1// RUN: %clang_cc1 -triple x86_64-apple-darwin10 -analyze -analyzer-checker=core -analyzer-store=region -fblocks -verify %s 2 3//===----------------------------------------------------------------------===// 4// The following code is reduced using delta-debugging from Mac OS X headers: 5//===----------------------------------------------------------------------===// 6 7typedef __builtin_va_list va_list; 8typedef unsigned int uint32_t; 9typedef struct dispatch_queue_s *dispatch_queue_t; 10typedef struct dispatch_queue_attr_s *dispatch_queue_attr_t; 11typedef void (^dispatch_block_t)(void); 12void dispatch_async(dispatch_queue_t queue, dispatch_block_t block); 13__attribute__((visibility("default"))) __attribute__((__malloc__)) __attribute__((__warn_unused_result__)) __attribute__((__nothrow__)) dispatch_queue_t dispatch_queue_create(const char *label, dispatch_queue_attr_t attr); 14typedef long dispatch_once_t; 15void dispatch_once(dispatch_once_t *predicate, dispatch_block_t block); 16typedef signed char BOOL; 17typedef unsigned long NSUInteger; 18typedef struct _NSZone NSZone; 19@class NSInvocation, NSMethodSignature, NSCoder, NSString, NSEnumerator; 20@protocol NSObject 21- (BOOL)isEqual:(id)object; 22- (oneway void)release; 23@end 24@protocol NSCopying - (id)copyWithZone:(NSZone *)zone; @end 25@protocol NSMutableCopying - (id)mutableCopyWithZone:(NSZone *)zone; @end 26@protocol NSCoding - (void)encodeWithCoder:(NSCoder *)aCoder; @end 27@interface NSObject <NSObject> {} 28+ (id)alloc; 29@end 30extern id NSAllocateObject(Class aClass, NSUInteger extraBytes, NSZone *zone); 31@interface NSString : NSObject <NSCopying, NSMutableCopying, NSCoding> - (NSUInteger)length; 32- ( const char *)UTF8String; 33- (id)initWithFormat:(NSString *)format arguments:(va_list)argList __attribute__((format(__NSString__, 1, 0))); 34@end 35@class NSString, NSData; 36typedef struct cssm_sample {} CSSM_SAMPLEGROUP, *CSSM_SAMPLEGROUP_PTR; 37typedef struct __aslclient *aslclient; 38typedef struct __aslmsg *aslmsg; 39aslclient asl_open(const char *ident, const char *facility, uint32_t opts); 40int asl_log(aslclient asl, aslmsg msg, int level, const char *format, ...) __attribute__((__format__ (__printf__, 4, 5))); 41 42//===----------------------------------------------------------------------===// 43// Begin actual test cases. 44//===----------------------------------------------------------------------===// 45 46// test1 - This test case exposed logic that caused the analyzer to crash because of a memory bug 47// in BlockDataRegion. It represents real code that contains two block literals. Eventually 48// via IPA 'logQueue' and 'client' should be updated after the call to 'dispatch_once'. 49void test1(NSString *format, ...) { 50 static dispatch_queue_t logQueue; 51 static aslclient client; 52 static dispatch_once_t pred; 53 do { 54 if (__builtin_expect(*(&pred), ~0l) != ~0l) 55 dispatch_once(&pred, ^{ 56 logQueue = dispatch_queue_create("com.mycompany.myproduct.asl", ((void*)0)); 57 client = asl_open(((void*)0), "com.mycompany.myproduct", 0); 58 }); 59 } while (0); 60 61 va_list args; 62 __builtin_va_start(args, format); 63 64 NSString *str = [[NSString alloc] initWithFormat:format arguments:args]; 65 dispatch_async(logQueue, ^{ asl_log(client, ((void*)0), 4, "%s", [str UTF8String]); }); 66 [str release]; 67 68 __builtin_va_end(args); 69} 70 71// test2 - Test that captured variables that are uninitialized are flagged 72// as such. 73void test2() { 74 static int y = 0; 75 int x; 76 ^{ y = x + 1; }(); // expected-warning{{Variable 'x' is uninitialized when captured by block}} 77} 78 79void test2_b() { 80 static int y = 0; 81 __block int x; 82 // This is also a bug, but should be found not by checking the value 83 // 'x' is bound at block creation. 84 ^{ y = x + 1; }(); // no-warning 85} 86 87void test2_c() { 88 typedef void (^myblock)(void); 89 myblock f = ^() { f(); }; // expected-warning{{Variable 'f' is uninitialized when captured by block}} 90}