One unknown is the underlying integer type chosen by the compiler to represent myEnum
. This is “implementation-defined” in the sense that the choice needs to be deterministic for separately compiled files to be linkable together, but it is not implementation-defined in the sense that the compiler's documentation explains how this type is chosen. The choice depends on the enum's definition, and any description could only be an algorithm.
Regardless of this shadow, I think that the function is defined (it does not read from an uninitialized myValue
for any arguments). In other words, the warning is a false positive. I have “verified” this with another static analyzer that detects uses of uninitialized memory.
What you could do to lift the “integer type for myEnum
” shadow is post the assembly code that clang-the-compiler generates. If there is an uninitialized access in the assembly code, it will be easier to understand why.
What might be happening here, but a full-featured static analyzer such as Clang is a complex beast and an explanation coming from someone who is not familiar with its internals should be taken with a grain of salt, is that the underlying integer type chosen for myEnum
is different when 0x8000 is picked for value1
as opposed to smaller values. For smaller values, the underlying type for myEnum
could be a signed 16-bit short int
, whereas 0x8000 forces the compiler to use an unsigned short int
. This different type for myEnum
would introduce more implicit conversions in the Abstract Syntax Tree representing the function, making it harder to predict, and causing the false positive. I do not work on Clang but I can assure you that these implicit conversions are always a pain to handle in a static analyzer for C.
Clang developers consider false positives bugs and they certainly would like to hear about this one. The homepage says:
Please help us in this endeavor by reporting false positives
and this sentence links directly to the explanation on how to file bugs.