[cfe-commits] [PATCH] Add analyzer_assert for regression tests
Anna Zaks
ganna at apple.com
Mon May 14 16:40:56 PDT 2012
Jordy,
I think having something like this is a great idea.
> A downside I am realizing is that silent success means the output looks the same whether debug.Asserts is on or off...not sure yet what to do about that.
How about having something like "clang_analyzer_check_expr()" that always produces a warning which tells us about the expression's state, like "true", "false", "unknown"?
I've added a taint debug checker, which serves similar purpose. We could also use this to check taint or other info by appending another string to the warning message "true (tainted:true)", but possibly with better markup.
A few minor comments:
- I'd prefix these asserts with "clang_analyzer".
- We should check for undefined here. This checker is not guaranteed to be run along with other checkers.
Cheers,
Anna.
On May 13, 2012, at 10:01 AM, Jordy Rose wrote:
>
>
>
> On May 13, 2012, at 12:13, Jordy Rose wrote:
>
>> Hi, Anna, Ted, and everyone else. Currently a number of static analyzer regression tests have constructs like the following to test how the analyzer's handling its constraints:
>>
>> void testUnsigned (unsigned a) {
>> if (a > 0)
>> return;
>>
>> void *sentinel = malloc(1);
>> if (a)
>> return; // expected-warning{{never executed}}
>> free(sentinel);
>> }
>>
>> void testSigned (int a) {
>> if (a > 0)
>> return;
>>
>> void *sentinel = malloc(1);
>> if (a)
>> return; // expected-warning{{leak}}
>> free(sentinel);
>> }
>>
>> That is, we're using MallocChecker, UnreachableCodeChecker, and others to trigger warnings based on the truth or falsehood of conditions. I propose a checker that looks for "calls" to functions named analyzer_assert and analyzer_assert_unknown. Unlike regular assertions, which are /added/ to the analyzer's constraint store, these assertions will warn if they do not match what is /already/ known. This would allow us to much more cleanly write the above tests:
>>
>> // Any signature with an integral type will do.
>> // 'bool' would be canonical in C++.
>> void analyzer_assert(int);
>> void analyzer_assert_unknown(int);
>>
>> void testUnsigned (unsigned a) {
>> if (a > 0)
>> return;
>>
>> analyzer_assert(a == 0);
>> }
>>
>> void testSigned (int a) {
>> if (a > 0)
>> return;
>>
>> analyzer_assert_unknown(a == 0);
>> }
>>
>> Proper use of these functions will never include an expected warning.
>>
>> Comments? I think makes a lot of our regression tests a lot simpler.
>>
>> Jordy
>>
>> <DebugAsserts.patch>
>
More information about the cfe-commits
mailing list