1 // RUN: %clang_cc1 -std=c++14 -triple i386-apple-darwin10 -analyze -analyzer-config eagerly-assume=false -analyzer-checker=core.uninitialized.Assign,core.builtin,debug.ExprInspection,core.uninitialized.UndefReturn -verify %s
2
3 template <typename T>
4 void clang_analyzer_dump(T x);
5 void clang_analyzer_eval(int);
6
7 struct S {
8 int a = 3;
9 };
10 S const sarr[2] = {};
definit()11 void definit() {
12 int i = 1;
13 // FIXME: Should recognize that it is 3.
14 clang_analyzer_eval(sarr[i].a); // expected-warning{{UNKNOWN}}
15 }
16
17 int const glob_arr1[3] = {};
glob_array_index1()18 void glob_array_index1() {
19 clang_analyzer_eval(glob_arr1[0] == 0); // expected-warning{{TRUE}}
20 clang_analyzer_eval(glob_arr1[1] == 0); // expected-warning{{TRUE}}
21 clang_analyzer_eval(glob_arr1[2] == 0); // expected-warning{{TRUE}}
22 }
23
glob_invalid_index1()24 void glob_invalid_index1() {
25 const int *ptr = glob_arr1;
26 int idx = -42;
27 auto x = ptr[idx]; // expected-warning{{garbage or undefined}}
28 }
29
glob_symbolic_index1(int idx)30 void glob_symbolic_index1(int idx) {
31 clang_analyzer_dump(glob_arr1[idx]); // expected-warning{{Unknown}}
32 }
33
34 int const glob_arr2[4] = {1, 2};
glob_ptr_index1()35 void glob_ptr_index1() {
36 int const *ptr = glob_arr2;
37 clang_analyzer_eval(ptr[0] == 1); // expected-warning{{TRUE}}
38 clang_analyzer_eval(ptr[1] == 2); // expected-warning{{TRUE}}
39 clang_analyzer_eval(ptr[2] == 0); // expected-warning{{TRUE}}
40 clang_analyzer_eval(ptr[3] == 0); // expected-warning{{TRUE}}
41 clang_analyzer_eval(ptr[4] == 0); // expected-warning{{UNDEFINED}}
42 }
43
glob_invalid_index2()44 void glob_invalid_index2() {
45 const int *ptr = glob_arr2;
46 int idx = 42;
47 auto x = ptr[idx]; // expected-warning{{garbage or undefined}}
48 }
49
50 const float glob_arr3[] = {
51 0.0000, 0.0235, 0.0470, 0.0706, 0.0941, 0.1176};
no_warn_garbage_value()52 float no_warn_garbage_value() {
53 return glob_arr3[0]; // no-warning (garbage or undefined)
54 }
55
56 int const glob_arr4[4][2] = {};
glob_array_index2()57 void glob_array_index2() {
58 clang_analyzer_eval(glob_arr4[0][0] == 0); // expected-warning{{TRUE}}
59 clang_analyzer_eval(glob_arr4[1][0] == 0); // expected-warning{{TRUE}}
60 clang_analyzer_eval(glob_arr4[1][1] == 0); // expected-warning{{TRUE}}
61 }
62
glob_invalid_index3()63 void glob_invalid_index3() {
64 int idx = -42;
65 auto x = glob_arr4[1][idx]; // expected-warning{{garbage or undefined}}
66 }
67
glob_invalid_index4()68 void glob_invalid_index4() {
69 const int *ptr = glob_arr4[1];
70 int idx = -42;
71 auto x = ptr[idx]; // expected-warning{{garbage or undefined}}
72 }
73
74 int const glob_arr5[4][2] = {{1}, 3, 4, 5};
glob_array_index3()75 void glob_array_index3() {
76 clang_analyzer_eval(glob_arr5[0][0] == 1); // expected-warning{{TRUE}}
