Home | History | Annotate | Download | only in Analysis
      1 // RUN: %clang_cc1 -analyze -analyzer-checker=unix.Malloc,core,alpha.core.CallAndMessageUnInitRefArg -analyzer-output=text -verify %s
      2 
      3 // Passing uninitialized const data to function
      4 #include "Inputs/system-header-simulator.h"
      5 
      6 typedef __typeof(sizeof(int)) size_t;
      7 void *malloc(size_t);
      8 void *valloc(size_t);
      9 void free(void *);
     10 
     11 
     12 void doStuff3(const int y){}
     13 void doStuff2(int g){}
     14 void doStuff_pointerToConstInt(const int *u){};
     15 void doStuff_arrayOfConstInt(const int a[]){};
     16 
     17 void doStuff_constPointerToConstInt              (int const * const u){};
     18 void doStuff_constPointerToConstPointerToConstInt(int const * const * const u){};
     19 void doStuff_pointerToConstPointerToConstInt(int const * const * u){};
     20 void doStuff_pointerToPointerToConstInt       (int const **u){};
     21 void doStuff_constStaticSizedArray(const int a[static 10]) {}
     22 void doStuff_variadic(const int *u, ...){};
     23 
     24 void f_1(void) {
     25   int t;
     26   int* tp = &t;        // expected-note {{'tp' initialized here}}
     27   doStuff_pointerToConstInt(tp);  // expected-warning {{Function call argument is a pointer to uninitialized value}}
     28                        // expected-note@-1 {{Function call argument is a pointer to uninitialized value}}
     29 }
     30 
     31 void f_1_1(void) {
     32   int t;
     33   int* tp1 = &t;
     34   int* tp2 = tp1;        // expected-note {{'tp2' initialized here}}
     35   doStuff_pointerToConstInt(tp2);  // expected-warning {{Function call argument is a pointer to uninitialized value}}
     36                        // expected-note@-1 {{Function call argument is a pointer to uninitialized value}}
     37 }
     38 
     39 
     40 int *f_2_sub(int *p) {
     41   return p;
     42 }
     43 
     44 void f_2(void) {
     45   int t;
     46   int* p = f_2_sub(&t);
     47   int* tp = p; // expected-note {{'tp' initialized here}}
     48   doStuff_pointerToConstInt(tp); // expected-warning {{Function call argument is a pointer to uninitialized value}}
     49                       // expected-note@-1 {{Function call argument is a pointer to uninitialized value}}
     50 }
     51 
     52 int z;
     53 void f_3(void) {
     54       doStuff_pointerToConstInt(&z);  // no warning
     55 }
     56 
     57 void f_4(void) {
     58       int x=5;
     59       doStuff_pointerToConstInt(&x);  // no warning
     60 }
     61 
     62 void f_5(void) {
     63   int ta[5];
     64   int* tp = ta;        // expected-note {{'tp' initialized here}}
     65   doStuff_pointerToConstInt(tp);  // expected-warning {{Function call argument is a pointer to uninitialized value}}
     66                        // expected-note@-1 {{Function call argument is a pointer to uninitialized value}}
     67 }
     68 
     69 void f_5_1(void) {
     70   int ta[5];        // expected-note {{'ta' initialized here}}
     71   doStuff_pointerToConstInt(ta);  // expected-warning {{Function call argument is a pointer to uninitialized value}}
     72                        // expected-note@-1 {{Function call argument is a pointer to uninitialized value}}
     73 }
     74 
     75 void f_6(void) {
     76   int ta[5] = {1,2,3,4,5};
     77   int* tp = ta;
     78   doStuff_pointerToConstInt(tp); // no-warning
     79 }
     80 
     81 void f_6_1(void) {
     82   int ta[5] = {1,2,3,4,5};
     83   doStuff_pointerToConstInt(ta); // no-warning
     84 }
     85 
     86 void f_7(void) {
     87       int z;        // expected-note {{'z' declared without an initial value}}
     88       int y=z;      // expected-warning {{Assigned value is garbage or undefined}}
     89                     // expected-note@-1 {{Assigned value is garbage or undefined}}
     90       doStuff3(y);
     91 }
     92 
     93 void f_8(void) {
     94       int g;       // expected-note {{'g' declared without an initial value}}
     95       doStuff2(g); // expected-warning {{Function call argument is an uninitialized value}}
     96                    // expected-note@-1 {{Function call argument is an uninitialized value}}
     97 }
     98 
     99 void f_9(void) {
    100   int  a[6];
    101   int const *ptau = a;             // expected-note {{'ptau' initialized here}}
    102   doStuff_arrayOfConstInt(ptau);    // expected-warning {{Function call argument is a pointer to uninitialized value}}
    103                                    // expected-note@-1 {{Function call argument is a pointer to uninitialized value}}
