NSString.m revision 98104728aa36ba6e5cebfa265ece57127091b906
1// RUN: clang-cc -arch i386 -analyze -checker-cfref -analyzer-store=basic -analyzer-constraints=basic -verify %s && 2// RUN: clang-cc -arch i386 -analyze -checker-cfref -analyzer-store=basic -analyzer-constraints=range -verify %s 3 4 5// NOTWORK: clang-cc -arch i386 -analyze -checker-cfref -analyzer-store=region -analyzer-constraints=basic -verify %s && 6// NOTWORK: clang-cc -arch i386 -analyze -checker-cfref -analyzer-store=region -analyzer-constraints=range -verify %s 7 8//===----------------------------------------------------------------------===// 9// The following code is reduced using delta-debugging from 10// Foundation.h (Mac OS X). 11// 12// It includes the basic definitions for the test cases below. 13// Not directly including Foundation.h directly makes this test case 14// both svelte and portable to non-Mac platforms. 15//===----------------------------------------------------------------------===// 16 17typedef int int32_t; 18typedef const void * CFTypeRef; 19typedef const struct __CFString * CFStringRef; 20typedef const struct __CFAllocator * CFAllocatorRef; 21extern const CFAllocatorRef kCFAllocatorDefault; 22extern CFTypeRef CFRetain(CFTypeRef cf); 23void CFRelease(CFTypeRef cf); 24typedef const struct __CFDictionary * CFDictionaryRef; 25const void *CFDictionaryGetValue(CFDictionaryRef theDict, const void *key); 26extern CFStringRef CFStringCreateWithFormat(CFAllocatorRef alloc, CFDictionaryRef formatOptions, CFStringRef format, ...); 27typedef signed char BOOL; 28typedef int NSInteger; 29typedef unsigned int NSUInteger; 30@class NSString, Protocol; 31extern void NSLog(NSString *format, ...) __attribute__((format(__NSString__, 1, 2))); 32typedef NSInteger NSComparisonResult; 33typedef struct _NSZone NSZone; 34@class NSInvocation, NSMethodSignature, NSCoder, NSString, NSEnumerator; 35@protocol NSObject 36- (BOOL)isEqual:(id)object; 37- (oneway void)release; 38- (id)retain; 39@end 40@protocol NSCopying 41- (id)copyWithZone:(NSZone *)zone; 42@end 43@protocol NSMutableCopying 44- (id)mutableCopyWithZone:(NSZone *)zone; 45@end 46@protocol NSCoding 47- (void)encodeWithCoder:(NSCoder *)aCoder; 48@end 49@interface NSObject <NSObject> {} 50- (id)init; 51+ (id)alloc; 52@end 53extern id NSAllocateObject(Class aClass, NSUInteger extraBytes, NSZone *zone); 54typedef struct {} NSFastEnumerationState; 55@protocol NSFastEnumeration 56- (NSUInteger)countByEnumeratingWithState:(NSFastEnumerationState *)state objects:(id *)stackbuf count:(NSUInteger)len; 57@end 58@class NSString; 59typedef struct _NSRange {} NSRange; 60@interface NSArray : NSObject <NSCopying, NSMutableCopying, NSCoding, NSFastEnumeration> 61- (NSUInteger)count; 62@end 63@interface NSMutableArray : NSArray 64- (void)addObject:(id)anObject; 65- (id)initWithCapacity:(NSUInteger)numItems; 66@end 67typedef unsigned short unichar; 68@class NSData, NSArray, NSDictionary, NSCharacterSet, NSData, NSURL, NSError, NSLocale; 69typedef NSUInteger NSStringCompareOptions; 70@interface NSString : NSObject <NSCopying, NSMutableCopying, NSCoding> - (NSUInteger)length; 71- (NSComparisonResult)compare:(NSString *)string; 72- (NSComparisonResult)compare:(NSString *)string options:(NSStringCompareOptions)mask; 73- (NSComparisonResult)compare:(NSString *)string options:(NSStringCompareOptions)mask