77 clang_analyzer_eval(glob_arr5[0][1] == 0); // expected-warning{{TRUE}}
78 clang_analyzer_eval(glob_arr5[1][0] == 3); // expected-warning{{TRUE}}
79 clang_analyzer_eval(glob_arr5[1][1] == 4); // expected-warning{{TRUE}}
80 clang_analyzer_eval(glob_arr5[2][0] == 5); // expected-warning{{TRUE}}
81 clang_analyzer_eval(glob_arr5[2][1] == 0); // expected-warning{{TRUE}}
82 clang_analyzer_eval(glob_arr5[3][0] == 0); // expected-warning{{TRUE}}
83 clang_analyzer_eval(glob_arr5[3][1] == 0); // expected-warning{{TRUE}}
84 }
85
glob_ptr_index2()86 void glob_ptr_index2() {
87 int const *ptr = glob_arr5[1];
88 clang_analyzer_eval(ptr[0] == 3); // expected-warning{{TRUE}}
89 clang_analyzer_eval(ptr[1] == 4); // expected-warning{{TRUE}}
90 clang_analyzer_eval(ptr[2] == 5); // expected-warning{{UNDEFINED}}
91 clang_analyzer_eval(ptr[3] == 0); // expected-warning{{UNDEFINED}}
92 clang_analyzer_eval(ptr[4] == 0); // expected-warning{{UNDEFINED}}
93 }
94
glob_invalid_index5()95 void glob_invalid_index5() {
96 int idx = -42;
97 auto x = glob_arr5[1][idx]; // expected-warning{{garbage or undefined}}
98 }
99
glob_invalid_index6()100 void glob_invalid_index6() {
101 int const *ptr = &glob_arr5[1][0];
102 int idx = 42;
103 auto x = ptr[idx]; // expected-warning{{garbage or undefined}}
104 }
105
106 extern const int glob_arr_no_init[10];
glob_array_index4()107 void glob_array_index4() {
108 clang_analyzer_eval(glob_arr_no_init[2]); // expected-warning{{UNKNOWN}}
109 }
110
111 struct S2 {
112 static const int arr_no_init[10];
113 };
struct_arr_index1()114 void struct_arr_index1() {
115 clang_analyzer_eval(S2::arr_no_init[2]); // expected-warning{{UNKNOWN}}
116 }
117
118 char const glob_arr6[5] = "123";
glob_array_index5()119 void glob_array_index5() {
120 clang_analyzer_eval(glob_arr6[0] == '1'); // expected-warning{{TRUE}}
121 clang_analyzer_eval(glob_arr6[1] == '2'); // expected-warning{{TRUE}}
122 clang_analyzer_eval(glob_arr6[2] == '3'); // expected-warning{{TRUE}}
123 clang_analyzer_eval(glob_arr6[3] == '\0'); // expected-warning{{TRUE}}
124 clang_analyzer_eval(glob_arr6[4] == '\0'); // expected-warning{{TRUE}}
125 }
126
glob_ptr_index3()127 void glob_ptr_index3() {
128 char const *ptr = glob_arr6;
129 clang_analyzer_eval(ptr[-42] == '\0'); // expected-warning{{UNDEFINED}}
130 clang_analyzer_eval(ptr[0] == '1'); // expected-warning{{TRUE}}
131 clang_analyzer_eval(ptr[1] == '2'); // expected-warning{{TRUE}}
132 clang_analyzer_eval(ptr[2] == '3'); // expected-warning{{TRUE}}
133 clang_analyzer_eval(ptr[3] == '\0'); // expected-warning{{TRUE}}
134 clang_analyzer_eval(ptr[4] == '\0'); // expected-warning{{TRUE}}
135 clang_analyzer_eval(ptr[5] == '\0'); // expected-warning{{UNDEFINED}}
136 clang_analyzer_eval(ptr[6] == '\0'); // expected-warning{{UNDEFINED}}
137 }
138
