120681c1a3
Several static analyzers (clang's one, Facebook Infer, etc.) warn about NULL pointer dereferences after a call to CU_ASSERT_PTR_NOT_NULL_FATAL() in the test code written using CUnit framework. This is because this CUnit macro is too complex for them to understand that the pointer cannot be NULL: it is translated to a call to CU_assertImplementation() with an argument as TRUE in order to mean that the call is fatal if the asserted condition failed (cf. http://cunit.sourceforge.net/doxdocs/group__Framework.html). A possible solution could consist in replacing the CU_ASSERT_..._FATAL() calls by assert() ones, as most static analyzers know about assert(). Nevertheless this seems to go against CUnit's API. An alternative solution consists in overriding CU_ASSERT_..._FATAL() macros in order to expand to assert() after a call to the matching CU_ASSERT_...() non-fatal macro. This appears to work fine and to remove many false-positive warnings from various static analyzers. As this substitution should only occur when using static analyzer, put it under #ifdef __CHECKER__, which is the macro used by sparse when analyzing the Linux kernel. Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org> |
||
|---|---|---|
| .. | ||
| policies | ||
| .gitignore | ||
| Makefile | ||
| debug.c | ||
| debug.h | ||
| helpers.c | ||
| helpers.h | ||
| libsepol-tests.c | ||
| test-common.c | ||
| test-common.h | ||
| test-cond.c | ||
| test-cond.h | ||
| test-deps.c | ||
| test-deps.h | ||
| test-downgrade.c | ||
| test-downgrade.h | ||
| test-expander-attr-map.c | ||
| test-expander-attr-map.h | ||
| test-expander-roles.c | ||
| test-expander-roles.h | ||
| test-expander-users.c | ||
| test-expander-users.h | ||
| test-expander.c | ||
| test-expander.h | ||
| test-linker-cond-map.c | ||
| test-linker-cond-map.h | ||
| test-linker-roles.c | ||
| test-linker-roles.h | ||
| test-linker-types.c | ||
| test-linker-types.h | ||
| test-linker.c | ||
| test-linker.h | ||