NSString.m revision 0aeaf5a1a55dbc04c633cae4fb8bad2a33b01d62
1// RUN: clang-cc -triple i386-pc-linux-gnu -analyze -checker-cfref -analyzer-store=basic -analyzer-constraints=basic -verify %s && 2// RUN: clang-cc -triple i386-pc-linux-gnu -analyze -checker-cfref -analyzer-store=basic-old-cast -analyzer-constraints=basic -verify %s && 3// RUN: clang-cc -triple i386-pc-linux-gnu -analyze -checker-cfref -analyzer-store=basic -analyzer-constraints=range -verify %s && 4// RUN: clang-cc -triple i386-pc-linux-gnu -analyze -checker-cfref -analyzer-store=basic-old-cast -analyzer-constraints=range -verify %s && 5// RUN: clang-cc -triple i386-pc-linux-gnu -analyze -checker-cfref -analyzer-store=region -analyzer-constraints=basic -verify %s && 6// RUN: clang-cc -triple i386-pc-linux-gnu -analyze -checker-cfref -analyzer-store=region -analyzer-constraints=range -verify %s 7 8//===----------------------------------------------------------------------===// 9// The following code is reduced using delta-debugging from 10// Foundation.h (Mac OS X). 11// 12// It includes the basic definitions for the test cases below. 13// Not directly including Foundation.h directly makes this test case 14// both svelte and portable to non-Mac platforms. 15//===----------------------------------------------------------------------===// 16 17typedef int int32_t; 18typedef const void * CFTypeRef; 19typedef const struct __CFString * CFStringRef; 20typedef const struct __CFAllocator * CFAllocatorRef; 21extern const CFAllocatorRef kCFAllocatorDefault; 22extern CFTypeRef CFRetain(CFTypeRef cf); 23void CFRelease(CFTypeRef cf); 24typedef const struct __CFDictionary * CFDictionaryRef; 25const void *CFDictionaryGetValue(CFDictionaryRef theDict, const void *key); 26extern CFStringRef CFStringCreateWithFormat(CFAllocatorRef alloc, CFDictionaryRef formatOptions, CFStringRef format, ...); 27typedef signed char BOOL; 28typedef int NSInteger; 29typedef unsigned int NSUInteger; 30@class NSString, Protocol; 31extern void NSLog(NSString *format, ...) __attribute__((format(__NSString__, 1, 2))); 32typedef NSInteger NSComparisonResult; 33typedef struct _NSZone NSZone; 34@class NSInvocation, NSMethodSignature, NSCoder, NSString, NSEnumerator; 35@protocol NSObject 36- (BOOL)isEqual:(id)object; 37- (oneway void)release; 38- (id)retain; 39- (id)autorelease; 40@end 41@protocol NSCopying 42- (id)copyWithZone:(NSZone *)zone; 43@end 44@protocol NSMutableCopying 45- (id)mutableCopyWithZone:(NSZone *)zone; 46@end 47@protocol NSCoding 48- (void)encodeWithCoder:(NSCoder *)aCoder; 49@end 50@interface NSObject <NSObject> {} 51- (id)init; 52+ (id)alloc; 53@end 54extern id NSAllocateObject(Class aClass, NSUInteger extraBytes, NSZone *zone); 55typedef struct {} NSFastEnumerationState; 56@protocol NSFastEnumeration 57- (NSUInteger)countByEnumeratingWithState:(NSFastEnumerationState *)state objects:(id *)stackbuf count:(NSUInteger)len; 58@end 59@class NSString; 60typedef struct _NSRange {} NSRange; 61@interface NSArray : NSObject <NSCopying, NSMutableCopying, NSCoding, NSFastEnumeration> 62- (NSUInteger)count; 63@end 64@interface NSMutableArray : NSArray 65- (void)addObject:(id)anObject; 66- (id)initWithCapacity:(NSUInteger)numItems; 67@end 68typedef unsigned short unichar; 69@class NSData, NSArray, NSDictionary, NSCharacterSet, NSData, NSURL, NSError, NSLocale; 70typedef NSUInteger NSStringCompareOptions; 71@interface NSString : NSObject <NSCopying, NSMutableCopying, NSCoding> - (NSUInteger)length; 72- (NSComparisonResult)compare:(NSString *)string; 73- (NSComparisonResult)compare:(NSString *)string options:(NSStringCompareOptions)mask; 74- (NSComparisonResult)compare:(NSString *)string options:(NSStringCompareOptions)mask range:(NSRange)compareRange; 75- (NSComparisonResult)compare:(NSString *)string options:(NSStringCompareOptions)mask range:(NSRange)compareRange locale:(id)locale; 76- (NSComparisonResult)caseInsensitiveCompare:(NSString *)string; 77- (NSArray *)componentsSeparatedByCharactersInSet:(NSCharacterSet *)separator; 78+ (id)stringWithFormat:(NSString *)format, ... __attribute__((format(__NSString__, 1, 2))); 79@end 80@interface NSSimpleCString : NSString {} @end 81@interface NSConstantString : NSSimpleCString @end 82extern void *_NSConstantStringClassReference; 83 84//===----------------------------------------------------------------------===// 85// Test cases. 