glob_invalid_index7()139 void glob_invalid_index7() {
140 int idx = -42;
141 auto x = glob_arr6[idx]; // expected-warning{{garbage or undefined}}
142 }
143
glob_invalid_index8()144 void glob_invalid_index8() {
145 const char *ptr = glob_arr6;
146 int idx = 42;
147 auto x = ptr[idx]; // expected-warning{{garbage or undefined}}
148 }
149
150 char const glob_arr7[5] = {"123"};
glob_array_index6()151 void glob_array_index6() {
152 clang_analyzer_eval(glob_arr7[0] == '1'); // expected-warning{{TRUE}}
153 clang_analyzer_eval(glob_arr7[1] == '2'); // expected-warning{{TRUE}}
154 clang_analyzer_eval(glob_arr7[2] == '3'); // expected-warning{{TRUE}}
155 clang_analyzer_eval(glob_arr7[3] == '\0'); // expected-warning{{TRUE}}
156 clang_analyzer_eval(glob_arr7[4] == '\0'); // expected-warning{{TRUE}}
157 }
158
glob_invalid_index9()159 void glob_invalid_index9() {
160 int idx = -42;
161 auto x = glob_arr7[idx]; // expected-warning{{garbage or undefined}}
162 }
163
glob_invalid_index10()164 void glob_invalid_index10() {
165 const char *ptr = glob_arr7;
166 int idx = 42;
167 auto x = ptr[idx]; // expected-warning{{garbage or undefined}}
168 }
169
170 char const *const glob_ptr8 = "123";
glob_ptr_index4()171 void glob_ptr_index4() {
172 clang_analyzer_eval(glob_ptr8[0] == '1'); // expected-warning{{TRUE}}
173 clang_analyzer_eval(glob_ptr8[1] == '2'); // expected-warning{{TRUE}}
174 clang_analyzer_eval(glob_ptr8[2] == '3'); // expected-warning{{TRUE}}
175 clang_analyzer_eval(glob_ptr8[3] == '\0'); // expected-warning{{TRUE}}
176 // FIXME: Should be UNDEFINED.
177 // We should take into account a declaration in which the literal is used.
178 clang_analyzer_eval(glob_ptr8[4] == '\0'); // expected-warning{{TRUE}}
179 }
180
glob_invalid_index11()181 void glob_invalid_index11() {
182 int idx = -42;
183 auto x = glob_ptr8[idx]; // expected-warning{{garbage or undefined}}
184 }
185
glob_invalid_index12()186 void glob_invalid_index12() {
187 int idx = 42;
188 // FIXME: Should warn {{garbage or undefined}}
189 // We should take into account a declaration in which the literal is used.
190 auto x = glob_ptr8[idx]; // no-warning
191 }
192
193 const char16_t *const glob_ptr9 = u"абв";
glob_ptr_index5()194 void glob_ptr_index5() {
195 clang_analyzer_eval(glob_ptr9[0] == u'а'); // expected-warning{{TRUE}}
196 clang_analyzer_eval(glob_ptr9[1] == u'б'); // expected-warning{{TRUE}}
197 clang_analyzer_eval(glob_ptr9[2] == u'в'); // expected-warning{{TRUE}}
198 clang_analyzer_eval(glob_ptr9[3] == '\0'); // expected-warning{{TRUE}}
199 }
200
201 const char32_t *const glob_ptr10 = U"\U0001F607\U0001F608\U0001F609";
glob_ptr_index6()202 void glob_ptr_index6() {
203 clang_analyzer_eval(glob_ptr10[0] == U'\U0001F607'); // expected-warning{{TRUE}}
204 clang_analyzer_eval(glob_ptr10[1] == U'\U0001F608'); // expected-warning{{TRUE}}
