This is an archive of the discontinued LLVM Phabricator instance.

The goal here is to provide a canary (with a comment) that tells whoever changes array modeling that they will need to update the test in unreachable-code-path.c. If the canary is in another file, it is not very helpful. The closer the canary is to the test it is for, the more likely it is that the person updating either the canary or the test will also update its counterpart.

NoQ added inline comments.Oct 18 2016, 9:04 AM

test/Analysis/func.c
46	I think this check is not enough. We are not satisfied that the value is not known; we should also know that it's not symbolic either, but a plain `UnknownVal`. Such test should be possible with `clang_analyzer_explain`.

I didn't get the UNKNOWN I expected. Do I need to tweak the command line maybe? I tried to add some debug.ExprInspect but I still didn't get the UNKNOWN.

I tried something like this:

static int inlineFunction(const int i) {
  if (table[i] != 0) { }
  clang_analyzer_eval(table[i] != 0); // expected-warning {{UNKNOWN}}
  if (table[i] != 0)
    return 1;
  return 0;
}}

I want the test to have two returns that we ensure are not merged.

Here is a suggestion.

The ultimate goal in D25326 is to test a scenario in which the analyzer returns an UnknownVal. Rather that writing fragile code that currently returns an UnknownVal that but might be improved in the future to do better, why don't we add a ExprInspection-like function 'clang_analyzer_unknown_val()' that that the models as returning an UnknownVal? This expresses the intent of the test much better and is not fragile in the face of analyzer improvements.

Thanks! That sounds excellent to me.

Revision Contents

Path

Size

test/

Analysis/

func.c

6 lines

unreachable-code-path.c

2 lines

Diff 74998

test/Analysis/func.c

	Show All 33 Lines
	}			}

	void nullFunctionPointerConstraint(void (*f)(void)) {			void nullFunctionPointerConstraint(void (*f)(void)) {
	if (f)			if (f)
	return;			return;
	f(); // expected-warning{{Called function pointer is null}}			f(); // expected-warning{{Called function pointer is null}}
	clang_analyzer_warnIfReached(); // no-warning			clang_analyzer_warnIfReached(); // no-warning
	}			}

				extern int table[];
				void unknownArrayIndex(int i) {
				if (table[i] != 0) { }
				clang_analyzer_eval(table[i] != 0); // expected-warning {{UNKNOWN}}
				NoQUnsubmitted Not Done Reply Inline Actions I think this check is not enough. We are not satisfied that the value is not known; we should also know that it's not symbolic either, but a plain `UnknownVal`. Such test should be possible with `clang_analyzer_explain`. NoQ: I think this check is not enough. We are not satisfied that the value is not known; we should…
				}

test/Analysis/unreachable-code-path.c

Show First 20 Lines • Show All 192 Lines • ▼ Show 20 Lines	case 2:
do { } while (0);		do { } while (0);
break;		break;
}		}
}		}

// Don't merge return nodes in ExplodedGraph unless they are same.		// Don't merge return nodes in ExplodedGraph unless they are same.
extern int table[];		extern int table[];
static int inlineFunction(const int i) {		static int inlineFunction(const int i) {
if (table[i] != 0)		if (table[i] != 0) // SVal for condition must be UNKNOWN
return 1;		return 1;
return 0;		return 0;
}		}
void test13(int i) {		void test13(int i) {
int x = inlineFunction(i);		int x = inlineFunction(i);
x && x < 10; // no-warning		x && x < 10; // no-warning
}		}

// Don't warn in a macro		// Don't warn in a macro
#define RETURN(X) do { return; } while (0)		#define RETURN(X) do { return; } while (0)
void macro(void) {		void macro(void) {
RETURN(1); // no-warning		RETURN(1); // no-warning
}		}

This is an archive of the discontinued LLVM Phabricator instance.

Test ExprEngine handling of unknown valuesNeeds ReviewPublic

Details

Diff Detail

Event Timeline

Revision Contents

Diff 74998

test/Analysis/func.c

test/Analysis/unreachable-code-path.c

Test ExprEngine handling of unknown values
Needs ReviewPublic