86//===----------------------------------------------------------------------===// 87 88NSComparisonResult f1(NSString* s) { 89 NSString *aString = 0; 90 return [s compare:aString]; // expected-warning {{Argument to 'NSString' method 'compare:' cannot be nil.}} 91} 92 93NSComparisonResult f2(NSString* s) { 94 NSString *aString = 0; 95 return [s caseInsensitiveCompare:aString]; // expected-warning {{Argument to 'NSString' method 'caseInsensitiveCompare:' cannot be nil.}} 96} 97 98NSComparisonResult f3(NSString* s, NSStringCompareOptions op) { 99 NSString *aString = 0; 100 return [s compare:aString options:op]; // expected-warning {{Argument to 'NSString' method 'compare:options:' cannot be nil.}} 101} 102 103NSComparisonResult f4(NSString* s, NSStringCompareOptions op, NSRange R) { 104 NSString *aString = 0; 105 return [s compare:aString options:op range:R]; // expected-warning {{Argument to 'NSString' method 'compare:options:range:' cannot be nil.}} 106} 107 108NSComparisonResult f5(NSString* s, NSStringCompareOptions op, NSRange R) { 109 NSString *aString = 0; 110 return [s compare:aString options:op range:R locale:0]; // expected-warning {{Argument to 'NSString' method 'compare:options:range:locale:' cannot be nil.}} 111} 112 113NSArray *f6(NSString* s) { 114 return [s componentsSeparatedByCharactersInSet:0]; // expected-warning {{Argument to 'NSString' method 'componentsSeparatedByCharactersInSet:' cannot be nil.}} 115} 116 117NSString* f7(NSString* s1, NSString* s2, NSString* s3) { 118 119 NSString* s4 = (NSString*) 120 CFStringCreateWithFormat(kCFAllocatorDefault, 0, // expected-warning{{leak}} 121 (CFStringRef) __builtin___CFStringMakeConstantString("%@ %@ (%@)"), 122 s1, s2, s3); 123 124 CFRetain(s4); 125 return s4; 126} 127 128NSMutableArray* f8() { 129 130 NSString* s = [[NSString alloc] init]; 131 NSMutableArray* a = [[NSMutableArray alloc] initWithCapacity:2]; 132 [a addObject:s]; 133 [s release]; // no-warning 134 return a; 135} 136 137void f9() { 138 139 NSString* s = [[NSString alloc] init]; 140 NSString* q = s; 141 [s release]; 142 [q release]; // expected-warning {{used after it is released}} 143} 144 145NSString* f10() { 146 static NSString* s = 0; 147 if (!s) s = [[NSString alloc] init]; 148 return s; // no-warning 149} 150 151// Test case for regression reported in <rdar://problem/6452745>. 152// Essentially 's' should not be considered allocated on the false branch. 153// This exercises the 'EvalAssume' logic in GRTransferFuncs (CFRefCount.cpp). 154NSString* f11(CFDictionaryRef dict, const char* key) { 155 NSString* s = (NSString*) CFDictionaryGetValue(dict, key); 156 [s retain]; 157 if (s) { 158 [s release]; 159 } 160 return 0; 161} 162 163// Test case for passing a tracked object by-reference to a function we 164// don't understand. 165void unknown_function_f12(NSString** s); 166void f12() { 167 NSString *string = [[NSString alloc] init]; 168 unknown_function_f12(&string); // no-warning 169} 170 171// Test double release of CFString (PR 4014). 172void f13(void) { 173 CFStringRef ref = CFStringCreateWithFormat(kCFAllocatorDefault, ((void*)0), ((CFStringRef) __builtin___CFStringMakeConstantString ("" "%d" "")), 100); 174 CFRelease(ref); 175 CFRelease(ref); // expected-warning{{Reference-counted object is used after it is released}} 176} 177 178// Test regular use of -autorelease 179@interface TestAutorelease 180-(NSString*) getString; 181@end 182@implementation TestAutorelease 183-(NSString*) getString { 184 NSString *str = [[NSString alloc] init]; 185 return [str autorelease]; // no-warning 186} 187- (void)m1 188{ 189 NSString *s = [[NSString alloc] init]; // expected-warning{{leak}} 190 [s retain]; 191 [s autorelease]; 192} 193- (void)m2 194{ 195 NSString *s = [[[NSString alloc] init] autorelease]; // expected-warning{{leak}} 