[llvm-bugs] [Bug 128531] [clang] No warning for a memcpy from an uninitialized local variable

LLVM Bugs via llvm-bugs Mon, 24 Feb 2025 08:20:34 -0800

Issue	128531
Summary	[clang] No warning for a memcpy from an uninitialized local variable
Labels	clang
Assignees
Reporter	isbadawi

    I encountered a bug that boiled down to something like this, passing the address of an uninitialized local variable as the source for memcpy:


```c
#include <string.h>

void foo(int *out) {
  int x;

 memcpy(out, &x, sizeof(x));
}
```

The bug was only discovered after upgrading to a more recent clang happened to expose a runtime issue, there was no diagnostic. I found that latest gcc warns about this, but latest clang doesn't, see https://godbolt.org/z/7rd84W7sc

Output from gcc 14.2

```
<source>: In function 'main':
<source>:7:3: warning: 'x' is used uninitialized [-Wuninitialized]
    7 |   memcpy(&y, &x, sizeof(x));
 |   ^~~~~~~~~~~~~~~~~~~~~~~~~
<source>:4:7: note: 'x' declared here
 4 |   int x;
      |    
```

It seems like gcc also more generally emits either `-Wuninitialized` or `-Wmaybe-uninitialized` when passing pointers to uninitialized local variables to functions, which is partly driven by parameters marked `const` or annotated using attribute `access`, but at least the memcpy case seems like it would be useful to cover.

_______________________________________________
llvm-bugs mailing list
llvm-bugs@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-bugs

[llvm-bugs] [Bug 128531] [clang] No warning for a memcpy from an uninitialized local variable

Reply via email to