[cfe-dev] provide a hint to clang-analyzer-optin.portability.UnixAPI?

Robert Underwood via cfe-dev cfe-dev at lists.llvm.org
Fri Feb 28 06:41:19 PST 2020 

To whom it may concern,

tl;dr I think I found a bug in the clang static analyzer. Could someone
please help me find a workaround/where to properly report the bug?

I have a statement in a class initializer list:

data_ptr((rhs.has_data() && rhs.size_in_bytes() > 0)?
malloc(rhs.size_in_bytes()) : nullptr)

rhs.has_data() is a const function that returns t/f if rhs.data_ptr != null

rhs.size_in_bytes() a const function that returns the number of bytes in
the structure *if has_data was true*

i.e. it is possible that rhs.has_data() is false, and rhs.size_in_bytes() >
0

However the clang static analyzer seems to get a false positive here.

/usr/lib/gcc/x86_64-pc-linux-gnu/8.3.0/include/g++-v8/bits/unique_ptr.h:831:34:
note: Calling copy constructor for 'pressio_data'
../include/libpressio_ext/cpp/data.h:247:15: note: Left side of '&&' is true
    data_ptr((rhs.has_data() && rhs.size_in_bytes() > 0)?
malloc(rhs.size_in_bytes()) : nullptr),
              ^
../include/libpressio_ext/cpp/data.h:247:33: note: Assuming the
condition is true
    data_ptr((rhs.has_data() && rhs.size_in_bytes() > 0)?
malloc(rhs.size_in_bytes()) : nullptr),
                                ^
../include/libpressio_ext/cpp/data.h:247:14: note: '?' condition is true
    data_ptr((rhs.has_data() && rhs.size_in_bytes() > 0)?
malloc(rhs.size_in_bytes()) : nullptr),
             ^
../include/libpressio_ext/cpp/data.h:247:66: note: Calling
'pressio_data::size_in_bytes'
    data_ptr((rhs.has_data() && rhs.size_in_bytes() > 0)?
malloc(rhs.size_in_bytes()) : nullptr),
                                                                 ^
../include/libpressio_ext/cpp/data.h:384:12: note: Calling
'data_size_in_bytes<unsigned long>'
    return data_size_in_bytes(data_dtype, num_dimensions(), dims.data());
           ^
../include/libpressio_ext/cpp/data.h:31:5: note: Returning zero
    return data_size_in_elements(dimensions, dims) * pressio_dtype_size(type);
    ^
../include/libpressio_ext/cpp/data.h:384:12: note: Returning from
'data_size_in_bytes<unsigned long>'
    return data_size_in_bytes(data_dtype, num_dimensions(), dims.data());
           ^
../include/libpressio_ext/cpp/data.h:384:5: note: Returning zero
    return data_size_in_bytes(data_dtype, num_dimensions(), dims.data());
    ^
../include/libpressio_ext/cpp/data.h:247:66: note: Returning from
'pressio_data::size_in_bytes'
    data_ptr((rhs.has_data() && rhs.size_in_bytes() > 0)?
malloc(rhs.size_in_bytes()) : nullptr),
                                                                 ^
../include/libpressio_ext/cpp/data.h:247:59: note: Call to 'malloc'
has an allocation size of 0 bytes
    data_ptr((rhs.has_data() && rhs.size_in_bytes() > 0)?
malloc(rhs.size_in_bytes()) : nullptr),

Is there a way to instruct the static analyzer that malloc cannot be called
with size_in_bytes == 0 because saying (rhs.size_in_bytes() > 0) isn’t
enough. I’m using clang-9.0.1 on gentoo.

Respectfully,
Robert Underwood
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20200228/dec968e4/attachment.html>

More information about the cfe-dev mailing list