NSString.m revision f7a0cf426eddae76e1a71dd2295631a2cf0560af
1// RUN: clang-cc -triple i386-pc-linux-gnu -analyze -checker-cfref -analyzer-store=basic -analyzer-constraints=basic -verify %s && 2// RUN: clang-cc -triple i386-pc-linux-gnu -analyze -checker-cfref -analyzer-store=basic -analyzer-constraints=range -verify %s && 3// RUN: clang-cc -triple i386-pc-linux-gnu -analyze -checker-cfref -analyzer-store=region -analyzer-constraints=basic -verify %s && 4// RUN: clang-cc -triple i386-pc-linux-gnu -analyze -checker-cfref -analyzer-store=region -analyzer-constraints=range -verify %s 5 6//===----------------------------------------------------------------------===// 7// The following code is reduced using delta-debugging from 8// Foundation.h (Mac OS X). 9// 10// It includes the basic definitions for the test cases below. 11// Not directly including Foundation.h directly makes this test case 12// both svelte and portable to non-Mac platforms. 13//===----------------------------------------------------------------------===// 14 15typedef int int32_t; 16typedef const void * CFTypeRef; 17typedef const struct __CFString * CFStringRef; 18typedef const struct __CFAllocator * CFAllocatorRef; 19extern const CFAllocatorRef kCFAllocatorDefault; 20extern CFTypeRef CFRetain(CFTypeRef cf); 21void CFRelease(CFTypeRef cf); 22typedef const struct __CFDictionary * CFDictionaryRef; 23const void *CFDictionaryGetValue(CFDictionaryRef theDict, const void *key); 24extern CFStringRef CFStringCreateWithFormat(CFAllocatorRef alloc, CFDictionaryRef formatOptions, CFStringRef format, ...); 25typedef signed char BOOL; 26typedef int NSInteger; 27typedef unsigned int NSUInteger; 28@class NSString, Protocol; 29extern void NSLog(NSString *format, ...) __attribute__((format(__NSString__, 1, 2))); 30typedef NSInteger NSComparisonResult; 31typedef struct _NSZone NSZone; 32@class NSInvocation, NSMethodSignature, NSCoder, NSString, NSEnumerator; 33@protocol NSObject 34- (BOOL)isEqual:(id)object; 35- (oneway void)release; 36- (id)retain; 37- (id)autorelease; 38@end 39@protocol NSCopying 40- (id)copyWithZone:(NSZone *)zone; 41@end 42@protocol NSMutableCopying 43- (id)mutableCopyWithZone:(NSZone *)zone; 44@end 45@protocol NSCoding 46- (void)encodeWithCoder:(NSCoder *)aCoder; 47@end 48@interface NSObject <NSObject> {} 49- (id)init; 50+ (id)alloc; 51@end 52extern id NSAllocateObject(Class aClass, NSUInteger extraBytes, NSZone *zone); 53typedef struct {} NSFastEnumerationState; 54@protocol NSFastEnumeration 55- (NSUInteger)countByEnumeratingWithState:(NSFastEnumerationState *)state objects:(id *)stackbuf count:(NSUInteger)len; 56@end 57@class NSString; 58typedef struct _NSRange {} NSRange; 59@interface NSArray : NSObject <NSCopying, NSMutableCopying, NSCoding, NSFastEnumeration> 60- (NSUInteger)count; 61@end 62@interface NSMutableArray : NSArray 63- (void)addObject:(id)anObject; 64- (id)initWithCapacity:(NSUInteger)numItems; 65@end 66typedef unsigned short unichar; 67@class NSData, NSArray, NSDictionary, NSCharacterSet, NSData, NSURL, NSError, NSLocale; 68typedef NSUInteger NSStringCompareOptions; 69@interface NSString : NSObject <NSCopying, NSMutableCopying, NSCoding> - (NSUInteger)length; 70- (NSComparisonResult)compare:(NSString *)string; 71- (NSComparisonResult)compare:(NSString *)string options:(NSStringCompareOptions)mask; 72- (NSComparisonResult)compare:(NSString *)string options:(NSStringCompareOptions)mask range:(NSRange)compareRange; 73- (NSComparisonResult)compare:(NSString *)string options:(NSStringCompareOptions)mask range:(NSRange)compareRange locale:(id)locale; 74- (NSComparisonResult)caseInsensitiveCompare:(NSString *)string; 75- (NSArray *)componentsSeparatedByCharactersInSet:(NSCharacterSet *)separator; 76+ (id)stringWithFormat:(NSString *)format, ... __attribute__((format(__NSString__, 1, 2))); 77@end 78@interface NSSimpleCString : NSString {} @end 79@interface NSConstantString : NSSimpleCString @end 80extern void *_NSConstantStringClassReference; 81 82//===----------------------------------------------------------------------===// 83// Test cases. 