summaryrefslogtreecommitdiffstats
path: root/test/Analysis
diff options
context:
space:
mode:
Diffstat (limited to 'test/Analysis')
-rw-r--r--test/Analysis/CFDateGC.m12
-rw-r--r--test/Analysis/NSString.m16
-rw-r--r--test/Analysis/PR2599.m2
-rw-r--r--test/Analysis/casts.c20
-rw-r--r--test/Analysis/dead-stores.c2
-rw-r--r--test/Analysis/misc-ps-ranges.m37
-rw-r--r--test/Analysis/misc-ps-region-store.cpp43
-rw-r--r--test/Analysis/misc-ps-region-store.m52
-rw-r--r--test/Analysis/misc-ps.m38
-rw-r--r--test/Analysis/rdar-6442306-1.m2
-rw-r--r--test/Analysis/reference.cpp11
-rw-r--r--test/Analysis/retain-release-basic-store.m2
-rw-r--r--test/Analysis/retain-release-region-store.m2
-rw-r--r--test/Analysis/retain-release.m2
-rw-r--r--test/Analysis/security-syntax-checks-no-emit.c33
-rw-r--r--test/Analysis/stack-addr-ps.c7
-rw-r--r--test/Analysis/uninit-vals-ps-region.c1
17 files changed, 264 insertions, 18 deletions
diff --git a/test/Analysis/CFDateGC.m b/test/Analysis/CFDateGC.m
index 01cb4a4..34bc3c0 100644
--- a/test/Analysis/CFDateGC.m
+++ b/test/Analysis/CFDateGC.m
@@ -1,8 +1,8 @@
-// RUN: %clang_cc1 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=basic -verify -fobjc-gc -analyzer-constraints=basic %s
-// RUN: %clang_cc1 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=basic -verify -fobjc-gc -analyzer-constraints=range %s
-// RUN: %clang_cc1 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=basic -verify -fobjc-gc -disable-free %s
-// RUN: %clang_cc1 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=region -analyzer-constraints=basic -verify -fobjc-gc %s
-// RUN: %clang_cc1 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=region -analyzer-constraints=range -verify -fobjc-gc %s
+// RUN: %clang_cc1 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=basic -verify -fobjc-gc -analyzer-constraints=basic %s -Wno-implicit-function-declaration
+// RUN: %clang_cc1 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=basic -verify -fobjc-gc -analyzer-constraints=range %s -Wno-implicit-function-declaration
+// RUN: %clang_cc1 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=basic -verify -fobjc-gc -disable-free %s -Wno-implicit-function-declaration
+// RUN: %clang_cc1 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=region -analyzer-constraints=basic -verify -fobjc-gc %s -Wno-implicit-function-declaration
+// RUN: %clang_cc1 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=region -analyzer-constraints=range -verify -fobjc-gc %s -Wno-implicit-function-declaration
//===----------------------------------------------------------------------===//
// The following code is reduced using delta-debugging from
@@ -36,6 +36,8 @@ static __inline__ __attribute__((always_inline)) id NSMakeCollectable(CFTypeRef
// Test cases.
//===----------------------------------------------------------------------===//
+CFAbsoluteTime CFAbsoluteTimeGetCurrent();
+
CFAbsoluteTime f1_use_after_release() {
CFAbsoluteTime t = CFAbsoluteTimeGetCurrent();
CFDateRef date = CFDateCreate(0, t);
diff --git a/test/Analysis/NSString.m b/test/Analysis/NSString.m
index fb44309..515b9f7 100644
--- a/test/Analysis/NSString.m
+++ b/test/Analysis/NSString.m
@@ -388,3 +388,19 @@ void test_synchronized(id x) {
}
}
@end
+
+void testOSCompareAndSwapXXBarrier_parameter(NSString **old) {
+ NSString *s = [[NSString alloc] init]; // no-warning
+ if (!COMPARE_SWAP_BARRIER((intptr_t) 0, (intptr_t) s, (intptr_t*) old))
+ [s release];
+ else
+ [*old release];
+}
+
+void testOSCompareAndSwapXXBarrier_parameter_no_direct_release(NSString **old) {
+ NSString *s = [[NSString alloc] init]; // no-warning
+ if (!COMPARE_SWAP_BARRIER((intptr_t) 0, (intptr_t) s, (intptr_t*) old))
+ [s release];
+ else
+ return;
+}
diff --git a/test/Analysis/PR2599.m b/test/Analysis/PR2599.m
index e866ee6..d260961 100644
--- a/test/Analysis/PR2599.m
+++ b/test/Analysis/PR2599.m
@@ -53,6 +53,8 @@ extern NSString * const NSXMLParserErrorDomain ;
static char *lorem = "fooBarBaz";
+void NSLog(NSString *, ...);
+
int main (int argc, const char * argv[]) {
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
NSString *tmp1 = NSSTRINGWRAPPER(lorem, 6); // no-warning
diff --git a/test/Analysis/casts.c b/test/Analysis/casts.c
index 947f63e..ef398bb 100644
--- a/test/Analysis/casts.c
+++ b/test/Analysis/casts.c
@@ -1,4 +1,5 @@
// RUN: %clang_cc1 -triple x86_64-apple-darwin9 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=region -verify %s
+// RUN: %clang_cc1 -triple i386-apple-darwin9 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=region -verify %s
// Test if the 'storage' region gets properly initialized after it is cast to
// 'struct sockaddr *'.
