1 // RUN: %clang_analyze_cc1 -analyzer-checker=core,debug.ExprInspection -analyzer-config c++-inlining=constructors -verify %s 2 3 #include "Inputs/system-header-simulator-cxx.h" 4 5 void clang_analyzer_eval(bool); 6 7 struct s { 8 int x; 9 int y; 10 }; 11 12 void a1(void) { 13 s arr[3]; 14 int x = arr[0].x; 15 // expected-warning@-1{{Assigned value is garbage or undefined}} 16 } 17 18 void a2(void) { 19 s arr[3]; 20 int x = arr[1].x; 21 // expected-warning@-1{{Assigned value is garbage or undefined}} 22 } 23 24 void a3(void) { 25 s arr[3]; 26 int x = arr[2].x; 27 // expected-warning@-1{{Assigned value is garbage or undefined}} 28 } 29 30 struct s2 { 31 int x; 32 int y = 2; 33 }; 34 35 void b1(void) { 36 s2 arr[3]; 37 38 clang_analyzer_eval(arr[0].y == 2); // expected-warning{{TRUE}} 39 int x = arr[0].x; 40 // expected-warning@-1{{Assigned value is garbage or undefined}} 41 } 42 43 void b2(void) { 44 s2 arr[3]; 45 46 clang_analyzer_eval(arr[1].y == 2); // expected-warning{{TRUE}} 47 int x = arr[1].x; 48 // expected-warning@-1{{Assigned value is garbage or undefined}} 49 } 50 51 void b3(void) { 52 s2 arr[3]; 53 54 clang_analyzer_eval(arr[2].y == 2); // expected-warning{{TRUE}} 55 int x = arr[2].x; 56 // expected-warning@-1{{Assigned value is garbage or undefined}} 57 } 58 59 void c1(void) { 60 { 61 s2 arr[2]; 62 arr[1].x = 3; 63 64 clang_analyzer_eval(arr[1].y == 2); // expected-warning{{TRUE}} 65 clang_analyzer_eval(arr[1].x == 3); // expected-warning{{TRUE}} 66 } 67 68 { 69 s2 arr[2]; 70 71 clang_analyzer_eval(arr[1].y == 2); // expected-warning{{TRUE}} 72 int x = arr[1].x; 73 // expected-warning@-1{{Assigned value is garbage or undefined}} 74 } 75 } 76 77 struct s3 { 78 int x = 1; 79 int y = 2; 80 }; 81 82 struct s4 { 83 s3 arr[2]; 84 s sarr[2]; 85 }; 86 87 void e1(void) { 88 s4 arr[2]; 89 90 clang_analyzer_eval(arr[0].arr[0].x == 1); // expected-warning{{TRUE}} 91 clang_analyzer_eval(arr[0].arr[0].y == 2); // expected-warning{{TRUE}} 92 93 clang_analyzer_eval(arr[0].arr[1].x == 1); // expected-warning{{TRUE}} 94 clang_analyzer_eval(arr[0].arr[1].y == 2); // expected-warning{{TRUE}} 95 96 clang_analyzer_eval(arr[1].arr[0].x == 1); // expected-warning{{TRUE}} 97 clang_analyzer_eval(arr[1].arr[0].y == 2); // expected-warning{{TRUE}} 98 99 clang_analyzer_eval(arr[1].arr[1].x == 1); // expected-warning{{TRUE}} 100 clang_analyzer_eval(arr[1].arr[1].y == 2); // expected-warning{{TRUE}} 101 102 int x = arr[1].sarr[1].x; 103 // expected-warning@-1{{Assigned value is garbage or undefined}} 104 } 105 106 void f1(void) { 107 s2 arr[2][2]; 108 109 clang_analyzer_eval(arr[1][1].y == 2); // expected-warning{{TRUE}} 110 int x = arr[1][1].x; 111 // expected-warning@-1{{Assigned value is garbage or undefined}} 112 } 113 114 struct s5 { 115 static int c; 116 int x; 117 118 s5() : x(c++) {} 119 }; 120 121 void g1(void) { 122 s5::c = 0; 123 s5 *arr = new s5[4]; 124 new (arr + 1) s5[3]; 125 126 clang_analyzer_eval(arr[0].x == 0); // expected-warning{{TRUE}} 127 clang_analyzer_eval(arr[1].x == 