[cfe-dev] Help in suppressing warnings from static analyzer

George Karpenkov via cfe-dev cfe-dev at lists.llvm.org
Mon Sep 18 19:09:25 PDT 2017 

Hi Andrzej,

To add to what Gabor has mentioned:

The first two links you have posted refer to clang-tidy.
This is a different tool from clang static analyzer, and is maintained in a separate repository.
The main difference is that clang-tidy pattern-matches on AST,
while clang static analyzer performs symbolic execution.

Clang static analyzer does not parse “// NOLINT” comments, nor comments in general.
While this is a limitation, it can be also seen as a good thing, as it forces the actual executable code
to be a single canonical source of analysis results.

Strategies for dealing with false positives are described at the clang static analyzer webpage: http://clang-analyzer.llvm.org/faq.html <http://clang-analyzer.llvm.org/faq.html>,
without looking at the whole code it is hard to tell which one is the most applicable.

Regards,
George


> On Sep 5, 2017, at 12:03 AM, Andrzej Krzemienski via cfe-dev <cfe-dev at lists.llvm.org> wrote:
> 
> Hi,
> I would like to ask for an advice from clang developers about suppressing warnings from the static analyzer.
> 
> I am calling the analyzer directly from clang c++ compiler, with `clang++ --analyze`. I am compiling a unit-test project that is using Google's Gmock. I am getting a well known and described false positive:
> 
> https://github.com/google/googletest/issues/853 <https://github.com/google/googletest/issues/853>
> https://stackoverflow.com/questions/39527160/clang-tidy-how-to-suppress-warnings/39544324#39544324 <https://stackoverflow.com/questions/39527160/clang-tidy-how-to-suppress-warnings/39544324#39544324>
> https://bugs.llvm.org/show_bug.cgi?id=28053 <https://bugs.llvm.org/show_bug.cgi?id=28053>
> 
> So, I am trying to manually disable it by putting `// NOLINT` in gmocks code. As a result, I still get the analyzer warning:
> 
> ```
> gtest/googlemock/include/gmock/gmock-spec-builders.h:1274:5: warning: Use of memory after it is freed
>     return function_mocker_->AddNewExpectation( // NOLINT
>     ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> ```
> 
> which I find quite surprising, because even in the warning message I get the text `// NOLINT` but the bug is still not disabled.
> 
> Maybe someone could help me figure out what is going on. Can you not suppress warnings when running analyzer directly from clang c++ compiler? Or is there a different way for suppressing the analyzer warnings?
> 
> Thanks,
> &rzej;
> 
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20170918/6669244f/attachment.html>

More information about the cfe-dev mailing list