1// RUN: %clang_cc1 -triple x86_64-apple-darwin10 -analyze -analyzer-checker=core -analyzer-store=region -fblocks -verify %s 2 3//===----------------------------------------------------------------------===// 4// The following code is reduced using delta-debugging from Mac OS X headers: 5//===----------------------------------------------------------------------===// 6 7typedef __builtin_va_list va_list; 8typedef unsigned int uint32_t; 9typedef struct dispatch_queue_s *dispatch_queue_t; 10typedef struct dispatch_queue_attr_s *dispatch_queue_attr_t; 11typedef void (^dispatch_block_t)(void); 12void dispatch_async(dispatch_queue_t queue, dispatch_block_t block); 13__attribute__((visibility("default"))) __attribute__((__malloc__)) __attribute__((__warn_unused_result__)) __attribute__((__nothrow__)) dispatch_queue_t dispatch_queue_create(const char *label, dispatch_queue_attr_t attr); 14typedef long dispatch_once_t; 15void dispatch_once(dispatch_once_t *predicate, dispatch_block_t block); 16typedef signed char BOOL; 17typedef unsigned long NSUInteger; 18typedef struct _NSZone NSZone; 19@class NSInvocation, NSMethodSignature, NSCoder, NSString, NSEnumerator; 20@protocol NSObject 21- (BOOL)isEqual:(id)object; 22- (oneway void)release; 23@end 24@protocol NSCopying - (id)copyWithZone:(NSZone *)zone; @end 25@protocol NSMutableCopying - (id)mutableCopyWithZone:(NSZone *)zone; @end 26@protocol NSCoding - (void)encodeWithCoder:(NSCoder *)aCoder; @end 27@interface NSObject <NSObject> {} 28+ (id)alloc; 29- (id)copy; 30@end 31extern id NSAllocateObject(Class aClass, NSUInteger extraBytes, NSZone *zone); 32@interface NSString : NSObject <NSCopying, NSMutableCopying, NSCoding> 33- (NSUInteger)length; 34- (const char *)UTF8String; 35- (id)initWithFormat:(NSString *)format arguments:(va_list)argList __attribute__((format(__NSString__, 1, 0))); 36@end 37@class NSString, NSData; 38typedef struct cssm_sample {} CSSM_SAMPLEGROUP, *CSSM_SAMPLEGROUP_PTR; 39typedef struct __aslclient *aslclient; 40typedef struct __aslmsg *aslmsg; 41aslclient asl_open(const char *ident, const char *facility, uint32_t opts); 42int asl_log(aslclient asl, aslmsg msg, int level, const char *format, ...) __attribute__((__format__ (__printf__, 4, 5))); 43 44//===----------------------------------------------------------------------===// 45// Begin actual test cases. 46//===----------------------------------------------------------------------===// 47 48// test1 - This test case exposed logic that caused the analyzer to crash because of a memory bug 49// in BlockDataRegion. It represents real code that contains two block literals. Eventually 50// via IPA 'logQueue' and 'client' should be updated after the call to 'dispatch_once'. 51void test1(NSString *format, ...) { 52 static dispatch_queue_t logQueue; 53 static aslclient client; 54 static dispatch_once_t pred; 55 do { 56 if (__builtin_expect(*(&pred), ~0l) != ~0l) 57 dispatch_once(&pred, ^{ 58 logQueue = dispatch_queue_create("com.mycompany.myproduct.asl", ((void*)0)); 59 client = asl_open(((void*)0), "com.mycompany.myproduct", 0); 60 }); 61 } while (0); 62 63 va_list args; 64 __builtin_va_start(args, format); 65 66 NSString *str = [[NSString alloc] initWithFormat:format arguments:args]; 67 dispatch_async(logQueue, ^{ asl_log(client, ((void*)0), 4, "%s", [str UTF8String]); }); 68 [str release]; 69 70 __builtin_va_end(args); 71} 72 73// test2 - Test that captured variables that are uninitialized are flagged 74// as such. 75void test2() { 76 static int y = 0; 77 int x; 78 ^{ y = x + 1; }(); // expected-warning{{Variable 'x' is uninitialized when captured by block}} 79} 80 81void test2_b() { 82 static int y = 0; 83 __block int x; 84 ^{ y = x + 1; }(); // expected-warning {{left operand of '+' is a garbage value}} 85} 86 87void test2_c() { 88 typedef void (^myblock)(void); 89 myblock f = ^() { f(); }; // expected-warning{{Variable 'f' is uninitialized when captured by block}} 90} 91 92 93void testMessaging() { 94 // <rdar://problem/12119814> 95 [[^(){} copy] release]; 96} 97