From: Gabor Horvath <xazax.hun@gmail.com>
Date: Thu, 22 Jun 2017 10:09:40 +0000 (+0000)
Subject: [analyzer] Do not continue to analyze a path if the constraints contradict with built... 
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=02f895ab3e0581ebf29c5b86b774911746a34570;p=clang

[analyzer] Do not continue to analyze a path if the constraints contradict with builtin assume

Differential Revision: https://reviews.llvm.org/D34502


git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@305991 91177308-0d34-0410-b5e6-96231b3b80d8
---

diff --git a/lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp b/lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp
index 48d6cd8a52..097d419880 100644
--- a/lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp
+++ b/lib/StaticAnalyzer/Checkers/BuiltinFunctionChecker.cpp
@@ -50,8 +50,10 @@ bool BuiltinFunctionChecker::evalCall(const CallExpr *CE,
     state = state->assume(ArgSVal.castAs<DefinedOrUnknownSVal>(), true);
     // FIXME: do we want to warn here? Not right now. The most reports might
     // come from infeasible paths, thus being false positives.
-    if (!state)
+    if (!state) {
+      C.generateSink(C.getState(), C.getPredecessor());
       return true;
+    }
 
     C.addTransition(state);
     return true;
diff --git a/test/Analysis/builtin-assume.c b/test/Analysis/builtin-assume.c
deleted file mode 100644
index 00d651d9e3..0000000000
--- a/test/Analysis/builtin-assume.c
+++ /dev/null
@@ -1,8 +0,0 @@
-// RUN: %clang_analyze_cc1 -analyzer-checker=core,debug.ExprInspection -verify %s
-
-void clang_analyzer_eval(int);
-
-void f(int i) {
-  __builtin_assume(i < 10);
-  clang_analyzer_eval(i < 15); // expected-warning {{TRUE}}
-}
diff --git a/test/Analysis/builtin-functions.cpp b/test/Analysis/builtin-functions.cpp
index 4e9859754d..2c19502511 100644
--- a/test/Analysis/builtin-functions.cpp
+++ b/test/Analysis/builtin-functions.cpp
@@ -1,6 +1,7 @@
 // RUN: %clang_analyze_cc1 -triple x86_64-apple-darwin10 -analyzer-checker=core,debug.ExprInspection %s -std=c++11 -verify
 
 void clang_analyzer_eval(bool);
+void clang_analyzer_warnIfReached();
 
 void testAddressof(int x) {
   clang_analyzer_eval(&x == __builtin_addressof(x)); // expected-warning{{TRUE}}
@@ -50,3 +51,16 @@ void test_assume_aligned_4(char *p) {
   q = (char*) __builtin_assume_aligned(p + 1, 16);
   clang_analyzer_eval(p == q); // expected-warning{{FALSE}}
 }
+
+void f(int i) {
+  __builtin_assume(i < 10);
+  clang_analyzer_eval(i < 15); // expected-warning {{TRUE}}
+}
+
+void g(int i) {
+  if (i > 5) {
+    __builtin_assume(i < 5);
+    clang_analyzer_warnIfReached(); // Assumtion contradicts constraints.
+                                    // We give up the analysis on this path.
+  }
+}