-
Notifications
You must be signed in to change notification settings - Fork 11.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[clang][Analyzer] Move checker 'alpha.unix.Errno' to 'unix.Errno'. #69469
Conversation
This checker was dependent on memcached_1.6.8_errno_alpha_unix_vs_memcached_1.6.8_errno_unix New reports Lost reports |
The checker :ref:`unix-StdCLibraryFunctions` must be turned on to get the | ||
warnings from this checker. The supported functions are the same as by |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If this checker doesn't do anything without unix.StdCLibraryFunctions, then this should be formalized as a dependency relationship (let this depend on unix.StdCLibraryFunctions). Are there any technical obstacles?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The dependency is only to have modeling checkers that are dependencies of other (non-modeling) checkers. Weak dependency is to have a fixed order of the checkers. Only a new type of dependency could work for this case. (The problem is that StdCLibraryFunctionsChecker
is both a modeling and non-modeling checker. The situation can be improved only with bigger changes.)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the clarification. I think it'd be important to improve this situation (it's very user-hostile to hide an "if you want to use this, you must manually enable another checker" remark in the docs), but this is independent of the currently reviewed commit.
The checker was tested additionally on projects libwebm, bitcoin, contour and produced no results. |
This report from vim seems to be a false positive: Readlink returns either -1 (failure, errno is set) or the number of characters read from the symlink entry (i.e. the filename the symlink points to). I don't think that it's possible to create a "symlink to emptystring", so the the checkers should recognize that if the return value is |
I also think that the reports from postgres that you mentioned are too confusing. They follow this pattern: The function size_t fwrite(const void *restrict ptr, size_t size, size_t nitems,
FILE *restrict stream); and it usually indicates success by returning the value of I think that in these reports it would be important to replace the generic |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'd say that the readlink
modeling tweak is not a blocking issue; but the bug reports coming from "size is zero" corner case should be clarified (in a separate commit) before merging this.
As these are both easy to fix, I hope that we can move this checker out of alpha soon.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I also think that the reports from postgres that you mentioned are too confusing.
After the change in #71392 the report looks like this. This looks somewhat better, probably still false positive because the "len" can not be 0, but the checker does not have more information.
Thanks for the update!
I think these improvements are sufficient to move this checker out of alpha.
The new message which clarifies that the report is produced in the case "Assuming that argument 'size' to 'fwrite' is 0; 'errno' becomes undefined after the call" is completely sufficient to orient the user; and although the report is (arguably) a false positive, the user can quickly understand and discard it.
(This false positive is not too common and it's caused by the general limitations of the CSA engine, so it should not keep this checker in alpha state.)
@steakhal or anybody else interested:
Is there any objection to merging #71392 (the commit that clarifies the note tags) and this commit?
No description provided.