[clang] [clang][analyzer] Fix a nullptr dereference when -ftime-trace is used (Reland) (PR #139980)
Balazs Benics via cfe-commits
cfe-commits at lists.llvm.org
Thu May 15 01:53:12 PDT 2025
https://github.com/steakhal commented:
> > I think this would still trip on the same memory issue. The problem to me is that we read uninitialized memory. So even if you limit the bounds of the result of the read of such uninitialized memory, it would only mask and limit the effect of such read. Have you tried running the failing case via valgrind? That's usually great for catching uninitialized reads. msan is also great, but that needs an instrumented standard library which may be tough to set up.
>
> I don't think so. I have an asan build locally and it worked.
>
> The methods `getParent()` and `getIndexInBlock()` in CFGElementRef does not access memory, since they only return the value from the ref. The actual dereference happens in `->` operator, which is gated after the newly added `if` condition.
My understanding is that asan will not check if a memory is initialized or not. It checks if the access is valid - but since you guard the access we would brush this under the carpet now.
https://github.com/llvm/llvm-project/pull/139980
More information about the cfe-commits
mailing list