clang/test/Analysis/uninit-const.c

   1 // RUN: %clang_analyze_cc1 -analyzer-output=text -verify %s \
   2 // RUN:   -analyzer-checker=core \
   3 // RUN:   -analyzer-checker=unix.Malloc \
   4 // RUN:   -analyzer-checker=debug.ExprInspection \
   5 // RUN:   -analyzer-config core.CallAndMessage:ArgPointeeInitializedness=true
   6
   7 void clang_analyzer_warnIfReached(void);
   8
   9 // Passing uninitialized const data to function
  10 #include "Inputs/system-header-simulator.h"
  11
  12 typedef __typeof(sizeof(int)) size_t;
  13 void *malloc(size_t);
  14 void *valloc(size_t);
  15 void free(void *);
  16
  17
  18 void doStuff3(const int y){}
  19 void doStuff2(int g){}
  20 void doStuff_pointerToConstInt(const int *u){};
  21 void doStuff_arrayOfConstInt(const int a[]){};
  22
  23 void doStuff_constPointerToConstInt              (int const * const u){};
  24 void doStuff_constPointerToConstPointerToConstInt(int const * const * const u){};
  25 void doStuff_pointerToConstPointerToConstInt(int const * const * u){};
  26 void doStuff_pointerToPointerToConstInt       (int const **u){};
  27 void doStuff_constStaticSizedArray(const int a[static 10]) {}
  28 void doStuff_variadic(const int *u, ...){};
  29
  30 void f_1(void) {
  31   int t;               // expected-note {{'t' declared without an initial value}}
  32   int* tp = &t;        // expected-note {{'tp' initialized here}}
  33   doStuff_pointerToConstInt(tp);  // expected-warning {{1st function call argument is a pointer to uninitialized value}}
  34                        // expected-note@-1 {{1st function call argument is a pointer to uninitialized value}}
  35 }
  36
  37 void f_1_1(void) {
  38   int t;                 // expected-note {{'t' declared without an initial value}}
  39   int *tp1 = &t;         // expected-note {{'tp1' initialized here}}
  40   int *tp2 = tp1;        // expected-note {{'tp2' initialized to the value of 'tp1'}}
  41   doStuff_pointerToConstInt(tp2);  // expected-warning {{1st function call argument is a pointer to uninitialized value}}
  42                        // expected-note@-1 {{1st function call argument is a pointer to uninitialized value}}
  43 }
  44
  45
  46 int *f_2_sub(int *p) {
  47   return p; // expected-note {{Returning pointer (loaded from 'p')}}
  48 }
  49
  50 void f_2(void) {
  51   int t;                // expected-note {{'t' declared without an initial value}}
  52   int *p = f_2_sub(&t); // expected-note {{Passing value via 1st parameter 'p'}}
  53                         // expected-note@-1{{Calling 'f_2_sub'}}
  54                         // expected-note@-2{{Returning from 'f_2_sub'}}
  55                         // expected-note@-3{{'p' initialized here}}
  56   int *tp = p;          // expected-note {{'tp' initialized to the value of 'p'}}
  57   doStuff_pointerToConstInt(tp); // expected-warning {{1st function call argument is a pointer to uninitialized value}}
  58                       // expected-note@-1 {{1st function call argument is a pointer to uninitialized value}}
  59 }
  60
  61 int z;
  62 void f_3(void) {
  63       doStuff_pointerToConstInt(&z);  // no warning
  64 }
  65
  66 void f_4(void) {
  67       int x=5;
  68       doStuff_pointerToConstInt(&x);  // no warning
  69 }
  70
  71 void f_5(void) {
  72   int ta[5];           // expected-note {{'ta' initialized here}}
  73   int *tp = ta;        // expected-note {{'tp' initialized here}}
  74   doStuff_pointerToConstInt(tp);  // expected-warning {{1st function call argument is a pointer to uninitialized value}}
  75                        // expected-note@-1 {{1st function call argument is a pointer to uninitialized value}}
  76 }
  77
  78 void f_5_1(void) {
  79   int ta[5];        // expected-note {{'ta' initialized here}}
