[clang] [analyzer] Check the correct first and last elements in cstring.UninitializedRead (PR #95408)
Balazs Benics via cfe-commits
cfe-commits at lists.llvm.org
Thu Jun 13 08:21:07 PDT 2024
https://github.com/steakhal commented:
The intention of the patch makes sense to me. However, I believe that the bug is inside the Store. It should not say it's `Undefined` if actually an existing binding overlaps (actually completely covers) the requested region.
So, that said, the checker does the right thing, but the Store lies to it.
And especially for memcpy-like raw memory manipulating APIs, implementing this element-type-wise check is really difficult. Partially because in CSA we have only limited trustworthy type information for such buffers.
I'm also pragmatic with the subject, and believe in solutions today, than waiting for one years to come. But I still want to ask if we could join forces and implement the proposed Store model discussed here, as a counter proposal for the original RFC?
For instance, that would make such loads not result in an Undefined value - unless it's actually uninitialized.
(Once we had that Store model, we would probably want to revert this element-type-based solution outlined here.)
Anyways, I'm looking forward to extensively review this PR. I just grabbed the opportunity to get attention to the proposed Store model and maybe get that one day.
https://github.com/llvm/llvm-project/pull/95408
More information about the cfe-commits
mailing list