84//===----------------------------------------------------------------------===// 85 86NSComparisonResult f1(NSString* s) { 87 NSString *aString = 0; 88 return [s compare:aString]; // expected-warning {{Argument to 'NSString' method 'compare:' cannot be nil.}} 89} 90 91NSComparisonResult f2(NSString* s) { 92 NSString *aString = 0; 93 return [s caseInsensitiveCompare:aString]; // expected-warning {{Argument to 'NSString' method 'caseInsensitiveCompare:' cannot be nil.}} 94} 95 96NSComparisonResult f3(NSString* s, NSStringCompareOptions op) { 97 NSString *aString = 0; 98 return [s compare:aString options:op]; // expected-warning {{Argument to 'NSString' method 'compare:options:' cannot be nil.}} 99} 100 101NSComparisonResult f4(NSString* s, NSStringCompareOptions op, NSRange R) { 102 NSString *aString = 0; 103 return [s compare:aString options:op range:R]; // expected-warning {{Argument to 'NSString' method 'compare:options:range:' cannot be nil.}} 104} 105 106NSComparisonResult f5(NSString* s, NSStringCompareOptions op, NSRange R) { 107 NSString *aString = 0; 108 return [s compare:aString options:op range:R locale:0]; // expected-warning {{Argument to 'NSString' method 'compare:options:range:locale:' cannot be nil.}} 109} 110 111NSArray *f6(NSString* s) { 112 return [s componentsSeparatedByCharactersInSet:0]; // expected-warning {{Argument to 'NSString' method 'componentsSeparatedByCharactersInSet:' cannot be nil.}} 113} 114 115NSString* f7(NSString* s1, NSString* s2, NSString* s3) { 116 117 NSString* s4 = (NSString*) 118 CFStringCreateWithFormat(kCFAllocatorDefault, 0, // expected-warning{{leak}} 119 (CFStringRef) __builtin___CFStringMakeConstantString("%@ %@ (%@)"), 120 s1, s2, s3); 121 122 CFRetain(s4); 123 return s4; 124} 125 126NSMutableArray* f8() { 127 128 NSString* s = [[NSString alloc] init]; 129 NSMutableArray* a = [[NSMutableArray alloc] initWithCapacity:2]; 130 [a addObject:s]; 131 [s release]; // no-warning 132 return a; 133} 134 135void f9() { 136 137 NSString* s = [[NSString alloc] init]; 138 NSString* q = s; 139 [s release]; 140 [q release]; // expected-warning {{used after it is released}} 141} 142 143NSString* f10() { 144 static NSString* s = 0; 145 if (!s) s = [[NSString alloc] init]; 146 return s; // no-warning 147} 148 149// Test case for regression reported in <rdar://problem/6452745>. 150// Essentially 's' should not be considered allocated on the false branch. 151// This exercises the 'EvalAssume' logic in GRTransferFuncs (CFRefCount.cpp). 152NSString* f11(CFDictionaryRef dict, const char* key) { 153 NSString* s = (NSString*) CFDictionaryGetValue(dict, key); 154 [s retain]; 155 if (s) { 156 [s release]; 157 } 158 return 0; 159} 160 161// Test case for passing a tracked object by-reference to a function we 162// don't understand. 163void unknown_function_f12(NSString** s); 164void f12() { 165 NSString *string = [[NSString alloc] init]; 166 unknown_function_f12(&string); // no-warning 167} 168 169// Test double release of CFString (PR 4014). 170void f13(void) { 171 CFStringRef ref = CFStringCreateWithFormat(kCFAllocatorDefault, ((void*)0), ((CFStringRef) __builtin___CFStringMakeConstantString ("" "%d" "")), 100); 172 CFRelease(ref); 173 CFRelease(ref); // expected-warning{{Reference-counted object is used after it is released}} 174} 175 176// Test regular use of -autorelease 177@interface TestAutorelease 178-(NSString*) getString; 179@end 180@implementation TestAutorelease 181-(NSString*) getString { 182 NSString *str = [[NSString alloc] init]; 183 return [str autorelease]; // no-warning 184} 185- (void)m1 186{ 187 NSString *s = [[NSString alloc] init]; // expected-warning{{leak}} 188 [s retain]; 189 [s autorelease]; 190} 191- (void)m2 192{ 193 NSString *s = [[[NSString alloc] init] autorelease]; // expected-warning{{leak}} 194 [s retain]; 195} 196- (void)m3 197{ 198 NSString *s = [[[NSString