1 // RUN: %clang_cc1 -triple x86_64-apple-darwin9 -analyze -analyzer-checker=core,alpha.core,debug.ExprInspection -analyzer-store=region -verify %s 2 // RUN: %clang_cc1 -triple i386-apple-darwin9 -analyze -analyzer-checker=core,alpha.core,debug.ExprInspection -analyzer-store=region -verify %s 3 4 extern void clang_analyzer_eval(_Bool); 5 6 // Test if the 'storage' region gets properly initialized after it is cast to 7 // 'struct sockaddr *'. 8 9 typedef unsigned char __uint8_t; 10 typedef unsigned int __uint32_t; 11 typedef __uint32_t __darwin_socklen_t; 12 typedef __uint8_t sa_family_t; 13 typedef __darwin_socklen_t socklen_t; 14 struct sockaddr { sa_family_t sa_family; }; 15 struct sockaddr_storage {}; 16 17 void getsockname(); 18 19 void f(int sock) { 20 struct sockaddr_storage storage; 21 struct sockaddr* sockaddr = (struct sockaddr*)&storage; 22 socklen_t addrlen = sizeof(storage); 23 getsockname(sock, sockaddr, &addrlen); 24 switch (sockaddr->sa_family) { // no-warning 25 default: 26 ; 27 } 28 } 29 30 struct s { 31 struct s *value; 32 }; 33 34 void f1(struct s **pval) { 35 int *tbool = ((void*)0); 36 struct s *t = *pval; 37 pval = &(t->value); 38 tbool = (int *)pval; // use the cast-to type 'int *' to create element region. 39 char c = (unsigned char) *tbool; // Should use cast-to type to create symbol. 40 if (*tbool == -1) // here load the element region with the correct type 'int' 41 (void)3; 42 } 43 44 void f2(const char *str) { 45 unsigned char ch, cl, *p; 46 47 p = (unsigned char *)str; 48 ch = *p++; // use cast-to type 'unsigned char' to create element region. 49 cl = *p++; 50 if(!cl) 51 cl = 'a'; 52 } 53 54 // Test cast VariableSizeArray to pointer does not crash. 55 void *memcpy(void *, void const *, unsigned long); 56 typedef unsigned char Byte; 57 void doit(char *data, int len) { 58 if (len) { 59 Byte buf[len]; 60 memcpy(buf, data, len); 61 } 62 } 63 64 // PR 6013 and 6035 - Test that a cast of a pointer to long and then to int does not crash SValuator. 65 void pr6013_6035_test(void *p) { 66 unsigned int foo; 67 foo = ((long)(p)); 68 (void) foo; 69 } 70 71 // PR12511 and radar://11215362 - Test that we support SymCastExpr, which represents symbolic int to float cast. 72 char ttt(int intSeconds) { 73 double seconds = intSeconds; 74 if (seconds) 75 return 0; 76 return 0; 77 } 78 79 int foo (int* p) { 80 int y = 0; 81 if (p == 0) { 82 if ((*((void**)&p)) == (void*)0) // Test that the cast to void preserves the symbolic region. 83 return 0; 84 else 85 return 5/y; // This code should be unreachable: no-warning. 86 } 87 return 0; 88 } 89 90 void castsToBool() { 91 clang_analyzer_eval(0); // expected-warning{{FALSE}} 92 clang_analyzer_eval(0U); // expected-warning{{FALSE}} 93 clang_analyzer_eval((void *)0); // expected-warning{{FALSE}} 94 95 clang_analyzer_eval(1); // expected-warning{{TRUE}} 96 clang_analyzer_eval(1U); // expected-warning{{TRUE}} 97 clang_analyzer_eval(-1); // expected-warning{{TRUE}} 98 clang_analyzer_eval(0x100); // expected-warning{{TRUE}} 99 clang_analyzer_eval(0x100U); // expected-warning{{TRUE}} 100 clang_analyzer_eval((void *)0x100); // expected-warning{{TRUE}} 101 102 extern int symbolicInt; 103 clang_analyzer_eval(symbolicInt); // expected-warning{{UNKNOWN}} 104 if (symbolicInt) 105 clang_analyzer_eval(symbolicInt); // expected-warning{{TRUE}} 106 107 extern void *symbolicPointer; 108 clang_analyzer_eval(symbolicPointer); // expected-warning{{UNKNOWN}} 109 if (symbolicPointer) 110 clang_analyzer_eval(symbolicPointer); // expected-warning{{TRUE}} 111 112 int localInt; 113 clang_analyzer_eval(&localInt); // expected-warning{{TRUE}} 114 clang_analyzer_eval(&castsToBool); // expected-warning{{TRUE}} 115 clang_analyzer_eval("abc"); // expected-warning{{TRUE}} 116 117 extern float globalFloat; 118 clang_analyzer_eval(globalFloat); // expected-warning{{UNKNOWN}} 119 } 120