[PATCH}[libcxx] Scan-Build Run complete, patch and report

Steve MacKenzie stevemac321 at live.com
Thu Oct 23 19:42:51 PDT 2014 

forgot [PATCH] in subject and fixed typo, sorry...
On 10/23/2014 07:14 PM, Steve MacKenzie wrote:
> Summary:
> Number of warnings before this patch:450
> Number of warnings reduced by this patch:323
> Number of warnings uninvestigated: 0
> Regression Testing: no regressions found (x64 Linux, release, debug, 
> links to logs below)

>
> Bugs found:
> "Bug 
> ID","Product","Component","Assignee","Status","Resolution","Summary","Changed"
> 21326,"clang","Static 
> Analyzer","kremenek at apple.com","NEW","---","False position CERT MEM04 
> zero-length allocation error","2014-10-21 14:13:26"
> 21333,"clang","Static 
> Analyzer","kremenek at apple.com","NEW","---","false positive smartptr 
> release (unique_ptr) in std::<memory>","2014-10-21 18:55:49"
> 21335,"clang","Static 
> Analyzer","kremenek at apple.com","NEW","---","False positive scoping 
> issues, deref pointer, dead init, uninit arg, val, etc.","2014-10-21 
> 19:45:51"
> 21342,"clang","Static 
> Analyzer","kremenek at apple.com","NEW","---","False positive: 
> std::valarray standard conforming operator[] triggers null reference 
> warning","2014-10-22 15:56:16"
> 21344,"clang","Static 
> Analyzer","kremenek at apple.com","NEW","---","False positive garbage 
> value reported in std::<random> param_type in distribution 
> templates","2014-10-22 20:11:07"
>
> Links:
> Instructions on how to do a scan-build run against libc++: 
> http://1drv.ms/1wfR37J  This mirrors the steps that I took to validate 
> the patch.
>
> Regerssion Testing Logs;
> Release Baseline: http://1drv.ms/1D290FF
> Released Patched: http://1drv.ms/12mcOGr
> Scan-build baseline: http://1drv.ms/1D290FF
> Scan-build patched: http://1drv.ms/1tPy5EL
> Related False Positive Warnings (with associated bugs): 
> http://1drv.ms/12mkOHo
>
> Details:
> The warning count was at 450 when the work on this patch started. The 
> patch fixes 323 of those warnings.
>
> I am recommending 3 minor changes to the libc++ headers.  The fixes 
> consist of merely initializing 2 variables in <random> and one 
> variable in <regex>.  While these uninitialized variables assessed 
> individually seem benign, they have a cascading affect that manifest 
> downstream as "garbage value" warnings.
>
> There was a significant amount of noise created by uninitialized and 
> unused variables, mostly in tests.  There was one somewhat interesting 
> issue, the tool triggered a CERT MEM04, passing zero size to realloc 
> warning (see bug:21326 for details).
>
> Also, this activity is confined to scan-build warnings, it does not 
> include fixing general compiler warnings or already failing tests.
>
> There will probably need to be some follow up pending the resolution 
> of the false-positive scan-build bugs.  Those issues are captured 
> here: http://1drv.ms/12mkOHo
>
> It is likely that for future runs, we'll need some sort of tooling for 
> filtering out "won't fix" issues.
>
> Thanks,
> Steve MacKenzie
> http://stevemac123.wordpress.com/
>
>
>
>
> _______________________________________________
> cfe-commits mailing list
> cfe-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20141023/2c69f28c/attachment.html>

More information about the cfe-commits mailing list