@@ -11,6 +12,8 @@ typedef __darwin_socklen_t socklen_t;
struct sockaddr { sa_family_t sa_family; };
struct sockaddr_storage {};
+void getsockname();
+
void f(int sock) {
struct sockaddr_storage storage;
struct sockaddr* sockaddr = (struct sockaddr*)&storage;
@@ -45,3 +48,20 @@ void f2(const char *str) {
if(!cl)
cl = 'a';
}
+
+// Test cast VariableSizeArray to pointer does not crash.
+void *memcpy(void *, void const *, unsigned long);
+typedef unsigned char Byte;
+void doit(char *data, int len) {
+ if (len) {
+ Byte buf[len];
+ memcpy(buf, data, len);
+ }
+}
+
+// PR 6013 and 6035 - Test that a cast of a pointer to long and then to int does not crash SValuator.
+void pr6013_6035_test(void *p) {
+ unsigned int foo;
+ foo = ((long)(p));
+ (void) foo;
+}
diff --git a/test/Analysis/dead-stores.c b/test/Analysis/dead-stores.c
index 63c9d0d..91f2b2a 100644
--- a/test/Analysis/dead-stores.c
+++ b/test/Analysis/dead-stores.c
@@ -17,6 +17,8 @@ void f2(void *b) {
// expected-note{{please include the header <stdio.h> or explicitly provide a declaration for 'printf'}}
}
+int f();
+
void f3() {
int r;
if ((r = f()) != 0) { // no-warning
diff --git a/test/Analysis/misc-ps-ranges.m b/test/Analysis/misc-ps-ranges.m
index 760b4d7..df7e97c 100644
--- a/test/Analysis/misc-ps-ranges.m
+++ b/test/Analysis/misc-ps-ranges.m
@@ -21,3 +21,40 @@ int main(int argc, char* argv[]) {
return *p; // no-warning
}
+
+// PR 5969: the comparison of argc < 3 || argc > 4 should constraint the switch
+// statement from having the 'default' branch taken. This previously reported a false
+// positive with the use of 'v'.
+
+int pr5969(int argc, char *argv[]) {
+
+ int v;
+
+ if ((argc < 3) || (argc > 4)) return 0;
+
+ switch(argc) {
+ case 3:
+ v = 33;
+ break;
+ case 4:
+ v = 44;
+ break;
+ }
+
+ return v; // no-warning
+}
+
+int pr5969_positive(int argc, char *argv[]) {
+
+ int v;
+
+ if ((argc < 3) || (argc > 4)) return 0;
+
+ switch(argc) {
+ case 3:
+ v = 33;
+ break;
+ }
+
+ return v; // expected-warning{{Undefined or garbage value returned to caller}}
+}
diff --git a/test/Analysis/misc-ps-region-store.cpp b/test/Analysis/misc-ps-region-store.cpp
index 225abb5..8b58131 100644
--- a/test/Analysis/misc-ps-region-store.cpp
+++ b/test/Analysis/misc-ps-region-store.cpp
@@ -34,6 +34,10 @@ int test3(Test3_Derived x) {
return test3_aux(x);
}
+//===---------------------------------------------------------------------===//
+// Test CFG support for C++ condition variables.
+//===---------------------------------------------------------------------===//
+
int test_init_in_condition_aux();
int test_init_in_condition() {
if (int x = test_init_in_condition_aux()) { // no-warning
@@ -89,3 +93,42 @@ int test_init_in_condition_for() {
*p = 0xDEADBEEF; // no-warning
return 0;
}
+
+//===---------------------------------------------------------------------===//
+// Test handling of 'this' pointer.
+//===---------------------------------------------------------------------===//
+
+class TestHandleThis {
+ int x;
+
+ TestHandleThis();
+ int foo();
+ int null_deref_negative();
+ int null_deref_positive();
+};
+
+int TestHandleThis::foo() {
+ // Assume that 'x' is initialized.
