[cfe-dev] RFC clang analyzer false positives (for loop)

Joerg Sonnenberger via cfe-dev cfe-dev at lists.llvm.org
Fri Aug 26 05:15:42 PDT 2016


On Thu, Aug 25, 2016 at 07:55:52AM +0000, Daniel Marjamäki via cfe-dev wrote:
> I see many false positives in code like this:
> 
>     int f(int nr) {
>       int x;
>       for (int i = 0; i < nr; ++i) {
>         x = i;
>       }
>       return x;
>     }
> 
> Theoretically, if "nr" is less than 0 then the return value will be uninitialized.

That's actually wrong. The loop won't be executed for 0 either. That is
a good example of why I consider the analysis completely valid -- humans
are surprisingly bad at ensuring that complex unenforced pre-conditions
are actually true.

Joerg


More information about the cfe-dev mailing list