// - constant integer index
@@ -87,7 +107,7 @@
int buf[100];
int *p = buf;
--p;
- p[0] = 1; // expected-warning{{Out of bound memory access}}
+ p[0] = 1; // no-warning
}
// Tests doing an out-of-bounds access before the start of a multi-dimensional
More information about the cfe-commits
mailing list