retain-release.m revision cd57fcec52c48c781700653cf7c39143110b2b1d
1// RUN: clang -analyze -checker-cfref -verify %s && 2// RUN: clang -analyze -checker-cfref -analyzer-store=region -verify %s 3 4 5//===----------------------------------------------------------------------===// 6// The following code is reduced using delta-debugging from 7// Foundation.h (Mac OS X). 8// 9// It includes the basic definitions for the test cases below. 10// Not including Foundation.h directly makes this test case both svelte and 11// portable to non-Mac platforms. 12//===----------------------------------------------------------------------===// 13 14typedef unsigned int __darwin_natural_t; 15typedef struct {} div_t; 16typedef unsigned long UInt32; 17typedef signed long CFIndex; 18typedef const void * CFTypeRef; 19typedef const struct __CFString * CFStringRef; 20typedef const struct __CFAllocator * CFAllocatorRef; 21extern const CFAllocatorRef kCFAllocatorDefault; 22extern CFTypeRef CFRetain(CFTypeRef cf); 23extern void CFRelease(CFTypeRef cf); 24typedef struct { 25} 26CFArrayCallBacks; 27extern const CFArrayCallBacks kCFTypeArrayCallBacks; 28typedef const struct __CFArray * CFArrayRef; 29typedef struct __CFArray * CFMutableArrayRef; 30extern CFMutableArrayRef CFArrayCreateMutable(CFAllocatorRef allocator, CFIndex capacity, const CFArrayCallBacks *callBacks); 31extern const void *CFArrayGetValueAtIndex(CFArrayRef theArray, CFIndex idx); 32extern void CFArrayAppendValue(CFMutableArrayRef theArray, const void *value); 33typedef const struct __CFDictionary * CFDictionaryRef; 34typedef UInt32 CFStringEncoding; 35enum { 36kCFStringEncodingMacRoman = 0, kCFStringEncodingWindowsLatin1 = 0x0500, kCFStringEncodingISOLatin1 = 0x0201, kCFStringEncodingNextStepLatin = 0x0B01, kCFStringEncodingASCII = 0x0600, kCFStringEncodingUnicode = 0x0100, kCFStringEncodingUTF8 = 0x08000100, kCFStringEncodingNonLossyASCII = 0x0BFF , kCFStringEncodingUTF16 = 0x0100, kCFStringEncodingUTF16BE = 0x10000100, kCFStringEncodingUTF16LE = 0x14000100, kCFStringEncodingUTF32 = 0x0c000100, kCFStringEncodingUTF32BE = 0x18000100, kCFStringEncodingUTF32LE = 0x1c000100 }; 37extern CFStringRef CFStringCreateWithCString(CFAllocatorRef alloc, const char *cStr, CFStringEncoding encoding); 38typedef double CFTimeInterval; 39typedef CFTimeInterval CFAbsoluteTime; 40extern CFAbsoluteTime CFAbsoluteTimeGetCurrent(void); 41typedef const struct __CFDate * CFDateRef; 42extern CFDateRef CFDateCreate(CFAllocatorRef allocator, CFAbsoluteTime at); 43extern CFAbsoluteTime CFDateGetAbsoluteTime(CFDateRef theDate); 44typedef __darwin_natural_t natural_t; 45typedef natural_t mach_port_name_t; 46typedef mach_port_name_t mach_port_t; 47typedef struct { 48} 49CFRunLoopObserverContext; 50typedef signed char BOOL; 51typedef unsigned int NSUInteger; 52@class NSString, Protocol; 53extern void NSLog(NSString *format, ...) __attribute__((format(__NSString__, 1, 2))); 54typedef struct _NSZone NSZone; 55@class NSInvocation, NSMethodSignature, NSCoder, NSString, NSEnumerator; 56@protocol NSObject - (BOOL)isEqual:(id)object; 57- (id)retain; 58- (oneway void)release; 59- (id)autorelease; 60@end @protocol NSCopying - (id)copyWithZone:(NSZone *)zone; 61@end @protocol NSMutableCopying - (id)mutableCopyWithZone:(NSZone *)zone; 62@end @protocol NSCoding - (void)encodeWithCoder:(NSCoder *)aCoder; 63@end @interface NSObject <NSObject> { 64} 65+ (id)alloc; 66@end typedef float CGFloat; 67@interface NSString : NSObject <NSCopying, NSMutableCopying, NSCoding> - (NSUInteger)length; 68- (const char *)UTF8String; 69- (id)initWithUTF8String:(const char *)nullTerminatedCString; 70+ (id)stringWithUTF8String:(const char *)nullTerminatedCString; 71@end extern NSString * const NSCurrentLocaleDidChangeNotification ; 72@protocol NSLocking - (void)lock; 73@end extern NSString * const NSUndoManagerCheckpointNotification; 74typedef enum { 75ACL_READ_DATA = (1<<1), ACL_LIST_DIRECTORY = (1<<1), ACL_WRITE_DATA = (1<<2), ACL_ADD_FILE = (1<<2), ACL_EXECUTE = (1<<3), ACL_SEARCH = (1<<3), ACL_DELETE = (1<<4), ACL_APPEND_DATA = (1<<5), ACL_ADD_SUBDIRECTORY = (1<<5), ACL_DELETE_CHILD = (1<<6), ACL_READ_ATTRIBUTES = (1<<7), ACL_WRITE_ATTRIBUTES = (1<<8), ACL_READ_EXTATTRIBUTES = (1<<9), ACL_WRITE_EXTATTRIBUTES = (1<<10), ACL_READ_SECURITY = (1<<11), ACL_WRITE_SECURITY = (1<<12), ACL_CHANGE_OWNER = (1<<13) } 76acl_entry_id_t; 77typedef int kern_return_t; 78typedef kern_return_t mach_error_t; 79typedef mach_port_t io_object_t; 80typedef io_object_t io_service_t; 81typedef struct __DASession * DASessionRef; 82extern DASessionRef DASessionCreate( CFAllocatorRef allocator ); 83typedef struct __DADisk * DADiskRef; 84extern DADiskRef DADiskCreateFromBSDName( CFAllocatorRef allocator, DASessionRef session, const char * name ); 85extern DADiskRef DADiskCreateFromIOMedia( CFAllocatorRef allocator, DASessionRef session, io_service_t media ); 86extern CFDictionaryRef DADiskCopyDescription( DADiskRef disk ); 87extern DADiskRef DADiskCopyWholeDisk( DADiskRef disk ); 88@interface NSResponder : NSObject <NSCoding> { 89} 90@end @class NSColor, NSFont, NSNotification; 91typedef struct __CFlags { 92} 93_CFlags; 94@interface NSCell : NSObject <NSCopying, NSCoding> { 95} 96@end @class NSDate, NSDictionary, NSError, NSException, NSNotification; 97@interface NSManagedObjectContext : NSObject <NSCoding, NSLocking> { 98} 99@end enum { 100kDAReturnSuccess = 0, kDAReturnError = (((0x3e)&0x3f)<<26) | (((0x368)&0xfff)<<14) | 0x01, kDAReturnBusy = (((0x3e)&0x3f)<<26) | (((0x368)&0xfff)<<14) | 0x02, kDAReturnBadArgument = (((0x3e)&0x3f)<<26) | (((0x368)&0xfff)<<14) | 0x03, kDAReturnExclusiveAccess = (((0x3e)&0x3f)<<26) | (((0x368)&0xfff)<<14) | 0x04, kDAReturnNoResources = (((0x3e)&0x3f)<<26) | (((0x368)&0xfff)<<14) | 0x05, kDAReturnNotFound = (((0x3e)&0x3f)<<26) | (((0x368)&0xfff)<<14) | 0x06, kDAReturnNotMounted = (((0x3e)&0x3f)<<26) | (((0x368)&0xfff)<<14) | 0x07, kDAReturnNotPermitted = (((0x3e)&0x3f)<<26) | (((0x368)&0xfff)<<14) | 0x08, kDAReturnNotPrivileged = (((0x3e)&0x3f)<<26) | (((0x368)&0xfff)<<14) | 0x09, kDAReturnNotReady = (((0x3e)&0x3f)<<26) | (((0x368)&0xfff)<<14) | 0x0A, kDAReturnNotWritable = (((0x3e)&0x3f)<<26) | (((0x368)&0xfff)<<14) | 0x0B, kDAReturnUnsupported = (((0x3e)&0x3f)<<26) | (((0x368)&0xfff)<<14) | 0x0C }; 101typedef mach_error_t DAReturn; 102typedef const struct __DADissenter * DADissenterRef; 103extern DADissenterRef DADissenterCreate( CFAllocatorRef allocator, DAReturn status, CFStringRef string ); 104 105 106 107 108//===----------------------------------------------------------------------===// 109// Test cases. 