range:(NSRange)compareRange; 74- (NSComparisonResult)compare:(NSString *)string options:(NSStringCompareOptions)mask range:(NSRange)compareRange locale:(id)locale; 75- (NSComparisonResult)caseInsensitiveCompare:(NSString *)string; 76- (NSArray *)componentsSeparatedByCharactersInSet:(NSCharacterSet *)separator; 77+ (id)stringWithFormat:(NSString *)format, ... __attribute__((format(__NSString__, 1, 2))); 78@end 79@interface NSSimpleCString : NSString {} @end 80@interface NSConstantString : NSSimpleCString @end 81extern void *_NSConstantStringClassReference; 82 83//===----------------------------------------------------------------------===// 84// Test cases. 85//===----------------------------------------------------------------------===// 86 87NSComparisonResult f1(NSString* s) { 88 NSString *aString = 0; 89 return [s compare:aString]; // expected-warning {{Argument to 'NSString' method 'compare:' cannot be nil.}} 90} 91 92NSComparisonResult f2(NSString* s) { 93 NSString *aString = 0; 94 return [s caseInsensitiveCompare:aString]; // expected-warning {{Argument to 'NSString' method 'caseInsensitiveCompare:' cannot be nil.}} 95} 96 97NSComparisonResult f3(NSString* s, NSStringCompareOptions op) { 98 NSString *aString = 0; 99 return [s compare:aString options:op]; // expected-warning {{Argument to 'NSString' method 'compare:options:' cannot be nil.}} 100} 101 102NSComparisonResult f4(NSString* s, NSStringCompareOptions op, NSRange R) { 103 NSString *aString = 0; 104 return [s compare:aString options:op range:R]; // expected-warning {{Argument to 'NSString' method 'compare:options:range:' cannot be nil.}} 105} 106 107NSComparisonResult f5(NSString* s, NSStringCompareOptions op, NSRange R) { 108 NSString *aString = 0; 109 return [s compare:aString options:op range:R locale:0]; // expected-warning {{Argument to 'NSString' method 'compare:options:range:locale:' cannot be nil.}} 110} 111 112NSArray *f6(NSString* s) { 113 return [s componentsSeparatedByCharactersInSet:0]; // expected-warning {{Argument to 'NSString' method 'componentsSeparatedByCharactersInSet:' cannot be nil.}} 114} 115 116NSString* f7(NSString* s1, NSString* s2, NSString* s3) { 117 118 NSString* s4 = (NSString*) 119 CFStringCreateWithFormat(kCFAllocatorDefault, 0, // expected-warning{{leak}} 120 (CFStringRef) __builtin___CFStringMakeConstantString("%@ %@ (%@)"), 121 s1, s2, s3); 122 123 CFRetain(s4); 124 return s4; 125} 126 127NSMutableArray* f8() { 128 129 NSString* s = [[NSString alloc] init]; 130 NSMutableArray* a = [[NSMutableArray alloc] initWithCapacity:2]; 131 [a addObject:s]; 132 [s release]; // no-warning 133 return a; 134} 135 136void f9() { 137 138 NSString* s = [[NSString alloc] init]; 139 NSString* q = s; 140 [s release]; 141 [q release]; // expected-warning {{used after it is released}} 142} 143 144NSString* f10() { 145 static NSString* s = 0; 146 if (!s) s = [[NSString alloc] init]; 147 return s; // no-warning 148} 149 150// Test case for regression reported in <rdar://problem/6452745>. 151// Essentially 's' should not be considered allocated on the false branch. 152// This exercises the 'EvalAssume' logic in GRTransferFuncs (CFRefCount.cpp). 153NSString* f11(CFDictionaryRef dict, const char* key) { 154 NSString* s = (NSString*) CFDictionaryGetValue(dict, key); 155 [s retain]; 156 if (s) { 157 [s release]; 158 } 159} 160 161// Test case for passing a tracked object by-reference to a function we 162// don't understand. 