300 questions
0
votes
0
answers
42
views
Liveness Analysis doesn't produce expected result
First a bit of context. Consider the code:
void foo(double* b){
int a = 100;
a = 101;
b[1] += b[a];
}
I have a visitor, that has VisitArraySubscriptExpr(ASE), where I perform ...
- 1
1
vote
1
answer
47
views
Clang sa checker for get/set functions with reference types ("location cannot be a NonLoc")
I'm writing a clang static analyzer checker for a pair of functions that save the passed argument value and return it:
void set(const int& value);
const int& get();
Real set ...
- 1,059
0
votes
1
answer
75
views
LLVM Analyzer Garbage value
I work on a custom container and I manually allocate some heap memory:
template<typename element_type>
class MyClass{
element_type* m_data = nullptr;
std::size_t rows, columns; // assume ...
- 27
0
votes
0
answers
80
views
Get origin clang::ento::MemRegion from SVal of type clang::ento::nonloc::ConcreteInt
I would like to extract the relationships of the variables in a given C source file. More precisely, I would like to know which dependencies between the individual variables are generated via ...
- 59
1
vote
0
answers
107
views
use clang-query to match specified string
how should I use clang-query to match specified string
souece code:
int main()
{
__asm__ __volatile__("pause");
}
I want to substituted "yield" for "pause"
what I have ...
- 11
1
vote
1
answer
109
views
Iterate over constraints in Clang static Analyzer
I am developing a Clang static analyzer. In this analyzer, I need to iterate over the constraints in a RangedConstraintManager, but it seems this class is not public and I can't call its methods nor ...
- 328
3
votes
2
answers
1k
views
How to enable clang static analyzer flags from clang-tidy for alpha (experimental) checkers?
I'm trying to run the clang analyzer through its clang-tidy interface, but I need to pass the clang analyzer an additional flag. Specifically, I want to run an alpha checker for nondeterminism with
...
- 162
2
votes
1
answer
174
views
Can "unspecified order of evaluation" be detected with static analysis?
For most of my C++ projects, I strongly rely on static analysis to prevent bugprone code getting into the master branch.
However, nothing seems to detect bugs caused by unspecified order of evaluation....
- 220
1
vote
1
answer
124
views
How much can we trust to warnings generated by static analysis tools for vulnerablity detection?
I am running flawfinder on a set of libraries written in C/C++. I have a lot of generated warnings by flawfinder. My question is that, how much I can rely on these generated warnings? For example, ...
- 113
3
votes
2
answers
1k
views
Potential memory leak if a tuple of a unique pointer is captured in lambda
clang-tidy and scan-build warn about a potential memory leak in this code:
#include <tuple>
#include <memory>
int main()
{
auto lambda = [tuple = std::make_tuple(std::make_unique<...
- 6,403
3
votes
0
answers
187
views
Is it possible to ignore xcodebuild analyze warnings from cocoapods and SPM packages?
I use xcodecode analyze to help find static analysis warnings in my code when running CI builds (similar to running the Analyze tool in Xcode directly).
It works great finding issues - but the problem ...
- 4,109
0
votes
1
answer
475
views
Does clang static analyzer core support multi-threaded programs?
Couldn't find any documentation on behavior of clang static analyzer core when it observes multi-threading programming constructs. Does the core identify them and create separate paths for each thread?...
- 384
6
votes
1
answer
226
views
Can a constructor affect other fields of an enclosing object, or is this a static analysis false positive?
Consider this C++ code:
struct SomeStruct {
SomeStruct() noexcept;
};
//SomeStruct::SomeStruct() noexcept {}
class SomeClass {
const bool b;
const SomeStruct s;
public:
SomeClass() : b(true)...
1
vote
1
answer
1k
views
Clang static analyzer (clazy) ignores NOLINT and similar meta instructions in Qt code
I need to switch off some warnings that the Clang static analyzer (clazy) flags in some Qt code that I work with.
Appending '// NOLINT' as a comment to code lines that get flagged by clazy does not ...
1
vote
1
answer
168
views
clang-analyzer: scan-build ./configure fails looking for pthread support: "_REENTRANT must be defined"
I'm using pthreads and my scan-build action has failed:
https://github.com/SentryPeer/SentryPeer/runs/5034401493?check_suite_focus=true
I see this:
cat clang_output_*
conftest.c:59:26: error: "...
- 294
0
votes
0
answers
238
views
Can I run clang static analyser on only a subset of the files in a project?
I'm looking to run clang's static analyser on files that are part of a larger project. I don't want to compile the entire project, only a subset of files. Is that at all possible?
- 1,151
1
vote
0
answers
637
views
Scan-Build for clang-13 not showing errors
I am using clang 13 to analyze this code:
int f1(){
int a=5;
short b=4;
bool a1=a;//maybe warn
bool b1=b;//maybe warn
if(a1&&b1)return 1;
return 0;
}
class M{
public:
virtual int GetAge(){...
- 11
5
votes
2
answers
4k
views
How to convert string to const unsigned char* without using reinterpret_cast (modern approach)
I have variable input type const std::string&:
const std::string& input
Now I need to convert this to const unsigned char* because this is the input of the function.
Unitl now I have correct ...
- 2,634
1
vote
0
answers
224
views
How can I make scan-build follow __attribute__((cleanup))?
I have a (comically) simple program that uses Clang (or GCC)'s __attribute__((cleanup)) machinery to automatically free memory:
#include <stdio.h>
#include <stdlib.h>
void free_memory(...
- 1,091
1
vote
0
answers
149
views
Why do I get bugprone-use-after-move in this template function?
Clang static analyzer reports bugprone-use-after-move for the parameter t in the following template function. First of all, help me understand why, I cannot see it is being used at all. Secondly, if ...
- 1,062
5
votes
3
answers
8k
views
Using #pragma to remove clang warnings based on clang check
I want to remove/ignore a clang warning for a block of code and found multiple examples of how to use pragamas for this. For example if the warning is unused-variable you can disable it by using:
#...
- 1,073
2
votes
0
answers
288
views
Clang: How can I tell whether size of constant size array declaration is a macro expansion
I'm working on a clang-tidy checker to spot some problematic idioms in a large codebase. I need to look at constant-size arrays declared in structs, and determine whether the size was given as an ...
- 43
1
vote
0
answers
1k
views
How to exclude files from clang analyzer?
I run clang analyzer with
clang++ --analyze --analyzer-output html ...
It works great and integrated into my CMake seamlessly. Now I want to exclude third-parties from the analysis. scan-build --help ...
- 22.1k
0
votes
0
answers
222
views
Clang scan-build fails to find infinite loop
I made a trivial typo in the following loop:
do{
ys = (ys*ys + 1)%n;
d = egcd(x > y ? x - y : y - x, n, NULL, NULL);
}while(d == 1);
This loop is part of a Pollard-Rho-Brent factorization ...
- 665
0
votes
1
answer
904
views
Why does Clang static analyzer think that this is use-after-free?
I'm probably just stupid:
fileref_t *fref;
while (gli_filereflist != NULL)
{
fref = gli_filereflist;
if (fref != NULL)
{
glk_fileref_destroy(fref); &...
- 147