[llvm-bugs] [Bug 42811] New: transparent union pointers not understood by static analyzer

via llvm-bugs llvm-bugs at lists.llvm.org
Mon Jul 29 06:24:31 PDT 2019 

https://bugs.llvm.org/show_bug.cgi?id=42811

            Bug ID: 42811
           Summary: transparent union pointers not understood by static
                    analyzer
           Product: clang
           Version: 8.0
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: Static Analyzer
          Assignee: dcoughlin at apple.com
          Reporter: equinox-llvm at diac24.net
                CC: dcoughlin at apple.com, llvm-bugs at lists.llvm.org

The static analyzer doesn't seem to understand transparent union arguments,
particularly if the union members are pointers:



struct s1 {
        int x;
};
struct s2 {
        int y;
};

union arg {
        struct s1 *s1;
        struct s2 *s2;
} __attribute__((transparent_union));

void set1(union arg arg)
{
        arg.s1->x = 0;
}

void set2(union arg arg)
{
        arg.s2->y = 0;
}

int test1(void)
{
        struct s2 s2;
        set1(&s2);
        return s2.y ? 1 : 0;
}

int test2(void)
{
        struct s2 s2;
        set2(&s2);
        return s2.y ? 1 : 0;
}



$ scan-build-8 clang-8 -c -o transp_union_sa.o transp_union_sa.c
scan-build: Using '/usr/lib/llvm-8/bin/clang' for static analysis
transp_union_sa.c:27:9: warning: Branch condition evaluates to a garbage value
        return s2.y ? 1 : 0;
               ^~~~
transp_union_sa.c:34:9: warning: Branch condition evaluates to a garbage value
        return s2.y ? 1 : 0;
               ^~~~
2 warnings generated.


Ideally, neither test1 nor test2 should generate a warning; the test1 case is
much harder to get right though since it'd need the SA to understand that the x
and y struct fields for s1 and s2 are in the same place.  test2 is much easier
and should definitely not result in a warning.


$ clang-8 --version 
clang version 8.0.1-+rc4-1 (tags/RELEASE_801/rc4)
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/bin

(Debian)

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20190729/1b26574d/attachment.html>

More information about the llvm-bugs mailing list