[cfe-commits] [PATCH] Add analyzer_assert for regression tests

[Jordy Rose]

A downside I am realizing is that silent success means the output looks the same whether debug.Asserts is on or off...not sure yet what to do about that.


On May 13, 2012, at 12:13, Jordy Rose wrote:

> Hi, Anna, Ted, and everyone else. Currently a number of static analyzer regression tests have constructs like the following to test how the analyzer's handling its constraints:
> 
> void testUnsigned (unsigned a) {
>  if (a > 0)
>    return;
> 
>  void *sentinel = malloc(1);
>  if (a)
>    return; // expected-warning{{never executed}}
>  free(sentinel);
> }
> 
> void testSigned (int a) {
>  if (a > 0)
>    return;
> 
>  void *sentinel = malloc(1);
>  if (a)
>    return; // expected-warning{{leak}}
>  free(sentinel);
> }
> 
> That is, we're using MallocChecker, UnreachableCodeChecker, and others to trigger warnings based on the truth or falsehood of conditions. I propose a checker that looks for "calls" to functions named analyzer_assert and analyzer_assert_unknown. Unlike regular assertions, which are /added/ to the analyzer's constraint store, these assertions will warn if they do not match what is /already/ known. This would allow us to much more cleanly write the above tests:
> 
> // Any signature with an integral type will do.
> // 'bool' would be canonical in C++.
> void analyzer_assert(int);
> void analyzer_assert_unknown(int);
> 
> void testUnsigned (unsigned a) {
>  if (a > 0)
>    return;
> 
>  analyzer_assert(a == 0);
> }
> 
> void testSigned (int a) {
>  if (a > 0)
>    return;
> 
>  analyzer_assert_unknown(a == 0);
> }
> 
> Proper use of these functions will never include an expected warning.
> 
> Comments? I think makes a lot of our regression tests a lot simpler.
> 
> Jordy
> 
> <DebugAsserts.patch>