1 // RUN: %clang_cc1 -triple x86_64-apple-darwin9 -analyze -analyzer-checker=core,alpha.core,debug.ExprInspection -analyzer-store=region -verify %s
2 // RUN: %clang_cc1 -triple i386-apple-darwin9 -analyze -analyzer-checker=core,alpha.core,debug.ExprInspection -analyzer-store=region -verify %s
3
4 extern void clang_analyzer_eval(_Bool);
5
6 // Test if the 'storage' region gets properly initialized after it is cast to
7 // 'struct sockaddr *'.
8
9 typedef unsigned char __uint8_t;
10 typedef unsigned int __uint32_t;
11 typedef __uint32_t __darwin_socklen_t;
12 typedef __uint8_t sa_family_t;
13 typedef __darwin_socklen_t socklen_t;
14 struct sockaddr { sa_family_t sa_family; };
15 struct sockaddr_storage {};
16
17 void getsockname();
18
f(int sock)19 void f(int sock) {
20 struct sockaddr_storage storage;
21 struct sockaddr* sockaddr = (struct sockaddr*)&storage;
22 socklen_t addrlen = sizeof(storage);
23 getsockname(sock, sockaddr, &addrlen);
24 switch (sockaddr->sa_family) { // no-warning
25 default:
26 ;
27 }
28 }
29
30 struct s {
31 struct s *value;
32 };
33
f1(struct s ** pval)34 void f1(struct s **pval) {
35 int *tbool = ((void*)0);
36 struct s *t = *pval;
37 pval = &(t->value);
38 tbool = (int *)pval; // use the cast-to type 'int *' to create element region.
39 char c = (unsigned char) *tbool; // Should use cast-to type to create symbol.
40 if (*tbool == -1) // here load the element region with the correct type 'int'
41 (void)3;
42 }
43
f2(const char * str)44 void f2(const char *str) {
45 unsigned char ch, cl, *p;
46
47 p = (unsigned char *)str;
48 ch = *p++; // use cast-to type 'unsigned char' to create element region.
49 cl = *p++;
50 if(!cl)
51 cl = 'a';
52 }
53
54 // Test cast VariableSizeArray to pointer does not crash.
55 void *memcpy(void *, void const *, unsigned long);
56 typedef unsigned char Byte;
doit(char * data,int len)57 void doit(char *data, int len) {
58 if (len) {
59 Byte buf[len];
60 memcpy(buf, data, len);
61 }
62 }
63
64 // PR 6013 and 6035 - Test that a cast of a pointer to long and then to int does not crash SValuator.
pr6013_6035_test(void * p)65 void pr6013_6035_test(void *p) {
66 unsigned int foo;
67 foo = ((long)(p));
68 (void) foo;
69 }
70
71 // PR12511 and radar://11215362 - Test that we support SymCastExpr, which represents symbolic int to float cast.
ttt(int intSeconds)72 char ttt(int intSeconds) {
73 double seconds = intSeconds;
74 if (seconds)
75 return 0;
76 return 0;
77 }
78
foo(int * p)79 int foo (int* p) {
80 int y = 0;
81 if (p == 0) {
82 if ((*((void**)&p)) == (void*)0) // Test that the cast to void preserves the symbolic region.
83 return 0;
84 else
85 return 5/y; // This code should be unreachable: no-warning.
86 }
87 return 0;
88 }
89
castsToBool()90 void castsToBool() {
91 clang_analyzer_eval(0); // expected-warning{{FALSE}}
92 clang_analyzer_eval(0U); // expected-warning{{FALSE}}
93 clang_analyzer_eval((void *)0); // expected-warning{{FALSE}}
94
95 clang_analyzer_eval(1); // expected-warning{{TRUE}}
96 clang_analyzer_eval(1U); // expected-warning{{TRUE}}
97 clang_analyzer_eval(-1); // expected-warning{{TRUE}}
98 clang_analyzer_eval(0x100); // expected-warning{{TRUE}}
99 clang_analyzer_eval(0x100U); // expected-warning{{TRUE}}
100 clang_analyzer_eval((void *)0x100); // expected-warning{{TRUE}}
101
102 extern int symbolicInt;
103 clang_analyzer_eval(symbolicInt); // expected-warning{{UNKNOWN}}
104 if (symbolicInt)
105 clang_analyzer_eval(symbolicInt); // expected-warning{{TRUE}}
106
107 extern void *symbolicPointer;
108 clang_analyzer_eval(symbolicPointer); // expected-warning{{UNKNOWN}}
109 if (symbolicPointer)
110 clang_analyzer_eval(symbolicPointer); // expected-warning{{TRUE}}
111
112 int localInt;
113 int* ptr = &localInt;
114 clang_analyzer_eval(ptr); // expected-warning{{TRUE}}
115 clang_analyzer_eval(&castsToBool); // expected-warning{{TRUE}}
116 clang_analyzer_eval("abc"); // expected-warning{{TRUE}}
117
118 extern float globalFloat;
119 clang_analyzer_eval(globalFloat); // expected-warning{{UNKNOWN}}
120 }
121