alloc] init] autorelease]; 199 [s retain]; 200 [s autorelease]; 201} 202- (void)m4 203{ 204 NSString *s = [[NSString alloc] init]; // expected-warning{{leak}} 205 [s retain]; 206} 207- (void)m5 208{ 209 NSString *s = [[NSString alloc] init]; 210 [s autorelease]; 211} 212@end 213 214@interface C1 : NSObject {} 215- (NSString*) getShared; 216+ (C1*) sharedInstance; 217@end 218@implementation C1 : NSObject {} 219- (NSString*) getShared { 220 static NSString* s = 0; 221 if (!s) s = [[NSString alloc] init]; 222 return s; // no-warning 223} 224+ (C1 *)sharedInstance { 225 static C1 *sharedInstance = 0; 226 if (!sharedInstance) { 227 sharedInstance = [[C1 alloc] init]; 228 } 229 return sharedInstance; // no-warning 230} 231@end 232 233@interface SharedClass : NSObject 234+ (id)sharedInstance; 235- (id)notShared; 236@end 237 238@implementation SharedClass 239 240- (id)_init { 241 if ((self = [super init])) { 242 NSLog(@"Bar"); 243 } 244 return self; 245} 246 247- (id)notShared { 248 return [[SharedClass alloc] _init]; // expected-warning{{leak}} 249} 250 251+ (id)sharedInstance { 252 static SharedClass *_sharedInstance = 0; 253 if (!_sharedInstance) { 254 _sharedInstance = [[SharedClass alloc] _init]; 255 } 256 return _sharedInstance; // no-warning 257} 258@end 259 260id testSharedClassFromFunction() { 261 return [[SharedClass alloc] _init]; // no-warning 262} 263 264// Test OSCompareAndSwap 265_Bool OSAtomicCompareAndSwapPtr( void *__oldValue, void *__newValue, void * volatile *__theValue ); 266_Bool OSAtomicCompareAndSwap32Barrier( int32_t __oldValue, int32_t __newValue, volatile int32_t *__theValue ); 267extern BOOL objc_atomicCompareAndSwapPtr(id predicate, id replacement, volatile id *objectLocation); 268 269void testOSCompareAndSwap() { 270 NSString *old = 0; 271 NSString *s = [[NSString alloc] init]; // no-warning 272 if (!OSAtomicCompareAndSwapPtr(0, s, (void**) &old)) 273 [s release]; 274 else 275 [old release]; 276} 277 278void testOSCompareAndSwap32Barrier() { 279 NSString *old = 0; 280 NSString *s = [[NSString alloc] init]; // no-warning 281 if (!OSAtomicCompareAndSwap32Barrier((int32_t) 0, (int32_t) s, (int32_t*) &old)) 282 [s release]; 283 else 284 [old release]; 285} 286 287int testOSCompareAndSwap32Barrier_id(Class myclass, id xclass) { 288 if (OSAtomicCompareAndSwap32Barrier(0, (int32_t) myclass, (int32_t*) &xclass)) 289 return 1; 290 return 0; 291} 292 293void test_objc_atomicCompareAndSwap() { 294 NSString *old = 0; 295 NSString *s = [[NSString alloc] init]; // no-warning 296 if (!objc_atomicCompareAndSwapPtr(0, s, &old)) 297 [s release]; 298 else 299 [old release]; 300} 301 302// Test stringWithFormat (<rdar://problem/6815234>) 303void test_stringWithFormat() { 304 NSString *string = [[NSString stringWithFormat:@"%ld", (long) 100] retain]; 305 [string release]; 306 [string release]; // expected-warning{{Incorrect decrement of the reference count}} 307} 308 309// Test isTrackedObjectType(). 310typedef NSString* WonkyTypedef; 311@interface TestIsTracked 312+ (WonkyTypedef)newString; 313@end 314 315void test_isTrackedObjectType(void) { 316 NSString *str = [TestIsTracked newString]; // expected-warning{{Potential leak}} 317} 318 319// Test isTrackedCFObjectType(). 320@interface TestIsCFTracked 321+ (CFStringRef) badNewCFString; 322+ (CFStringRef) newCFString; 323@end 324 325@implementation TestIsCFTracked 326+ (CFStringRef) newCFString { 327 return CFStringCreateWithFormat(kCFAllocatorDefault, ((void*)0), ((CFStringRef) __builtin___CFStringMakeConstantString ("" "%d" "")), 100); // no-warning 328} 329+ (CFStringRef) badNewCFString { 330 return CFStringCreateWithFormat(kCFAllocatorDefault, ((void*)0), ((CFStringRef) __builtin___CFStringMakeConstantString ("" "%d" "")), 100); // expected-warning{{leak}} 331} 332 333// Test @synchronized 334void test_synchronized(id x) { 335 @synchronized(x) { 336 NSString *string = [[NSString stringWithFormat:@"%ld", (long) 100] retain]; // expected-warning {{leak}} 337 } 338} 339 340 341