Author: Chandana Mudda Date: 2026-04-13T13:29:12+05:30 New Revision: c76cb2ba3c43d09d4a273bf0fe14be55789d9370
URL: https://github.com/llvm/llvm-project/commit/c76cb2ba3c43d09d4a273bf0fe14be55789d9370 DIFF: https://github.com/llvm/llvm-project/commit/c76cb2ba3c43d09d4a273bf0fe14be55789d9370.diff LOG: [analyzer] Refine default binding preservation in RegionStore (#189319) Narrow the new setImplicitDefaultValue() guard so existing default bindings are preserved only for aggregate-like cases. The previous change was too broad and regressed normal zero-initialization, causing new int[10]{} to be modeled as undefined and emit a garbage-value warning instead of the expected analyzer reports. Added: clang/test/Analysis/regionstore-zero-init.cpp Modified: clang/lib/StaticAnalyzer/Core/RegionStore.cpp Removed: ################################################################################ diff --git a/clang/lib/StaticAnalyzer/Core/RegionStore.cpp b/clang/lib/StaticAnalyzer/Core/RegionStore.cpp index 6ec66298e8c45..e1c031e5bb90e 100644 --- a/clang/lib/StaticAnalyzer/Core/RegionStore.cpp +++ b/clang/lib/StaticAnalyzer/Core/RegionStore.cpp @@ -2566,11 +2566,12 @@ RegionStoreManager::setImplicitDefaultValue(LimitedRegionBindingsConstRef B, if (B.hasExhaustedBindingLimit()) return B; - // Prefer to keep the previous default binding if we had one; that is likely a - // better choice than setting some arbitrary new default value. - // This isn't ideal (more of a hack), but better than dropping the more - // accurate default binding. - if (B.getDefaultBinding(R).has_value()) { + // Preserve an existing aggregate default binding. This handles partially + // initialized union-containing aggregates where bindAggregate() may already + // have installed a more precise default value at offset 0. Still allow + // implicit defaults for scalars and pointers so regular zero-initialization + // continues to work, e.g. for `new int[10]{}`. + if (T->isAggregateType() && B.getDefaultBinding(R).has_value()) { return B; } diff --git a/clang/test/Analysis/regionstore-zero-init.cpp b/clang/test/Analysis/regionstore-zero-init.cpp new file mode 100644 index 0000000000000..7b9f6fe43c51b --- /dev/null +++ b/clang/test/Analysis/regionstore-zero-init.cpp @@ -0,0 +1,9 @@ +// RUN: %clang_analyze_cc1 -analyzer-checker=core,debug.ExprInspection -verify %s + +void clang_analyzer_eval(int); + +void test_zero_initialized_new_array() { + int *p = new int[10]{}; + clang_analyzer_eval(*p == 0); // expected-warning{{TRUE}} + delete[] p; +} _______________________________________________ cfe-commits mailing list [email protected] https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
