[llvm-bugs] [Bug 24688] New: false positive in for-loop: static analyzer iterates too often
via llvm-bugs
llvm-bugs at lists.llvm.org
Thu Sep 3 02:34:39 PDT 2015
https://llvm.org/bugs/show_bug.cgi?id=24688
Bug ID: 24688
Summary: false positive in for-loop: static analyzer iterates
too often
Product: clang
Version: 3.7
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: Static Analyzer
Assignee: kremenek at apple.com
Reporter: stephan.beyer at uni-osnabrueck.de
CC: llvm-bugs at lists.llvm.org
Classification: Unclassified
Hi,
consider the following C++ minimal example:
#include <iostream>
#include <cassert>
int main(int argc, const char *argv[])
{
int my_array[4] = {0, 1, 2, 3};
assert(argc < 3);
for (int i = 0; i < 2*argc; i += 2) {
std::cout << my_array[i] << std::endl;
}
return 0;
}
Clearly, it will output 0 when calling with no argument, and it will output 0
and 2 when calling with one argument.
However, the analyzer says:
minimal.cc:9:9: warning: Function call argument is an uninitialized value
std::cout << my_array[i] << std::endl;
^~~~~~~~~~~~~~~~~~~~~~~~
and the report says that this is because the loop condition is true for *3*
times. Which cannot be the case due to the assertion.
Note that replacing the for-loop by the equivalent
for (int i = 0; i < argc; i++) {
std::cout << my_array[2*i] << std::endl;
}
gets rid of the false positive.
I can reproduce it with Debian's clang++-3.5, 3.7 and 3.8.
Stephan
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20150903/5c2ae7cc/attachment.html>
More information about the llvm-bugs
mailing list