[cfe-dev] Static analyzer gives no warnings in #included *.c files

Ted Kremenek kremenek at apple.com
Mon Jan 23 16:45:49 PST 2012 

It's a performance optimization that isn't trivial.  Headers can contain a lot of code.  Moreover, some users don't want to see warnings in headers if it involves code they didn't write and they can't change.  The heuristic isn't ideal, and certainly we could do better.

On Jan 23, 2012, at 4:29 PM, David Blaikie wrote:

> On Mon, Jan 23, 2012 at 4:22 PM, Ted Kremenek <kremenek at apple.com> wrote:
>> This is a heuristic.  The idea is that code included from headers should not be analyzed since it is repeatedly included.  This heuristic is not optimal, and certainly could be relaxed for included files that are not headers.
> 
> Even that relaxation seems really pessimistic. There would still be no
> way to validate anything in headers... (is the expectation that the
> user should pass the header itself to the static analyzer explicitly
> for analysis?)
> 
>>  Moreover, we are experimenting with basic IPA, and if a function within the header is called by code within the main source file then that code will be analyzed in that case.
> 
> That would help - but still I'm surprised at the pessimism of not
> checking anything in headers. Duplicate diagnostics from analyzing two
> files that include the same header still seem more valuable than
> getting nothing from either.
> 
> - David
> 
>> 
>> For this specific case, I think it is worth filing a PR.
>> 
>> On Jan 23, 2012, at 2:06 PM, Robert Purves wrote:
>> 
>>> Ping.
>>> Is this by design or a bug?
>>> 
>>> 
>>>> $ cat foo.c
>>>> int foo( void ) {
>>>>   int x;
>>>>   if ( x ) return 1; /* uninitialized */
>>>>   return 0;
>>>> }
>>>> 
>>>> $ cat main.c
>>>> #include "foo.c" /* ignored by static analyzer? */
>>>> int main( void ) {
>>>>   return 0;
>>>> }
>>>> 
>>>> $ clang main.c --analyze
>>>> $ clang --version
>>>> clang version 3.1 (trunk 148340)
>>>> 
>>>> 
>>>> Analysis of main.c is defective. Explicit analysis of foo.c does give a warning.
>>>> 
>>>> $ clang foo.c --analyze
>>>> foo.c:3:10: warning: Branch condition evaluates to a garbage value
>>>>   if ( x ) return 1; /* uninitialized */
>>>>        ^
>>>> 1 warning generated.
>>> 
>>> Robert P.
>>> 
>>> 
>>> _______________________________________________
>>> cfe-dev mailing list
>>> cfe-dev at cs.uiuc.edu
>>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
>> 
>> _______________________________________________
>> cfe-dev mailing list
>> cfe-dev at cs.uiuc.edu
>> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev

More information about the cfe-dev mailing list