xref: /llvm-project/clang/test/Analysis/uninit-const.cpp (revision a504ddc8bf9d5c406ea88b84b8495d7aae200d4c) 
1 // RUN: %clang_analyze_cc1 -analyzer-output=text -verify %s \
2 // RUN:   -analyzer-checker=core \
3 // RUN:   -analyzer-checker=cplusplus.NewDelete \
4 // RUN:   -analyzer-config core.CallAndMessage:ArgPointeeInitializedness=true
5 
6 // RUN: %clang_analyze_cc1 -analyzer-output=text -verify %s \
7 // RUN:   -DTEST_INLINABLE_ALLOCATORS \
8 // RUN:   -analyzer-checker=core \
9 // RUN:   -analyzer-checker=cplusplus.NewDelete \
10 // RUN:   -analyzer-config core.CallAndMessage:ArgPointeeInitializedness=true
11 
12 // Passing uninitialized const data to unknown function
13 
14 #include "Inputs/system-header-simulator-cxx.h"
15 
16 void doStuff6(const int& c);
17 void doStuff4(const int y);
18 void doStuff3(int& g);
19 void doStuff_uninit(const int *u);
20 
21 
f10(void)22 int f10(void) {
23   int *ptr;
24                  // FIXME: The message is misleading -- we should state that
25                  // a pointer to an uninitialized value is stored.
26   ptr = new int; // expected-note{{Storing uninitialized value}}
27   if(*ptr) { // expected-warning{{Branch condition evaluates to a garbage value [core.uninitialized.Branch]}}
28              // expected-note@-1 {{Branch condition evaluates to a garbage value}}
29     doStuff4(*ptr);
30   }
31   delete ptr;
32   return 0;
33 }
34 
f9(void)35 int f9(void) {
36   int *ptr;
37                  // FIXME: The message is misleading -- we should state that
38                  // a pointer to an uninitialized value is stored.
39   ptr = new int; // expected-note{{Storing uninitialized value}}
40                  // expected-note@-1{{Value assigned to 'ptr'}}
41   doStuff_uninit(ptr); // expected-warning{{1st function call argument is a pointer to uninitialized value [core.CallAndMessage]}}
42                        // expected-note@-1{{1st function call argument is a pointer to uninitialized value}}
43   delete ptr;
44   return 0;
45 }
46 
f8(void)47 int f8(void) {
48   int *ptr;
49 
50   ptr = new int;
51   *ptr = 25;
52 
53   doStuff_uninit(ptr); // no warning?
54   delete ptr;
55   return 0;
56 }
57 
f7(void)58 void f7(void) {
59   int m = 3;
60   doStuff6(m); // no warning
61 }
62 
63 
f6_1_sub(int & p)64 int& f6_1_sub(int &p) {
65   return p; // expected-note{{Returning without writing to 'p'}}
66             // expected-note@-1{{Returning pointer (reference to 't')}}
67 }
68 
f6_1(void)69 void f6_1(void) {
70   int t;               // expected-note{{'t' declared without an initial value}}
71   int p = f6_1_sub(t); //expected-warning {{Assigned value is garbage or undefined}}
72                        //expected-note@-1 {{Passing value via 1st parameter 'p'}}
73                        //expected-note@-2 {{Calling 'f6_1_sub'}}
74                        //expected-note@-3 {{Returning from 'f6_1_sub'}}
75                        //expected-note@-4 {{Assigned value is garbage or undefined}}
76   int q = p;
77   doStuff6(q);
78 }
79 
f6_2(void)80 void f6_2(void) {
81   int t;       //expected-note {{'t' declared without an initial value}}
82   int &p = t;  //expected-note {{'p' initialized here}}
83   int &s = p;  //expected-note {{'s' initialized to the value of 'p'}}
84   int &q = s;  //expected-note {{'q' initialized to the value of 's'}}
85   doStuff6(q); //expected-warning {{1st function call argument is an uninitialized value}}
86                //expected-note@-1 {{1st function call argument is an uninitialized value}}
87 }
88 
doStuff6_3(int & q_,int * ptr_)89 void doStuff6_3(int& q_, int *ptr_) {}
90 
f6_3(void)91 void f6_3(void) {
92   int *ptr;    //expected-note {{'ptr' declared without an initial value}}
93   int t;
94   int &p = t;
95   int &s = p;
96   int &q = s;
97   doStuff6_3(q,ptr); //expected-warning {{2nd function call argument is an uninitialized value}}
98                //expected-note@-1 {{2nd function call argument is an uninitialized value}}
99 
100 }
101 
f6(void)102 void f6(void) {
103   int k;       // expected-note {{'k' declared without an initial value}}
104   doStuff6(k); // expected-warning {{1st function call argument is an uninitialized value}}
105                // expected-note@-1 {{1st function call argument is an uninitialized value}}
106 
107 }
108 
109 
110 
f5(void)111 void f5(void) {
112   int t;               // expected-note {{'t' declared without an initial value}}
113   int* tp = &t;        // expected-note {{'tp' initialized here}}
114   doStuff_uninit(tp);  // expected-warning {{1st function call argument is a pointer to uninitialized value}}
115                        // expected-note@-1 {{1st function call argument is a pointer to uninitialized value}}
116 }
117 
118 
f4(void)119 void f4(void) {
120       int y;        // expected-note {{'y' declared without an initial value}}
121       doStuff4(y);  // expected-warning {{1st function call argument is an uninitialized value}}
122                     // expected-note@-1 {{1st function call argument is an uninitialized value}}
123 }
124 
f3(void)125 void f3(void) {
126       int g;
127       doStuff3(g); // no warning
128 }
129 
130 int z;
f2(void)131 void f2(void) {
132       doStuff_uninit(&z);  // no warning
133 }
134 
f1(void)135 void f1(void) {
136       int x_=5;
137       doStuff_uninit(&x_);  // no warning
138 }
139 
f_uninit(void)140 void f_uninit(void) {
141       int x;               // expected-note {{'x' declared without an initial value}}
142       doStuff_uninit(&x);  // expected-warning {{1st function call argument is a pointer to uninitialized value}}
143                            // expected-note@-1 {{1st function call argument is a pointer to uninitialized value}}
144 }
145