suppose I have an array, which has some uninitialized elements like in the following example:
int array[4];
array[0] = array[1] = array[2] = 0;
for (int i = 0; i < 4; ++i) {
// read array[i] here
}
In my checker, I want to get all the values for i, which lead to uninitialized reads. In the example that would be 3.
Dumping the ProgramState shows me that value:
(i,0,direct) : 3 S32b
But how can I get it in my code?
Through the ProgramState::getSVal() family of methods, depending on what you have to identify `i` (an expression, a memory region, a variable declaration - in the latter case you can turn it into a memory region with ProgramState::getLValue()).
Note that you won't necessarily be able to get *all* possible values for `i` which lead to uninitialized reads, because the analyzer does not guarantee that it'd explore all paths through the program.