Minimized code snippet: ``` #include <string.h> void validatedatetime(const char *str) { const char *templates[] = {"dddd-dd-dd dd:dd", "dddd-dd-dd"}; size_t len = strlen(str); for (unsigned t = 0; t < 2; t++) { if (len != strlen(templates[t])) { continue; } } } ``` Original code: https://github.com/vergoh/vnstat/blob/f98c27eaba27ebda703737f8a5539a77b891561e/src/misc.c#L357 GCC analyzer output: ``` $ gcc-10 -c -Wall -Wextra -fanalyzer fixed-array.c fixed-array.c: In function ‘validatedatetime’: fixed-array.c:10:28: warning: use of uninitialized value ‘<unknown>’ [CWE-457] [-Wanalyzer-use-of-uninitialized-value] 10 | if (len != strlen(templates[t])) { | ^~~~~~~~~~~~~~~~~~~~ ‘validatedatetime’: events 1-7 | | 9 | for (unsigned t = 0; t < 2; t++) { | | ^~~ ~~~ | | | | | | | (4) ...to here | | (1) following ‘true’ branch (when ‘t <= 1’)... | | (5) following ‘true’ branch (when ‘t <= 1’)... | 10 | if (len != strlen(templates[t])) { | | ~ ~~~~~~~~~~~~~~~~~~~~ | | | | | | | (2) ...to here | | | (6) ...to here | | | (7) use of uninitialized value ‘<unknown>’ here | | (3) following ‘false’ branch... | ``` GCC version: ``` gcc-10 (Debian 10-20200411-1) 10.0.1 20200411 (experimental) [master revision bb87d5cc77d:75961caccb7:f883c46b4877f637e0fa5025b4d6b5c9040ec566] ```
The master branch has been updated by David Malcolm <dmalcolm@gcc.gnu.org>: https://gcc.gnu.org/g:78b9783774bfd3540f38f5b1e3c7fc9f719653d7 commit r10-8012-g78b9783774bfd3540f38f5b1e3c7fc9f719653d7 Author: David Malcolm <dmalcolm@redhat.com> Date: Thu Apr 23 21:31:22 2020 -0400 analyzer: remove -Wanalyzer-use-of-uninitialized-value for GCC 10 From what I can tell -Wanalyzer-use-of-uninitialized-value has not yet found a true diagnostic in real-world code, and seems to be particularly susceptible to false positives. These relate to bugs in the region_model code. For GCC 10 it seems best to remove this warning, which this patch does. Internally it also removes POISON_KIND_UNINIT. I'm working on a rewrite of the region_model code for GCC 11 that I hope will fix these issues, and allow this warning to be reintroduced. gcc/analyzer/ChangeLog: PR analyzer/94447 PR analyzer/94639 PR analyzer/94732 PR analyzer/94754 * analyzer.opt (Wanalyzer-use-of-uninitialized-value): Delete. * program-state.cc (selftest::test_program_state_dumping): Update expected dump result for removal of "uninit". * region-model.cc (poison_kind_to_str): Delete POISON_KIND_UNINIT case. (root_region::ensure_stack_region): Initialize stack with null svalue_id rather than with a typeless POISON_KIND_UNINIT value. (root_region::ensure_heap_region): Likewise for the heap. (region_model::dump_summary_of_rep_path_vars): Remove summarization of uninit values. (region_model::validate): Remove check that the stack has a POISON_KIND_UNINIT value. (poisoned_value_diagnostic::emit): Remove POISON_KIND_UNINIT case. (poisoned_value_diagnostic::describe_final_event): Likewise. (selftest::test_dump): Update expected dump result for removal of "uninit". (selftest::test_svalue_equality): Remove "uninit" and "freed". * region-model.h (enum poison_kind): Remove POISON_KIND_UNINIT. gcc/ChangeLog: PR analyzer/94447 PR analyzer/94639 PR analyzer/94732 PR analyzer/94754 * doc/invoke.texi (Static Analyzer Options): Remove -Wanalyzer-use-of-uninitialized-value. (-Wno-analyzer-use-of-uninitialized-value): Remove item. gcc/testsuite/ChangeLog: PR analyzer/94447 PR analyzer/94639 PR analyzer/94732 PR analyzer/94754 * gcc.dg/analyzer/data-model-1.c: Mark "use of uninitialized value" warnings as xfail for now. * gcc.dg/analyzer/data-model-5b.c: Remove uninitialized warning. * gcc.dg/analyzer/pr94099.c: Mark "uninitialized" warning as xfail for now. * gcc.dg/analyzer/pr94447.c: New test. * gcc.dg/analyzer/pr94639.c: New test. * gcc.dg/analyzer/pr94732.c: New test. * gcc.dg/analyzer/pr94754.c: New test. * gcc.dg/analyzer/zlib-6.c: Mark "uninitialized" warning as xfail for now.
Should be fixed by r10-8012-g78b9783774bfd3540f38f5b1e3c7fc9f719653d7.