GCC analyzer false positive

Aug 31

Sep 01

Sep 22

$ gdc -fanalyzer test.d -O2 -c test.d: In function 'lock': test.d:5:5: warning: use of uninitialized value 'MEM[(unsigned char * {ref-all})&D.3438]' [CWE-457] [-Wanalyzer-use-of-uninitialized-value] 5 | return Guard(); | ^ 'lock': events 1-2 | | 5 | return Guard(); | | ^ | | | | | (1) region created on stack here | | (2) use of uninitialized value 'MEM[(unsigned char * {ref-all})&D.3438]' here |

September 01

Re: GCC analyzer false positive

Posted by Iain Buclaw
in reply to Zachary Yedidia

Permalink

Iain Buclaw

Posted in reply to Zachary Yedidia

Permalink

On Thursday, 31 August 2023 at 13:53:55 UTC, Zachary Yedidia wrote:

The following code generates a warning when using GCC analyzer, but I don't think the warning is valid.

struct Guard {
    ~this() {}
}
Guard lock() {
    return Guard();
}
void bar() {
    auto foo = lock();
}

Compiled with GCC version 13.1:

$ gdc -fanalyzer test.d -O2 -c
test.d: In function 'lock':
test.d:5:5: warning: use of uninitialized value 'MEM[(unsigned char * {ref-all})&D.3438]' [CWE-457] [-Wanalyzer-use-of-uninitialized-value]
    5 |     return Guard();
      |     ^
  'lock': events 1-2
    |
    |    5 |     return Guard();
    |      |     ^
    |      |     |
    |      |     (1) region created on stack here
    |      |     (2) use of uninitialized value 'MEM[(unsigned char * {ref-all})&D.3438]' here
    |

Any ideas? Thanks!

Hi,

Thanks for posting this!

Had a quick poke around - also with a C++ equivalent test - and it looks like GCC's static analyzer is not good at dealing with returning non-trivially copyable struct via NRVO.

I'll have a prod a bit more later, but my first instinct would be to raise a bug report with GCC.

Forums