Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / clang / 1fd1e288d0f45b86d191d8f53f569e5143f3a18a / . / test / Analysis / reference.cpp
blob: bcab80b04ba96b7f476e6c84d032ca41f79c966f [file] [log] [blame]
Ted Kremenekcdc3a892012-08-24 20:39:55 +0000[diff] [blame]1// RUN: %clang_cc1 -analyze -analyzer-checker=core,alpha.core,debug.ExprInspection -analyzer-store=region -analyzer-constraints=range -verify -Wno-null-dereference %s
Jordan Rose6b4be2e2012-07-31 16:34:07 +0000[diff] [blame]2
3void clang_analyzer_eval(bool);
Zhongxing Xuf45fbad2010-12-19 02:26:37 +0000[diff] [blame]4
Jordy Rose5d553762010-06-04 01:14:56 +0000[diff] [blame]5typedef typeof(sizeof(int)) size_t;
6void malloc (size_t);
Zhongxing Xubc37b8d2010-01-09 09:16:47 +0000[diff] [blame]7
8void f1() {
Jordy Rosee337cba2012-05-16 16:01:14 +0000[diff] [blame]9 int const &i = 3;
Zhongxing Xubc37b8d2010-01-09 09:16:47 +0000[diff] [blame]10 int b = i;
Zhongxing Xu3cd8bd42010-01-10 02:52:56 +0000[diff] [blame]11
12 int *p = 0;
13
14 if (b != 3)
15 *p = 1; // no-warning
Zhongxing Xubc37b8d2010-01-09 09:16:47 +0000[diff] [blame]16}
Zhongxing Xufc61d942010-06-03 06:23:18 +0000[diff] [blame]17
18char* ptr();
19char& ref();
20
21// These next two tests just shouldn't crash.
22char t1 () {
23 ref() = 'c';
24 return '0';
25}
26
27// just a sanity test, the same behavior as t1()
28char t2 () {
29 *ptr() = 'c';
30 return '0';
31}
Jordy Rose5d553762010-06-04 01:14:56 +0000[diff] [blame]32
33// Each of the tests below is repeated with pointers as well as references.
34// This is mostly a sanity check, but then again, both should work!
35char t3 () {
36 char& r = ref();
37 r = 'c'; // no-warning
38 if (r) return r;
39 return *(char*)0; // no-warning
40}
41
42char t4 () {
43 char* p = ptr();
44 *p = 'c'; // no-warning
45 if (*p) return *p;
46 return *(char*)0; // no-warning
47}
48
49char t5 (char& r) {
50 r = 'c'; // no-warning
51 if (r) return r;
52 return *(char*)0; // no-warning
53}
54
55char t6 (char* p) {
56 *p = 'c'; // no-warning
57 if (*p) return *p;
58 return *(char*)0; // no-warning
59}
Jordan Rose6b4be2e2012-07-31 16:34:07 +0000[diff] [blame]60
61
62// PR13440 / <rdar://problem/11977113>
63// Test that the array-to-pointer decay works for array references as well.
64// More generally, when we want an lvalue for a reference field, we still need
65// to do one level of load.
66namespace PR13440 {
67 typedef int T[1];
68 struct S {
69 T &x;
70
71 int *m() { return x; }
72 };
73
74 struct S2 {
75 int (&x)[1];
76
77 int *m() { return x; }
78 };
79
80 void test() {
81 int a[1];
82 S s = { a };
83 S2 s2 = { a };
84
85 if (s.x != a) return;
86 if (s2.x != a) return;
87
88 a[0] = 42;
89 clang_analyzer_eval(s.x[0] == 42); // expected-warning{{TRUE}}
90 clang_analyzer_eval(s2.x[0] == 42); // expected-warning{{TRUE}}
91 }
92}
Jordan Rose9f3b9d52012-08-02 21:33:42 +0000[diff] [blame]93
Jordan Rose522f46f2012-08-04 00:25:30 +0000[diff] [blame]94void testNullReference() {
Jordan Rose9f3b9d52012-08-02 21:33:42 +0000[diff] [blame]95 int *x = 0;
96 int &y = *x; // expected-warning{{Dereference of null pointer}}
97 y = 5;
98}
99
Jordan Rose522f46f2012-08-04 00:25:30 +0000[diff] [blame]100void testRetroactiveNullReference(int *x) {
101 // According to the C++ standard, there is no such thing as a
102 // "null reference". So the 'if' statement ought to be dead code.
103 // However, Clang (and other compilers) don't actually check that a pointer
104 // value is non-null in the implementation of references, so it is possible
105 // to produce a supposed "null reference" at runtime. The analyzer shoeuld
106 // still warn when it can prove such errors.