196 [s retain]; 197} 198- (void)m3 199{ 200 NSString *s = [[[NSString alloc] init] autorelease]; 201 [s retain]; 202 [s autorelease]; 203} 204- (void)m4 205{ 206 NSString *s = [[NSString alloc] init]; // expected-warning{{leak}} 207 [s retain]; 208} 209- (void)m5 210{ 211 NSString *s = [[NSString alloc] init]; 212 [s autorelease]; 213} 214@end 215 216@interface C1 : NSObject {} 217- (NSString*) getShared; 218+ (C1*) sharedInstance; 219@end 220@implementation C1 : NSObject {} 221- (NSString*) getShared { 222 static NSString* s = 0; 223 if (!s) s = [[NSString alloc] init]; 224 return s; // no-warning 225} 226+ (C1 *)sharedInstance { 227 static C1 *sharedInstance = 0; 228 if (!sharedInstance) { 229 sharedInstance = [[C1 alloc] init]; 230 } 231 return sharedInstance; // no-warning 232} 233@end 234 235@interface SharedClass : NSObject 236+ (id)sharedInstance; 237- (id)notShared; 238@end 239 240@implementation SharedClass 241 242- (id)_init { 243 if ((self = [super init])) { 244 NSLog(@"Bar"); 245 } 246 return self; 247} 248 249- (id)notShared { 250 return [[SharedClass alloc] _init]; // expected-warning{{leak}} 251} 252 253+ (id)sharedInstance { 254 static SharedClass *_sharedInstance = 0; 255 if (!_sharedInstance) { 256 _sharedInstance = [[SharedClass alloc] _init]; 257 } 258 return _sharedInstance; // no-warning 259} 260@end 261 262id testSharedClassFromFunction() { 263 return [[SharedClass alloc] _init]; // no-warning 264} 265 266// Test OSCompareAndSwap 267_Bool OSAtomicCompareAndSwapPtr( void *__oldValue, void *__newValue, void * volatile *__theValue ); 268_Bool OSAtomicCompareAndSwap32Barrier( int32_t __oldValue, int32_t __newValue, volatile int32_t *__theValue ); 269extern BOOL objc_atomicCompareAndSwapPtr(id predicate, id replacement, volatile id *objectLocation); 270 271void testOSCompareAndSwap() { 272 NSString *old = 0; 273 NSString *s = [[NSString alloc] init]; // no-warning 274 if (!OSAtomicCompareAndSwapPtr(0, s, (void**) &old)) 275 [s release]; 276 else 277 [old release]; 278} 279 280void testOSCompareAndSwap32Barrier() { 281 NSString *old = 0; 282 NSString *s = [[NSString alloc] init]; // no-warning 283 if (!OSAtomicCompareAndSwap32Barrier((int32_t) 0, (int32_t) s, (int32_t*) &old)) 284 [s release]; 285 else 286 [old release]; 287} 288 289int testOSCompareAndSwap32Barrier_id(Class myclass, id xclass) { 290 if (OSAtomicCompareAndSwap32Barrier(0, (int32_t) myclass, (int32_t*) &xclass)) 291 return 1; 292 return 0; 293} 294 295void test_objc_atomicCompareAndSwap() { 296 NSString *old = 0; 297 NSString *s = [[NSString alloc] init]; // no-warning 298 if (!objc_atomicCompareAndSwapPtr(0, s, &old)) 299 [s release]; 300 else 301 [old release]; 302} 303 304// Test stringWithFormat (<rdar://problem/6815234>) 305void test_stringWithFormat() { 306 NSString *string = [[NSString stringWithFormat:@"%ld", (long) 100] retain]; 307 [string release]; 308 [string release]; // expected-warning{{Incorrect decrement of the reference count}} 309} 310 311// Test isTrackedObjectType(). 312typedef NSString* WonkyTypedef; 313@interface TestIsTracked 314+ (WonkyTypedef)newString; 315@end 316 317void test_isTrackedObjectType(void) { 318 NSString *str = [TestIsTracked newString]; // expected-warning{{Potential leak}} 319} 320 321// Test isTrackedCFObjectType(). 322@interface TestIsCFTracked 323+ (CFStringRef) badNewCFString; 324+ (CFStringRef) newCFString; 325@end 326 327@implementation TestIsCFTracked 328+ (CFStringRef) newCFString { 329 return CFStringCreateWithFormat(kCFAllocatorDefault, ((void*)0), ((CFStringRef) __builtin___CFStringMakeConstantString ("" "%d" "")), 100); // no-warning 330} 331+ (CFStringRef) badNewCFString { 332 return CFStringCreateWithFormat(kCFAllocatorDefault, ((void*)0), ((CFStringRef) __builtin___CFStringMakeConstantString ("" "%d" "")), 100); // expected-warning{{leak}} 333} 334 335// Test @synchronized 336void test_synchronized(id x) { 337 @synchronized(x) { 338 NSString *string = [[NSString stringWithFormat:@"%ld", (long) 100] retain]; // expected-warning {{leak}} 339 } 340} 341 342 343