    104 }
    105 
    106 void f_10(void) {
    107   int  a[6];                     // expected-note {{'a' initialized here}}
    108   doStuff_arrayOfConstInt(a);    // expected-warning {{Function call argument is a pointer to uninitialized value}}
    109                                  // expected-note@-1 {{Function call argument is a pointer to uninitialized value}}
    110 }
    111 
    112 void f_11(void) {
    113   int t[10];                    //expected-note {{'t' initialized here}}
    114   doStuff_constStaticSizedArray(t);  // expected-warning {{Function call argument is a pointer to uninitialized value}}
    115                                 // expected-note@-1 {{Function call argument is a pointer to uninitialized value}}
    116 }
    117 
    118 void f_12(void) {
    119   int t[10] = {0,1,2,3,4,5,6,7,8,9};
    120   doStuff_constStaticSizedArray(t);  // no-warning
    121 
    122 }
    123 
    124 int f_malloc_1(void) {
    125   int *ptr;
    126 
    127   ptr = (int *)malloc(sizeof(int)); // expected-note {{Value assigned to 'ptr'}}
    128 
    129   doStuff_pointerToConstInt(ptr); // expected-warning {{Function call argument is a pointer to uninitialized value}}
    130                        // expected-note@-1 {{Function call argument is a pointer to uninitialized value}}
    131   free(ptr);
    132   return 0;
    133 }
    134 
    135 int f_malloc_2(void) {
    136   int *ptr;
    137 
    138   ptr = (int *)malloc(sizeof(int));
    139   *ptr = 25;
    140 
    141   doStuff_pointerToConstInt(ptr); // no warning
    142   free(ptr);
    143   return 0;
    144 }
    145 
    146 // uninit pointer, uninit val
    147 void f_variadic_unp_unv(void) {
    148   int t;
    149   int v;
    150   int* tp = &t;           // expected-note {{'tp' initialized here}}
    151   doStuff_variadic(tp,v);  // expected-warning {{Function call argument is a pointer to uninitialized value}}
    152                           // expected-note@-1 {{Function call argument is a pointer to uninitialized value}}
    153 }
    154 // uninit pointer, init val
    155 void f_variadic_unp_inv(void) {
    156   int t;
    157   int v = 3;
    158   int* tp = &t;           // expected-note {{'tp' initialized here}}
    159   doStuff_variadic(tp,v);  // expected-warning {{Function call argument is a pointer to uninitialized value}}
    160                           // expected-note@-1 {{Function call argument is a pointer to uninitialized value}}
    161 }
    162 
    163 // init pointer, uninit val
    164 void f_variadic_inp_unv(void) {
    165   int t=5;
    166   int v;                  // expected-note {{'v' declared without an initial value}}
    167   int* tp = &t;
    168   doStuff_variadic(tp,v);// expected-warning {{Function call argument is an uninitialized value}}
    169                           // expected-note@-1 {{Function call argument is an uninitialized value}}
    170 }
    171 
    172 // init pointer, init val
    173 void f_variadic_inp_inv(void) {
    174   int t=5;
    175   int v = 3;
    176   int* tp = &t;
    177   doStuff_variadic(tp,v); // no-warning
    178 }
    179 
    180 // init pointer, init pointer
    181 void f_variadic_inp_inp(void) {
    182   int t=5;
    183   int u=3;
    184   int *vp = &u ;
    185   int *tp = &t;
    186   doStuff_variadic(tp,vp); // no-warning
    187 }
    188 
    189 //uninit pointer, init pointer
    190 void f_variadic_unp_inp(void) {
    191   int t;
    192   int u=3;
    193   int *vp = &u ;
    194   int *tp = &t;             // expected-note {{'tp' initialized here}}
    195   doStuff_variadic(tp,vp); // expected-warning {{Function call argument is a pointer to uninitialized value}}
    196                             // expected-note@-1 {{Function call argument is a pointer to uninitialized value}}
    197 }
    198 
    199 //init pointer, uninit pointer
    200 void f_variadic_inp_unp(void) {
    201   int t=5;
    202   int u;
    203   int *vp = &u ;
    204   int *tp = &t;
    205   doStuff_variadic(tp,vp); // no-warning
    206 }
    207 
    208 //uninit pointer, uninit pointer
    209 void f_variadic_unp_unp(void) {
    210   int t;
    211   int u;
    212   int *vp = &u ;
    213   int *tp = &t;             // expected-note {{'tp' initialized here}}
    214   doStuff_variadic(tp,vp); // expected-warning {{Function call argument is a pointer to uninitialized value}}
    215                             // expected-note@-1 {{Function call argument is a pointer to uninitialized value}}
    216 }
    217