107 int &y = *x;
108 if (x != 0)
109 return;
110 y = 5; // expected-warning{{Dereference of null pointer}}
111}
112
Jordan Rosea34d4f42012-08-21 00:27:33 +0000[diff] [blame]113void testReferenceAddress(int &x) {
114 clang_analyzer_eval(&x != 0); // expected-warning{{TRUE}}
115 clang_analyzer_eval(&ref() != 0); // expected-warning{{TRUE}}
116
117 struct S { int &x; };
118
Jordan Rose6ebea892012-09-05 17:11:26 +0000[diff] [blame]119 extern S getS();
Jordan Rosef1e67d72012-10-17 19:35:37 +0000[diff] [blame]120 clang_analyzer_eval(&getS().x != 0); // expected-warning{{TRUE}}
Jordan Rose6ebea892012-09-05 17:11:26 +0000[diff] [blame]121
122 extern S *getSP();
123 clang_analyzer_eval(&getSP()->x != 0); // expected-warning{{TRUE}}
Jordan Rosea34d4f42012-08-21 00:27:33 +0000[diff] [blame]124}
125
Jordan Rose9f3b9d52012-08-02 21:33:42 +0000[diff] [blame]126
Jordan Rose5699f622012-09-01 17:39:00 +0000[diff] [blame]127void testFunctionPointerReturn(void *opaque) {
128 typedef int &(*RefFn)();
129
130 RefFn getRef = (RefFn)opaque;
131
132 // Don't crash writing to or reading from this reference.
133 int &x = getRef();
134 x = 42;
135 clang_analyzer_eval(x == 42); // expected-warning{{TRUE}}
136}
137
Jordan Rosec236b732013-03-07 01:23:25 +0000[diff] [blame]138int &testReturnNullReference() {
139 int *x = 0;
140 return *x; // expected-warning{{Returning null reference}}
141}
142
143char &refFromPointer() {
144 return *ptr();
145}
146
147void testReturnReference() {
148 clang_analyzer_eval(ptr() == 0); // expected-warning{{UNKNOWN}}
149 clang_analyzer_eval(&refFromPointer() == 0); // expected-warning{{FALSE}}
150}
151
Anna Zaks018e9aa2013-03-07 03:02:36 +0000[diff] [blame]152void intRefParam(int &r) {
153 ;
154}
Jordan Rose5699f622012-09-01 17:39:00 +0000[diff] [blame]155
Anna Zaks018e9aa2013-03-07 03:02:36 +0000[diff] [blame]156void test(int *ptr) {
157 clang_analyzer_eval(ptr == 0); // expected-warning{{UNKNOWN}}
158
159 extern void use(int &ref);
160 use(*ptr);
161
162 clang_analyzer_eval(ptr == 0); // expected-warning{{FALSE}}
163}
164
165void testIntRefParam() {
166 int i = 0;
167 intRefParam(i); // no-warning
168}
169
170int refParam(int &byteIndex) {
171 return byteIndex;
172}
173
174void testRefParam(int *p) {
175 if (p)
176 ;
177 refParam(*p); // expected-warning {{Forming reference to null pointer}}
178}
179
180int ptrRefParam(int *&byteIndex) {
181 return *byteIndex; // expected-warning {{Dereference of null pointer}}
182}
183void testRefParam2() {
184 int *p = 0;
185 int *&rp = p;
186 ptrRefParam(rp);
187}
188
189int *maybeNull() {
190 extern bool coin();
191 static int x;
192 return coin() ? &x : 0;
193}
194
195void use(int &x) {
196 x = 1; // no-warning
197}
198
199void testSuppression() {
200 use(*maybeNull());
201}
Jordan Rose9f3b9d52012-08-02 21:33:42 +0000[diff] [blame]202
203namespace rdar11212286 {
204 class B{};
205
206 B test() {
207 B *x = 0;
Anna Zaks018e9aa2013-03-07 03:02:36 +0000[diff] [blame]208 return *x; // expected-warning {{Forming reference to null pointer}}
209 }
210
211 B testif(B *x) {
212 if (x)
213 ;
214 return *x; // expected-warning {{Forming reference to null pointer}}
215 }
216
217 void idc(B *x) {
218 if (x)
219 ;
220 }
221
222 B testidc(B *x) {
223 idc(x);
224 return *x; // no-warning
Jordan Rose9f3b9d52012-08-02 21:33:42 +0000[diff] [blame]225 }
Jordan Rosea34d4f42012-08-21 00:27:33 +0000[diff] [blame]226}
Jordan Rose1fd1e282013-04-11 00:58:58 +0000[diff] [blame^]227
228namespace PR15694 {
229 class C {
230 bool bit : 1;
231 template <class T> void bar(const T &obj) {}
232 void foo() {
233 bar(bit); // don't crash
234 }
235 };
236}