Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / clang / e1cea75e70d76f55157749a7bcad319050492945 / . / test / Analysis / array-struct.c
blob: 07abbcafd32c46d43bc0db1b14405573b7a84fbc [file] [log] [blame]
Daniel Dunbard7d5f022009-03-24 02:24:46 +0000[diff] [blame]1// RUN: clang-cc -analyze -checker-cfref -analyzer-store=basic -analyzer-constraints=basic -verify %s &&
Ted Kremeneke1cea752009-07-06 21:58:46 +0000[diff] [blame^]2// RUN: clang-cc -analyze -checker-cfref -analyzer-store=basic-new-cast -analyzer-constraints=basic -verify %s &&
3// RUN: clang-cc -analyze -checker-cfref -analyzer-store=basic -analyzer-constraints=range -verify %s &&
4// RUN: clang-cc -analyze -checker-cfref -analyzer-store=basic-new-cast -analyzer-constraints=range -verify %s
Ted Kremenekf936f452009-05-04 06:18:28 +0000[diff] [blame]5
6// RegionStore now has an infinite recursion with this test case.
Zhongxing Xu49e2e992009-06-28 14:25:10 +0000[diff] [blame]7// RUN: clang-cc -analyze -checker-cfref -analyzer-store=region -analyzer-constraints=basic -verify %s &&
8// RUN: clang-cc -analyze -checker-cfref -analyzer-store=region -analyzer-constraints=range -verify %s
Zhongxing Xuef8b28e2008-10-17 05:19:52 +0000[diff] [blame]9
Zhongxing Xu72e16822008-10-24 08:51:58 +0000[diff] [blame]10struct s {
11 int data;
12 int data_array[10];
13};
Zhongxing Xuef8b28e2008-10-17 05:19:52 +0000[diff] [blame]14
Zhongxing Xu234a7d22008-10-27 09:19:25 +0000[diff] [blame]15typedef struct {
16 int data;
17} STYPE;
18
Zhongxing Xu91844122009-05-20 09:18:48 +0000[diff] [blame]19void g(char *p);
Zhongxing Xu04b90bc2008-11-02 13:17:44 +0000[diff] [blame]20void g1(struct s* p);
21
Zhongxing Xu661fc392008-11-25 01:45:11 +0000[diff] [blame]22// Array to pointer conversion. Array in the struct field.
Zhongxing Xuef8b28e2008-10-17 05:19:52 +0000[diff] [blame]23void f(void) {
24 int a[10];
25 int (*p)[10];
26 p = &a;
27 (*p)[3] = 1;
28
29 struct s d;
30 struct s *q;
31 q = &d;
Zhongxing Xu72e16822008-10-24 08:51:58 +0000[diff] [blame]32 q->data = 3;
33 d.data_array[9] = 17;
Zhongxing Xuef8b28e2008-10-17 05:19:52 +0000[diff] [blame]34}
Zhongxing Xu2e971202008-10-25 14:11:23 +0000[diff] [blame]35
Zhongxing Xu661fc392008-11-25 01:45:11 +0000[diff] [blame]36// StringLiteral in lvalue context and pointer to array type.
37// p: ElementRegion, q: StringRegion
Zhongxing Xu2e971202008-10-25 14:11:23 +0000[diff] [blame]38void f2() {
39 char *p = "/usr/local";
40 char (*q)[4];
41 q = &"abc";
42}
Zhongxing Xu234a7d22008-10-27 09:19:25 +0000[diff] [blame]43
Zhongxing Xu661fc392008-11-25 01:45:11 +0000[diff] [blame]44// Typedef'ed struct definition.
Zhongxing Xu234a7d22008-10-27 09:19:25 +0000[diff] [blame]45void f3() {
46 STYPE s;
47}
Zhongxing Xudf2aa1e2008-10-31 10:23:14 +0000[diff] [blame]48
Zhongxing Xu661fc392008-11-25 01:45:11 +0000[diff] [blame]49// Initialize array with InitExprList.
Zhongxing Xudf2aa1e2008-10-31 10:23:14 +0000[diff] [blame]50void f4() {
51 int a[] = { 1, 2, 3};
52 int b[3] = { 1, 2 };
Zhongxing Xub61f49c2009-01-23 10:23:13 +0000[diff] [blame]53 struct s c[] = {{1,{1}}};
Zhongxing Xudf2aa1e2008-10-31 10:23:14 +0000[diff] [blame]54}
Zhongxing Xu04b90bc2008-11-02 13:17:44 +0000[diff] [blame]55
Zhongxing Xu661fc392008-11-25 01:45:11 +0000[diff] [blame]56// Struct variable in lvalue context.
Zhongxing Xu5834ed62009-01-13 01:49:57 +0000[diff] [blame]57// Assign UnknownVal to the whole struct.
Zhongxing Xu04b90bc2008-11-02 13:17:44 +0000[diff] [blame]58void f5() {
59 struct s data;
60 g1(&data);
61}
Zhongxing Xub6701332008-11-13 07:59:15 +0000[diff] [blame]62
Zhongxing Xu661fc392008-11-25 01:45:11 +0000[diff] [blame]63// AllocaRegion test.
