1 // RUN: %clang_cc1 -std=c++14 -triple i386-apple-darwin10 -analyze -analyzer-config eagerly-assume=false -analyzer-checker=core.uninitialized.Assign,core.builtin,debug.ExprInspection,core.uninitialized.UndefReturn -verify %s 2 3 template <typename T> 4 void clang_analyzer_dump(T x); 5 void clang_analyzer_eval(int); 6 7 struct S { 8 int a = 3; 9 }; 10 S const sarr[2] = {}; 11 void definit() { 12 int i = 1; 13 // FIXME: Should recognize that it is 3. 14 clang_analyzer_eval(sarr[i].a); // expected-warning{{UNKNOWN}} 15 } 16 17 int const glob_arr1[3] = {}; 18 void glob_array_index1() { 19 clang_analyzer_eval(glob_arr1[0] == 0); // expected-warning{{TRUE}} 20 clang_analyzer_eval(glob_arr1[1] == 0); // expected-warning{{TRUE}} 21 clang_analyzer_eval(glob_arr1[2] == 0); // expected-warning{{TRUE}} 22 } 23 24 void glob_invalid_index1() { 25 const int *ptr = glob_arr1; 26 int idx = -42; 27 auto x = ptr[idx]; // expected-warning{{garbage or undefined}} 28 } 29 30 void glob_symbolic_index1(int idx) { 31 clang_analyzer_dump(glob_arr1[idx]); // expected-warning{{Unknown}} 32 } 33 34 int const glob_arr2[4] = {1, 2}; 35 void glob_ptr_index1() { 36 int const *ptr = glob_arr2; 37 clang_analyzer_eval(ptr[0] == 1); // expected-warning{{TRUE}} 38 clang_analyzer_eval(ptr[1] == 2); // expected-warning{{TRUE}} 39 clang_analyzer_eval(ptr[2] == 0); // expected-warning{{TRUE}} 40 clang_analyzer_eval(ptr[3] == 0); // expected-warning{{TRUE}} 41 clang_analyzer_eval(ptr[4] == 0); // expected-warning{{UNDEFINED}} 42 } 43 44 void glob_invalid_index2() { 45 const int *ptr = glob_arr2; 46 int idx = 42; 47 auto x = ptr[idx]; // expected-warning{{garbage or undefined}} 48 } 49 50 const float glob_arr3[] = { 51 0.0000, 0.0235, 0.0470, 0.0706, 0.0941, 0.1176}; 52 float no_warn_garbage_value() { 53 return glob_arr3[0]; // no-warning (garbage or undefined) 54 } 55 56 int const glob_arr4[4][2] = {}; 57 void glob_array_index2() { 58 clang_analyzer_eval(glob_arr4[0][0] == 0); // expected-warning{{TRUE}} 59 clang_analyzer_eval(glob_arr4[1][0] == 0); // expected-warning{{TRUE}} 60 clang_analyzer_eval(glob_arr4[1][1] == 0); // expected-warning{{TRUE}} 61 } 62 63 void glob_invalid_index3() { 64 int idx = -42; 65 auto x = glob_arr4[1][idx]; // expected-warning{{garbage or undefined}} 66 } 67 68 void glob_invalid_index4() { 69 const int *ptr = glob_arr4[1]; 70 int idx = -42; 71 auto x = ptr[idx]; // expected-warning{{garbage or undefined}} 72 } 73 74 int const glob_arr5[4][2] = {{1}, 3, 4, 5}; 75 void glob_array_index3() { 76 clang_analyzer_eval(glob_arr5[0][0] == 1); // expected-warning{{TRUE}} 77 clang_analyzer_eval(glob_arr5[0][1] == 0); // expected-warning{{TRUE}} 78 clang_analyzer_eval(glob_arr5[1][0] == 3); // expected-warning{{TRUE}} 79 clang_analyzer_eval(glob_arr5[1][1] == 4); // expected-warning{{TRUE}} 80 clang_analyzer_eval(glob_arr5[2][0] == 5); // expected-warning{{TRUE}} 81 clang_analyzer_eval(glob_arr5[2][1] == 0); // expected-warning{{TRUE}} 82 clang_analyzer_eval(glob_arr5[3][0] == 0); // expected-warning{{TRUE}} 83 clang_analyzer_eval(glob_arr5[3][1] == 0); // expected-warning{{TRUE}} 84 } 85 86 void glob_ptr_index2() { 87 int const *ptr = glob_arr5[1]; 88 clang_analyzer_eval(ptr[0] == 3); // expected-warning{{TRUE}} 89 clang_analyzer_eval(ptr[1] == 4); // expected-warning{{TRUE}} 90 clang_analyzer_eval(ptr[2] == 5); // expected-warning{{UNDEFINED}} 91 clang_analyzer_eval(ptr[3] == 0); // expected-warning{{UNDEFINED}} 92 