Summary:
This check was causing a crash in a test case where the 0th argument was
uninitialized ('Assertion `T::isKind(*this)' at line SVals.h:104). This
was happening since the argument was actually undefined, but the castAs
assumes the value is DefinedOrUnknownSVal.
The fix appears to be simply to check for an undefined value and skip
the check allowing the uninitalized value checker to detect the error.
I included a test case that I verified to produce the negative case
prior to the fix, and passes with the fix.
Reviewers: martong, NoQ
Subscribers: xazax.hun, szepet, rnkovacs, a.sidorin, mikhail.ramalho, Szelethus, donat.nagy, Charusso, ASDenysPetrov, baloghadamsoftware, dkrupp, cfe-commits
Tags: #clang
Differential Revision: https://reviews.llvm.org/D77012
ProgramStateRef apply(ProgramStateRef State, const CallEvent &Call,
const Summary &Summary) const override {
SVal V = getArgSVal(Call, getArgNo());
+ if (V.isUndef())
+ return State;
+
DefinedOrUnknownSVal L = V.castAs<DefinedOrUnknownSVal>();
if (!L.getAs<Loc>())
return State;
clang_analyzer_eval(z <= y); // expected-warning{{TRUE}}
}
+void test_fread_uninitialized(void) {
+ void *ptr;
+ size_t sz;
+ size_t nmem;
+ FILE *fp;
+ (void)fread(ptr, sz, nmem, fp); // expected-warning {{1st function call argument is an uninitialized value}}
+}
+
ssize_t getline(char **, size_t *, FILE *);
void test_getline(FILE *fp) {
char *line = 0;
projects / platform / upstream / llvm.git / commitdiff