From 3a3236237e193fb1d1de1aed72e128195d4d0730 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Don=C3=A1t=20Nagy?= Date: Tue, 4 Mar 2025 11:44:18 +0100 Subject: [PATCH] [NFC][analyzer] OOB test consolidation IV: rename files This commit finishes the reorganization of the tests for the checker `security.ArrayBound`. Previously these tests were all named `out-of-bounds-*` which was only weakly connected to the checker name; this commit moves them to a directory named after the checker (`ArrayBound`). I decided to use a directory instead of the more common filename prefix ("poor man's directory") system because it seems to be a more natural use of the filesystem and there are already a few precedents for it. I also added (or edited) comments at the beginning of each test file to describe their purpose; and I added a single new testcase to highlight that the assumption note tags can be added to reports by any checker. (Previously all tests in the file triggered out-of-bounds reports to reveal the note tags; but that was just for convenience.) --- .../assumption-reporting.c} | 21 +++++++++++++++++++ .../assumptions.c} | 0 .../brief-tests.c} | 5 +++++ .../cplusplus.cpp} | 4 ++-- .../verbose-tests.c} | 5 +++++ 5 files changed, 33 insertions(+), 2 deletions(-) rename clang/test/Analysis/{out-of-bounds-notes.c => ArrayBound/assumption-reporting.c} (88%) rename clang/test/Analysis/{out-of-bounds-constraint-check.c => ArrayBound/assumptions.c} (100%) rename clang/test/Analysis/{out-of-bounds.c => ArrayBound/brief-tests.c} (96%) rename clang/test/Analysis/{out-of-bounds-new.cpp => ArrayBound/cplusplus.cpp} (97%) rename clang/test/Analysis/{out-of-bounds-diagnostics.c => ArrayBound/verbose-tests.c} (98%) diff --git a/clang/test/Analysis/out-of-bounds-notes.c b/clang/test/Analysis/ArrayBound/assumption-reporting.c similarity index 88% rename from clang/test/Analysis/out-of-bounds-notes.c rename to clang/test/Analysis/ArrayBound/assumption-reporting.c index 7256beb7e893e..d687886ada1ae 100644 --- a/clang/test/Analysis/out-of-bounds-notes.c +++ b/clang/test/Analysis/ArrayBound/assumption-reporting.c @@ -1,6 +1,16 @@ // RUN: %clang_analyze_cc1 -Wno-array-bounds -analyzer-output=text \ // RUN: -analyzer-checker=core,security.ArrayBound,unix.Malloc,optin.taint -verify %s +// When the checker security.ArrayBound encounters an array subscript operation +// that _may be_ in bounds, it assumes that indexing _is_ in bound. These +// assumptions will be reported to the user if the execution path leads to a +// bug report (made by any checker) and the symbol which was constrainted by +// the assumption is marked as interesting (with `markInteresting` or +// indirectly via `trackExpressionValue`) in that bug report. +// +// This test file validates the content of these note tags which describe the +// assumptions for the user. + int TenElements[10]; int irrelevantAssumptions(int arg) { @@ -197,3 +207,14 @@ int *extentInterestingness(int arg) { // expected-warning@-1 {{Out of bound access to memory after the end of the heap area}} // expected-note@-2 {{Access of 'int' element in the heap area at index 12}} } + +int triggeredByAnyReport(int arg) { + // Verify that note tags explaining the assumptions made by ArrayBound are + // not limited to ArrayBound reports but will appear on any bug report (that + // marks the relevant symbol as interesting). + TenElements[arg + 10] = 8; + // expected-note@-1 {{Assuming index is non-negative and less than 10, the number of 'int' elements in 'TenElements'}} + return 1024 >> arg; + // expected-warning@-1 {{Right operand is negative in right shift}} + // expected-note@-2 {{The result of right shift is undefined because the right operand is negative}} +} diff --git a/clang/test/Analysis/out-of-bounds-constraint-check.c b/clang/test/Analysis/ArrayBound/assumptions.c similarity index 100% rename from clang/test/Analysis/out-of-bounds-constraint-check.c rename to clang/test/Analysis/ArrayBound/assumptions.c diff --git a/clang/test/Analysis/out-of-bounds.c b/clang/test/Analysis/ArrayBound/brief-tests.c similarity index 96% rename from clang/test/Analysis/out-of-bounds.c rename to clang/test/Analysis/ArrayBound/brief-tests.c index 2174dafc0021b..f4811efd8d8b6 100644 --- a/clang/test/Analysis/out-of-bounds.c +++ b/clang/test/Analysis/ArrayBound/brief-tests.c @@ -1,5 +1,10 @@ // RUN: %clang_analyze_cc1 -Wno-array-bounds -analyzer-checker=core,security.ArrayBound,debug.ExprInspection -verify %s +// Miscellaneous tests for `security.ArrayBound` where we only test the +// presence or absence of a bug report. If a test doesn't fit in a more +// specific file and doesn't need to verify the details of 'note' diagnostics, +// then it should be placed here. + void clang_analyzer_value(int); // Tests doing an out-of-bounds access after the end of an array using: diff --git a/clang/test/Analysis/out-of-bounds-new.cpp b/clang/test/Analysis/ArrayBound/cplusplus.cpp similarity index 97% rename from clang/test/Analysis/out-of-bounds-new.cpp rename to clang/test/Analysis/ArrayBound/cplusplus.cpp index 4e5442422bff4..c6ed6cea8aa4b 100644 --- a/clang/test/Analysis/out-of-bounds-new.cpp +++ b/clang/test/Analysis/ArrayBound/cplusplus.cpp @@ -1,5 +1,7 @@ // RUN: %clang_analyze_cc1 -std=c++11 -Wno-array-bounds -analyzer-checker=unix,core,security.ArrayBound -verify %s +// Test the interactions of `security.ArrayBound` with C++ features. + // Tests doing an out-of-bounds access after the end of an array using: // - constant integer index // - constant integer size for buffer @@ -157,8 +159,6 @@ void test_dynamic_size2(unsigned m,unsigned n){ //Test creating invalid references, which break the invariant that a reference //is always holding a value, and could lead to nasty runtime errors. -//(This is not related to operator new, but placed in this file because the -//other test files are not C++.) int array[10] = {0}; void test_after_the_end_reference() { diff --git a/clang/test/Analysis/out-of-bounds-diagnostics.c b/clang/test/Analysis/ArrayBound/verbose-tests.c similarity index 98% rename from clang/test/Analysis/out-of-bounds-diagnostics.c rename to clang/test/Analysis/ArrayBound/verbose-tests.c index 524fa4e2aaaf7..84d238ed1a2a4 100644 --- a/clang/test/Analysis/out-of-bounds-diagnostics.c +++ b/clang/test/Analysis/ArrayBound/verbose-tests.c @@ -1,6 +1,11 @@ // RUN: %clang_analyze_cc1 -Wno-array-bounds -analyzer-output=text \ // RUN: -analyzer-checker=core,security.ArrayBound,unix.Malloc,optin.taint -verify %s +// Miscellaneous tests for `security.ArrayBound` where we also verify the +// content of the 'note' diagnostics. This makes the tests sensitive to textual +// changes in the diagnostics, so prefer adding new tests to `brief-tests.c` +// unless they need to verify the correctness of 'note' diagnostics. + int TenElements[10]; void arrayUnderflow(void) {