205 clang_analyzer_eval(glob_ptr10[2] == U'\U0001F609'); // expected-warning{{TRUE}}
206 clang_analyzer_eval(glob_ptr10[3] == '\0'); // expected-warning{{TRUE}}
207 }
208
209 const wchar_t *const glob_ptr11 = L"\123\u0041\xFF";
glob_ptr_index7()210 void glob_ptr_index7() {
211 clang_analyzer_eval(glob_ptr11[0] == L'\123'); // expected-warning{{TRUE}}
212 clang_analyzer_eval(glob_ptr11[1] == L'\u0041'); // expected-warning{{TRUE}}
213 clang_analyzer_eval(glob_ptr11[2] == L'\xFF'); // expected-warning{{TRUE}}
214 clang_analyzer_eval(glob_ptr11[3] == L'\0'); // expected-warning{{TRUE}}
215 }
216
217 const char *const glob_ptr12 = u8"abc";
glob_ptr_index8()218 void glob_ptr_index8() {
219 clang_analyzer_eval(glob_ptr12[0] == 'a'); // expected-warning{{TRUE}}
220 clang_analyzer_eval(glob_ptr12[1] == 'b'); // expected-warning{{TRUE}}
221 clang_analyzer_eval(glob_ptr12[2] == 'c'); // expected-warning{{TRUE}}
222 clang_analyzer_eval(glob_ptr12[3] == '\0'); // expected-warning{{TRUE}}
223 }
224
225 typedef int Int;
226 typedef Int const CInt;
227 typedef CInt Arr[2];
228 typedef Arr Arr2[4];
229 Arr2 glob_arr8 = {{1}, 3, 4, 5}; // const int[4][2]
glob_array_typedef1()230 void glob_array_typedef1() {
231 clang_analyzer_eval(glob_arr8[0][0] == 1); // expected-warning{{TRUE}}
232 clang_analyzer_eval(glob_arr8[0][1] == 0); // expected-warning{{TRUE}}
233 clang_analyzer_eval(glob_arr8[1][0] == 3); // expected-warning{{TRUE}}
234 clang_analyzer_eval(glob_arr8[1][1] == 4); // expected-warning{{TRUE}}
235 clang_analyzer_eval(glob_arr8[2][0] == 5); // expected-warning{{TRUE}}
236 clang_analyzer_eval(glob_arr8[2][1] == 0); // expected-warning{{TRUE}}
237 clang_analyzer_eval(glob_arr8[3][0] == 0); // expected-warning{{TRUE}}
238 clang_analyzer_eval(glob_arr8[3][1] == 0); // expected-warning{{TRUE}}
239 }
240
241 const int glob_arr9[2][4] = {{(1), 2, ((3)), 4}, 5, 6, (((7)))};
glob_array_parentheses1()242 void glob_array_parentheses1() {
243 clang_analyzer_eval(glob_arr9[0][0] == 1); // expected-warning{{TRUE}}
244 clang_analyzer_eval(glob_arr9[0][1] == 2); // expected-warning{{TRUE}}
245 clang_analyzer_eval(glob_arr9[0][2] == 3); // expected-warning{{TRUE}}
246 clang_analyzer_eval(glob_arr9[0][3] == 4); // expected-warning{{TRUE}}
247 clang_analyzer_eval(glob_arr9[1][0] == 5); // expected-warning{{TRUE}}
248 clang_analyzer_eval(glob_arr9[1][1] == 6); // expected-warning{{TRUE}}
249 clang_analyzer_eval(glob_arr9[1][2] == 7); // expected-warning{{TRUE}}
250 clang_analyzer_eval(glob_arr9[1][3] == 0); // expected-warning{{TRUE}}
251 }
252
253 enum class E {};
254 const E glob[] = {{}};
initlistWithinInitlist()255 void initlistWithinInitlist() {
256 // no-crash
257 clang_analyzer_dump(glob[0]); // expected-warning-re {{reg_${{[0-9]+}}<enum E Element{glob,0 S64b,enum E}>}}
258 }
259