Gitiles
Code Review Sign In
gerrit-public.fairphone.software / toolchain / llvm-project / 8ac63e8f9f58a44c2512d019b4ead10b37895d15 / . / clang / test / Analysis / casts.c
blob: 3ba12e4318de168e6a60feed069a9936839ea451 [file] [log] [blame]
Dominic Chen184c6242017-03-03 18:02:02 +0000[diff] [blame]1// RUN: %clang_analyze_cc1 -triple x86_64-apple-darwin9 -analyzer-checker=core,alpha.core,debug.ExprInspection -analyzer-store=region -verify %s
2// RUN: %clang_analyze_cc1 -triple i386-apple-darwin9 -analyzer-checker=core,alpha.core,debug.ExprInspection -analyzer-store=region -verify %s
Jordan Rosedc166282013-05-01 18:19:59 +0000[diff] [blame]3
4extern void clang_analyzer_eval(_Bool);
Zhongxing Xuc14f0972009-04-29 01:50:12 +0000[diff] [blame]5
Zhongxing Xu12233fd2009-04-29 05:59:48 +0000[diff] [blame]6// Test if the 'storage' region gets properly initialized after it is cast to
7// 'struct sockaddr *'.
8
Ted Kremeneke95b4392009-08-20 04:48:23 +0000[diff] [blame]9typedef unsigned char __uint8_t;
10typedef unsigned int __uint32_t;
11typedef __uint32_t __darwin_socklen_t;
12typedef __uint8_t sa_family_t;
13typedef __darwin_socklen_t socklen_t;
14struct sockaddr { sa_family_t sa_family; };
15struct sockaddr_storage {};
Eli Friedman7d369cd2009-07-10 20:10:06 +0000[diff] [blame]16
Chris Lattnerf9895c42010-01-09 20:43:19 +0000[diff] [blame]17void getsockname();
18
Zhongxing Xu3c3fee02009-04-28 13:52:13 +0000[diff] [blame]19void f(int sock) {
20 struct sockaddr_storage storage;
Daniel Marjamaki13264eb2016-09-26 15:17:18 +0000[diff] [blame]21 struct sockaddr* sockaddr = (struct sockaddr*)&storage; // expected-warning{{Casting data to a larger structure type and accessing a field can lead to memory access errors or data corruption}}
Zhongxing Xu3c3fee02009-04-28 13:52:13 +0000[diff] [blame]22 socklen_t addrlen = sizeof(storage);
23 getsockname(sock, sockaddr, &addrlen);
24 switch (sockaddr->sa_family) { // no-warning
25 default:
26 ;
27 }
28}
Zhongxing Xucea65782009-06-18 06:29:10 +0000[diff] [blame]29
30struct s {
31 struct s *value;
32};
33
Mike Stump41ecf6c2009-07-21 18:45:53 +0000[diff] [blame]34void f1(struct s **pval) {
Zhongxing Xucea65782009-06-18 06:29:10 +0000[diff] [blame]35 int *tbool = ((void*)0);
36 struct s *t = *pval;
37 pval = &(t->value);
Zhongxing Xu96924292009-10-14 06:05:09 +0000[diff] [blame]38 tbool = (int *)pval; // use the cast-to type 'int *' to create element region.
Zhongxing Xub21175c2009-06-18 06:49:35 +0000[diff] [blame]39 char c = (unsigned char) *tbool; // Should use cast-to type to create symbol.
Zhongxing Xu96924292009-10-14 06:05:09 +0000[diff] [blame]40 if (*tbool == -1) // here load the element region with the correct type 'int'
Anders Carlsson499de422009-07-30 22:37:41 +0000[diff] [blame]41 (void)3;
Zhongxing Xucea65782009-06-18 06:29:10 +0000[diff] [blame]42}
43
Zhongxing Xucc457622009-06-19 04:51:14 +0000[diff] [blame]44void f2(const char *str) {
45 unsigned char ch, cl, *p;
46
47 p = (unsigned char *)str;
48 ch = *p++; // use cast-to type 'unsigned char' to create element region.
