[cfe-dev] testing the clang static code analyzer
Anna Zaks
ganna at apple.com
Thu Aug 15 10:57:11 PDT 2013
On Aug 15, 2013, at 9:16 AM, Lior Brafman <liorbr at checkpoint.com> wrote:
> Hi,
>
> I installed the Clang Static Code Analyzer and tried testing it with a very simple example:
> #include <stdio.h>
> #include <stdlib.h>
>
> Int main(int ac, char* argv[])
> {
> int a;
> char *string;
>
> string = (char*) malloc(10);
> string[11] = ‘X’;
> return *(int *)0;
> }
>
> I expected 4 errors to be discover:
> 1. Unused variable: a
We are warning about this one if the value is being assigned to:
int a;
a = 2;
Though, we do not warn when it's not being assigned to to allow code like this:
int a;
if (flag) {
a = 1;
use (a);
}
// We don't want to warn here.
> 2. Out of bound access to array string
Currently, we do not have any on-by-default checker that would catch this.
> 3. Memory leak: string
We suppress leaks and other less critical issues if they occur on the same path as a very serious issue (such as a null ptr dereference). This is a heuristic which is supposed to show only the most important from a set of related issues. The heuristic is very simple, so it works agains us in this case. If you remove the null pointer dereference, you'll see the leak warning.
> 4. Dereference of null pointer at the return statement
>
> But instead only one error was discovered (error number 4)
>
> Can you please help me figure out why I don’t get all the errors?
>
> Thanks,
> Lior Brafman
> R&D
> CheckPoint
> _______________________________________________
> cfe-dev mailing list
> cfe-dev at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20130815/62d310dc/attachment.html>
More information about the cfe-dev
mailing list