[cfe-commits] r125495 - in /cfe/trunk: lib/StaticAnalyzer/Checkers/IdempotentOperationChecker.cpp test/Analysis/idempotent-operations-limited-loops.c

Ted Kremenek kremenek at apple.com
Mon Feb 14 09:59:24 PST 2011 

Author: kremenek
Date: Mon Feb 14 11:59:23 2011
New Revision: 125495

URL: http://llvm.org/viewvc/llvm-project?rev=125495&view=rev
Log:
Fix edge case where we don't cull warnings in IdempotentOperationsChecker due to incomplete analysis of loops.

Modified:
    cfe/trunk/lib/StaticAnalyzer/Checkers/IdempotentOperationChecker.cpp
    cfe/trunk/test/Analysis/idempotent-operations-limited-loops.c

Modified: cfe/trunk/lib/StaticAnalyzer/Checkers/IdempotentOperationChecker.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/StaticAnalyzer/Checkers/IdempotentOperationChecker.cpp?rev=125495&r1=125494&r2=125495&view=diff
==============================================================================
--- cfe/trunk/lib/StaticAnalyzer/Checkers/IdempotentOperationChecker.cpp (original)
+++ cfe/trunk/lib/StaticAnalyzer/Checkers/IdempotentOperationChecker.cpp Mon Feb 14 11:59:23 2011
@@ -578,7 +578,12 @@
     // The destination block on the BlockEdge is the first block that was not
     // analyzed. If we can reach this block from the aborted block, then this
     // block was not completely analyzed.
-    if (CRA->isReachable(BE.getDst(), CB))
+    //
+    // Also explicitly check if the current block is the destination block.
+    // While technically reachable, it means we aborted the analysis on
+    // a path that included that block.
+    const CFGBlock *destBlock = BE.getDst();
+    if (destBlock == CB || CRA->isReachable(destBlock, CB))
       return false;
   }
   

Modified: cfe/trunk/test/Analysis/idempotent-operations-limited-loops.c
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/test/Analysis/idempotent-operations-limited-loops.c?rev=125495&r1=125494&r2=125495&view=diff
==============================================================================
--- cfe/trunk/test/Analysis/idempotent-operations-limited-loops.c (original)
+++ cfe/trunk/test/Analysis/idempotent-operations-limited-loops.c Mon Feb 14 11:59:23 2011
@@ -1,7 +1,11 @@
-void always_warning() { int *p = 0; *p = 0xDEADBEEF; }
+// RUN: %clang_cc1 -analyze -analyzer-store=region -analyzer-constraints=range -fblocks -analyzer-opt-analyze-nested-blocks -analyzer-check-objc-mem -analyzer-check-idempotent-operations -analyzer-max-loop 3 -verify %s
+// RUN: %clang_cc1 -analyze -analyzer-store=region -analyzer-constraints=range -fblocks -analyzer-opt-analyze-nested-blocks -analyzer-check-objc-mem -analyzer-check-idempotent-operations -analyzer-max-loop 4 -verify %s
+// RUN: %clang_cc1 -analyze -analyzer-store=region -analyzer-constraints=range -fblocks -analyzer-opt-analyze-nested-blocks -analyzer-check-objc-mem -analyzer-check-idempotent-operations %s -verify
 
-// FIXME: False positive due to loop unrolling.  This should be fixed.
+void always_warning() { int *p = 0; *p = 0xDEADBEEF; } // expected-warning{{Dereference of null pointer (loaded from variable 'p')}}
 
+// This test case previously caused a bogus idempotent operation warning
+// due to us not properly culling warnings due to incomplete analysis of loops.
 int pr8403()
 {
         int i;
@@ -15,15 +19,3 @@
         return 0;
 }
 
-// RUN: %clang_cc1 -analyze -analyzer-store=region -analyzer-constraints=range -fblocks -analyzer-opt-analyze-nested-blocks -analyzer-check-objc-mem -analyzer-check-idempotent-operations -analyzer-max-loop 3 %s 2>&1 | FileCheck --check-prefix=Loops3 %s
-// RUN: %clang_cc1 -analyze -analyzer-store=region -analyzer-constraints=range -fblocks -analyzer-opt-analyze-nested-blocks -analyzer-check-objc-mem -analyzer-check-idempotent-operations -analyzer-max-loop 4 %s 2>&1 | FileCheck --check-prefix=Loops4 %s
-// RUN: %clang_cc1 -analyze -analyzer-store=region -analyzer-constraints=range -fblocks -analyzer-opt-analyze-nested-blocks -analyzer-check-objc-mem -analyzer-check-idempotent-operations %s 2>&1 | FileCheck --check-prefix=LoopsDefault %s
-
-// CHECK-Loops3: :1:37: warning: Dereference of null pointer
-// CHECK-Loops3: :11:27: warning: The left operand to '+' is always 0
-// CHECK-Loops3: 2 warnings generated
-// CHECK-Loops4: :1:37: warning: Dereference of null pointer
-// CHECK-Loops4: 1 warning generated.
-// CHECK-LoopsDefault: :1:37: warning: Dereference of null pointer
-// CHECK-LoopsDefault: 1 warning generated.
-

More information about the cfe-commits mailing list