xazax.hun created this revision.
Herald added a subscriber: whisperity.
This is how asserts are working right now. This way the semantics of
__builtin_assume will be identical to asserts.
I also moved the tests to another file.
Repository:
rL LLVM
https://reviews.llvm.org/D34502
Files:
lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp
test/Analysis/builtin-assume.c
test/Analysis/builtin-functions.cpp
Index: test/Analysis/builtin-functions.cpp
===================================================================
--- test/Analysis/builtin-functions.cpp
+++ test/Analysis/builtin-functions.cpp
@@ -1,6 +1,7 @@
// RUN: %clang_analyze_cc1 -triple x86_64-apple-darwin10
-analyzer-checker=core,debug.ExprInspection %s -std=c++11 -verify
void clang_analyzer_eval(bool);
+void clang_analyzer_warnIfReached();
void testAddressof(int x) {
clang_analyzer_eval(&x == __builtin_addressof(x)); //
expected-warning{{TRUE}}
@@ -50,3 +51,16 @@
q = (char*) __builtin_assume_aligned(p + 1, 16);
clang_analyzer_eval(p == q); // expected-warning{{FALSE}}
}
+
+void f(int i) {
+ __builtin_assume(i < 10);
+ clang_analyzer_eval(i < 15); // expected-warning {{TRUE}}
+}
+
+void g(int i) {
+ if (i > 5) {
+ __builtin_assume(i < 5);
+ clang_analyzer_warnIfReached(); // Assumtion contradicts constraints.
+ // We give up the analysis on this path.
+ }
+}
Index: test/Analysis/builtin-assume.c
===================================================================
--- test/Analysis/builtin-assume.c
+++ /dev/null
@@ -1,8 +0,0 @@
-// RUN: %clang_analyze_cc1 -analyzer-checker=core,debug.ExprInspection -verify
%s
-
-void clang_analyzer_eval(int);
-
-void f(int i) {
- __builtin_assume(i < 10);
- clang_analyzer_eval(i < 15); // expected-warning {{TRUE}}
-}
Index: lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp
===================================================================
--- lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp
+++ lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp
@@ -50,8 +50,10 @@
state = state->assume(ArgSVal.castAs<DefinedOrUnknownSVal>(), true);
// FIXME: do we want to warn here? Not right now. The most reports might
// come from infeasible paths, thus being false positives.
- if (!state)
+ if (!state) {
+ C.generateSink(C.getState(), C.getPredecessor());
return true;
+ }
C.addTransition(state);
return true;
Index: test/Analysis/builtin-functions.cpp
===================================================================
--- test/Analysis/builtin-functions.cpp
+++ test/Analysis/builtin-functions.cpp
@@ -1,6 +1,7 @@
// RUN: %clang_analyze_cc1 -triple x86_64-apple-darwin10 -analyzer-checker=core,debug.ExprInspection %s -std=c++11 -verify
void clang_analyzer_eval(bool);
+void clang_analyzer_warnIfReached();
void testAddressof(int x) {
clang_analyzer_eval(&x == __builtin_addressof(x)); // expected-warning{{TRUE}}
@@ -50,3 +51,16 @@
q = (char*) __builtin_assume_aligned(p + 1, 16);
clang_analyzer_eval(p == q); // expected-warning{{FALSE}}
}
+
+void f(int i) {
+ __builtin_assume(i < 10);
+ clang_analyzer_eval(i < 15); // expected-warning {{TRUE}}
+}
+
+void g(int i) {
+ if (i > 5) {
+ __builtin_assume(i < 5);
+ clang_analyzer_warnIfReached(); // Assumtion contradicts constraints.
+ // We give up the analysis on this path.
+ }
+}
Index: test/Analysis/builtin-assume.c
===================================================================
--- test/Analysis/builtin-assume.c
+++ /dev/null
@@ -1,8 +0,0 @@
-// RUN: %clang_analyze_cc1 -analyzer-checker=core,debug.ExprInspection -verify %s
-
-void clang_analyzer_eval(int);
-
-void f(int i) {
- __builtin_assume(i < 10);
- clang_analyzer_eval(i < 15); // expected-warning {{TRUE}}
-}
Index: lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp
===================================================================
--- lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp
+++ lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp
@@ -50,8 +50,10 @@
state = state->assume(ArgSVal.castAs<DefinedOrUnknownSVal>(), true);
// FIXME: do we want to warn here? Not right now. The most reports might
// come from infeasible paths, thus being false positives.
- if (!state)
+ if (!state) {
+ C.generateSink(C.getState(), C.getPredecessor());
return true;
+ }
C.addTransition(state);
return true;
_______________________________________________
cfe-commits mailing list
[email protected]
http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
