[clang] [clang][analyzer] Add function 'fscanf' to StreamChecker. (PR #78180)
Balazs Benics via cfe-commits
cfe-commits at lists.llvm.org
Wed Jan 24 07:21:39 PST 2024
=?utf-8?q?Balázs_Kéri?= <balazs.keri at ericsson.com>
Message-ID:
In-Reply-To: <llvm.org/llvm/llvm-project/pull/78180 at github.com>
steakhal wrote:
> This patch breaks a downstream test, like this:
>
> ```c++
> void test_fscanf_2() {
> FILE *F1 = tmpfile();
> if (!F1)
> return;
>
> int a;
> unsigned b;
> fscanf(F1, "%d %u", &a, &b);
> clang_analyzer_dump_int(a); // FP warning: 1st function call argument is an uninitialized value
> fclose(F1);
> }
> ```
>
> The FP is present, even if I guard the dump with `if (ret == 2)`.
>I think this can be caused by missing the default evalCall for fscanf, but did not find the exact reason.
Now I know what's going on - after cherry-picking like 15 StreamChecker patches :sweat_smile: (Yea, some fun for the last couple of days) Previously the call was default eval called, thus arguments escaped. This is no longer the case, thus the regions `&a`, `&b` won't escape, thus preserves their original values (which was `UndefinedVal()`)
This is a regression compared to default eval calling "fscanf".
https://github.com/llvm/llvm-project/pull/78180
More information about the cfe-commits
mailing list