1 // RUN: %clang_analyze_cc1 -verify -analyzer-checker=core,alpha.security.ArrayBound -analyzer-store=region %s 2 3 struct tea_cheese { unsigned magic; }; 4 typedef struct tea_cheese kernel_tea_cheese_t; 5 extern kernel_tea_cheese_t _wonky_gesticulate_cheese; 6 7 // This test case exercises the ElementRegion::getRValueType() logic. 8 test1(void)9void test1( void ) { 10 kernel_tea_cheese_t *wonky = &_wonky_gesticulate_cheese; 11 struct load_wine *cmd = (void*) &wonky[1]; 12 cmd = cmd; 13 char *p = (void*) &wonky[1]; 14 kernel_tea_cheese_t *q = &wonky[1]; 15 // This test case tests both the RegionStore logic (doesn't crash) and 16 // the out-of-bounds checking. We don't expect the warning for now since 17 // out-of-bound checking is temporarily disabled. 18 kernel_tea_cheese_t r = *q; // expected-warning{{Access out-of-bound array element (buffer overflow)}} 19 } 20 test1_b(void)21void test1_b( void ) { 22 kernel_tea_cheese_t *wonky = &_wonky_gesticulate_cheese; 23 struct load_wine *cmd = (void*) &wonky[1]; 24 cmd = cmd; 25 char *p = (void*) &wonky[1]; 26 *p = 1; // expected-warning{{Access out-of-bound array element (buffer overflow)}} 27 } 28