[LLVMbugs] [Bug 18701] New: static analyzer false positive: errno will always be nonzero after read(2) returns an error

[bugzilla-daemon at llvm.org]

http://llvm.org/bugs/show_bug.cgi?id=18701

            Bug ID: 18701
           Summary: static analyzer false positive: errno will always be
                    nonzero after read(2) returns an error
           Product: clang
           Version: 3.4
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P
         Component: Static Analyzer
          Assignee: kremenek at apple.com
          Reporter: nelhage at nelhage.com
                CC: llvmbugs at cs.uiuc.edu
    Classification: Unclassified

Created attachment 11993
  --> http://llvm.org/bugs/attachment.cgi?id=11993&action=edit
reproducer with false positive

the static analyzer doesn't understand that after read(2) returns an error,
errno will be set to a non-zero value.

In the attached test case, a helper function checks the return value of read(),
and returns 'errno' if read returns < 0. The static analyzer flags an error
that will happen if read() returns < 0, but errno == 0, which should never
happen in a conforming libc. 

(c.f. SUSv3, which says of (pread,read):

"Upon successful completion, these functions shall return a non-negative
integer indicating the number of bytes actually read. Otherwise, the functions
shall return -1 and set errno to indicate the error."

and of (errno):

"No function in this volume of POSIX.1-2008 shall set errno to 0.")

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20140202/00c3dfff/attachment.html>