clang_analyzer_eval(ptr[4] == 0); // expected-warning{{UNDEFINED}} 93 } 94 95 void glob_invalid_index5() { 96 int idx = -42; 97 auto x = glob_arr5[1][idx]; // expected-warning{{garbage or undefined}} 98 } 99 100 void glob_invalid_index6() { 101 int const *ptr = &glob_arr5[1][0]; 102 int idx = 42; 103 auto x = ptr[idx]; // expected-warning{{garbage or undefined}} 104 } 105 106 extern const int glob_arr_no_init[10]; 107 void glob_array_index4() { 108 clang_analyzer_eval(glob_arr_no_init[2]); // expected-warning{{UNKNOWN}} 109 } 110 111 struct S2 { 112 static const int arr_no_init[10]; 113 }; 114 void struct_arr_index1() { 115 clang_analyzer_eval(S2::arr_no_init[2]); // expected-warning{{UNKNOWN}} 116 } 117 118 char const glob_arr6[5] = "123"; 119 void glob_array_index5() { 120 clang_analyzer_eval(glob_arr6[0] == '1'); // expected-warning{{TRUE}} 121 clang_analyzer_eval(glob_arr6[1] == '2'); // expected-warning{{TRUE}} 122 clang_analyzer_eval(glob_arr6[2] == '3'); // expected-warning{{TRUE}} 123 clang_analyzer_eval(glob_arr6[3] == '\0'); // expected-warning{{TRUE}} 124 clang_analyzer_eval(glob_arr6[4] == '\0'); // expected-warning{{TRUE}} 125 } 126 127 void glob_ptr_index3() { 128 char const *ptr = glob_arr6; 129 clang_analyzer_eval(ptr[-42] == '\0'); // expected-warning{{UNDEFINED}} 130 clang_analyzer_eval(ptr[0] == '1'); // expected-warning{{TRUE}} 131 clang_analyzer_eval(ptr[1] == '2'); // expected-warning{{TRUE}} 132 clang_analyzer_eval(ptr[2] == '3'); // expected-warning{{TRUE}} 133 clang_analyzer_eval(ptr[3] == '\0'); // expected-warning{{TRUE}} 134 clang_analyzer_eval(ptr[4] == '\0'); // expected-warning{{TRUE}} 135 clang_analyzer_eval(ptr[5] == '\0'); // expected-warning{{UNDEFINED}} 136 clang_analyzer_eval(ptr[6] == '\0'); // expected-warning{{UNDEFINED}} 137 } 138 139 void glob_invalid_index7() { 140 int idx = -42; 141 auto x = glob_arr6[idx]; // expected-warning{{garbage or undefined}} 142 } 143 144 void glob_invalid_index8() { 145 const char *ptr = glob_arr6; 146 int idx = 42; 147 auto x = ptr[idx]; // expected-warning{{garbage or undefined}} 148 } 149 150 char const glob_arr7[5] = {"123"}; 151 void glob_array_index6() { 152 clang_analyzer_eval(glob_arr7[0] == '1'); // expected-warning{{TRUE}} 153 clang_analyzer_eval(glob_arr7[1] == '2'); // expected-warning{{TRUE}} 154 clang_analyzer_eval(glob_arr7[2] == '3'); // expected-warning{{TRUE}} 155 clang_analyzer_eval(glob_arr7[3] == '\0'); // expected-warning{{TRUE}} 156 clang_analyzer_eval(glob_arr7[4] == '\0'); // expected-warning{{TRUE}} 157 } 158 159 void glob_invalid_index9() { 160 int idx = -42; 161 auto x = glob_arr7[idx]; // expected-warning{{garbage or undefined}} 162 } 163 164 void glob_invalid_index10() { 165 const char *ptr = glob_arr7; 166 int idx = 42; 167 auto x = ptr[idx]; // expected-warning{{garbage or undefined}} 168 } 169 170 char const *const glob_ptr8 = "123"; 171 void glob_ptr_index4() { 172 clang_analyzer_eval(glob_ptr8[0] == '1'); // expected-warning{{TRUE}} 173 clang_analyzer_eval(glob_ptr8[1] == '2'); // expected-warning{{TRUE}} 174 clang_analyzer_eval(glob_ptr8[2] == '3'); // expected-warning{{TRUE}} 175 clang_analyzer_eval(glob_ptr8[3] == '\0'); // expected-warning{{TRUE}} 176 // FIXME: Should be UNDEFINED. 