Open llvmbot opened 9 years ago
Version with fixed-sized array Here is the output:
clang --analyze -Xanalyzer -analyzer-output=text source.c source.c:18:18: warning: The left operand of '!=' is a garbage value if(result[i] != 0)
source.c:6:3: note: Taking false branch
if(count1 + count2 > 10)
^
source.c:11:3: note: Loop condition is false. Execution continues on line 16
for(i = 0; i < count1 + count2; i++)
^
source.c:16:3: note: Loop condition is true. Entering loop body
for(i = 0; i < count1 + count2; i++)
^
source.c:18:18: note: The left operand of '!=' is a garbage value
if(result[i] != 0)
~~~~~~~~~ ^
1 warning generated.
Your first attachment has a bug. You only initialize the first max(count1, count2) elements, but then read from the first count1 + count2 elements of result.
What does the static analyzer report for the second attachment?
Does the problem still occur if you use a fixed-size array rather than a VLA?
Sorry for inconvenience.
For the second attachment output is next:
clang --analyze -Xanalyzer -analyzer-output=text source.c source.c:13:18: warning: The left operand of '!=' is a garbage value if(result[i] != 0)
source.c:6:3: note: Loop condition is false. Execution continues on line 11
for(i = 0; i < count1 + count2; i++)
^
source.c:11:3: note: Loop condition is true. Entering loop body
for(i = 0; i < count1 + count2; i++)
^
source.c:13:18: note: The left operand of '!=' is a garbage value
if(result[i] != 0)
~~~~~~~~~ ^
1 warning generated.
Your first attachment has a bug. You only initialize the first max(count1, count2) elements, but then read from the first count1 + count2 elements of result.
What does the static analyzer report for the second attachment?
Does the problem still occur if you use a fixed-size array rather than a VLA?
assigned to @tkremenek
Extended Description
Analyzer reports garbage for initialized variable:
clang --analyze -Xanalyzer -analyzer-output=text source.c source.c:18:18: warning: The left operand of '!=' is a garbage value if(result[i] != 0)