[cfe-dev] How to report bugs in the static analyzer if the code is proprietary?

Oliver Schneider oliver at f-prot.com
Tue May 13 06:39:35 PDT 2014 

Hey there,

as suggested I tried C-Reduce. Alas, in those runs I am never able to
tickle the error out. What I did in all cases is to use the program
arguments as given in the *.stderr.txt and use these inside the script
passed to C-Reduce.

One thing I noticed is that all of the reported failures state:

   <eof> parser at end of file

The stack dump - except for shared object addresses - always looks like
this:

> 0  clang           0x0000000001dda232 llvm::sys::PrintStackTrace(_IO_FILE*) + 34
> 1  clang           0x0000000001dd9de4
> 2  libpthread.so.0 0x00002b0f26f9e340
> 3  clang           0x000000000126f648 clang::Stmt::getLocStart() const + 8
> 4  clang           0x0000000000f7d4cf
> 5  clang           0x0000000000f80bb7 clang::ento::PathDiagnosticLocation::createBegin(clang::Stmt const*, clang::SourceManager const&, llvm::PointerUnion<clang::LocationContext const*, clang::AnalysisDeclContext*>) + 23
> 6  clang           0x0000000000eca552
> 7  clang           0x0000000000f31b16 clang::ento::CheckerManager::runCheckersForEndAnalysis(clang::ento::ExplodedGraph&, clang::ento::BugReporter&, clang::ento::ExprEngine&) + 102
> 8  clang           0x0000000000f3cacb clang::ento::CoreEngine::ExecuteWorkList(clang::LocationContext const*, unsigned int, llvm::IntrusiveRefCntPtr<clang::ento::ProgramState const>) + 219
> 9  clang           0x0000000000dd587c
> 10 clang           0x0000000000dd61f5
> 11 clang           0x0000000000ddfd73
> 12 clang           0x0000000000a0a9eb clang::ParseAST(clang::Sema&, bool, bool) + 507
> 13 clang           0x0000000000742429 clang::FrontendAction::Execute() + 169
> 14 clang           0x0000000000721a28 clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) + 296
> 15 clang           0x000000000070b8f6 clang::ExecuteCompilerInvocation(clang::CompilerInstance*) + 1686
> 16 clang           0x00000000007073f8 cc1_main(char const**, char const**, char const*, void*) + 1016
> 17 clang           0x00000000006ef59d main + 7677
> 18 libc.so.6       0x00002b0f27bf1ec5 __libc_start_main + 245
> 19 clang           0x00000000007064f2

(hope it gets through without breaking the lines unduly)

The command line is always this:

/home/oliver/bin/LLVM/bin/clang -cc1 -triple x86_64-unknown-linux-gnu
-analyze -disable-free -disable-llvm-verifier -main-file-name filename.c
-analyzer-store=region -analyzer-opt-analyze-nested-blocks
-analyzer-eagerly-assume -analyzer-checker=core -analyzer-checker=unix
-analyzer-checker=deadcode
-analyzer-checker=security.insecureAPI.UncheckedReturn
-analyzer-checker=security.insecureAPI.getpw
-analyzer-checker=security.insecureAPI.gets
-analyzer-checker=security.insecureAPI.mktemp
-analyzer-checker=security.insecureAPI.mkstemp
-analyzer-checker=security.insecureAPI.vfork -analyzer-output plist -w
-mrelocation-model static -relaxed-aliasing -fmath-errno -masm-verbose
-mconstructor-aliases -munwind-tables -fuse-init-array -target-cpu
x86-64 -target-linker-version 2.24 -momit-leaf-frame-pointer
-resource-dir /home/oliver/bin/LLVM/bin/../lib/clang/3.4.1
-internal-isystem /usr/local/include -internal-isystem
/home/oliver/bin/LLVM/bin/../lib/clang/3.4.1/include
-internal-externc-isystem /usr/include/x86_64-linux-gnu
-internal-externc-isystem /include -internal-externc-isystem
/usr/include -O2 -fdebug-compilation-dir /home/oliver/branches/HEAD
-ferror-limit 19 -fmessage-length 0 -mstackrealign -fobjc-runtime=gcc
-fdiagnostics-show-option -vectorize-loops -vectorize-slp
-analyzer-disable-checker deadcode.DeadStores -analyzer-checker
security.FloatLoopCounter -analyzer-opt-analyze-headers
-analyzer-checker=debug.Stats -analyzer-output=html -o
/tmp/main-branch_1399978938_tyr/2014-05-13-110219-18290-1 -x c
../engine/filename.c

Where I only stripped out the defines and include folder specifications
to reduce the noise.

Does this help in any way?

// Oliver

PS:

$ clang --version
clang version 3.4.1 (http://llvm.org/git/clang.git
687ec9c9dcee6ddb31c45c44b2ba6f95ae7e2e9f) (http://llvm.org/git/llvm.git
9157d273c4b66084c0fd6aa01075ce55984bd868)
Target: x86_64-unknown-linux-gnu
Thread model: posix

-- 
Oliver Schneider

"Software Engineer"

E Oliver.Schneider at CYREN.com \\ P +354 540 7400 \\ F +354 540 7401
O Thverholti 18 \\ IS-105 Reykjavik \\ Iceland
CYREN

http://www.CYREN.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 553 bytes
Desc: OpenPGP digital signature
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20140513/ca252b64/attachment.sig>

More information about the cfe-dev mailing list