163void unknown_function_f12(NSString** s); 164void f12() { 165 NSString *string = [[NSString alloc] init]; 166 unknown_function_f12(&string); // no-warning 167} 168 169// Test double release of CFString (PR 4014). 170void f13(void) { 171 CFStringRef ref = CFStringCreateWithFormat(kCFAllocatorDefault, ((void*)0), ((CFStringRef) __builtin___CFStringMakeConstantString ("" "%d" "")), 100); 172 CFRelease(ref); 173 CFRelease(ref); // expected-warning{{Reference-counted object is used after it is released}} 174} 175 176@interface C1 : NSObject {} 177- (NSString*) getShared; 178+ (C1*) sharedInstance; 179@end 180@implementation C1 : NSObject {} 181- (NSString*) getShared { 182 static NSString* s = 0; 183 if (!s) s = [[NSString alloc] init]; 184 return s; // no-warning 185} 186+ (C1 *)sharedInstance { 187 static C1 *sharedInstance = 0; 188 if (!sharedInstance) { 189 sharedInstance = [[C1 alloc] init]; 190 } 191 return sharedInstance; // no-warning 192} 193@end 194 195@interface SharedClass : NSObject 196+ (id)sharedInstance; 197- (id)notShared; 198@end 199 200@implementation SharedClass 201 202- (id)_init { 203 if ((self = [super init])) { 204 NSLog(@"Bar"); 205 } 206 return self; 207} 208 209- (id)notShared { 210 return [[SharedClass alloc] _init]; // expected-warning{{leak}} 211} 212 213+ (id)sharedInstance { 214 static SharedClass *_sharedInstance = 0; 215 if (!_sharedInstance) { 216 _sharedInstance = [[SharedClass alloc] _init]; 217 } 218 return _sharedInstance; // no-warning 219} 220@end 221 222id testSharedClassFromFunction() { 223 return [[SharedClass alloc] _init]; // no-warning 224} 225 226// Test OSCompareAndSwap 227_Bool OSAtomicCompareAndSwapPtr( void *__oldValue, void *__newValue, void * volatile *__theValue ); 228_Bool OSAtomicCompareAndSwap32Barrier( int32_t __oldValue, int32_t __newValue, volatile int32_t *__theValue ); 229extern BOOL objc_atomicCompareAndSwapPtr(id predicate, id replacement, volatile id *objectLocation); 230 231void testOSCompareAndSwap() { 232 NSString *old = 0; 233 NSString *s = [[NSString alloc] init]; // no-warning 234 if (!OSAtomicCompareAndSwapPtr(0, s, (void**) &old)) 235 [s release]; 236 else 237 [old release]; 238} 239 240void testOSCompareAndSwap32Barrier() { 241 NSString *old = 0; 242 NSString *s = [[NSString alloc] init]; // no-warning 243 if (!OSAtomicCompareAndSwap32Barrier((int32_t) 0, (int32_t) s, (int32_t*) &old)) 244 [s release]; 245 else 246 [old release]; 247} 248 249void test_objc_atomicCompareAndSwap() { 250 NSString *old = 0; 251 NSString *s = [[NSString alloc] init]; // no-warning 252 if (!objc_atomicCompareAndSwapPtr(0, s, &old)) 253 [s release]; 254 else 255 [old release]; 256} 257 258// Test stringWithFormat (<rdar://problem/6815234>) 259void test_stringWithFormat() { 260 NSString *string = [[NSString stringWithFormat:@"%ld", (long) 100] retain]; 261 [string release]; 262 [string release]; // expected-warning{{Incorrect decrement of the reference count}} 263} 264 265// Test isTrackedObjectType() 266typedef NSString* WonkyTypedef; 267@interface TestIsTracked 268+ (WonkyTypedef)newString; 269@end 270 271void test_isTrackedObjectType(void) { 272 NSString *str = [TestIsTracked newString]; // expected-warning{{Potential leak}} 273} 274