Lines Matching +full:sometimes +full:- +full:uninitialized
1 //===--- CallAndMessageChecker.cpp ------------------------------*- C++ -*--==//
8 //===----------------------------------------------------------------------===//
13 //===----------------------------------------------------------------------===//
104 auto R = llvm::make_unique<BugReport>(*BT, BT->getName(), N); in emitBadCall()
106 R->addRange(BadE->getSourceRange()); in emitBadCall()
107 if (BadE->isGLValue()) in emitBadCall()
121 return "Argument in message expression is an uninitialized value"; in describeUninitializedArgumentInCall()
124 return "Argument for property setter is an uninitialized value"; in describeUninitializedArgumentInCall()
127 return "Argument for subscript setter is an uninitialized value"; in describeUninitializedArgumentInCall()
128 return "Subscript index is an uninitialized value"; in describeUninitializedArgumentInCall()
133 return "Block call argument is an uninitialized value"; in describeUninitializedArgumentInCall()
135 return "Function call argument is an uninitialized value"; in describeUninitializedArgumentInCall()
155 // pointing to undefined symbol value (uninitialized memory). in uninitRefOrPointer()
158 if (ParamDecl->getType()->isPointerType()) { in uninitRefOrPointer()
159 Message = "Function call argument is a pointer to uninitialized value"; in uninitRefOrPointer()
160 } else if (ParamDecl->getType()->isReferenceType()) { in uninitRefOrPointer()
161 Message = "Function call argument is an uninitialized value"; in uninitRefOrPointer()
165 if(!ParamDecl->getType()->getPointeeType().isConstQualified()) in uninitRefOrPointer()
170 const SVal PSV = State->getSVal(SValMemRegion); in uninitRefOrPointer()
175 R->addRange(ArgRange); in uninitRefOrPointer()
197 const char *BD = "Uninitialized argument value"; in PreVisitProcessArg()
210 R->addRange(ArgRange); in PreVisitProcessArg()
237 QualType T = R->getValueType(); in PreVisitProcessArg()
238 if (const RecordType *RT = T->getAsStructureType()) { in PreVisitProcessArg()
239 const RecordDecl *RD = RT->getDecl()->getDefinition(); in PreVisitProcessArg()
241 for (const auto *I : RD->fields()) { in PreVisitProcessArg()
244 T = I->getType(); in PreVisitProcessArg()
245 if (T->getAsStructureType()) { in PreVisitProcessArg()
262 const LazyCompoundValData *D = LV->getCVData(); in PreVisitProcessArg()
263 FindUninitializedField F(C.getState()->getStateManager().getStoreManager(), in PreVisitProcessArg()
265 D->getStore()); in PreVisitProcessArg()
267 if (F.Find(D->getRegion())) { in PreVisitProcessArg()
272 os << "Passed-by-value struct argument contains uninitialized data"; in PreVisitProcessArg()
292 R->addRange(ArgRange); in PreVisitProcessArg()
294 // FIXME: enhance track back for uninitialized value for arbitrary in PreVisitProcessArg()
308 const Expr *Callee = CE->getCallee()->IgnoreParens(); in checkPreStmt()
311 SVal L = State->getSVal(Callee, LCtx); in checkPreStmt()
316 this, "Called function pointer is an uninitialized pointer value")); in checkPreStmt()
322 std::tie(StNonNull, StNull) = State->assume(L.castAs<DefinedOrUnknownSVal>()); in checkPreStmt()
338 SVal Arg = C.getSVal(DE->getArgument()); in checkPreStmt()
346 new BuiltinBug(this, "Uninitialized argument value")); in checkPreStmt()
347 if (DE->isArrayFormAsWritten()) in checkPreStmt()
348 Desc = "Argument to 'delete[]' is uninitialized"; in checkPreStmt()
350 Desc = "Argument to 'delete' is uninitialized"; in checkPreStmt()
367 SVal V = CC->getCXXThisVal(); in checkPreCall()
371 new BuiltinBug(this, "Called C++ object pointer is uninitialized")); in checkPreCall()
372 emitBadCall(BT_cxx_call_undef.get(), C, CC->getCXXThisExpr()); in checkPreCall()
378 State->assume(V.castAs<DefinedOrUnknownSVal>()); in checkPreCall()
384 emitBadCall(BT_cxx_call_null.get(), C, CC->getCXXThisExpr()); in checkPreCall()
396 unsigned Params = FD->getNumParams(); in checkPreCall()
415 // Don't check for uninitialized field values in arguments if the in checkPreCall()
417 // This is a hack, but is a reasonable compromise betweens sometimes warning in checkPreCall()
418 // and sometimes not depending on if we decide to inline a function. in checkPreCall()
420 !(C.getAnalysisManager().shouldInlineCall() && (D && D->getBody())); in checkPreCall()
430 if(FD && i < FD->getNumParams()) in checkPreCall()
431 ParamDecl = FD->getParamDecl(i); in checkPreCall()
453 "is an uninitialized value")); in checkPreObjCMessage()
459 this, "Property access on an uninitialized object pointer")); in checkPreObjCMessage()
465 this, "Subscript access on an uninitialized object pointer")); in checkPreObjCMessage()
471 auto R = llvm::make_unique<BugReport>(*BT, BT->getName(), N); in checkPreObjCMessage()
473 R->addRange(ME->getReceiverRange()); in checkPreObjCMessage()
476 if (const Expr *ReceiverE = ME->getInstanceReceiver()) in checkPreObjCMessage()
504 ME->getSelector().print(os); in emitNilReceiverBug()
506 if (ResTy->isReferenceType()) { in emitNilReceiverBug()
515 report->addRange(ME->getReceiverRange()); in emitNilReceiverBug()
517 if (const Expr *receiver = ME->getInstanceReceiver()) { in emitNilReceiverBug()
541 if (CanRetTy->isStructureOrClassType()) { in HandleNilReceiver()
544 C.addTransition(state->BindExpr(Msg.getOriginExpr(), LCtx, V), &Tag); in HandleNilReceiver()
549 if (CanRetTy != Ctx.VoidTy && C.getLocationContext()->getParentMap() in HandleNilReceiver()
555 if (CanRetTy.getTypePtr()->isReferenceType()|| in HandleNilReceiver()
582 C.addTransition(state->BindExpr(Msg.getOriginExpr(), LCtx, V), &Tag); in HandleNilReceiver()
593 Checker->Filter.Check_##name = true; \
594 Checker->Filter.CheckName_##name = mgr.getCurrentCheckName(); \