[clang] [clang][analyzer] Fix the false positive ArgInitializedness warning on unnamed bit-field (PR #145066)

[via cfe-commits]

================
@@ -2122,8 +2122,21 @@ SVal RegionStoreManager::getBindingForField(RegionBindingsConstRef B,
   if (const std::optional<SVal> &V = B.getDirectBinding(R))
     return *V;
 
-  // If the containing record was initialized, try to get its constant value.
+  // UnnamedBitField is always Undefined unless using memory operation such
+  // as 'memset'.
+  // For example, for code
+  //    typedef struct {
+  //      int i  :2;
+  //      int    :30;  // unnamed bit-field
+  //    } A;
+  //    A a = {1};
+  // The bits of the unnamed bit-field in local variable a can be anything.
   const FieldDecl *FD = R->getDecl();
+  if (FD->isUnnamedBitField()) {
+      return UndefinedVal();
+  }
+
+  // If the containing record was initialized, try to get its constant value.
----------------
Tedlion wrote:

To solve the false warning problem with unnamed bit-field, patch here is unnecessary.
However, I do not think `getBinding` returning `SymbolVal` is the correct result, which is the current behavior when parsing the source as c++.  To my understanding, `SymbolVal` means it is initialized, but somehow the static analyzer cannot infer the value, while `UndefinedVal` means the value it stores can be anything and reading from it is an UB. Unnamed bit-field is the second case. 
I understand patching here may bring influences to other usages, even though the test of check-clang-analysis does not show any. So if you think that current implementation is incorrect but we'd better keep it before fully evaluating the influences, let me leave a FIXME comment here.






https://github.com/llvm/llvm-project/pull/145066