C++ analysis vs C analysis

Hello,

I'm trying to use LLVM & scan-build (clang 2.8, checker-255) to
achieve a static analysis of a C++ program to detect potential bugs.
Before doing it on my real program, I've been trying to make it work
on a simple program :

int main(int argc, char * argv[] , char * arge[]){
        int i;
        if (i<5){
                i = 50;
        }
        return i;
}

First case as a C program : scan-build -k -V -v gcc main.c

ANALYZE: main.c main
main.c:4:14: warning: The left operand of '<' is a garbage value
        if (i<5){

Second case as a C++ program : scan-build -k -V -v g++ main.cpp and
i'm missing the previous error detected in scenario 1

Should I consider this as an expected behaviour(ie a missing features
in the C++ analysis), or as a bug. I've tried to find in the
documentation what is currently available for C++ but I've not been
able to find anything. Can someone point me in the right direction?

Jean-Baptiste

Le 21 févr. 2011 à 16:57, Jean Baptiste LE STANG a écrit :

Hello,

I'm trying to use LLVM & scan-build (clang 2.8, checker-255) to
achieve a static analysis of a C++ program to detect potential bugs.
Before doing it on my real program, I've been trying to make it work
on a simple program :

int main(int argc, char * argv[] , char * arge[]){
       int i;
       if (i<5){
               i = 50;
       }
       return i;
}

First case as a C program : scan-build -k -V -v gcc main.c

ANALYZE: main.c main
main.c:4:14: warning: The left operand of '<' is a garbage value
       if (i<5){

Second case as a C++ program : scan-build -k -V -v g++ main.cpp and
i'm missing the previous error detected in scenario 1

The static analyzer does not support C++ yet.
The svn version starts to support it but it is not ready to use AFAIK.
I tried it last week, and it reported a lot of false positives.

-- Jean-Daniel

OK, thanks. At least a result with false positive is better than no
result at all. I'm going to try with a recent SVN version.

It'd be a good idea to file bugs for the false positives when analyzing C++ code so we can keep track of them.

-Argiris

It's expected behavior. C++ analysis support is not enabled by default because it mostly doesn't work and is a major WIP. If you want to turn it on for scan-build, you will need to set the CCC_ANALYZER_CPLUSPLUS environment variable prior to running scan-build.

I was waiting that the C++ analyzer be a little more mature, but if you tell it is worth filling bugs now, be sure I will do it.

It's not worth filing C++-specific bugs against the analyzer at this point. We should internally vet it first by running it over a ton of code, catching crashes, etc.

By "internally", I mean those actively working on the analyzer. There's no use getting a flood of bug reports from casual users for the 90% cases that would trigger just by the analyzer developers running the analyzer over a handful of C++ codebases.

Well, it doesn't crash on llvm/clang, though the false positives for llvm/clang should definitely be weeded out first.

OK. So fill free to ignore my 2 reports (#9282 and #9283) until you finish internal testing :wink:

Ted --

When you're ready for a bit wider testing, let me know.
I'd be happy to run it on things like Boost, Crypto++, and ASL.

-- Marshall

A few bug reports are useful. Thanks for filing them. What I don't want at this point is a deluge of duplicates.

Sounds great!