https://gcc.gnu.org/bugzilla/show_bug.cgi?id=109439
Bug ID: 109439
Summary: RFE: Spurious -Wanalyzer-use-of-uninitialized-value
tagging along -Wanalyzer-out-of-bounds
Product: gcc
Version: 13.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: analyzer
Assignee: dmalcolm at gcc dot gnu.org
Reporter: priour.be at gmail dot com
CC: priour.be at gmail dot com
Target Milestone: ---
Build: 13.0.1 20230328 (experimental)
For every -Wanalyzer-out-of-bounds, a corresponding
-Wanalyzer-use-of-initialized-value seemingly tags along.
As most likely fixing the former would also fix the latter, it would make sense
to only have a OOB diagnosed.
Tested on trunk.
int would_like_only_oob ()
{
int arr[] = {1,2,3,4,5,6,7};
int y1 = arr[9]; // 2 warnings instead of only OOB warning are emitted here
return y1;
}
In the mail list, David suggested that
"Maybe we could fix this by having region_model::check_region_bounds
return a bool that signifies if the access is valid, and propagating
that value up through callers so that we can return a non-
poisoned_svalue at the point where we'd normally return an
"uninitialized" poisoned_svalue.
Alternatively, we could simply terminate any analysis path in which an
OOB access is detected (by implementing the
pending_diagnostic::terminate_path_p virtual function for class
out_of_bounds)."