+ return x + 1; // no-warning
+}
+
+int TestHandleThis::null_deref_negative() {
+ x = 10;
+ if (x == 10) {
+ return 1;
+ }
+ int *p = 0;
+ *p = 0xDEADBEEF; // no-warning
+ return 0;
+}
+
+int TestHandleThis::null_deref_positive() {
+ x = 10;
+ if (x == 9) {
+ return 1;
+ }
+ int *p = 0;
+ *p = 0xDEADBEEF; // expected-warning{{null pointer}}
+ return 0;
+}
+
diff --git a/test/Analysis/misc-ps-region-store.m b/test/Analysis/misc-ps-region-store.m
index 7f29c99..a88c26c 100644
--- a/test/Analysis/misc-ps-region-store.m
+++ b/test/Analysis/misc-ps-region-store.m
@@ -55,7 +55,7 @@ void checkaccess_union() {
// Check our handling of fields being invalidated by function calls.
struct test2_struct { int x; int y; char* s; };
-void test2_helper(struct test2_struct* p);
+void test2_help(struct test2_struct* p);
char test2() {
struct test2_struct s;
@@ -387,7 +387,7 @@ void rdar_7332673_test1() {
char value[1];
if ( *(value) != 1 ) {} // expected-warning{{The left operand of '!=' is a garbage value}}
}
-void rdar_rdar_7332673_test2_aux(char *x);
+int rdar_7332673_test2_aux(char *x);
void rdar_7332673_test2() {
char *value;
if ( rdar_7332673_test2_aux(value) != 1 ) {} // expected-warning{{Pass-by-value argument in function call is undefined}}
@@ -631,7 +631,7 @@ typedef void (^RDar_7462324_Callback)(id obj);
//===----------------------------------------------------------------------===//
int rdar7468209_aux();
-void rdar7468209_aux2();
+void rdar7468209_aux_2();
void rdar7468209() {
__block int x = 0;
@@ -684,3 +684,49 @@ void pr4358(struct pr4358 *pnt) {
}
pr4358_aux(uninit); // no-warning
}
+
+//===----------------------------------------------------------------------===//
+// <rdar://problem/7526777>
+// Test handling fields of values returned from function calls or
+// message expressions.
+//===----------------------------------------------------------------------===//
+
+typedef struct testReturn_rdar_7526777 {
+ int x;
+ int y;
+} testReturn_rdar_7526777;
+
+@interface TestReturnStruct_rdar_7526777
+- (testReturn_rdar_7526777) foo;
+@end
+
+int test_return_struct(TestReturnStruct_rdar_7526777 *x) {
+ return [x foo].x;
+}
+
+testReturn_rdar_7526777 test_return_struct_2_aux_rdar_7526777();
+
+int test_return_struct_2_rdar_7526777() {
+ return test_return_struct_2_aux_rdar_7526777().x;
+}
+
+//===----------------------------------------------------------------------===//
+// <rdar://problem/7527292> Assertion failed: (Op == BinaryOperator::Add ||
+// Op == BinaryOperator::Sub)
+// This test case previously triggered an assertion failure due to a discrepancy
+// been the loaded/stored value in the array
+//===----------------------------------------------------------------------===//
+
+_Bool OSAtomicCompareAndSwapPtrBarrier( void *__oldValue, void *__newValue, void * volatile *__theValue );
+
+void rdar_7527292() {
+ static id Cache7527292[32];
+ for (signed long idx = 0;
+ idx < 32;
+ idx++) {
+ id v = Cache7527292[idx];
+ if (v && OSAtomicCompareAndSwapPtrBarrier(v, ((void*)0), (void * volatile *)(Cache7527292 + idx))) {
+ }
+ }
+}
+
diff --git a/test/Analysis/misc-ps.m b/test/Analysis/misc-ps.m
index 53b9b6f..9543a98 100644
--- a/test/Analysis/misc-ps.m
+++ b/test/Analysis/misc-ps.m
@@ -1,8 +1,12 @@
// NOTE: Use '-fobjc-gc' to test the analysis being run twice, and multiple reports are not issued.