49 cl = *p++;
50 if(!cl)
51 cl = 'a';
52}
Zhongxing Xuf22afe32010-01-05 11:49:21 +0000[diff] [blame]53
54// Test cast VariableSizeArray to pointer does not crash.
55void *memcpy(void *, void const *, unsigned long);
56typedef unsigned char Byte;
57void doit(char *data, int len) {
58 if (len) {
59 Byte buf[len];
60 memcpy(buf, data, len);
61 }
62}
Zhongxing Xu803ade22010-01-14 03:45:06 +0000[diff] [blame]63
Ted Kremenek91df0ec2010-01-14 19:47:50 +0000[diff] [blame]64// PR 6013 and 6035 - Test that a cast of a pointer to long and then to int does not crash SValuator.
65void pr6013_6035_test(void *p) {
66 unsigned int foo;
67 foo = ((long)(p));
68 (void) foo;
Zhongxing Xu803ade22010-01-14 03:45:06 +0000[diff] [blame]69}
Anna Zaksfe1ccee2012-05-10 21:49:52 +0000[diff] [blame]70
71// PR12511 and radar://11215362 - Test that we support SymCastExpr, which represents symbolic int to float cast.
72char ttt(int intSeconds) {
73 double seconds = intSeconds;
74 if (seconds)
75 return 0;
76 return 0;
77}
Anna Zaksfe9c7c82013-02-05 19:52:28 +0000[diff] [blame]78
79int foo (int* p) {
80 int y = 0;
81 if (p == 0) {
82 if ((*((void**)&p)) == (void*)0) // Test that the cast to void preserves the symbolic region.
83 return 0;
84 else
85 return 5/y; // This code should be unreachable: no-warning.
86 }
87 return 0;
88}
Jordan Rosedc166282013-05-01 18:19:59 +0000[diff] [blame]89
90void castsToBool() {
91 clang_analyzer_eval(0); // expected-warning{{FALSE}}
92 clang_analyzer_eval(0U); // expected-warning{{FALSE}}
93 clang_analyzer_eval((void *)0); // expected-warning{{FALSE}}
94
95 clang_analyzer_eval(1); // expected-warning{{TRUE}}
96 clang_analyzer_eval(1U); // expected-warning{{TRUE}}
97 clang_analyzer_eval(-1); // expected-warning{{TRUE}}
98 clang_analyzer_eval(0x100); // expected-warning{{TRUE}}
99 clang_analyzer_eval(0x100U); // expected-warning{{TRUE}}
100 clang_analyzer_eval((void *)0x100); // expected-warning{{TRUE}}
101
102 extern int symbolicInt;
103 clang_analyzer_eval(symbolicInt); // expected-warning{{UNKNOWN}}
104 if (symbolicInt)
105 clang_analyzer_eval(symbolicInt); // expected-warning{{TRUE}}
106
107 extern void *symbolicPointer;
108 clang_analyzer_eval(symbolicPointer); // expected-warning{{UNKNOWN}}
109 if (symbolicPointer)
110 clang_analyzer_eval(symbolicPointer); // expected-warning{{TRUE}}
111
112 int localInt;
Richard Trieu3bb8b562014-02-26 02:36:06 +0000[diff] [blame]113 int* ptr = &localInt;
114 clang_analyzer_eval(ptr); // expected-warning{{TRUE}}
Jordan Rosedc166282013-05-01 18:19:59 +0000[diff] [blame]115 clang_analyzer_eval(&castsToBool); // expected-warning{{TRUE}}
116 clang_analyzer_eval("abc"); // expected-warning{{TRUE}}
117
118 extern float globalFloat;
119 clang_analyzer_eval(globalFloat); // expected-warning{{UNKNOWN}}
120}
Artem Dergachev7333a9e2017-03-28 15:57:12 +0000[diff] [blame]121
122void locAsIntegerCasts(void *p) {
123 int x = (int) p;
124 clang_analyzer_eval(++x < 10); // no-crash // expected-warning{{UNKNOWN}}
125}