[llvm-bugs] [Bug 38856] New: -Wconditional-uninitialized false positive on struct array field

via llvm-bugs llvm-bugs at lists.llvm.org
Thu Sep 6 06:05:59 PDT 2018 

https://bugs.llvm.org/show_bug.cgi?id=38856

            Bug ID: 38856
           Summary: -Wconditional-uninitialized false positive on struct
                    array field
           Product: clang
           Version: trunk
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: Static Analyzer
          Assignee: dcoughlin at apple.com
          Reporter: evan.j.pretti at gmail.com
                CC: llvm-bugs at lists.llvm.org

Created attachment 20850
  --> https://bugs.llvm.org/attachment.cgi?id=20850&action=edit
test.c

I have attached a case highlighting some strange behavior regarding
-Wconditional-uninitialized.

----- test.c -----
#include <stdio.h>

typedef struct { int x[2]; } test_t;

test_t foo_1(void);
test_t foo_2(void);
test_t foo_3(void);

test_t foo_1() {
    test_t t;
    for(int i = 0; i < 2; i++) t.x[i] = 0;
    return t;
}
test_t foo_2() {
    test_t t;
    t.x[0] = 0;
    for(int i = 0; i < 2; i++) t.x[i] = 0;
    return t;
}
test_t foo_3() {
    test_t t;
    t.x[0] = 0;
    return t;
}

int main() {
    test_t t;

    t = foo_1();
    printf("%i %i\n", t.x[0], t.x[1]);
    t = foo_2();
    printf("%i %i\n", t.x[0], t.x[1]);
    t = foo_3();
    printf("%i %i\n", t.x[0], t.x[1]);
}
------------------

Compilation gives:

------------------
$ clang -Weverything test.c
test.c:12:12: warning: variable 't' may be uninitialized when used here
      [-Wconditional-uninitialized]
    return t;
           ^
test.c:10:5: note: variable 't' is declared here
    test_t t;
    ^
1 warning generated.
------------------

although both elements of the array in the struct test_t have been assigned in
foo_1() where the warning is coming from.  Manual assignment of the elements
without a loop gives no warnings.  Strangely, if the first element is set as in
foo_2() followed by the loop, there is no warning.

This is fine if false positives from -Wconditional-uninitialized are considered
to be acceptable.  However, in foo_3(), only the first element of the array is
set and there are no warnings; the second element is actually uninitialized. 
This seems like it shouldn't happen.  Is this valid/wontfix behavior or a real
problem?

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20180906/8972cc81/attachment-0001.html>

More information about the llvm-bugs mailing list