[cfe-dev] CSA: Getting the array subscripts which lead to uninitialized reads
Artem Dergachev via cfe-dev
cfe-dev at lists.llvm.org
Fri Dec 15 09:08:37 PST 2017
Through the ProgramState::getSVal() family of methods, depending on what
you have to identify `i` (an expression, a memory region, a variable
declaration - in the latter case you can turn it into a memory region
with ProgramState::getLValue()).
Note that you won't necessarily be able to get *all* possible values for
`i` which lead to uninitialized reads, because the analyzer does not
guarantee that it'd explore all paths through the program.
On 15/12/2017 1:07 AM, themod 1302 via cfe-dev wrote:
> Hello everyone,
>
> suppose I have an array, which has some uninitialized elements like in
> the following example:
>
> int array[4];
> array[0] = array[1] = array[2] = 0;
> for (int i = 0; i < 4; ++i) {
> // read array[i] here
> }
>
> In my checker, I want to get all the values for i, which lead to
> uninitialized reads. In the example that would be 3.
> Dumping the ProgramState shows me that value:
> (i,0,direct) : 3 S32b
> But how can I get it in my code?
>
> Thanks, Tom
>
>
>
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev
More information about the cfe-dev
mailing list