fread.c - OpenGrok cross reference for /llvm-project/clang/test/Analysis/fread.c

Lines Matching defs:buffer
40     char buffer[10];
41     int c = fread(buffer, 1, 10, fp); // c is tainted.
65 void read_one_byte2(char *buffer) {
68     if (1 == fread(buffer, 1, 1, fp)) {
69       char p = buffer[0]; // Unknown value but not garbage.
72       char p = buffer[0]; // Possibly indeterminate value but not modeled by checker.
79 void read_one_byte3(char *buffer) {
80   buffer[1] = 10;
83     // buffer[1] is not mutated by fread and remains not tainted.
84     fread(buffer, 1, 1, fp);
85     char p = buffer[1];
87     clang_analyzer_dump(buffer[1]); // expected-warning{{10 S32b}}
92 void read_many_bytes(char *buffer) {
95     if (42 == fread(buffer, 1, 42, fp)) {
96       char p = buffer[0]; // Unknown value but not garbage.
99       char p = buffer[0]; // Possibly indeterminate value but not modeled.
164     int buffer[10];
165     int *ptr = buffer + 2;
168         int p = buffer[1]; // Unknown value but not garbage.
172         int p = buffer[0]; // expected-warning {{Assigned value is garbage or undefined}}
175       int p = buffer[0]; // expected-warning {{Assigned value is garbage or undefined}}
211     long buffer[10];
213     size_t res = fread(buffer + startIndex, sizeof(long), 5, fp);
214     long *p = &buffer[startIndex];
312   int buffer[PastMaxComplexity + 1];
313   buffer[PastMaxComplexity] = 42;
316     if (buffer[PastMaxComplexity] != 42) {
319     if (1 == fread(buffer, sizeof(int), PastMaxComplexity, fp)) {
320       if (buffer[PastMaxComplexity] != 42) {
329   int buffer[10];
330   buffer[5] = 42;
333     clang_analyzer_dump(buffer[5]); // expected-warning{{42 S32b}}
334     if (1 == fread(buffer, sizeof(int), 5, fp)) {
335       clang_analyzer_dump(buffer[5]); // expected-warning{{42 S32b}}
344   int buffer[100];
345   buffer[0] = 1;
346   buffer[1] = 2;
347   buffer[2] = 3;
348   buffer[3] = 4;
349   buffer[4] = 5;
350   buffer[5] = 6;
354     if (5 == fread(buffer + 1, 3, 5, fp)) {
355       clang_analyzer_dump(buffer[0]); // expected-warning{{1 S32b}}
356       clang_analyzer_dump(buffer[1]); // expected-warning{{conj_}}
357       clang_analyzer_dump(buffer[2]); // expected-warning{{conj_}}
358       clang_analyzer_dump(buffer[3]); // expected-warning{{conj_}}
359       clang_analyzer_dump(buffer[4]); // expected-warning{{conj_}}
360       clang_analyzer_dump(buffer[5]); // expected-warning{{6 S32b}}
362       char *c = (char*)buffer;
363       clang_analyzer_dump(c[4+12]); // expected-warning{{conj_}} 16th byte of buffer, which is the beginning of the 4th 'int' in the buffer.
365       // FIXME: The store should have returned a partial binding for the 17th byte of the buffer, which is the 2nd byte of the previous int.
370       clang_analyzer_dump(buffer[0]); // expected-warning{{1 S32b}} ok
371       clang_analyzer_dump(buffer[1]); // expected-warning{{conj_}} ok
372       clang_analyzer_dump(buffer[2]); // expected-warning{{conj_}} ok
373       clang_analyzer_dump(buffer[3]); // expected-warning{{conj_}} ok
374       clang_analyzer_dump(buffer[4]); // expected-warning{{conj_}} ok, but an uninit warning would be also fine.
375       clang_analyzer_dump(buffer[5]); // expected-warning{{6 S32b}} ok
376       clang_analyzer_dump(buffer[6]); // expected-warning{{1st function call argument is an uninitialized value}} ok
385   int buffer[100];
386   buffer[0] = 1;
387   buffer[15] = 2;
388   buffer[16] = 3;
392     if (20 == fread(buffer + 1, 3, 20, fp)) {
393       clang_analyzer_dump(buffer[0]);  // expected-warning{{1 S32b}}
394       clang_analyzer_dump(buffer[15]); // expected-warning{{conj_}}
395       clang_analyzer_dump(buffer[16]); // expected-warning{{3 S32b}}
396       clang_analyzer_dump(buffer[17]); // expected-warning{{1st function call argument is an uninitialized value}}
398       clang_analyzer_dump(buffer[0]);  // expected-warning{{1 S32b}}
399       clang_analyzer_dump(buffer[15]); // expected-warning{{conj_}}
400       clang_analyzer_dump(buffer[16]); // expected-warning{{3 S32b}}
401       clang_analyzer_dump(buffer[17]); // expected-warning{{1st function call argument is an uninitialized value}}
410   int buffer[100];
411   buffer[0] = 3;
412   buffer[1] = 4;
413   buffer[2] = 5;
414   char *asChar = (char*)buffer;
421       clang_analyzer_dump(buffer[0]); // expected-warning{{3 S32b}} FIXME: The int binding should have been partially overwritten by the read call. This definitely should not be 3.
422       clang_analyzer_dump(buffer[1]); // expected-warning{{conj_}}
423       clang_analyzer_dump(buffer[2]); // expected-warning{{5 S32b}}
432       clang_analyzer_dump(buffer[0]); // expected-warning{{3 S32b}} FIXME: The int binding should have been partially overwritten by the read call. This definitely should not be 3.
433       clang_analyzer_dump(buffer[1]); // expected-warning{{conj_}}
434       clang_analyzer_dump(buffer[2]); // expected-warning{{5 S32b}}
447 void no_crash_if_count_is_negative(long l, long r, unsigned char *buffer) {
451       fread(buffer, 1, l * r, fp); // no-crash
457 void no_crash_if_size_is_negative(long l, long r, unsigned char *buffer) {
461       fread(buffer, l * r, 1, fp); // no-crash
467 void no_crash_if_size_and_count_are_negative(long l, long r, unsigned char *buffer) {
471       fread(buffer, l * r, l * r, fp); // no-crash