Open llvmbot opened 11 years ago
The compiler will do something, but exactly what is pretty much random. Converting a double to a float and then loading from it means "treat this array as if it contains floats instead of doubles". This is completely incorrect code, but unfortunately the compiler won't warn about it if you put the cast in, because it assumes you know what you're doing.
You are basically doing this:
float foo(float data) { char rawData = (char *)data;
double newData[2];
char *rawNewData = (char *)newData;
memcpy(&rawNewData[0], &rawData[0], 8);
memcpy(&rawNewData[8], &rawData[8], 8);
float result;
memcpy(&result, &rawNewData[4], 4);
return result;
}
...which happens to return data[1], because copying 8 bytes from &data[0] is copying data[0] and data[1] over newData[0], and copying ((float *)newData)[1] pulls out the second half of newData[0].
Please do not do this.
I'm not sure what you mean. I did leave off a cast -- the last assignment should read "data = (float *)newData", but I'm not sure that will make a difference. The parameter can be treated as an array of floats or an array of doubles legitimately, I believe.
Also, if I try different returns (trying all 4 -- data[0], data[1], data[2], and data[3]), I only see the complaint with data[1] and data[3]. No complaint from data[0] or data[2].
Looking at the compiled code, the compiler is OK with this (it didn't give a warning -- I used -Wall and -Wextra).
No, that's because you can't mix float and double in any sensible way. The upper 32 bits of a double don't make a sensible float.
So, would this be the same reason I get a "Undefined or garbage value returned to caller" warning from this (using checker-275 on a Mac):
float foo(float *data) { double newData[2];
newData[0] = ((double*) data)[0];
newData[1] = ((double*) data)[1];
data = newData;
return data[1];
}
or should I file a new bug?
The analyzer doesn't model floating-point values at all right now, even for repeated checks. Definitely a limitation.
assigned to @tkremenek
Extended Description
Code:
// // main.cpp // sa-test // // Created by Michael Hecht on 8/7/13. // Copyright (c) 2013 Michael Hecht. All rights reserved. //
include
include
include
/---------------- UNCERTAINTY COEFFICIENTS ----------------/
static void zFreqCert( int nr,int nc, int rowStride, int colStride, double const tab, double constrowtot,double const* coltot,double totn, double qAlpha, // normal quantile for (1 - ef->alpha/2) double& ucr, double& e_ucr, double& l_ucr, double& u_ucr, double& urc, double& e_urc, double& l_urc, double& u_urc, double& u, double& e_u, double& l_u, double& u_u) { long i, j; double uij, ui, uj, pi, pj, pij, lpi, lpj, lpij; double uiji, uijj, uijcp, uiss, ujss, uijss;
}
int main(int argc, const char * argv[]) {
}
Analyze target sa-test
Analyze sa-test/main.cpp cd /Users/hecht/Desktop/sa-test setenv LANG en_US.US-ASCII /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/clang -x c++ -arch x86_64 -fmessage-length=0 -std=gnu++11 -stdlib=libc++ -Wno-trigraphs -fpascal-strings -O0 -Wno-missing-field-initializers -Wno-missing-prototypes -Wreturn-type -Wno-non-virtual-dtor -Wno-overloaded-virtual -Wno-exit-time-destructors -Wformat -Wno-missing-braces -Wparentheses -Wswitch -Wno-unused-function -Wno-unused-label -Wno-unused-parameter -Wunused-variable -Wunused-value -Wempty-body -Wuninitialized -Wno-unknown-pragmas -Wno-shadow -Wno-four-char-constants -Wno-conversion -Wconstant-conversion -Wint-conversion -Wenum-conversion -Wshorten-64-to-32 -Wno-newline-eof -Wno-c++11-extensions -DDEBUG=1 -isysroot /Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX10.8.sdk -fasm-blocks -fstrict-aliasing -Wdeprecated-declarations -Winvalid-offsetof -mmacosx-version-min=10.8 -g -fvisibility-inlines-hidden -Wno-sign-conversion -Xclang -analyzer-output=plist-multi-file -Xclang -analyzer-checker -Xclang security.insecureAPI.UncheckedReturn -Xclang -analyzer-checker -Xclang security.insecureAPI.getpw -Xclang -analyzer-checker -Xclang security.insecureAPI.gets -Xclang -analyzer-checker -Xclang security.insecureAPI.mkstemp -Xclang -analyzer-checker -Xclang security.insecureAPI.mktemp -Xclang -analyzer-disable-checker -Xclang security.insecureAPI.rand -Xclang -analyzer-disable-checker -Xclang security.insecureAPI.strcpy -Xclang -analyzer-checker -Xclang security.insecureAPI.vfork -iquote /Users/hecht/Library/Developer/Xcode/DerivedData/sa-test-aonsrgxjbwasygdpieoztmczengq/Build/Intermediates/sa-test.build/Debug/sa-test.build/sa-test-generated-files.hmap -I/Users/hecht/Library/Developer/Xcode/DerivedData/sa-test-aonsrgxjbwasygdpieoztmczengq/Build/Intermediates/sa-test.build/Debug/sa-test.build/sa-test-own-target-headers.hmap -I/Users/hecht/Library/Developer/Xcode/DerivedData/sa-test-aonsrgxjbwasygdpieoztmczengq/Build/Intermediates/sa-test.build/Debug/sa-test.build/sa-test-all-target-headers.hmap -iquote /Users/hecht/Library/Developer/Xcode/DerivedData/sa-test-aonsrgxjbwasygdpieoztmczengq/Build/Intermediates/sa-test.build/Debug/sa-test.build/sa-test-project-headers.hmap -I/Users/hecht/Library/Developer/Xcode/DerivedData/sa-test-aonsrgxjbwasygdpieoztmczengq/Build/Products/Debug/include -I/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/include -I/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/include -I/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/include -I/Users/hecht/Library/Developer/Xcode/DerivedData/sa-test-aonsrgxjbwasygdpieoztmczengq/Build/Intermediates/sa-test.build/Debug/sa-test.build/DerivedSources/x86_64 -I/Users/hecht/Library/Developer/Xcode/DerivedData/sa-test-aonsrgxjbwasygdpieoztmczengq/Build/Intermediates/sa-test.build/Debug/sa-test.build/DerivedSources -F/Users/hecht/Library/Developer/Xcode/DerivedData/sa-test-aonsrgxjbwasygdpieoztmczengq/Build/Products/Debug -MMD -MT dependencies -MF /Users/hecht/Library/Developer/Xcode/DerivedData/sa-test-aonsrgxjbwasygdpieoztmczengq/Build/Intermediates/sa-test.build/Debug/sa-test.build/StaticAnalyzer/sa-test/sa-test/normal/x86_64/main.d --analyze /Users/hecht/Desktop/sa-test/sa-test/main.cpp -o /Users/hecht/Library/Developer/Xcode/DerivedData/sa-test-aonsrgxjbwasygdpieoztmczengq/Build/Intermediates/sa-test.build/Debug/sa-test.build/StaticAnalyzer/sa-test/sa-test/normal/x86_64/main.plist
sa-test/sa-test/main.cpp:39:28: warning: The right operand of '*' is a garbage value i 1 warning generated.
The structure of the code is this:
double lpi; ... if(pi > 0) lpi =;
...
if(pi > 0)