<html>
<head>
<base href="https://bugs.llvm.org/">
</head>
<body><table border="1" cellspacing="0" cellpadding="8">
<tr>
<th>Bug ID</th>
<td><a class="bz_bug_link
bz_status_NEW "
title="NEW - clang-analyzer-core.uninitialized.Assign: False positive with reinterpret_cast"
href="https://bugs.llvm.org/show_bug.cgi?id=36477">36477</a>
</td>
</tr>
<tr>
<th>Summary</th>
<td>clang-analyzer-core.uninitialized.Assign: False positive with reinterpret_cast
</td>
</tr>
<tr>
<th>Product</th>
<td>clang
</td>
</tr>
<tr>
<th>Version</th>
<td>unspecified
</td>
</tr>
<tr>
<th>Hardware</th>
<td>PC
</td>
</tr>
<tr>
<th>OS</th>
<td>All
</td>
</tr>
<tr>
<th>Status</th>
<td>NEW
</td>
</tr>
<tr>
<th>Severity</th>
<td>enhancement
</td>
</tr>
<tr>
<th>Priority</th>
<td>P
</td>
</tr>
<tr>
<th>Component</th>
<td>Static Analyzer
</td>
</tr>
<tr>
<th>Assignee</th>
<td>dcoughlin@apple.com
</td>
</tr>
<tr>
<th>Reporter</th>
<td>russ@eatnumber1.com
</td>
</tr>
<tr>
<th>CC</th>
<td>llvm-bugs@lists.llvm.org
</td>
</tr></table>
<p>
<div>
<pre>I've been encountering a case where Clang Static Analyzer raises
clang-analyzer-core.uninitialized.Assign. I've narrowed down the culprit code
to the following sample case:
struct myint {
int d;
};
struct foo {
myint a;
};
int myfn1() {
foo myfoo {5};
const unsigned char *a = reinterpret_cast<const unsigned char
*>(&myfoo.a);
char ret = a[1];
return ret;
}
The warning generated is:
$ scan-build clang++ -std=c++11 -c -O0 ~/a.cc
scan-build: Using '/usr/bin/clang' for static analysis
/usr/local/google/home/eatnumber1/a.cc:12:3: warning: Assigned value is garbage
or undefined
char ret = a[1];
^~~~~~~~ ~~~~
1 warning generated.
scan-build: 1 bugs found.
scan-build: Run 'scan-view /tmp/scan-build-2017-10-13-151811-27304-1' to
examine bug reports.
If I change `struct foo` to the following:
struct foo {
int a;
};
then the warning is not emitted.
What's going on here?</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are on the CC list for the bug.</li>
</ul>
</body>
</html>