[clang] [clang][analyzer] CallAndMessage warnings at pointer to uninitialized struct (PR #164600)
Balázs Kéri via cfe-commits
cfe-commits at lists.llvm.org
Thu Oct 30 10:27:18 PDT 2025
================
@@ -212,8 +210,14 @@ bool CallAndMessageChecker::uninitRefOrPointer(
if (const MemRegion *SValMemRegion = V.getAsRegion()) {
const ProgramStateRef State = C.getState();
- const SVal PSV = State->getSVal(SValMemRegion, C.getASTContext().CharTy);
- if (PSV.isUndef()) {
+ QualType T = ParamDecl->getType()->getPointeeType();
+ if (T->isVoidType())
+ T = C.getASTContext().CharTy;
+ const SVal PSV = State->getSVal(SValMemRegion, T);
+ bool IsUndef = PSV.isUndef();
+ if (auto LCV = PSV.getAs<nonloc::LazyCompoundVal>())
+ IsUndef = LCV->getStore() == nullptr;
----------------
balazske wrote:
Is it possible that there is no binding at all? Even with `iterBindings` over subregions and super-regions, no binding is found. `LazyCoupoundValue` is not necessary for this search (memregion and store is available from elsewhere). The LCV can contain a null `Store` pointer (and exactly this case looks interesting).
https://github.com/llvm/llvm-project/pull/164600
More information about the cfe-commits
mailing list