110//===----------------------------------------------------------------------===// 111 112CFAbsoluteTime f1() { 113 CFAbsoluteTime t = CFAbsoluteTimeGetCurrent(); 114 CFDateRef date = CFDateCreate(0, t); 115 CFRetain(date); 116 CFRelease(date); 117 CFDateGetAbsoluteTime(date); // no-warning 118 CFRelease(date); 119 t = CFDateGetAbsoluteTime(date); // expected-warning{{Reference-counted object is used after it is released.}} 120 return t; 121} 122 123CFAbsoluteTime f2() { 124 CFAbsoluteTime t = CFAbsoluteTimeGetCurrent(); 125 CFDateRef date = CFDateCreate(0, t); 126 [((NSDate*) date) retain]; 127 CFRelease(date); 128 CFDateGetAbsoluteTime(date); // no-warning 129 [((NSDate*) date) release]; 130 t = CFDateGetAbsoluteTime(date); // expected-warning{{Reference-counted object is used after it is released.}} 131 return t; 132} 133 134 135NSDate* global_x; 136 137// Test to see if we supresss an error when we store the pointer 138// to a global. 139 140CFAbsoluteTime f3() { 141 CFAbsoluteTime t = CFAbsoluteTimeGetCurrent(); 142 CFDateRef date = CFDateCreate(0, t); 143 [((NSDate*) date) retain]; 144 CFRelease(date); 145 CFDateGetAbsoluteTime(date); // no-warning 146 global_x = (NSDate*) date; 147 [((NSDate*) date) release]; 148 t = CFDateGetAbsoluteTime(date); // no-warning 149 return t; 150} 151 152//--------------------------------------------------------------------------- 153// Test case 'f4' differs for region store and basic store. See 154// retain-release-region-store.m and retain-release-basic-store.m. 155//--------------------------------------------------------------------------- 156 157// Test a leak. 158 159CFAbsoluteTime f5(int x) { 160 CFAbsoluteTime t = CFAbsoluteTimeGetCurrent(); 161 CFDateRef date = CFDateCreate(0, t); // expected-warning{{leak}} 162 163 if (x) 164 CFRelease(date); 165 166 return t; 167} 168 169// Test a leak involving the return. 170 171CFDateRef f6(int x) { 172 CFDateRef date = CFDateCreate(0, CFAbsoluteTimeGetCurrent()); // expected-warning{{leak}} 173 CFRetain(date); 174 return date; 175} 176 177// Test a leak involving an overwrite. 178 179CFDateRef f7() { 180 CFDateRef date = CFDateCreate(0, CFAbsoluteTimeGetCurrent()); //expected-warning{{leak}} 181 CFRetain(date); 182 date = CFDateCreate(0, CFAbsoluteTimeGetCurrent()); 183 return date; 184} 185 186// Generalization of Create rule. MyDateCreate returns a CFXXXTypeRef, and 187// has the word create. 188CFDateRef MyDateCreate(); 189 190CFDateRef f8() { 191 CFDateRef date = MyDateCreate(); // expected-warning{{leak}} 192 CFRetain(date); 193 return date; 194} 195 196CFDateRef f9() { 197 CFDateRef date = CFDateCreate(0, CFAbsoluteTimeGetCurrent()); 198 int *p = 0; 199 // test that the checker assumes that CFDateCreate returns a non-null 200 // pointer 201 if (!date) *p = 1; // no-warning 202 return date; 203} 204 205// Handle DiskArbitration API: 206// 207// http://developer.apple.com/DOCUMENTATION/DARWIN/Reference/DiscArbitrationFramework/ 208// 209void f10(io_service_t media, DADiskRef d, CFStringRef s) { 210 DADiskRef disk = DADiskCreateFromBSDName(kCFAllocatorDefault, 0, "hello"); // expected-warning{{leak}} 211 if (disk) NSLog(@"ok"); 212 213 disk = DADiskCreateFromIOMedia(kCFAllocatorDefault, 0, media); // expected-warning{{leak}} 214 if (disk) NSLog(@"ok"); 215 216 CFDictionaryRef dict = DADiskCopyDescription(d); // expected-warning{{leak}} 217 if (dict) NSLog(@"ok"); 218 219 disk = DADiskCopyWholeDisk(d); // expected-warning{{leak}} 220 if (disk) NSLog(@"ok"); 221 222 DADissenterRef dissenter = DADissenterCreate(kCFAllocatorDefault, // expected-warning{{leak}} 223 kDAReturnSuccess, s); 224 if (dissenter) NSLog(@"ok"); 225 226 DASessionRef session = DASessionCreate(kCFAllocatorDefault); // expected-warning{{leak}} 227 if (session) NSLog(@"ok"); 228} 229 230// Test retain/release checker with CFString and CFMutableArray. 