Zhongxing Xub6701332008-11-13 07:59:15 +0000[diff] [blame]64void f6() {
65 char *p;
66 p = __builtin_alloca(10);
Zhongxing Xu91844122009-05-20 09:18:48 +0000[diff] [blame]67 g(p);
68 char c = *p;
Zhongxing Xub6701332008-11-13 07:59:15 +0000[diff] [blame]69 p[1] = 'a';
Zhongxing Xu2acc3992009-05-20 09:03:10 +0000[diff] [blame]70 // Test if RegionStore::EvalBinOp converts the alloca region to element
71 // region.
Zhongxing Xu262fd032009-05-20 09:00:16 +0000[diff] [blame]72 p += 2;
Zhongxing Xub6701332008-11-13 07:59:15 +0000[diff] [blame]73}
Zhongxing Xufb75b252008-11-13 08:44:52 +0000[diff] [blame]74
75struct s2;
76
77void g2(struct s2 *p);
78
Zhongxing Xu661fc392008-11-25 01:45:11 +0000[diff] [blame]79// Incomplete struct pointer used as function argument.
Zhongxing Xufb75b252008-11-13 08:44:52 +0000[diff] [blame]80void f7() {
81 struct s2 *p = __builtin_alloca(10);
82 g2(p);
83}
Zhongxing Xu26134a12008-11-13 09:20:05 +0000[diff] [blame]84
Zhongxing Xu661fc392008-11-25 01:45:11 +0000[diff] [blame]85// sizeof() is unsigned while -1 is signed in array index.
Zhongxing Xu26134a12008-11-13 09:20:05 +0000[diff] [blame]86void f8() {
87 int a[10];
Zhongxing Xu33d7cbf2008-11-24 23:45:56 +0000[diff] [blame]88 a[sizeof(a)/sizeof(int) - 1] = 1; // no-warning
Zhongxing Xu26134a12008-11-13 09:20:05 +0000[diff] [blame]89}
Zhongxing Xu617ff312008-11-18 13:30:46 +0000[diff] [blame]90
Zhongxing Xu661fc392008-11-25 01:45:11 +0000[diff] [blame]91// Initialization of struct array elements.
Zhongxing Xu617ff312008-11-18 13:30:46 +0000[diff] [blame]92void f9() {
93 struct s a[10];
94}
Zhongxing Xu27cae9e2008-11-30 05:51:19 +0000[diff] [blame]95
96// Initializing array with string literal.
97void f10() {
98 char a1[4] = "abc";
Zhongxing Xu27cae9e2008-11-30 05:51:19 +0000[diff] [blame]99 char a3[6] = "abc";
100}
Zhongxing Xu562c4d92009-01-23 11:22:12 +0000[diff] [blame]101
102// Retrieve the default value of element/field region.
103void f11() {
104 struct s a;
Zhongxing Xu91844122009-05-20 09:18:48 +0000[diff] [blame]105 g1(&a);
Zhongxing Xu562c4d92009-01-23 11:22:12 +0000[diff] [blame]106 if (a.data == 0) // no-warning
107 a.data = 1;
108}
Zhongxing Xu3450a552009-02-19 08:42:43 +0000[diff] [blame]109
110// Convert unsigned offset to signed when creating ElementRegion from
111// SymbolicRegion.
112void f12(int *list) {
113 unsigned i = 0;
114 list[i] = 1;
115}
Zhongxing Xuc57bc592009-03-18 02:07:30 +0000[diff] [blame]116
117struct s1 {
118 struct s2 {
119 int d;
120 } e;
121};
122
123// The binding of a.e.d should not be removed. Test recursive subregion map
124// building: a->e, e->d. Only then 'a' could be added to live region roots.
125void f13(double timeout) {
126 struct s1 a;
127 a.e.d = (long) timeout;
128 if (a.e.d == 10)
129 a.e.d = 4;
130}
Zhongxing Xu3e001f32009-05-03 00:27:40 +0000[diff] [blame]131
132struct s3 {
133 int a[2];
134};
135
136static struct s3 opt;
137
138// Test if the embedded array is retrieved correctly.
139void f14() {
140 struct s3 my_opt = opt;
141}
Zhongxing Xu264e9372009-05-12 10:10:00 +0000[diff] [blame]142
143void bar(int*);
144
145// Test if the array is correctly invalidated.
146void f15() {
147 int a[10];
148 bar(a);
149 if (a[1]) // no-warning
150 1;
151}
Zhongxing Xu3f6978a2009-06-11 09:11:27 +0000[diff] [blame]152
153struct s3 p[1];
154
155// Code from postgresql.
156// Current cast logic of region store mistakenly leaves the final result region
157// an ElementRegion of type 'char'. Then load a nonloc::SymbolVal from it and
158// assigns to 'a'.
159void f16(struct s3 *p) {
160 struct s3 a = *((struct s3*) ((char*) &p[0]));
161}
Zhongxing Xu6bd8a522009-06-28 13:59:24 +0000[diff] [blame]162
163void inv(struct s1 *);
164
165// Invalidate the struct field.
166void f17() {
167 struct s1 t;
168 int x;
169 inv(&t);
170 if (t.e.d)
171 x = 1;
172}
Zhongxing Xua03f1572009-06-29 06:43:40 +0000[diff] [blame]173
174void read(char*);
175
176void f18() {
177 char *q;
178 char *p = (char *) __builtin_alloca(10);
179 read(p);
180 q = p;
181 q++;
182 if (*q) { // no-warning
183 }
184}