cxx-crashes.cpp revision 9955e708ffadb479b82b26d93dfcf0f5a2a6e372
1// RUN: %clang_cc1 -analyze -analyzer-checker=core,unix.Malloc,debug.ExprInspection -verify %s 2 3void clang_analyzer_eval(bool); 4 5int f1(char *dst) { 6 char *p = dst + 4; 7 char *q = dst + 3; 8 return !(q >= p); 9} 10 11long f2(char *c) { 12 return long(c) & 1; 13} 14 15bool f3() { 16 return !false; 17} 18 19void *f4(int* w) { 20 return reinterpret_cast<void*&>(w); 21} 22 23namespace { 24 25struct A { }; 26struct B { 27 operator A() { return A(); } 28}; 29 30A f(char *dst) { 31 B b; 32 return b; 33} 34 35} 36 37namespace { 38 39struct S { 40 void *p; 41}; 42 43void *f(S* w) { 44 return &reinterpret_cast<void*&>(*w); 45} 46 47} 48 49namespace { 50 51struct C { 52 void *p; 53 static void f(); 54}; 55 56void C::f() { } 57 58} 59 60 61void vla(int n) { 62 int nums[n]; 63 nums[0] = 1; 64 clang_analyzer_eval(nums[0] == 1); // expected-warning{{TRUE}} 65 66 // This used to fail with MallocChecker on, and /only/ in C++ mode. 67 // This struct is POD, though, so it should be fine to put it in a VLA. 68 struct { int x; } structs[n]; 69 structs[0].x = 1; 70 clang_analyzer_eval(structs[0].x == 1); // expected-warning{{TRUE}} 71} 72 73