-// RUN: %clang_cc1 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=basic -fobjc-gc -analyzer-constraints=basic -verify -fblocks %s
-// RUN: %clang_cc1 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=basic -analyzer-constraints=range -verify -fblocks %s
-// RUN: %clang_cc1 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=region -analyzer-constraints=basic -verify -fblocks %s
-// RUN: %clang_cc1 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=region -analyzer-constraints=range -verify -fblocks %s
+// RUN: %clang_cc1 -triple i386-apple-darwin10 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=basic -fobjc-gc -analyzer-constraints=basic -verify -fblocks %s
+// RUN: %clang_cc1 -triple i386-apple-darwin10 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=basic -analyzer-constraints=range -verify -fblocks %s
+// RUN: %clang_cc1 -triple i386-apple-darwin10 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=region -analyzer-constraints=basic -verify -fblocks %s
+// RUN: %clang_cc1 -triple i386-apple-darwin10 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=region -analyzer-constraints=range -verify -fblocks %s
+// RUN: %clang_cc1 -triple x86_64-apple-darwin10 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=basic -fobjc-gc -analyzer-constraints=basic -verify -fblocks %s
+// RUN: %clang_cc1 -triple x86_64-apple-darwin10 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=basic -analyzer-constraints=range -verify -fblocks %s
+// RUN: %clang_cc1 -triple x86_64-apple-darwin10 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=region -analyzer-constraints=basic -verify -fblocks %s
+// RUN: %clang_cc1 -triple x86_64-apple-darwin10 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=region -analyzer-constraints=range -verify -fblocks %s
typedef struct objc_ivar *Ivar;
typedef struct objc_selector *SEL;
@@ -87,16 +91,16 @@ void r6268365() {
void divzeroassume(unsigned x, unsigned j) {
x /= j;
- if (j == 0) x /= 0; // no-warning
- if (j == 0) x /= j; // no-warning
- if (j == 0) x = x / 0; // no-warning
+ if (j == 0) x /= 0; // no static-analyzer warning expected-warning {{division by zero is undefined}}
+ if (j == 0) x /= j; // no static-analyzer warning
+ if (j == 0) x = x / 0; // no static-analyzer warning expected-warning {{division by zero is undefined}}
}
void divzeroassumeB(unsigned x, unsigned j) {
x = x / j;
- if (j == 0) x /= 0; // no-warning
- if (j == 0) x /= j; // no-warning
- if (j == 0) x = x / 0; // no-warning
+ if (j == 0) x /= 0; // no static-analyzer warning expected-warning {{division by zero is undefined}}
+ if (j == 0) x /= j; // no static-analyzer warning
+ if (j == 0) x = x / 0; // no static-analyzer warning expected-warning {{division by zero is undefined}}
}
// InitListExpr processing
@@ -460,6 +464,8 @@ void test_block_cast() {
(void (^)(void *))test_block_cast_aux(); // expected-warning{{expression result unused}}
}
+int OSAtomicCompareAndSwap32Barrier();
+
// Test comparison of 'id' instance variable to a null void* constant after
// performing an OSAtomicCompareAndSwap32Barrier.
// This previously was a crash in RegionStoreManager.
@@ -493,6 +499,8 @@ void test_invalidate_cast_int() {
return;
}
+int ivar_getOffset();
+
// Reduced from a crash involving the cast of an Objective-C symbolic region to
// 'char *'
static NSNumber *test_ivar_offset(id self, SEL _cmd, Ivar inIvar) {
@@ -793,3 +801,13 @@ void test_bad_msg(TestBadArg *p) {
[p testBadArg:y]; // expected-warning{{Pass-by-value argument in message expression is undefined}}
}
+//===----------------------------------------------------------------------===//
+// PR 6033 - Test emitting the correct output in a warning where we use '%'
+// with operands that are undefined.
+//===----------------------------------------------------------------------===//
+
+int pr6033(int x) {
+ int y;
+ return x % y; // expected-warning{{The right operand of '%' is a garbage value}}
+}
+
diff --git a/test/Analysis/rdar-6442306-1.m b/test/Analysis/rdar-6442306-1.m
index 1eae5d7..b3558a6 100644
--- a/test/Analysis/rdar-6442306-1.m
+++ b/test/Analysis/rdar-6442306-1.m
@@ -13,6 +13,8 @@ typedef struct {
QuxSize size;
} __Request__SetPortalSize_t;
+double __Foo_READSWAP__double(double*);
+
static __inline__ bar_return_t
__Beeble_check__Request__SetPortalSize_t(__attribute__((__unused__)) __Request__SetPortalSize_t *In0P) {
if (In0P->Foo.int_rep != Foo_record.int_rep) {
diff --git a/test/Analysis/reference.cpp b/test/Analysis/reference.cpp
new file mode 100644
index 0000000..a641b8e
--- /dev/null
+++ b/test/Analysis/reference.cpp
@@ -0,0 +1,11 @@
+// RUN: %clang_cc1 -analyze -analyzer-experimental-internal-checks -checker-cfref -analyzer-store=region -analyzer-constraints=range -verify %s
+
+void f1() {
+ int const &i = 3;
+ int b = i;
+
+ int *p = 0;
+
+ if (b != 3)
+ *p = 1; // no-warning
+}
diff --git a/test/Analysis/retain-release-basic-store.m b/test/Analysis/retain-release-basic-store.m
index 58321bb..2ef061a 100644
--- a/test/Analysis/retain-release-basic-store.m
+++ b/test/Analysis/retain-release-basic-store.m
@@ -86,6 +86,8 @@ struct foo {
NSDate* f;
};
+CFAbsoluteTime CFAbsoluteTimeGetCurrent(void);
+
CFAbsoluteTime f4() {
struct foo x;
diff --git a/test/Analysis/retain-release-region-store.m b/test/Analysis/retain-release-region-store.m
index 35dc6e7..3a0142b 100644
--- a/test/Analysis/retain-release-region-store.m
+++ b/test/Analysis/retain-release-region-store.m
@@ -93,6 +93,8 @@ typedef unsigned long NSUInteger;
// Test to see if we *issue* an error when we store the pointer
// to a struct. This differs from basic store.