4); // expected-warning{{TRUE}} 128 clang_analyzer_eval(arr[2].x == 5); // expected-warning{{TRUE}} 129 clang_analyzer_eval(arr[3].x == 6); // expected-warning{{TRUE}} 130 } 131 132 void g2(void) { 133 s5::c = 0; 134 s5 arr[4]; 135 136 clang_analyzer_eval(arr[0].x == 0); // expected-warning{{TRUE}} 137 clang_analyzer_eval(arr[1].x == 1); // expected-warning{{TRUE}} 138 clang_analyzer_eval(arr[2].x == 2); // expected-warning{{TRUE}} 139 clang_analyzer_eval(arr[3].x == 3); // expected-warning{{TRUE}} 140 } 141 142 void g3(void) { 143 s5::c = 0; 144 s5 arr[2][2]; 145 146 clang_analyzer_eval(arr[0][0].x == 0); // expected-warning{{TRUE}} 147 clang_analyzer_eval(arr[0][1].x == 1); // expected-warning{{TRUE}} 148 clang_analyzer_eval(arr[1][0].x == 2); // expected-warning{{TRUE}} 149 clang_analyzer_eval(arr[1][1].x == 3); // expected-warning{{TRUE}} 150 } 151 152 void h1(void) { 153 s5::c = 0; 154 s5 a[2][2], b[2][2]; 155 156 clang_analyzer_eval(a[0][0].x == 0); // expected-warning{{TRUE}} 157 clang_analyzer_eval(a[0][1].x == 1); // expected-warning{{TRUE}} 158 clang_analyzer_eval(a[1][0].x == 2); // expected-warning{{TRUE}} 159 clang_analyzer_eval(a[1][1].x == 3); // expected-warning{{TRUE}} 160 161 clang_analyzer_eval(b[0][0].x == 4); // expected-warning{{TRUE}} 162 clang_analyzer_eval(b[0][1].x == 5); // expected-warning{{TRUE}} 163 clang_analyzer_eval(b[1][0].x == 6); // expected-warning{{TRUE}} 164 clang_analyzer_eval(b[1][1].x == 7); // expected-warning{{TRUE}} 165 } 166 167 void h2(void) { 168 s a[2][2], b[2][2]; 169 170 int x = a[1][1].x; 171 // expected-warning@-1{{Assigned value is garbage or undefined}} 172 } 173 174 void h3(void) { 175 s a[2][2], b[2][2]; 176 177 int x = b[1][1].y; 178 // expected-warning@-1{{Assigned value is garbage or undefined}} 179 } 180 181 struct Base { 182 int x; 183 int y; 184 185 Base(int x, int y) : x(x), y(y) {} 186 }; 187 188 struct Derived : public Base { 189 int i; 190 int j; 191 192 Derived(int x, int y, int i, int j) : Base(x, y), i(i), j(j) {} 193 }; 194 195 void delegate(void) { 196 Derived arr[2] = {{1, 2, 3, 4}, {5, 6, 7, 8}}; 197 198 clang_analyzer_eval(arr[0].x == 1); // expected-warning{{TRUE}} 199 clang_analyzer_eval(arr[0].y == 2); // expected-warning{{TRUE}} 200 clang_analyzer_eval(arr[0].i == 3); // expected-warning{{TRUE}} 201 clang_analyzer_eval(arr[0].j == 4); // expected-warning{{TRUE}} 202 203 clang_analyzer_eval(arr[1].x == 5); // expected-warning{{TRUE}} 204 clang_analyzer_eval(arr[1].y == 6); // expected-warning{{TRUE}} 205 clang_analyzer_eval(arr[1].i == 7); // expected-warning{{TRUE}} 206 clang_analyzer_eval(arr[1].j == 8); // expected-warning{{TRUE}} 207 } 208 209 void delegate_heap(void) { 210 Derived *arr = new Derived[2]{{1, 2, 3, 4}, {5, 6, 7, 8}}; 211 212 clang_analyzer_eval(arr[0].x == 1); // expected-warning{{TRUE}} 213 clang_analyzer_eval(arr[0].y == 2); // expected-warning{{TRUE}} 214 clang_analyzer_eval(arr[0].i == 3); // expected-warning{{TRUE}} 215 clang_analyzer_eval(arr[0].j == 4); // expected-warning{{TRUE}} 