  80   doStuff_pointerToConstInt(ta);  // expected-warning {{1st function call argument is a pointer to uninitialized value}}
  81                        // expected-note@-1 {{1st function call argument is a pointer to uninitialized value}}
  82 }
  83
  84 void f_6(void) {
  85   int ta[5] = {1,2,3,4,5};
  86   int* tp = ta;
  87   doStuff_pointerToConstInt(tp); // no-warning
  88 }
  89
  90 void f_6_1(void) {
  91   int ta[5] = {1,2,3,4,5};
  92   doStuff_pointerToConstInt(ta); // no-warning
  93 }
  94
  95 void f_7(void) {
  96       int z;        // expected-note {{'z' declared without an initial value}}
  97       int y=z;      // expected-warning {{Assigned value is garbage or undefined}}
  98                     // expected-note@-1 {{Assigned value is garbage or undefined}}
  99       doStuff3(y);
 100 }
 101
 102 void f_8(void) {
 103       int g;       // expected-note {{'g' declared without an initial value}}
 104       doStuff2(g); // expected-warning {{1st function call argument is an uninitialized value}}
 105                    // expected-note@-1 {{1st function call argument is an uninitialized value}}
 106 }
 107
 108 void f_9(void) {
 109   int a[6];                        // expected-note {{'a' initialized here}}
 110   int const *ptau = a;             // expected-note {{'ptau' initialized here}}
 111   doStuff_arrayOfConstInt(ptau);    // expected-warning {{1st function call argument is a pointer to uninitialized value}}
 112                                    // expected-note@-1 {{1st function call argument is a pointer to uninitialized value}}
 113 }
 114
 115 void f_10(void) {
 116   int  a[6];                     // expected-note {{'a' initialized here}}
 117   doStuff_arrayOfConstInt(a);    // expected-warning {{1st function call argument is a pointer to uninitialized value}}
 118                                  // expected-note@-1 {{1st function call argument is a pointer to uninitialized value}}
 119 }
 120
 121 void f_11(void) {
 122   int t[10];                    //expected-note {{'t' initialized here}}
 123   doStuff_constStaticSizedArray(t);  // expected-warning {{1st function call argument is a pointer to uninitialized value}}
 124                                 // expected-note@-1 {{1st function call argument is a pointer to uninitialized value}}
 125 }
 126
 127 void f_12(void) {
 128   int t[10] = {0,1,2,3,4,5,6,7,8,9};
 129   doStuff_constStaticSizedArray(t);  // no-warning
 130
 131 }
 132
 133 // https://bugs.llvm.org/show_bug.cgi?id=35419
 134 void f11_0(void) {
 135   int x; // expected-note {{'x' declared without an initial value}}
 136   x++; // expected-warning {{The expression is an uninitialized value. The computed value will also be garbage}}
 137        // expected-note@-1 {{The expression is an uninitialized value. The computed value will also be garbage}}
 138   clang_analyzer_warnIfReached(); // no-warning
 139 }
 140 void f11_1(void) {
 141   int x; // expected-note {{'x' declared without an initial value}}
 142   ++x; // expected-warning {{The expression is an uninitialized value. The computed value will also be garbage}}
 143        // expected-note@-1 {{The expression is an uninitialized value. The computed value will also be garbage}}
 144   clang_analyzer_warnIfReached(); // no-warning
 145 }
 146 void f11_2(void) {
 147   int x; // expected-note {{'x' declared without an initial value}}
 148   x--; // expected-warning {{The expression is an uninitialized value. The computed value will also be garbage}}
 149        // expected-note@-1 {{The expression is an uninitialized value. The computed value will also be garbage}}
 150   clang_analyzer_warnIfReached(); // no-warning
 151 }
 152 void f11_3(void) {
 153   int x; // expected-note {{'x' declared without an initial value}}
 154   --x; // expected-warning {{The expression is an uninitialized value. The computed value will also be garbage}}
