[LLVMbugs] [Bug 15905] New: False positive testing enum value of particular size

bugzilla-daemon at llvm.org bugzilla-daemon at llvm.org
Fri May 3 10:32:14 PDT 2013 

http://llvm.org/bugs/show_bug.cgi?id=15905

            Bug ID: 15905
           Summary: False positive testing enum value of particular size
           Product: clang
           Version: 3.1
          Hardware: Macintosh
                OS: MacOS X
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
          Assignee: kremenek at apple.com
          Reporter: jbrooks at kcptech.com
                CC: llvmbugs at cs.uiuc.edu
    Classification: Unclassified

Clang reports a comparison with an uninitialized value in the below code.  This
is a simplification of code compiled both for iOS and on Mac OS 32 bit.  The
bug only occurs if the enumeration values are defined as starting at 0x8000. 
The comparison is against an unsigned short.  If it was signed, there could be
a potential problem with the sign bit being set, but as it stands, it looks
like it's a bug.

Contents of main.c:
#define false 0
#define true 1
typedef int bool;

typedef enum {
    value1 =  0x8000, /*If value1 is initialized at < 0x8000, the bug doesn't
occur*/
    value2,
    value3,
    value4,
    value5,
    value6
}myEnum;

static bool test_UTIL(bool aBool, unsigned short iCaseValue)
{
    bool canMatch = true;
    unsigned short myValue; /*not initialized*/

    if (aBool)
        myValue = 1;  /*myValue set only in this path */
    else
        canMatch = ((value1 == iCaseValue)
            || (value2 == iCaseValue)
            || (value3 == iCaseValue)
            || (value4 == iCaseValue)
            || (value5 == iCaseValue)
            || (value6 == iCaseValue));

    if (canMatch)
    {
        switch (iCaseValue) 
        {
            case value1:
            case value2:
            case value3:
            case value4:
            case value5:
            case value6:
                break;

            default:
                /*This triggers a clang warning, claiming myValue is
undefined*/
                canMatch = (iCaseValue == myValue);
                break;
        }
    }

    return canMatch;
}

/* Main() is written this way just to prevent compiler optimizations, and can
be ignored. */
int main(int argc, const char * argv[])
{
    unsigned short i;
    int j = 0;

    for( i = 0; i < 0x8888; i++)
    {
        bool ret = test_UTIL(i & 1, i);
        if( ret )
            j++;
    }


    return j;
}

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20130503/337c3558/attachment.html>

More information about the llvm-bugs mailing list