216 217 clang_analyzer_eval(arr[1].x == 5); // expected-warning{{TRUE}} 218 clang_analyzer_eval(arr[1].y == 6); // expected-warning{{TRUE}} 219 clang_analyzer_eval(arr[1].i == 7); // expected-warning{{TRUE}} 220 clang_analyzer_eval(arr[1].j == 8); // expected-warning{{TRUE}} 221 } 222 223 struct Member { 224 int x; 225 int y; 226 }; 227 228 struct Parent { 229 Member arr[2]; 230 231 Parent() : arr{{1, 2}, {3, 4}} {} 232 }; 233 234 void member() { 235 Parent arr[2]; 236 237 clang_analyzer_eval(arr[0].arr[0].x == 1); // expected-warning{{TRUE}} 238 clang_analyzer_eval(arr[0].arr[0].y == 2); // expected-warning{{TRUE}} 239 clang_analyzer_eval(arr[0].arr[1].x == 3); // expected-warning{{TRUE}} 240 clang_analyzer_eval(arr[0].arr[1].y == 4); // expected-warning{{TRUE}} 241 242 clang_analyzer_eval(arr[1].arr[0].x == 1); // expected-warning{{TRUE}} 243 clang_analyzer_eval(arr[1].arr[0].y == 2); // expected-warning{{TRUE}} 244 clang_analyzer_eval(arr[1].arr[1].x == 3); // expected-warning{{TRUE}} 245 clang_analyzer_eval(arr[1].arr[1].y == 4); // expected-warning{{TRUE}} 246 } 247 248 struct HasArr { 249 int arrDefault[2] = {1, 2}; 250 int arr[2]; 251 HasArr(int x, int y) : arr{x, y} {} 252 }; 253 254 struct ArrCombination : public HasArr { 255 HasArr membDefault = {5, 6}; 256 HasArr memb; 257 ArrCombination(int x) : HasArr(3, 4), memb{7, x} {} 258 }; 259 260 void derived_and_member() { 261 ArrCombination a{8}; 262 // FIXME: Default initializers for array members are not modeled. 263 clang_analyzer_eval(a.arrDefault[0] == 1); // expected-warning{{UNKNOWN}} 264 clang_analyzer_eval(a.arrDefault[1] == 2); // expected-warning{{UNKNOWN}} 265 clang_analyzer_eval(a.arr[0] == 3); // expected-warning{{TRUE}} 266 clang_analyzer_eval(a.arr[1] == 4); // expected-warning{{TRUE}} 267 clang_analyzer_eval(a.membDefault.arrDefault[0] == 1); // expected-warning{{UNKNOWN}} 268 clang_analyzer_eval(a.membDefault.arrDefault[1] == 2); // expected-warning{{UNKNOWN}} 269 clang_analyzer_eval(a.membDefault.arr[0] == 5); // expected-warning{{UNKNOWN}} 270 clang_analyzer_eval(a.membDefault.arr[1] == 6); // expected-warning{{UNKNOWN}} 271 clang_analyzer_eval(a.memb.arrDefault[0] == 1); // expected-warning{{UNKNOWN}} 272 clang_analyzer_eval(a.memb.arrDefault[1] == 2); // expected-warning{{UNKNOWN}} 273 clang_analyzer_eval(a.memb.arr[0] == 7); // expected-warning{{TRUE}} 274 clang_analyzer_eval(a.memb.arr[1] == 8); // expected-warning{{TRUE}} 275 276 } 277 278 struct IncompleteArrInit { 279 int arr[2]; 280 int arrDefault[3] = {1, 2, 3}; 281 IncompleteArrInit() : arr{1}, arrDefault{2, 3} {} 282 }; 283 284 void incomplete_array_init() { 285 IncompleteArrInit a; 286 clang_analyzer_eval(a.arr[0] == 1); // expected-warning{{TRUE}} 287 clang_analyzer_eval(a.arr[1] == 0); // expected-warning{{TRUE}} 288 clang_analyzer_eval(a.arrDefault[0] == 2); // expected-warning{{TRUE}} 289 clang_analyzer_eval(a.arrDefault[1] == 3); // expected-warning{{TRUE}} 290 clang_analyzer_eval(a.arrDefault[2] == 0); // expected-warning{{TRUE}} 291 } 292