 155        // expected-note@-1 {{The expression is an uninitialized value. The computed value will also be garbage}}
 156   clang_analyzer_warnIfReached(); // no-warning
 157 }
 158
 159 int f_malloc_1(void) {
 160   int *ptr;
 161
 162   ptr = (int *)malloc(sizeof(int)); // expected-note {{Value assigned to 'ptr'}}
 163
 164   doStuff_pointerToConstInt(ptr); // expected-warning {{1st function call argument is a pointer to uninitialized value}}
 165                        // expected-note@-1 {{1st function call argument is a pointer to uninitialized value}}
 166   free(ptr);
 167   return 0;
 168 }
 169
 170 int f_malloc_2(void) {
 171   int *ptr;
 172
 173   ptr = (int *)malloc(sizeof(int));
 174   *ptr = 25;
 175
 176   doStuff_pointerToConstInt(ptr); // no warning
 177   free(ptr);
 178   return 0;
 179 }
 180
 181 // uninit pointer, uninit val
 182 void f_variadic_unp_unv(void) {
 183   int t; // expected-note {{'t' declared without an initial value}}
 184   int v;
 185   int* tp = &t;           // expected-note {{'tp' initialized here}}
 186   doStuff_variadic(tp,v);  // expected-warning {{1st function call argument is a pointer to uninitialized value}}
 187                           // expected-note@-1 {{1st function call argument is a pointer to uninitialized value}}
 188 }
 189 // uninit pointer, init val
 190 void f_variadic_unp_inv(void) {
 191   int t; // expected-note {{'t' declared without an initial value}}
 192   int v = 3;
 193   int* tp = &t;           // expected-note {{'tp' initialized here}}
 194   doStuff_variadic(tp,v);  // expected-warning {{1st function call argument is a pointer to uninitialized value}}
 195                           // expected-note@-1 {{1st function call argument is a pointer to uninitialized value}}
 196 }
 197
 198 // init pointer, uninit val
 199 void f_variadic_inp_unv(void) {
 200   int t=5;
 201   int v;                  // expected-note {{'v' declared without an initial value}}
 202   int* tp = &t;
 203   doStuff_variadic(tp,v);// expected-warning {{2nd function call argument is an uninitialized value}}
 204                           // expected-note@-1 {{2nd function call argument is an uninitialized value}}
 205 }
 206
 207 // init pointer, init val
 208 void f_variadic_inp_inv(void) {
 209   int t=5;
 210   int v = 3;
 211   int* tp = &t;
 212   doStuff_variadic(tp,v); // no-warning
 213 }
 214
 215 // init pointer, init pointer
 216 void f_variadic_inp_inp(void) {
 217   int t=5;
 218   int u=3;
 219   int *vp = &u ;
 220   int *tp = &t;
 221   doStuff_variadic(tp,vp); // no-warning
 222 }
 223
 224 //uninit pointer, init pointer
 225 void f_variadic_unp_inp(void) {
 226   int t; // expected-note {{'t' declared without an initial value}}
 227   int u=3;
 228   int *vp = &u ;
 229   int *tp = &t;             // expected-note {{'tp' initialized here}}
 230   doStuff_variadic(tp,vp); // expected-warning {{1st function call argument is a pointer to uninitialized value}}
 231                             // expected-note@-1 {{1st function call argument is a pointer to uninitialized value}}
 232 }
 233
 234 //init pointer, uninit pointer
 235 void f_variadic_inp_unp(void) {
 236   int t=5;
 237   int u;
 238   int *vp = &u ;
 239   int *tp = &t;
 240   doStuff_variadic(tp,vp); // no-warning
 241 }
 242
 243 //uninit pointer, uninit pointer
 244 void f_variadic_unp_unp(void) {
 245   int t; // expected-note {{'t' declared without an initial value}}
 246   int u;
 247   int *vp = &u ;
 248   int *tp = &t;             // expected-note {{'tp' initialized here}}
 249   doStuff_variadic(tp,vp); // expected-warning {{1st function call argument is a pointer to uninitialized value}}
 250                             // expected-note@-1 {{1st function call argument is a pointer to uninitialized value}}
 251 }