231void f11() { 232 // Create the array. 233 CFMutableArrayRef A = CFArrayCreateMutable(0, 10, &kCFTypeArrayCallBacks); 234 235 // Create a string. 236 CFStringRef s1 = CFStringCreateWithCString(0, "hello world", 237 kCFStringEncodingUTF8); 238 239 // Add the string to the array. 240 CFArrayAppendValue(A, s1); 241 242 // Decrement the reference count. 243 CFRelease(s1); // no-warning 244 245 // Get the string. We don't own it. 246 s1 = (CFStringRef) CFArrayGetValueAtIndex(A, 0); 247 248 // Release the array. 249 CFRelease(A); // no-warning 250 251 // Release the string. This is a bug. 252 CFRelease(s1); // expected-warning{{Incorrect decrement of the reference count}} 253} 254 255// PR 3337: Handle functions declared using typedefs. 256typedef CFTypeRef CREATEFUN(); 257CREATEFUN MyCreateFun; 258 259void f12() { 260 CFTypeRef o = MyCreateFun(); // expected-warning {{leak}} 261} 262 263void f13_autorelease() { 264 CFMutableArrayRef A = CFArrayCreateMutable(0, 10, &kCFTypeArrayCallBacks); 265 [(id) A autorelease]; // no-warning 266} 267 268// This case exercises the logic where the leak site is the same as the allocation site. 269void f14_leakimmediately() { 270 CFArrayCreateMutable(0, 10, &kCFTypeArrayCallBacks); // expected-warning{{leak}} 271} 272 273// Test basic tracking of ivars associated with 'self'. For the retain/release 274// checker we currently do not want to flag leaks associated with stores 275// of tracked objects to ivars. 276@interface SelfIvarTest : NSObject { 277 id myObj; 278} 279- (void)test_self_tracking; 280@end 281 282@implementation SelfIvarTest 283- (void)test_self_tracking { 284 myObj = (id) CFArrayCreateMutable(0, 10, &kCFTypeArrayCallBacks); // no-warning 285} 286@end 287 288// <rdar://problem/6659160> 289int isFoo(char c); 290 291static void rdar_6659160(char *inkind, char *inname) 292{ 293 // We currently expect that [NSObject alloc] cannot fail. This 294 // will be a toggled flag in the future. It can indeed return null, but 295 // Cocoa programmers generally aren't expected to reason about out-of-memory 296 // conditions. 297 NSString *kind = [[NSString alloc] initWithUTF8String:inkind]; // expected-warning{{leak}} 298 299 // We do allow stringWithUTF8String to fail. This isn't really correct, as 300 // far as returning nil. In most error conditions it will throw an exception. 301 // If allocation fails it could return nil, but again this 302 // isn't expected. 303 NSString *name = [NSString stringWithUTF8String:inname]; 304 if(!name) 305 return; 306 307 const char *kindC = 0; 308 const char *nameC = 0; 309 310 // In both cases, we cannot reach a point down below where we 311 // dereference kindC or nameC with either being null. This is because 312 // we assume that [NSObject alloc] doesn't fail and that we have the guard 313 // up above. 314 315 if(kind) 316 kindC = [kind UTF8String]; 317 if(name) 318 nameC = [name UTF8String]; 319 if(!isFoo(kindC[0])) // no-warning 320 return; 321 if(!isFoo(nameC[0])) // no-warning 322 return; 323 324 [kind release]; 325 [name release]; 326} 327 328