+CFAbsoluteTime CFAbsoluteTimeGetCurrent(void);
+
struct foo {
NSDate* f;
};
diff --git a/test/Analysis/retain-release.m b/test/Analysis/retain-release.m
index f5d985e..691e2a2 100644
--- a/test/Analysis/retain-release.m
+++ b/test/Analysis/retain-release.m
@@ -881,6 +881,8 @@ void IOServiceAddMatchingNotification_wrapper(IONotificationPortRef notifyPort,
// Test of handling objects whose references "escape" to containers.
//===----------------------------------------------------------------------===//
+void CFDictionaryAddValue();
+
// <rdar://problem/6539791>
void rdar_6539791(CFMutableDictionaryRef y, void* key, void* val_key) {
CFMutableDictionaryRef x = CFDictionaryCreateMutable(kCFAllocatorDefault, 1, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks);
diff --git a/test/Analysis/security-syntax-checks-no-emit.c b/test/Analysis/security-syntax-checks-no-emit.c
new file mode 100644
index 0000000..fbfeb1a
--- /dev/null
+++ b/test/Analysis/security-syntax-checks-no-emit.c
@@ -0,0 +1,33 @@
+// RUN: %clang_cc1 -triple i686-pc-linux-gnu -analyze -warn-security-syntactic %s -verify
+
+// This file complements 'security-syntax-checks.m', but tests that we omit
+// specific checks on platforms where they don't make sense.
+
+// Omit the 'rand' check since 'arc4random' is not available on Linux.
+int rand(void);
+double drand48(void);
+double erand48(unsigned short[3]);
+long jrand48(unsigned short[3]);
+void lcong48(unsigned short[7]);
+long lrand48(void);
+long mrand48(void);
+long nrand48(unsigned short[3]);
+long random(void);
+int rand_r(unsigned *);
+
+void test_rand()
+{
+ unsigned short a[7];
+ unsigned b;
+
+ rand(); // no-warning
+ drand48(); // no-warning
+ erand48(a); // no-warning
+ jrand48(a); // no-warning
+ lcong48(a); // no-warning
+ lrand48(); // no-warning
+ mrand48(); // no-warning
+ nrand48(a); // no-warning
+ rand_r(&b); // no-warning
+ random(); // no-warning
+}
diff --git a/test/Analysis/stack-addr-ps.c b/test/Analysis/stack-addr-ps.c
index e58c780..315b900 100644
--- a/test/Analysis/stack-addr-ps.c
+++ b/test/Analysis/stack-addr-ps.c
@@ -68,3 +68,10 @@ ComparatorBlock test_return_block_neg(void) {
return b; // no-warning
}
+// <rdar://problem/7523821>
+int *rdar_7523821_f2() {
+ int a[3];
+ return a; // expected-warning 2 {{ddress of stack memory associated with local variable 'a' returned}}
+};
+
+
diff --git a/test/Analysis/uninit-vals-ps-region.c b/test/Analysis/uninit-vals-ps-region.c
index ce86ad0..216856e 100644
--- a/test/Analysis/uninit-vals-ps-region.c
+++ b/test/Analysis/uninit-vals-ps-region.c
@@ -20,6 +20,7 @@ void f4() {
// Test uninitialized value due to part of the structure being uninitialized.
struct TestUninit { int x; int y; };
struct TestUninit test_uninit_aux();
+void test_unit_aux2(int);
void test_uninit_pos() {
struct TestUninit v1 = { 0, 0 };
struct TestUninit v2 = test_uninit_aux();
OpenPOWER on IntegriCloud