1 // RUN: %clang_cc1 -analyze -analyzer-checker=cplusplus.NewDelete,core,alpha.core.CallAndMessageUnInitRefArg -analyzer-output=text -verify %s
2 // Passing uninitialized const data to unknown function
3
4 #include "Inputs/system-header-simulator-cxx.h"
5
6 void doStuff6(const int& c);
7 void doStuff4(const int y);
8 void doStuff3(int& g);
9 void doStuff_uninit(const int *u);
10
11
f10(void)12 int f10(void) {
13 int *ptr;
14
15 ptr = new int; //
16 if(*ptr) {
17 doStuff4(*ptr);
18 }
19 delete ptr;
20 return 0;
21 }
22
f9(void)23 int f9(void) {
24 int *ptr;
25
26 ptr = new int; //
27
28 doStuff_uninit(ptr); // no warning
29 delete ptr;
30 return 0;
31 }
32
f8(void)33 int f8(void) {
34 int *ptr;
35
36 ptr = new int;
37 *ptr = 25;
38
39 doStuff_uninit(ptr); // no warning?
40 delete ptr;
41 return 0;
42 }
43
f7(void)44 void f7(void) {
45 int m = 3;
46 doStuff6(m); // no warning
47 }
48
49
f6_1_sub(int & p)50 int& f6_1_sub(int &p) {
51 return p;
52 }
53
f6_1(void)54 void f6_1(void) {
55 int t;
56 int p = f6_1_sub(t); //expected-warning {{Assigned value is garbage or undefined}}
57 //expected-note@-1 {{Calling 'f6_1_sub'}}
58 //expected-note@-2 {{Returning from 'f6_1_sub'}}
59 //expected-note@-3 {{Assigned value is garbage or undefined}}
60 int q = p;
61 doStuff6(q);
62 }
63
f6_2(void)64 void f6_2(void) {
65 int t; //expected-note {{'t' declared without an initial value}}
66 int &p = t;
67 int &s = p;
68 int &q = s; //expected-note {{'q' initialized here}}
69 doStuff6(q); //expected-warning {{Function call argument is an uninitialized value}}
70 //expected-note@-1 {{Function call argument is an uninitialized value}}
71 }
72
doStuff6_3(int & q_,int * ptr_)73 void doStuff6_3(int& q_, int *ptr_) {}
74
f6_3(void)75 void f6_3(void) {
76 int *ptr; //expected-note {{'ptr' declared without an initial value}}
77 int t;
78 int &p = t;
79 int &s = p;
80 int &q = s;
81 doStuff6_3(q,ptr); //expected-warning {{Function call argument is an uninitialized value}}
82 //expected-note@-1 {{Function call argument is an uninitialized value}}
83
84 }
85
f6(void)86 void f6(void) {
87 int k; // expected-note {{'k' declared without an initial value}}
88 doStuff6(k); // expected-warning {{Function call argument is an uninitialized value}}
89 // expected-note@-1 {{Function call argument is an uninitialized value}}
90
91 }
92
93
94
f5(void)95 void f5(void) {
96 int t;
97 int* tp = &t; // expected-note {{'tp' initialized here}}
98 doStuff_uninit(tp); // expected-warning {{Function call argument is a pointer to uninitialized value}}
99 // expected-note@-1 {{Function call argument is a pointer to uninitialized value}}
100 }
101
102
f4(void)103 void f4(void) {
104 int y; // expected-note {{'y' declared without an initial value}}
105 doStuff4(y); // expected-warning {{Function call argument is an uninitialized value}}
106 // expected-note@-1 {{Function call argument is an uninitialized value}}
107 }
108
f3(void)109 void f3(void) {
110 int g;
111 doStuff3(g); // no warning
112 }
113
114 int z;
f2(void)115 void f2(void) {
116 doStuff_uninit(&z); // no warning
117 }
118
f1(void)119 void f1(void) {
120 int x_=5;
121 doStuff_uninit(&x_); // no warning
122 }
123
f_uninit(void)124 void f_uninit(void) {
125 int x;
126 doStuff_uninit(&x); // expected-warning {{Function call argument is a pointer to uninitialized value}}
127 // expected-note@-1 {{Function call argument is a pointer to uninitialized value}}
128 }
129