177 // We should take into account a declaration in which the literal is used. 178 clang_analyzer_eval(glob_ptr8[4] == '\0'); // expected-warning{{TRUE}} 179 } 180 181 void glob_invalid_index11() { 182 int idx = -42; 183 auto x = glob_ptr8[idx]; // expected-warning{{garbage or undefined}} 184 } 185 186 void glob_invalid_index12() { 187 int idx = 42; 188 // FIXME: Should warn {{garbage or undefined}} 189 // We should take into account a declaration in which the literal is used. 190 auto x = glob_ptr8[idx]; // no-warning 191 } 192 193 const char16_t *const glob_ptr9 = u"абв"; 194 void glob_ptr_index5() { 195 clang_analyzer_eval(glob_ptr9[0] == u'а'); // expected-warning{{TRUE}} 196 clang_analyzer_eval(glob_ptr9[1] == u'б'); // expected-warning{{TRUE}} 197 clang_analyzer_eval(glob_ptr9[2] == u'в'); // expected-warning{{TRUE}} 198 clang_analyzer_eval(glob_ptr9[3] == '\0'); // expected-warning{{TRUE}} 199 } 200 201 const char32_t *const glob_ptr10 = U"\U0001F607\U0001F608\U0001F609"; 202 void glob_ptr_index6() { 203 clang_analyzer_eval(glob_ptr10[0] == U'\U0001F607'); // expected-warning{{TRUE}} 204 clang_analyzer_eval(glob_ptr10[1] == U'\U0001F608'); // expected-warning{{TRUE}} 205 clang_analyzer_eval(glob_ptr10[2] == U'\U0001F609'); // expected-warning{{TRUE}} 206 clang_analyzer_eval(glob_ptr10[3] == '\0'); // expected-warning{{TRUE}} 207 } 208 209 const wchar_t *const glob_ptr11 = L"\123\u0041\xFF"; 210 void glob_ptr_index7() { 211 clang_analyzer_eval(glob_ptr11[0] == L'\123'); // expected-warning{{TRUE}} 212 clang_analyzer_eval(glob_ptr11[1] == L'\u0041'); // expected-warning{{TRUE}} 213 clang_analyzer_eval(glob_ptr11[2] == L'\xFF'); // expected-warning{{TRUE}} 214 clang_analyzer_eval(glob_ptr11[3] == L'\0'); // expected-warning{{TRUE}} 215 } 216 217 const char *const glob_ptr12 = u8"abc"; 218 void glob_ptr_index8() { 219 clang_analyzer_eval(glob_ptr12[0] == 'a'); // expected-warning{{TRUE}} 220 clang_analyzer_eval(glob_ptr12[1] == 'b'); // expected-warning{{TRUE}} 221 clang_analyzer_eval(glob_ptr12[2] == 'c'); // expected-warning{{TRUE}} 222 clang_analyzer_eval(glob_ptr12[3] == '\0'); // expected-warning{{TRUE}} 223 } 224 225 typedef int Int; 226 typedef Int const CInt; 227 typedef CInt Arr[2]; 228 typedef Arr Arr2[4]; 229 Arr2 glob_arr8 = {{1}, 3, 4, 5}; // const int[4][2] 230 void glob_array_typedef1() { 231 clang_analyzer_eval(glob_arr8[0][0] == 1); // expected-warning{{TRUE}} 232 clang_analyzer_eval(glob_arr8[0][1] == 0); // expected-warning{{TRUE}} 233 clang_analyzer_eval(glob_arr8[1][0] == 3); // expected-warning{{TRUE}} 234 clang_analyzer_eval(glob_arr8[1][1] == 4); // expected-warning{{TRUE}} 235 clang_analyzer_eval(glob_arr8[2][0] == 5); // expected-warning{{TRUE}} 236 clang_analyzer_eval(glob_arr8[2][1] == 0); // expected-warning{{TRUE}} 237 clang_analyzer_eval(glob_arr8[3][0] == 0); // expected-warning{{TRUE}} 238 clang_analyzer_eval(glob_arr8[3][1] == 0); // expected-warning{{TRUE}} 239 } 240 241 const int glob_arr9[2][4] = {{(1), 2, ((3)), 4}, 5, 6, (((7)))}; 242 void glob_array_parentheses1() { 243 clang_analyzer_eval(glob_arr9[0][0] == 1); // expected-warning{{TRUE}} 244 clang_analyzer_eval(glob_arr9[0][1] == 2); // expected-warning{{TRUE}} 245 clang_analyzer_eval(glob_arr9[0][2] == 3); // expected-warning{{TRUE}} 246 clang_analyzer_eval(glob_arr9[0][3] == 4); // expected-warning{{TRUE}} 247 clang_analyzer_eval(glob_arr9[1][0] == 5); // expected-warning{{TRUE}} 248 clang_analyzer_eval(glob_arr9[1][1] == 6); // expected-warning{{TRUE}} 249 clang_analyzer_eval(glob_arr9[1][2] == 7); // expected-warning{{TRUE}} 250 clang_analyzer_eval(glob_arr9[1][3] == 0); // expected-warning{{TRUE}} 251 } 252