uninit-vals-ps.c revision 180e03f9761aa55b5adca430706595e1bbb79c4d
1// RUN: %clang_cc1 -analyze -analyzer-check-objc-mem -analyzer-checker=core -analyzer-store=basic -verify %s 2// RUN: %clang_cc1 -analyze -analyzer-check-objc-mem -analyzer-checker=core -analyzer-store=region -verify %s 3 4struct FPRec { 5 void (*my_func)(int * x); 6}; 7 8int bar(int x); 9 10int f1_a(struct FPRec* foo) { 11 int x; 12 (*foo->my_func)(&x); 13 return bar(x)+1; // no-warning 14} 15 16int f1_b() { 17 int x; 18 return bar(x)+1; // expected-warning{{Function call argument is an uninitialized value}} 19} 20 21int f2() { 22 23 int x; 24 25 if (x+1) // expected-warning{{The left operand of '+' is a garbage value}} 26 return 1; 27 28 return 2; 29} 30 31int f2_b() { 32 int x; 33 34 return ((1+x)+2+((x))) + 1 ? 1 : 2; // expected-warning{{The right operand of '+' is a garbage value}} 35} 36 37int f3(void) { 38 int i; 39 int *p = &i; 40 if (*p > 0) // expected-warning{{The left operand of '>' is a garbage value}} 41 return 0; 42 else 43 return 1; 44} 45 46void f4_aux(float* x); 47float f4(void) { 48 float x; 49 f4_aux(&x); 50 return x; // no-warning 51} 52 53struct f5_struct { int x; }; 54void f5_aux(struct f5_struct* s); 55int f5(void) { 56 struct f5_struct s; 57 f5_aux(&s); 58 return s.x; // no-warning 59} 60 61int ret_uninit() { 62 int i; 63 int *p = &i; 64 return *p; // expected-warning{{Undefined or garbage value returned to caller}} 65} 66 67// <rdar://problem/6451816> 68typedef unsigned char Boolean; 69typedef const struct __CFNumber * CFNumberRef; 70typedef signed long CFIndex; 71typedef CFIndex CFNumberType; 72typedef unsigned long UInt32; 73typedef UInt32 CFStringEncoding; 74typedef const struct __CFString * CFStringRef; 75extern Boolean CFNumberGetValue(CFNumberRef number, CFNumberType theType, void *valuePtr); 76extern CFStringRef CFStringConvertEncodingToIANACharSetName(CFStringEncoding encoding); 77 78CFStringRef rdar_6451816(CFNumberRef nr) { 79 CFStringEncoding encoding; 80 // &encoding is casted to void*. This test case tests whether or not 81 // we properly invalidate the value of 'encoding'. 82 CFNumberGetValue(nr, 9, &encoding); 83 return CFStringConvertEncodingToIANACharSetName(encoding); // no-warning 84} 85 86// PR 4630 - false warning with nonnull attribute 87// This false positive (due to a regression) caused the analyzer to falsely 88// flag a "return of uninitialized value" warning in the first branch due to 89// the nonnull attribute. 90void pr_4630_aux(char *x, int *y) __attribute__ ((nonnull (1))); 91void pr_4630_aux_2(char *x, int *y); 92int pr_4630(char *a, int y) { 93 int x; 94 if (y) { 95 pr_4630_aux(a, &x); 96 return x; // no-warning 97 } 98 else { 99 pr_4630_aux_2(a, &x); 100 return x; // no-warning 101 } 102} 103 104// PR 4631 - False positive with union initializer 105// Previously the analyzer didn't examine the compound initializers of unions, 106// resulting in some false positives for initializers with side-effects. 107union u_4631 { int a; }; 108struct s_4631 { int a; }; 109int pr4631_f2(int *p); 110int pr4631_f3(void *q); 111int pr4631_f1(void) 112{ 113 int x; 114 union u_4631 m = { pr4631_f2(&x) }; 115 pr4631_f3(&m); // tell analyzer that we use m 116 return x; // no-warning 117} 118int pr4631_f1_b(void) 119{ 120 int x; 121 struct s_4631 m = { pr4631_f2(&x) }; 122 pr4631_f3(&m); // tell analyzer that we use m 123 return x; // no-warning 124} 125 126