[cfe-dev] Learning how to use and deploy 'scan-build'

Martin J. O'Riordan via cfe-dev cfe-dev at lists.llvm.org
Sat Nov 12 11:19:30 PST 2016


Typo:

 

and invoked ‘scan-build’ as follows:

 

scan-build --use-cc clang --use-c++ clang++ -v -v -v -o check make build

 

From: Martin J. O'Riordan [mailto:martin.oriordan at movidius.com] 
Sent: 12 November 2016 19:18
To: 'ganna at apple.com' <ganna at apple.com>
Cc: 'Aleksei Sidorin' <a.sidorin at samsung.com>; 'cfe-dev' <cfe-dev at lists.llvm.org>
Subject: RE: [cfe-dev] Learning how to use and deploy 'scan-build'

 

I changed my test case to just:

 

int main () {

  int zero = 0;

 return 5 / 0;

}

 

and invoked ‘scan-build’ as follows:

 

scan-build --use-cc clang --use-c++ = clang++ -v -v -v -o check make build

 

and this causes a warning from the compiler:

 

ANALYZE (Syntax): testScanBuild.cpp main

ANALYZE (Path,  Inline_Regular): testScanBuild.cpp main

testScanBuild.cpp:350:12: warning: Division by zero

  return 5 / zero;

         ~~^~~~~~

1 warning generated.

 

But I still get the message stating:

 

scan-build: Removing directory '<test-cygpath>/ScanBuild/check/2016-11-12-190818-7508-1' because it contains no reports.

scan-build: No bugs found.

 

Omitting the ‘-enable-checker’ option enables the following checkers (by default):

 

    -analyzer-store=region

    -analyzer-opt-analyze-nested-blocks

    -analyzer-eagerly-assume

    -analyzer-checker=core

    -analyzer-checker=unix

    -analyzer-checker=deadcode

    -analyzer-checker=cplusplus

    -analyzer-checker=security.insecureAPI.UncheckedReturn

    -analyzer-checker=security.insecureAPI.getpw

    -analyzer-checker=security.insecureAPI.gets

    -analyzer-checker=security.insecureAPI.mktemp

    -analyzer-checker=security.insecureAPI.mkstemp

    -analyzer-checker=security.insecureAPI.vfork

    -analyzer-checker=nullability.NullPassedToNonnull

    -analyzer-checker=nullability.NullReturnedFromNonnull

 

This is strange, because the compiler clearly detects the issue and warns, but I am not getting a report, so something else must be broken in my configuration.  I have not altered any of the Perl scripts.

 

I get the same results running on Linux (CentOS 7).

 

            MartinO

 

From: ganna at apple.com <mailto:ganna at apple.com>  [mailto:ganna at apple.com] 
Sent: 12 November 2016 18:19
To: Martin.ORiordan at Movidius.com <mailto:Martin.ORiordan at Movidius.com> 
Cc: Aleksei Sidorin <a.sidorin at samsung.com <mailto:a.sidorin at samsung.com> >; cfe-dev <cfe-dev at lists.llvm.org <mailto:cfe-dev at lists.llvm.org> >
Subject: Re: [cfe-dev] Learning how to use and deploy 'scan-build'

 

I recommend not limiting the analysis to these 2 packages unless you see that the other packages turned on by default report false positives on your codebase.


The checkers you’ve enabled will not find this bug. Try testing with devision by zero or null pointer dereference:

 

int x = 0;

return 5/x;

 

or 

 

int *x = 0;

*x = 5;

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20161112/7859185b/attachment.html>


More information about the cfe-dev mailing list