1 // RUN: %clang_cc1 -Wno-unused-value -std=c++14 -analyze -analyzer-checker=core,debug.ExprInspection,alpha.core.PointerArithm -verify %s 2 struct X { 3 int *p; 4 int zero; 5 void foo () { 6 reset(p - 1); 7 } 8 void reset(int *in) { 9 while (in != p) // Loop must be entered. 10 zero = 1; 11 } 12 }; 13 14 int test (int *in) { 15 X littleX; 16 littleX.zero = 0; 17 littleX.p = in; 18 littleX.foo(); 19 return 5/littleX.zero; // no-warning 20 } 21 22 23 class Base {}; 24 class Derived : public Base {}; 25 26 void checkPolymorphicUse() { 27 Derived d[10]; 28 29 Base *p = d; 30 ++p; // expected-warning{{Pointer arithmetic on a pointer to base class is dangerous}} 31 } 32 33 void checkBitCasts() { 34 long l; 35 char *p = (char*)&l; 36 p = p+2; 37 } 38 39 void checkBasicarithmetic(int i) { 40 int t[10]; 41 int *p = t; 42 ++p; 43 int a = 5; 44 p = &a; 45 ++p; // expected-warning{{Pointer arithmetic on non-array variables relies on memory layout, which is dangerous}} 46 p = p + 2; // expected-warning{{}} 47 p = 2 + p; // expected-warning{{}} 48 p += 2; // expected-warning{{}} 49 a += p[2]; // expected-warning{{}} 50 p = i*0 + p; 51 p = p + i*0; 52 p += i*0; 53 } 54 55 void checkArithOnSymbolic(int*p) { 56 ++p; 57 p = p + 2; 58 p = 2 + p; 59 p += 2; 60 (void)p[2]; 61 } 62 63 struct S { 64 int t[10]; 65 }; 66 67 void arrayInStruct() { 68 S s; 69 int * p = s.t; 70 ++p; 71 S *sp = new S; 72 p = sp->t; 73 ++p; 74 delete sp; 75 } 76 77 void checkNew() { 78 int *p = new int; 79 p[1] = 1; // expected-warning{{}} 80 } 81 82 void InitState(int* state) { 83 state[1] = 1; // expected-warning{{}} 84 } 85 86 int* getArray(int size) { 87 if (size == 0) 88 return new int; 89 return new int[5]; 90 } 91 92 void checkConditionalArray() { 93 int* maybeArray = getArray(0); 94 InitState(maybeArray); 95 } 96 97 void checkMultiDimansionalArray() { 98 int a[5][5]; 99 *(*(a+1)+2) = 2; 100 } 101
