================
@@ -268,9 +219,115 @@ class FindUninitializedField {
return false;
}
+
+ void printFieldChain(llvm::raw_ostream &OS) {
+ if (FieldChain.size() == 1)
+ OS << " (e.g., field: '" << *FieldChain[0] << "')";
+ else {
+ OS << " (e.g., via the field chain: '";
+ bool First = true;
+ for (SmallVectorImpl<const FieldDecl *>::iterator DI =
FieldChain.begin(),
+ DE = FieldChain.end();
+ DI != DE; ++DI) {
+ if (First)
+ First = false;
+ else
+ OS << '.';
+ OS << **DI;
+ }
+ OS << "')";
+ }
+ }
};
} // namespace
+bool CallAndMessageChecker::uninitRefOrPointer(
+ CheckerContext &C, SVal V, SourceRange ArgRange, const Expr *ArgEx,
+ const BugType &BT, const ParmVarDecl *ParamDecl, int ArgumentNumber) const
{
+
+ if (!ChecksEnabled[CK_ArgPointeeInitializedness])
+ return false;
+
+ // No parameter declaration available, i.e. variadic function argument.
+ if (!ParamDecl)
+ return false;
+
+ QualType ParamT = ParamDecl->getType();
+ if (!ParamT->isPointerOrReferenceType())
+ return false;
+
+ QualType PointeeT = ParamT->getPointeeType();
+ if (!PointeeT.isConstQualified())
+ return false;
+
+ const MemRegion *SValMemRegion = V.getAsRegion();
+ if (!SValMemRegion)
+ return false;
+
+ // If parameter is declared as pointer to const in function declaration,
+ // then check if corresponding argument in function call is
+ // pointing to undefined symbol value (uninitialized memory).
+
+ const ProgramStateRef State = C.getState();
+ if (PointeeT->isVoidType())
+ PointeeT = C.getASTContext().CharTy;
+ const SVal PointeeV =
+ State->getSVal(SValMemRegion, PointeeT);
+
+ if (PointeeV.isUndef()) {
+ if (ExplodedNode *N = C.generateErrorNode()) {
+ SmallString<200> Buf;
+ llvm::raw_svector_ostream Os(Buf);
+ Os << (ArgumentNumber + 1) << llvm::getOrdinalSuffix(ArgumentNumber + 1)
+ << " function call argument is ";
+ if (ParamT->isPointerType())
+ Os << "a pointer to uninitialized value";
+ else
+ Os << "an uninitialized value";
+ auto R = std::make_unique<PathSensitiveBugReport>(BT, Os.str(), N);
----------------
NagyDonat wrote:
This can be significantly simplified with `llvm::formatv`:
```suggestion
std::string Msg = llvm::formatv(
"{0}{1} function call argument is {2} uninitialized value",
ArgumentNumber + 1, llvm::getOrdinalSuffix(ArgumentNumber + 1),
ParamT->isPointerType() ? "a pointer to" : "an");
auto R = std::make_unique<PathSensitiveBugReport>(BT, Msg, N);
```
To use this utility function, you will need to add the include directive:
```c++
#include "llvm/Support/FormatVariadic.h"
```
(Also, check the formatting of the suggested code fragment with
`git-clang-format`, there is a chance that it will complain about the
formatting of the function call.)
https://github.com/llvm/llvm-project/pull/164600
_______________________________________________
cfe-commits mailing list
[email protected]
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
